[kforge-dev] [Fwd: Re: [kforge-user] Modifications]
john.bywater at appropriatesoftwarefoundation.org
Wed Feb 7 14:51:25 UTC 2007
-------- Original Message --------
Subject: Re: [kforge-user] Modifications
Date: Wed, 07 Feb 2007 14:35:27 +0000
From: John Bywater <john.bywater at appropriatesoftwarefoundation.org>
To: Christopher Hesse <csh at scourcritical.com>
CC: kforge-user at lists.okfn.org
<78288ee20702062126u42c780b7qde44b70f7cec874c at mail.gmail.com>
<78288ee20702070132s487e9b51xd0656082832e375a at mail.gmail.com>
Christopher Hesse wrote:
> Hi guys,
> I am attempting to make a few minor modifcations to the KForge
> software for use by the EECS Department of Case Western Reserve
> University (http://www.eecs.case.edu).
That's very interesting.
> The two main things are:
> operate on a single hostname and have a 'read-only' mode for svn
> repositories. The single hostname thing I did with a few config file
> and miscellaneous kludges, and that seems to be working (any interest
> in a patch?).
Yes please. :-)
Slightly related to the single host thing: I implemented something
called 'uriPrefix' for another domainmodel application (called
ScanBooker), which allows the application to be run from something other
than /. This was needed because the user couldn't obtain any new FQDNs
from their IT manager, who is a point haired boss and very obstructive.
As this is a very common situation, I think the current default setup,
where you need to setup several FQDNs isn't really adequate.
> The svn thing is giving me a bit more trouble. Originally I was
> trying a Apache config-only fix, but it seems Python*Handler can't be
> put inside a LimitExcept section. I messed with permissions, but it
> appears I can only add the 'Read' permission to 'Visitor' for all
> 'Plugin.svn' instances, not to a specific one. Any ideas on how to do
One way might be to set the Visitor's system role to be Friend.
Otherwise you can make Visitor a Member of a Project with an Svn
service, and set that membership to be Friend. But that doesn't provide
for different access control within a Project. So you might need a
A more sophisticated option would be for us to add a 'grants' attribute
to  the Service domain object (just like  Role and  Person
have), modify  the ProjectAccessController to look at an optional
service object being passed into the isAccessAuthorised() method (just
like the optional project is optional), and then we could grant the read
permission to the service object directly (in the admin view, for now,
presented better later).
> Also, when I run
> "kforge-admin create plugin <plugin-name>"
> from the plugin docs, I get
> "*** Unknown syntax: create plugin <plugin-name>"
I hope Rufus will be able to tell you more about this. I always feel
suffocated by useless error messages. I don't really know what the three
stars are for either. :-)
> I am using kforge 0.12.
> Thanks for any help,
No probs. Thanks for the offer of a patch.
Let me know what you think about per-service permissions?
Bye for now,
kforge-user mailing list
kforge-user at lists.okfn.org
More information about the kforge-dev