[kforge-user] Modifications
John Bywater
john.bywater at appropriatesoftwarefoundation.org
Wed Feb 7 14:35:27 UTC 2007
Christopher Hesse wrote:
> Hi guys,
Hi Chris,
> I am attempting to make a few minor modifcations to the KForge
> software for use by the EECS Department of Case Western Reserve
> University (http://www.eecs.case.edu).
That's very interesting.
> The two main things are:
> operate on a single hostname and have a 'read-only' mode for svn
> repositories. The single hostname thing I did with a few config file
> and miscellaneous kludges, and that seems to be working (any interest
> in a patch?).
Yes please. :-)
Slightly related to the single host thing: I implemented something
called 'uriPrefix' for another domainmodel application (called
ScanBooker), which allows the application to be run from something other
than /. This was needed because the user couldn't obtain any new FQDNs
from their IT manager, who is a point haired boss and very obstructive.
As this is a very common situation, I think the current default setup,
where you need to setup several FQDNs isn't really adequate.
See: http://imaging.mrc-cbu.cam.ac.uk/scanbooker/
> The svn thing is giving me a bit more trouble. Originally I was
> trying a Apache config-only fix, but it seems Python*Handler can't be
> put inside a LimitExcept section. I messed with permissions, but it
> appears I can only add the 'Read' permission to 'Visitor' for all
> 'Plugin.svn' instances, not to a specific one. Any ideas on how to do
> that?
One way might be to set the Visitor's system role to be Friend.
Otherwise you can make Visitor a Member of a Project with an Svn
service, and set that membership to be Friend. But that doesn't provide
for different access control within a Project. So you might need a
separate project?
A more sophisticated option would be for us to add a 'grants' attribute
to [1] the Service domain object (just like [2] Role and [3] Person
have), modify [4] the ProjectAccessController to look at an optional
service object being passed into the isAccessAuthorised() method (just
like the optional project is optional), and then we could grant the read
permission to the service object directly (in the admin view, for now,
presented better later).
[1]
http://project.knowledgeforge.net/kforge/trac/browser/trunk/src/kforge/dom/service.py#L4
[2]
http://project.knowledgeforge.net/domainmodel/trac/browser/trunk/src/dm/dom/accesscontrol.py#L22
[3]
http://project.knowledgeforge.net/domainmodel/trac/browser/trunk/src/dm/dom/person.py#L15
[4]
http://project.knowledgeforge.net/kforge/trac/browser/trunk/src/kforge/accesscontrol.py#L7
> Also, when I run
> "kforge-admin create plugin <plugin-name>"
> from the plugin docs, I get
> "*** Unknown syntax: create plugin <plugin-name>"
I hope Rufus will be able to tell you more about this. I always feel
suffocated by useless error messages. I don't really know what the three
stars are for either. :-)
> I am using kforge 0.12.
>
> Thanks for any help,
No probs. Thanks for the offer of a patch.
Let me know what you think about per-service permissions?
Bye for now,
John.
> +Chris
More information about the kforge-user
mailing list