最終更新:2011-08-23 (火) 11:20:47 (4591d)
Trac/権限
デフォルト権限
anonymous
- BROWSER_VIEW
- CHANGESET_VIEW
- FILE_VIEW
- LOG_VIEW
- MILESTONE_VIEW
- REPORT_SQL_VIEW
- REPORT_VIEW
- ROADMAP_VIEW
- SEARCH_VIEW
- TICKET_VIEW
- TIMELINE_VIEW
- WIKI_VIEW
authenticated
- TICKET_CREATE
- TICKET_MODIFY
- WIKI_CREATE
- WIKI_MODIFY
trac-admin
デフォルトに戻す
trac-admin /path/to/projenv permission remove anonymous '*' trac-admin /path/to/projenv permission remove authenticated '*' trac-admin /path/to/projenv permission add anonymous BROWSER_VIEW trac-admin /path/to/projenv permission add anonymous CHANGESET_VIEW trac-admin /path/to/projenv permission add anonymous FILE_VIEW trac-admin /path/to/projenv permission add anonymous LOG_VIEW trac-admin /path/to/projenv permission add anonymous MILESTONE_VIEW trac-admin /path/to/projenv permission add anonymous REPORT_SQL_VIEW trac-admin /path/to/projenv permission add anonymous REPORT_VIEW trac-admin /path/to/projenv permission add anonymous ROADMAP_VIEW trac-admin /path/to/projenv permission add anonymous SEARCH_VIEW trac-admin /path/to/projenv permission add anonymous TICKET_VIEW trac-admin /path/to/projenv permission add anonymous TIMELINE_VIEW trac-admin /path/to/projenv permission add anonymous WIKI_VIEW trac-admin /path/to/projenv permission add authenticated TICKET_CREATE trac-admin /path/to/projenv permission add authenticated TICKET_MODIFY trac-admin /path/to/projenv permission add authenticated WIKI_CREATE trac-admin /path/to/projenv permission add authenticated WIKI_MODIFY
anonymousはWIKIが見れるだけにする
trac-admin /path/to/projenv permission remove anonymous BROWSER_VIEW trac-admin /path/to/projenv permission remove anonymous CHANGESET_VIEW trac-admin /path/to/projenv permission remove anonymous FILE_VIEW trac-admin /path/to/projenv permission remove anonymous LOG_VIEW trac-admin /path/to/projenv permission remove anonymous MILESTONE_VIEW trac-admin /path/to/projenv permission remove anonymous REPORT_SQL_VIEW trac-admin /path/to/projenv permission remove anonymous REPORT_VIEW trac-admin /path/to/projenv permission remove anonymous ROADMAP_VIEW trac-admin /path/to/projenv permission remove anonymous SEARCH_VIEW trac-admin /path/to/projenv permission remove anonymous TICKET_VIEW trac-admin /path/to/projenv permission remove anonymous TIMELINE_VIEW trac-admin /path/to/projenv permission add authenticated BROWSER_VIEW trac-admin /path/to/projenv permission add authenticated CHANGESET_VIEW trac-admin /path/to/projenv permission add authenticated FILE_VIEW trac-admin /path/to/projenv permission add authenticated LOG_VIEW trac-admin /path/to/projenv permission add authenticated MILESTONE_VIEW trac-admin /path/to/projenv permission add authenticated REPORT_SQL_VIEW trac-admin /path/to/projenv permission add authenticated REPORT_VIEW trac-admin /path/to/projenv permission add authenticated ROADMAP_VIEW trac-admin /path/to/projenv permission add authenticated SEARCH_VIEW trac-admin /path/to/projenv permission add authenticated TICKET_VIEW trac-admin /path/to/projenv permission add authenticated TIMELINE_VIEW trac-admin /path/to/projenv permission add authenticated WIKI_VIEW
authz_policy?
authz_policy.pyのコピー
/usr/lib/python2.4/site-packages/Trac-0.12.2.ja1-py2.4.egg/tracopt/perm/authz_policy.py
を
/path/to/trac/project/plugins
に入れる
trac.ini
[component] tracopt.perm.authz_policy.authzpolicy = enabled [trac] # permission_policies = DefaultPermissionPolicy, LegacyAttachmentPolicy permission_policies = AuthzPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy [authz_policy] authz_file = conf/authzpolicy.conf
メモ
- 権限設定はデフォルトのまま
- anonymousはWIKI_VIEWのみに制限
- bobはログインしていてもWIKI_VIEWのみに制限+authencatedの権限
[groups] nonmember = bob,anonymous [*] @nonmember = !BROWSER_VIEW,!CHANGESET_VIEW,!FILE_VIEW,!LOG_VIEW,!MILESTONE_VIEW,!REPORT_SQL_VIEW,!REPORT_VIEW,!ROADMAP_VIEW,!SEARCH_VIEW,!TICKET_VIEW,!TIMELINE_VIEW * = WIKI_VIEW