Premiere version : mise en route du suivi.
[auf_roundup.git] / share / roundup / templates / minimal / schema.py
CommitLineData
c638d827
CR
1#
2# TRACKER SCHEMA
3#
4
5# Class automatically gets these properties:
6# creation = Date()
7# activity = Date()
8# creator = Link('user')
9# actor = Link('user')
10
11# The "Minimal" template gets only one class, the required "user"
12# class. That's it. And even that has the bare minimum of properties.
13
14# Note: roles is a comma-separated string of Role names
15user = Class(db, "user", username=String(), password=Password(),
16 address=String(), alternate_addresses=String(), roles=String())
17user.setkey("username")
18#
19# TRACKER SECURITY SETTINGS
20#
21# See the configuration and customisation document for information
22# about security setup.
23
24#
25# REGULAR USERS
26#
27# Give the regular users access to the web and email interface
28db.security.addPermissionToRole('User', 'Web Access')
29db.security.addPermissionToRole('User', 'Email Access')
30
31# May users view other user information?
32# Comment these lines out if you don't want them to
33db.security.addPermissionToRole('User', 'View', 'user')
34
35# Users should be able to edit their own details -- this permission is
36# limited to only the situation where the Viewed or Edited item is their own.
37def own_record(db, userid, itemid):
38 '''Determine whether the userid matches the item being accessed.'''
39 return userid == itemid
40p = db.security.addPermission(name='View', klass='user', check=own_record,
41 description="User is allowed to view their own user details")
42db.security.addPermissionToRole('User', p)
43p = db.security.addPermission(name='Edit', klass='user', check=own_record,
44 properties=('username', 'password', 'address', 'alternate_addresses'),
45 description="User is allowed to edit their own user details")
46db.security.addPermissionToRole('User', p)
47
48#
49# ANONYMOUS USER PERMISSIONS
50#
51# Let anonymous users access the web interface. Note that almost all
52# trackers will need this Permission. The only situation where it's not
53# required is in a tracker that uses an HTTP Basic Authenticated front-end.
54db.security.addPermissionToRole('Anonymous', 'Web Access')
55
56# Let anonymous users access the email interface (note that this implies
57# that they will be registered automatically, hence they will need the
58# "Create" user Permission below)
59db.security.addPermissionToRole('Anonymous', 'Email Access')
60
61# Assign the appropriate permissions to the anonymous user's
62# Anonymous Role. Choices here are:
63# - Allow anonymous users to register
64db.security.addPermissionToRole('Anonymous', 'Register', 'user')
65
66# vim: set et sts=4 sw=4 :