Replicating https://trac-hacks.org/wiki/TagPublicPlugin functionality with https://trac-hacks.org/wiki/TagsPlugin Trac 1.0.1 ?
27 views
Skip to first unread message
Andy
Jun 13, 2016, 11:22:20 AM6/13/16
to Trac Users
I've used TagPublicPlugin in a previous Trac and wanted to use the same functionality in my new Trac (Bitnami Trac 1.0.1).
The TagPublicPlugin page says it has been deprecated by the TagsPolicy of TapsPlugin.
The latter *seems* to refer to the possibility of adding/removing permissions from a page using the plugin, but I can't see an actual example of doing this.
In my case we have a 'public' Trac that we want third-parties to access to raise tickets - they will need to be authenticated and *generally* they shouldn't see any other part of Trac. However, there are a number of wiki pages that we might want to make available e.g. the landing page, instructions, etc. I hoped to be able to achieve this by 'giving' wiki_view privilege to authenticated users on certain pages through the tagging system.
I've looked for a wiki/howto but other than a reference to a discussion list that I couldn't find I've been unable to find any further information.
Has anyone done this? If so, how?
Thanks,
--
Andy
The TagPublicPlugin page says it has been deprecated by the TagsPolicy of TapsPlugin.
The latter *seems* to refer to the possibility of adding/removing permissions from a page using the plugin, but I can't see an actual example of doing this.
In my case we have a 'public' Trac that we want third-parties to access to raise tickets - they will need to be authenticated and *generally* they shouldn't see any other part of Trac. However, there are a number of wiki pages that we might want to make available e.g. the landing page, instructions, etc. I hoped to be able to achieve this by 'giving' wiki_view privilege to authenticated users on certain pages through the tagging system.
I've looked for a wiki/howto but other than a reference to a discussion list that I couldn't find I've been unable to find any further information.
Has anyone done this? If so, how?
Thanks,
--
Andy
RjOllos
Jun 13, 2016, 8:33:52 PM6/13/16
to Trac Users
I haven't tested, but it looks like you need to add TagPolicy as the first entry in the list of [trac] permission_policies, or possibly as the second entry if you are using AuthzPolicy.
You could then grant WIKI_VIEW to all authenticated users by adding the tag: authenticated:view. The general pattern is user_or_group:action, where action is the suffix of the permission name: WIKI_VIEW -> view, WIKI_MODIFY -> modify, WIKI_DELETE -> delete, ... You can negate the permission with a dash: somegroup:-modify, somegroup:-view, ...
If you can confirm the behavior works, maybe we can add some documentation to the page:
- Ryan
Andy
Jun 14, 2016, 6:54:42 AM6/14/16
to Trac Users
If I put the TagPolicy anywhere other than last then I get a "Tags are not supported on the 'attachment' realm" when I go to a tagged page.
When TagPolicy is in last position it 'almost' seems to work i.e. I can tag the landing page (WikiStart) with "anonymous:VIEW" and users can then see that page - but I can't successfully set two tags e.g. I need "anonymous" and "thirdparty" groups to be given 'VIEW' to the landing page. When I try this the thirdparty group is ignored - i.e. "anonymous:VIEW thirdparty:VIEW" and "thirdparty:VIEW" both fail to allow the thirdparty access. Pehaps its just an issue with the non-Trac default groups?
Thanks for your help,
--
Andy
Andy
Jun 15, 2016, 8:59:14 AM6/15/16
to Trac Users
I've had another play, it seems to me that the permissions are 'username'-based rather than 'group'-based i.e. I can create tags "joe.blogs:VIEW" and "anonymous:VIEW" for the landing page and Joe will see that page before and after he has logged in.
I can just about cope with this as I have a small number of third-parties, but it would be really nice if the plugin supported groups as well as users - I'll add this as a feature request on the Trac page.
Incidentally, I can only get this working with TagPolicy as the last argument in the trac.ini permission_policies parameter whilst earlier comments suggest it should be the first - what does the order imply?
I can just about cope with this as I have a small number of third-parties, but it would be really nice if the plugin supported groups as well as users - I'll add this as a feature request on the Trac page.
Incidentally, I can only get this working with TagPolicy as the last argument in the trac.ini permission_policies parameter whilst earlier comments suggest it should be the first - what does the order imply?
RjOllos
Jun 15, 2016, 1:27:09 PM6/15/16
to Trac Users
On Wednesday, June 15, 2016 at 5:59:14 AM UTC-7, Andy wrote:
I've had another play, it seems to me that the permissions are 'username'-based rather than 'group'-based i.e. I can create tags "joe.blogs:VIEW" and "anonymous:VIEW" for the landing page and Joe will see that page before and after he has logged in.
I can just about cope with this as I have a small number of third-parties, but it would be really nice if the plugin supported groups as well as users - I'll add this as a feature request on the Trac page.
Incidentally, I can only get this working with TagPolicy as the last argument in the trac.ini permission_policies parameter whilst earlier comments suggest it should be the first - what does the order imply?
I wouldn't be surprised to hear that you are the first one using the feature, so I guess we have some issues to deal with.
The order of permission policies is explained here:
- Ryan
RjOllos
Dec 14, 2016, 8:42:26 PM12/14/16
to Trac Users
On Wednesday, June 15, 2016 at 5:59:14 AM UTC-7, Andy wrote:
I've had another play, it seems to me that the permissions are 'username'-based rather than 'group'-based i.e. I can create tags "joe.blogs:VIEW" and "anonymous:VIEW" for the landing page and Joe will see that page before and after he has logged in.
I can just about cope with this as I have a small number of third-parties, but it would be really nice if the plugin supported groups as well as users - I'll add this as a feature request on the Trac page.
Incidentally, I can only get this working with TagPolicy as the last argument in the trac.ini permission_policies parameter whilst earlier comments suggest it should be the first - what does the order imply?
I came across this description, which might be helpful: https://trac-hacks.org/ticket/11690#comment:9
- Ryan
Reply all
Reply to author
Forward
0 new messages