Fine grained permissions

[Rosalyn Hatcher]

Hi

I'm having trouble getting the Trac Fine Grained Permissions to work to
protect sections of the wiki.

I'm using Trac 0.11.2.1 and Python 2.5

I've followed the instructions at:
http://trac.edgewall.org/wiki/TracFineGrainedPermissions

- Installed ConfigObj
- Copied authz_policy.py to /trac/env/plugins directory
- Created a authzpolicy.conf file now only contains

[wiki:WikiStart@*]
* =

which if I understand correctly should block access to the WikiStart
page for everyone.

- Updated trac.ini to add

[trac]
...
permsission_policies = AuthzPolicy, DefaultPermissionPolicy,
LegacyAttachmentPolicy

Added the [authz_policy] section and enabled the authz_policy plugin.

But whatever combination of settings I put in the authzpolicy.conf file
I'm able to see all the wiki pages. I've looked at the log file and it
is loading the plugins/authz_policy.py file. What am I doing wrong? Any
help would be much appreciated.

Thanks in advance.
Rosalyn.

P.S.

FYI the log file says....

2009-09-16 10:17:40,478 Trac[main] DEBUG: Dispatching <Request "GET
u'/wiki'">
2009-09-16 10:17:40,536 Trac[svn_fs] DEBUG: Subversion bindings imported
2009-09-16 10:17:40,548 Trac[api] DEBUG: action controllers for ticket
workflow: ['ConfigurableTicketWorkflow']
2009-09-16 10:17:40,553 Trac[chrome] DEBUG: Prepare chrome data for request
2009-09-16 10:17:40,554 Trac[perm] DEBUG: No policy allowed anonymous
performing TICKET_CREATE on None
2009-09-16 10:17:40,555 Trac[perm] DEBUG: No policy allowed anonymous
performing BROWSER_VIEW on None
2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
performing TRAC_ADMIN on None
2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
performing PERMISSION_GRANT on None
2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
performing PERMISSION_REVOKE on None
2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
performing TICKET_ADMIN on None
2009-09-16 10:17:40,565 Trac[perm] DEBUG: No policy allowed anonymous
performing TIMELINE_VIEW on None
2009-09-16 10:17:40,565 Trac[perm] DEBUG: No policy allowed anonymous
performing ROADMAP_VIEW on None
2009-09-16 10:17:40,572 Trac[api] DEBUG: Updating wiki page index
2009-09-16 10:17:40,580 Trac[perm] DEBUG: No policy allowed anonymous
performing WIKI_MODIFY on <Resource u'wiki:WikiStart, attachment'>
2009-09-16 10:17:40,581 Trac[attachment] DEBUG: LegacyAttachmentPolicy
denied anonymous access to <Resource u'wiki:WikiStart, attachment'>.
User needs WIKI_MODIFY
2009-09-16 10:17:40,581 Trac[perm] DEBUG: LegacyAttachmentPolicy denies
anonymous performing ATTACHMENT_CREATE on <Resource u'wiki:WikiStart,
attachment'>
2009-09-16 10:17:40,920 Trac[perm] DEBUG: No policy allowed anonymous
performing EMAIL_VIEW on None
2009-09-16 10:17:40,920 Trac[session] DEBUG: Retrieving session for ID
'be47d23494bf07168c46e2f6'
2009-09-16 10:17:41,054 Trac[perm] DEBUG: No policy allowed anonymous
performing WIKI_MODIFY on <Resource u'wiki:WikiStart'>
2009-09-16 10:17:41,054 Trac[perm] DEBUG: No policy allowed anonymous
performing WIKI_DELETE on <Resource u'wiki:WikiStart'>
2009-09-16 10:17:41,054 Trac[perm] DEBUG: No policy allowed anonymous
performing WIKI_ADMIN on <Resource u'wiki:WikiStart'>

--
------------------------------------------------------------------------
Rosalyn Hatcher
NCAS Computational Modelling Services
Dept. of Meteorology, University of Reading,
Earley Gate, Reading. RG6 6BB
Email: r.s.h...@reading.ac.uk Tel: +44 (0) 118 378 6016

[Rosalyn Hatcher]

Ok, so I've gone boss-eyed. All solved I had AuthPolicy instead of
AuthzPolicy. :-(