Mercurial > genshi > genshi-test

diff examples/trac/wiki-default/TracPermissions @ 39:71ecbe90aafc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Copy Trac to main branch.
author cmlenz
date Mon, 03 Jul 2006 18:53:27 +0000
parents
children
line wrap: on
line diff
new file mode 100644
--- /dev/null
+++ b/examples/trac/wiki-default/TracPermissions
@@ -0,0 +1,100 @@
+= Trac Permissions =
+[[TracGuideToc]]
+
+Trac uses a simple but flexible permission system to control what users can and can't access.
+
+Permission privileges are managed using the [wiki:TracAdmin trac-admin] tool.
+
+Regular visitors, non-authenticated users, accessing the system are assigned the default 
+role (''user'') named {{{anonymous}}}. 
+Assign permissions to the {{{anonymous}}} user to set privileges for non-authenticated/guest users.
+
+In addition to these privileges users can be granted additional individual 
+rights in effect when authenticated and logged into the system.
+
+== Available Privileges ==
+
+To enable all privileges for a user, use the `TRAC_ADMIN` permission. Having `TRAC_ADMIN` is like being `root` on a *NIX system, it will let you do anything you want.
+
+Otherwise, individual privileges can be assigned to users for the various different functional areas of Trac:
+
+=== Repository Browser ===
+
+|| `BROWSER_VIEW` || View directory listings in the [wiki:TracBrowser repository browser] ||
+|| `LOG_VIEW` || View revision logs of files and directories in the [wiki:TracBrowser repository browser] ||
+|| `FILE_VIEW` || View files in the [wiki:TracBrowser repository browser] ||
+|| `CHANGESET_VIEW` || View [wiki:TracChangeset repository check-ins] ||
+
+=== Ticket System ===
+
+|| `TICKET_VIEW` || View existing [wiki:TracTickets tickets] and perform [wiki:TracQuery ticket queries] ||
+|| `TICKET_CREATE` || Create new [wiki:TracTickets tickets] ||
+|| `TICKET_APPEND` || Add comments or attachments to [wiki:TracTickets tickets] ||
+|| `TICKET_CHGPROP` || Modify [wiki:TracTickets ticket] properties ||
+|| `TICKET_MODIFY` || Includes both `TICKET_APPEND` and `TICKET_CHGPROP`, and in addition allows resolving [wiki:TracTickets tickets] ||
+|| `TICKET_ADMIN` || All `TICKET_*` permissions, plus the deletion of ticket attachments. ||
+
+=== Roadmap ===
+
+|| `MILESTONE_VIEW` || View a milestone ||
+|| `MILESTONE_CREATE` || Create a new milestone ||
+|| `MILESTONE_MODIFY` || Modify existing milestones ||
+|| `MILESTONE_DELETE` || Delete milestones ||
+|| `MILESTONE_ADMIN` || All `MILESTONE_*` permissions ||
+|| `ROADMAP_VIEW` || View the [wiki:TracRoadmap roadmap] page ||
+|| `ROADMAP_ADMIN` || Alias for `MILESTONE_ADMIN` (deprecated) ||
+
+=== Reports ===
+
+|| `REPORT_VIEW` || View [wiki:TracReports reports] ||
+|| `REPORT_SQL_VIEW` || View the underlying SQL query of a [wiki:TracReports report] ||
+|| `REPORT_CREATE` || Create new [wiki:TracReports reports] ||
+|| `REPORT_MODIFY` || Modify existing [wiki:TracReports reports] ||
+|| `REPORT_DELETE` || Delete [wiki:TracReports reports] ||
+|| `REPORT_ADMIN` || All `REPORT_*` permissions ||
+
+=== Wiki System ===
+
+|| `WIKI_VIEW` || View existing [wiki:TracWiki wiki] pages ||
+|| `WIKI_CREATE` || Create new [wiki:TracWiki wiki] pages ||
+|| `WIKI_MODIFY` || Change [wiki:TracWiki wiki] pages ||
+|| `WIKI_DELETE` || Delete [wiki:TracWiki wiki] pages and attachments ||
+|| `WIKI_ADMIN` || All `WIKI_*` permissions, plus the management of ''readonly'' pages. ||
+
+=== Others ===
+
+|| `TIMELINE_VIEW` || View the [wiki:TracTimeline timeline] page ||
+|| `SEARCH_VIEW` || View and execute [wiki:TracSearch search] queries ||
+|| `CONFIG_VIEW` || Enables additional pages on ''About Trac'' that show the current configuration or the list of installed plugins ||
+
+== Granting Privileges ==
+
+Currently the only way to grant privileges to users is by using the `trac-admin` script. The current set of privileges can be listed with the following command:
+{{{
+  $ trac-admin /path/to/projenv permission list
+}}}
+
+This command will allow the user ''bob'' to delete reports:
+{{{
+  $ trac-admin /path/to/projenv permission add bob REPORT_DELETE
+}}}
+
+== Permission Groups ==
+
+Permissions can be grouped together to form roles such as ''developer'', ''admin'', etc.
+{{{
+  $ trac-admin /path/to/projenv permission add developer WIKI_ADMIN
+  $ trac-admin /path/to/projenv permission add developer REPORT_ADMIN
+  $ trac-admin /path/to/projenv permission add developer TICKET_MODIFY
+  $ trac-admin /path/to/projenv permission add bob developer
+  $ trac-admin /path/to/projenv permission add john developer
+}}}
+
+== Default Permissions ==
+
+Granting privileges to the special user ''anonymous'' can be used to control what an anonymous user can do before they have logged in.
+
+In the same way, privileges granted to the special user ''authenticated'' will apply to any authenticated (logged in) user.
+
+----
+See also: TracAdmin, TracGuide
\ No newline at end of file
Copyright (C) 2012-2017 Edgewall Software