Mercurial > genshi > mirror
comparison examples/trac/wiki-default/TracPermissions @ 39:93b4dcbafd7b trunk
Copy Trac to main branch.
author | cmlenz |
---|---|
date | Mon, 03 Jul 2006 18:53:27 +0000 |
parents | |
children |
comparison
equal
deleted
inserted
replaced
38:ee669cb9cccc | 39:93b4dcbafd7b |
---|---|
1 = Trac Permissions = | |
2 [[TracGuideToc]] | |
3 | |
4 Trac uses a simple but flexible permission system to control what users can and can't access. | |
5 | |
6 Permission privileges are managed using the [wiki:TracAdmin trac-admin] tool. | |
7 | |
8 Regular visitors, non-authenticated users, accessing the system are assigned the default | |
9 role (''user'') named {{{anonymous}}}. | |
10 Assign permissions to the {{{anonymous}}} user to set privileges for non-authenticated/guest users. | |
11 | |
12 In addition to these privileges users can be granted additional individual | |
13 rights in effect when authenticated and logged into the system. | |
14 | |
15 == Available Privileges == | |
16 | |
17 To enable all privileges for a user, use the `TRAC_ADMIN` permission. Having `TRAC_ADMIN` is like being `root` on a *NIX system, it will let you do anything you want. | |
18 | |
19 Otherwise, individual privileges can be assigned to users for the various different functional areas of Trac: | |
20 | |
21 === Repository Browser === | |
22 | |
23 || `BROWSER_VIEW` || View directory listings in the [wiki:TracBrowser repository browser] || | |
24 || `LOG_VIEW` || View revision logs of files and directories in the [wiki:TracBrowser repository browser] || | |
25 || `FILE_VIEW` || View files in the [wiki:TracBrowser repository browser] || | |
26 || `CHANGESET_VIEW` || View [wiki:TracChangeset repository check-ins] || | |
27 | |
28 === Ticket System === | |
29 | |
30 || `TICKET_VIEW` || View existing [wiki:TracTickets tickets] and perform [wiki:TracQuery ticket queries] || | |
31 || `TICKET_CREATE` || Create new [wiki:TracTickets tickets] || | |
32 || `TICKET_APPEND` || Add comments or attachments to [wiki:TracTickets tickets] || | |
33 || `TICKET_CHGPROP` || Modify [wiki:TracTickets ticket] properties || | |
34 || `TICKET_MODIFY` || Includes both `TICKET_APPEND` and `TICKET_CHGPROP`, and in addition allows resolving [wiki:TracTickets tickets] || | |
35 || `TICKET_ADMIN` || All `TICKET_*` permissions, plus the deletion of ticket attachments. || | |
36 | |
37 === Roadmap === | |
38 | |
39 || `MILESTONE_VIEW` || View a milestone || | |
40 || `MILESTONE_CREATE` || Create a new milestone || | |
41 || `MILESTONE_MODIFY` || Modify existing milestones || | |
42 || `MILESTONE_DELETE` || Delete milestones || | |
43 || `MILESTONE_ADMIN` || All `MILESTONE_*` permissions || | |
44 || `ROADMAP_VIEW` || View the [wiki:TracRoadmap roadmap] page || | |
45 || `ROADMAP_ADMIN` || Alias for `MILESTONE_ADMIN` (deprecated) || | |
46 | |
47 === Reports === | |
48 | |
49 || `REPORT_VIEW` || View [wiki:TracReports reports] || | |
50 || `REPORT_SQL_VIEW` || View the underlying SQL query of a [wiki:TracReports report] || | |
51 || `REPORT_CREATE` || Create new [wiki:TracReports reports] || | |
52 || `REPORT_MODIFY` || Modify existing [wiki:TracReports reports] || | |
53 || `REPORT_DELETE` || Delete [wiki:TracReports reports] || | |
54 || `REPORT_ADMIN` || All `REPORT_*` permissions || | |
55 | |
56 === Wiki System === | |
57 | |
58 || `WIKI_VIEW` || View existing [wiki:TracWiki wiki] pages || | |
59 || `WIKI_CREATE` || Create new [wiki:TracWiki wiki] pages || | |
60 || `WIKI_MODIFY` || Change [wiki:TracWiki wiki] pages || | |
61 || `WIKI_DELETE` || Delete [wiki:TracWiki wiki] pages and attachments || | |
62 || `WIKI_ADMIN` || All `WIKI_*` permissions, plus the management of ''readonly'' pages. || | |
63 | |
64 === Others === | |
65 | |
66 || `TIMELINE_VIEW` || View the [wiki:TracTimeline timeline] page || | |
67 || `SEARCH_VIEW` || View and execute [wiki:TracSearch search] queries || | |
68 || `CONFIG_VIEW` || Enables additional pages on ''About Trac'' that show the current configuration or the list of installed plugins || | |
69 | |
70 == Granting Privileges == | |
71 | |
72 Currently the only way to grant privileges to users is by using the `trac-admin` script. The current set of privileges can be listed with the following command: | |
73 {{{ | |
74 $ trac-admin /path/to/projenv permission list | |
75 }}} | |
76 | |
77 This command will allow the user ''bob'' to delete reports: | |
78 {{{ | |
79 $ trac-admin /path/to/projenv permission add bob REPORT_DELETE | |
80 }}} | |
81 | |
82 == Permission Groups == | |
83 | |
84 Permissions can be grouped together to form roles such as ''developer'', ''admin'', etc. | |
85 {{{ | |
86 $ trac-admin /path/to/projenv permission add developer WIKI_ADMIN | |
87 $ trac-admin /path/to/projenv permission add developer REPORT_ADMIN | |
88 $ trac-admin /path/to/projenv permission add developer TICKET_MODIFY | |
89 $ trac-admin /path/to/projenv permission add bob developer | |
90 $ trac-admin /path/to/projenv permission add john developer | |
91 }}} | |
92 | |
93 == Default Permissions == | |
94 | |
95 Granting privileges to the special user ''anonymous'' can be used to control what an anonymous user can do before they have logged in. | |
96 | |
97 In the same way, privileges granted to the special user ''authenticated'' will apply to any authenticated (logged in) user. | |
98 | |
99 ---- | |
100 See also: TracAdmin, TracGuide |