--- a/Allura/allura/lib/repository.py
+++ b/Allura/allura/lib/repository.py
@@ -61,7 +61,7 @@
links.append(SitemapEntry('Refresh Repository',
c.project.url() + self.config.options.mount_point + '/refresh',
className='nav_child'))
- if self.permissions and security.has_artifact_access('configure', app=self)():
+ if self.permissions and security.has_access(self, 'configure')():
links.append(SitemapEntry('Permissions', admin_url + 'permissions', className='nav_child'))
return links
@@ -132,18 +132,20 @@
def install(self, project):
self.config.options['project_name'] = project.name
super(RepositoryApp, self).install(project)
+ role_admin = M.ProjectRole.by_name('Admin')._id
role_developer = M.ProjectRole.by_name('Developer')._id
role_auth = M.ProjectRole.authenticated()._id
role_anon = M.ProjectRole.anonymous()._id
- self.config.acl.update(
- configure=c.project.roleids_with_permission('tool'),
- read=c.project.roleids_with_permission('read'),
- create=[role_developer],
- write=[role_developer],
- unmoderated_post=[role_auth],
- post=[role_anon],
- moderate=[role_developer],
- admin=c.project.roleids_with_permission('tool'))
+ self.config.acl = [
+ M.ACE.allow(role_anon, 'read'),
+ M.ACE.allow(role_anon, 'post'),
+ M.ACE.allow(role_auth, 'unmoderated_post'),
+ M.ACE.allow(role_developer, 'create'),
+ M.ACE.allow(role_developer, 'write'),
+ M.ACE.allow(role_developer, 'moderate'),
+ M.ACE.allow(role_admin, 'configure'),
+ M.ACE.allow(role_admin, 'admin'),
+ ]
def uninstall(self, project):
allura.tasks.repo_tasks.uninstall.post()
@@ -155,7 +157,7 @@
self.repo = app.repo
def _check_security(self):
- security.require(security.has_artifact_access('configure', app=self.app))
+ security.require_access(self.app, 'configure')
@with_trailing_slash
@expose()