http://localhost/ticket/1027 <p> We want to have authz checks on all controller actions so that we can lock down CKAN to a login-only mode. </p> en-us http://assets.okfn.org/p/ckan/img/ckan_logo_shortname.png http://localhost/ticket/1027 Trac 0.12.3 pudo Wed, 09 Mar 2011 10:25:26 GMT http://localhost/ticket/1027#comment:1 http://localhost/ticket/1027#comment:1 <ul> <li><strong>status</strong> changed from <em>new</em> to <em>assigned</em> </li> </ul> <ol><li>home controller -&gt; <span class="underline">before</span> (check "site-read" on model.System) </li><li>user -&gt; each individually (repoze-who pseudo action must not be blocked) <ul><li>user-read (index/read/update pages for users) </li><li>user-create (register) </li></ul></li><li>revision -&gt; <span class="underline">before</span> (check "site-read" on model.System) </li><li>tag -&gt; site-read (<span class="underline">before</span>) </li></ol><p> functional/test_authz.py </p> <ul><li>denies site-read ... </li><li>checks for visitor / logged in user .. </li><li>checks you can still visit login </li></ul> Ticket pudo Wed, 09 Mar 2011 14:48:02 GMT http://localhost/ticket/1027#comment:2 http://localhost/ticket/1027#comment:2 <ul> <li><strong>status</strong> changed from <em>assigned</em> to <em>closed</em> </li> <li><strong>resolution</strong> set to <em>fixed</em> </li> </ul> <p> fixed in cset:532c3ad2743b </p> Ticket