expo/expoweb
1
0
Fork 0
mirror of https://expo.survex.com/repositories/expoweb/.git/ synced 2026-02-25 05:35:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Troggle UML class diagram and text

Browse Source
This commit is contained in:
Philip Sargent
2020-06-29 16:33:29 +01:00
parent f266691baf
commit 6403b7f211
7 changed files with 115 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
handbook/troggle/trogregistr.html
View File

@@ -37,7 +37,7 @@
<h2>Proposal #1</h2>
<p>We edit troggle to create two ids when resetting: "expoadmin" (the django administrator) and "expo" (to have access to Austrian cave surveys and edit pages). These will both be created by the '<a href="https://docs.djangoproject.com/en/1.11/ref/contrib/auth/">django.contrib.auth</a>' system.
Django gives us fine-graned access control settings for admin users so we can ensure that "expo" has the minimum necessary but has <a href=https://docs.djangoproject.com/en/1.11/ref/settings/#file-upload-permissions">file upload permissions</a>
Django gives us fine-grained access control settings for admin users so we can ensure that "expo" has the minimum necessary but has <a href=https://docs.djangoproject.com/en/1.11/ref/settings/#file-upload-permissions">file upload permissions</a>
<p>We remove the 'django-registration' system entirely which reduces the <em>attack surface</em> of troggle - and the enforced deprecation/upgrade process certainly feels like an attack.