Enforce configuration of roles in Weblate
Originally created by @zen on #17338 (Redmine)
I haven’t followed previous discussion about this, but there’s the idea of enforcing configuration of Weblate roles (as defined in the design doc through configuration management using Puppet.
Roles are:
- Anonymous users can suggest.
- Logged in users can suggest and vote on suggestions.
- Reviewers can accept suggestions.
- Admin.
The Puppet code created for this might need to be updated when weblate/django’s API changes.
Can someone share some background on this discussion? Was it thought to protect against a specific kind of attack or bug?
Steps for implementing:
-
Create script that checks for differences between template and actual permissions. -
Agree on the desired state and encode it into the YAML file. -
Add an option to enforce the config. -
Add tests -
Add logging -
Check/Update documentation -
Switch the cron job to enforce the config. -
Add Viewers to every user as it is the default by Weblate -
Cleanup Puppet code after deploy of renamed resources.
Related issues
- Blocks #16881 (closed)
Edited by Zen Fu