Project

General

Profile

Bug #17338

Enforce configuration of roles in Weblate

Added by zen about 1 month ago. Updated about 1 month ago.

Status:
New
Priority:
Normal
Assignee:
Sysadmins
Category:
Infrastructure
Target version:
-
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
Sysadmin
Blueprint:
Starter:
Affected tool:
Translation Platform

Description

I haven't followed previous discussion about this, but there's the idea of enforcing configuration of Weblate roles (as defined in the design doc) through configuration management using Puppet.

Roles are:

  • Anonymous users can suggest.
  • Logged in users can suggest and vote on suggestions.
  • Reviewers can accept suggestions.
  • Admin.

The Puppet code created for this might need to be updated when weblate/django's API changes.

Can someone share some background on this discussion? Was it thought to protect against a specific kind of attack or bug?


Related issues

Blocks Tails - Bug #16881: Puppetize critical Weblate configuration Confirmed

History

#1 Updated by zen about 1 month ago

@hefee, does this issue capture what we wrote down as "puppetize auth model"?

#2 Updated by zen about 1 month ago

  • Assignee set to Sysadmins

#3 Updated by intrigeri about 1 month ago

  • Affected tool set to Translation Platform

#4 Updated by intrigeri about 1 month ago

Hi!

At first glance, this looks like a subset or duplicate of #16881, but the phrasing here is more detailed and could be used to improve the description of #16881 :)

#5 Updated by hefee about 1 month ago

  • Blocks Bug #16881: Puppetize critical Weblate configuration added

#6 Updated by hefee about 1 month ago

zen wrote:

@hefee, does this issue capture what we wrote down as "puppetize auth model"?

yes this sounds what I had in mind in regards of "puppetize auth model".

What I have in mind with puppetize is any script that is shipped via puppet and is executed regularly like a cronjob.

Also available in: Atom PDF