TICKET_ADMIN privilege allows modifying and even deleting Milestones

[kontakt at meitzner dot net]

Just by accident I figures out that by giving the TICKET_ADMIN privilege to my trac users, I give them all the powers to modify all ticket properties in the Admin Panel. I've seen there are and have been efforts to allow better control over who is allowed to do that.

What bothers me is that TICKET_ADMIN also seems to allow the user implicitly to modify and even delete Milestones in the "Ticket System" section of the Admin panel. So when I create a Milestone as TRAC_ADMIN, a user having TICKET_ADMIN privileges can delete it, while only having MILESTONE_VIEW privileges additionally.

Am I completely wrong to doubt that this behavior is a feature rather than a bug? At least it—IMHO—is an inconsistency in the privileges, since I do not expect a user having TICKET_ADMIN and MILESTONE_VIEW to effectively be able to change and delete Milestones.

I'm using Trac 0.11.4, please ask me if you need further information. I'd be glad if someone could maybe check and confirm on a vorgin Trac install, since I have a lot of plugins installed which raises the possibility of one of those causing the problem.

Cheerz, Martin