| 4 | | I tend to think the additional complexity of `TICKET_CLONE` outweighs the other arguments. For the case of public facing sites, we could require authenticated users + `TICKET_CREATE`, but requiring authentication might be unexpected for administrator. A trac.ini option such as //require authentication for ticket clone// also gets around this, but also increases the complexity of the system. I think that what I ultimately favor is pushing the changes to milestone:1.1.2 without the addition of `TICKET_CLONE`, and let user feedback determine whether additional restrictions are needed for allowing users to clone tickets. As hinted at in comment:23:ticket:4686, I |
| | 4 | I tend to think the additional complexity of `TICKET_CLONE` outweighs the other arguments. For the case of public facing sites, we could require authenticated users + `TICKET_CREATE`, but requiring authentication might be unexpected for administrator. A trac.ini option such as //require authentication for ticket clone// also gets around this, but also increases the complexity of the system. I think that what I ultimately favor is pushing the changes to milestone:1.1.2 without the addition of `TICKET_CLONE`, and let user feedback determine whether additional restrictions are needed for allowing users to clone tickets. As hinted at in comment:23:ticket:4686, I also think that ultimately issues such as this can be dealt with by some sort of fine-grained permissions that don't pollute the existing permissions system, but expose the fine-grained control to users that prefer to go that route. So far, from reading #4686, the majority seems to be against adding the `TICKET_CLONE` action. |
