Add default permission policies for ticket and wiki realms — at Initial Version
|Reported by:||Ryan J Ollos||Owned by:|
These ideas were generated from gmessage:trac-users:T-bb2GAvqxI/tFs0_7yQDAAJ:
- By default users are allowed to edit their own comments, and I think in most cases it would make sense to allow users with
TICKET_CHGPROPto edit their own ticket descriptions. We could allow users to edit their own ticket descriptions through a permission policy, thus making it easy for Trac sites that don't want the behavior to change it by replacing the permission policy or adding a different policy earlier in the list of permission policies.
- #10909 requests a permission for allowing users to edit their own comments. Alternatively, we could just move the edit own comment behavior to a permission policy, which can then be replaced by sites that want different behavior.
ReadonlyWikiPolicyis very specific. If a site wants to replace the policy, for example adding a custom permission for editing readonly pages, a new policy with the same name needs to be implemented (due to tags/trac-1.2/trac/wiki/web_ui.py@:567#L558). It would be better to allow an arbitrary name.
The proposed changes implement the described rules in two policies,
DefaultWikiPolicy, which can then be extended in the future with additional rules for the ticket and wiki realms. I like the idea of having specific policies associated with realms, and moving the aforementioned behaviors out of the Module classes and into permission policies.