Opened 7 years ago
Last modified 4 years ago
#12719 closed enhancement
Add default permission policies for ticket and wiki realms — at Initial Version
Reported by: | Ryan J Ollos | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | 1.3.2 |
Component: | general | Version: | |
Severity: | normal | Keywords: | permissions |
Cc: | Branch: | ||
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description
These ideas were generated from gmessage:trac-users:T-bb2GAvqxI/tFs0_7yQDAAJ:
- By default users are allowed to edit their own comments, and I think in most cases it would make sense to allow users with
TICKET_CHGPROP
to edit their own ticket descriptions. We could allow users to edit their own ticket descriptions through a permission policy, thus making it easy for Trac sites that don't want the behavior to change it by replacing the permission policy or adding a different policy earlier in the list of permission policies. - #10909 requests a permission for allowing users to edit their own comments. Alternatively, we could just move the edit own comment behavior to a permission policy, which can then be replaced by sites that want different behavior.
ReadonlyWikiPolicy
is very specific. If a site wants to replace the policy, for example adding a custom permission for editing readonly pages, a new policy with the same name needs to be implemented (due to tags/trac-1.2/trac/wiki/web_ui.py@:567#L558). It would be better to allow an arbitrary name.
The proposed changes implement the described rules in two policies, DefaultTicketPolicy
and DefaultWikiPolicy
, which can then be extended in the future with additional rules for the ticket and wiki realms. I like the idea of having specific policies associated with realms, and moving the aforementioned behaviors out of the Module classes and into permission policies.
Note:
See TracTickets
for help on using tickets.