Edgewall Software

Opened 4 years ago

Last modified 8 months ago

#12719 closed enhancement

Add default permission policies for ticket and wiki realms — at Version 2

Reported by: Ryan J Ollos Owned by:
Priority: normal Milestone: 1.3.2
Component: general Version:
Severity: normal Keywords: permissions
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description (last modified by Ryan J Ollos)

These ideas are generated from gmessage:trac-users:T-bb2GAvqxI/tFs0_7yQDAAJ:

  • By default users are allowed to edit their own comments, and I think in most cases it makes sense to allow users with TICKET_CHGPROP to edit their own ticket description. We could allow users to edit their own ticket descriptions through a permission policy, thus making it easy for Trac sites that don't want the behavior to change it by replacing the permission policy or adding a different policy earlier in the list of permission policies.
  • #10909 requests a permission for allowing a user to edit their own comment. Alternatively, we could just move the edit own comment behavior to a permission policy, which can then be replaced by sites that want different behavior.
  • ReadonlyWikiPolicy is very specific. Also, if a site wants to replace the policy, for example adding a custom permission for editing readonly pages, a new policy with the same name needs to be implemented (due to tags/trac-1.2/trac/wiki/web_ui.py@:567#L558). It would be better to allow an arbitrary policy name, and by default to have a general wiki policy that implements the readonly behavior. The wiki policy can be extended in the future with additional rules for the wiki realm.

The proposed changes implement the described rules in two policies, DefaultTicketPolicy and DefaultWikiPolicy, which can then be extended in the future with additional rules for the ticket and wiki realms. I like the idea of having specific policies associated with realms, and moving the aforementioned behaviors out of the Module classes and into permission policies.

Change History (2)

comment:1 by Ryan J Ollos, 4 years ago

Ideas are captured in log:rjollos.git:t12719_new_permission_policies. More testing and code review is needed before considering to commit.

comment:2 by Ryan J Ollos, 4 years ago

Description: modified (diff)
Note: See TracTickets for help on using tickets.