Add default permission policies for ticket and wiki realms — at Version 21
|Reported by:||Ryan J Ollos||Owned by:||Ryan J Ollos|
Description (last modified by )
These ideas are generated from gmessage:trac-users:T-bb2GAvqxI/tFs0_7yQDAAJ:
- By default users are allowed to edit their own comments, and I think in most cases it makes sense to allow users with
TICKET_CHGPROPto edit their own ticket description. We could allow users to edit their own ticket descriptions through a permission policy, thus making it easy for Trac sites that don't want the behavior to change it by replacing the permission policy or adding a different policy earlier in the list of permission policies.
- #10909 requests a permission for allowing a user to edit their own comment. Alternatively, we could just move the edit own comment behavior to a permission policy, which can then be replaced by sites that want different behavior.
ReadonlyWikiPolicyis very specific. Also, if a site wants to replace the policy, for example adding a custom permission for editing readonly pages, a new policy with the same name needs to be implemented (due to tags/trac-1.2/trac/wiki/web_ui.py@:567#L558). It would be better to allow an arbitrary policy name, and by default to have a general wiki policy that implements the readonly behavior. The wiki policy can be extended in the future with additional rules for the wiki realm.
The proposed changes implement the described rules in two policies,
DefaultWikiPolicy, which can then be extended in the future with additional rules for the ticket and wiki realms. I like the idea of having specific policies associated with realms, and moving the aforementioned behaviors out of the Module classes and into permission policies.
Change History (21)
comment:20 by , 4 years ago
|Release Notes:||modified (diff)|