Context Navigation

Modify ↓

#13093 closed enhancement (fixed)

TICKET_EDIT_CC apply to new ticket

Reported by:	knavero@…	Owned by:	Ryan J Ollos
Priority:	normal	Milestone:	1.3.6
Component:	ticket system	Version:
Severity:	normal	Keywords:
Cc:		Branch:
Release Notes:	`TICKET_EDIT_CC` is required for editing the CC list as a text field for the new ticket form.
API Changes:
Internal Changes:

Description

Can TICKET_EDIT_CC apply to creation of a new ticket also? In other words, it would be nice to limit the control of how a user submitting a ticket can send a lot of emails

Attachments (0)

Change History (5)

comment:1 by Jun Omae, 6 years ago

Component:	general → ticket system
Milestone:	→ next-stable-1.2.x

Sounds good. I've considered the same when a spammer cloned old tickets which have many entries in the cc field.

comment:2 by Peter Suter, 6 years ago

Since Trac 1.3.3 (#12947) you can presumably do this by disabling the DefaultTicketPolicy component. When that component is enabled four rules are enabled:

Users with MILESTONE_VIEW can edit the ticket milestone field.
Authenticated users with TICKET_APPEND or TICKET_CHGPROP can edit the description of a ticket they reported.
Authenticated users with TICKET_APPEND can edit their own ticket comments.
The CC field can be edited when creating a ticket even if the user doesn't have TICKET_EDIT_CC.

Disabling the component will disable all four rules. To disable only the last rule, I guess you can replace the component in a single-file-plugin (untested):

from trac.core import *
from trac.ticket.web_ui import DefaultTicketPolicy

class DefaultTicketPolicyWithoutNewTicketEditCc(DefaultTicketPolicy):

    def check_permission(self, action, username, resource, perm):
        # Skip DefaultTicketPolicy rule for TICKET_EDIT_CC
        if action == 'TICKET_EDIT_CC':
            return
        super(DefaultTicketPolicyWithoutNewTicketEditCc, self) \
            .check_permission(action, username, resource, perm)

This could be added to wiki:CookBook/PermissionPolicies.

(But I don't mind if this is changed in Trac itself anyway. Then a cookbook recipe could show how to get the old behavior.)

follow-up: 4 comment:3 by Ryan J Ollos, 5 years ago

Milestone:	next-stable-1.2.x → 1.3.6
Owner:	set to Ryan J Ollos
Release Notes:	modified (diff)
Status:	new → assigned

Proposed changes in [78a9731d7/rjollos.git].

in reply to: 3 comment:4 by Jun Omae, 5 years ago

The changes look good to me.

comment:5 by Ryan J Ollos, 5 years ago

Resolution:	→ fixed
Status:	assigned → closed

Thanks for review. Committed to trunk in r17063.

Modify Ticket

Change Properties

Summary:
Description:	Can TICKET_EDIT_CC apply to creation of a new ticket also? In other words, it would be nice to limit the control of how a user submitting a ticket can send a lot of emails You may use WikiFormatting here.
Type:		Priority:
Milestone:		Component:
Version:		Severity:
Keywords:		Cc:	Set your email in Preferences
Branch:
Release Notes:	`TICKET_EDIT_CC` is required for editing the CC list as a text field for the new ticket form.
API Changes:
Internal Changes:

Action

leave as closed The owner will remain Ryan J Ollos.

reopen The resolution will be deleted. Next status will be 'reopened'.

change ownership to The owner will be changed from Ryan J Ollos to the specified user.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences .

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats: