Edgewall Software

Opened 18 years ago

Closed 15 years ago

Last modified 6 months ago

#1316 closed enhancement (fixed)

Ticket/Report view permissions dependent on owner (or user logged in)

Reported by: StefanW@… Owned by: Alec Thomas
Priority: high Milestone: 0.11
Component: ticket system Version: devel
Severity: normal Keywords: acl permission
Cc: trac-spam@…, thong@…, armandocroce@…, yura@…, dt@…, s.lipnevich@… Branch:
Release Notes:
API Changes:
Internal Changes:


We are a software development company and give access to our trac-page to our customers over internet so that they can add feature requests and post bugs-fix-requests. It turned out, that it is not good, that some of our customers can see tickets, which where added by our developers. We only want the costumers to see the tickets, which they added cause some customers are afraid of bug-tickets which where created by our developers. So we need some kind of permission that the customer only sees the tickets what he added. We thought also for some kind of dynamic view of reports dependent on the login-name. So our developers can choose the 'All active tickets' and the customer can only see and choose the report 'active ticket from [LoggedInUser]'.

Customers who are familiar with software development are not afraid of a growing ticket list caused by bug-fixing-requests created by our developers. But customers who are not familiar with software development don't know that it is absolute normal through a software-development-live-cycle that bugs are occuring and they have to be written down somewhere and beeing fixed when the right time comes. Would be nice if you could comment this ticket whether that is a priority feature for you to implement in the next few months or not. Group permissions would also be cool in that case. So we could split up the users in 'developers' and 'customers' (or 'partner-developers'…) If money could increase the speed of development of this feature, let me know.

Attachments (0)

Change History (31)

comment:1 by Florent Guillaume <fg@…>, 18 years ago

Cc: fg@… added

comment:2 by vittorio, 18 years ago

Severity: normalenhancement

comment:3 by Christopher Lenz, 17 years ago

Keywords: acl added
Milestone: 0.9

Note for 0.9.

comment:4 by anonymous, 17 years ago

Cc: fg@… removed

comment:5 by raven@…, 17 years ago

I'm also very interested in such feature as a quick solution i did the following:

  • users in "group" developer can see all tickets
  • all other users can only see self created oder assigned tickets.

edit all reports below "view tickets" and limit the sql statements to developer "group", e.g. the "view all tickets" sql should be as follows (look for the perm keyword):

SELECT p.value AS __color__,
   id AS ticket, summary, component, version, milestone, t.type AS type, severity, 
   (CASE status WHEN 'assigned' THEN owner||' *' ELSE owner END) AS owner,
   time AS created,
   changetime AS _changetime, description AS _description,
   reporter AS _reporter
  FROM ticket t, enum p, permission perm
  WHERE status IN ('new', 'assigned', 'reopened') 
AND p.name = t.priority AND p.type = 'priority' AND perm.action = 'developer' and perm.username='$USER'
  ORDER BY p.value, milestone, severity, time

in trac.ini disable the custom query link, so nobody can create querys

trac.ticket.query.* = disabled

comment:6 by anonymous, 17 years ago

Cc: trac-spam@… added

comment:7 by anonymous, 17 years ago

I would like to see this feature too

comment:8 by anonymous, 17 years ago

To expand on this theme:

It would be nice if tickets could be set to be "public" or not. A simple version could be a ticket attribute that is a permissions group. A full implementation would probably allow a list of users/groups to be attached to each ticket. Naturally, there should be a default, and the value of this attribute should be changeable as the ticket proceeds though its lifetime. Presumably, regardless of this setting any given ticket should be visible to its creator and owner.

This would be very helpful for managing "moderated" public access to tickets.

comment:9 by anonymous, 17 years ago

To add an actual case (happened to me tonight):

A developer or friend finds a security issue in the software. They report it on trac. Now I want to see this ticket, and the reporter too. But I don't want others to see it until I addressed the issue. That way the security sites wont find the ticket until I have a vender supplied patch.

I'll try Raven's post tomorrow.

comment:10 by minaguib, 17 years ago

I would also very much like to see exactly what "03/06/06 16:34:46: Modified by anonymous" described. An "only for group XYZ" property that could be set on individual tickets.

We're a small IT team in a company and we use Trac internally to manage all our requests and multiple projects. As of right now requests hitting our team have to be proxied through someone in the team who creates the Trac tickets. We would love to open Trac to the rest of the company to allow them direct access to create their own tickets, however we absolutely need a way to hide certain sensitive tickets from the public view.

comment:11 by Christian Boos, 17 years ago

See related discussion in Trac-Dev:476 about the PermissionPolicy features.

comment:12 by Matthew Good, 16 years ago

Milestone: 0.11
Owner: changed from Jonas Borgström to alect

This will be a part of the PermissionPolicy in 0.11.

comment:13 by Christian Boos, 16 years ago

Owner: changed from alect to Alec Thomas

who's alect? ;)

comment:14 by anonymous, 16 years ago

Cc: thong@… added

any updates on this?

comment:15 by Noah Kantrowitz <coderanger@…>, 16 years ago

This is implemented in 0.10 in the PrivateTickets plugin.

comment:16 by kuahyeow@…, 16 years ago

how about in 0.11dev?

comment:17 by Christian Boos, 16 years ago

Keywords: permission added
Owner: changed from Alec Thomas to Christian Boos

Yeah, I'm thinking about re-doing the PermissionPolicy based on WikiContexts.

comment:18 by Christian Boos, 16 years ago

#3466 was closed as duplicate of this one.

There's also #2393, which is not strictly a duplicate, but request the same thing for the TICKET_APPEND permission.

Note that the PermissionPolicy feature is seeing good progress, so those features will likely get implemented (or be easily implementable as a plugin) soon.

comment:19 by anonymous, 16 years ago

Cc: armandocroce@… added

comment:20 by Christian Boos, 16 years ago

#2393 discussed a variation of the same theme.

I think we could add a sample PermissionPolicy plugin for this functionality.

comment:21 by yura ivanov, 16 years ago

Cc: yura@… added

I need an option to actually hide tickets from reports, not only restrict to see (or comment) them. Is it possible? I mean if you can see all tickets (title, owner, reporter, summary) listed in report you actually have an access to restricted area… I understand that this ticket only about permissions, but need to be able use restriction table to hide restricted tickets. Simply add join to the report query and to be sure that all treestyle permissions will be cosidered (Customers→Company A→John can see in a report and view/comment only their company tickets).

comment:22 by Alec Thomas, 16 years ago

Owner: changed from Christian Boos to Alec Thomas

TracDev/SecurityBranch merged in r5514. However, currently only the Wiki and attachment subsystems have been converted, so until the ticket, report and query subsystems are done (which will happen before 0.11) this will not actually be possible.

A sample plugin implementing authz based access control is included as an example.

comment:23 by anonymous, 15 years ago

Cc: dt@… added

comment:24 by Christian Boos, 15 years ago

Owner: changed from Alec Thomas to Christian Boos
Priority: normalhigh

Besides adding the fine grained permissions to the ticket subsystem, I think we could add two useful sample plugins:

  1. PrivateTicketsPolicy: restrict ticket viewing to the ones the user have created
  2. SecurityTicketsPolicy: prevent any ticket flagged with a security keyword to be viewed by unprivileged users or the ticket reported

(stealing ticket away from aat, hope this will wake him up ;-) )

comment:25 by Alec Thomas, 15 years ago

Bah! Still thinking about ways to fix the attachment problem actually.

Those two plugins are good sample ones too. Another might be to allow anybody in a group of users to view tickets created by other users in that group - a PrivateGroupPolicy.

comment:26 by anonymous, 15 years ago

Cc: s.lipnevich@… added

comment:27 by Christian Boos, 15 years ago

#5878 was marked as duplicate.

comment:28 by Alec Thomas, 15 years ago

Owner: changed from Christian Boos to Alec Thomas
Status: newassigned

Since r5958 tickets are subject to the fine grained permission policies. The report and query subsystems will follow.

comment:29 by Alec Thomas, 15 years ago

Also added a sample plugin that will deny access to tickets with "security" or "vulnerability" in the summary or keyword fields.

comment:30 by Christian Boos, 15 years ago


comment:31 by Christian Boos, 15 years ago

Resolution: fixed
Status: assignedclosed

Now in trunk (r6139). Please file any new issue with ticket permission as a new ticket.

Modify Ticket

Change Properties
Set your email in Preferences
as closed The owner will remain Alec Thomas.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Alec Thomas to the specified user.

Add Comment

E-mail address and name can be saved in the Preferences .
Note: See TracTickets for help on using tickets.