Edgewall Software
Modify

Opened 16 years ago

Closed 16 years ago

Last modified 9 years ago

#7306 closed defect (worksforme)

Can't remove user from Assign to list, even if all permissions for that user are removed

Reported by: lewis+trac@… Owned by: Jonas Borgström
Priority: normal Milestone:
Component: ticket system Version: 0.11rc1
Severity: normal Keywords:
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description

If Trac is configured with restrict_owner = true and you remove all permissions for given authenticated user, that user will still show up in the Assigned to select.

Seems to me that a user with no permissions should not show up as a potential assigned to target.

Attachments (0)

Change History (8)

comment:1 by Piotr Kuczynski <piotr.kuczynski@…>, 16 years ago

Component: generalticket system

comment:2 by anonymous, 16 years ago

I'm a very new user .. and created new authenticated users - but how do i set their permissions/password etc?

in reply to:  2 comment:3 by Emmanuel Blot, 16 years ago

Replying to anonymous:

I'm a very new user .. and created new authenticated users - but how do i set their permissions/password etc?

Please read the NewTicket page: support questions are to be posted to the MailingList.

comment:4 by Remy Blank, 16 years ago

Resolution: worksforme
Status: newclosed

This is by design. The owner with no permissions is only visible on tickets already assigned to him. If this wasn't the case, it would not be possible to edit such a ticket without changing the owner.

If you reassign such a ticket to another user, the user with no permissions will disappear from the list for that ticket.

comment:5 by anonymous, 13 years ago

@rblank: I call foul on closing this - based on the ticket summary/description, your resolution comment is a bit nonsensical.

So for anyone else who comes across the actual (very real) problem described in the ticket, the actual answer is here: gdiscussion:trac-users:Qi_NXpDYxQ8.

Last edited 9 years ago by Ryan J Ollos (previous) (diff)

in reply to:  4 ; comment:6 by anonymous, 9 years ago

Replying to rblank:

This is by design. The owner with no permissions is only visible on tickets already assigned to him. If this wasn't the case, it would not be possible to edit such a ticket without changing the owner.

If you reassign such a ticket to another user, the user with no permissions will disappear from the list for that ticket.

I agree that this ticket should not be closed

If you had old tickets with developers not working here anymore, we still want those tickets to show their names.

However going through a list of 100 names to assign the ticket to one of a possible 5 - 10 persons is ridiculous. Old users should still be allowed to be seen as the person who attended to a ticket 10 years ago, but it doesn't mean that he should be available to be assigned a new ticket.

in reply to:  5 comment:7 by Ryan J Ollos, 9 years ago

Replying to anonymous:

So for anyone else who comes across the actual (very real) problem described in the ticket, the actual answer is here: gdiscussion:trac-users:Qi_NXpDYxQ8.

It is not necessary to delete the session in order to remove the user from the assign-to dropdown list.

in reply to:  6 comment:8 by Ryan J Ollos, 9 years ago

Replying to anonymous:

However going through a list of 100 names to assign the ticket to one of a possible 5 - 10 persons is ridiculous. Old users should still be allowed to be seen as the person who attended to a ticket 10 years ago, but it doesn't mean that he should be available to be assigned a new ticket.

I see the same behavior described in comment:4 on 1.0-stable, and I agree with rblank's assertion that the existing behavior is correct. I cannot reproduce the behavior described in comment:6.

The most likely explanation of the behavior described in comment:description, comment:5 and comment:6 is that TICKET_MODIFY is granted to authenticated users. Please use TracAdmin to confirm that the user does not possess TICKET_MODIFY: 

$trac-admin ../proj-1.0/ permission list user2

User   Action             
--------------------------
user2  BROWSER_VIEW       
user2  CHANGESET_VIEW     
user2  FILE_VIEW          
user2  INVALID_PERM       
user2  LOG_VIEW           
user2  MILESTONE_VIEW     
user2  REPORT_SQL_VIEW    
user2  REPORT_VIEW        
user2  ROADMAP_VIEW       
user2  SEARCH_VIEW        
user2  TICKET_BATCH_MODIFY
user2  TICKET_CREATE      
user2  TICKET_VIEW        
user2  TIMELINE_VIEW      
user2  WIKI_CREATE        
user2  WIKI_MODIFY        
user2  WIKI_VIEW          


Available actions:
 BROWSER_VIEW, CHANGESET_VIEW, CONFIG_VIEW, EMAIL_VIEW, FILE_VIEW,
 LOG_VIEW, MILESTONE_ADMIN, MILESTONE_CREATE, MILESTONE_DELETE,
 MILESTONE_MODIFY, MILESTONE_VIEW, PERMISSION_ADMIN, PERMISSION_GRANT,
 PERMISSION_REVOKE, REPORT_ADMIN, REPORT_CREATE, REPORT_DELETE,
 REPORT_MODIFY, REPORT_SQL_VIEW, REPORT_VIEW, ROADMAP_ADMIN, ROADMAP_VIEW,
 SEARCH_VIEW, TICKET_ADMIN, TICKET_APPEND, TICKET_BATCH_MODIFY,
 TICKET_CHGPROP, TICKET_CREATE, TICKET_EDIT_CC, TICKET_EDIT_COMMENT,
 TICKET_EDIT_DESCRIPTION, TICKET_MODIFY, TICKET_VIEW, TIMELINE_VIEW,
 TRAC_ADMIN, VERSIONCONTROL_ADMIN, WIKI_ADMIN, WIKI_CREATE, WIKI_DELETE,
 WIKI_MODIFY, WIKI_RENAME, WIKI_VIEW

Users lacking TICKET_MODIFY will not be included in the assign-to select box.

Last edited 9 years ago by Ryan J Ollos (previous) (diff)

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Jonas Borgström.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Jonas Borgström to the specified user.

Add Comment
E-mail address and name can be saved in the Preferences .
AttachmentsDescription
 
Note: See TracTickets for help on using tickets.