Edgewall Software
Modify

Opened 12 years ago

Closed 4 weeks ago

Last modified 4 weeks ago

#7438 closed enhancement (wontfix)

Restrict edit permission for ticket description to ticket owner

Reported by: john.williams@… Owned by:
Priority: normal Milestone:
Component: ticket system Version: 0.11-stable
Severity: normal Keywords: permissions groups
Cc: b7m1@…, norman@…, holger-juergs@…, pocek@…, Ryan J Ollos Branch:
Release Notes:
API Changes:
Internal Changes:

Description

THis is similar to #1316.

It would be very helpful if permissions to edit a ticket's description could be restricted to the owner. This allows the administrator(ahem) to be freed up from changing ticket descriptions all the time, while not giving all users in my developer group the TICKET_EDIT_DESCRIPTION permission.

Attachments (0)

Change History (21)

comment:1 by b7m1@…, 12 years ago

Cc: b7m1@… added
Priority: lownormal
Version: 0.11-stable

Agreed. Actually, I would like to see this in a more general case. It would be very nice to have a permission setting for actions only available to the owner of the ticket.
Something like: resolve.permissions = TICKET_OWNER which allows only the ticket owner to resolve the ticket.

comment:2 by anonymous, 12 years ago

PrivateTicketsPlugin could be extended to work with TICKET_EDIT_DESCRIPTION, surely?

comment:3 by anonymous, 12 years ago

I've opened #3568 on the trac-hacks wiki to handle permissions in workflow

comment:4 by norman@…, 12 years ago

Cc: norman@… added

(sorry forgot to author the last two comments)

comment:5 by norman@…, 12 years ago

comment:1 has been implemented in VirtualTicketPermissionsPlugin. It creates a permission called 'TICKER_IS_OWNER' that is only given when the current user is the owner of the ticket (there are other new permissions for CC and reporter and groups too)

Last edited 4 weeks ago by Ryan J Ollos (previous) (diff)

comment:6 by Christian Boos, 11 years ago

Keywords: permissions groups added
Milestone: not applicable0.13
Summary: ticet description editing permissions to ownerticket description editing permissions to owner

Ok, so comment:1 is implemented by TH:VirtualTicketPermissionsPlugin, which is interesting, but this can't be used to implement the original request.

Maybe for this we would need kinds of virtual groups, the same way we have the built-in authenticated:

  • @ticket-owner
  • @ticket-on-cc
  • @ticket-reporter

The existing permissions (e.g. TICKET_EDIT_DESCRIPTION, but also ATTACHMENT_DELETE for #948) could then be assigned to some of these groups.

Those special groups might be dynamically attached to the user by the TicketSystem (or a plugin) implementing a IPermissionGroupProvider, but then the get_permission_groups must know about the resource for which we're currently checking the permission.

comment:7 by Norman Rasmussen <norman@…>, 11 years ago

That sounds like a fantastic way to implement the functionality. Would that mean that instead of the PrivateTicketsPlugin TICKET_VIEW_REPORTER you would just assign TICKET_VIEW to @ticket-reporter (etc for owner, on-cc).

Would you create virtual groups for -in-owners-group, -in-reporter-group -in-cc-group?

Last edited 4 weeks ago by Ryan J Ollos (previous) (diff)

comment:8 by Emmanuel Blot, 11 years ago

It would be nice to have an "author" special user, along with the existing "anonymous" and "authenticated" ones.

comment:9 by anonymous, 11 years ago

Summary: ticket description editing permissions to ownerRestrict edit permission for ticket description to ticket owner

comment:10 by Ryan Ollos <ryano@…>, 11 years ago

Cc: ryano@… added

Changed ticket summary to better describe request.

comment:12 by j.beilicke@…, 9 years ago

Cc: j.beilicke@… added

comment:13 by holger-juergs@…, 7 years ago

Cc: holger-juergs@… added

comment:14 by pocek@…, 6 years ago

Cc: pocek@… added

comment:16 by Ryan J Ollos, 6 years ago

Cc: Ryan J Ollos added; ryano@… removed

comment:17 by Jan Beilicke <j.beilicke@…>, 4 years ago

Cc: j.beilicke@… removed

in reply to:  description comment:19 by Ryan J Ollos, 4 weeks ago

Replying to john.williams@…:

It would be very helpful if permissions to edit a ticket's description could be restricted to the owner.

Since 1.3.2 (#12719), authenticated user with TICKET_APPEND or TICKET_CHGPROP can modify description of ticket they reported. This allows the reporter to fix/add to the description.

In addition to the useful tip in comment:18, if you wish the owner to modify the description, you can implement a permission policy similar to DefaultTicketPolicy. In general, I don't think it makes sense to allow the owner to modify the description of a ticket because it depends on having useful restrictions on who set the ticket owner.

Last edited 4 weeks ago by Ryan J Ollos (previous) (diff)

in reply to:  1 comment:20 by Ryan J Ollos, 4 weeks ago

Replying to b7m1@…:

Something like: resolve.permissions = TICKET_OWNER which allows only the ticket owner to resolve the ticket.

The TracWorkflow now has a permissions attribute, so you can restrict an action such as resolve.

in reply to:  6 comment:21 by Ryan J Ollos, 4 weeks ago

Replying to Christian Boos:

The existing permissions (e.g. TICKET_EDIT_DESCRIPTION, but also ATTACHMENT_DELETE for #948) could then be assigned to some of these groups.

#12719 also added ability for authenticated user to delete their own attachments.

comment:22 by Ryan J Ollos, 4 weeks ago

Milestone: next-major-releases
Resolution: wontfix
Status: newclosed

Closing as wontfix since this can be implemented with a custom permissions policy, and related enhancements to Trac would be covered under TracDev/Proposals/EvenFinerGrainedPermissions.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The ticket will remain with no owner.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from (none) to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.