id summary reporter owner description type status priority milestone component version severity resolution keywords cc branch changelog apichanges internalchanges 8778 Permission that uniquely controls assignment of tickets to milestones Ryan J Ollos Ryan J Ollos "I have found that the `MILESTONE_VIEW` permission allows a user to change the milestone with which a ticket is associated. That is, it causes the milestone drop-down list to be populated with the milestones and allows the user to change which milestone a ticket is associated with. It seems incorrect for a `*VIEW` permission to grant a '''change''' action. Also, it seems desirable to allow a user to view milestones, but not change the milestone assignment for a particular ticket. In my situation, the configuration control board (lead software developers) are in charge of assigning tickets to milestones, and it would be better if all users with `MILESTONE_VIEW` permissions did not have this level of control. Therefore, it would be nice to have a separate permissions to control the assignment of tickets to milestones. This permission should be named either `TICKET_ASSIGN_MILESTONE` or `MILESTONE_ASSIGN_TICKET`. I suspect the former is a better fit for the permissions naming schema (See: TracDev/Proposals/EvenFinerGrainedPermissions). Note, this permission should be different than the `MILESTONE_MODIFY`, which controls modifying the description, due date, and other milestone data. " enhancement closed normal 1.3.2 ticket system 0.11.5 normal fixed permission consider The `TICKET_CHG_MILESTONE` action is used internally to grant/deny changing the ticket milestone. `DefaultPermissionPolicy` grants the action when the user has `MILESTONE_VIEW` for the milestone. See [CookBook/PermissionPolicies#RestrictChangingTicketMilestone the cookbook] for details on implementing fine-grained access control for changing the ticket milestone.