Edgewall Software
Modify

Opened 8 years ago

Last modified 20 months ago

#9289 new enhancement

Permissions for custom ticket fields

Reported by: Mitar Owned by:
Priority: normal Milestone: unscheduled
Component: ticket system Version: 0.11.4
Severity: normal Keywords: ticket custom
Cc: mmitar@…, jrioux@…
Release Notes:
API Changes:

Description

I would like to request a feature to be able to specify permissions for custom ticket fields. So that for a defined custom field you would be able to define users which can edit it on ticket opening, edit it later and also see it (or not) altogether.

This is very hard to do properly with a plugin as it requires finding out in post_process_request phase where all field has been displayed and removing that (ticket view, RSS, alternative views, ticket notifications, ticket queries, searching tickets…). It would be much easier if Trac would simply remove it from a list of fields in the first place if user would not have access to it (in a given ticket state).

Attachments (0)

Change History (10)

comment:1 Changed 8 years ago by Remy Blank

Resolution: duplicate
Status: newclosed

Related to #8653 and actually a duplicate of #2464.

comment:2 Changed 8 years ago by Mitar

Resolution: duplicate
Status: closedreopened

No, it is not a duplicate. #2464 talks about limitations which fields can be set/modified by the user. I am talking about permissions which fields user can see (in timeline, ticket view, query, reports…, alternate formats, e-mail notifications). #2464 talks just about the form for creating/editing ticket, I am talking about having globally check for every field everywhere if the user has permission to see (and set and modify) it.

comment:3 Changed 8 years ago by Remy Blank

Milestone: unscheduled

I see. This falls under TracDev/Proposals/EvenFinerGrainedPermissions, then.

comment:4 Changed 8 years ago by Mitar

An use case. We would like to add contact data for our users/customers which should be seen only for users with right permissions. All other things should be left public. So we would like to have a field which is only visible/editable to those users with a permission.

This is important for privacy issues.

In fact it is a generalization of what is done with e-mail addresses. We have a EMAIL_VIEW privilege. It would be generalization of this for custom privacy sensitive (or otherwise sensitive) fields.

comment:5 Changed 8 years ago by Dave Morgan <morgand@…>

… so we would need 2 pemissions (or a total of three "states") for every field (including custom fields).

0 - No Read (invisible) 1 - Read only 2 - Read/write.

…which would need a matrix to allow it to be tagged to each role/permission.

Question? I assume it could be hacked using the same mechanism that generates the workflow options which is also based upon roles/permissions…..

comment:6 Changed 8 years ago by Dave Morgan <morgand@…>

Should it also relate to "state" as well?

ie some field could/should be visible only when the ticket is in a given status?

comment:7 Changed 8 years ago by Mitar

I think there should just be a way to plugin permission system in. What exactly is then allowed should be customizable through plugins. So some plugin can take state into the account and some not. So the idea is to make fine grained permission system. Implementation is then left to others.

comment:8 Changed 7 years ago by jrioux@…

Cc: jrioux@… added

comment:9 Changed 3 years ago by Ryan J Ollos

Status: reopenednew

comment:10 Changed 20 months ago by Ryan J Ollos

Keywords: ticket custom added

Modify Ticket

Change Properties
Set your email in Preferences
Action
as new The ticket will remain with no owner.
The ticket will be disowned.
as The resolution will be set.
The owner will be changed from (none) to anonymous.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.