Changes between Version 14 and Version 15 of CookBook/PermissionPolicies
- Timestamp:
- May 10, 2017, 10:43:51 AM (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
CookBook/PermissionPolicies
v14 v15 174 174 if username != 'anonymous' and \ 175 175 action == 'TICKET_VIEW' and \ 176 resource is not None and \ 177 resource.realm == 'ticket' and \ 178 resource.id is not None and \ 179 'TICKET_VIEW_REPORTED' in perm: 180 try: 181 ticket = Ticket(self.env, resource.id) 182 except ResourceNotFound: 183 pass 184 else: 185 return ticket['reporter'] == username 176 'TICKET_ADMIN' not in perm: 177 if 'TICKET_VIEW_REPORTED' in perm: 178 if resource is None or \ 179 resource.realm == 'ticket' and \ 180 resource.id is None: 181 return True 182 elif resource.realm == 'ticket' and \ 183 resource.id is not None: 184 try: 185 ticket = Ticket(self.env, resource.id) 186 except ResourceNotFound: 187 pass 188 else: 189 return username in (ticket['reporter'], ticket['owner']) 190 186 191 }}} 187 192 1. Edit the `permission_policies` option in the [TracIni#trac-section "[trac]"] section of trac.ini, adding the `SupportDeskPolicy` component ''before'' the default [TracPermissions permission] policy: … … 190 195 permission_policies = SupportDeskPolicy, ... 191 196 }}} 192 1. Revoke `TICKET_VIEW` and grant `TICKET_VIEW_REPORTED` for users that should only view tickets they reported. 197 1. Revoke `TICKET_VIEW` and grant `TICKET_VIEW_REPORTED` for users that should only view tickets they reported. Users with `TICKET_VIEW` can view all tickets, provided they don't also have `TICKET_VIEW_REPORTED`. 193 198 1. Grant other permissions such as `TICKET_CHGPROP`, `TICKET_APPEND` or `TICKET_MODIFY`. Users can only change tickets they can view, therefore you'll only be granting these permissions for tickets the user reported. 194 199