Modify

Opened 6 years ago

Closed 6 years ago

#3097 closed enhancement (fixed)

Allowing user exceptions of private ticket restriction

Reported by: kgabor@… Owned by: coderanger
Priority: normal Component: PrivateTicketsPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.11

Description

Currently, if a user has none of the introduced new permissions (TICKET_VIEW_*) of PrivateTicketsPlugin, PrivateTicketsPlugin denies access and therefore user has permission denied whether it has the ordinary TICKET_VIEW or not. It would be better to simply do nothing by the plugin if no TICKET_VIEW_* permission present and so it would restore default permission checking for this particular user. In other words, missing of all extra permission would be an exceptional case similar to TRAC_ADMIN in policy.py.

Attachments (0)

Change History (1)

comment:1 Changed 6 years ago by coderanger

  • Resolution set to fixed
  • Status changed from new to closed

(In [3751]) If user has none of the special permissions, fall-through to the next policy. Also enforce privatetickets permissions on any sub-resource (eg. attachments) of a ticket. (closes #3097)

Add Comment

Modify Ticket

Action
as closed .
as The resolution will be set. Next status will be 'closed'.
to The owner will be changed from coderanger. Next status will be 'closed'.
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.