Permission is not recognized

[zhijiex@…]

I installed virtualticketpermissions plugin which has permission TICKET_IS_OWNER. The permission means that only ticket owner can change the ticket properties. My configuration as below:
[blackmagic]
tweaks = severity, priority
priority.permissions = TICKET_IS_OWNER
severit.permissions = TICKET_IS_OWNER

I found that not ticket owner can still change priority. The permission TICKET_IS_OWNER is not working. How can I make it work?

[obs]

Did you enable both the BlackMagicTicketTweaks and VirtualTicketPermissions permission policies in trac.ini?

[anonymous]

My permission policies is as below:
permission_policies = BlackMagicTicketTweaks, DefaultPermissionPolicy,VirtualTicketPermissionsPolicy

VirtualTicketPermissionsPolicy permission can work.

[obs]

Try setting it to the following

permission_policies = VirtualTicketPermissionsPolicy, BlackMagicTicketTweaks, DefaultPermissionPolicy

Let me know if it makes a difference, remember to restart trac after you change it.

[anonymous]

Now severity, priority do not allow to change whatever it is ticket owner or not. Even new ticket severity and priority do not allow to input value.

[obs]

I'll have a play and get back to you.

[obs]

Hi

I just tested and noticed you typo'd in your trac.ini you said you have

[blackmagic] 
tweaks = severity, priority 
priority.permissions = TICKET_IS_OWNER 
severit.permissions = TICKET_IS_OWNER

It should be

[blackmagic] 
tweaks = severity, priority 
priority.permission = TICKET_IS_OWNER 
severity.permission = TICKET_IS_OWNER

(No s on permission and you missed a y of severity).

That configuration works for me.

[anonymous]

I corrected trac.ini as below:
[blackmagic]
tweaks = priority,component
component.hide = true
priority.permission = TICKET_IS_OWNER

accept = new,assigned,accepted,reopened -> accepted
accept.operations = set_owner_to_self
accept.permissions = TICKET_IS_OWNER

component can be hidden. But priority still does not work.
I found that:

1. If authenticated user has no permission TICKET_IS_OWNER he can not change priority.
2. If authenticated user has permission TICKET_IS_OWNER he can change priority forwever.

That meanse priority.permission = TICKET_IS_OWNER does not work. Especially I can not understand why authenticated user can not change new ticket priority if no permission TICKET_IS_OWNER.

[obs]

You state that if they don't have TICKET_IS_OWNER and are authenticated then they cannot change the owner, if they do have TICKET_IS_OWNER they can change priority.

That means the priority.permission = TICKET_IS_OWNER is working how it should be. If they do not have the TICKET_IS_OWNER permission i.e. it's a new ticket (new tickets have no owner), or it is not assigned to them they cannot change the priority.

The *.permission option is the permissions the user must have to change the property.

[anonymous]

As for VirtualTicketPermissionsPolicy plugin the login user will get permission TICKET_IS_OWNER automatically if he is the ticket owner. So we can not do not permitted action. But for *.permission option have no such function. That's why ticket owner can not change allowed to change property 'priority'.

[obs]

You're confusing me, your settings have it so if they have the TICKET_IS_OWNER permission they can edit priority, and you state that they can edit priority if they are the owner, so there is no problem here that is how it is meant to work.

[anonymous]

I got your meaning.
The annoyed problem is that only ticket owner can change properties. Authenticated user can not change created ticket properties if they are not ticket owner. Does BlackMagic plugin have no such function to adjudge if user is the created ticket owner?

[anonymous]

The *.permission is allowed to be a comma separated list so if you wanted the creator and the owner to edit it you could use the virtual ticket permissions plugin to set

priority.permission = TICKET_IS_OWNER, TICKET_IS_REPORTER

That would allow the creator and owner to edit the ticket.

priority.permission = TICKET_IS_OWNER, TICKET_IS_REPORTER, TICKET_MODIFY

would allow the owner, report and anyone with the TICKET_MODIFY permission to edit it.

Does that solve your problem?

[anonymous]

priority.permission = TICKET_IS_OWNER, TICKET_MODIFY
Can not solve this problem.
Because TICKET_IS_OWNER is assigned dynamically based on current login user own ticket. And most of authenticated users have TICKET_MODIFY. So BlackMagic plugin can not recognize who have true permission to change properties. The solved method is that BlackMagic plugin can judge whether login user is ticket owner when viewing ticket. If true the user will get TICKET_IS_OWNER permission dynamically.

[obs]

The plugin does detect if they have TICKET_IS_OWNER, we've proved this by your earlier statement that authenticated users that own tickets can modify permissions. Are you now saying that you have tried priority.permission = TICKET_IS_OWNER, TICKET_MODIFY and that doesn't work? That would suggest the plugin isn't detecting multiple permissions correctly, let me know if this is the case.

[anonymous]

Authenticated users must be assigned TICKET_IS_OWNER manually. The plugin can not detect the permission TICKET_IS_OWNER dynamically. That means authenticated users that own tickets can not change properties if they are not granted TICKET_IS_OWNER manually.

[obs]

By dynamically I assume you mean automatically. TICKET_IS_OWNER is assigned by the VirtualTicketPermissionsPlugin if the owner field is set to the user, the BlackMagicTicketTweaksPlugin then detects this from the VirtualTicketPermissionsPlugin and allows editing of fields. This works I have tested it, if it doesn't work for you then you need to change your configuration settings, or you are just not understanding how the plugins work.

[anonymous]

Please see attachmented files. Same user that own ticket has more action than not own ticket. These pic can prove that VirtualTicketPermissionPlugin works. But prioprity can not be changed whatever user is ticket owner or not. That proves BlackMagicTicketTweaksPlugin permission does not work. And system property is hidden. Below is blackmagic in trac.ini config:
[blackmagic]
tweaks = priority,system
system.hide = true
priority.permission = TICKET_IS_OWNER

[obs]

That's very strange, for me it works.

Can you set your permission_policies to the following

[trac]
permission_policies = DefaultPermissionPolicy, LegacyAttachmentPolicy,VirtualTicketPermissionsPolicy,BlackMagicTicketTweaks

If that doesn't work let me know what version of trac you are using and I will test again.

[anonymous]

There is no any changes.
Trac version info is as below:
Trac: 0.11.6
Python: 2.4.3 (#1, Jan 21 2009, 01:10:13) [GCC 4.1.2 20071124 (Red Hat 4.1.2-42)]
setuptools: 0.6c9
SQLite: 3.3.6
pysqlite: 1.1.7
Genshi: 0.5.1
mod_python: 3.2.8
jQuery: 1.2.6

[anonymous]

I think TICKET_IS_OWNER is not truely assigned by the VirtualTicketPermissionsPlugin if the owner field is set to the user. It is virtually assigned permission. So BlackMagicTicketTweaksPlugin can not detect TICKET_IS_OWNER permission. But I assigned TICKET_IS_OWNER manually BlackMagicTicketTweaksPlugin can detect it and works fine.

[obs]

Patched egg

[obs]

Try using the patched egg file I just attached, replace the current one in your <environment>/plugins directory. I tested and it works on 0.11.6 (for some reason the problem doesn't occur on 0.11.7-dev)

[anonymous]

I do not see attached egg file. Please attach again.

[anonymous]

scroll up to the very top of this ticket

BlackMagicTicketTweaks-0.1-py2.6.egg (23.2 kB) - added by obs on 02/10/10 03:51:24.
Patched egg

[anonymous]

I copied BlackMagicTicketTweaks-0.1-py2.6.egg to the plugins directory. Admin panel-> plugins menu does not display the plugin. That means the BlackMagicTicketTweaks-0.1-py2.6.egg can not be detected.

[anonymous]

Check your file permissions or install it via the web admin

[anonymous]

I changed name BlackMagicTicketTweaks?-0.1-py2.6.egg into BlackMagicTicketTweaks?-0.1-py2.4.egg. Now the plugin can be detected.
This time I found that my blackmagic permission setting is really working. For view ticket priority can be controlled by ticket owner.
But for new ticket: the priority property is always forbidden to be changed. If this problem can be fixed then all works fine.

[anonymous]

For new tickets there is no TICKET_IS_OWNER permission so I can't do anything about that. I could change the plugin to allow different settings for new tickets but that will take a while.

[obs]

(In [7530]) fixed issue where BMTTP was doing a global permission check which interfered with VirtualTicketPermissionsPolicy Plugin fixes #6519 created enhancement ticket #6610 for "new" ticket permissions request

[normanr]

Should this be extended to ticket_types checks?

Although I can't think of a practical reason why ticket_types should be limited based on any of the virtual permissions.

Would it be useful to only set to type:blah if you're the owner, or something *shrug* (I'm thinking the default type would be unknown, and only owners can categorize tickets)

[obs]

I suppose it could be useful, it would restrict tickets you can view in reports to only those you're TICKET_IS_OWNER to, to prevent user's changing the type unless they're owner you can just put

type.permission = TICKET_IS_OWNER

I'll probably implement what you suggest on the next release since it will clean up some code in the plugin anyway.