Ticket #7700 (closed enhancement: fixed)

Opened 3 years ago

Last modified 8 months ago

[Patch] Allow user management without having TRAC_ADMIN permission

Reported by: sto Assigned to: hasienda
Priority: high Component: AccountManagerPlugin
Severity: major Keywords: permission separation
Cc: pacopablo Trac Release: 0.12

Description

I want to let the project managers to manage users, but I don't want them to have TRAC_ADMIN permission.

To be able to do that I've patched your plugin to add a USERS_ADMIN permission that lets them to manage users and notifications but nothing else (i. e. they can't change the module configuration nor change file paths, authentication methods, etc.)

I'm attaching a patch that applies cleanly to a checkout of the revision 8942 of:

http://trac-hacks.org/svn/accountmanagerplugin/trunk

I haven't tested it much but seems to do what I want.

Attachments

accountmanagerplugin-trunk-r8942-add_users_admin_perm.patch (2.1 kB) - added by sto on 09/18/10 10:29:54.
patch against current trunk
accountmanagerplugin-trunk-r8942-add_config_and_users_admin_perm.patch (2.4 kB) - added by sto on 09/20/10 11:34:50.
Patch redone using ticket #1902 permission names

Change History

09/18/10 10:29:54 changed by sto

  • attachment accountmanagerplugin-trunk-r8942-add_users_admin_perm.patch added.

patch against current trunk

09/20/10 10:46:05 changed by sto

I've been lookig at open tickets against AccountManagerPlugin and updated the patch to implement the permissions of ticket #1902 (ACCOUNTMANAGER_CONFIG and and ACCOUNTMANAGER_USERS).

Using the new patch you could close the following tickets: #1902, #2196, #3726, #5830 and #7700 (obviously).

09/20/10 11:34:50 changed by sto

  • attachment accountmanagerplugin-trunk-r8942-add_config_and_users_admin_perm.patch added.

Patch redone using ticket #1902 permission names

09/26/10 03:31:39 changed by hasienda

  • cc set to pacopablo.
  • priority changed from normal to high.
  • severity changed from normal to major.
  • keywords set to permission separation.
  • summary changed from [Patch] Allow user management without having the TRAC_ADMIN permission to [Patch] Allow user management without having TRAC_ADMIN permission.

Nice, but without allowing the current maintainer to get noticed of it, you'll not see much progress.

Let's raise priority, since this is able to close some more tickets as advised in previous comment.

09/29/10 00:56:19 changed by hasienda

  • owner changed from mgood to hasienda.

Got maintainership, so I'll try to take care now on my own.

I like the idea in general, but would like to introduce a slightly different view on permissions. I think it is reasonable to assume, that responsibility for notification settings could be bundled with basic settings in one application and with user administration in another one. To allow for this we'll need not 2 but 3 different permissions. OTOH denying user administration, if someone got power to fiddle with the authentication backend is odd would be kind of notification admin on it's own. We should have a permission cascade with inheritance intuitively guessable like this:

  • ACCTMGR_USER_ADMIN just to manage user accounts alone (users)
  • ACCTMGR_CHG_NOTIFY has notification settings (notification) in addition to user management
  • ACCTMGR_ADMIN inherits all including basic settings (config)
  • TRAC_ADMIN of course inherits everything as usual

10/11/10 22:39:00 changed by hasienda

  • status changed from new to closed.
  • resolution set to fixed.

(In [9280]) AccountManagerPlugin: Allow acctmgr administration for non-TRAC_ADMINs, closes #3726 and #7700.

With dedicated AccountManagerPlugin permissions now you could not only delegate AccountManager administration to users without granting them TRAC_ADMIN, but even differentiate access policy within these settings (closes #1902 as well):

  • ACCTMGR_CONFIG_ADMIN - for /config and /notification
  • ACCTMGR_USER_ADMIN - for /users
  • ACCTMGR_ADMIN - inheriting all without requiring TRAC_ADMIN

09/04/12 21:26:30 changed by hasienda

(In [11927]) AccountManagerPlugin: Consolidate plugin permissions, refs #7700.

Central definition in the AccountManager module is not only more straight-forward, now actions are guaranteed to exist even with admin panels disabled.

As a side-effect this fixes irritating ACCTMGR_USER_ADMIN duplicate entries in the permission select box as seen i.e. in Trac 0.11.

Added unit test to ensure this works expectedly, and added a more intuitive inheritance of EMAIL_VIEW by ACCTMGR_USER_ADMIN too, that was missing because of wrong syntax in AccountManagerAdminPanels.get_permission_actions before.

10/10/12 01:25:00 changed by hasienda

(In [12134]) AccountManagerPlugin: Add acct_mgr/tests/api.py that I forgot in [11927], refs #7700.

Add/Change #7700 ([Patch] Allow user management without having TRAC_ADMIN permission)




Change Properties
Action