|Version 5 (modified by coderanger, 7 years ago) (diff)|
Modified ticket permissions
Allow users to only see tickets they are associated with.
There are three new permissions for this plugin: TICKET_VIEW_REPORTER, TICKET_VIEW_CC, and TICKET_VIEW_OWNER. TICKET_VIEW_SELF is an alias for all three of these.
With each permission, users will only be able to see tickets where they are the person mentioned in the permission. So if a user has TICKET_VIEW_REPORTER, they can only see tickets they reported. For TICKET_VIEW_CC, they just have to be included in the CC list.
There are also group-based permissions: TICKET_VIEW_REPORTER_GROUP, TICKET_VIEW_CC_GROUP, and TICKET_VIEW_OWNER_GROUP. These work in a similar way to their non-group counterparts, except that you are granted access if you share a group with the target user. For example, if ticket 1 was reported by Allan, and Allan and Bob are both in the group company_foo, and Bob has TICKET_VIEW_REPORTER_GROUP, then Bob will be able to see ticket 1 since he shares a group with the reporter. Each group-based permission is also an alias for the normal one, so you do not have to grant both. TICKET_VIEW_GROUP is an alias for all the group-based permissions (and therefore all the normal ones as well).
You can configure which groups to ignore for the purposes of permission checking with the group_blacklist option shown below.
If you have any issues, create a new ticket.
Download the zipped source from here.
[components] privatetickets.* = enabled
[privatetickets] group_blacklist = anonymous, authenticated