Wiki Navigation

Hide sensitive tickets with a checkbox

This hack is up for adoption

SensitiveTickets

Description

SensitiveTickets is a plugin that lets users mark tickets as "sensitive" with a checkbox on the ticket form. Sensitive tickets are viewable only to those with the SENSITIVE_VIEW permission.

It is based on the example vulnerability_tickets.py but uses a checkbox instead of text in the summary or keywords to mark a ticket as sensitive.

To use this plugin you will have to edit your trac.ini file to use the new SenstiveTicketsPolicy permission policy, e.g.:

    [components]
    sensitivetickets.* = enabled

    [trac]
    permission_policies = SensitiveTicketsPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy

Needs an environment upgrade after enabling.

(TODO: explain what LegacyAttachmentPolicy is, and why one should or should not include it.)

Hooks that send mail on ticket changes will still send mail for sensitive tickets; this may not be what you want.

Bugs/Feature Requests

Existing bugs and feature requests for SensitiveTicketsPlugin are here.

If you have any issues, create a new ticket.

Download

Download the zipped source from here.

Source

You can check out SensitiveTicketsPlugin from here using Subversion, or browse the source with Trac.

Example

A user submits a security related ticket to a project's Trac, which is generally open to the public. They mark it as "Sensitive" so that only people in the internal team that deal with security issues can see the ticket.

A team uses Trac to handle its business development tasks, but wants to leave the record open for all. Some tasks, however--say, dealing with difficult clients--are sensitive. Those tickets are marked as sensitive and hidden to others but viewable by the business development team.

Recent Changes

[8234] by obs on 07/08/10 04:05:49

updated versioning and maintainer

[8233] by obs on 07/08/10 03:58:59

Deny access to nonexistent tickets instead of throwing an exception.

Thanks to Anders Kaseorg <andersk@mit.edu> for providing a patch

Fixes #7082

[5285] by k0s on 02/17/09 18:22:57

add attribution to the original plugin

[5284] by k0s on 02/17/09 18:15:02

remove cruft from vulnerability_tickets.py

Author/Contributors

Author: sbenthall
Maintainer:
Contributors: k0s

Download in other formats:

Plain Text