ticket summary type release owner status created modified _description _reporter 4619 the permission checked for is SENSITIVE_VIEW but viewing tickets shows a TICKET_VIEW permission error defect 0.11 new 2009-02-13T03:53:46+01:00 2020-01-11T06:46:04+01:00 "on tickets marked as Sensitive, viewing them shows the following message {{{ Forbidden: TICKET_VIEW privileges needed. }}} The permission checked for is SENSITIVE_VIEW. Note that this is not necessarily undesirable. While no real security is provided by hiding evidence that the ticket is sensitive, neither does it hurt the functionality of the SensitiveTicketsPlugin. Since the trac tickets are ordered, anyone seeking to know which tickets are sensitive can request them incrementally." Jeff Hammel 9835 Sensitive checkbox should be hidden for users who aren't allowed to check it defect 0.12 new 2012-02-20T06:30:46+01:00 2020-01-11T06:46:04+01:00 "as of r11287, the SensitiveTicketsPlugin prevents people from setting a ticket to sensitive if that would cause the ticket itself to be hidden from them. We should hide the checkbox in the ""ticket properties"" section if we know that the user is going to get an error if they check it. I believe one way to do this would be to extend [http://trac.edgewall.org/wiki/TracDev/PluginDevelopment/ExtensionPoints/trac.web.api.ITemplateStreamFilter ITemplateStreamFilter] to conditionally either inject css to set the objects to ""display:none"" or to simply remove the objects entirely. I don't know how to do this yet, though. I would welcome patches! Some example CSS if the checkbox needed to be hidden might be: {{{ label[for=""field-sensitive""]: { display: none; } input#field-sensitive: { display: none; } }}}" Daniel Kahn Gillmor 10228 Deadlock running along with PrivateTicketsPlugin defect 0.12 new 2012-08-04T23:36:58+02:00 2020-05-01T06:51:13+02:00 "This pluging has worked very fine for a long time. After addionally installing PrivateTicketsPlugin we face a {{{ RuntimeError: maximum recursion depth exceeded }}} The error occures trying to get the timeline or an report. Here is the python traceback from ""report"": {{{ Most recent call last: File ""/usr/lib/python2.5/site-packages/trac/web/main.py"", line 450, in _dispatch_request File ""/usr/lib/python2.5/site-packages/trac/web/main.py"", line 206, in dispatch File ""/usr/lib/python2.5/site-packages/trac/ticket/report.py"", line 105, in process_request File ""/usr/lib/python2.5/site-packages/trac/ticket/report.py"", line 441, in _render_view File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 527, in has_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 541, in _has_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 428, in check_permission File ""/usr/lib/python2.5/site-packages/sensitivetickets-0.11r1-py2.5.egg/sensitivetickets/sensitivetickets.py"", line 56, in check_permission Code fragment: sensitive = ticket['sensitive'] except ResourceNotFound: sensitive = 1 # Fail safe to prevent a race condition. if sensitive and int(sensitive): if 'SENSITIVE_VIEW' not in perm: return False # IPermissionRequestor methods def get_permission_actions(self): Local variables: Name Value action 'TICKET_VIEW' perm resource self username u'user' File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 527, in has_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 541, in _has_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 428, in check_permission File ""build/bdist.linux-i686/egg/privatetickets/policy.py"", line 34, in check_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 527, in has_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 541, in _has_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 428, in check_permission File ""/usr/lib/python2.5/site-packages/sensitivetickets-0.11r1-py2.5.egg/sensitivetickets/sensitivetickets.py"", line 56, in check_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 527, in has_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 541, in _has_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 428, in check_permission File ""build/bdist.linux-i686/egg/privatetickets/policy.py"", line 34, in check_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 527, in has_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 541, in _has_permission File ""/usr/lib/python2.5/site-packages/trac/perm.py"", line 428, in check_permission File ""/usr/lib/python2.5/site-packages/sensitivetickets-0.11r1-py2.5.egg/sensitivetickets/sensitivetickets.py"", line 56, in check_permission ... }}} The user has TRAC_ADMIN permission. Trying to change the order in the {{{ permission_policies = PrivateWikiSystem, PrivateTicketsPolicy, SensitiveTicketsPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy }}} had no effekt... I'm not shure where the problem is located. Disabling the !SensitivTicketsPolicy stops the deadlock. {{{ User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0 Trac: 0.11.6 Python: 2.5.2 (r252:60911, Jan 24 2010, 15:24:24) [GCC 4.3.2] setuptools: 0.6c11 SQLite: 3.5.9 pysqlite: 2.3.2 Genshi: 0.5.1 mod_python: 3.3.1 Pygments: 1.1.1 jQuery: 1.3.2 }}} " hjuergs@…