Modify ↓
#11826 closed enhancement (fixed)
Add support for specific permission to manage custom fields
Reported by: | ahamelin | Owned by: | Ryan J Ollos |
---|---|---|---|
Priority: | normal | Component: | CustomFieldAdminPlugin |
Severity: | normal | Keywords: | |
Cc: | Trac Release: |
Description
I would find it useful to be able to use a distinct permission to manage custom ticket fields, like some other popular plugins do.
The issue I see right now is that managing custom fields require the full TICKET_ADMIN
permission. This approach has a couple of downsides, such as permitting a user to change the owner of a ticket, etc. which is not necessarily bound to managing ticket fields, and gives more power to certain group of users than it is minimally necessary.
A minimal implementation could only include CUSTOM_FIELDS_ADMIN
which would grant access to the Admin > Custom Fields admin panel. I would expect TICKET_ADMIN
to still give access to the custom fields admin panel.
Attachments (0)
Change History (3)
comment:1 Changed 11 years ago by
comment:3 Changed 10 years ago by
Owner: | changed from osimons to Ryan J Ollos |
---|
Note: See
TracTickets for help on using
tickets.
This is generally handled in Trac using TracFineGrainedPermissions. This is a very powerful feature that also help prevent the bloat of very specific permissions which may only apply to a narrow subset of users. Many TracFineGrainedPermissions policy issues in the admin realm have been fixed in Trac 1.0.2dev: trac:#11069.
I tested a permissions policy with Trac 1.0.1 and the latest CustomFieldAdminPlugin. The following patch is needed (which is very similar to the changes in trac:#11069):
customfieldadminplugin/0.11/customfieldadmin/admin.py
:.require('TICKET_ADMIN')osimons, would you kindly review?
After the patch is applied, the following policy would allow all users to access the Custom Fields page. This is probably not what you want, and is just meant as an example to get you started. See the TracFineGrainedPermissions for more details.