Context Navigation

Modify ↓

#3097 closed enhancement (fixed)

Allowing user exceptions of private ticket restriction

Reported by:	kgabor@…	Owned by:	Noah Kantrowitz
Priority:	normal	Component:	PrivateTicketsPlugin
Severity:	normal	Keywords:
Cc:		Trac Release:	0.11

Description

Currently, if a user has none of the introduced new permissions (TICKET_VIEW_*) of PrivateTicketsPlugin, PrivateTicketsPlugin denies access and therefore user has permission denied whether it has the ordinary TICKET_VIEW or not. It would be better to simply do nothing by the plugin if no TICKET_VIEW_* permission present and so it would restore default permission checking for this particular user. In other words, missing of all extra permission would be an exceptional case similar to TRAC_ADMIN in policy.py.

Attachments (0)

Change History (1)

comment:1 Changed 16 years ago by Noah Kantrowitz

Resolution:	→ fixed
Status:	new → closed

(In [3751]) If user has none of the special permissions, fall-through to the next policy. Also enforce privatetickets permissions on any sub-resource (eg. attachments) of a ticket. (closes #3097)

Modify Ticket

Change Properties

Summary:
Type:	Priority:
Component:	Severity:
Keywords:	Cc:	Set your email in Preferences
Trac Release:

Action

leave as closed The owner will remain Noah Kantrowitz.

reopen The resolution will be deleted. Next status will be 'reopened'.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences.

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats: