Opened 15 years ago
Closed 6 years ago
#4632 closed enhancement (fixed)
Hours permissions
| Reported by: | interstellar | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | TracHoursPlugin |
| Severity: | normal | Keywords: | |
| Cc: | interstellar, christer@… | Trac Release: | 0.11 |
Description
Implement permissions for TracHoursPlugin.
Permissions like HOURS_VIEW, HOURS_MANAGE, HOURS_ADMIN would be nice. And if a user has specific permissions, the hours navigation button would be visible or not.
Right now, if one (even anonymous) has a TICKET_VIEW permission, he can see all hours.
Attachments (2)
Change History (13)
comment:1 Changed 15 years ago by
Changed 15 years ago by
| Attachment: | workaround.patch added |
|---|
workaround - checks if user has TICKET_VIEW, else shows /hours - this checks for permissions
Changed 14 years ago by
| Attachment: | implement_HOURS_VIEW.diff added |
|---|
Implementation of HOURS_VIEW feature.
comment:3 follow-up: 4 Changed 14 years ago by
I've implemented the feature HOURS_VIEW. I've appended the patch (revision 8601, 0.11 branch).
Now user must have HOURS_VIEW to view /hours paths. Also, the mainnav tab doesn't show if user doesn't have HOURS_VIEW too.
Cheers
comment:4 follow-up: 5 Changed 14 years ago by
I've applied the patch, but now the Cross-project hours feature doesn't show any hours.
Did anybody experience the same thing?
Replying to Havok:
I've implemented the feature HOURS_VIEW. I've appended the patch (revision 8601, 0.11 branch).
Now user must have HOURS_VIEW to view /hours paths. Also, the mainnav tab doesn't show if user doesn't have HOURS_VIEW too.
Cheers
comment:5 follow-up: 6 Changed 14 years ago by
I'm not using the Multiproject feature, but the patch should not be a problem, since it only provide an extra permission layer that the user need to pass in order to access the Hours views. Sure you granted the HOURS_VIEW permission to users?
Cheers
Replying to interstellar:
I've applied the patch, but now the Cross-project hours feature doesn't show any hours.
Did anybody experience the same thing?
comment:6 Changed 14 years ago by
Sure, I added HOURS_VIEW permission to authenticated group.
When I reverted hours.py to a version before your patch - cross-project hours started working again.
Replying to Havok:
I'm not using the Multiproject feature, but the patch should not be a problem, since it only provide an extra permission layer that the user need to pass in order to access the Hours views. Sure you granted the HOURS_VIEW permission to users?
Cheers
Replying to interstellar:
I've applied the patch, but now the Cross-project hours feature doesn't show any hours.
Did anybody experience the same thing?
comment:8 Changed 13 years ago by
| Owner: | changed from Jeff Hammel to Ryan J Ollos |
|---|
Reassigning ticket to new maintainer.
comment:9 Changed 13 years ago by
| Cc: | christer@… added |
|---|
#8347 requests that anonymous users not be allowed to access the Hours page.
comment:10 Changed 8 years ago by
| Owner: | Ryan J Ollos deleted |
|---|
comment:11 Changed 6 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
/hours/<ticket-num>even if anonymous has NO rights at all.