Context Navigation

Modify ↓

#4813 closed enhancement (wontfix)

Add an attachment ATTACHMENT_VIEW permission

Reported by:	villalba.martin@…	Owned by:	anybody
Priority:	normal	Component:	Request-a-Hack
Severity:	minor	Keywords:
Cc:		Trac Release:	0.11

Description

Trac is a great software for tech support (at least in my company). However, when customers fill a bug report in our system, they must attach a dump of their data. This dump is usually confidential, thus requiring some sort of restriction about who can view it. By adding some sort of "ATTACHMENT_VIEW" permission, a user could be allowed (or not) to see attachments. That way, developers would be given permission to view attachments, while users wouls be allowed only to upload them.

Attachments (0)

Change History (3)

comment:1 Changed 15 years ago by Ryan J Ollos

Owner:	changed from anybody to Ryan J Ollos
Status:	new → assigned
Summary:	Attachment download restriction → ATTACHMENT_VIEW permission

This feature would probably be most appropriately implemented in Trac core. I suggest opening a ticket on Edgewall. Following the existing permissions schema, the permission would be appropriately named ATTACHMENT_VIEW.

comment:2 Changed 14 years ago by Ryan J Ollos

Owner:	changed from Ryan J Ollos to anybody
Status:	assigned → new
Summary:	ATTACHMENT_VIEW permission → Add an attachment ATTACHMENT_VIEW permission

comment:3 Changed 8 years ago by Ryan J Ollos

Resolution:	→ wontfix
Status:	new → closed

Better suggestion: write a custom permission policy that checks the user and ticket attributes before deciding whether to deny ATTACHMENT_VIEW permission. Place the permission policy before LegacyAttachmentPolicy in the list of permission_policies. See resources listed in comment:2:ticket:6913 for details on writing a custom permission policy.

Last edited 8 years ago by Ryan J Ollos (previous) (diff)

Modify Ticket

Change Properties

Summary:
Type:	Priority:
Component:	Severity:
Keywords:	Cc:	Set your email in Preferences
Trac Release:

Action

leave as closed The owner will remain anybody.

reopen The resolution will be deleted. Next status will be 'reopened'.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences.

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats: