non ticket owner can still have ticket action

[anonymous]

Good to find this plugin. But not ticket owner still permit for ticket actions. My trac.ini: [virtualticketpermissions] group_blacklist = anonymous, authenticated

[components] virtualticketpermissions.* = enabled

[trac] permission_policies = DefaultPermissionPolicy, LegacyAttachmentPolicy, VirtualTicketPermissionsPolicy

[ticket-workflow] accept = new,reopened -> working accept.operations = set_owner_to_self accept.permissions = TICKET_IS_OWNER assign = new -> new assign.operations = set_owner assign.permissions = TICKET_IS_OWNER

User: op, tester has TICKET_IS_OWNER_GROUP permission. op and tester are belong to different groups. Ticket 1 is created and owned by op. But tester can still accept, assign ticket 1. As my mean tester should not permit to own ticket 1 any actions because it is not ticket 1 owner. What's wrong now?

[anonymous]

Trac system info: Trac: 0.11.6 Python: 2.4.3 (#1, Jan 21 2009, 01:10:13) [GCC 4.1.2 20071124 (Red Hat 4.1.2-42)] SQLite: 3.3.6 Genshi: 0.5.1 mod_python: 3.2.8

virtualticketpermissions.* enabled virtualticketpermissions.policy.* enabled virtualticketpermissions.policy.virtualticketpermissionspolicy enabled

[Norman Rasmussen]

did you reload apache to load the new config? did you make sure to remove TICKET_ADMIN and other privileges from tester?

[anonymous]

Apache is already loaded again. tester is belong to testers group which has ticket_modify and ticket_view privileges. But I was confused why I should remove these privileges from testers group.

[anonymous]

I hope that only ticket owner has actions. Although others has ticket privileges they can do nothing if not owner.

[anonymous]

Do not need to add TICKET_IS_OWNER permission to users. After removing TICKET_IS_OWNER_GROUP permission from users all works fine.

[Norman Rasmussen]

Ahh right, yes the user *must* not be granted these permissions via the standard permissions database, because the plugin adds them dynamically as required. Glad you figured it out.