[Patch] Allow user management without having TRAC_ADMIN permission

[Sergio Talens-Oliag]

I want to let the project managers to manage users, but I don't want them to have TRAC_ADMIN permission.

To be able to do that I've patched your plugin to add a USERS_ADMIN permission that lets them to manage users and notifications but nothing else (i. e. they can't change the module configuration nor change file paths, authentication methods, etc.)

I'm attaching a patch that applies cleanly to a checkout of the revision 8942 of:

​http://trac-hacks.org/svn/accountmanagerplugin/trunk

I haven't tested it much but seems to do what I want.

[Sergio Talens-Oliag]

patch against current trunk

[Sergio Talens-Oliag]

I've been lookig at open tickets against AccountManagerPlugin and updated the patch to implement the permissions of ticket #1902 (ACCOUNTMANAGER_CONFIG and and ACCOUNTMANAGER_USERS).

Using the new patch you could close the following tickets: #1902, #2196, #3726, #5830 and #7700 (obviously).

[Sergio Talens-Oliag]

Patch redone using ticket #1902 permission names

[Steffen Hoffmann]

Nice, but without allowing the current maintainer to get noticed of it, you'll not see much progress.

Let's raise priority, since this is able to close some more tickets as advised in previous comment.

[Steffen Hoffmann]

Got maintainership, so I'll try to take care now on my own.

I like the idea in general, but would like to introduce a slightly different view on permissions. I think it is reasonable to assume, that responsibility for notification settings could be bundled with basic settings in one application and with user administration in another one. To allow for this we'll need not 2 but 3 different permissions. OTOH denying user administration, if someone got power to fiddle with the authentication backend is odd would be kind of notification admin on it's own. We should have a permission cascade with inheritance intuitively guessable like this:

• ACCTMGR_USER_ADMIN just to manage user accounts alone (users)
• ACCTMGR_CHG_NOTIFY has notification settings (notification) in addition to user management
• ACCTMGR_ADMIN inherits all including basic settings (config)
• TRAC_ADMIN of course inherits everything as usual

[Steffen Hoffmann]

(In [9280]) AccountManagerPlugin: Allow acctmgr administration for non-TRAC_ADMINs, closes #3726 and #7700.

With dedicated AccountManagerPlugin permissions now you could not only delegate AccountManager administration to users without granting them TRAC_ADMIN, but even differentiate access policy within these settings (closes #1902 as well):

• ACCTMGR_CONFIG_ADMIN - for /config and /notification
• ACCTMGR_USER_ADMIN - for /users
• ACCTMGR_ADMIN - inheriting all without requiring TRAC_ADMIN

[Steffen Hoffmann]

(In [11927]) AccountManagerPlugin: Consolidate plugin permissions, refs #7700.

Central definition in the AccountManager module is not only more straight-forward, now actions are guaranteed to exist even with admin panels disabled.

As a side-effect this fixes irritating ACCTMGR_USER_ADMIN duplicate entries in the permission select box as seen i.e. in Trac 0.11.

Added unit test to ensure this works expectedly, and added a more intuitive inheritance of EMAIL_VIEW by ACCTMGR_USER_ADMIN too, that was missing because of wrong syntax in AccountManagerAdminPanels.get_permission_actions before.

[Steffen Hoffmann]

(In [12134]) AccountManagerPlugin: Add acct_mgr/tests/api.py that I forgot in [11927], refs #7700.