Opened 7 years ago

Closed 7 years ago

# [Patch] Allow user management without having TRAC_ADMIN permission

Reported by: Owned by: Sergio Talens-Oliag Steffen Hoffmann high AccountManagerPlugin major permission separation John Hampton 0.12

### Description

I want to let the project managers to manage users, but I don't want them to have TRAC_ADMIN permission.

To be able to do that I've patched your plugin to add a USERS_ADMIN permission that lets them to manage users and notifications but nothing else (i. e. they can't change the module configuration nor change file paths, authentication methods, etc.)

I'm attaching a patch that applies cleanly to a checkout of the revision 8942 of:

I haven't tested it much but seems to do what I want.

### Changed 7 years ago by Sergio Talens-Oliag

patch against current trunk

### comment:1 Changed 7 years ago by Sergio Talens-Oliag

I've been lookig at open tickets against AccountManagerPlugin and updated the patch to implement the permissions of ticket #1902 (ACCOUNTMANAGER_CONFIG and and ACCOUNTMANAGER_USERS).

Using the new patch you could close the following tickets: #1902, #2196, #3726, #5830 and #7700 (obviously).

### Changed 7 years ago by Sergio Talens-Oliag

Patch redone using ticket #1902 permission names

### comment:2 Changed 7 years ago by Steffen Hoffmann

Cc: John Hampton added; anonymous removed permission separation added normal → high normal → major [Patch] Allow user management without having the TRAC_ADMIN permission → [Patch] Allow user management without having TRAC_ADMIN permission

Nice, but without allowing the current maintainer to get noticed of it, you'll not see much progress.

Let's raise priority, since this is able to close some more tickets as advised in previous comment.

### comment:3 Changed 7 years ago by Steffen Hoffmann

Owner: changed from Matt Good to Steffen Hoffmann

Got maintainership, so I'll try to take care now on my own.

I like the idea in general, but would like to introduce a slightly different view on permissions. I think it is reasonable to assume, that responsibility for notification settings could be bundled with basic settings in one application and with user administration in another one. To allow for this we'll need not 2 but 3 different permissions. OTOH denying user administration, if someone got power to fiddle with the authentication backend is odd would be kind of notification admin on it's own. We should have a permission cascade with inheritance intuitively guessable like this:

• ACCTMGR_USER_ADMIN just to manage user accounts alone (users)
• ACCTMGR_ADMIN inherits all including basic settings (config)
• TRAC_ADMIN of course inherits everything as usual

### comment:4 Changed 7 years ago by Steffen Hoffmann

Resolution: → fixed new → closed

(In [9280]) AccountManagerPlugin: Allow acctmgr administration for non-TRAC_ADMINs, closes #3726 and #7700.

With dedicated AccountManagerPlugin permissions now you could not only delegate AccountManager administration to users without granting them TRAC_ADMIN, but even differentiate access policy within these settings (closes #1902 as well):

• ACCTMGR_CONFIG_ADMIN - for /config and /notification
• ACCTMGR_USER_ADMIN - for /users
• ACCTMGR_ADMIN - inheriting all without requiring TRAC_ADMIN

### comment:5 Changed 5 years ago by Steffen Hoffmann

(In [11927]) AccountManagerPlugin: Consolidate plugin permissions, refs #7700.

Central definition in the AccountManager module is not only more straight-forward, now actions are guaranteed to exist even with admin panels disabled.

As a side-effect this fixes irritating ACCTMGR_USER_ADMIN duplicate entries in the permission select box as seen i.e. in Trac 0.11.

Added unit test to ensure this works expectedly, and added a more intuitive inheritance of EMAIL_VIEW by ACCTMGR_USER_ADMIN too, that was missing because of wrong syntax in AccountManagerAdminPanels.get_permission_actions before.

### comment:6 Changed 5 years ago by Steffen Hoffmann

(In [12134]) AccountManagerPlugin: Add acct_mgr/tests/api.py that I forgot in [11927], refs #7700.

### Modify Ticket

Change Properties
Action
as closed The owner will remain Steffen Hoffmann.
The resolution will be deleted.