Opened 7 years ago

[PATCH] configurable group_whitelist, systematic negation operation, mixed-case group names

Reported by: Owned by: Patrick Schaaf Ryan J Ollos normal VirtualTicketPermissionsPlugin normal 0.11

Description

This ticket provides an enhancement patch covering the following bullet points:

• in addition to the group_blacklist, in section [virtualticketpermissions], you can also write a group_whitelist setting.
• only groups on the whitelist will be considered for the TICKET_IS_..._GROUP permissions
• the blacklist, if also configured, still works
• both whitelist and blacklist entries can be regular expressions (each list will be regex-compiled once on component init for performance)
• group names can be mixed-case in addition to the already supported all-lower-case; only complete-upper-case stuff, i.e. PERMISSIONS_PROPER, are excluded
• for all of the TICKET_IS_XXX permissions provided by the module, there is now a corresponding TICKET_IS_NOT_XXX negating the test. This permits writing mutually exclusive workflow steps, like this:
reassign = assigned,accepted,started -> assigned
reassign.operations = set_owner
reassign.permissions = TICKET_IS_OWNER_GROUP

takeover = assigned,accepted,started -> assigned
takeover.operations = set_owner_to_self
takeover.permissions = TICKET_IS_NOT_OWNER_GROUP
OUP

A single user will either see reassign (when they share a group with the current owner), or takeover, but never both (unless they are TRAC_ADMIN, which seems to not call down to the plugin at all, unfortunately)

comment:1 Changed 6 years ago by Ryan J Ollos

I'm moving the attachments from the wiki page over to this ticket.

comment:2 Changed 6 years ago by Ryan J Ollos

Owner: changed from Norman Rasmussen to Ryan J Ollos

This patch in whole or part will be committed soon. Here is the comment from the project wiki page that I removed when the attachments were removed:

Modifications

Modified policy.py (original : modified) to add new permission TICKET_IS_NOTOWNER. Can be used to fix Trac Ticket #5908 (action "accept" in a ticket visited by owner), for example:

accept.permissions = TICKET_IS_NOTOWNER


comment:3 Changed 6 years ago by Norman Rasmussen

btw, I'm pretty sure that negation-and-whitelist.patch obsoletes the policy patches, the policy patches could probably just be dropped.

comment:4 Changed 6 years ago by Andy Baker

Cc: Ryan J Ollos added; anonymous removed

Any news on the patch. The attachment seems to be empty.

comment:5 follow-up:  6 Changed 6 years ago by Patrick Schaaf

The attachment isn't empty when you download it. Don't know what of it confuses the previewer here...

If there are functional questions, I'd try to find some time to address them - earliest next week, as I'm busy right now with other work.

comment:6 in reply to:  5 Changed 6 years ago by Andy Baker

Cc: anonymous added; Ryan J Ollos removed

My apologies I didn't even think to try and download. As you say the previewer doesn't like it.

I don't imagine there'll be functional questions; I just didn't want to have to re-invent the wheel, but thanks anyway.

Modify Ticket

Change Properties