Version 4 (modified by Mitar, 9 years ago) (diff)


Component permissions plugin


This plugin provides permissions based on ticket components. For example, having a component foobar it will provide permission COMPONENT_FOOBAR_VIEW. If configured field is checked than this permission is required to access the ticket with this component.

After installation you have to configure which field it checks to enable component permission checking:

ticket_field_name = privacy
allow_reporter = false
allow_owner = false
allow_cc = false
allow_cc_email = false

For example, this can be such custom ticket field:

privacy = checkbox
privacy.label = Privacy sensitive
privacy.value = 0

You should also add the component somewhere near the beginning of the permission_policies list:

permission_policies = ComponentPermissionsPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy

There is also a special permission COMPONENT_VIEW which gives the user (or group) permission to see any ticket otherwise limited by component permissions.

If you want to allow ticket reporter, owner or users in CC list to have access to the ticket regardless of component permissions, you can set allow_reporter, allow_owner, and allow_cc to true, respectively. You can also use allow_cc_email to specify user's by their e-mail address (even if such user does not yet exist), but be careful, make sure users' e-mails are verified and that they cannot be freely changed to arbitrary values.

Bugs/Feature Requests

Please use Bitbucket for any issues you have with ComponentPermissionsPlugin.


Download the zipped source from here.


You can clone ComponentPermissionsPlugin from here using Mercurial, or browse the source on Bitbucket.


Please follow documentation on how to install Trac's plugins.


Author: mitar
Maintainer: mitar