TRAC + strict permissions

17/02/2012 admin News, TRAC, 0

Once PM ask me to configure strict access to a project in TRAC for user.
He can have access only for “New ticket” and view only own tickets.

Firstly, I have created the user account and add him to the special group.

I assigned the next permissions for this group:

MILESTONE_VIEW

REPORT_VIEW

TICKET_APPEND

TICKET_CHGPROP

TICKET_CREATE

TICKET_EDIT_CC

TICKET_EDIT_DESCRIPTION

TICKET_MODIFY

TICKET_VIEW

Result:
part of trac.ini (11.5)

[authz_policy]
authz_file = c:apachetracprojectsifstconfauthzpolicy.conf                #pick file with policy

[components]
authz_policy.* = enabled      #turning on policy

[mainnav]
tickets.href = /report/7        #set navigation button “View tickets” to report “My tickets” by default

authzpolicy.conf

[wiki:Documents]
admin1 = WIKI_ADMIN
admin2 = WIKI_ADMIN
* = “”

[milestone:Test]
user = MILESTONE_VIEW

[milestone:*]
user = “”

[report:7]
user = REPORT_VIEW

[report:*]
user = “”

But … I found some issues with permissions and understood that this way incorrect.

I looked up again and found this: http://trac-hacks.org/wiki/PrivateTicketsPlugin

So, my trac.ini became:

[components]
privatetickets.* = enabled

[mainnav]
tickets.href = /report/6

[trac]
permission_policies = PrivateTicketsPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy

[privatetickets]
group_blacklist =

And I added the permission: TICKET_VIEW_REPORTER (it turn up after installing the plugin) for group.

Office 2010 Guru – прошел тест для просто так Exchange 2010 + export single mailbox

You must be logged in to post a comment.

TRAC + strict permissions

Leave a Reply

Recent Posts

Categories

Meta