Skip to main content

Modified ticket security for Trac.

Project description

Notes

Allow users to only see tickets they are associated with.

There are three main permissions for this plugin: TICKET_VIEW_REPORTER, TICKET_VIEW_CC, and TICKET_VIEW_OWNER. TICKET_VIEW_SELF is an alias for all three of these.

With each permission, users will only be able to see tickets where they are the person mentioned in the permission. So if a user has TICKET_VIEW_REPORTER, they can only see tickets they reported. For TICKET_VIEW_CC, they just have to be included in the CC list.

There are also group-based permissions: TICKET_VIEW_REPORTER_GROUP, TICKET_VIEW_CC_GROUP, and TICKET_VIEW_OWNER_GROUP. These work in a similar way to their non-group counterparts, except that you are granted access if you share a group with the target user. For example, if ticket 1 was reported by Allan, and Allan and Bob are both in the group company_foo, and Bob has TICKET_VIEW_REPORTER_GROUP, then Bob will be able to see ticket 1 since he shares a group with the reporter. Each group-based permission is also an alias for the normal one, so you do not have to grant both. TICKET_VIEW_GROUP is an alias for all the group-based permissions (and therefore all the normal ones as well).

These extra permissions can only deny access, not allow it. This means the user must still have TICKET_VIEW granted as normal.

Finally, users with TRAC_ADMIN will not be restricted by this plugin. The meta-user “anonymous” also cannot be restricted by this plugin, as their identity isn’t known to be checked. Be sure to not grant TICKET_VIEW to anonymous, or unauthenticated users will be able to see all tickets.

Configuration

All configuration options go in the [privatetickets] section.

group_blacklist

Groups to ignore for the purposes of the *_GROUP permissions.

Defaults to “anonymous, authenticated

You must also add PrivateTicketsPolicy to your permission_policies setting in trac.ini. It must be before the DefaultPermissionPolicy. See below for an example if you don’t have any other policies.

Example

An example configuration:

[privatetickets]
group_blacklist = anonymous, authenticated, labusers

[components]
privatetickets.* = enabled

[trac]
permission_policies = PrivateTicketsPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

TracPrivateTickets-2.3.0.tar.gz (5.9 kB view details)

Uploaded Source

Built Distribution

TracPrivateTickets-2.3.0-py2-none-any.whl (4.4 kB view details)

Uploaded Python 2

File details

Details for the file TracPrivateTickets-2.3.0.tar.gz.

File metadata

  • Download URL: TracPrivateTickets-2.3.0.tar.gz
  • Upload date:
  • Size: 5.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.19.1 setuptools/40.0.0 requests-toolbelt/0.8.0 tqdm/4.24.0 CPython/2.7.15

File hashes

Hashes for TracPrivateTickets-2.3.0.tar.gz
Algorithm Hash digest
SHA256 6ab51573ccafa937b5c9f80c9fa152483d20173823779b6ffc88c0efed7c4a86
MD5 22627578607b9ab6630e39960e63cf5e
BLAKE2b-256 bfdaaa5552e0869e3b93d09d85fd2f6f3600ebc74563a5fc74a3d9ca3547dbb3

See more details on using hashes here.

Provenance

File details

Details for the file TracPrivateTickets-2.3.0-py2-none-any.whl.

File metadata

  • Download URL: TracPrivateTickets-2.3.0-py2-none-any.whl
  • Upload date:
  • Size: 4.4 kB
  • Tags: Python 2
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.19.1 setuptools/40.0.0 requests-toolbelt/0.8.0 tqdm/4.24.0 CPython/2.7.15

File hashes

Hashes for TracPrivateTickets-2.3.0-py2-none-any.whl
Algorithm Hash digest
SHA256 12eba51fc5ebbf7794ea3dd52bc5e438ba79b4236e8b4df48dae6b025498c915
MD5 2f50d326ca79798a2c39fb3d7360f488
BLAKE2b-256 9c132c15d7c7cda09864973c9b50527748fb9e4d4d25e7209847a2c3a7e0be6b

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page