Changes between Version 11 and Version 12 of ComponentPermissionsPlugin
- Timestamp:
- Feb 5, 2016, 8:47:21 PM (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
ComponentPermissionsPlugin
v11 v12 5 5 == Description 6 6 7 This plugin provides permissions based on ticket components. For example, having a component `foobar` it will provide permission `COMPONENT_FOOBAR_VIEW` which is then required to access the ticket with this component.7 This plugin provides permissions based on ticket components. For example, having a component `foobar` it will provide permission `COMPONENT_FOOBAR_VIEW`, which is then required to access the ticket with this component. 8 8 9 9 == Bugs/Feature Requests … … 25 25 }}} 26 26 27 For more information, please follow [ http://trac.edgewall.org/wiki/TracPlugins#InstallingaTracPlugin documentation] on how to install Trac'splugins.27 For more information, please follow [t:wiki:TracPlugins#InstallingaTracPlugin documentation] on how to install Trac plugins. 28 28 29 29 == Configuration … … 31 31 After installation you have to configure which field it checks to enable component permission checking: 32 32 33 {{{ 34 #!ini 33 {{{#!ini 35 34 [component-permissions] 36 35 allow_reporter = false … … 43 42 You should also add the component near the beginning of the `permission_policies` list: 44 43 45 {{{ 46 #!ini 44 {{{#!ini 47 45 permission_policies = ComponentPermissionsPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy 48 46 }}} … … 50 48 Additionally, you can require component permission only when a configured ticket field is checked. For example, this can be such custom ticket field: 51 49 52 {{{ 53 #!ini 50 {{{#!ini 54 51 [ticket-custom] 55 52 privacy = checkbox … … 60 57 And you configure this plugin to use it: 61 58 62 {{{ 63 #!ini 59 {{{#!ini 64 60 [component-permissions] 65 61 ticket_field_name = privacy 66 62 }}} 67 63 68 This will require component permission only when t icket is marked as privacy sensitive.64 This will require component permission only when the ticket is marked as privacy sensitive. 69 65 70 66 If you want only some components to have limited access, simply assign other components' permissions to the anonymous user. … … 72 68 There is also a special permission `COMPONENT_VIEW` which gives the user (or group) permission to see any ticket otherwise limited by component permissions. 73 69 74 If you want to allow ticket reporter, owner or users in CC list to have access to the ticket regardless of component permissions, you can set `allow_reporter`, `allow_owner`, and `allow_cc` to `true`, respectively. You can also use `allow_cc_email` to specify user's by their e-mail address (even if such user does not yet exist) , but be careful, make sure users' e-mails are verified and that they cannot be freely changed to arbitrary values.70 If you want to allow ticket reporter, owner or users in CC list to have access to the ticket regardless of component permissions, you can set `allow_reporter`, `allow_owner`, and `allow_cc` to `true`, respectively. You can also use `allow_cc_email` to specify user's by their e-mail address (even if such user does not yet exist). However be careful: make sure users' email addresses are verified and that they cannot be freely changed to arbitrary values. 75 71 76 72 Setting `hide_components` to `true` will hide components from ticket and other forms if user does not have permission for them. Works if not using a custom field.