[[PageOutline(2-5,Contents,pullout)]]

= Restrict access rights for tickets based on user's group

== Description

This plugin restricts the user's access rights for tickets depending on the group the user belongs to. This plugin was modified from the SensitiveTicketsPlugin.

For example, suppose there some users which have been assigned to 3 groups:

|| '''grpA''' || '''grpB''' || '''grpC''' ||
||  user1   ||  user1  ||  user4  ||
||  user2   ||  user3  ||  user5  ||


A user can belong to more than one group. In the ticket view, I have created an additional field to enter a comma delimited list of groups I should restrict access to the ticket. 

For example when creating a new ticket, I may decide that grpA and grpC should be restricted from viewing the ticket. In that case, just enter a comma delimited list of groups that require access to be restricted:

[[Image(create-ticket-view.png, border=2)]]

And then the ticket will be hidden from users in these 2 groups. 

In our example, only users from grpB (user1 and user3) are allowed to see the ticket. However, user1 has already been restricted due to him belonging to grpA, so in effect, only user3 has access to the ticket.

Note that if a user has `TRAC_ADMIN` permissions, then this user will be allowed full access, regardless of the restrictions imposed by the plugin.

== Bugs/Feature Requests 

Existing bugs and feature requests for TicketAccessPlugin are 
[report:9?COMPONENT=TicketAccessPlugin here].

If you have any issues, create a 
[/newticket?component=TicketAccessPlugin new ticket].

[[TicketQuery(component=TicketAccessPlugin&group=type,format=progress)]]

== Download

Download the zipped source from [https://sourceforge.net/projects/ticketaccess/files/ here].

== Source

You can browse TicketAccessPlugin from [svn://svn.code.sf.net/p/ticketaccess/code-0 here].

== Installation

After downloading and installing, you will need to enable it in the Trac admin page.
You will have to perform an upgrade of your Trac database:
{{{#!sh
trac-admin /instance_trac/ upgrade
}}}

Changes are also needed in the `trac.ini` file. Under the `trac` subsection, please add the permission policy '''!TicketAccessPolicy''' to the beginning of the permission_policies item:

{{{#!ini
[trac]
permission_policies = TicketAccessPolicy
...
}}}

Thereafter when you create a ticket, there will be a new textfield to key in the users you want to restrict from accessing the ticket.

== Author/Contributors

'''Author:''' [wiki:solarwind] [[BR]]
'''Maintainer:''' [[Maintainer]] [[BR]]
'''Contributors:'''