#948: [patch] Add more control over attachments for the average user
--------------------------------------+-------------------------------------
 Reporter:  [EMAIL PROTECTED]  |        Owner:  cboos   
     Type:  enhancement               |       Status:  reopened
 Priority:  normal                    |    Milestone:  0.9     
Component:  general                   |      Version:  devel   
 Severity:  normal                    |   Resolution:          
 Keywords:  attachment                |  
--------------------------------------+-------------------------------------
Changes (by Max ):

  * status:  closed => reopened
  * resolution:  fixed =>

Comment:

 I second the opinion of anonymous, to wit:

 \\\\\\\\\\\\\\\

 I would suggest that the user be able to do what the trac project
 administrator determines that the user can do. This would probably mean
 that the trac program would need to implement a range of permissions for
 giving finer grained control of file attachment permissions to the trac
 administrator. For instance the trac administrator may determine that a
 user can delete all file attachments, or the user may just be able to
 delete his own file attachments. Point is that it should be up to the
 administrator to determine the permissions and not the program. I think
 that well thought out file attachment permissions will make the system
 much more robust. Just my opinion.

 \\\\\\\\\\\\\\\\\

 I do not want to grant all of my dev users the WIKI_DELETE permission that
 would allow them to delete all attachments (and other wiki elements); it's
 too powerful. Nor do I want them coming to me or one of the other admins
 if they replace their attachment with a newer version and then want to get
 rid of the deprecated attachment from the attachment list. It is an
 occasional nuisance, true; but why should the development team be beholden
 to me for so trivial an alteration as removing an attachment that they
 themselves added, if I think them trustworthy enough not to sabotage their
 own wiki entries by deleting all their attachments in a fit of pique?

 Could this not be solved by adding the appropriate code and adding the
 permission type WIKI_ATTACHMENT_DELETE?

-- 
Ticket URL: <http://projects.edgewall.com/trac/ticket/948>
The Trac Project <http://trac.edgewall.com/>
_______________________________________________
Trac-Tickets mailing list
[email protected]
http://lists.edgewall.com/mailman/listinfo/trac-tickets

Reply via email to