Perfect! It works. Thank you so much. On Tuesday, May 9, 2017 at 10:56:22 AM UTC+2, RjOllos wrote: > > > > On Tuesday, May 9, 2017 at 1:52:08 AM UTC-7, RjOllos wrote: >> >> >> >> On Tuesday, May 9, 2017 at 1:24:55 AM UTC-7, toto200891 wrote: >>> >>> Thank you for the modification. But I see that, it is affecting the >>> search filters. With the permission ticket_view_reported, one cannot search >>> for his tickets. In other words, if the user have to search for a >>> particular ticket, he could not do it, as the ticket filter doesn't seem to >>> be enabled. >>> >>> Regards, >>> >>> SF >>> >> >> Yes, good point. Revoking TICKET_VIEW prevents the search filter from >> displaying. Instead, we could keep TICKET_VIEW for all users, and deny the >> action if the users doesn't possess TICKET_VIEW_REPORTED and the user isn't >> the ticket reporter. I've also considered that the most common case would >> be to allow users with TICKET_ADMIN to view all tickets. Please try the >> following: >> >> >> # -*- coding: utf-8 -*- >> # >> # Copyright (C) 2017 Edgewall Software >> # All rights reserved. >> # >> # This software is licensed as described in the file COPYING, which >> # you should have received as part of this distribution. The terms >> # are also available at http://trac.edgewall.org/wiki/TracLicense. >> # >> # This software consists of voluntary contributions made by many >> # individuals. For the exact contribution history, see the revision >> # history and logs, available at http://trac.edgewall.org/log/. >> >> from trac.core import * >> from trac.perm import IPermissionPolicy, IPermissionRequestor >> from trac.resource import ResourceNotFound >> from trac.ticket.model import Ticket >> >> >> class SupportDeskPolicy(Component): >> """Provides a permission for restricting ticket actions to the >> ticket owner. >> """ >> >> implements(IPermissionPolicy, IPermissionRequestor) >> >> # IPermissionRequestor methods >> >> def get_permission_actions(self): >> return ['TICKET_VIEW_REPORTED'] >> >> # IPermissionPolicy methods >> >> def check_permission(self, action, username, resource, perm): >> if action == 'TICKET_VIEW' and \ >> resource is not None and \ >> resource.realm == 'ticket' and \ >> resource.id is not None and \ >> 'TICKET_ADMIN' not in perm: >> if 'TICKET_VIEW_REPORTED' in perm: >> try: >> ticket = Ticket(self.env, resource.id) >> except ResourceNotFound: >> pass >> else: >> return ticket['reporter'] == username >> else: >> return False >> >> >> >> [End of Message] >> > > > To be more clear, please grant both TICKET_VIEW and TICKET_VIEW_REPORTED > to all users which you would like to see the ticket's they reported. > > I considered another variation. Perhaps you wish users with > TICKET_VIEW_REPORTED and TICKET_VIEW to see only the tickets they reported. > However, you may also with that a user with only TICKET_VIEW (and not > TICKET_VIEW_REPORTED) can see all tickets. In that case we can change the > policy to only grant/deny for users that have TICKET_VIEW_REPORTED by > removing the last else clause: > > # -*- coding: utf-8 -*- > # > # Copyright (C) 2017 Edgewall Software > # All rights reserved. > # > # This software is licensed as described in the file COPYING, which > # you should have received as part of this distribution. The terms > # are also available at http://trac.edgewall.org/wiki/TracLicense. > # > # This software consists of voluntary contributions made by many > # individuals. For the exact contribution history, see the revision > # history and logs, available at http://trac.edgewall.org/log/. > > from trac.core import * > from trac.perm import IPermissionPolicy, IPermissionRequestor > from trac.resource import ResourceNotFound > from trac.ticket.model import Ticket > > > class SupportDeskPolicy(Component): > """Provides a permission for restricting ticket actions to the > ticket owner. > """ > > implements(IPermissionPolicy, IPermissionRequestor) > > # IPermissionRequestor methods > > def get_permission_actions(self): > return ['TICKET_VIEW_REPORTED'] > > # IPermissionPolicy methods > > def check_permission(self, action, username, resource, perm): > if action == 'TICKET_VIEW' and \ > resource is not None and \ > resource.realm == 'ticket' and \ > resource.id is not None and \ > 'TICKET_ADMIN' not in perm: > if 'TICKET_VIEW_REPORTED' in perm: > try: > ticket = Ticket(self.env, resource.id) > except ResourceNotFound: > pass > else: > return ticket['reporter'] == username > > > - Ryan >
-- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
