Adds ticket security policy based on component

Description

This plugin was heavily inspired by cboos' vulnerability tickets policy plugin.

The authz policy mechanism provides fine-grained permissions for wiki pages. This plugin attempts to provide fine-grained permissions for tickets segmented by component. Specifically, unless a user has SECURE_TICKET_VIEW permissions, they will only be able to see tickets of public components.

Bugs/Feature Requests

Existing bugs and feature requests for SecureTicketsPlugin are here.

If you have any issues, create a new ticket.

Download

Download the zipped source from here.

Source

You can check out SecureTicketsPlugin from here using Subversion, or browse the source with Trac.

Example

An example is if you have a customer account team that creates and needs full access to tickets with a 'customer' component but should not have access to any other tickets. The trac.ini file would look like this:

[components]
securetickets.* = enabled

...

[securetickets]
public_components = customer

...

[trac]
permission_policies = SecureTicketsPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy

Recent Changes

[9700] by robguttman on 12/22/10 05:34:10

fixes edge case for viewing multirepo source browser

[9699] by robguttman on 12/21/10 22:49:48

initial checkin

[9698] by robguttman on 12/21/10 22:45:30

New hack SecureTicketsPlugin, created by robguttman

Author/Contributors

Author: robguttman
Maintainer: robguttman
Contributors: