0374ebf
This is the Trac PrivateTicketsPlugin from http://trac-hacks.org/wiki/PrivateTicketsPlugin.
0374ebf
0374ebf
Please see the following README from the upstream 0.11 branch:
0374ebf
0374ebf
Allow users to only see tickets they are associated with.
0374ebf
0374ebf
There are three main permissions for this plugin: TICKET_VIEW_REPORTER, TICKET_VIEW_CC, and TICKET_VIEW_OWNER. TICKET_VIEW_SELF is an alias for all three of these.
0374ebf
0374ebf
With each permission, users will only be able to see tickets where they are the person mentioned in the permission. So if a user has TICKET_VIEW_REPORTER, they can only see tickets they reported. For TICKET_VIEW_CC, they just have to be included in the CC list.
0374ebf
0374ebf
There are also group-based permissions: TICKET_VIEW_REPORTER_GROUP, TICKET_VIEW_CC_GROUP, and TICKET_VIEW_OWNER_GROUP. These work in a similar way to their non-group counterparts, except that you are granted access if you share a group with the target user. For example, if ticket 1 was reported by Allan, and Allan and Bob are both in the group company_foo, and Bob has TICKET_VIEW_REPORTER_GROUP, then Bob will be able to see ticket 1 since he shares a group with the reporter. Each group-based permission is also an alias for the normal one, so you do not have to grant both. TICKET_VIEW_GROUP is an alias for all the group-based permissions (and therefore all the normal ones as well).
0374ebf
0374ebf
These extra permissions can only deny access, not allow it. This means the user must still have TICKET_VIEW granted as normal.
0374ebf
0374ebf
Finally, users with TRAC_ADMIN will not be restricted by this plugin. The meta-user "anonymous" also cannot be restricted by this plugin, as their identity isn't known to be checked. Be sure to not grant TICKET_VIEW to anonymous, or unauthenticated users will be able to see all tickets.
0374ebf
0374ebf
Configuration
0374ebf
0374ebf
All configuration options go in the [privatetickets] section.
0374ebf
0374ebf
group_blacklist
0374ebf
0374ebf
    Groups to ignore for the purposes of the *_GROUP permissions.
0374ebf
0374ebf
    Defaults to "anonymous, authenticated"
0374ebf
0374ebf
You must also add PrivateTicketsPolicy to your permission_policies setting in trac.ini. It must be before the DefaultPermissionPolicy. See below for an example if you don't have any other policies.
0374ebf
Example
0374ebf
0374ebf
An example configuration:
0374ebf
0374ebf
[privatetickets]
0374ebf
group_blacklist = anonymous, authenticated, labusers
0374ebf
0374ebf
[components]
0374ebf
privatetickets.* = enabled
0374ebf
0374ebf
[trac]
0374ebf
permission_policies = PrivateTicketsPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy
0374ebf
0374ebf