Super Admin - John
Engineer Admin - Jane, Jack,
Engineer - Peter, Sam,
Quality Assurance - Bill, Steve, Rose
This is how our main daily routine goes,
* Enginner Admins can create tickets and assign it to any of the other member so they will work on it.
* Engineers don't actually create anything, but in some cases they will create.
* QA team tests the product and create new tickets for bugs...and they assign it to anyone they want.
So with basic features we have in Trac, this is all fine..But now, the time has come to limit these QA guys because it's not going easy anymore when they assign any one they want.
Instead, I want them to be able to assign only to Jane or Jack, who is in the Engineer Admin group. (If I add anyone to Eng. admin group in future, they should be able to assign him/her to too)
Then Jane or Jack will assign the ticket to the relevant Enginner who is in the Engineer Group.
How can I get this done?
I tried many ways like custom permission, workflows and so on..But had no luck so far. I hope somebody can help me soon.
Thanks in advance!!!!!!!
Previously discussed in:
http://stackoverflow.com/questions/26965933/trac-limited-assign-permissions/26970812#26970812
Please post your [extra-permissions] [components] and [ticket-workflow] sections from trac.ini
Am 18.11.2014 08:09 schrieb "NS" <nime...@gmail.com>:
>
> Guys, I want to know how can I limit few of my trac users, so that they will have limited permissions on ticket assigning?
>
> Basically, It's like this....We have 4 user groups as;
>
> Super Admin - John
> Engineer Admin - Jane, Jack,
> Engineer - Peter, Sam,
> Quality Assurance - Bill, Steve, Rose
Have a look at http://trac-hacks.org/wiki/GroupingAssignToPlugin
I wrote that, and use it in production, for trac 0.11.6, but maybe you are lucky and it will work with newer versions.
best regards
Patrick
The assign-to select element contains just two users: Jack and Jane. When additional users are added to the Engineer Admin group in the future the qa_reassign.set_owner list in the [ticket-workflow] section will need to be edited to add those users. This would all be a bit nicer if a group could be specified for qa_reassign.set_owner, but Trac doesn't allow that yet.
Am 18.11.2014 22:23 schrieb "RjOllos" <rjo...@gmail.com>:
>
> Proposed change to allow groups to be specified in the `set_owner` attribute in #11839:
> http://trac.edgewall.org/ticket/11839
Yeah! :)
One question after looking at that change: is it established convention now that everything starting with an uppercase letter, is a permission, and everything else is not? In other words, permission "groups" might NOT start with an uppercase letter?
In our deployment, we use the convention
* usernames are all lower case
* Group_Names are mixed case
* PER_MISSIONS are ALL uppercase
which would clash a bit with the scheme as you implemented it. No big deal, should we ever get around to upgrading to a current trac version we could easily change our scheme. Just saying.
best regards
Patrick
> In our deployment, we use the convention
> * usernames are all lower case
> * Group_Names are mixed case
> * PER_MISSIONS are ALL uppercase
Had a look at what I actually did in GroupingAssignToPlugin three years ago. It is:
* anything all-lowercase is conidered a username, and not recursively checked
* anything else is recursively resolved
So, I could, in addition to the Group_Names I actually use, also put some PER_MISSIONS into the workflow step .owner_group setting, like .owner_group = TICKET_MODIFY, and have it populate the box with all users having that permission.
Again, just noting the differences to your implementation - you are infinitely better suited to judge what's the "tracky" way of doing it :)
best regards
Patrick
> In our deployment, we use the convention
> * usernames are all lower case
> * Group_Names are mixed case
> * PER_MISSIONS are ALL uppercaseHad a look at what I actually did in GroupingAssignToPlugin three years ago. It is:
* anything all-lowercase is conidered a username, and not recursively checked
* anything else is recursively resolvedSo, I could, in addition to the Group_Names I actually use, also put some PER_MISSIONS into the workflow step .owner_group setting, like .owner_group = TICKET_MODIFY, and have it populate the box with all users having that permission.
Again, just noting the differences to your implementation - you are infinitely better suited to judge what's the "tracky" way of doing it :)
best regards
Patrick
Am 19.11.2014 07:39 schrieb "RjOllos" <rjo...@gmail.com>:
>
> The "if not perm[1].isupper()" condition in in the list comprehension for all_groups says that any permission that is not all uppercase is a group name.
My python reading comprehension is obviously lacking. Thanks for the clarification.
best regards
Patrick
On Tuesday, November 18, 2014 10:34:58 PM UTC-8, Patrick Schaaf wrote:> In our deployment, we use the convention
> * usernames are all lower case
> * Group_Names are mixed case
> * PER_MISSIONS are ALL uppercaseHad a look at what I actually did in GroupingAssignToPlugin three years ago. It is:
* anything all-lowercase is conidered a username, and not recursively checked
* anything else is recursively resolvedSo, I could, in addition to the Group_Names I actually use, also put some PER_MISSIONS into the workflow step .owner_group setting, like .owner_group = TICKET_MODIFY, and have it populate the box with all users having that permission.
This could be a good feature to support. If we don't implement the ability to put a permission in the set_owner field then you'd have to make sure that all users with TICKET_MODIFY share a group or set or groups that each have the TICKET_MODIFY permission. This could be extremely simple or very complicated depending on the data in your permissions table.