Changes between Version 14 and Version 15 of TracPermissions


Ignore:
Timestamp:
15/06/2020 17:18:32 (4 years ago)
Author:
trac
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • TracPermissions

    v14 v15  
    66Permissions are managed using the [TracAdmin trac-admin] tool or the ''General / Permissions'' panel in the ''Admin'' tab of the web interface.
    77
    8 In addition to the default permission policy described in this page, it is possible to activate additional permission policies by enabling plugins and listing them in [TracIni#trac-permission_policies-option "[trac] permission_policies"]. See TracFineGrainedPermissions for more details.
     8In addition to the default permission policy described in this page, it is possible to activate additional permission policies by enabling [TracPlugins plugins] and listing them in [TracIni#trac-permission_policies-option "[trac] permission_policies"]. See TracFineGrainedPermissions for more details.
    99
    1010Non-authenticated users accessing the system are assigned the name //anonymous//. Assign permissions to the //anonymous// user to set privileges for anonymous/guest users. The parts of Trac that a user does not have privilege for will not be displayed in the navigation.
     
    1313== Graphical Admin Tab
    1414
    15 To access this tab, a user must have one of the following permissions: `TRAC_ADMIN`, `PERMISSION_ADMIN`, `PERMISSION_GRANT`, `PERMISSION_REVOKE`. The permissions can be granted using the `trac-admin` command (more on `trac-admin` below):
     15To access this tab, a user must have one of the following permissions: `TRAC_ADMIN`, `PERMISSION_ADMIN`, `PERMISSION_GRANT`, `PERMISSION_REVOKE`. The permissions can be granted using the `trac-admin` command with a more detailed description [#GrantingPrivileges below]:
    1616{{{#!sh
    1717$ trac-admin /path/to/projenv permission add bob TRAC_ADMIN
     
    3030== Available Privileges
    3131
    32 To enable all privileges for a user, use the `TRAC_ADMIN` permission. Having `TRAC_ADMIN` is like being `root` on a *NIX system: it will allow you to perform any operation.
    33 
    34 Otherwise, individual privileges can be assigned to users for the various different functional areas of Trac ('''note that the privilege names are case-sensitive'''):
     32To enable all privileges for a user, use the `TRAC_ADMIN` permission. This permission is like being `root` on a *NIX system: it will allow you to perform any operation.
     33
     34Otherwise, individual privileges can be assigned to users for the different functional areas of Trac and '''note that the privilege names are uppercase''':
    3535
    3636=== Repository Browser
     
    5252|| `TICKET_EDIT_COMMENT` || Modify another user's comments. Any user can modify their own comments by default. ||
    5353|| `TICKET_BATCH_MODIFY` || [TracBatchModify Batch modify] tickets ||
    54 || `TICKET_ADMIN` || All `TICKET_*` permissions, deletion of ticket attachments and modification of the reporter field, which grants ability to create a ticket on behalf of another user (it will appear that another user created the ticket). It also allows managing ticket properties through the web administration module. ||
     54|| `TICKET_ADMIN` || All `TICKET_*` permissions, deletion of ticket attachments and modification of the reporter field, which grants ability to create a ticket on behalf of another user and it will appear that another user created the ticket. It also allows managing ticket properties through the web administration module. ||
    5555
    5656=== Roadmap
     
    123123Any user who has logged in is also in the //authenticated// group.
    124124The //authenticated// group inherits permissions from the //anonymous// group.
    125 For example, if the //anonymous// group has permission WIKI_MODIFY,
    126 it is not necessary to add the WIKI_MODIFY permission to the //authenticated// group as well.
     125For example, if the //anonymous// group has permission WIKI_MODIFY, it is not necessary to add the WIKI_MODIFY permission to the //authenticated// group as well.
    127126
    128127Custom groups may be defined that inherit permissions from the two built-in groups.
     
    142141Permission groups can be created by assigning a user to a group you wish to create, then assign permissions to that group.
    143142
    144 The following will add ''bob'' to the new group called ''beta_testers'' and then will assign WIKI_ADMIN permissions to that group. (Thus, ''bob'' will inherit the WIKI_ADMIN permission)
     143The following will add ''bob'' to the new group called ''beta_testers'' and then will assign `WIKI_ADMIN` permissions to that group. Thus, ''bob'' will inherit the `WIKI_ADMIN` permission.
    145144{{{#!sh
    146145$ trac-admin /path/to/projenv permission add bob beta_testers
     
    150149== Removing Permissions
    151150
    152 Permissions can be removed using the 'remove' command. For example:
     151Permissions can be removed using the 'remove' command.
    153152
    154153This command will prevent the user ''bob'' from deleting reports: