Changes between Version 13 and Version 14 of TracPermissions
- Timestamp:
- 15/06/2020 17:18:33 (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
TracPermissions
v13 v14 6 6 Permissions are managed using the [TracAdmin trac-admin] tool or the ''General / Permissions'' panel in the ''Admin'' tab of the web interface. 7 7 8 In addition to the default permission policy described in this page, it is possible to activate additional permission policies by enabling pluginsand listing them in [TracIni#trac-permission_policies-option "[trac] permission_policies"]. See TracFineGrainedPermissions for more details.8 In addition to the default permission policy described in this page, it is possible to activate additional permission policies by enabling [TracPlugins plugins] and listing them in [TracIni#trac-permission_policies-option "[trac] permission_policies"]. See TracFineGrainedPermissions for more details. 9 9 10 10 Non-authenticated users accessing the system are assigned the name //anonymous//. Assign permissions to the //anonymous// user to set privileges for anonymous/guest users. The parts of Trac that a user does not have privilege for will not be displayed in the navigation. … … 13 13 == Graphical Admin Tab 14 14 15 To access this tab, a user must have one of the following permissions: `TRAC_ADMIN`, `PERMISSION_ADMIN`, `PERMISSION_GRANT`, `PERMISSION_REVOKE`. The permissions can be granted using the `trac-admin` command (more on `trac-admin` below):15 To access this tab, a user must have one of the following permissions: `TRAC_ADMIN`, `PERMISSION_ADMIN`, `PERMISSION_GRANT`, `PERMISSION_REVOKE`. The permissions can be granted using the `trac-admin` command with a more detailed description [#GrantingPrivileges below]: 16 16 {{{#!sh 17 17 $ trac-admin /path/to/projenv permission add bob TRAC_ADMIN … … 30 30 == Available Privileges 31 31 32 To enable all privileges for a user, use the `TRAC_ADMIN` permission. Having `TRAC_ADMIN`is like being `root` on a *NIX system: it will allow you to perform any operation.33 34 Otherwise, individual privileges can be assigned to users for the various different functional areas of Trac ('''note that the privilege names are case-sensitive'''):32 To enable all privileges for a user, use the `TRAC_ADMIN` permission. This permission is like being `root` on a *NIX system: it will allow you to perform any operation. 33 34 Otherwise, individual privileges can be assigned to users for the different functional areas of Trac and '''note that the privilege names are uppercase''': 35 35 36 36 === Repository Browser … … 52 52 || `TICKET_EDIT_COMMENT` || Modify another user's comments. Any user can modify their own comments by default. || 53 53 || `TICKET_BATCH_MODIFY` || [TracBatchModify Batch modify] tickets || 54 || `TICKET_ADMIN` || All `TICKET_*` permissions, deletion of ticket attachments and modification of the reporter field, which grants ability to create a ticket on behalf of another user (it will appear that another user created the ticket). It also allows managing ticket properties through the web administration module. ||54 || `TICKET_ADMIN` || All `TICKET_*` permissions, deletion of ticket attachments and modification of the reporter field, which grants ability to create a ticket on behalf of another user and it will appear that another user created the ticket. It also allows managing ticket properties through the web administration module. || 55 55 56 56 === Roadmap … … 123 123 Any user who has logged in is also in the //authenticated// group. 124 124 The //authenticated// group inherits permissions from the //anonymous// group. 125 For example, if the //anonymous// group has permission WIKI_MODIFY, 126 it is not necessary to add the WIKI_MODIFY permission to the //authenticated// group as well. 125 For example, if the //anonymous// group has permission WIKI_MODIFY, it is not necessary to add the WIKI_MODIFY permission to the //authenticated// group as well. 127 126 128 127 Custom groups may be defined that inherit permissions from the two built-in groups. … … 142 141 Permission groups can be created by assigning a user to a group you wish to create, then assign permissions to that group. 143 142 144 The following will add ''bob'' to the new group called ''beta_testers'' and then will assign WIKI_ADMIN permissions to that group. (Thus, ''bob'' will inherit the WIKI_ADMIN permission)143 The following will add ''bob'' to the new group called ''beta_testers'' and then will assign `WIKI_ADMIN` permissions to that group. Thus, ''bob'' will inherit the `WIKI_ADMIN` permission. 145 144 {{{#!sh 146 145 $ trac-admin /path/to/projenv permission add bob beta_testers … … 150 149 == Removing Permissions 151 150 152 Permissions can be removed using the 'remove' command. For example:151 Permissions can be removed using the 'remove' command. 153 152 154 153 This command will prevent the user ''bob'' from deleting reports: