Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[issue_tracker] Add more granular permissions for Issue Tracker #9554

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
driusan merged 11 commits into from
Feb 17, 2025
Merged

[issue_tracker] Add more granular permissions for Issue Tracker #9554

driusan merged 11 commits into from
Feb 17, 2025

Conversation

@shonibare
Copy link
Contributor

@shonibare shonibare commented Feb 7, 2025

Related to #8897

This PR modifies the existing permissions for the issue_tracker module. The permission has been extended to 5 permissions instead of 2. The permissions are as follows;

  1. issue_tracker_own_issue: See/Edit/Comment and Close on Own Issues
  2. issue_tracker_all_issue: See/Edit/Comment on all Issues
  3. issue_tracker_site_issue: See/Edit/Comment on Own Site Issues
  4. issue_tracker_close_site_issue: Close Own Site Issues
  5. issue_tracker_close_all_issue: Close all Issues

Testing:

  1. Give different users all the above permissions and see if they won't perform outside the specified actions.

@shonibare
Copy link
Contributor Author

shonibare commented Feb 7, 2025

@kongtiaowang can you review this PR for me? Thanks

This was referenced Feb 7, 2025
Open
Closed
@shonibare shonibare added Language: SQL PR or issue that update SQL code Priority: High PR or issue should be prioritised over others for review and testing Language: PHP PR or issue that update PHP code Language: Javascript PR or issue that update Javascript code Module: issue_tracker PR or issue related to issue tracker module and removed Priority: High PR or issue should be prioritised over others for review and testing labels Feb 8, 2025
@shonibare shonibare added the Category: Feature PR or issue that aims to introduce a new feature label Feb 8, 2025
@kongtiaowang
Copy link
Contributor

kongtiaowang commented Feb 11, 2025

@shonibare The "issue_tracker_close_all_issue: Close all Issues" permission seems unnecessary. In which specific scenarios is it used? If a user has only this permission, they cannot access the module. However, when combined with any of the "Issue Tracker: See/Edit/Comment and Close" permissions, the user gains full access. These three permissions together already include the ability to close issues independently.

@shonibare
Copy link
Contributor Author

shonibare commented Feb 11, 2025

@Shen, the issue_tracker_close_all_issue permission is dependent and does not grant access to the module unless the user also has a permission with "See" issues. The issue_tracker_own_issue permission allows users to close issues they have created and provides access to the module.

The issue_tracker_all_issue and issue_tracker_site_issue permissions alone do not allow users to close issues unless they also have the issue_tracker_close_all_issue or issue_tracker_close_site_issue permission. If a user is granted only issue_tracker_all_issue and/or issue_tracker_site_issue, the "Close" option will not appear in the Status filter/field on the Edit Issue page.

kongtiaowang
kongtiaowang approved these changes Feb 12, 2025
View reviewed changes
Copy link
Contributor

@kongtiaowang kongtiaowang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kongtiaowang kongtiaowang added the Passed manual tests PR has been successfully tested by at least one peer label Feb 12, 2025
@driusan
Copy link
Collaborator

driusan commented Feb 17, 2025

@shonibare this has conflicts, can you rebase it?

@driusan driusan added the State: Needs rebase PR that needs to be rebased to proceed (conflicts, wrong branch...) label Feb 17, 2025
@driusan driusan added this to the 27.0.0 milestone Feb 17, 2025
@driusan
Copy link
Collaborator

driusan commented Feb 17, 2025

I am not going to block on this because this works and has been tested, but in the future I think a better design would be to move the permission checking logic into the IssueRow and implemented AccessibleResource interface, rather than modifying the SQL query for permission checking.

@driusan driusan merged commit 0e0478f into aces:main Feb 17, 2025
19 checks passed
@shonibare shonibare mentioned this pull request Feb 19, 2025
Merged
driusan pushed a commit that referenced this pull request Feb 24, 2025
@shonibare
[issue_tracker] Modify ['action','description'] in the permissions fo… (
d126670 
#9577)

- Alter the `action` enum field in the `permissions` table, add more
actions and sort all by first alphabet.
- Modifies the `description` and `action` for all `issue_tracker`
permissions in the permissions table.
- Updates the test plan.

Related to PR #9554
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kongtiaowang kongtiaowang kongtiaowang approved these changes

Assignees

No one assigned

Labels

Category: Feature PR or issue that aims to introduce a new feature Language: Javascript PR or issue that update Javascript code Language: PHP PR or issue that update PHP code Language: SQL PR or issue that update SQL code Module: issue_tracker PR or issue related to issue tracker module Passed manual tests PR has been successfully tested by at least one peer State: Needs rebase PR that needs to be rebased to proceed (conflicts, wrong branch...)

Projects

None yet

Milestone

27.0.0

Development

Successfully merging this pull request may close these issues.

3 participants

@shonibare @kongtiaowang @driusan