View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0010884 | mantisbt | customization | public | 2009-08-27 10:27 | 2014-12-08 00:34 |
| Reporter | cmfitch1 | Assigned To | dhx | ||
| Priority | normal | Severity | feature | Reproducibility | N/A |
| Status | closed | Resolution | fixed | ||
| Target Version | 1.3.0-beta.1 | Fixed in Version | 1.3.0-beta.1 | ||
| Summary | 0010884: Make 'edit', 'delete', and 'make private' buttons on bugnotes independently configurable | ||||
| Description | Currently, it is only possible to configure whether a user can edit and delete his/her bugnotes. It would be nice if each action that can be taken on a bugnote was configurable independently of the others. For example, it would be useful to allow users to edit their bugnotes, but not to delete them or make them private. | ||||
| Tags | patch | ||||
| Attached Files | issue_10884.patch (7,399 bytes)
From ee9de5f83f9f45e9b55a42a300fe6db24a0f1784 Mon Sep 17 00:00:00 2001
From: Chris Fitch <cfitch@redcom.com>
Date: Tue, 18 Aug 2009 14:48:37 -0400
Subject: [PATCH] Make 'delete' and 'make private' buttons configurable
diff --git a/bugnote_delete.php b/bugnote_delete.php
index 5b76f23..03ddd08 100644
--- a/bugnote_delete.php
+++ b/bugnote_delete.php
@@ -48,7 +48,7 @@
$t_user_id = auth_get_current_user_id();
$t_reporter_id = bugnote_get_field( $f_bugnote_id, 'reporter_id' );
- if ( ( $t_user_id != $t_reporter_id ) || ( OFF == config_get( 'bugnote_allow_user_edit_delete' ) ) ) {
+ if ( ( $t_user_id != $t_reporter_id ) || ( OFF == config_get( 'bugnote_allow_user_delete' ) ) ) {
access_ensure_bugnote_level( config_get( 'delete_bugnote_threshold' ), $f_bugnote_id );
}
diff --git a/bugnote_edit_page.php b/bugnote_edit_page.php
index 68853f2..4ea44a8 100644
--- a/bugnote_edit_page.php
+++ b/bugnote_edit_page.php
@@ -57,7 +57,7 @@
$t_reporter_id = bugnote_get_field( $f_bugnote_id, 'reporter_id' );
if ( ( $t_user_id != $t_reporter_id ) ||
- ( OFF == config_get( 'bugnote_allow_user_edit_delete' ) ) ) {
+ ( OFF == config_get( 'bugnote_allow_user_edit' ) ) ) {
access_ensure_bugnote_level( config_get( 'update_bugnote_threshold' ), $f_bugnote_id );
}
diff --git a/bugnote_update.php b/bugnote_update.php
index dd7e279..cdbfd26 100644
--- a/bugnote_update.php
+++ b/bugnote_update.php
@@ -41,7 +41,7 @@
$t_user_id = auth_get_current_user_id();
$t_reporter_id = bugnote_get_field( $f_bugnote_id, 'reporter_id' );
- if ( ( $t_user_id != $t_reporter_id ) || ( OFF == config_get( 'bugnote_allow_user_edit_delete' ) )) {
+ if ( ( $t_user_id != $t_reporter_id ) || ( OFF == config_get( 'bugnote_allow_user_edit' ) )) {
access_ensure_bugnote_level( config_get( 'update_bugnote_threshold' ), $f_bugnote_id );
}
diff --git a/bugnote_view_inc.php b/bugnote_view_inc.php
index 6d8b95a..f3c9ab5 100644
--- a/bugnote_view_inc.php
+++ b/bugnote_view_inc.php
@@ -138,12 +138,24 @@ $num_notes = count( $t_bugnotes );
if ( !bug_is_readonly( $f_bug_id ) ) {
$t_can_edit_note = false;
$t_can_delete_note = false;
+ $t_can_make_note_priv = false;
- # admins and the bugnote creator can edit/delete this bugnote
- if ( ( access_has_bug_level( config_get( 'manage_project_threshold' ), $f_bug_id ) ) ||
- ( ( $t_bugnote->reporter_id == $t_user_id ) && ( ON == config_get( 'bugnote_allow_user_edit_delete' ) ) ) ) {
+ # admins can edit/delete this bugnote
+ if ( ( access_has_bug_level( config_get( 'manage_project_threshold' ), $f_bug_id ) ) ) {
$t_can_edit_note = true;
$t_can_delete_note = true;
+ $t_can_make_note_priv = true;
+ # bugnote creator might be able to edit/delete this bugnote
+ } else if ( $t_bugnote->reporter_id == $t_user_id ) {
+ if ( ON == config_get( 'bugnote_allow_user_edit' ) ) {
+ $t_can_edit_note = true;
+ }
+ if ( ON == config_get( 'bugnote_allow_user_delete' ) ) {
+ $t_can_delete_note = true;
+ }
+ if ( ON == config_get( 'bugnote_allow_user_make_priv' ) ) {
+ $t_can_make_note_priv = true;
+ }
}
# users above update_bugnote_threshold should be able to edit this bugnote
@@ -157,8 +169,8 @@ $num_notes = count( $t_bugnotes );
print_button( 'bugnote_delete.php?bugnote_id='.$t_bugnote->id, lang_get( 'delete_link' ) );
}
- # users with access to both update and change view status (or the bugnote author) can change public/private status
- if ( $t_can_edit_note || ( access_has_bug_level( config_get( 'update_bugnote_threshold' ), $f_bug_id ) &&
+ # users with access to both update and change view status (or the bugnote author if allowed) can change public/private status
+ if ( $t_can_make_note_priv || ( access_has_bug_level( config_get( 'update_bugnote_threshold' ), $f_bug_id ) &&
access_has_bug_level( config_get( 'change_view_status_threshold' ), $f_bug_id ) ) ) {
if ( VS_PRIVATE == $t_bugnote->view_state ) {
echo " ";
diff --git a/config_defaults_inc.php b/config_defaults_inc.php
index df10831..f0c812f 100644
--- a/config_defaults_inc.php
+++ b/config_defaults_inc.php
@@ -2409,10 +2409,22 @@
$g_delete_bugnote_threshold = '%delete_bug_threshold%';
/**
- * Are users allowed to change and delete their own bugnotes?
- * @global int $g_bugnote_allow_user_edit_delete
+ * Are users allowed to change their own bugnotes?
+ * @global int $g_bugnote_allow_user_edit
*/
- $g_bugnote_allow_user_edit_delete = ON;
+ $g_bugnote_allow_user_edit = ON;
+
+ /**
+ * Are users allowed to delete their own bugnotes?
+ * @global int $g_bugnote_allow_user_delete
+ */
+ $g_bugnote_allow_user_delete = ON;
+
+ /**
+ * Are users allowed to change the view status of their own bugnotes?
+ * @global int $g_bugnote_allow_user_make_priv
+ */
+ $g_bugnote_allow_user_make_priv = ON;
/**
* Move bug threshold
diff --git a/lang/strings_english.txt b/lang/strings_english.txt
index c65951d..8963b57 100644
--- a/lang/strings_english.txt
+++ b/lang/strings_english.txt
@@ -847,6 +847,8 @@ $s_allow_reporter_close = 'Allow Reporter to close Issue';
$s_allow_reporter_reopen = 'Allow Reporter to re-open Issue';
$s_set_status_assigned = 'Set status on assignment of Handler';
$s_allow_user_edit = 'Allow user to edit their own issue notes';
+$s_allow_user_delete = 'Allow user to delete their own issue notes';
+$s_allow_user_make_priv = 'Allow user to make their own issue notes private';
$s_limit_access = 'Limit reporter\'s access to their own issues';
$s_submit_status = 'Status to which a new issue is set';
$s_assigned_status = 'Status to set auto-assigned issues to';
diff --git a/manage_config_work_threshold_page.php b/manage_config_work_threshold_page.php
index aec9a8d..d531cc6 100644
--- a/manage_config_work_threshold_page.php
+++ b/manage_config_work_threshold_page.php
@@ -301,7 +301,9 @@
get_section_begin_mcwt( lang_get( 'notes' ) );
get_capability_row( lang_get( 'add_notes' ), 'add_bugnote_threshold' );
get_capability_row( lang_get( 'update_notes' ), 'update_bugnote_threshold' );
- get_capability_boolean( lang_get( 'allow_user_edit' ), 'bugnote_allow_user_edit_delete' );
+ get_capability_boolean( lang_get( 'allow_user_edit' ), 'bugnote_allow_user_edit' );
+ get_capability_boolean( lang_get( 'allow_user_delete' ), 'bugnote_allow_user_delete' );
+ get_capability_boolean( lang_get( 'allow_user_make_priv' ), 'bugnote_allow_user_make_priv' );
get_capability_row( lang_get( 'delete_note' ), 'delete_bugnote_threshold' );
get_capability_row( lang_get( 'view_private_notes' ), 'private_bugnote_threshold' );
get_section_end();
diff --git a/manage_config_work_threshold_set.php b/manage_config_work_threshold_set.php
index bf6e87b..1dc4bd5 100644
--- a/manage_config_work_threshold_set.php
+++ b/manage_config_work_threshold_set.php
@@ -144,7 +144,9 @@
# Notes
set_capability_row( 'add_bugnote_threshold' );
set_capability_row( 'update_bugnote_threshold' );
- set_capability_boolean( 'bugnote_allow_user_edit_delete' );
+ set_capability_boolean( 'bugnote_allow_user_edit' );
+ set_capability_boolean( 'bugnote_allow_user_delete' );
+ set_capability_boolean( 'bugnote_allow_user_make_priv' );
set_capability_row( 'delete_bugnote_threshold' );
set_capability_row( 'private_bugnote_threshold' );
--
1.6.0.4
issue_10884_a.patch (7,176 bytes)
From 5c786caa0dba0cefabec870557e092a74f86d463 Mon Sep 17 00:00:00 2001
From: Chris Fitch <cfitch@redcom.com>
Date: Fri, 25 Sep 2009 20:39:38 -0400
Subject: [PATCH] Convert boolean 'edit', 'delete', and 'make private' checks on bugnotes to thresholds
diff --git a/bugnote_delete.php b/bugnote_delete.php
index 03ddd08..6562952 100644
--- a/bugnote_delete.php
+++ b/bugnote_delete.php
@@ -48,7 +48,7 @@
$t_user_id = auth_get_current_user_id();
$t_reporter_id = bugnote_get_field( $f_bugnote_id, 'reporter_id' );
- if ( ( $t_user_id != $t_reporter_id ) || ( OFF == config_get( 'bugnote_allow_user_delete' ) ) ) {
+ if ( ( $t_user_id != $t_reporter_id ) || !( access_has_bugnote_level( config_get( 'bugnote_user_delete_threshold' ), $f_bugnote_id ) ) ) {
access_ensure_bugnote_level( config_get( 'delete_bugnote_threshold' ), $f_bugnote_id );
}
diff --git a/bugnote_edit_page.php b/bugnote_edit_page.php
index d6a766e..9916ea2 100644
--- a/bugnote_edit_page.php
+++ b/bugnote_edit_page.php
@@ -57,7 +57,7 @@
$t_reporter_id = bugnote_get_field( $f_bugnote_id, 'reporter_id' );
if ( ( $t_user_id != $t_reporter_id ) ||
- ( OFF == config_get( 'bugnote_allow_user_edit' ) ) ) {
+ !( access_has_bugnote_level( config_get( 'bugnote_user_edit_threshold' ), $f_bugnote_id ) ) ) {
access_ensure_bugnote_level( config_get( 'update_bugnote_threshold' ), $f_bugnote_id );
}
diff --git a/bugnote_update.php b/bugnote_update.php
index cdbfd26..ed4d361 100644
--- a/bugnote_update.php
+++ b/bugnote_update.php
@@ -41,7 +41,7 @@
$t_user_id = auth_get_current_user_id();
$t_reporter_id = bugnote_get_field( $f_bugnote_id, 'reporter_id' );
- if ( ( $t_user_id != $t_reporter_id ) || ( OFF == config_get( 'bugnote_allow_user_edit' ) )) {
+ if ( ( $t_user_id != $t_reporter_id ) || !( access_has_bugnote_level( config_get( 'bugnote_user_edit_threshold' ), $f_bugnote_id ) )) {
access_ensure_bugnote_level( config_get( 'update_bugnote_threshold' ), $f_bugnote_id );
}
diff --git a/bugnote_view_inc.php b/bugnote_view_inc.php
index 4ca231c..6d4775b 100644
--- a/bugnote_view_inc.php
+++ b/bugnote_view_inc.php
@@ -142,13 +142,13 @@ $num_notes = count( $t_bugnotes );
# bugnote creator might be able to edit/delete this bugnote
if ( $t_bugnote->reporter_id == $t_user_id ) {
- if ( ON == config_get( 'bugnote_allow_user_edit' ) ) {
+ if ( access_has_bugnote_level( config_get( 'bugnote_user_edit_threshold' ), $t_bugnote->id ) ) {
$t_can_edit_note = true;
}
- if ( ON == config_get( 'bugnote_allow_user_delete' ) ) {
+ if ( access_has_bugnote_level( config_get( 'bugnote_user_delete_threshold' ), $t_bugnote->id ) ) {
$t_can_delete_note = true;
}
- if ( ON == config_get( 'bugnote_allow_user_make_priv' ) ) {
+ if ( access_has_bugnote_level( config_get( 'bugnote_user_make_priv_threshold' ), $t_bugnote->id ) ) {
$t_can_make_note_priv = true;
}
}
diff --git a/config_defaults_inc.php b/config_defaults_inc.php
index 5924b68..a97c221 100644
--- a/config_defaults_inc.php
+++ b/config_defaults_inc.php
@@ -2439,22 +2439,22 @@
$g_delete_bugnote_threshold = '%delete_bug_threshold%';
/**
- * Are users allowed to change their own bugnotes?
- * @global int $g_bugnote_allow_user_edit
+ * Threshold at which a user can edit his/her own bugnotes
+ * @global int $g_bugnote_user_edit_threshold
*/
- $g_bugnote_allow_user_edit = ON;
+ $g_bugnote_user_edit_threshold = REPORTER;
/**
- * Are users allowed to delete their own bugnotes?
- * @global int $g_bugnote_allow_user_delete
+ * Threshold at which a user can delete his/her own bugnotes
+ * @global int $g_bugnote_user_delete_threshold
*/
- $g_bugnote_allow_user_delete = ON;
+ $g_bugnote_user_delete_threshold = REPORTER;
/**
- * Are users allowed to change the view status of their own bugnotes?
- * @global int $g_bugnote_allow_user_make_priv
+ * Threshold at which a user can make his/her own bugnotes private
+ * @global int $g_bugnote_user_make_priv_threshold
*/
- $g_bugnote_allow_user_make_priv = ON;
+ $g_bugnote_user_make_priv_threshold = REPORTER;
/**
* Move bug threshold
diff --git a/lang/strings_english.txt b/lang/strings_english.txt
index 727502d..69412d7 100644
--- a/lang/strings_english.txt
+++ b/lang/strings_english.txt
@@ -846,9 +846,9 @@ $s_allow_close_immediate = 'Allow issue to be closed on Resolve';
$s_allow_reporter_close = 'Allow Reporter to close Issue';
$s_allow_reporter_reopen = 'Allow Reporter to re-open Issue';
$s_set_status_assigned = 'Set status on assignment of Handler';
-$s_allow_user_edit = 'Allow user to edit their own issue notes';
-$s_allow_user_delete = 'Allow user to delete their own issue notes';
-$s_allow_user_make_priv = 'Allow user to make their own issue notes private';
+$s_edit_user_notes = 'User can edit his/her own notes';
+$s_delete_user_notes = 'User can delete his/her own notes';
+$s_make_user_notes_priv = 'User can make his/her own notes private';
$s_limit_access = 'Limit reporter\'s access to their own issues';
$s_submit_status = 'Status to which a new issue is set';
$s_assigned_status = 'Status to set auto-assigned issues to';
diff --git a/manage_config_work_threshold_page.php b/manage_config_work_threshold_page.php
index 3d95fa8..998e756 100644
--- a/manage_config_work_threshold_page.php
+++ b/manage_config_work_threshold_page.php
@@ -301,10 +301,10 @@
get_section_begin_mcwt( lang_get( 'notes' ) );
get_capability_row( lang_get( 'add_notes' ), 'add_bugnote_threshold' );
get_capability_row( lang_get( 'update_notes' ), 'update_bugnote_threshold' );
- get_capability_boolean( lang_get( 'allow_user_edit' ), 'bugnote_allow_user_edit' );
- get_capability_boolean( lang_get( 'allow_user_delete' ), 'bugnote_allow_user_delete' );
- get_capability_boolean( lang_get( 'allow_user_make_priv' ), 'bugnote_allow_user_make_priv' );
get_capability_row( lang_get( 'delete_note' ), 'delete_bugnote_threshold' );
+ get_capability_row( lang_get( 'edit_user_notes' ), 'bugnote_user_edit_threshold' );
+ get_capability_row( lang_get( 'delete_user_notes' ), 'bugnote_user_delete_threshold' );
+ get_capability_row( lang_get( 'make_user_notes_priv' ), 'bugnote_user_make_priv_threshold' );
get_capability_row( lang_get( 'view_private_notes' ), 'private_bugnote_threshold' );
get_section_end();
diff --git a/manage_config_work_threshold_set.php b/manage_config_work_threshold_set.php
index ef2f4e5..ffa9209 100644
--- a/manage_config_work_threshold_set.php
+++ b/manage_config_work_threshold_set.php
@@ -144,9 +144,9 @@
# Notes
set_capability_row( 'add_bugnote_threshold' );
set_capability_row( 'update_bugnote_threshold' );
- set_capability_boolean( 'bugnote_allow_user_edit' );
- set_capability_boolean( 'bugnote_allow_user_delete' );
- set_capability_boolean( 'bugnote_allow_user_make_priv' );
+ set_capability_row( 'bugnote_user_edit_threshold' );
+ set_capability_row( 'bugnote_user_delete_threshold' );
+ set_capability_row( 'bugnote_user_make_priv_threshold' );
set_capability_row( 'delete_bugnote_threshold' );
set_capability_row( 'private_bugnote_threshold' );
--
1.6.0.4
| ||||
 |
Ah, I was just looking for something like this. Thanks! I see you've implemented these checks as boolean on/off switches whereas they really should be thresholds. This would allow for much greater flexibility with respect to anonymous accounts where we need to have the ability to disallow anonymous users from editing bugnotes (but registered users can). If you want to disable something, just set the access level to NOBODY and that effectively turns the feature off. If you want to give everyone access to a feature (highly unlikely...) then there is ANYBODY for that purpose. |
 |
I have uploaded a second patch to convert my original work into thresholds. Apply the first patch followed by the second to get everything. |
|
|
Thanks. I'll get onto this soon. I haven't forgotten :) |
 |
Hi. I am interested in this feature as well. Thanks cmfitch1 & dhx. ;) |
|
|
I've rewritten this patch with some changes and improvements, and committed it to the 1.3.x branch. Please try it out and let me know if there are any problems (or things that you weren't expecting). Thanks for your initial patches :) |
 |
Marking as 'acknowledged' not resolved/closed to track that change gets ported to master-2.0.x branch |
|
MantisBT: master da6c133f 2010-01-17 03:43 Details Diff |
Issue 0010884: Improve granularity of bugnote permissions Currently it's only possible to use a single $g_bugnote_allow_user_edit_delete setting to turn ON or OFF the ability for users to be able to edit/delete their own bugnotes. This patch provides improvement to the granularity of bugnote permissions to make the following possible: 1) Separate edit and delete permissions 2) Thresholds instead of boolean switches 3) Ability for users to change the view state of their own bugnotes On the topic of view states, the $g_set_view_status_threshold setting controls whether a user can make a bug or bug note private at the time of reporting/posting. The existing $g_change_view_status_threshold setting allows users to change the view state of any bug or bug note after they've been reported/posted. This patch introduces $g_bugnote_user_change_view_state_threshold which allows administrators to give users the the ability to make their own bugnotes public or private as they choose, at any time. $g_bugnote_user_edit_threshold is a new setting that can be changed to allow users the ability to edit their own bugnotes. $g_bugnote_user_delete_threshold is a new setting that can be changed to allow users the ability to delete their own bugnotes. You may be wondering why there is a difference when a user could simply edit and blank their bugnote. The answer lies with bugnote revisions and the ability for users to see a revision history of each bug that has been edited. Many thanks to Chris Fitch for the original idea and an initial patch from August 2009. This patch is a rewrite of his earlier work with a number of additional changes and improvements. |
Affected Issues 0010884 |
|
| mod - config_defaults_inc.php | Diff File | ||
| mod - lang/strings_english.txt | Diff File | ||
| mod - bugnote_add.php | Diff File | ||
| mod - manage_config_work_threshold_set.php | Diff File | ||
| mod - bugnote_delete.php | Diff File | ||
| mod - bugnote_update.php | Diff File | ||
| mod - docbook/adminguide/en/page_descriptions.sgml | Diff File | ||
| mod - docbook/adminguide/en/configuration.sgml | Diff File | ||
| mod - core/bugnote_api.php | Diff File | ||
| mod - bugnote_edit_page.php | Diff File | ||
| mod - manage_config_work_threshold_page.php | Diff File | ||
| mod - core/obsolete.php | Diff File | ||
| mod - bugnote_set_view_state.php | Diff File | ||
| mod - bugnote_view_inc.php | Diff File | ||
| mod - bugnote_add_inc.php | Diff File | ||
