View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0005096||mantisbt||relationships||public||2005-01-11 14:56||2019-09-25 18:50|
|Summary||0005096: Add separate permission for adding a relationship...|
Currently, relationships can be added if a user has 'update issue' permission. It would be nice for users who do not have that permission to be able to have an 'add' relationship (but not delete). That way users who normally would not be allowed to update issue info would be able to create duplicate relationships when they see them.
|Tags||No tags attached.|
Would be very helpful!
... and they cannot undo their own mistakes either.
Im my experience the logging feature of Mantis does magic. You can leave the update permission ON, and simply call a user to ask him why he has deleted a relationship when he shouldn't have.
Personally I believe more in openess than in restrictions. This will be yet another configuration parameter to set or unset.
If the Mantis boys (any galls in the project?) wish to implement this, I suggest a full overhaul with roles instead of access levels, workflow stored in the database and assigning permission for each state-transition and edit-action on a role-basis - all web-based configuration, of course.
Add in config_inc.php
Change in file:
"update_bug_threshold" in "relation_bug_threshold"
If you want seperate authorisation for add and delete you can add another line in yout config_inc.php. Something like;
I agree that we should add the following configuration options:
If we add the id of the user who added the relationship, then we can also add the following configuration:
or always allow deleting own relationships.
The second issue what threshold to use when a user adds a relationship with the same other issue but with a different type. In this case, the user is practically modifying an existing relationship that may have been added by them or by another user.