authorisations Bugzilla

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

authorisations Bugzilla

Roel-7
I would like to create 3 users:

1. administrator (myself). Created at setup time.
2. mutator, who can enter bugs and update every bug field.
3. commentator, who is not allowed to update, with the exception of the
COMMENT field.

How do I get to this ?

a. without products and groups
b. if a) not possible, then with products and groups

What params are interesting ?

I have tried all sorts of authorisations but this seems to be to difficult
for me.

Please help.

grtz,

roel


_______________________________________________
mozilla-webtools mailing list
[hidden email]
http://mail.mozilla.org/listinfo/mozilla-webtools
Reply | Threaded
Open this post in threaded view
|

Re: authorisations Bugzilla

Igor Sereda
Hello roel,

> 1. administrator (myself). Created at setup time.
> 2. mutator, who can enter bugs and update every bug field.
> 3. commentator, who is not allowed to update, with the exception of
> the
> COMMENT field.
> How do I get to this ?
>
> a. without products and groups
> b. if a) not possible, then with products and groups
> What params are interesting ?


As far as I can see, this is not possible without hacks.

What I can suggest in your situation though, is to create a special template
for Commentator that will have all fields except comment uneditable. Then
you
can give Commentator rights to edit a bug, but somehow restrict his access
to bugzilla pages - so he has to go through a special template.

This is absolutely NOT secure, so it may be unacceptable for you.



Best regards,
Igor


---------------------------
Igor Sereda
http://deskzilla.com
Bugzilla Desktop Client
---------------------------


_______________________________________________
mozilla-webtools mailing list
[hidden email]
http://mail.mozilla.org/listinfo/mozilla-webtools
Reply | Threaded
Open this post in threaded view
|

Re: authorisations Bugzilla

Max Kanat-Alexander
In reply to this post by Roel-7
On Fri, 2005-06-10 at 15:52 +0200, roel wrote:
> 1. administrator (myself). Created at setup time.

        This person should be a member of the "admin" group.

> 2. mutator, who can enter bugs and update every bug field.

        This person should be a member of the "editbugs" group.

> 3. commentator, who is not allowed to update, with the exception of the
> COMMENT field.

        This person should be a member of no groups at all.

        Make sure that you delete what's in the "emailregexp" field for
"editbugs" and "canconfirm" so that not *everybody* is in those groups.

        -Max
--
http://www.everythingsolved.com/
Everything Solved: Experts at Bugzilla... and everything else, too.

_______________________________________________
mozilla-webtools mailing list
[hidden email]
http://mail.mozilla.org/listinfo/mozilla-webtools
Reply | Threaded
Open this post in threaded view
|

Re: authorisations Bugzilla

Igor Sereda
In reply to this post by Roel-7
Max wrote:

>> 1. administrator (myself). Created at setup time.
>>
> This person should be a member of the "admin" group.
>
>> 2. mutator, who can enter bugs and update every bug field.
>>
> This person should be a member of the "editbugs" group.
>
>> 3. commentator, who is not allowed to update, with the exception of
>> the COMMENT field.
>>
> This person should be a member of no groups at all.


This way the commentator would be able to post bugs and to update all bugs
that he has reported.

For all other bugs - not posted by himself - commentator would be able not
only to post comments, but also
- Set flags
- Add attachments
- Add users to CC



Best regards,
Igor

---------------------------
Igor Sereda
http://deskzilla.com
Bugzilla Desktop Client
---------------------------


_______________________________________________
mozilla-webtools mailing list
[hidden email]
http://mail.mozilla.org/listinfo/mozilla-webtools
Reply | Threaded
Open this post in threaded view
|

Re: authorisations Bugzilla

Nick.Barnes
In reply to this post by Roel-7
At 2005-06-11 10:54:29+0000, Igor Sereda writes:

> Max wrote:
> >> 1. administrator (myself). Created at setup time.
> >>
> > This person should be a member of the "admin" group.
> >
> >> 2. mutator, who can enter bugs and update every bug field.
> >>
> > This person should be a member of the "editbugs" group.
> >
> >> 3. commentator, who is not allowed to update, with the exception of
> >> the COMMENT field.
> >>
> > This person should be a member of no groups at all.
>
>
> This way the commentator would be able to post bugs and to update all bugs
> that he has reported.

I usually solve this problem by commenting out the reporter-specific
section in CheckCanChangeField (in process_bug.cgi).  That way the
reporter doesn't get any updating privileges ex-officio.

> For all other bugs - not posted by himself - commentator would be able not
> only to post comments, but also
> - Set flags
> - Add attachments

Hey, look at that!  I thought CheckCanChangeField was the single piece
of code I needed to touch here, but I see that the code in
attachments.cgi::enter() needs hacking too.

Nick B


_______________________________________________
mozilla-webtools mailing list
[hidden email]
http://mail.mozilla.org/listinfo/mozilla-webtools