Closed Bug 621879 Opened 15 years ago Closed 15 years ago

Add user 'capabilities' to Bugzilla

Categories

(Bugzilla :: Bugzilla-General, enhancement)

Product:
Bugzilla
Component:
Bugzilla-General
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 147276

People

(Reporter: gerv, Unassigned)

Details

At the moment, we have params like "insidergroup" and "chartgroup". But we don't have e.g. a "quipseditinggroup" or a "quipsmoderatinggroup". In several places, the code hard-codes a particularly capability (such as editing quips) to a particular group (such as 'admin'). Any time an installation want to slice and dice the permissions differently, they have to edit the code. Instead, we should have a set of capabilities, which are quite fine-grained - edit_quips, add_quips, create_charts, etc., plus an administrator-defined map from capabilities to groups. The code would directly check capabilities rather than group membership, and the map would be used to map to the relevant group. So e.g. instead of $user->in_group('bz_canusewhines'), the code would do $user->can('usewhines'), and there would be an admin-controlled mapping which mapped the "usewhines" capability to the "bz_canusewhines" group - or the "admin" group, or the "editbugs" group, or whatever the admin wanted. This would mean, for example, bmo wouldn't need to edit the code to change quip moderation from admins to members of 'quip-moderators', or blessing all groups from 'editusers' to 'admin'. Gerv
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
Max: by saying "things are fine the way they are now", you are basically saying the problem I outline above is not a problem. What is the recommended way of customizing Bugzilla so that a special group of people become e.g. quip editors, or a special group can create charts? Is your recommendation that people just edit the code? Gerv
Ah, I'd actually recommend filing bugs for those individual permissions. We could create groups for them, or there could be a mechanism for extensions to control who can access certain pages.
OK. Submitted bug 622079, bug 622080 and bug 622081. Gerv
You need to log in before you can comment on or make changes to this bug.