Last Comment Bug 81457 - Anyone can change priority
: Anyone can change priority
Status: NEW
[permissions:edit]
:
Product: Bugzilla
Classification: Server Software
Component: Extension Ideas (show other bugs)
: 2.12
: All All
: P3 enhancement with 1 vote (vote)
: ---
Assigned To: Nobody; OK to take it and work on it
: default-qa
Mentors:
Depends on: 90619
Blocks:
  Show dependency treegraph
 
Reported: 2001-05-17 11:56 PDT by Stephen Rasku
Modified: 2014-06-04 07:56 PDT (History)
8 users (show)
See Also:
QA Whiteboard:
Iteration: ---
Points: ---


Attachments

Description Stephen Rasku 2001-05-17 11:56:22 PDT
The way I see it, only the bug owner or the owner's manager (i.e. Someone with
the appropriate permissions) should be able to change priorities.  Even the
reporter shouldn't be able to set the priority a bug is at.
Comment 1 Stephen Rasku 2001-05-17 11:58:05 PDT
Setting to P1 to prove my point.
Comment 2 Matthew Tuck [:CodeMachine] 2001-05-29 11:15:44 PDT
Traditionally Bugzilla has mostly allowed anyone to do anything.  Fixing that
general problem to the satisfaction of a whole range of system is a difficult
problem.
Comment 3 Andreas Franke (gone) 2001-09-08 05:03:56 PDT
-> Bugzilla product, Changing Bugs component, reassigning.
Comment 4 Denis Roy 2004-12-13 14:33:38 PST
The eclipse.org team would also like to see this enhancement.

As submitted by one of our committers:
Bug priorities are used by committers for planning purposes. They should not be
changed by submitters, which should use the severity field instead. It would be
great if there was a way to prevent less priviledged users from changing the
priority field. Since Bugzilla does not prevent them from doing it, it is a very
common mistake users make.
Comment 5 Matěj Cepl 2011-03-13 10:04:30 PDT
Just to leave a link (although I don't hope much in the bright future for this bug) ... Red Hat bugzilla would welcome this as well. https://bugzilla.redhat.com/show_bug.cgi?id=456697
Comment 6 Andre Klapper 2012-10-10 15:34:54 PDT
There is a patch in https://bugzilla.redhat.com/show_bug.cgi?id=495985#c24 which allows only a specific group to change priority/severity.
Might be worth to clean up and pick up, as I see such issues with non-dev reporters all over the place in the several Bugzillas that I triage in (bugzilla.mozilla.org being one of them) and this wastes a lot of time for developers getting tainted results when querying for high priority tickets.
CC'ing David as he is the downstream author.


(In reply to Matej Cepl from comment #5)
> https://bugzilla.redhat.com/show_bug.cgi?id=456697

"You are not authorized to access bug #456697." :)
Comment 7 Ryan Wilson [:f1sh] 2014-06-04 07:56:43 PDT
Given the split nature of this bug, this may be better suited as an extension to Bugzilla.

Note You need to log in before you can comment on or make changes to this bug.