Prevent tickets from being accepted by anonymous

[Ryan J Ollos]

A frequent issue is that users will accept a ticket without being logged-in, and the ticket will then be assigned to anonymous. This was recently noted in comment:4:ticket:9984. I'll try modifying the workflow to avoid this.

[Ryan J Ollos]

Two options that I can see:

• Revoke TICKET_MODIFY from anonymous, grant TICKET_CHGPROP and TICKET_APPEND to anonymous and grant TICKET_MODIFY to authenticated. This would also prevent anonymous users from resolving tickets: TracPermissions#TicketSystem.
• Add a TICKET_ACCEPT permission, grant it to authenticated and modify the workflow (TracPermissions#CreatingNewPrivileges):

  accept = new -> assigned
  accept.operations = set_owner_to_self
  -accept.permissions = TICKET_MODIFY
  +accept.permissions = TICKET_ACCEPT
  

Any opinions or suggestions?

[Ryan J Ollos]

In reply to comment:5:ticket:9984, in order to change the behavior in Trac and have the workflow set_owner_to_self use the value from the author field of the form, we'd need a patch to Trac such as the one shown in ​trac:#11418.

That would actually complicate things even more on trac-hacks if the aim is to avoid having tickets assigned to anonymous through the accept action. There is no way I can see to tell the workflow to only allow the accept action if a value other than anonymous is found in the author form field. A plugin would likely be needed to enforce the behavior.

For now, I'll just add the TICKET_ACCEPT permission, and maybe work that patch in the Trac core later on if no one else wants to pursue this first.

[Ryan J Ollos]

The current workflow is the Trac 0.10 workflow with the addition of a set_resolution action (comment:7:ticket:11133) for TICKET_ADMINs:

accept = new -> assigned
accept.operations = set_owner_to_self
accept.permissions = TICKET_MODIFY
leave = * -> *
leave.default = 1
leave.operations = leave_status
reassign = new,assigned,reopened -> new
reassign.operations = set_owner
reassign.permissions = TICKET_MODIFY
reopen = closed -> reopened
reopen.operations = del_resolution
reopen.permissions = TICKET_CREATE
resolve = new,assigned,reopened -> closed
resolve.operations = set_resolution
resolve.permissions = TICKET_MODIFY
set_resolution = closed -> closed
set_resolution.name = set resolution
set_resolution.operations = set_resolution
set_resolution.permission = TICKET_ADMIN

Proposed change is to adopt the Trac 0.11 workflow, along with:

• set_resolution and set_owner actions for TICKET_ADMINs.
• adding a TICKET_ACCEPT permission, requiring it for accepting a ticket and granting it to authenticated.
• Removing the accepted -> accepted transition, which seems to be just noise in the workflow.

accept = new,assigned,reopened -> accepted
accept.operations = set_owner_to_self
accept.permissions = TICKET_ACCEPT
leave = * -> *
leave.default = 1
leave.operations = leave_status
reassign = new,assigned,accepted,reopened -> assigned
reassign.operations = set_owner
reassign.permissions = TICKET_MODIFY
reopen = closed -> reopened
reopen.operations = del_resolution
reopen.permissions = TICKET_CREATE
resolve = new,assigned,accepted,reopened -> closed
resolve.operations = set_resolution
resolve.permissions = TICKET_MODIFY
set_resolution = closed -> closed
set_resolution.name = set resolution
set_resolution.operations = set_resolution
set_resolution.permission = TICKET_ADMIN
set_owner = closed -> closed
set_owner.name = set owner
set_owner.operations = set_owner
set_owner.permission = TICKET_ADMIN

[Ryan J Ollos]

Please let me know if you spot any issues with the new workflow.

[Olemis Lang]

Replying to rjollos:

Please let me know if you spot any issues with the new workflow.

afaict this should work ok, thnx for taking the time to dive into this

[Ryan J Ollos]

Replying to Ryan J Ollos:

• Removing the accepted -> accepted transition, which seems to be just noise in the workflow.

This has been restored. It's useful when you wish to accept a ticket that is in the accepted state but assigned to another user.

[Ryan J Ollos]

Replying to Ryan J Ollos:

For now, I'll just add the TICKET_ACCEPT permission, and maybe work that patch in the Trac core later on if no one else wants to pursue this first.

Made some additional changes today:

• Anonymous now has TICKET_CHGPROP in addition to TICKET_APPEND
• Authenticated has TICKET_MODIFY, so TICKET_ACCEPT appears to be unnecessary and has been removed. tracopt.perm.config_perm_provider.extrapermissionsprovider has been disabled. The workflow has been changed:

  -accept.permissions = TICKET_ACCEPT
  +accept.permissions = TICKET_MODIFY
  

[Ryan J Ollos]

Additional work on permissions in #1453.