Feature #17747
open
Added by Wim DePreter about 10 years ago.
Updated over 3 years ago.
Category:
Permissions and roles
Description
This is a proposal for changing visibility of some project (non-)members, by using private roles.
Private roles could be used:
- to give users access to a private project, without being visible as project members
f.e. read-only access (users can't be assignees or authors)
- to change permissions of users to a public project, without being visible as project members
f.e. give trusted users (non contributors) the permission to create issue-relations on redmine.org
The visibility of users with a private role is equivalent to the "Non member" role
This implies certain changes:
- a boolean-attribute "private" on roles
- private role and users with this role are not listed in project overview
- users with (only) a private role are not listed:
- in issue query - user-combobox (author, assignee, custom user field)
- in issue summary (assignee/author list)
- users with (only) a private role are visible (like non-members) if they acted on an issue (as author or when adding a note):
- in activity overview
- in issue detail
- in issue query if grouped by author/assignee
Note that a user can have a private role on a certain project, and a public role (member) on another project
Optional - permission "view private users"¶
If a user has the permission "view users with private role", then users with private roles are treated the same as users with public roles
Some related issues:¶
- defect #7645 could be resolved by giving readonly users a private role
- #11724
Files
- Related to Defect #7645: Issue summary should filter Assignee & Author lists added
- Related to Feature #11724: Prevent users from seeing other users based on their project membership added
With implementation of
#11724, my requested optional permission "view private users" should be changed into an extra option for Users visibility, which should have 3 options:
- (existing) All active users
- (existing) All members of visible projects
- (new) All non-private members of visible projects
Some use-cases
- Give readonly-access for a private project to users without being visible to other users (f.e. for reporting)
- Hide "internal" users (this is our case)
we have a private project per customer and:
- all "internal" users should have access (via private role) to all customer projects
- "customer" user should only see
- other users of the same customer (by definition, customer user has only access to his project)
- account manager for that customer ("account manager" is a not-private role)
- none of the (other, i.e. different from the account manager) "internal" users
I see also a relationship with #6015 and #13533
I've no experience with Ruby, but inspired by (and building on) the modifications for #11724, I've created a patch.
It's very basic (created with trial and error), and maybe there are still some issues with it.
Usage:
- A role is private if name begins with "private."
(this should be a new "private" attribute on roles, but I don't want to introduce database-changes with a patch)
- Only administrator can assign a private role to a user/group
Remarks:
- Patch doesn't work for Custom User Fields (we don't use these, and I couldn't find how to filter the list)
- Role option user visibility = "Members of visible projects" is always considered as "All non-private members of visible projects"
- I've reverted a change from r13584 (users_controller.rb), because if user with private role (or non-member?) acts on an issue (or is assigned to an issue), user-detail should be visible
- I didn't find a way to filter the detailed view in issue-summary for assignees or authors, so a page 404 is shown instead (if current user can't see all members)
- Patch is tested in a single-user environment (bitnami-package), maybe there are some performance-issues
- Related to Feature #13533: Concept for controlling visibility of users added
Can I apply this patch on Redmine 3.1.1? I also have bitnami package. I am getting a reject file project.rb.rej:
--- app/models/project.rb (revision 14045)
+++ app/models/project.rb (working copy)
@@ -31,7 +31,10 @@
has_many :time_entry_activities
has_many :members,
lambda { joins(:principal, :roles).
- where("#{Principal.table_name}.type='User' AND #{Principal.table_name}.status=#{Principal::STATUS_ACTIVE}") }
+ ## begin patch private role
+ #where("#{Principal.table_name}.type='User' AND #{Principal.table_name}.status=#{Principal::STATUS_ACTIVE}")}
+ where("#{Principal.table_name}.type='User' AND #{Principal.table_name}.status=#{Principal::STATUS_ACTIVE} AND #{Role.table_name}.name NOT LIKE 'private.%'")}
+ ## end patch private role
has_many :memberships, :class_name => 'Member'
has_many :member_principals,
lambda { joins(:principal).
Not sure why this happened. When I add private to developer role it is not private, it is visible in the project overview when the reporter logs in.
Thanks
Filip
I've made some changes to my patch for Redmine 3.2
Usage:
- A role is private if name of role begins with "private." (case-sensitive!)
- Only administrator can assign a private role to a user/group
Extra remarks (see also
#17747#note-4):
- Patch has no impact on Custom Fields of type User, but it is possible in Redmine:
- to select which users (by role) are listed
- which users (by role) can see the custom field
Wim DePreter wrote:
- I didn't find a way to filter the detailed view in issue-summary for assignees or authors, so a page 404 is shown instead (if current user can't see all members)
I've updated my latest patch, so that detailed issue summary for authors/assignees is possible for every user
I've made some small changes:
- private roles are now visible in project-overview for admin-users
- undo (most of) my changes to user_controller.rb, because the patch is meant to hide the user-info of private-roles
- as a consequence, when user A with (only) a private role acts on an issue, and user B (without permission to view all users) tries to consult the user-info of user A, he will get an error-message 403 (not authorised).
- in the old version, all user-info of private members was available to all members (this could be a problem with confidentiality)
If someone with more ruby-experience wants to improve this patch, feel free, because:
- I'm not totally happy with my modifications to principal.rb
- all private roles are still listed in user-info
update patch for redmine 4.2 (still very basic, because i have no Ruby experience)
Also available in: Atom
PDF
Updated by Toshi MARUYAMA 
Updated by 
Updated by