Security - Mozilla

This is a discussion on Security - Mozilla ; I'm trying to implement Bugzilla in my organization but have a question about the security. It looks to me as though I can limit someone's ability to see a bug and also there ability to edit a bug by using ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Security

  1. Security

    I'm trying to implement Bugzilla in my organization but have a question
    about the security.

    It looks to me as though I can limit someone's ability to see a bug and also
    there ability to edit a bug by using groups.

    Is there a way that I can limit someone's ability to reassign or change the
    status of a bug while still allowing them to edit other information?

    We have support staff who need to be able to add attachments and additional
    comments on existing bugs. We don't, however, want them to change who the
    bug is assigned to ("Reassign bug to") or to accept ("Accept bug (change
    status to ASSIGNED") a bug that is assigned to someone else.

    Thanks for any help.

    - Eric



  2. Re: Security

    On Thu, 2006-01-19 at 15:27 -0500, Eric Rankin wrote:
    > Is there a way that I can limit someone's ability to reassign or change the
    > status of a bug while still allowing them to edit other information?


    You can edit the heavily-commented CheckCanChangeField subroutine in
    process_bug.cgi to accomplish that. You'll probably want to be using
    Bugzilla->user->in_group() to check if a user is in a certain group.

    -Max
    --
    http://www.everythingsolved.com/
    Competent, Friendly Bugzilla Services. And Everything Else, too.


+ Reply to Thread