Feature #17747

Private roles

Added by Wim DePreter over 3 years ago. Updated over 1 year ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Permissions and roles
Target version:-
Resolution:

Description

This is a proposal for changing visibility of some project (non-)members, by using private roles.
Private roles could be used:
  • to give users access to a private project, without being visible as project members
    f.e. read-only access (users can't be assignees or authors)
  • to change permissions of users to a public project, without being visible as project members
    f.e. give trusted users (non contributors) the permission to create issue-relations on redmine.org

The visibility of users with a private role is equivalent to the "Non member" role

This implies certain changes:
  • a boolean-attribute "private" on roles
  • private role and users with this role are not listed in project overview
  • users with (only) a private role are not listed:
    • in issue query - user-combobox (author, assignee, custom user field)
    • in issue summary (assignee/author list)
  • users with (only) a private role are visible (like non-members) if they acted on an issue (as author or when adding a note):
    • in activity overview
    • in issue detail
    • in issue query if grouped by author/assignee

Note that a user can have a private role on a certain project, and a public role (member) on another project

Optional - permission "view private users"

If a user has the permission "view users with private role", then users with private roles are treated the same as users with public roles

Some related issues:

  • defect #7645 could be resolved by giving readonly users a private role
  • #11724

private_role_redmine_3.0.patch Magnifier (5.74 KB) Wim DePreter, 2015-03-18 11:21

private_role_redmine_3.2.patch Magnifier (5.36 KB) Wim DePreter, 2016-03-09 14:43

private_role_redmine_3.2bis.patch Magnifier (5.65 KB) Wim DePreter, 2016-03-09 16:27

private_role_redmine_3.2ter.patch Magnifier (5.04 KB) Wim DePreter, 2016-03-16 10:56


Related issues

Related to Redmine - Defect #7645: Issue summary should filter Assignee & Author lists New 2011-02-18
Related to Redmine - Feature #11724: Prevent users from seeing other users based on their proj... Closed
Related to Redmine - Feature #6015: Private Users New 2010-08-02
Related to Redmine - Feature #13533: Concept for controlling visibility of users New

History

#1 Updated by Toshi MARUYAMA about 3 years ago

  • Related to Defect #7645: Issue summary should filter Assignee & Author lists added

#2 Updated by Toshi MARUYAMA about 3 years ago

  • Related to Feature #11724: Prevent users from seeing other users based on their project membership added

#3 Updated by Wim DePreter almost 3 years ago

With implementation of #11724, my requested optional permission "view private users" should be changed into an extra option for Users visibility, which should have 3 options:
  • (existing) All active users
  • (existing) All members of visible projects
  • (new) All non-private members of visible projects
Some use-cases
  1. Give readonly-access for a private project to users without being visible to other users (f.e. for reporting)
  2. Hide "internal" users (this is our case)
    we have a private project per customer and:
    • all "internal" users should have access (via private role) to all customer projects
    • "customer" user should only see
      • other users of the same customer (by definition, customer user has only access to his project)
      • account manager for that customer ("account manager" is a not-private role)
      • none of the (other, i.e. different from the account manager) "internal" users

I see also a relationship with #6015 and #13533

#4 Updated by Wim DePreter over 2 years ago

I've no experience with Ruby, but inspired by (and building on) the modifications for #11724, I've created a patch.
It's very basic (created with trial and error), and maybe there are still some issues with it.

Usage:
  • A role is private if name begins with "private."
    (this should be a new "private" attribute on roles, but I don't want to introduce database-changes with a patch)
  • Only administrator can assign a private role to a user/group
Remarks:
  • Patch doesn't work for Custom User Fields (we don't use these, and I couldn't find how to filter the list)
  • Role option user visibility = "Members of visible projects" is always considered as "All non-private members of visible projects"
  • I've reverted a change from r13584 (users_controller.rb), because if user with private role (or non-member?) acts on an issue (or is assigned to an issue), user-detail should be visible
  • I didn't find a way to filter the detailed view in issue-summary for assignees or authors, so a page 404 is shown instead (if current user can't see all members)
  • Patch is tested in a single-user environment (bitnami-package), maybe there are some performance-issues

#5 Updated by Toshi MARUYAMA over 2 years ago

#6 Updated by Toshi MARUYAMA over 2 years ago

  • Related to Feature #13533: Concept for controlling visibility of users added

#7 Updated by Filip Sabo almost 2 years ago

Can I apply this patch on Redmine 3.1.1? I also have bitnami package. I am getting a reject file project.rb.rej:

--- app/models/project.rb    (revision 14045)
+++ app/models/project.rb    (working copy)
@@ -31,7 +31,10 @@
   has_many :time_entry_activities
   has_many :members,
            lambda { joins(:principal, :roles).
-                    where("#{Principal.table_name}.type='User' AND #{Principal.table_name}.status=#{Principal::STATUS_ACTIVE}") }
+                    ## begin patch private role
+                    #where("#{Principal.table_name}.type='User' AND #{Principal.table_name}.status=#{Principal::STATUS_ACTIVE}")}
+                    where("#{Principal.table_name}.type='User' AND #{Principal.table_name}.status=#{Principal::STATUS_ACTIVE} AND #{Role.table_name}.name NOT LIKE 'private.%'")}
+                    ## end patch private role
   has_many :memberships, :class_name => 'Member'
   has_many :member_principals,
            lambda { joins(:principal).

Not sure why this happened. When I add private to developer role it is not private, it is visible in the project overview when the reporter logs in.

Thanks

Filip

#8 Updated by Wim DePreter almost 2 years ago

I've made some changes to my patch for Redmine 3.2

Usage:
  • A role is private if name of role begins with "private." (case-sensitive!)
  • Only administrator can assign a private role to a user/group
Extra remarks (see also #17747#note-4):
  • Patch has no impact on Custom Fields of type User, but it is possible in Redmine:
    • to select which users (by role) are listed
    • which users (by role) can see the custom field

#9 Updated by Wim DePreter almost 2 years ago

Wim DePreter wrote:

  • I didn't find a way to filter the detailed view in issue-summary for assignees or authors, so a page 404 is shown instead (if current user can't see all members)

I've updated my latest patch, so that detailed issue summary for authors/assignees is possible for every user

#10 Updated by Wim DePreter over 1 year ago

I've made some small changes:
  • private roles are now visible in project-overview for admin-users
  • undo (most of) my changes to user_controller.rb, because the patch is meant to hide the user-info of private-roles
    • as a consequence, when user A with (only) a private role acts on an issue, and user B (without permission to view all users) tries to consult the user-info of user A, he will get an error-message 403 (not authorised).
    • in the old version, all user-info of private members was available to all members (this could be a problem with confidentiality)
If someone with more ruby-experience wants to improve this patch, feel free, because:
  • I'm not totally happy with my modifications to principal.rb
  • all private roles are still listed in user-info

Also available in: Atom PDF