Dragnet security

[JerryShea]

Hi,

I am evaluating Dragnet beta 2. Firstly, it looks good and seems to have a pretty good feature set. But (there's always a but) I can't work out how to support a particular use case - this use case is essential for us and I imagine would be for others.

I need to support external customers being able to raise a bug on a particular project, but not have any rights to amend bugs i.e. I want to support our customer's logging of bugs but I don't want them doing anything nasty like reassinging bugs to different developers, removing comments or changing priorities. I would be happy with anonymous raising of bugs a la FogBugz.

What do you think?

Cheers

[mskrobul]

Currently Dragnet allows you to give users Read access, which allows users to view and query issues, Modify access, which allows users to Add/Modify issues and Admin access.

I will add your request to allow users to add but not modify items as a feature request. Unfortunatly, it is probably too late to get this into the 1.0 release.

[zsolga]

Hi,

I am evaluating the Dragnet 1.0 beta 2 and it is promissing. However, the Group definition allows project item visibility based on "all or nothing". If a group member has read access it has access to all items.

My suggestion is to extend the group rights management to enable category read/modify assignments. In that way I would create "application reviewer" group and its members will not bother with development/source code related bugs.

Regrads, Z.