Enable reporter editing of ticket descriptions via DefaultTicketPolicy

[JoeFusco]

Ticket reporters on WordPress.org Trac instances cannot edit their own descriptions. Corrections require a contributor with elevated permissions.

Trac's DefaultTicketPolicy (1.3.2+) permits authenticated users with TICKET_APPEND or TICKET_CHGPROP to modify descriptions on tickets they reported. Edit history is preserved.

Reference: ​https://trac.edgewall.org/ticket/12719

Proposed change: add DefaultTicketPolicy to permission_policies in trac.ini.

This affects any contributor who cannot self-correct their own ticket descriptions without assistance from a contributor with elevated permissions.

[dd32]

It looks like we don't use the DefaultTicketPolicy policy, we're using a variation of:

permission_policies = ReadonlyWikiPolicy, DefaultPermissionPolicy

At present, all authenticated users have TICKET_CREATE and TICKET_MODIFY permissions.

Based on ​https://trac.edgewall.org/wiki/1.3/TracPermissions#TicketSystem that means they also have TICKET_APPEND and TICKET_CHGPROP, but I'm assuming due to the policies, that doesn't match the documentation there, as we don't use the default ticket policy...

I have a feeling that we don't use the default ticket policy as we're running the blackmagic plugin, and as the name suggests.... it's a bit of black magic, I vaguely recall that it doesn't play nicely together.

I feel like we were using ​https://trac-hacks.org/wiki/VirtualTicketPermissionsPlugin in a previous version of Trac, with Blackmagic for some *_IS_REPORTER tweaks, but that was disabled.

This is all 10+ years ago :)

I've tested it, and the permissions we have access to in Trac at present don't allow for self-editing of created tickets, without changing the Trac conf.
I'm hesitant to suggest it though, as it's not a major problem, and since we're already behind on Trac updates, I'd rather any trac time be spent on that... and reporters can preview their tickets before submission. Those who use trac regularly can get elevated permissions, although that's a manual process.

[JoeFusco]

Thanks for digging into this, @dd32 — really appreciate the context on the BlackMagic plugin and the permission policy history.

Totally understand prioritizing the Trac update over config changes like this. Happy to help test if it ever makes sense to revisit after that work lands.

[jorbin]

I think that things are working as expected and this should be closed as wontfix. Modifying a ticket should be a rare event since it can make history hidden and is often used for spamming purposes.