Hello,
we use Mantis Bug Tracker not as a normal Bug Tracker, we use MantisBT as system to manage security issues tracker for internal pentest findings. We already filled MantisBT with current security issues but now we need to configure two additional types of users:
(1) The user should only have read access to specific bugs (issues). The best would be that the right depends on specific tags. Would this be possible ? If not, how can I give read access for pre-defined issues to a specific user (group of users) ?
(2) The user should be able to add new information but is not able to edit the main bug description, the user should not be able to set the close status.
I am sorry that I am not a specialist for bug tracker, because I usually don't create code. Maybe someone could provide me with an hint if MantisBT does support the two different requirements.
BR zentos
Security Bug Tracker with user management
Moderators: Developer, Contributor
-
- Posts: 2
- Joined: 24 May 2019, 14:21
Re: Security Bug Tracker with user management
Hello,
is their something I missed to read in the manual.
Every hint is welcome.
BR zentos
is their something I missed to read in the manual.
Every hint is welcome.
BR zentos
Re: Security Bug Tracker with user management
The first thing you could resolve by keeping such issues in a seperate project, what you describe is not an option.
Possibly can be achieved creating a plugin.
Option 2 is also not an option out of the box.
Possibly can be achieved creating a plugin.
Option 2 is also not an option out of the box.
Re: Security Bug Tracker with user management
I think it is possible.
There is "Update an issue" settting on "Workflow Thresholds" page and there are "Minimum Access Level to Change to this Status" settings on "Workflow Transitions" page.
Re: Security Bug Tracker with user management
@atrol, you are right, that could do the trick. In case you want different behavior for different issues, these need to be raised under different projects in order to achieve this.