How to add custom permission checks for certain events like deleting an issue?

Hi everyone,

issues can be deleted by their owner by default and I didn’t found anything to change that. What would be of interest to me would be to disable deletion of issues altogether for everyone or for a group of people only. The important thing is that it’s not necessarily about one person deleting issues of other people, but instead really about some (possibly untrusted) people to delete their own issues. Closing and reopening and closing again might be fine, but not deleting things.

I’ve already read about various hooks and events, but am having trouble to find something useful. Server hooks seem to focus on GIT repos, system hooks seem to focus on infrastructure like projects, group users etc. instead of individual issues, web hooks seem to work on issue level, but don’t seem to provide a delete event and don’t seem to allow to cancel currently running operations at all. File hooks seem to use the same events like system hooks, lacking support for issue deletion.

So, is there any combination of events and hooks which allow me to implement some sort of custom permission checks? Especially disabling issue deletion this way, but possibly other things as well.

I’m wondering as well if hooks are designed to check and prevent things at all? Docs often mention async execution, but e.g. push rules are able to prevent certain operations. I think I would need something like that with custom code, triggered whenever anything happens to issues, so that I might check for deletion and prevent that on my own.


That was a misinterpretation of the documented permissions by me! :slight_smile: The mentioned Owner refers to a project owner and not the author of an issue. I tested that with some Reporter in some project I’m owning and that Reporter is NOT allowed to delete its own issues.

Though, I would still like to know if I’m able somehow to implement custom permissions checks.