We are running a project for an application with around 150 beta users that we are wishing to migrate to RTC.

Currently, every user is allowed to anonymously submit defects (using Trac). I see two issues if we want to map this to the RTC world, and I would appreciate if someone could share their perspective on this.

1. The smaller issue is that we would have to manually create and maintain user accounts with contributor licenses for each of the beta users. That's a bit inconvenient for us, but not impossible since we know our beta users - so it actually might be a bigger problem for applications that are publicly available.

2. The bigger issue from my POV is that, as far as I understood, every contributor in RTC has complete read access to the whole repository. Browsing the enhancement requests I found out that there are plans for 2.0 to control read access on a per-project-area level. While I think this is absolutely essential, I don't believe it goes far enough, and I'm not completely sure whether this will be covered by the planned enhancements: we want our users to submit defects, but we definitely don't want to grant them read access to the dashboard, iteration plans and especially not the SCM of our project.

The consequence for us is that we must probably keep our users out of RTC, keep Trac in place for user-submitted defects, and introduce (i.e. develop) a semi- or full-automatic replication mechanism between Trac and RTC. If RTC wasn't such an amazing piece of software, we'd probably stop migration considerations at this point.