[rt-users] Public read-only acccess to tickets

[Andrew Foster]

Hi Bruce,

> > There's no "official" way/option/etc at the moment, though something may
> > be in the works for the rt.cpan.org migration we're doing.  For now I
> > suggest you create a user "guest" with password "guest" and publicize
> > that on the login page.  Make sure the guest user only has rights to see
> > things, not modify stuff (including itself, so guests can't change the
> > password and lock other guests out).
> 
> We are using RT 3.4.1 as packaged for Debian stable (sarge).  I am
> looking at the Configuration>Users page and I can't see how I set
> things so this guest user is not able to modify their own password, or
> create new requests.

I imagine what you want is the Config > Global (or for finer-grained
control, Queues > The Queue) > User Rights. Check out the list of
grantable rights there; you probably don't want much more than the
SeeQueue and ShowTicket rights enabled. 

Keep in mind that if you've already enabled more generous permissions
than that on a global level, the right-inheritance model of RT's ACLs
won't allow you to then /limit/ those rights at a per-queue basis. 

I think the ModifySelf permission is the one you're after for users
changing their own password & details.

Cheers,

- Andrew