[rt-users] how to stop search displaying tickets the user doesn't have permission to see in the results
john habermann
john.habermann at wilderness.org.au
Tue May 12 22:40:26 EDT 2009
I have just found what appears to be a solution for this problem enabling
the UseSQLForACLChecks in your RT_SiteConfig.pm . Once I enabled this the
unowned search now displays only tickets that the user has permission to see
and any searches you run in simple search will return a result that matches
tickets that you have permission to see. The option does warn about possible
performance issues so will see whether I notice any impact on the system. I
am using rt 3.8.2 and mysql 5.0.
cheers
John
On Wed, May 13, 2009 at 10:18 AM, William Graboyes <
william.graboyes at theportalgrp.com> wrote:
> Howdy John,
>
> From my understanding this is a "feature" of RT, There isn't much one can
> do about it, the settings aren't granular enough to cover what a single user
> has the right to see, high up on my wish list is something along the lines
> of what you are looking for, I would love to be able to limit users to
> viewing only tickets in a certian queue, or even better as we run an "open"
> system here, the ability to say this user can only view his tickets. But
> dreams are dreams, and when you are like me, and I am not a perl coding
> maven, there isn't much you can do about it.
>
> Bill Graboyes
>
>
>
> On Tue, May 12, 2009 at 5:05 PM, john habermann <
> john.habermann at wilderness.org.au> wrote:
>
>> Hi
>>
>> I am having a problem where the unowned search is not restricting its
>> results to only tickets that are in queues the user has the see ticket
>> permission for. This is causing the unowned ticket list to not display any
>> tickets in the rt at a glance page if another queue has 10 more recent
>> unowned tickets in it. It affects any search in rt for example If you search
>> for something in the quick search you get it saying that 5 tickets matched
>> the search but only displaying 1 ticket in the list because 4 of the tickets
>> would be in queues for which the user has no permission to see tickets.
>>
>> I have gone through global permissions and queue permissions trying to
>> figure out how I can control this behaviour but not have not been
>> successful. The 'see queue' and 'show tickets' permission are only set on a
>> per queue basis to the group that is working on that queue. I think I must
>> have broken something though in setting up my permissions as I don't
>> remember this being the initial behaviour of the unowned tickets search.
>>
>> Thanks for any help.
>>
>> --
>> John Habermann
>> Internet Programmer, System Administrator
>> The Wilderness Society Inc
>> http://www.wilderness.org.au
>>
>> _______________________________________________
>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>>
>> Community help: http://wiki.bestpractical.com
>> Commercial support: sales at bestpractical.com
>>
>>
>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
>> Buy a copy at http://rtbook.bestpractical.com
>>
>
>
--
John Habermann
Internet Programmer, System Administrator
The Wilderness Society Inc
http://www.wilderness.org.au
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20090513/3e46c73a/attachment.htm>
More information about the rt-users
mailing list