[rt-users] open tickets for certain domain-email-adresses

Ken Crocker kfcrocker at lbl.gov
Thu May 14 11:44:47 EDT 2009


Violetta,


    Makes good sense to me. Question, if those requestors are NOT going 
to login to RT, how are they going to "open" a ticket? If you have 
"CommandByMail" set up, they could do it via Email. If not, why not have 
the "Owners" of the tickets open them? I guess where I am confused is 
the activity you are expecting from the requestors and owners. What we 
do is:

Globally grant:

    * Requestors;
          o "ReplyToTicket" (so they can communicate via email to the owner)
          o "SeeQueue" (so they can see what tickets are in a queue)
          o "ShowTicket" (so they can SEE THEIR Ticket in the queue)
    * Owners;
          o "ModifyTicket" (all owners can automatically modify a ticket
            they own. Keeps redundancy of this right at the queue level
            down)

By Queue grant:

    * Support team/group (those that work on the ticket);
          o "CommentOnTicket" (anyone in the group might have an idea
            that helps)
          o "CreateTicket" (anyone in the group may need to create a
            sub-task/child ticket)
          o "OwnTicket" (anyone in the group can take/steal/own a ticket)
          o "ReplyToTicket" (anyone in the group can communicate via
            email on a ticket)
          o "SeeQueue" (intuitively obvious)
          o "ShowOutgoingEmail" (anyone in the group can see the
            communication going on in a ticket)
          o "ShowTicket" (anyone in the group can look at a ticket in
            the queue)
          o "ShowTicketComments" (same as above, only about comments)
          o "StealTicket" (goes with ownership)
          o "TakeTicket" (same thing as above)
          o "Watch" (intuitively obvious)
    * User group (all those damn requestors)
          o "CreateTicket" (anyone in the group can create a ticket)
          o "ReplyToTicket" (anyone in the group can communicate via
            email on a ticket)
          o "SeeQueue" (intuitively obvious. They have to see it to
            create a ticket via Web)
          o "ShowOutgoingEmail" (anyone in the group can see the
            communication going on in a ticket. This could be given JUST
            to the Requestor of the queue, if you do not want other
            requestors seeing email in other tickets in the queue)
          o "ShowTicket" (anyone in the group can look at a ticket in
            the queue or jsut the requestors in the queue. see above)
          o "ShowTicketComments" (same as above, only about comments.
            Could keep this at the requestor level as well)
          o "Watch" (intuitively obvious)


    That's what we do, but our granularity of control may be different 
than yours, especially if your requestors are NOT signing into RT.

    I hope this helps.

Kenn
LBNL

On 5/14/2009 1:45 AM, Violetta J. Wawryk wrote:
> Hi Ken,
>
> thanks for replying.
>
> I will try to describe it more clearly.
>
> The RT has different Queues, let's say Queue A and Queue B.
>
> We don't want the AdminCCs of queue A to know about the existents of 
> queue B and vice versa. This is possible because we don't allow 
> "Everybody" to "Open Tickets" in the certain Queues, just the group 
> "AdminCCforQueueA" for queue A and group "AdminCCforQueueB" for queue B.
> Otherwise they could see the Ticket in RT on the top right corner 
> where it says "New Ticket in" (hope you know what I mean).
>
> But there are still Requestors for queue B that are not AdminCCs, they 
> will not login to the RT to look at their Tickets. Since they are more 
> than 100 of them, and there EMail addresses end with the same domain 
> name we hoped there would be the possibility of a wild card. So every 
> Requestor that writes to that queue and has that domainname can open a 
> Ticket.
>
> I hope this makes it more clear now.
>
> Thanks,
> Violetta
>
>
> Ken Crocker schrieb:
>> Violetta,
>>
>>    I can help, but it's still not clear to me what you want. You say 
>> you only want the Admins (I'm assuming here you mean the AdminCc 
>> Watcher for the Queue) to "See the Queue" and then you mention 
>> something about the users "can change it". Change what? If you only 
>> want AdminCcs to see the queue, how do you expect a User to see a 
>> ticket and change it. I'm confused. I can tell you how to set the 
>> privileges so that the USers can create tickets via Email and NOT see 
>> the Queue, but I really do not understand what you're looking for. 
>> Please give me a more concise description of your Queue setup/usage 
>> and what you want and then I can help.
>>
>>
>> Kenn
>> LBNL
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20090514/3fffb37a/attachment.htm>


More information about the rt-users mailing list