<div dir="ltr">Hi there,<div><br></div><div>Our RT instances have this basic conf:</div><div>RT 4.2.9, CentOS 6.6, mysql Ver 14.14 Distrib 5.6.22, for Linux (x86_64)</div><div><br></div><div>We are trying to restrict rights as much as possible for "external" users (those having access</div><div>to RT via a custom web application.)</div><div><br clear="all"><div>In terms of group rights, this is what we would like to have:</div><div>1. Everyone -> CreateTicket + ReplyToTicket</div>2. Privileged -> None (empty)</div><div>3. Requestors -> CreateTicket + ReplyToTicket + SeeCustomField + ShowTicket + ModifyCustomField + ModifyTicket</div><div><br></div><div>However, these conf especially Privileged->None seems to be blocking access to custom</div><div>fields.</div><div><br></div><div>Doing a little research I found this:</div><div><a href="http://requesttracker.8502.n7.nabble.com/REST-API-and-WebExternal-Auth-td52611.html">http://requesttracker.8502.n7.nabble.com/REST-API-and-WebExternal-Auth-td52611.html</a><br></div><div><br></div><div>"""</div><div><span style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px">Is the user who is logging in via REST marked as Privileged in the </span><br style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px"><span style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px">admin UI? If not, they don't have access. You'll either need to </span><br style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px"><span style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px">allow Unprivileged users access in the config or mark your users </span><br style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px"><span style="color:rgb(0,0,0);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px">Privileged. </span></div><div><font color="#000000" face="Verdana, Geneva, Helvetica, Arial, sans-serif">"""<br></font><div><br></div><div>So, after marking external users as privileged I found that the configuration shown above</div><div>still doesn't work, only after setting Privileged->SeeCustomField + ModifyCustomField</div><div><br></div><div>Shouldn't the fact that users are 'Requestor' be enough to let them read/write custom fields?</div><div>-- <br></div><div class="gmail_signature"><div dir="ltr">Regards,<br><br>Hugo Escobar<br><br>
<div><a href="http://www.associationfinancialservices.com/" target="_blank"><img src="cid:part1.02030600.00030308@enflyer.com" height="26" width="126" border="0"></a><br><br></div>4770 Biscayne Blvd, Ste 700<br>Miami, FL 33137<br>
<br>main: 305.677.0022<br>support: 305.921.4620<br>email: <a href="mailto:hescobar@afslc.com" target="_blank">hescobar@afslc.com</a><br><br>Follow us on Facebook and Linked-In<br>
<div><a href="http://www.facebook.com/pages/Miami-FL/ASSOCIATION-FINANCIAL/64952991864" target="_blank"><img alt="" src="cid:part1.08060004.03030107@enflyer.com" height="24" width="24" border="0"></a> <a href="http://www.linkedin.com/companies/1006276" target="_blank"><img alt="" src="cid:part2.00090205.04060608@enflyer.com" height="24" width="24" border="0"></a> </div>
<br>NOTICE: This email and any attachment to this email may contain
confidential information. If you are not the intended recipient, you
must not review, retransmit, convert to hard copy, photocopy, use or
disseminate this email or any attachments to it. If you have received
this email in error, please notify us immediately by return email and
delete this message. Please note that if this email contains a forwarded
message or is a reply to a prior message, some or all of the contents
of this message or any attachments may not have been produced by our
firm. <b>As our firm may be deemed a debt collector, if your payment is
in default, we may be attempting to collect a debt on behalf of the
association, and any information obtained may be used for that purpose.</b><br></div></div>
</div></div>