[rt-users] User Rights conundrum....
Alan Barrett
apb at cequrux.com
Tue Oct 7 05:17:42 EDT 2003
On Mon, 06 Oct 2003, Alan Horn wrote:
> I have a problem that hopefully someone out there can help with :
>
> o Customers submit cases from potentially a variety of email addresses.
>
> o For simplification, we want to give a customer a single login to RT to
> check status on tickets.
I have a similar desire, and have been experimenting with a solution
along the following lines:
* Set permissions so that unprivileged users can use the SelfService
interface to view their own tickets, and tickets for which they are
a CC.
* Create a special RT login for the customer, and let several of the
customer's employees share the password. Give this special account
the ability to access the Selfservice interface. ("Let this user
access RT": yes; "Let this user be given rights": no; Password: not
null). I'll call this "user X" below.
* Let each employee of the customer submit tickets via email as usual.
The email addresses from which they do this will not have any rights
in RT (not even the ability to access the SelfService interface). I'll
call them users A, B and C below.
* Write a scrip that adds user X as a CC on tickets created by users
A, B and C. At present, I have all the email addresses hard coded
in the scrip, with logic like "if requestor matches this regexp then
add the following CC". It would be nice to have a more scalable way
of doing this, perhaps via extra fields in the database (which the
scrip could use), or via the "delegation" system (such as a way of
saying "User A delegates to user X all rights that user A would have
as the requestor or CC of any ticket").
* Now, when users A, B, or C at the customer submit tickets, the scrip
adds user X as a CC. User X can use the SelfService interface to
see all the tickets raised by users A, B or C.
--apb (Alan Barrett)
More information about the rt-users
mailing list