[rt-users] Help - RTFM bugs with Rights ?

Jesse Vincent jesse at bestpractical.com
Tue Oct 19 16:32:22 EDT 2004


What RT rights did your user have? Was he, perhaps, a SuperUser?


On Oct 19, 2004, at 12:18 PM, Hanson, Dave wrote:

> I installed RTFM-2.0.4.tar.gz on top of RT 3.2.2.  Either I am missing 
> something simple, or there are bugs in RTFM with setting rights in 
> RTFM.  We love the product, but this situation makes it difficult to 
> use it for a large population of general users.  We really would love 
> to identify fixes.
>
> 1) I started with a user who had no ACL's for RTFM at all.  I found 
> that I do the following, none of which I think should be possible for 
> a user with no ACL's:
> 	◦ 	see article title and description from overview
> 	◦ 	select article from overview
> 	◦ 	see article history
> 	◦ 	modify article title and description
> 	◦ 	see custom fields
> 	◦ 	modify custom field descriptions, fields, values, etc.
>
>
>
>  2) By adding ACL's individually so that only one ACL was present at 
> any time, the following ACL's made no changes in rights from what was 
> present above in #1
> 	◦ 	AdminClass
> 	◦ 	AdminValues
> 	◦ 	CreateArticle
> 	◦ 	ModifyArticle
> 	◦ 	ShowArticle
> 	◦ 	ShowArticleHistory
> 	◦ 	ShowCustomField
>
> Attached is a spreadsheet mapping rights to ACL's:
>       <<rtfm_privs_chart.xls>>
>  Can these problems be rectified so that we can truly restrict which 
> rights general users have?  THANKS!
> <rtfm_privs_chart.xls>_______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Be sure to check out the RT wiki at http://wiki.bestpractical.com



More information about the rt-users mailing list