[rt-users] Help - RTFM bugs with Rights ?
Jesse Vincent
jesse at bestpractical.com
Tue Oct 19 16:32:22 EDT 2004
What RT rights did your user have? Was he, perhaps, a SuperUser?
On Oct 19, 2004, at 12:18 PM, Hanson, Dave wrote:
> I installed RTFM-2.0.4.tar.gz on top of RT 3.2.2. Either I am missing
> something simple, or there are bugs in RTFM with setting rights in
> RTFM. We love the product, but this situation makes it difficult to
> use it for a large population of general users. We really would love
> to identify fixes.
>
> 1) I started with a user who had no ACL's for RTFM at all. I found
> that I do the following, none of which I think should be possible for
> a user with no ACL's:
> ◦ see article title and description from overview
> ◦ select article from overview
> ◦ see article history
> ◦ modify article title and description
> ◦ see custom fields
> ◦ modify custom field descriptions, fields, values, etc.
>
>
>
> 2) By adding ACL's individually so that only one ACL was present at
> any time, the following ACL's made no changes in rights from what was
> present above in #1
> ◦ AdminClass
> ◦ AdminValues
> ◦ CreateArticle
> ◦ ModifyArticle
> ◦ ShowArticle
> ◦ ShowArticleHistory
> ◦ ShowCustomField
>
> Attached is a spreadsheet mapping rights to ACL's:
> <<rtfm_privs_chart.xls>>
> Can these problems be rectified so that we can truly restrict which
> rights general users have? THANKS!
> <rtfm_privs_chart.xls>_______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Be sure to check out the RT wiki at http://wiki.bestpractical.com
More information about the rt-users
mailing list