[rt-users] question about SelfServe

Nate Duehr nate at natetech.com
Wed Sep 15 17:53:24 EDT 2004


Hello RT gurus,

I apparently have some permissions set wrong for regular users on my RT 
system.

Up until today we'd never allowed anyone to have web access to the RT 
system other than the people answering tickets. 

I was reading through the Wiki and found this : 
http://wiki.bestpractical.com/index.cgi?AutogeneratedPassword

So I decided to set it up and do some testing.

It works perfectly to send the user the URL and allow them to log in and 
show them their tickets.

However, in the top right of the screen the usual "Go to ticket number" 
submission field is there, and for some reason regular users can put any 
ticket number in there and see those tickets, including Comments.

How can I fix this?  Apparently I have some work to do on the 
permissions.  I tinkered with it for a while, but haven't found an 
intuitive way to do what I want.

Is there any way to tell RT to only allow them to see tickets they have 
created?  Is there additional information I could provide that would 
help someone explain the security permissions to me until I say "Ah-Ha!" 
and the lightbulb goes on over my head?

Thanks in advance,

--
Nate Duehr, nate at natetech.com



More information about the rt-users mailing list