[rt-users] How can I prevent users from reading other queue's tickets?

Michael S. Liebman m-liebman at northwestern.edu
Wed Jul 5 08:46:42 EDT 2006


On 7/5/06, Tim Pritlove <tim at ccc.de> wrote:
>
> Hi Gilmar,
>
> thanks for the response
>
> On 04.07.2006, at 17:11, Gilmar Santos Jr wrote:
>
> > Hi Tim,
> >
> > 1. There is more than one permission involved. The "SeeQueue" and the
> > many "ShowTicket*". When someone doesn't have the "SeeQueue"
> > permission
> > it's still possible to see ticket, exactly as you described.
> > Remove the ShowTicket and related from those users that don't have the
> > SeeQueue.
>
>
> > 2. If all users can see all queues that's true. Tickets in a queue you
> > can't see are not shown in your main page...
>
> I do my permission management by assigning people to groups and
> assigning group permissions to queues. So this would mean that people
> who do not belong to a queue should not have a single right on that
> particular queue, right?


It sounds like you have some global or pseudo-group permissions assigned.
Make sure that Everyone, Privledged and Unprivledged groups don't have any
rights assigned. Consider using Todd's RTx::RightsMatrix (
http://search.cpan.org/~HTCHAPMAN/RTx-RightsMatrix/) to help you figure out
where the rights are being inherited from.

Michael
-- 
Michael S. Liebman                      m-liebman at northwestern.edu
                  http://msl521.freeshell.org/
"I have vision and the rest of the world wears bifocals."
        -Paul Newman in "Butch Cassidy & the Sundance Kid"



More information about the rt-users mailing list