[rt-users] 10 newest Unowned tickets

Kenneth Crocker KFCrocker at lbl.gov
Thu Jun 15 12:39:42 EDT 2006


Matthew Hunt wrote:
> Hello all,
>  
> Just a kwik one, I have several queues and several groups, but I only
> want these individual groups to only view the "10 newest unowned
> tickets..." of there group.  At the mo they can see all tickets that
> have not been taken which i do not want.  To make it even more simpler,
> for me and any coding, is that they cannot see this area at all, but
> only look into there own queues from the right hand Quick search bar.
> If any one has any info or coding on this I  would be most grateful.
>
> Many thanks
>   
Matthew,

    Get away from global privileges, except for yourself (set up 
yourself as SuperUser, no one else except maybe a backup). Set up 
groups, like "Queuename-Tech" or "Queuename-Support" and 
"Queuename-User". Put users in these groups as appropriate. Remove all 
individual user privileges at both the Global and Queue level. Set your 
Global group privileges for "EVERYONE" or "PRIVILEGED" (depends on how 
you initially set up users when you add them to RT) to 
ShowOutgoingEmail, CreateSavedSearch, EditSavedSearches, 
LoadSavedSearch, ShowSavedSearches, and ModifySelf (ModifySelf is 
required in conjunction with all the search rights if you want people to 
create and save their own queries). Set up the Global Role of AdminCc 
with the rights you want for all those users running/Administrating a 
Queue (for example; We gave this global role all rights except: 
AdminAllPersonalGroups, AdminCustomField, AdminOwnPersonalGroups, all 
the Search rights because we already gave that to everyone,  
ModifyTemplate, Superuser, and Watch. We did this because we like to 
keep redundant and inconsistent creation of custom fields and group 
names, etc. to a minimum so we do those things ourselves as the 
administrators of RT itself as Superusers). That's it for Global rights. 
Then, go to Configuration, Queues, Group rights and set up the rights 
you want for each role *FOR THAT QUEUE* (for example; *For CC's* - 
SeeQueue, ShowTicket, Watch. *For Requestors* - CreateTicket, SeeQueue, 
ShowTicket, ReplyToTicket,Watch. *For Owners* - CommentOnTicket, 
CreateTicket, ModifyTicket, DeleteTicket, OwnTicket, ReplyToTicket, 
ShowTicket, SeeQueue, ShowTicketComments, ShowTemplate, TakeTicket, 
Watch). Then set up the rights for each *group* you want to have access 
*TO THAT QUEUE* for the kind of access you want them to have and you're 
done. You might want to consider giving the same rights that are listed 
for Owners to your support groups and then you can Remove the rights 
from the Qwner's role (because of redundancy) OR you could just give 
OwnTicket to that group and leave the Owners role with those rights I 
listed. This keeps users from Queues and tickets you don't want them to 
se or mess with. Works great for us. We even have our own Approval Queue 
to act as a filter for requests that should not go to Technical Queues 
at all but could be resolved by a Business Analyst, etc. Hope this helps.

Kenn
LBNL



More information about the rt-users mailing list