[rt-users] Denying viewing access to certain pages based on user privleges.

[Kathryn Axelrod]

Hi.

 

About a week ago, I posted the question to the list of how you could set
up RT such that specific pages (i.e. Configuration) were only accessible
to specific users. Someone sent me a script (thank you!) and someone
else suggested creating rights for each page(thank you too).

 

I was thinking about both of these and came up with an obscenely simple
solution ->

 

For any page you want inaccessible to the common user, do the following:

Copy the index.html page from the Share Directory into the Local
directory (i.e. /share/html/Admin/Users/index.html
/local/html/Admin/Users/index.html)

Add the following line to the top of the local index.html file:

<%init>

require  Module::Versions::Report;

my $title = loc('System Configuration');

unless ($session{'CurrentUser'}->HasRight( Object=> $RT::System, Right
=> 'SuperUser')) {

 Abort(loc('This feature is only available to system administrators'));

} 

</%init>

 

And it will deny access to anyone who is not a superuser (or other user
group you have chosen)...

 

This seems to work great and thus I thought I'd throw it back out to the
list in case anyone else was having issues with the same problem.

 

Regards, 

Kathryn 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20060317/bf06430d/attachment.htm>