[rt-users] befuddling permissions problem...

Lee Whalen law at nellymoser.com
Tue Oct 24 11:23:24 EDT 2006

   So, I've got this really befuddling permissions problem now with my 
RT 3.6.1 setup.  I've got two queues, and four classes of users.  The 
queues are "Customer/Production" and "Internal IT".  The four classes of 
users are "Users", "Customers", "Product Managers", and "Operations". 
Customers should not be able to see anything but their own tickets in 
the "Customer/Production" queue (they don't even know the Internal IT 
queue exists), "Users" should be able to create tickets in the 
"Customer/Production" queue and in the "Internal IT" queue, but only be 
able to see tickets that they are requestors, watchers, or cc'ers of. 
Production managers should be able to see everything in both queues but 
not comment on them, and Operations should be able to do everything.

   Currently, I've got no rights granted for the queue "Internal IT" for 
the system groups "Everyone, Privileged, and Unprivileged".  CC, Owner, 
AdminCC, and Requestor all have ""ShowTicket", and "ReplyToTicket" 
applied, and Users have "CreateTicket" "ReplyTicket" and "ShowTicket" 

   With the above permissions, I create a ticket as my user (who is in 
the operations group) and add a user "joe" as a CC.  Unfortunately, that 
user cannot see the ticket I created for him.  However, if he searches 
for the ticket number he can view it no problem.  To the best of my 
knowledge, there are no other permissions applied on a per-user, 
per-group, or per-queue basis, has anyone else experienced something 
like this?

More information about the rt-users mailing list