[rt-users] ACL-Restrict access to Display Ticket Content
Behzad Mahini
mahini at apple.com
Tue Dec 15 13:52:34 EST 2009
Ken,
Sorry for the delayed response. See inlines.
Thanks,
Behzad
On Dec 11, 2009, at 12:47 PM, Ken Crocker wrote:
> Behzad,
>
> Two questions:
> 1) Are there any differences between your Global settings and the
> Queue settings in question?
Yes, but not in a contradictory manner as shown below:
Global Queue
------------------------------- -----------------------------------
Everyone CommentOnTicket CommentOnTicket
CreateTicket CreateTicket
ReplyToTicket ReplyToTicket
SeeQueue SeeQueue
Unprivileged
- -
Privileged CreateSavedSearch -
EditSavedSearch -
LoadSavedSearch -
SeeDashboard -
ShowapprovalsTab -
ShowSavedSearches -
SubscribeDashboard -
User defined
ModifySelf As listed in my previous email, I had incrementally
added:
ModifyTicket
OwnTicket
ShowTicket
ShowTicketComments
Watch
WatchAdminCc
> 2) I'm not sure if you are talking about the "Show Results" letting
> users see the Queue or if you are talking about seeing a Queue in
> the drop-down for "Creating a Ticket. If the the first, where do you
> give the right "ShowSavedSearch"?
Here is a clarification for what I am after. From the "RTat a glance"
page,
=>"Quick Search",
a) if you were to click on any of the Queues that show up here, you
will be taken to another page which reflects the number of tickets
found for the selected Queue.
b) At this stage:
b.1) Presently, both the "Ticket No" & "Subject" are hyperlinked.
b.2) As such if you were to select "Ticket No" or "Subject" you
will be taken to a page that contains
all details corresponding to that Ticket (i.e., Ticket Metatdata,
Custom Fields, People, History, reminders, Dates, Links, etc.)
-What I am after, is (using ACL's) to allow the user to get to
stage "b.1" above, but not to be allowed to go to stage "b.2" (i.e.,
"Ticket No" & "Subject" stop
being hyperlinked items). That is I don't want some users to see
all details corresponding to a Ticket, but I want to give them the
chance to see some
high-level attributes (i.e., Ticket No) corresponding to Tickets
in a Queue.
If this is not doable, it may be a "feature request".
>
> Kenn
> LBNL
>
> On 12/10/2009 3:48 PM, Behzad Mahini wrote:
>> Is there a way to restrict access for users such that they could
>> see a Queue (as shown in the "Quick search"), as well as a listing
>> of the Tickets corresponding to that Queue ("Show Results" --
>> Results.html page)? However, no further details & contents about
>> a ticket (i.e., no Ticket metatdata) to be provided once a Ticket
>> is selected from the Results.html or Simple.html page.
>> "ShowTicket" privilege is the one that messes me up.
>>
>> (RT 3.8.4)
>> I tried different ACL combinations (for Queue "X"), and none
>> worked. Presently, I have the following ACL's for Queue "X":
>>
>> Everyone:
>>
>> CommentOnTicket
>> CreateTicket
>> ReplyToTicket
>> SeeQueue
>>
>> Unprivileged
>> -
>> Privileged
>> -
>>
>> User Defined Group:
>>
>> Grp-xyz
>> I started from nothing, and experimented by one-by-one adding
>> the following privileges (as soon as I add "ShowTicket", it
>> defeats what I am after, and
>> without "ShowTicket" the Queue does not appear for the user):
>>
>> ModifyTicket
>> OwnTicket
>> ShowTicket
>> ShowTicketCommenst
>> Watch
>> WatchAsAdminCc
>>
>>
>> Thanks,
>> Behzad
>> _______________________________________________
>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>>
>> Community help: http://wiki.bestpractical.com
>> Commercial support: sales at bestpractical.com
>>
>>
>> Discover RT's hidden secrets with RT Essentials from O'Reilly
>> Media. Buy a copy at http://rtbook.bestpractical.com
>>
>>
More information about the rt-users
mailing list