[rt-users] "Modify Ticket" permissions too broad?

Ruslan Zakirov ruslan.zakirov at gmail.com
Wed Jul 1 11:29:29 EDT 2009 

Checkout StrictLinkACL in the config.

On Tue, Jun 30, 2009 at 10:38 PM, Nick
Kartsioukas<change+lists.rt at nightwind.net> wrote:
> I'm finding the "modify ticket" permission setting is too broad for some
> situations.  Here's my issue...
>
> Let's say I have two queues, A, and B.  I have a group associated with
> each queue as the "responsible" group (as in this group will handle
> tickets in each queue, so they can own tickets, close them, etc).
> However, sometimes someone from group A may need to create a ticket in
> queue B that relates to a project they're working on, and they'll want
> to link a ticket they own to that other ticket as a dependency.
>
> Ticket 1 in queue A owned by Adam (member of queue A group).  Adam needs
> Bob in queue B to complete a task for him, this task must get done for
> ticket 1 to continue.  So Adam creates ticket 2 in queue B, and wants to
> make it a dependency of ticket 1.  However, in order to link the
> tickets, Adam needs "modify ticket" permissions in queue B, but we don't
> want Adam to be able to resolve/delete tickets in queue B, or reply to
> tickets in queue B on which he isn't the requester.  I don't want to
> give requester the ModifyTicket right, as then unprivileged end
> users/customers would be able to close their own tickets, which we don't
> want.
>
> As far as I can tell, there's no way to do this.  Is that correct, or am
> I missing something?
>
> Permissions are set like this:
> Queue A:
> Owner has ModifyTicket, ReplyToTicket
> Requester has ReplyToTicket, ShowTicket
> Group A has AssignCustomFields, CommentOnTicket, CreateTicket,
> OwnTicket, SeeQueue, ShowOutgoingEmail, ShowTicket, ShowTicketComments,
> StealTicket, TakeTicket, Watch, WatchAsAdminCc
> Group B has CreateTicket, SeeQueue, ShowTicket, ShowTicketComments
>
> Queue B is the same, the permissions for groups A and B are just
> swapped.
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales at bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
>



-- 
Best regards, Ruslan.

More information about the rt-users mailing list