[rt-users] user's rights on tickets
Toni Mueller
support at oeko.net
Thu Sep 30 06:19:34 EDT 2010
Hi,
On Thu, 30.09.2010 at 07:56:27 +0200, Emmanuel Lacour <elacour at easter-eggs.com> wrote:
> to let the requestor see the tickets they created, just set ShowTicket
> right to role group "Requestor" in global or per queue group rights.
thank you, that worked.
> to revoke this right when ticket is taken ... that needs code changes.
I have encountered some questions which are hopefully answered in the
book, although I don't have it yet. I'd like to share the questions
nonetheless, though, and would eg. much appreciate if someone could
tick them off as "read the book", or "maybe in 4.0/5.0", or eg. "wrong
tree".
So far, we were/are working with roundup, and thus my idea about how a
TTS should work, or my habits using one, might be skewed... Likely I've
just not yet taken in the way RT works.
Anyway, off the top of my head and in no particular order:
* I (think I) need custom permissions and custom roles. Eg. if an email
comes in, I'd like to grant the requestor role based on the value of
a custom field and the email, so one person out of a group can open
a ticket, and anyone in the group can reply by email.
* I would like to restrict access to individual fields of a ticket in a
way that peole with certain roles can only see and/or set a subset of
values. Eg. I'd like to grant "resolve" and "reject" to Requestor,
but not "re-open" or similar. Or, with CustomFields, I'd like to be
able to allow Requestor to set a custom field to one, or several,
values out of a subset of possible values, but only once (eg. to
mark a ticket as relevant for an SLA), while disallowing him/her to
change their mind later.
I'd like to have a track record of all such activity.
I thought this could be modelled with a certain permission, like eg.
"SelectAttributeOutOfSubsetOnce", and grant this to someone having a
role of eg. "ForeignUser", which is calculated across their user's
attributes (like eg. email + some custom fields). Using groups
instead of roles could quickly become unwieldy, but would probably
require less customization, and is less flexible (of course).
* I would like to grant some people to add more users of their
organisation (company), but they should be limited to have eg. their
association set in a custom field, not changable by that user, and
he should also not be able to grant more rights to them, but less
(eg., prevent them from removing (their own) user(s)). IOW, I'd like
to have hierarchical user management.
* I do not yet understand how to select widgets for fields in RT. Eg.
for a custom field which can take one of several values, I'd like to
be able to choose a drop-down selection widget, or a set of radio
buttons. So far, I get a multi-selection field, which is dead ugly.
It also looks like I have to dive into the templates to re-arrange
the widgets. Plus, RT imho seems to be quite wasteful of screen
real estate (book?).
* I'd like to attach logic to certain fields, like applying pre-set
expiry/escalation strategies and so on, depending on the field's
value, or on the combination of values for a set of fields (book?).
Last but not least, my RT is not really operational right now. So far,
it's a semi-working toy installation. Is it advisable to take the
plunge and upgrade to 3.9.x now, or will it be safer to get it working
first and upgrade later? For 4.0 some massive changes were announced,
but I can't yet understand the full impact. I also expect less
documentation and more bugs, and a cleaner architecture. Would you run
your production tracker(s) on 3.9?
TIA!
Kind regards,
--Toni++
More information about the rt-users
mailing list