[rt-users] User with no WatchAsAdminCc right was added as AdminCc
Gerard FENELON
gerard at eve-team.com
Fri Dec 16 11:53:44 EST 2011
Using RT 3.8.8
On 2011-12-16 17:24, Gerard FENELON wrote:
> Hi
>
> One of my privileged users A was able to add another user B as AdminCc
> even though that second User B does not have the WatchAsAdminCc right
> as far as I can make out.
>
> User B is not privileged.
> User B does not have any rights for that Queue in
> Admin/Queues/UserRights.html
>
> User B belongs to only one group C directly.
> Group C is not included in any other.
> Group C does not have any rights in Admin/Groups/GroupRights.html
> Group C does not have any rights for that Queue in
> Admin/Queues/GroupRights.html
>
> The WatchAsAdminCc right on that queue is only given to User-defined
> groups to which User B does not belong either directly or indirectly.
>
> If I look at the RightsMatrix for User B, he does not have
> WatchAsAdminCc right on any queue.
> If I look at the RightsMatrix for Group C, it does not have
> WatchAsAdminCc right on any queue.
>
> User A has the following rights on that queue C
>
> * CommentOnTicket
> * CreateTicket
> * ModifyTicket
> * OwnTicket
> * ReplyToTicket
> * SeeQueue
> * ShowACL
> * ShowOutgoingEmail
> * ShowTicket
> * ShowTicketComments
> * StealTicket
> * TakeTicket
> * Watch
> * WatchAsAdminCc
>
> *
> *Any ideas where I might have messed up ?
>
> Gerard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20111216/a69810be/attachment.htm>
More information about the rt-users
mailing list