[rt-users] User with no WatchAsAdminCc right was added as AdminCc
Gerard FENELON
gerard at eve-team.com
Mon Dec 19 13:10:36 EST 2011
Thanks Kevin
Is there a way to prevent this behaviour ?
Sometimes I end up with Customers in AdminCc of tickets ...
Gerard
On 2011-12-19 19:01, Kevin Falcone wrote:
> On Fri, Dec 16, 2011 at 05:24:41PM +0100, Gerard FENELON wrote:
>> Hi
>>
>> One of my privileged users A was able to add another user B as AdminCc
>> even though that second User B does not have the WatchAsAdminCc right as far as I can make
>> out.
> That right only affects your ability to add yourself as an AdminCc
> User A has ModifyTicket, they can add anyone they want as an AdminCc.
>
> -kevin
>
>> User B is not privileged.
>> User B does not have any rights for that Queue in Admin/Queues/UserRights.html
>>
>> User B belongs to only one group C directly.
>> Group C is not included in any other.
>> Group C does not have any rights in Admin/Groups/GroupRights.html
>> Group C does not have any rights for that Queue in Admin/Queues/GroupRights.html
>>
>> The WatchAsAdminCc right on that queue is only given to User-defined groups to which User B
>> does not belong either directly or indirectly.
>>
>> If I look at the RightsMatrix for User B, he does not have WatchAsAdminCc right on any queue.
>> If I look at the RightsMatrix for Group C, it does not have WatchAsAdminCc right on any queue.
>>
>> User A has the following rights on that queue C
>>
>> * CommentOnTicket
>> * CreateTicket
>> * ModifyTicket
>> * OwnTicket
>> * ReplyToTicket
>> * SeeQueue
>> * ShowACL
>> * ShowOutgoingEmail
>> * ShowTicket
>> * ShowTicketComments
>> * StealTicket
>> * TakeTicket
>> * Watch
>> * WatchAsAdminCc
>>
>> Any ideas where I might have messed up ?
>> Gerard
More information about the rt-users
mailing list