[rt-users] ModifyTicket/Steal/Take privileges

[Jon Baker]

That's what I ended up doing and it looks like it's working great.  Here's the scrip action that I ended up using in case anyone else is looking for the solution:

my $GroupObj = RT::Group->new( $RT::SystemUser );
$GroupObj->LoadUserDefinedGroup( 'IT Admin' );
my $PrincipalObj = RT::Principal->new( $RT::SystemUser );
$PrincipalObj->Load( $self->TransactionObj->Creator );

if($GroupObj->HasMemberRecursively($PrincipalObj)) {
 # IT Admin is allowed to change the owner.
 return;
} else {
 if ($self->TransactionObj->Creator != 1) {
   # User 1 is the RT system, if we've recursed into here we don't want to do it again
   $self->TicketObj->SetOwner($self->TransactionObj->OldValue,'Force');
 }
}

On Feb 17, 2011, at 12:13 PM, rt-users-request at lists.bestpractical.com wrote:

> Jon,
> 
> Well, here's a thought.
> 
> 1) For each Queue you want this type of situation, either make the
> "assigner" the AdminCc, or create a group for just those users allowed to
> assign tickets.
> 2) Then create scrip for that Queue that is conditioned by "ChangeOwner" and
> in the action section, check to see that the actor of this transaction is in
> that "Assigner" group or that they are the AdminCc. If they are, allow the
> change. If not, change the owner back.
> 
> That might work.
> 
> Kenn
> LBNL

-- 
Jon Baker
Systems Administrator
Church on the Move
1003 N 129th E Ave
Tulsa OK 74116
(918) 234-5656




CONFIDENTIALITY NOTICE: This transmission may be confidential and subject to legal privilege.  If you are not the intended recipient of this message, you may not review, disclose, print, copy or disseminate this information. If you have received this in error, please reply and notify the sender (only) and delete the message. Unauthorized interception of this e-mail is a violation of federal criminal law.