[rt-users] REST

[Ram Moskovitz]

> > > > I'm using the REST interface as a gateway between my web-app and RT.
>
> > > > It's pretty close to done - the one thing I'm having a problem with is
> > > > assuming the requestor's identity when adding correspondence. By way
> > > > of example:
> > > >
> > > > 1 User logs in to web-app and fills out a support request form
> > > > 2 web-app uses REST account to create ticket OBO of user (set's the
> > > > requestor to be the actual customer's email addres) all the normal RT
> > > > mails go out to the requestor
> > > > 3 Any time the user comes to check on the status of their ticket(s)
> > > > the web-app uses the REST account to query RT and provide a subset of
> > > > the ticket info back
> > > > 4 User may then 'add-correspondence' to the ticket via the web-app in
> > > > which ase the app uses the REST account to add the correspondence to
> > > > the ticket.
> > > >
> > > > The problem is that the correspondence shows that it was added by the
> > > > REST user - is there a reasonable way around this?
> > > Not unless you can log in as the user via the REST interface.
> > > The Perl API allows you to load the ticket as a user and Correspond as
> > > them.
> > > I assume our SelfService interface wasn't sufficient for your needs?
> > > So far you've listed features it has, and it handles Correspondence
> > > correctly.
> > > -kevin
> >
> > I can have the web-app login as the user via the REST interface in
> > theory. Currently the users are auto-created and unprivileged - does
> > that have to change?
> You just have to ensure that they have sufficient rights, probably by
> granting them to the Requestors role.

Will they need to be privileged or have passwords to be usable via REST?