[rt-users] Refine users ticket visibility: view only OWN tickets

Kevin Falcone falcone at bestpractical.com
Sun Aug 24 18:22:37 EDT 2014


On Wed, Aug 20, 2014 at 03:10:20PM +0000, Oriol Soriano wrote:
> Having Global requestor role WITH 'ShowTicket', Queue specific requestor role
> WITH 'ShowTicket' & Queue specific user group 'restricted' WITHOUT
> 'ShowTicket', would result in the user only being able to see those tickets for
> which he is requestor; similarly, only those tickets would be returned in a
> REST API search.
> 
> But, as I already said, having Global requestor role WITHOUT 'ShowTicket',
> Queue specific requestor role WITH 'ShowTicket' & Queue specific user group
> 'restricted' WITHOUT 'ShowTicket', would result in the user not being able to
> see any ticket in the queue; not even those for which he is requestor.
> 
> 
> So, considering the following "right layers" in this case:
> 
> 1. Global rights
> 
> 2. Queue role rights
> 
> 3. Queue user group rights
> 
> Is the queue specific user group rights configuration overriding the same queue
> role rights configuration¿ IE: is the queue user group NOT having the
> 'ShowTicket' overriding the queue role having it?
> 
> 
> If so, how could I implement this configuration Im looking for without having
> to grant that right globally to the requestor role? I would certainly preffer
> not having to do that.

I did the following.

Create a user named Foo who is unprivileged
Create a queue named Test
Grant Requestor ShowTicket from the Test Queue's Group Rights page

Create a ticket in General with Foo as the Requestor
Create a ticket in Test with Foo as the Requestor

Log in as Foo
Get the SelfService UI
See on the ticket in Test with Foo as a Requestor

No other rights were configured other than the rights granted as part
of a base RT install.

This was on 4.2-trunk, which is 4.2.6 plus patches intended for 4.2.7,
however I am not aware of anything that would impact this since 4.2.2.

-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 221 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20140824/d3834451/attachment.sig>


More information about the rt-users mailing list