Hi,
We would like to implement a scheme with agents having all the
permissions on some queues (i.e. 'rw' permission on Main queues)
but not on secondary queues on which they should be only allowed
to read, reply and change owner, but not to close the tickets. We
want also to allow the 'move_to' permission onto any queue.
For example, consider the next scenario: a 3-queue scheme with 3
agents.
Agent1: is allowed to do everything on the main queue Q1. He can
colaborate on the Q2 (secondary), and have no access to Q3
Agent2: is allowed to do everything on Q1 and Q2, and is
colaborator on Q3
Agent3: Main queues Q2 and Q3, and secondary queue Q1.
To achieve this, I've done the following:
* Add 'close' and 'compose' permissions (before 'rw) on
Ticket->Core::Ticket System::Permission
* Change Frontend::Agent::Ticket::ViewQueue
Ticket::QueueViewAllPossibleTickets to 'Yes', to allow agents to
see the tickets in the 'ro' Queues.
Then I've created many roles:
Main1role: with all the permissions on Q1
Sec1role: with the permissions: ro, move_into, note, owner and
compose
... (same with the other queues).
And finally set Agent-Role relations:
* User1: Main1role, Sec2role
* User2: Main1role, Main2role, Sec3role
* User3: Sec1role, Main2role, Main3role
Now,
* Agents are allowed to do everything in their main queues (as
expected) and to see the tickets in the secondary queues they need
to go to the 'Queue View' (they do not see them in the dashboard).
That's right.
*Agents are able to read a ticket, and reply and, from the
begining, they do not have the 'Close' option in the ticket menu
on secondary queues. As expected. That's right also.
* But, when they reply a ticket of a secondary queue, they are
able to choose as 'Next ticket state' the closed state, and close
the ticket. This is strange, because the agent has not the 'close'
permission on this queue.
Moreover, after replying a ticket, the user becomes owner and
then he is able to see the 'Close' option in the ticket menu, and
also to close the ticket, and he should not, as in the previous
case.
Can you help me to make this scheme work?
Regards,
Manuel Martínez