Hi Chris, Chris Hutchinson wrote:
OTRS version: 2.0.3-01 OS: Windows XP Pro SP2
Evaluating OTRS.
Have set up various groups, roles, users and queues.
It appears that tickets in queues to which a particular user does NOT have 'rw' permission (e.g. only 'ro' permission) are not visible to that user in Queue View (even when the relevant queues are within MyQueues for that user). That's the default setting. You can change this behaviour simply by setting <snip> $Self->{'Ticket::QueueViewAllPossibleTickets'} = '1' </snip> This can easily be done via Sysconfig Ticket -> Frontend::Agent::Ticket::ViewQueue Ticket::QueueViewAllPossibleTickets Yes
However, the tickets CAN be viewed via the Search mechanism. That's true bevause the user has read rights. :-)
Is this intentional, or am I misunderstanding the permissions mechanism?
To give an example:
Role="Support" has 'rw' permissions on group="Prod01". Role="Dev" has 'ro' permissions on group="Prod01".
Queue="Prod01" is associated with Group="Prod01".
User="Fred" is associated with Role="Support". User="Anna" is also associated with Role="Support". User="Bill" is associated with Role="Dev".
All three users have the "Prod01" queue as a member of their own MyQueues collection. There are no specific User<->Group relationships; all permissions are handled by the User<->Role relationships.
User="Fred" creates a phone-ticket (ticket="10100001") in Queue="Prod01".
Ticket="10100001" appears in the QueueView for User="Fred". Ticket="10100001" appears in the QueueView for User="Anna". Ticket="10100001" does NOT appear in the QueueView for User="Bill".
But User="Bill" CAN see the ticket via the Search mechanism.
User="Bill" can also see the ticket if the Role<->Group permissions for Role="Dev" are changed to "rw" for Group="Prod01" (although if the permissions are set on ALL of the standard individual permissions ('ro', 'move into', 'create', 'owner', 'priority') but NOT for 'rw', the user still cannot see the ticket).
Even if I set up specific User<->Group permissions (as well as using the User<->Role relationships), tickets only appear in QueueView if the user in question has the 'rw' permission.
Is this a bug or my misunderstanding of the features?
Chris H.
------------------------------------------------------------------------
_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting für Ihr OTRS System? => http://www.otrs.de/
simply make the change I mentioned above. After that read-rights become view-rights in Queue-View. ;-) Have a nice day. Christopher Kuhn -- ((otrs)) :: OTRS GmbH :: Europaring 4 :: D - 94315 Straubing Fon: +49 (0) 9421 1862 760 :: Fax: +49 (0) 9421 1862 769 http://www.otrs.com/ :: Communication with success!