Hi Cyrille, That’s a common misunderstanding in OTRS! Group_ro only means that you only need “ro” permissions to access the module. What you can do within the module is not limited or controled by this setting. The module AdminUser doesn’t have a deeper permission concept. If you can access the module you can administrate agents/users, nothing else - no further magic or hacks here. ...
Cheers, Nils
Hi,
I managed to give full access to Customers / Companies modules for regular agents by including them in a newly created group - AgentCcGroup - and then adding this group in the following "Group ro" sections from SysConfig -> Framework -> Frontend::Admin::ModuleRegistration
- Frontend::Module###Admin
- Frontend::Module###AdminCustomerUser
- Frontend::Module###AdminCustomerCompany
Trouble is, the resulting access type is full - i.e. the agents can do any modifications to customer / companies details - and I need the access type to be "read-only". Also, I'm confused by what "Group ro" means as I expected it to mean "read-only" but practice showed me otherwise.
I was guided by this http://forums.otterhub.org/viewtopic.php?f=60&t=7561 solution to the same problem but it doesn't touch too much on the read-only part of my requirement, it just ~implies it should work.
Does anyone know if there is such a thing as "read-only" access to a module in the sense that the user can explore it's GUI but not make changes? (or even better, someone maybe solved this exact problem?)
Thanks,
Bogdan