I need to create a role (or group) for users that will have read-only
access to the system. They need to look at a particular queue, look at
the tickets,… but they should not be able to submit tickets, or be
assigned a ticket or participate in the workflow.
I am playing with the queue rights but so far I am not sure how to set that up.
Just give to this group “SeeQueue”, “ShowTicket” and if you want
"ShowTicketComments" on the queue they should have read access. With
this they will be able to see the tickets in the queue, but will not be
available as ticket owner and not able to reply to those tickets or
modify ticket meta-datas.
Of course unless you have other rights set to
privileged/unprivileged/everyone pseudo groups or
Requestor/Owner/Cc/AdminCc roles that give them more rights.