Denying viewing access to certain pages based on user privleges


About a week ago, I posted the question to the list of how you could set
up RT such that specific pages (i.e. Configuration) were only accessible
to specific users. Someone sent me a script (thank you!) and someone
else suggested creating rights for each page(thank you too).

I was thinking about both of these and came up with an obscenely simple
solution ->

For any page you want inaccessible to the common user, do the following:

Copy the index.html page from the Share Directory into the Local
directory (i.e. /share/html/Admin/Users/index.html

Add the following line to the top of the local index.html file:


require Module::Versions::Report;

my $title = loc(‘System Configuration’);

unless ($session{‘CurrentUser’}->HasRight( Object=> $RT::System, Right
=> ‘SuperUser’)) {

Abort(loc(‘This feature is only available to system administrators’));



And it will deny access to anyone who is not a superuser (or other user
group you have chosen)…

This seems to work great and thus I thought I’d throw it back out to the
list in case anyone else was having issues with the same problem.