Goto Ticket and Configuration

  1. Should any user be able to goto any ticket? If you put in a number in
    the Goto Ticket field, you can goto it, even if you don’t have permissions
    set on the queue the ticket belongs to.

  2. Why can all users see the configuration option? This seems a little
    confusing. Any user appears to be able to run down a whole list of
    configuration options, but when they try to commit it, it says permission
    denied. Is there a patch to take this link off the page?

System: Slackware 8.0 Linux
Version: Rt 2.0.11

Thanks,
Brad Teale
Universal Weather and Aviation, Inc.
mailto:bteale@univ-wea.com
713-944-1440 ext. 3623

Hi Brad,

Brad Teale wrote:

  1. Why can all users see the configuration option? This seems a little
    confusing. Any user appears to be able to run down a whole list of
    configuration options, but when they try to commit it, it says permission
    denied. Is there a patch to take this link off the page?

For our purposes I solved this with a quick hack in the file
Elements/Tabs.
I added line 7,102 and 123-125.

Line 6 - 11
% foreach $tab (sort keys %{$toptabs}) {
% if (($tab eq ‘D’) && $notPrivileged) { next; }



[<A

Line 100 - 103
<%INIT>
my ($tab, $action);
my $notPrivileged = 1;
my $toptabs = …

and

Line 123 - 125

if ($session{‘CurrentUser’}->HasSystemRight(‘ModifySelf’)) {
$notPrivileged = 0;
}

In our system only admins have the right to modify themselfs (and
others) and therefore only they can see the configuration :slight_smile:

It is not very sophisticated, but it works.

Harald Koll�ra

Dr. Harald Koll�ra
Professional Services
fun communications GmbH
Brauerstrasse 6 76135 Karlsruhe Germany
Tel: +49 721 964480 Fax: +49 721 96448-299
email: harald.kollera@fun.de http://www.fun.de/

I trust in http://www.keytrust.de