I installed RTFM-2.0.4.tar.gz on top of RT 3.2.2. Either I am missing
something simple, or there are bugs in RTFM with setting rights in RTFM. We
love the product, but this situation makes it difficult to use it for a
large population of general users. We really would love to identify fixes.
- I started with a user who had no ACL’s for RTFM at all. I found that I
do the following, none of which I think should be possible for a user with
no ACL’s:
- see article title and description from overview
- select article from overview
- see article history
- modify article title and description
- see custom fields
- modify custom field descriptions, fields, values, etc.
- By adding ACL’s individually so that only one ACL was present at any
time, the following ACL’s made no changes in rights from what was present
above in #1
- AdminClass
- AdminValues
- CreateArticle
- ModifyArticle
- ShowArticle
- ShowArticleHistory
- ShowCustomField
Attached is a spreadsheet mapping rights to ACL’s:
<<rtfm_privs_chart.xls>>
Can these problems be rectified so that we can truly restrict which rights
general users have? THANKS!
rtfm_privs_chart.xls (19 KB)
What RT rights did your user have? Was he, perhaps, a SuperUser?On Oct 19, 2004, at 12:18 PM, Hanson, Dave wrote:
I installed RTFM-2.0.4.tar.gz on top of RT 3.2.2. Either I am missing
something simple, or there are bugs in RTFM with setting rights in
RTFM. We love the product, but this situation makes it difficult to
use it for a large population of general users. We really would love
to identify fixes.
-
I started with a user who had no ACL’s for RTFM at all. I found
that I do the following, none of which I think should be possible for
a user with no ACL’s:
◦ see article title and description from overview
◦ select article from overview
◦ see article history
◦ modify article title and description
◦ see custom fields
◦ modify custom field descriptions, fields, values, etc.
-
By adding ACL’s individually so that only one ACL was present at
any time, the following ACL’s made no changes in rights from what was
present above in #1
◦ AdminClass
◦ AdminValues
◦ CreateArticle
◦ ModifyArticle
◦ ShowArticle
◦ ShowArticleHistory
◦ ShowCustomField
Attached is a spreadsheet mapping rights to ACL’s:
<<rtfm_privs_chart.xls>>
Can these problems be rectified so that we can truly restrict which
rights general users have? THANKS!
<rtfm_privs_chart.xls>_______________________________________________
The rt-users Archives
Be sure to check out the RT wiki at http://wiki.bestpractical.com