I’m running RT, v 3.6.0 on RHEL ES v4.
I’m setting up this RT instance to authenticiate users through my
University’s web-based authenticiation system, then give them limited
access so they can create tickets.
Long story short, my goal is to not allow (unprivleged) users to
modify the “Requestor” field for a new ticket that they are creating.
The only way that I could think of was to create and modify a
/local/html/SelfService/Create.html file, doing something like adding
DISABLED to the end of the input tag for that field. I realize it’s
theoretically possible for a savvy user to modify the headers (or
thier browser) and thus thwart this protection, but that risk is one
that I guess I’d be willing to take - I’m more concerned about it
getting accidentally changed by a user.
Is there a better way to do this within the interface of RT, or is
this the best way?