Possible RTFM rights bug

RT Users
1

I’m configuring RTFM on RT 3.6.0pre1.

All my internal users are members of a group called Internal, and that group has global rights to queues.

I have a user that’s for an external customer login; let’s call it xyz. That user can be assigned rights, is NOT a member of Internal, and has SeeClass and ShowArticle rights to one of the RTFM classes. The user has no Global rights, either in RTFM or RT.

BUT the user can create RTFM articles in that class! Shouldn’t he need the CreateArticle right to do so?

I’m willing to believe I’ve done something dumb, but I checked all this twice (I think!). Is there a good way to diagnose rights issues like this?

Thanks,
…phsiii

2

I’m configuring RTFM on RT 3.6.0pre1.

All my internal users are members of a group called Internal, and that group has global rights to queues.

I have a user that’s for an external customer login; let’s call it xyz. That user can be assigned rights, is NOT a member of Internal, and has SeeClass and ShowArticle rights to one of the RTFM classes. The user has no Global rights, either in RTFM or RT.

BUT the user can create RTFM articles in that class! Shouldn’t he need the CreateArticle right to do so?

I’m willing to believe I’ve done something dumb, but I checked all this twice (I think!). Is there a good way to diagnose rights issues like this?

Thanks,
…phsiii

Although I’ve not used it, there is an extension
(Request Tracker Wiki) that is
supposed to do show you who has rights to what.

HTH

Joshua Colson jcolson@voidgate.org

3

I appreciate the pointer – it actually says it’s been superseded by RTx::RightsMatrix, which I have now installed. Alas, that doesn’t know about RTFM!

I’ll keep tinkering…

…phsiii-----Original Message-----
From: Joshua Colson [mailto:jcolson@voidgate.org]
Sent: Tuesday, April 18, 2006 1:46 PM
To: Phil Smith III
Cc: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Possible RTFM rights bug

On Tue, 2006-04-18 at 13:20 -0400, Phil Smith III wrote:

I’m configuring RTFM on RT 3.6.0pre1.

All my internal users are members of a group called Internal, and that group has global rights to queues.

I have a user that’s for an external customer login; let’s call it xyz. That user can be assigned rights, is NOT a member of Internal, and has SeeClass and ShowArticle rights to one of the RTFM classes. The user has no Global rights, either in RTFM or RT.

BUT the user can create RTFM articles in that class! Shouldn’t he need the CreateArticle right to do so?

I’m willing to believe I’ve done something dumb, but I checked all this twice (I think!). Is there a good way to diagnose rights issues like this?

Thanks,
…phsiii

Although I’ve not used it, there is an extension
(Request Tracker Wiki) that is
supposed to do show you who has rights to what.

HTH

Joshua Colson jcolson@voidgate.org