Privileged Users by Group

RT Users
4

Greetings,
I had the same problem. I’m migrating from Jira to RT and this is a problem for us. We manage users and groups from LDAP. I didn’t find any plugin yet, bad luck or not enough patience :slight_smile: . I’ll show my workaround here and maybe others can suggest a better solution:

  1. Create a group custom field (I called it PrivilegedGroup) so you can mark those that you want to be privileged. You MUST include any admin (including root) to one of these groups. This field has only two values you can select: yes / no.
  2. Create a sql file (mine is /opt/rt5/local/etc/grupos_privilegiados.sql) with the following sentences. I’m not a DB expert, but this works for me:
update groupmembers set groupid=5 where groupid=4 and memberid in (select memberid from groupmembers where groupid=4 and memberid not in (select memberid from groupmembers where groupid in (select ocf.objectid from objectcustomfieldvalues ocf, customfields cf where ocf.customfield=cf.id and cf.name='PrivilegedGroup' and ocf.objecttype='RT::Group' and ocf.content='yes' and ocf.disabled=0)));
 
update cachedgroupmembers set immediateparentid=5, groupid=5 where groupid=4 and memberid not in (select memberid from groupmembers where groupid=4);

update groupmembers set groupid=4 where groupid=5 and memberid in (select memberid from groupmembers where groupid in (select ocf.objectid from objectcustomfieldvalues ocf, customfields cf where ocf.customfield=cf.id and cf.name='PrivilegedGroup' and ocf.objecttype='RT::Group' and ocf.content='yes' and ocf.disabled=0) and memberid in (select memberid from groupmembers where groupid=5));

update cachedgroupmembers set immediateparentid=4, groupid=4 where groupid=5 and memberid in (select memberid from groupmembers where groupid=4);
  1. Execute the following sentence after LDAP sync or whenever (un)setting PrivilegedGroup in any group:
psql -h YOUR_SERVER -p YOUR_PORT -U YOUR_USER YOUR_DATABASE -f /opt/rt5/local/etc/grupos_privilegiados.sql

I’m using PostgreSQL. You must adapt these sentences and parameters to your DB.

I hope this can help someone.

1 Like