Side effects of limiting access rights within Queue: wrong search counter, unusual number of displayed lines per page

Hello together,

we have established a fine-granular CF-based access restriction
to a set of tickets within one queue with the help of an overlay
Ticket_Local.pm module enhancing the RT::ticket::CurrentUserHasRight
method.

Unfortunatelly there seem to be some places within the Search code
where a presumption is made that any ticket of a queue is accessible
i.e. the header line output “Found xxx tickets”.

Is the CurrentUserHasRight approach the wrong way of limiting
access?

Any pointers are appreciated!

With best regards,
Guenther

CTO
toplink GmbH
Tel +49.6151.6275.550
Fax +49.6151.6275.199
Mobile +49.171.3317409
Guenther.Schreiner@toplink.de

toplink GmbH | Geschäftsführer Jens Weller | Birkenweg 24 | 64295
Darmstadt
HRB: 86339 RG Darmstadt | UST-IdNr: DE 255 404 760
Powered by toplink:
Testen Sie www.myTelco.de Deutschlands Telefonkonferenzanbieter
ohne Anmeldung und ohne zusätzliche Gebühren.

Hello together,

we have established a fine-granular CF-based access restriction
to a set of tickets within one queue with the help of an overlay
Ticket_Local.pm module enhancing the RT::ticket::CurrentUserHasRight
method.

Unfortunatelly there seem to be some places within the Search code
where a presumption is made that any ticket of a queue is accessible
i.e. the header line output “Found xxx tickets”.

Is the CurrentUserHasRight approach the wrong way of limiting
access?

Any pointers are appreciated!

UseSQLForACLChecks option handles ACLs in SQL. Enabling it fixes a
problems with searches, however your custom code should work with it
enabled as well to get expected results.

With best regards,
Guenther

CTO
toplink GmbH

Tel +49.6151.6275.550
Fax +49.6151.6275.199
Mobile +49.171.3317409
Guenther.Schreiner@toplink.de
www.toplink.de

toplink GmbH | Geschäftsführer Jens Weller | Birkenweg 24 | 64295
Darmstadt
HRB: 86339 RG Darmstadt | UST-IdNr: DE 255 404 760

Powered by toplink:
Testen Sie www.myTelco.de Deutschlands Telefonkonferenzanbieter
ohne Anmeldung und ohne zusätzliche Gebühren.


RT Training Sessions (http://bestpractical.com/services/training.html)

Best regards, Ruslan.

Ruslan,

[…]

Unfortunatelly there seem to be some places within the Search code
where a presumption is made that any ticket of a queue is
accessible

i.e. the header line output “Found xxx tickets”.
[…]
UseSQLForACLChecks option handles ACLs in SQL. Enabling it
fixes a problems with searches, however your custom code
should work with it enabled as well to get expected results.
[…]

Best regards, Ruslan.

100% solved. Thanks for the quick help,

Best regards,
Guenther