The sanctitity of the comment confessional is not absolute

Had the following Scrip:

OnComment NotifyAllWatchersAsComment with template AdminComment

However, requestors are considered “watchers”, so comment was sent to an
external requestor.

Where’s the prevent-user-from-shooting-own-foot-safety?

@alex
mailto:dupuy@sysd.com

Alexander Dupuy wrote:

OnComment NotifyAllWatchersAsComment with template AdminComment

That’s not usually advisable, but…

However, requestors are considered “watchers”, so comment was sent to an
external requestor.

Where’s the prevent-user-from-shooting-own-foot-safety?

… there may well be cases when it is required, and trying
to prevent it would break that usage. Not everybody uses
comments as not-for-requestor-eyes. That’s the power of RT -
it can be used in all kinds of creative ways.

Besides, the logic to prevent one from doing that would be
quite hairy, I’d imagine.
Phil Homewood, Systems Janitor, www.SnapGear.com
pdh@snapgear.com Ph: +61 7 3435 2810 Fx: +61 7 3891 3630
SnapGear - Custom Embedded Solutions and Security Appliances

I wrote:

OnComment NotifyAllWatchersAsComment with template AdminComment

However, requestors are considered “watchers”, so comment was sent to
an external requestor.

Where’s the prevent-user-from-shooting-own-foot-safety?

Phil Homewood replied:

… there may well be cases when it is required, and trying to
prevent it would break that usage. Not everybody uses comments as
not-for-requestor-eyes. That’s the power of RT - it can be used in
all kinds of creative ways.

While it might be true that not everybody uses it that way, the web
interface has “Comments (Not sent to requestors)” as one of the
selection choices for update type. That certainly creates a strong
expectation that it won’t do so, even if I set up some ill-advised scrips.

If the RT design is that not sending comments to requestors is just a
default configuration, and users are free to use comments in a different
way, perhaps that selection choice should be changed to “Comments (Not
usually sent to requestors)”. Otherwise, it would be a good idea to put
a “safety” check somewhere to prevent comments from going out to requestors.

It also wouldn’t hurt to have some mention in RTFM and other RT docs of
the fact that the distinction between comment and response is purely one
of convention, and can easily be subverted with the right (wrong) scrips.

Having removed the NotifyAllWatchersAsComment, and replaced it with
NotifyOwnerAsComment and NotifyAdminCcsAsComment, it seems that the only
way to send comments to CCs is NotifyRequestorsAndCcsAsComment, so the
"power of RT" seems a bit limited here (but as I think CCs are taken
from the original mail and may include other people at the customer
site, this is probably a good thing).

At least with that action you get fair notice that comments will be sent
to requestors - perhaps NotifyAllWatchersAsComment could be hacked to
not include requestors, and a NotifyRequestorsAndAllWatchersAsComment
with the old semantics could be
added.

@alex