Top 10 view pruned to < 10 by permissions

RT Users
1

I just set up some groups to split off queues from people who don’t
need to see them. However, now the top 10 tickets view shows < 10
tickets to some people because they don’t have permissions to see
them. This looks really funny when they only see 3 tickets when
there are enough for them to see 10 from queues to which they do have
permission.

Is there some way to make that top 10 view really be the 10 that the
user is allowed to see rather than the subset of the top 10 overall?

I just set up some groups to split off queues from people who don’t
need to see them. However, now the top 10 tickets view shows < 10
tickets to some people because they don’t have permissions to see
them. This looks really funny when they only see 3 tickets when
there are enough for them to see 10 from queues to which they do have
permission.

Is there some way to make that top 10 view really be the 10 that the
user is allowed to see rather than the subset of the top 10 overall?

2

-----Original Message-----
From: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] On Behalf
Of Vivek Khera
Sent: Thursday, April 06, 2006 6:38 PM
To: RT-Users list
Subject: [rt-users] top 10 view pruned to < 10 by permissions

I just set up some groups to split off queues from people who don’t
need to see them. However, now the top 10 tickets view shows < 10
tickets to some people because they don’t have permissions to see
them. This looks really funny when they only see 3 tickets when
there are enough for them to see 10 from queues to which they
do have
permission.

Is there some way to make that top 10 view really be the 10 that the
user is allowed to see rather than the subset of the top 10 overall?

Which section are you talking about? If this is the “10 newest unowned
tickets”, what I did was made sure that I only showed tickets in queues
that that could person could own tickets in. Here’s the code I have in
my <%init> section:

<%init>
my $rows = $RT::MyRequestsLength;

This next section of code will limit unowned tickets to only be

those that are in a queue that a user can own tickets in.

my $q = new RT::Queues($session{‘CurrentUser’});
$q->UnLimit;
my @queues;

while (my $queue = $q->Next) {
if ($queue->CurrentUserHasRight( ‘OwnTicket’ )) {
push( @queues, “Queue = '” . $queue->Name . “'” );
}
}

my $Query = “”;

if (@queues) {
$Query = "Owner = ‘Nobody’ AND ( Status = ‘new’ OR Status = ‘open’)
AND ( " . join( " OR “, @queues ) . " )”;
}

my $QueryString = ‘?’ . $m->comp(‘/Elements/QueryString’,
Query => $Query,
Order => ‘DESC’,
OrderBy => ‘Priority’) if ($Query);
</%init>

Hope that solves your problem!

Eric Schultz
United Online

3

Is there some way to make that top 10 view really be the 10 that the
user is allowed to see rather than the subset of the top 10 overall?

The hack that was posted to the list should definitely do what you want.
The reason we can’t do that in “core RT” is that it would really badly
break RT (in a more catastrophic fashion than the current breakage) on
systems with many queues.

The downside of RT having a rich access control system is that it’s not
really plausible to express it entirely inside a SQL query. At least not
inside one that will run in finite time. So we end up having to do the
ACL tests after loading the tickets. We’ve got a design for a sliding
window to keep loading pages of tickets until we get the ones you want.
But it’s still a design.

Jesse

4

The downside of RT having a rich access control system is that it’s
not
really plausible to express it entirely inside a SQL query. At
least not
inside one that will run in finite time. So we end up having to do the

Yeah… I’m now very intimately familiar with the permissions :slight_smile:

I’ll try the other hack. Hopefully 15 queues is not too much to kill
it.