User right to see only one file


we have the 4.2.8 version of Request Tracker.

We search for the possibility to create an user with differents rights.

Indeed this user is an external provider.
There for we wish to only give him the right to see and modify only one file, or category.

We try to not give him admin right, or Priviligied right. But then we cannot see him in the interface.
We try to put him in a different group, but when we try to act on the right of the particular group or on the file’s right, we didn’t succeed.

Could you give us advise to realize this operation ?

Best regards,

By default your user needs to be a privileged user in order to be assigned to a group. You could put this user in a new group where they are the only member and then set group rights appropriately there.

Not sure what you mean by a file though… do you mean a ticket or an attachment or something else?


thank for your reply.

I meant to say “queue” (i have to translate from french).

We have many queues, and one is dedicated to a specific branch.
We have an external provider to deal with this branch.

We created an user and a group for that provider.
We wish he could reply, comment, etc like any other member but, he could only do so on that queue only. He doesn’t have to see ou to be able to access the rest of RT.

We try to modify the group’s rights, ou the queue right, but with no success.
I start to wonder if it’s possible…

It is certainly possible, when you say there was no success do you mean the user has too many rights (Can see other queues) or too few rights ( cannot reply/comment/etc)?


he can see too many queue, and even if we set “his” queue in default.
If he search for an another request, he can see it, reply and comment on it.
We try to give him special right to a particular queue, but i wonder if we should remove his right on the others queues to make it work.

If you’ve given him rights to access those other queues and don’t want him to, then obviously yes, remove those rights.

i didn’t give him anything, i has the right because he’s a Priviligied user.
There for i has access to all queues.
We currently try to remove his right on others queue to see what happen.
BUt we ask ourselves the question about the Global right.

Between Global and group right, which has the final word ?

Don’t just give rights to any privileged user. Put the privileged users into appropriate groups and then give rights to queue access to those groups.

Thank for the intel.

We tried and it’s working. But the user has access to the research fonction, and if he try to find any ticket number, he can, therefor see any queue in a way.
we have to hide somehow the research bar

That is also a right that should be granted at the queue level, if you don’t want a user to be able to see a ticket in a queue then make they do not have the “see queue” right for that queue.

thank you all for the intel

It’s working now, we just have to hide somehow the research bar.
If not, the user can research any ticket et see it. He may not be able to comment or respond, but he can see it and we wish that he couldn’t.

Depending on your workflow you could make it so that the users can only see tickets that they are “Requestors” (Or any other role) on.