Using !Group in queue permissions

Our “General” queue needs “everyone” view permissions (as we let
unpriveledged users track their tickets), but people in our external
support group do not want to see those tickets on their “newest unowned
tickets” list.

Short of changing the SQL select statement for that box, is there a way
to set this up using queue permissions?

Thanks,
Graham

Our “General” queue needs “everyone” view permissions (as we let
unpriveledged users track their tickets), but people in our external
support group do not want to see those tickets on their “newest unowned
tickets” list.

Short of changing the SQL select statement for that box, is there a way
to set this up using queue permissions?

Not a way of which I’m aware, but you could modify the unowned tickets
list easily.

Copy <RT_DIR>/share/html/Elements/MyRequests to
<RT_DIR>/local/html/Elements/SupportRequests and modify it however you
like.

Then copy <RT_DIR>/share/html/index.html to
<RT_DIR>/local/html/index.html and modify it.

Use my GroupMembershipCheck code here:
http://wiki.bestpractical.com/index.cgi?GroupMembershipCheck

Then you can do something like this in the index.html. This is what I
use for our network dept, for example.

% $GroupObj->LoadUserDefinedGroup( ‘Network’ );
% my $HasMemberNetwork = $GroupObj->HasMemberRecursively( $PrincipalObj );
% unless ( $HasMemberNetwork ) {
<& /Elements/MyRequests &>
% } elsif ( $HasMemberNetwork ) {
<& /Elements/NetworkRequests &>
% }

Andy Harrison

Oops. This time here’s the attachment that should have gone with my
previous reply. Sorry.On Thu, 16 Dec 2004 15:36:47 -0500 Graham Dunn gdunn@inscriber.com wrote:

Our “General” queue needs “everyone” view permissions (as we let
unpriveledged users track their tickets), but people in our external
support group do not want to see those tickets on their “newest
unowned tickets” list.

Short of changing the SQL select statement for that box, is there a
way to set this up using queue permissions?

Here is a local/html/Elements/MyRequests which overrides the one
supplied in rt-3.2.2. It only lists tickets which are on queues which
are also the names of groups the user is a member of. So as long as your
external support people are not members of a group ‘General’ they will
not be offered those tickets.

It would have been nicer to have a method of determining whether the
current user has a right to own tickets on the queue before listing
those tickets here but I don’t know how to do that. Determining user
rights seems to be somewhat involved and not something one can make a
clause in the Elements/TicketList query. I hope someone will correct me
if I’m wrong.

MyRequests (3.37 KB)

Our “General” queue needs “everyone” view permissions (as we let
unpriveledged users track their tickets), but people in our external
support group do not want to see those tickets on their “newest
unowned tickets” list.

Short of changing the SQL select statement for that box, is there a
way to set this up using queue permissions?

Here is a local/html/Elements/MyRequests which overrides the one
supplied in rt-3.2.2. It only lists tickets which are on queues which
are also the names of groups the user is a member of. So as long as your
external support people are not members of a group ‘General’ they will
not be offered those tickets.

It would have been nicer to have a method of determining whether the
current user has a right to own tickets on the queue before listing
those tickets here but I don’t know how to do that. Determining user
rights seems to be somewhat involved and not something one can make a
clause in the Elements/TicketList query. I hope someone will correct me
if I’m wrong.

It would have been nicer to have a method of determining whether the
current user has a right to own tickets on the queue before listing
those tickets here but I don’t know how to do that. Determining user
rights seems to be somewhat involved and not something one can make a
clause in the Elements/TicketList query. I hope someone will correct me
if I’m wrong.

% my $QueueObj = new RT::Queue( $session{ ‘CurrentUser’ } );
% $QueueObj->Load( 45 );
% if ( $session{CurrentUser}->HasRight( Right => ‘CreateTicket’,
Object => $QueueObj ) ) {
% … some code …
or some html
% }

The $QueueObj->Load is necessary because at this point in the process,
the user is not in a queue. Change the Right from CreateTicket to
whatever you’re interested in checking.

  rightname       

AdminCustomFields
AdminGroup
AdminGroupMembership
AdminQueue
CommentOnTicket
CreateTicket
DeleteTicket
EditSavedSearches
ModifyACL
ModifyOwnMembership
ModifyQueueWatchers
ModifyScrips
ModifyTemplate
ModifyTicket
OwnTicket
ReplyToTicket
SeeQueue
ShowACL
ShowOutgoingEmail
ShowSavedSearches
ShowScrips
ShowTemplate
ShowTicket
ShowTicketComments
StealTicket
SuperUser
TakeTicket
Watch
WatchAsAdminCc

Andy Harrison

I think this would be cleaner:

if ($QueueObj->CurrentUserHasRight(‘CreateTicket’)) {On Wed, Dec 22, 2004 at 03:35:20PM -0500, Andy Harrison wrote:

It would have been nicer to have a method of determining whether the
current user has a right to own tickets on the queue before listing
those tickets here but I don’t know how to do that. Determining user
rights seems to be somewhat involved and not something one can make a
clause in the Elements/TicketList query. I hope someone will correct me
if I’m wrong.

% my $QueueObj = new RT::Queue( $session{ ‘CurrentUser’ } );
% $QueueObj->Load( 45 );
% if ( $session{CurrentUser}->HasRight( Right => ‘CreateTicket’,
Object => $QueueObj ) ) {
% … some code …
or some html
% }

The $QueueObj->Load is necessary because at this point in the process,
the user is not in a queue. Change the Right from CreateTicket to
whatever you’re interested in checking.

  rightname       

AdminCustomFields
AdminGroup
AdminGroupMembership
AdminQueue
CommentOnTicket
CreateTicket
DeleteTicket
EditSavedSearches
ModifyACL
ModifyOwnMembership
ModifyQueueWatchers
ModifyScrips
ModifyTemplate
ModifyTicket
OwnTicket
ReplyToTicket
SeeQueue
ShowACL
ShowOutgoingEmail
ShowSavedSearches
ShowScrips
ShowTemplate
ShowTicket
ShowTicketComments
StealTicket
SuperUser
TakeTicket
Watch
WatchAsAdminCc


Andy Harrison


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Be sure to check out the RT wiki at http://wiki.bestpractical.com