I think that the problem I see is that the Watcher Roles do two things -
they mean that people get certain email notifications and they also
provide a mechanism for rights application. If one needs/wants to keep
these separate, it can be confusing. For example, if you want some
people to get email about a certain Queue/Ticket, a CC or AdminCC Right
is useful but if you also apply Rights through these Roles, it’s a
problem if you only want them to be able to look at the emails and not
have any more Rights on the Queue/Ticket. My situation is more like
this, I have one Queue per department and two groups per queue:
If a user is a member of Group x-ADMIN, they are also a member of Group
x, to save duplication of Rights between these two groups.
Group x-ADMIN has a few more rights on Queue x than Group x. So I rarely
need permissions on the CC or AdminCC roles and was trying to work out
how these Roles fit in to my schema. Group x has AdminCC on Queue x so
all mail about all tickets is seen by all members of the group. In this
scenario, applying the Rights through the AdminCC role and adding Group
x to this role has the following consequences, it seems:
If I need another Group y to have Rights on Queue x which differ from
the Rights Group x has on Queue x, then there are two possible problems.
If Group y needs more Rights, these Rights have to be added to the
Group y for Queue x, not on the AdminCC Role otherwise Group x gets them
too. This defeats the object of applying the rights through the AdminCC
Role and things start to get messy.
If Group y needs less Rights and Rights are applied through the
AdminCC role of Queue x, this isn’t possible.
Applying the Rights directly to the Groups for Queue x means different
groups can have different Rights on the Queue and if they both have the
(Rights-less) AdminCC role too, they both get the emails.