Isn't this a bug? Or is it really intended for ModifyTicket to have
ReplyToTicket rights?
-Max
(Patch attached)
On Nov 30, 2007 5:41 AM, Todd Chapman <[EMAIL PROTECTED]> wrote:
> Max,
>
> I just reviewed the relevant RT code:
>
> sub Correspond {
> my $self = shift;
> my %args = ( CcMessageTo => undef,
> BccMessageTo => undef,
> MIMEObj => undef,
> Content => undef,
> TimeTaken => 0,
> @_ );
>
> unless ( ( $self->CurrentUserHasRight('ReplyToTicket') )
> or ( $self->CurrentUserHasRight('ModifyTicket') ) ) {
> return ( 0, $self->loc("Permission Denied"), undef );
> }
>
>
> As you can see, ModifyTicket is all you need to reply to a ticket. I
> don't know why that is but you could change the code.
>
>
> On 11/29/07, Max Clark <[EMAIL PROTECTED]> wrote:
> > Todd,
> >
> > Great tool - unfortunately the display show the rights that I expect
> > to see - no user or group has ReplyToTicket rights on this queue. What
> > else should I be looking at?
> >
> > Thanks,
> > Max
> >
> > On 11/29/07, Todd Chapman <[EMAIL PROTECTED]> wrote:
> > > The extension RTx::RightsMatrix can help you understand how any
> > > individual has gained rights in RT. Plus, the author is a really cool
> > > guy. ;)
> > >
> > > http://search.cpan.org/~htchapman/RTx-RightsMatrix-0.03.00/lib/RTx/RightsMatrix.pm
> > >
> > > On 11/29/07, Max Clark <[EMAIL PROTECTED]> wrote:
> > > > Okay - I can live with the links still appearing, but I can reply
> > > > (correspond) on the ticket even without the ReplyToTicket permission.
> > > > That is a problem.
> > > >
> > > > On Nov 29, 2007 2:48 PM, Todd Chapman <[EMAIL PROTECTED]> wrote:
> > > > > Permissions are not checked when rendering the links, only when the
> > > > > action is attempted.
> > > > >
> > > > >
> > > > > On 11/29/07, Max Clark <[EMAIL PROTECTED]> wrote:
> > > > > > Hello,
> > > > > >
> > > > > > I want to assign permissions for a group to be able to manage
> > > > > > tickets
> > > > > > in a queue and comment on them but not reply. I've assigned the
> > > > > > group
> > > > > > the following rights on the queue:
> > > > > >
> > > > > > CommentOnTicket
> > > > > > CreateTicket
> > > > > > DeleteTicket
> > > > > > OwnTicket
> > > > > > SeeQueue
> > > > > > ShowOutgoingEmail
> > > > > > ShowTicket
> > > > > > ShowTicketComments
> > > > > > StealTicket
> > > > > > TakeTicket
> > > > > > Watch
> > > > > > WatchAsAdminCc
> > > > > >
> > > > > > (Note absense of "ReplyToTicket")
> > > > > >
> > > > > > However when I login as a user in this group and view a ticket I
> > > > > > still
> > > > > > see options/links to and the ability to reply. What am I missing
> > > > > > here?
> > > > > >
> > > > > > Thanks,
> > > > > > Max
> > > > > >
> > > > > > (I'm running version 3.6.5)
> > > > > > _______________________________________________
> > > > > > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> > > > > >
> > > > > > SAVE THOUSANDS OF DOLLARS ON RT SUPPORT:
> > > > > >
> > > > > > If you sign up for a new RT support contract before December 31,
> > > > > > we'll take
> > > > > > up to 20 percent off the price. This sale won't last long, so get
> > > > > > in touch today.
> > > > > > Email us at [EMAIL PROTECTED] or call us at +1 617 812 0745.
> > > > > >
> > > > > >
> > > > > > Community help: http://wiki.bestpractical.com
> > > > > > Commercial support: [EMAIL PROTECTED]
> > > > > >
> > > > > >
> > > > > > Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> > > > > > Buy a copy at http://rtbook.bestpractical.com
> > > > > >
> > > > >
> > > >
> > >
> >
>
--- Ticket_Overlay.pm Tue Aug 7 20:38:47 2007
+++ Ticket_Fix.pm Fri Nov 30 18:19:18 2007
@@ -2343,8 +2343,7 @@
TimeTaken => 0,
@_ );
- unless ( ( $self->CurrentUserHasRight('ReplyToTicket') )
- or ( $self->CurrentUserHasRight('ModifyTicket') ) ) {
+ unless ( $self->CurrentUserHasRight('ReplyToTicket') ) {
return ( 0, $self->loc("Permission Denied"), undef );
}
_______________________________________________
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
SAVE THOUSANDS OF DOLLARS ON RT SUPPORT:
If you sign up for a new RT support contract before December 31, we'll take
up to 20 percent off the price. This sale won't last long, so get in touch
today.
Email us at [EMAIL PROTECTED] or call us at +1 617 812 0745.
Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]
Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
Buy a copy at http://rtbook.bestpractical.com
