>> I can fix this by giving then AdminUser and ShowConfig but I was >> hoping to avoid this if possible >> >> Does anyone recall if this was an option in 3.8.2? >> >> Is there a config setting that we may have to adjust?
Yeah, this is an unfortunate instance of insufficient granularity in RT's ACLs. I need my queue admins to be able to be able to edit existing users (update addresses, etc), so I've granted them these rights. I see no problem with it though, since there are plenty of other Config Tab things could legitimately use e.g; queue templates; and those they oughtn't have internal checks for SuperUser. The only thing I had to do (still using 3.8.2) was add an overlay on Admin/User/Modify.html that checked for SuperUser before changing a user's password. -- Cambridge Energy Alliance: Save money. Save the planet. Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com