Re: [rt-users] 3.8.7 Internal Server Error
>> I can fix this by giving then AdminUser and ShowConfig but I was >> hoping to avoid this if possible >> >> Does anyone recall if this was an option in 3.8.2? >> >> Is there a config setting that we may have to adjust? Yeah, this is an unfortunate instance of insufficient granularity in RT's ACLs. I need my queue admins to be able to be able to edit existing users (update addresses, etc), so I've granted them these rights. I see no problem with it though, since there are plenty of other Config Tab things could legitimately use e.g; queue templates; and those they oughtn't have internal checks for SuperUser. The only thing I had to do (still using 3.8.2) was add an overlay on Admin/User/Modify.html that checked for SuperUser before changing a user's password. -- Cambridge Energy Alliance: Save money. Save the planet. Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] 3.8.7 Internal Server Error
On Tue, Apr 27, 2010 at 10:30:45AM -0400, Joe Kirby wrote: > According to my HelpDesk staff they were able to click the link when > in the People Section of a ticket and it would bring up the user > info and they can no longer do that without increased privileges. > > I can fix this by giving then AdminUser and ShowConfig but I was > hoping to avoid this if possible > > Does anyone recall if this was an option in 3.8.2? > > Is there a config setting that we may have to adjust? They really shouldn't even get a link unless the users have ShowConfigTab and AdminUsers in the first place (from 3.8.6 and newer). You most likely want to just put whatever info your users want into the 'More About This User' box and avoid having them walk around in the admin UI. There are callbacks available. -kevin pgpeeF41i4o5Q.pgp Description: PGP signature Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] 3.8.7 Internal Server Error
According to my HelpDesk staff they were able to click the link when in the People Section of a ticket and it would bring up the user info and they can no longer do that without increased privileges. I can fix this by giving then AdminUser and ShowConfig but I was hoping to avoid this if possible Does anyone recall if this was an option in 3.8.2? Is there a config setting that we may have to adjust? Thanks Joe Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com