[rt-users] TicketSQL -- how to search for a member of a group?

2017-01-13 Thread Barton Chittenden
My question touches on some issues that are similar to "Search for open
tickets last updated by requestor" (https://lists.gt.net/rt/users/51042)

I have a search set up for closed bugs updated within the last day, where
the update is not by the current user:

Owner = '__CurrentUser__'
AND LastUpdatedBy != '__CurrentUser__'
AND LastUpdated > '1 day ago'
AND Status != 'new'
AND Status != 'open'
AND Status != 'onhold'
AND Status != 'needsinfo'

We have this as part of a dashboard that's sent daily to staff -- we want
to alert the staff of any closed tickets that some requester has touched.

That's all well and good, but there are times when tickets get mass-updated
by members of our staff, and because that staff member is not
__CurrentUser__, we get spammed by those.

We do have a group called 'Staff', so I should be able to do something like

Owner = '__CurrentUser__'
AND LastUpdatedBy != '__CurrentUser__'
AND LastUpdated > '1 day ago'
AND Status != 'new'
AND Status != 'open'
AND Status != 'onhold'
AND Status != 'needsinfo'

... I just need to know how to express " IS NOT A MEMBER OF STAFF" as

... this was touched upon as a possible solution for "Search for open
tickets last updated by requestor", but the syntax wasn't given.



[rt-users] Permissions for Queue Admins

2017-01-13 Thread Tim Gustafson

Our RT installation has recently had a large influx of new queues and
groups, and I'd like to delegate some of the day-to-day maintenance of
things to certain people within those groups so that I'm not doing
data entry for everyone.

For each logical group of folks, I've created an "Admins" group, for
example: "Engineering RT Admins", "Humanities RT Admins" and so on.

In global rights, I've given that group access to "Show Admin Menu",
"View Scrips" and "View Scrip Templates" and "Allow writing Perl code
in templates, scrips, etc".

For each engineering queue, I've given that group full control - all
boxes are checked in the queue configuration under "group rights" for
that queue, primarily so they can modify their scrips and templates.

For each engineering group, I've given that group full control as
well, so that they can add and remove members as needed.

My question has a few parts:

1. Are there any other "global" rights that I should be assigning
these folks?  Are there any dangers/pitfalls to consider in this kind
of configuration?

2. Is there any way to trim down the "Admin" menu so that it only
shows things that the person has access to?

3. On the admin pages that list groups and queues, the system
paginates as though the user can see all 100 or so queues and groups,
but they have to go to page 3 to get see their queues/groups; pages 1
and 2 show up in the pager, but have no content, as the users don't
have access to queues/groups displayed on those pages.  Can this be
cleaned up so that the system only paginates for the queues and groups
that the user has access to?

4. Is it possible to give someone the ability to edit a queue's scrips
and templates without also allowing them to edit everything else about
the queue?  Changing queue names breaks our sendmail configuration, so
I'd like to prevent them from doing that if at all possible.

5. Is there anything else I should be tracking while delegating this
sort of access to other folks?


Tim Gustafson
Baskin Engineering, Room 313A

[rt-users] queue change still triggers old queue's scrips

2017-01-13 Thread Sebastian Juenemann

Hi List,

I hope you can help me on this topic since the online documentation won't me 
bring any further.

So in order to deal with our spam I've done the following:

1) added a new spam queue
2) created a new global scrip (according to the spamfilter 1b solution provided 
3) set the order of the scrips so that this new scrip is executed first
4) overwritten all global templates with empty ones in the spam queue (so that in any case a global scrip still triggers 
here now mail is actually send out)

What happens is that the spam scrip successfully re-queues all spam to the spam queue _but_ after that still an email is 
sent to all of our AdminCC's according to a global scrip which enforces this: The scrip order is the following

 24 0 On Creat Check Spamassasin score and move to SPAM queue when exceeding threshold User Defined 
User Defined Blank Enabled

 8 On Create Notify Owner and AdminCcs On Create Notify Owner and AdminCcs Transaction in HTML 

9 On Create Notify Ccs On Create Notify Ccs Correspondence 
in HTML Enabled
10 On Create Notify Other Recipients On Create Notify Other Recipients Correspondence in HTML 


I don't quite understand this. I thought that the scrips are executed in the order I define. But it seems like all 
scrips that meet the condition on the Transaction type (in this case "Create") are marked for execution and then 
processed in the given order. This would mean that there are only two ways I can prevent further scrips from 
triggering/doing their job after the detection of spam by a) either modifying all global scrips or b) achieve that after 
the queue change the ticket/transaction itself if invalid somehow (so that consecutive scrips won't be able to do 
anything meaningful anymore).

As I don't want to alter our global scrips (they are global and and easy for some reason) I would like to know how I can 
achieve solution b? It should be able that after the queue change to the SPAM queue any "on create" triggering scrip 
"fails" - but I don't know how.

Many thanks in advance,

- Sebastian