Mailing List Archive

Make sure the group is not disabled.

On Fri, Apr 30, 2004 at 01:06:02PM -0400, Charlie Benatti wrote:
> Question about group rights:
>
> I've recently set up RT 3.0.10 for use as a company helpdesk system.
> I'm having trouble assigning rights to groups. If I assign an
> individual rights, such as SeeQueue and ShowTicket, the user can see
> tickets in the queue just fine. The trouble is, when I assign the same
> rights to a group the users in that group cannot see the queue or
> tickets in that queue. Am I doing something wrong? If more info about
> the setup is needed please let me know and I'll be happy to provide it.
>
> thanks.
>
> -curly
>
>
> --
> Charlie Benatti
> Systems Architect * YellowBrix, Inc.
> curly@yellowbrix.com, 703.519.1050
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> RT Developer and Administrator training is coming to LA, DC and Frankfurt this spring and summer.
> http://bestpractical.com/services/training.html
>
> Sign up early, as class space is limited.
_______________________________________________
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

RT Developer and Administrator training is coming to LA, DC and Frankfurt this spring and summer.
http://bestpractical.com/services/training.html

Sign up early, as class space is limited.

I hate it when I ask a question and the answer is something obvious.

Thanks.

-curly


On Fri, Apr 30, 2004 at 12:22:42PM -0400, Todd Chapman wrote:
> Make sure the group is not disabled.
>
> On Fri, Apr 30, 2004 at 01:06:02PM -0400, Charlie Benatti wrote:
> > Question about group rights:
> >
> > I've recently set up RT 3.0.10 for use as a company helpdesk system.
> > I'm having trouble assigning rights to groups. If I assign an
> > individual rights, such as SeeQueue and ShowTicket, the user can see
> > tickets in the queue just fine. The trouble is, when I assign the same
> > rights to a group the users in that group cannot see the queue or
> > tickets in that queue. Am I doing something wrong? If more info about
> > the setup is needed please let me know and I'll be happy to provide it.
> >
> > thanks.
> >
> > -curly
> >
> >
> > --
> > Charlie Benatti
> > Systems Architect * YellowBrix, Inc.
> > curly@yellowbrix.com, 703.519.1050
> > _______________________________________________
> > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> >
> > RT Developer and Administrator training is coming to LA, DC and Frankfurt this spring and summer.
> > http://bestpractical.com/services/training.html
> >
> > Sign up early, as class space is limited.

--
Charlie Benatti
Systems Architect * YellowBrix, Inc.
curly@yellowbrix.com, 703.519.1050
_______________________________________________
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

RT Developer and Administrator training is coming to LA, DC and Frankfurt this spring and summer.
http://bestpractical.com/services/training.html

Sign up early, as class space is limited.

Write a scrip that adds the user's group as an AdminCc on the ticket. Then
give the AdminCc role the proper rights.

On Thu, Jan 22, 2009 at 11:19 AM, Tariq Doukkali <tariq.doukkali@autoform.de
> wrote:

> Hello,
>
>
>
> How can I configure I on RT?
>
>
>
> 1. I have 2 Groups (group1, group2)
>
> 2. Users:
>
> - User_1_1 is member of group1
>
> - User_1_2 is member of group 1
>
> - User_2_1 is member of group2
>
> - User_2_2 is member of group2
>
> 3. Queues:
>
> - Queue1
>
>
>
> 4. Users of group1 as well as of group2 create ticket on queue1.
>
>
>
>
>
> How can I configure it, if user_1_1 login in, he can show only his Tickets
> and tickets of user_1_2 (who is on the same group) but not tickets of
> User_2_1 or User_2_2.
>
>
>
> I am using RT 3.8.1
>
>
>
>
>
> Many thanks
>
>
>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales@bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
>

Tariq,


OR, you could also write a scrip that adds the other person of the
group as a requestor and then set the privilege "ShowTicket" for
Requestors only. You didn't say anything about "owners", so I am
assuming when you say "his" ticket, you meant the requestor. Hope this
helps.


Kenn
LBNL

On 1/22/2009 8:22 AM, Todd Chapman wrote:
> Write a scrip that adds the user's group as an AdminCc on the ticket.
> Then give the AdminCc role the proper rights.
>
> On Thu, Jan 22, 2009 at 11:19 AM, Tariq Doukkali
> <tariq.doukkali@autoform.de <mailto:tariq.doukkali@autoform.de>> wrote:
>
> Hello,
>
>
>
> How can I configure I on RT?
>
>
>
> 1. I have 2 Groups (group1, group2)
>
> 2. Users:
>
> - User_1_1 is member of group1
>
> - User_1_2 is member of group 1
>
> - User_2_1 is member of group2
>
> - User_2_2 is member of group2
>
> 3. Queues:
>
> - Queue1
>
>
>
> 4. Users of group1 as well as of group2 create ticket on queue1.
>
>
>
>
>
> How can I configure it, if user_1_1 login in, he can show only his
> Tickets and tickets of user_1_2 (who is on the same group) but not
> tickets of User_2_1 or User_2_2.
>
>
>
> I am using RT 3.8.1
>
>
>
>
>
> Many thanks
>
>
>
>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales@bestpractical.com
> <mailto:sales@bestpractical.com>
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales@bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com

_______________________________________________
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com


Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

Greetings Ron:

I'm relatively new with RT but have progressed a lot and have already
incorporated it into a live production environment.

To my experience, the scenario of "Group Additives", as you put it, or
assigning a "group" within a "group", is not necessarily the best
business practice.

I like to keep things well organized and have separate groups for
different unique permissions.

In theory your concept may work, but not advisable in my opinion, coming
from a security perspective, in the name of keep things organized and
secure.

Cheers!
Reza.


Ron Yacketta wrote on 10/27/2016 4:38 PM:
> All,
>
> Are group rights Additive? We have a Group that contains other groups
> with certain granted rights, we would like to give one of the included
> groups the ability to mange users.
>
> Will RT grant all the rights allowed in the Containing group as well
> as those assigned directly to the group?
>
>
>
> Regards,
>
> Ron Yacketta
>
>
> ---------
> RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training
> * Los Angeles - Q1 2017

Ron Yacketta writes:
>Are group rights Additive? We have a Group that contains other groups with
>certain granted rights, we would like to give one of the included groups
>the ability to mange users.
>
>Will RT grant all the rights allowed in the Containing group as well as
>those assigned directly to the group?

From my brief inspection of code a while back, this is how I say it organized:
1) Every created user gets linked to a group newly created just for them.
2) Groups can only hold other groups.
3) This means that there does not need to be special code to determine if a group member is a group or a user.
4) Rights are additive.
5) Calculate as follows:
A) Find the linked group of a member.
B) Set rights to the rights of that group.
C) For each group that this group is a member, do the following:
i) Add the rights of this enclosing group
ii) Recourse for all groups enclosing the enclosing group
6) Resulting rights is what that user has.
7) Perform similar calculations for user/queue or other combination

From other tidbits left by the RT folks, making code to mask off rights is not something they want to do, as it makes things much more complicated.

/jeff
________________________________________________________________________
The information contained in this e-mail is for the exclusive use of the
intended recipient(s) and may be confidential, proprietary, and/or
legally privileged. Inadvertent disclosure of this message does not
constitute a waiver of any privilege. If you receive this message in
error, please do not directly or indirectly use, print, copy, forward,
or disclose any part of this message. Please also delete this e-mail
and all copies and notify the sender. Thank you.
________________________________________________________________________
---------
RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training
* Los Angeles - Q1 2017