Hi Raed,
thanks for your very kind help.
I was hoping for the capability of running bulk operations on users to
be added to the user interface at some point :-)
G
On 10/06/11 16:12, Raed El-Hames wrote:
Sorry Giuseppe I don't have much knowledge of the LDAP plugin.
Under normal circumstances (ie RT auth), I would write script to go through the
users need changing and set Privileged to 0
foreach $MyUserId (@my_users_to_change) {
my $u=RT::User->new(RT::SystemUser);
my ($id, $msg) = $u->Load("$MyUserId");
if ($id) {
$u->SetPrivileged(0);
}
}
Regards;
Roy
-----Original Message-----
From: Giuseppe Sollazzo [mailto:gsoll...@sgul.ac.uk]
Sent: 10 June 2011 15:33
To: Raed El-Hames
Cc: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] limit ticket list display on requestor login
Hi Raed,
thanks a lot as that explains it. This user is Privileged. Removing the
privilege everything works as expected.
What puzzles me is the relationship between system groups and user
defined groups. I would have expected to have the possibility of
limiting permissions to Privileged users in a group rather then having
them as Unprivileged.
But never mind :-)
Now the problem I have is that all my imported users are Privileged, and
reimporting them does not seem to change this (even with
$LDAPUpdateUsers=1).
Do you reckon there's a way to bulk update users and make them
Unprivileged?
Thanks,
Giuseppe
On 10/06/11 14:50, Raed El-Hames wrote:
The fist question Giuseppe , is user U privileged or not?
If not then by default he should have been redirected to
SelfService/index.html, which again by default should only display
/SelfService/Elements/MyRequests
If he is privileged (then I would ask why? -- because according to what
you need below he does not need to be privileged), if he has to be
privileged then you may have to do some coding .. I do think there is a
limitation in RT , you should need to give the "SeeQueue" permission to be
able to see it in the dropdown ? I would have thought the "CreateTicket"
permission should be enough.
As I suggested make user U unprivileged is the easiest solution.
Good luck
Roy
-----Original Message-----
From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-
boun...@lists.bestpractical.com] On Behalf Of Giuseppe Sollazzo
Sent: 10 June 2011 14:15
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] limit ticket list display on requestor login
Hi Kevin,
that was my first thought - however in "global group rights" all
checkboxes in general/staff/admin rights are unticked for System,
Roles,
and for the given user group.
Or is it maybe how I shoudl manage this, by adding "show ticket" to the
global one?
Just in case I have explained myself improperly, what I'm trying to
achieve is that users in the G group are shown in the dashboard a list
of tickets in the queue Q for which they are requestors; such list
should exclude tickets in the same queue for which they are not
requestors.
Thanks,
G
On 10/06/11 14:03, Kevin Falcone wrote:
On Fri, Jun 10, 2011 at 01:45:55PM +0100, Giuseppe Sollazzo wrote:
Uhm...
it seems not to behave like I would like to.
Basically I have a privileged user U that is part of group "G".
On queue Q group G has right to show/modify/reply, whereas the
system privileged group does not have any right on the queue.
Also, on queue Q role "Requestor" has right to show/modify/reply,
whereas the system privileged group does not have any right on the
queue.
Still, U can see all tickets in queue Q, even those he's not a
requestor for.
So I'm still looking for a way to hide tickets for which a user in
the group G is not a requestor for from the dashboard, if that's at
all possible :)
Sounds like you have some global rights getting in the way.
-kevin
On 10/06/11 12:06, Raed El-Hames wrote:
Giuseppe,
I will not give the Everyone group rights other than Create Ticket
and
ReplyToTicket (and this is only to get the email side of things working
properly).I also would not give any rights to the Unprivileged group.
For your purposes I would suggest you give the Requestor Role rights
to ShowTicket/ModifyTicket/ReplyToTicket, and if your requestors are
Unprivileged then their login will redirect them to the SelfService
portal
which is restricted.
Hope that helps;
Regards;
Roy
-----Original Message-----
From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-
boun...@lists.bestpractical.com] On Behalf Of Giuseppe Sollazzo
Sent: 10 June 2011 10:43
To: rt-users@lists.bestpractical.com
Subject: [rt-users] limit ticket list display on requestor login
Hi,
I guess I'm not getting this right.
I'd like that a user, upon login, were able to only see the tickets
for
which they are a requestor (in a given queue).
Let's say I have a group G and a queue Q. If rights for G on Q are
"Create tickets" and "View queue" obviously they see all tickets in
the
queue, whereas "Create tickets" alone does not allow them to see
any
ticket.
To keep things tidy, I've also given the same rights to Everyone,
Privileged, Unprivileged.
Is what I want to do feasible with just permissions management?
Thanks,
Giuseppe
--
____________________________________
Giuseppe Sollazzo
Senior Systems Analyst
Computing Services
Information Services
St. George's, University Of London
Cranmer Terrace
London SW17 0RE
Email: gsoll...@sgul.ac.uk
Direct Dial: +44 20 8725 5160
Fax: +44 20 8725 3583
--
____________________________________
Giuseppe Sollazzo
Senior Systems Analyst
Computing Services
Information Services
St. George's, University Of London
Cranmer Terrace
London SW17 0RE
Email: gsoll...@sgul.ac.uk
Direct Dial: +44 20 8725 5160
Fax: +44 20 8725 3583
--
____________________________________
Giuseppe Sollazzo
Senior Systems Analyst
Computing Services
Information Services
St. George's, University Of London
Cranmer Terrace
London SW17 0RE
Email: gsoll...@sgul.ac.uk
Direct Dial: +44 20 8725 5160
Fax: +44 20 8725 3583
--
____________________________________
Giuseppe Sollazzo
Senior Systems Analyst
Computing Services
Information Services
St. George's, University Of London
Cranmer Terrace
London SW17 0RE
Email: gsoll...@sgul.ac.uk
Direct Dial: +44 20 8725 5160
Fax: +44 20 8725 3583
--
____________________________________
Giuseppe Sollazzo
Senior Systems Analyst
Computing Services
Information Services
St. George's, University Of London
Cranmer Terrace
London SW17 0RE
Email: gsoll...@sgul.ac.uk
Direct Dial: +44 20 8725 5160
Fax: +44 20 8725 3583
