Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Request Tracker: Users

SeeGroupDashboard - trying to let group A see group B's dashboards

 

 

Request Tracker users RSS feed   Index | Next | Previous | View Threaded


al.scotto at reply

Jun 9, 2012, 5:20 PM

Post #1 of 2 (326 views)
Permalink
SeeGroupDashboard - trying to let group A see group B's dashboards

I'm trying to let group A see group B's dashboards, where A and B are not related as subgroups
What I did was:
Went to Admin/Groups/GroupRights.html?id=group_b_id
Typed 'A' in the field "Add group"
Ticked SeeGroupDashboard right.

But it doesn't work.
May be some kind of a bug in the ACL system?
I'm on RT 4.0.2

Generally speaking, is it correct my interpretation of the ACL user interface, GroupRights.html page?
I mean, if I am in Groups/GroupRights.html?id=X, and I select a group on the left, say Everyone, ticking rights means "grant Everyone the right to do this or that to Group X", doesn't it?
As well as, if I am in Queues/GroupRights.html?id=Y, and I select a group on the left, say Everyone, ticking rights means "grant Everyone the right to do something on Queue Y"

Thanks



Alberto Scotto

[Blue]
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto [at] reply
www.reply.it


________________________________

--
The information transmitted is intended for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.
Attachments: blue.png (2.77 KB)


ruz at bestpractical

Jun 12, 2012, 7:55 AM

Post #2 of 2 (282 views)
Permalink
Re: SeeGroupDashboard - trying to let group A see group B's dashboards [In reply to]

Hi,

Your steps are correct from ACLs point of view and in theory should work.
However, I totally believe that it may fail to work.

I didn't look into this part of the code for a while and I may be wrong
here. Dashboards inherit privacy and ACL concepts from saved searches that
were in the system for a while. From the beginning we showed group's saved
searches only to users of the group even if she has rights on other groups.
We now have code that can "select groups on which user has right X", but
still SQL is complicated and we don't change this.

Basic test can confirm me theory. Add some user from A group to B group,
login as this user and check if he can now see searches of both groups. If
he can then I'm right.

It's fixable, but out of our radar at the moment.

On Sun, Jun 10, 2012 at 4:20 AM, Scotto Alberto <al.scotto [at] reply> wrote:

> I'm trying to let group A see group B's dashboards, where A and B are
> not related as subgroups
> What I did was:
> Went to Admin/Groups/GroupRights.html?id=group_b_id
> Typed 'A' in the field "Add group"
> Ticked SeeGroupDashboard right.
>
> But it doesn't work.
> May be some kind of a bug in the ACL system?
> I'm on RT 4.0.2
>
> Generally speaking, is it correct my interpretation of the ACL user
> interface, GroupRights.html page?
> I mean, if I am in Groups/GroupRights.html?id=X, and I select a group on
> the left, say Everyone, ticking rights means "grant Everyone the right to
> do this or that to Group X", doesn't it?
> As well as, if I am in Queues/GroupRights.html?id=Y, and I select a group
> on the left, say Everyone, ticking rights means "grant Everyone the right
> to do something on Queue Y"
>
> Thanks
>
>
> Alberto Scotto
>
> [image: Blue]
> Via Cardinal Massaia, 83
> 10147 - Torino - ITALY
> phone: +39 011 29100
> al.scotto [at] reply
> www.reply.it
>
>
> ------------------------------
>
> --
> The information transmitted is intended for the person or entity to which
> it is addressed and may contain confidential and/or privileged material.
> Any review, retransmission, dissemination or other use of, or taking of any
> action in reliance upon, this information by persons or entities other than
> the intended recipient is prohibited. If you received this in error, please
> contact the sender and delete the material from any computer.
>



--
Best regards, Ruslan.
Attachments: blue.png (2.77 KB)

Request Tracker users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.