Problems with ACL-Configuration

[fullhouse]

Hello,

we have an acl that forces agents to 'classify' (setting a type, service and SLA) a ticket before being able to work on it. The ACL looks like this:



I'd like specific roles to be able to work on the ticket even if its not classified yet. This is how i configured the ACL:



Sadly it is not working. Can anyone help me in figuring out what i did wrong here?

[wurzel]

Hi,

should work. Remember, they need to be in correct order.
First Deny, then Allow

Flo

[fullhouse]

Thanks for the quick reply.

Thats exactly the order I put it. The 'PossibleNot' ACL comes first. Still not working though.

[wurzel]

Hi,

try to remove the type unclassified in the possible add acl
Just do the role config there.

Florian

[fullhouse]

I tried that too but it's still not working.
Am I right in the assumption that once i deploy an ACL it works right away? For example when theres an unclassified ticket thats already in the system can i just refresh it after deploying in order to test if it works? Or do I need to wait until a new ticket comes in?

[RStraub]

That is correct. A deployed ACL will "work" right away on all existing tickets.

Edit: Any chance you are using the user "root@localhost" ? ACLs don't apply to that user...

[fullhouse]

No I didn't use that user. Configuring ACL's has always been weird to me it seems like sometimes they just work at random. thanks a lot for the help though.

[skullz]

Try this

ACL001

Properties
- Type
-- Name
--- Unclassified

PossibleNot
- Ticket
-- State
--- closed successful


ACL002

Properties
- Type
-- Name
--- Unclassified

- User
-- Role
--- ABC

PossibleAdd
- Ticket
-- State
--- closed successful