ACL not work

[yuri0001]

Hi!
I create such ACL:

Code: Select all

    $Self->{TicketAcl}->{'051 ACL-Customer-Ограничение выбора очереди для КУИ'} = {
        Properties => {
            Frontend => {
               Action => ['CustomerTicketMessage']
                        },
            CustomerUser => {
                Group_rw => ['Cust_KUI'],
                            },
                      },
        Possible => {
            Ticket => {
                QueueID => ['21','2','41']
                      },
                    },
    };
#########################################################################
    $Self->{TicketAcl}->{'052 ACL-Customer-Ограничение выбора очереди для Терр_Уобр_УАГ_Укульт_Ленина_117'} = {
        Properties => {
            Frontend => {
               Action => ['CustomerTicketMessage']
                        },
            CustomerUser => {
               Group_rw => ['Cust_Cult_Ed_Arch'],
                            },
                      },
        Possible => {
            Ticket => {
                QueueID => ['24','2','41']
                      },
                    },
    };

but it does'nt work.
Some customers have rw rights in groups - Cust_Cult_Ed_Arch & Cust_KUI but while creating web ticket from customer form queues not restricted by list in ACL
Why?

[crythias]

You shouldn't need an ACL for this purpose. The group membership should be enough to restrict the available queues. By default, all customers are part of the "users" group, which may already apply to the other queues.

[yuri0001]

Probably, it's my bad English.
I want to some customers don't can create tickets for some queues and this queues don't appear in queue list for them by group membership.

[yuri0001]

I'll try this:

Code: Select all

    $Self->{TicketAcl}->{'051 ACL-Customer-Ограничение выбора очереди для КУИ'} = {
        Properties => {
            Frontend => {
               Action => ['CustomerTicketMessage']
                        },
            CustomerUser => {
                Group_rw => ['Cust_KUI'],
                            },
                      },
        Possible => {
           Queue => {
                QueueID => ['21','2','41']
                      },
                    },
    };

But also not work!

[yuri0001]

Anybody can help me?

[jojo]

is CustomerGroup support activated?

[yuri0001]

Yes! Activated.

[jojo]

customers can only use Queues which have groups they are assigned to

[yuri0001]

But, if the ticket will moved in Queue wich group not assigned to customer, he recieve message that access denied.
I want only forbid to customer to create tickets for some Queues, but tickets can moved to another queue without limit to displaying it (ticket) to customer.

[jojo]

did you try to not use UTF-8 characters in the name of the ACL?
did you try other match criterias. like customer id instead of group?

[yuri0001]

Thanks! I will try it later.
I understand your earlier tips without ACL (it depends of rights -ro/rw).
But my interest for decision this problem with ACL - is interesting me whatever!
I will write later about my attempts wit ACL

[yuri0001]

But, without ACL customer with -ro rights - not see the queue in web-form - it's good, but can't answer to owner if ticket moved to this queue - it's bad.

[skullz]

i dont know this is right or not,
but based on http://doc.otrs.org/3.2/en/html/customi ... -reference

QueueID only can be used at "Properties" block, not "Possible" or "NotPossible" block

maybe try to write

Code: Select all

 $Self->{TicketAcl}->{'051 ACL-Customer-Ограничение выбора очереди для КУИ'} = {
        Properties => {
            Frontend => {
               Action => ['CustomerTicketMessage']
                        },
            CustomerUser => {
                Group_rw => ['Cust_KUI'],
                            },
                      },
        Possible => {
            Ticket => {
                Queue => ['Queue 1',' Queue 2','WhatQueue']
                      },
                    },
    };

[yuri0001]

Hi!
I've already tried this construction, but it not work all the same.
By the way, I'll try to create this ACL in 3.3.0 beta3 ACL Editor. He changes the order of phrase Action & CustomerUser in Properties. Is it right or no matter?
But it not work all the same.

[yuri0001]

Hi!
Yes, it works right in 3.3.0! There where my semantic error.
But! I'll try there quit clear example. In work (productive) system i need to use Russian (cyrillic) names of Queues. If I need to do somewhat to force to work it properly?