Possible bug? Users with only "Can Create" permission can still edit, complete and delete tickets

avatar chrisbloom7 Nov 17. 2009. 12:08 pm #1
According to the documentation:

Can Create - User has access and can create new objects of specific type, but cannot manage existing objects.


So why can these users still edit and complete tickets?
avatar Oliver Maksimović Staff Nov 18. 2009. 5:27 am #2
Permission to edit/complete/delete is overridden in the following cases:

- If user has project_management permission set to "Yes"
- If user is a project leader
- If user is the author of the ticket
- If a ticket has no assignees
- If user is assigned to a ticket

Probably it's one of the reasons above that allows your users with only "Can Create" permission to manage Tickets.
activeCollab dev/ tech support
avatar chrisbloom7 Nov 18. 2009. 8:22 am #3
Thanks for the additional information. FWIW, I don't think that is intuitive at all - in our case we don't want clients to EVER be able to edit a ticket once they create it. From that point on its up to our AMs/PMs to manage the tickets. We assumed setting their permissions up to not have "manage" permissions would accomplish this.

I would also suggest that you make note of these overrides in the administrator documentation as there is currently no mention of any caveats to permissions.
avatar Darth Sonic Pro Feb 23. 2010. 6:07 am #4
I would prefer some more detailed permissions:

1. no access
2. has access
3. can create, but not manage
4. can create and manage own
5. can create and manage all
http://www.computeruniverse.net
http://www.darth-sonic.de
avatar Bel Pro Jun 17. 2010. 8:32 am #5
I have a huge problem with this as well.
In my case - PM creates ticket, Studio Manager assigns to the relevant resource in studio and now that resource has full access to edit or delete that information.
It does not make sense.
avatar Ilija Studen Staff Jun 17. 2010. 11:01 am #6
Hello,

If user is supposed to work on something, he should be albe to make appropriate changes (attach new files, change description and provide more details etc). For tickets, all changes to a specific ticket are saved, so there's no questions who changed what and when.

This is by design and not likely to change any time soon.
Follow @activecollab and activeCollab on Facebook.