4 Replies Latest reply on Mar 27, 2018 2:57 PM by bunnisch

    How do I allow users in a role or on a team to accept and work on a task when their role does not have permission to update or view the parent ticket?

    Rookie

      I am open to unique configuration options. We have certain incident tickets that should not be viewed by other teams, so Role permissions have been set to block access. Is there a way to override the basic rule permissions if a certain team is assigned? Or is there a way for them to view, accept and work on tasks without being able to see the master ticket?

        • 1. Re: How do I allow users in a role or on a team to accept and work on a task when their role does not have permission to update or view the parent ticket?
          IJU Apprentice

          Hi,

           

          if you're using default searches instead of object permissions to prevent users from seeing Incidents or tasks they're not allowed to see then they would not be able to see the records but would still be able to edit them (by for example working on a task).

          Just disable the  saved search options (and maybe the fulltext search option as well) to prevent them from switching the default search for the role they're using:

           

           

          Beste Grüße / Best Regards

           

          Immanuel Jungheim
          Consultant

           

          ITSM Consulting GmbH   |   Germany   |   D-55294 Bodenheim   |   Am Kuemmerling 21-25
          Mobile: +49 151 29256681   |   Tel.: +49 6135 9334 0   |   Fax: +49 6135 9334 22   |   E-Mail: [email protected]   |   Web: www.itsmgroup.com

           

          ITSM Group – Be Better

          Geschäftsführer: Siegfried Riedel, Amtsgericht Mainz HRB 47740

          • 2. Re: How do I allow users in a role or on a team to accept and work on a task when their role does not have permission to update or view the parent ticket?
            Rookie

            Thank you for your suggestion Immanuel.

             

            We are actually using object permissions. Currently the 'Secret' Incidents are only editable by one team. That team is then creating tasks for another team. The other team should be able to view and update the tasks, but not have access to the Parent 'Secret' Incident. Those other teams DO need to be able to fully view and update tickets that do not belong to the 'Secret' Incident team. Finding a way to set permissions on the 'Secret' tickets that allow Task updates from other teams would be ideal. i.e. they get permissions to update, but do not get permissions to view. Do you have any suggestions on this?

             

            Thank you,

            Sarah Ann Ferguson

            • 3. Re: How do I allow users in a role or on a team to accept and work on a task when their role does not have permission to update or view the parent ticket?
              IJU Apprentice

              Hello Sarah,

               

              unfortunately you've only got two options in the object permissions. So you either see the record or are allowed to edit it as well.

               

              If you don't want to see records but still want to be able to edit them (even if indirectly) you have to use default searches in my opinion. If you're using business rules or other actions which update the parent Incident then there is no other way to allow the users to do that.

               

              But I am lying. There is one last option you have. You could move those actions which update the "secret" Incident to a workflow. The workflow does us the user "Internal Services" to update the record which would work.

               

               

              Beste Grüße / Best Regards

               

              Immanuel Jungheim
              Consultant

               

              ITSM Consulting GmbH   |   Germany   |   D-55294 Bodenheim   |   Am Kuemmerling 21-25
              Mobile: +49 151 29256681   |   Tel.: +49 6135 9334 0   |   Fax: +49 6135 9334 22   |   E-Mail: [email protected]   |   Web: www.itsmgroup.com

               

              ITSM Group – Be Better

              Geschäftsführer: Siegfried Riedel, Amtsgericht Mainz HRB 47740

              Diese E-Mail ist vertraulich zu behandeln. Sie kann besonderem rechtlichen Schutz unterliegen. Wenn Sie nicht der richtige Adressat sind, senden Sie bitte diese E-Mail an den Absender zurück, löschen die eingegangene E-Mail und geben den Inhalt der E-Mail nicht weiter. Jegliche unbefugte Bearbeitung, Nutzung, Vervielfältigung oder Verbreitung ist verboten. / This e-mail is confidential and may also be legally privileged. If you are not the intended recipient please reply to sender, delete the e-mail and do not disclose its contents to any person. Any unauthorized review, use, disclosure, copying or distribution is strictly prohibited.

              1 of 1 people found this helpful
              • 4. Re: How do I allow users in a role or on a team to accept and work on a task when their role does not have permission to update or view the parent ticket?
                Rookie

                Thank you so much! Now I'm just going to have to figure out how to design a workflow to do that!

                 

                Take care,

                Sarah Ann Ferguson

                ITSM Administrator