ACL Reference Guide#
Working with tickets can become a bewildering task. Many options are given to process, or close tickets, even if they are not needed in the current state of a ticket or due to the role of the current agent. Hiding unneeded entries cleans up the menu bar and gets it easier to work with, hiding values from dynamic fields or next queues lowers chance of human error.
We use access control lists (ACL) to restrict agents and customer users on ticket options, allowing only correct and meaningful activities with a ticket. As administrators you can easily generate ACLs in the graphical interface to prevent ticket closure until meeting specific requirements, prevent tickets from being moved to queues before adding the defined information and much more.
A list of all possible match and set criteria:
Match Properties#
You may match Key/Values using Properties Database (Backend) or Properties (Frontend) matching.
Property |
Key |
Value |
Comments |
|---|---|---|---|
CustomerUser |
UserLogin |
some login |
|
UserCustomerID |
some customer id |
||
Group_rw |
some group (active customer group feature required) |
||
DynamicField
|
DynamicField_Field1
DynamicField_TicketFreeText2
|
some key or value
|
Names must be in DynamicField_<field_name> format.
Values for dynamic fields must always be the untranslated internal data keys specified in the dynamic field definition and not the data values shown to the user.
Using the key is also mandatory for a dynamic field of type database and dynamic field of type webservice.
|
Frontend
|
Action
|
AgentTicket….
CustomerTicket….
|
Entities are dynamically populated and can be search for by typing.
|
Owner |
UserLogin |
some login |
|
Group_rw |
some group |
||
Role |
some role |
||
Priority |
ID |
some id |
|
Name |
some name |
||
Process |
ProcessEntityID |
some id |
The current process id. Use only with Properties Database. |
ActivityEntityID |
some id |
The current activity id. Use only with Properties Database. |
|
ActivityDialogEntityID |
some id |
The current activity dialog in use. Use only with Properties. |
|
Queue |
QueueID |
some id |
|
Name |
some name |
||
GroupID |
some group id |
Used to match multiple queues. |
|
some email address |
Used to match multiple queues. |
||
RealName |
email address real name |
Used to match multiple queues. |
|
Responsible |
UserLogin |
some login |
|
Group_rw |
some group |
||
Role |
some role |
||
Service |
ServiceID |
some id |
|
Name |
some name |
||
ParentID |
some id |
||
SLA |
SLAID |
some id |
|
Name |
some name |
||
Calendar |
some calendar |
||
State |
ID |
some id |
|
Name |
some name |
||
TypeName |
some type name |
To match multiple states. |
|
TypeID |
some id |
See table ticket_state_type |
|
Ticket |
Queue |
some name |
|
State |
some name |
||
Priority |
some name |
||
Lock |
some name |
||
CustomerID |
some name |
||
CustomerUserID |
some name |
||
Owner |
some name |
||
DynamicField_* |
some name |
||
NewOwner |
login |
Prior to Znuny 6.4.4, this would reference the display name. |
|
<other Property> |
<other property> |
Any other ticket attribute. |
|
Type |
ID |
some id |
|
Name |
some name |
||
User |
UserLogin |
some login |
|
Group_rw |
some group |
||
Role |
some role |
Configuration Properties#
Configuration properties can be:
- Possible (white-listing)
The values entered show exclusive values.
- PossibleNot (black-listing)
The values entered show excluded values.
- PossibleAdd (for cumulating lists)
The values entered add to previous ACL restrictions. This is generally used in combination with PossibleNot.
Property |
Key |
Value |
Comments |
|---|---|---|---|
Action |
some action (frent-end) |
Entities are dynamically populated and can be search for by typing. |
|
ActivityDialogEntityID |
some id |
||
Process |
some id |
||
Ticket |
Any Ticket Property |
some name |
IDs do not work in the ticket configuration settings. You can set the returnable state, bun not state id, state type, or state type id. |