Joanne, Have you installed RT::Rights Matrix? I have found that VERY useful in the past. If someone is getting rights from more than one setting, it will show up in those results.
Kenn LBNL On Thu, Jul 7, 2011 at 9:28 AM, Alex Vandiver <[email protected]>wrote: > On Thu, 2011-07-07 at 09:52 -0400, Thomas Sibley wrote: > > On 07/06/2011 06:44 PM, Joanne Keown wrote: > > > Back in June I emailed the below question/request for help and I don’t > > > believe I have seen a response to that. > > > > > > Does anyone have any good ideas/pointers on this? I have searched > > > archives & manuals etc. but I can’t see what right I am applying that > is > > > allowing all my users Admin rights. > > > > The information in the spreadsheet simply isn't enough. There's many > > other places you could be granting them rights. We can't offer more > > than guesses without essentially a database dump of the relevant RT > tables. > > You have likely misapplied the "Superuser" right on some group the users > are in, directly or indirectly. The following (which is untested, > simply written off the top of my head), run from your database, should > tell you which group that they are in has this right: > > select Groups.* from Users > join CachedGroupMembers on CachedGroupMembers.MemberId = Users.id > join ACL on ACL.PrincipalId = CachedGroupMembers.GroupId > and ACL.RightName = 'SuperUser' > join Groups on Groups.id = ACL.PrincipalId > where Users.Name = 'dchapman' > > - Alex > > > -------- > 2011 Training: http://bestpractical.com/services/training.html >
-------- 2011 Training: http://bestpractical.com/services/training.html
