Znuny/Znuny LTS is a fork of the ((OTRS)) Community Edition, one of the most flexible web-based ticketing systems used for Customer Service, Help Desk, IT Service Management.
In other places within this module, there is already the right function "CustomerNoPermission" used.
The updated code results in a proper error message:
Steps to reproduce
To reproduce this error, simply configure an ACL that filters for "Properties" -> "CustomerUser" -> "UserLogin" -> [any customer user] and next configure a "PossibleNot" -> "Action" -> "CustomerTicketZoom".
This will show the agent error message from the first screenshot when you are opening the CustomerTicketZoom for any ticket.
Type of change
1 - š bug š
Checklist
[x] The code change is tested and works locally.(ā)
[x] There is no commented out code in this PR.(ā)
[ ] You improved or added new unit tests.(ā)
[x] Local ZnunyCodePolicy passed.(ā)
[x] Local UnitTests / Selenium passed.(ā)
[x] GitHub workflow CI (UnitTests / Selenium) passed.(ā)
Proposed change
With "NoPermission" function, the customer is redirected to the agent screen, even though the URL is still the customer backend: https://my-znuny-host/otrs/customer.pl?Action=CustomerTicketZoom;TicketNumber=2022122196000021
The resulting permission error looks like this:
In other places within this module, there is already the right function "CustomerNoPermission" used.
The updated code results in a proper error message:
Steps to reproduce
To reproduce this error, simply configure an ACL that filters for "Properties" -> "CustomerUser" -> "UserLogin" -> [any customer user] and next configure a "PossibleNot" -> "Action" -> "CustomerTicketZoom". This will show the agent error message from the first screenshot when you are opening the CustomerTicketZoom for any ticket.
Type of change
1 - š bug š
Checklist