I am looking for a way for users to create a case that only THAT user and an admin can see. Then I can use this system to allow students to submit problem cases, or even create a "project" that other students can't see.

Or, if there is another module that's better for this, just point me in the right direction.

Comments

steveh2’s picture

steveh2 commented

This is a me too posting, I want to create projects that only certain roles or users can see and also have issues marked either private or public.

BenK’s picture

BenK commented

Me three! I have also been searching for a way to enable users to create "private" cases (or else make private cases the automatic default for certain projects).

Having this functionality would enable Case Tracker to be used as a true Help Desk support solution.

I do realize that users can be granted only the ability to submit cases (and not the ability the see the master Case Tracker menu item), but this doesn't prevent them from guessing a node URL to view a case they are not supposed to see.

I'd love to hear any insights from Morbus Iff....

moshe weitzman’s picture

moshe weitzman commented

You need a node_access control module for this. i don't know all of them so i can't really identify one to use here.

brianpeat’s picture

brianpeat commented

It's way more complicated than just a node access module. I think the project module would have to be updated to have an option to hide user created projects from other users.

The only other thing I can think of is some sort of "MAke Private" check box that the user could check when making the new node...but then, what if they forget and all the students get to see their work?

daviding’s picture

daviding commented

I'm interested in this function, too.

Is there something that we could learn from "the social networking wall" approach, as in Facebook. There's some discussion over at http://groups.drupal.org/node/2489 , but they haven't reached a resolution yet, either.

The other alternative could be some private messaging sort of function ... if it would pop up on the recipient's front page.

dcoun’s picture

dcoun commented

A solution can be to change the casetracker_basic.module:

1. Replace the function casetracker_basic_perm with the following:

function casetracker_basic_perm() {
  return array('create projects', 'create cases', 'edit own projects', 'edit own cases',
               'view projects', 'view cases', 'view own projects', 'view own cases' );
}

2. the function casetracker_basic_project_access with the following:

function casetracker_basic_project_access($op, $node) {
  global $user;

  if ($op == 'create') {
    return user_access('create projects');
  }

  if ($op == 'view') {
    if (user_access('view own projects') && ($user->uid == $node->uid)) {
      return TRUE;
    }
    return user_access('view projects');
  }

  if ($op == 'update' || $op == 'delete') {
    if (user_access('edit own projects') && ($user->uid == $node->uid)) {
      return TRUE;
    }
  }
}

3. and replace function casetracker_basic_case_access with the following:

function casetracker_basic_case_access($op, $node) {
  global $user;

  if ($op == 'create') {
    return user_access('create cases');
  }

  if ($op == 'view') {
    if (user_access('view own cases') && ($user->uid == $node->uid)) {
      return TRUE;
    }
    return user_access('view cases');
  }

  if ($op == 'update' || $op == 'delete') {
    if (user_access('edit own cases') && ($user->uid == $node->uid)) {
      return TRUE;
    }
  }
}

4. You have now 4 more permissions for setting view access to projects,cases.

yngens’s picture

yngens commented

thank you dcoun, suggested changes worked for me except for small, but important part - users with no access permission can not read cases and projects, but can see comment titles in recent comments block. i believe permissions should completely hide the module's nodes together with the added comments.

STyL3’s picture

STyL3 commented

Will this be committed to future versions of CT? Or when I upgrade will i have to readd this? Thanks.

:EDIT:
This works great! However there is still an issue. I have set the Authenticated Users group to not be able to create cases or view them. I have a user that is only a member of the Authenticated Users role and still has the option to "add a Case" in the Operations sections.

While they can't add a case or even see them, they still have the option to, even though it doesn't work and they just get taken to the list of content types they can create. Is there a way to tie the 'Operations' options into the permissions?

Thanks.

chriszz’s picture

chriszz commented

I really think, this rights are very important for casetracker!

wickwood’s picture

wickwood commented

I made the changes suggested by dcoun (thank you for this btw!), however when a user clicks on the "casetracker" menu item, the first thing it they see is a list of all the projects, even the ones they do not have access too.

I'm trying to find where to fix this, but I'm rather new to this.

Thanks in advance for your help!

Steve

gunzip’s picture

gunzip commented

it's very easy with content access module,
you don't need to change anything in the code. just set the content type 'case' to be edited only by author.

jmiccolis’s picture

jmiccolis commented
Status: Active » Closed (works as designed)

As is discussed above case tracker isn't and doesn't aim to be a node access module - other node access module can be used with case tracker to achieve access control for cases.