- Used Zammad version: 5.0
- Used Zammad installation type: package
- Operating system: Debian 10
- Browser + version: Chrome 99
I have created a ticket, where an agent has wrote an article, now the ticket is not accessable. For me (with agent and admin role) there is written:
Oops.. I'm sorry, but you have insufficient rights to open this Ticket.
In the production log, there is the following output, when i try to access the ticket via the REST API:
I, [2022-03-29T17:24:43.635609 #27127-17665860] INFO -- : Started GET "/api/v1/tickets/729" for 192.168.5.15 at 2022-03-29 17:24:43 +0200
I, [2022-03-29T17:24:43.651644 #27127-17665860] INFO -- : Processing by TicketsController#show as */*
I, [2022-03-29T17:24:43.651798 #27127-17665860] INFO -- : Parameters: {"id"=>"729"}
I, [2022-03-29T17:24:43.715019 #27127-17665860] INFO -- : not allowed to show? this Ticket (Pundit::NotAuthorizedError)
app/controllers/application_controller/authorizes.rb:10:in `authorize!'
app/controllers/tickets_controller.rb:51:in `show'
app/controllers/application_controller/has_download.rb:21:in `block (4 levels) in <module:HasDownload>'
app/controllers/application_controller/has_download.rb:20:in `block (3 levels) in <module:HasDownload>'
app/controllers/application_controller/has_download.rb:19:in `block (2 levels) in <module:HasDownload>'
app/controllers/application_controller/handles_transitions.rb:16:in `handle_transaction'
I, [2022-03-29T17:24:43.715865 #27127-17665860] INFO -- : Not authorized (Exceptions::Forbidden)
I, [2022-03-29T17:24:43.716515 #27127-17665860] INFO -- : Completed 403 Forbidden in 65ms (Views: 0.2ms | ActiveRecord: 22.4ms | Allocations: 14638)
I can access the ticket with the id 728 and the following ticket with the id 730. What went wrong?