I have several customer organizsations which can request suppor via zammed. The configuration is, that every customer can see all the tickets of the organization. However there is always a “main” customer in each organization which plays the role of a first-level-contact and supporter. I want to assign tickets to this main customer so he acts as a first level agent.
However this agent should NOT see other customers or tickets outside of his organzation and should not be able to create tickets out of its organization
How to solve this with zammad? It is ok when, there are two different accounts for this special customer (i.e. one customer and one agent account).
While you can restrict a specific agent to see only specific groups and the tickets of these groups, the agent has access to all users and organizations. If he guesses the right names, he’ll find them.
This is a potential data breach you don’t want to have.
The situation I explained above. If you do remote support for a customer organization, there often is a main contact or local administrator which needs to do things. So it makes sense to assign the tickets which can only be solved locally to this person in the customer organization. This special person hoawever is still a customer and should not be able to see anything other then its own organization.
Sometimes there are external supporters for specific customer organzation. These supporters should also ONLY see this organzation, tickets and email addresses (like another customer in the organzation) where he is assigned as an external support, but NOT any other customers of my company.