I don’t know if this is intended, but a user with the role customer (the default one, that is created when installing Zammad) can see all the other tickets, even if they are outside of his organization.
- Used Zammad version: 4.0.x
- Used Zammad installation type: package
- Operating system: Edit: Debian 10
- Browser + version: Chrome 94.0.4606.71
- User with a customer role can only see his own tickets. When he uses the search he only gets results from his own tickets.
- When the user types * in the search field and hits enter he gets a list with all the tickets from his organization. If he types some information that is contained in tickets outside of his organization, then he can also gets results from tickets of other organisations.
- See actual behavior.
Is this the intended behavior of Zammad and if yes, how can I restrict the users with the role customer to only see his own tickets.