Rights to manage customers vs rights to manage agents or admins

voljka · November 27, 2019, 10:05am

Zammad 3.0.1 from package @ Centos 7.
Hello. As I can see, if agent has permission “user” (manage users) it can:
-create new customer
-create new agent
-create new agent/customer with whatever it likes permissions.
-edit whatever it want for all user of Zammad
-disable any user of Zammad

Is it a little overkill in terms of permissions control?
In my opinion, we need very simple rule:

agent can manage customers data
only admin may manage admins and agents

Any comments? Am I missed something?

MrGeneration · November 27, 2019, 10:24am

Please take a look at a customer without admin.user permission.
If you give your agents the “users” permission (which is a administrative permission), you’ll receive the above affect.

In fact, agents can -at any time- add news customers if needed, because their workflow requires them to. The described functionality only affects admin permissions.

voljka · November 27, 2019, 10:36am

Ok. So, I am looking at Agent without admin.user permission and with admin.organization permission :

no Manage->Users menu (good/bad - where I can manage customers?)
has Manage->Organizations menu (good)
can create new customer when starts new ticket from field customer (ok)
can edit existed customer when customer shown on the right side bar of screen (ok)
Basically, yes, Agent can manage customers without admin.user permission, but:
WHY is customer management is sooo different from organisation management?
It is very not intuitive, in my opinion. Can you point me for some DESIGN GUIDE for Zammad, because I am failing to understood it GUI rules…

MrGeneration · November 28, 2019, 1:19pm

Agents can search the user and update it if needed.
There is no special interface for that.

Edit will open a update screen for information that agents may access.

Sorry, I can’t provide a good enough answer here, which is why I won’t give any to prevent false information. As far as I’m aware there’s no public Design guide, maybe @thorsteneckel can help here better. That is, when he finds time.

thorsteneckel · November 28, 2019, 2:20pm

Hi @voljka - It’s hard for me to follow without diving to deep in and giving the mental overhead of anticipation. However, since your are requesting a formal Design Guide it would be great help to if you could write your expectations in formal user stories. This makes it much easier for me to follow your thought process. I’m looking forward to give you feedback based on those

voljka · December 2, 2019, 12:18pm

ha-ha. no, no, no. My problem is not with product functionality. I just do not know how to use it in right way. For example, i was looking at user management from admin point of view (go to the right menu, create user). But adding user as agent, when hi is in the process of ticket creation is right way.
btw, did you create some tutorial clips about Zammad? like how to create ticket in system, for example?

MrGeneration · December 2, 2019, 12:26pm

No we did not.
All required steps and “how to work on tickets” are described on our documentation:
https://user-docs.zammad.org