User has Role with only READ and OVERVIEW but he can edit (CHANGE) tickets


  • Used Zammad version: 2.5.x
  • Used Zammad installation source: (source, package, …) installed from our hoster - I think package
  • Operating system: Debian
  • Browser + version: Firefox ESR 52.9.0

Expected behavior:

User with just the following role can just read but don’t change tickets:

Actual behavior:

This user with only the role “Reader” and no other access-settings or connected roles can edit tickets:

Question to the community:
Does it work in your installations, when you make a configuration like me the user can only view not edit?

I’ve tested ist now in another installation with the same result. So I wonder if it’s a general bug or if I understand something wrong about the usage of these roles.

Would be great to get a feedback.

For me it works fine. Zammad will show an “Not authorized” alert if I try to add a note. Permissions “read” and “overview” defined in role “test”, no other roles assigned.

Thanks for your feedback. In our installation I get now also the “Not authorized” alert (don’t get it anymore why I haven’t at my first test here).

In the installation from a external partner I get still the described behaviour. BUT I’ve seen now that they still running Zammad Version 2.0.x.

So I will ask for a update now and hope this will fix the problem.

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.