Support

Akeeba Ticket System

#37117 No Edit for message field for user that submit its own ticket

Posted in ‘Akeeba Ticket System’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
4.1.2
PHP version
7.4.29
Akeeba Ticket System version
5.0.5-dev202205061015-revdc7b4

alexmartin
How to enable a Registered user (not  in any special group or access) after they submitted a ticket to edit the message field of the ticket?
Attached  is the Category Permissions and System permissions., If i need to change any permissions could you please indicate 
1) Where  is the permissions are ;located - on the Category or System or Joomla?
2) What permissions must be modified to what state?   Example of the Message Edit button that I don Have is in the attached file as well 
Looking forward. Thank you. 

System Task
system
The ticket information has been edited by Oleg Martynov (alexmartin).

nicholas
Akeeba Staff
Manager

Please read https://www.akeeba.com/documentation/ats-for-joomla/deep-dive.html#permissions. Then read it again.

There are two permissions hierarchies which is the standard way Joomla does this:

  1. In the component's Options
  2. In the Categories

Joomla first reads the permissions in the current category. If there is a hard Deny for a permission in any of the user groups the user belongs in (or further up in their hierarchy) you are DENIED the permission and Joomla stops looking further.

If the result was an explicit Allow or Inherited then Joomla will start looking at each parent category. For each parent category, if there is a hard Deny for a permission in any of the user groups the user belongs in (or further up in their hierarchy) you are DENIED the permission and Joomla stops looking further.

If the permission at this point is still explicitly Allow or Inherited, Joomla looks at the permissions in the component Options. If there is a hard Deny for a permission in any of the user groups the user belongs in (or further up in their hierarchy) you are DENIED the permission and Joomla stops looking further.

At this point the permission is either an explicit Allow or Inherited. If it's explicit Allow then the permission is granted to the user. If the permission is Inherited the user is DENIED the permission.

So, to reply to your questions.

1) The ATS Categories, in each category's Permissions tab and the ATS component's Options, in the Permissions tab.

2) If you want your users to edit their ticket metadata (title, custom fields etc) you need to give them the Edit Own Ticket permission.

If you want them to be able to edit their posts' text you need to give them the Edit Own Post permission.

If you want them to be able to submit and reply to their own tickets you need to give them the Create permission.

If you want them to be able to create private tickets you need to give them the Create Private permission.

If you want them to be able to create attachments you need to give them the Create Attachments permission.

Since you said you want them to see the Edit button in the post — to edit the post's text —you need to give them the Edit Own Post permission. Please note that this is a DANGEROUS permission. They would be able to change their post text any time, even months later. Instead, I recommend using the “Own Ticket/Post Editing Grace Time” option in the Components, Akeeba Ticket System, Options, Frontend tab. Read more about it in https://www.akeeba.com/documentation/ats-for-joomla/component-options-frontend.html Usually, setting that to something between 15 and 60 (this is in minutes) is enough for users to correct any obvious mistakes they made without confusing you while you're trying to support them.

 

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

nicholas
Akeeba Staff
Manager

Also note that based on the screenshot you sent me, you are using hard Deny permissions. In fact, you have hard Denied the Edit permission. This means that your users are forbidden from ever accessing any edit page — both the ticket metadata and the post edit page.

Do NOT use a hard Deny. It has a very special meaning to Joomla as I explained above. It will always cause you problems.

Always try using Inherited instead. Inherited is called a soft deny / soft allow because it inherits the permission state from the parent group. If the parent group also uses Inherited the end result is that the permission is denied BUT unlike a hard deny you CAN override it with an explicit Allow in a child group.

For example, you have this user groups hierarchy: Public -> Registered -> Author -> Editor -> Publisher.

If you Deny the Edit permissions in the Registered group then you are also denying it to the Author, Editor and Publisher groups (every group that's under Registered). Moreover you can NEVER, EVER grant these groups the Edit permission. Even if you set it to explicitly Allowed, Joomla will see that you have both an explicit Allow for a user group and also an explicit Deny further up the hierarchy in which case Deny wins. Therefore you can never grant that permission to any group under Registered!

If you use Inherited for the Edit permission in the Registered group you have no problem! The parent group, Public, has that permission also set to Inherited. This means that the permission is Denied but with a major difference: you can grant it in the child groups of the Registered group. If you go to the Author group and set this permission to Allow then the Author group, the Editor group and the Publisher group are allowed to edit tickets and posts.

 

There is one thing you should take away from this.

 

DO NOT USE Deny FOR PERMISSIONS UNLESS IT'S A LEAF NODE (the final user group in a user group hierarchy, or the final category in a categories hierarchy). Doing anything else will always lead to conflicting permissions which Joomla understands as “always Deny and you can't change my mind no matter what you say or do”.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

alexmartin

Thank you for deleting my private information. Unfortunately you also deleted your last instructions for me what was wrong with my settings. 

I tested reply and it does not send out the reply message. 

By the way, the explanation for No new replies should be changed to make it less confusing. 

As I noticed settings after you made changes - it was turned Green on No new replies. ( I made no changes on my own) 

I have tested  with turning the settings to Gray color for No new replies and then Green color . Did not made any difference  ( yes i have cleaned cache and refreshed browser to be sure) . 

Could you please tell me the Color of the setting to be able to Send reply on the option "No new replies"?  Should it be Green or Gray?
Looking forward. 

P.S. It seems to me that this button is not holding after it set to a sate. It swished without my own intention and interaction. 

Thank you for incredible Ticket component!

alexmartin

As you can see i have turned No to No - turned it gray and that function does not make me able to send my reply. 

There is some kind of bug - it turs its stage to Yes without me changing anything. And turning it to green Yes - that is what prohibits to save and send out reply. 

But I have turned it back to gray  and it did not help. 

alexmartin

So it is clear to me that Reply button does not Saved the new reply because there is a Joomla Message: Saving is not permitted. 

But the Option No new replies is set to No - gray color. 

It seems to me it is a bug. 
please help

nicholas
Akeeba Staff
Manager

I will say this again. This is NOT a bug in Akeeba Ticket System, it's your permissions setup which is wrong. Also, you are replying to the wrong ticket... The ticket where you gave me the access information is your private ticket 37115. But that's not important, I can reply here.

Permissions are managed by Joomla itself. The ATS categories are not managed by ATS, they are managed by Joomla's com_categories. The permissions for a category, the permissions for a component and the global permissions are all managed by the Joomla\CMS\Access\Access class which is part of core Joomla. In fact, as a developer, I don't even get direct access to that! All I can do is use the Joomla user object's (Joomla\CMS\User\User) authorise() method and give it the action (permission name) and asset name (component name or category ID). Joomla does its thing and replies with true (allowed) or false (not allowed). It does not tell me why and I don't need to know why. The assumption Joomla makes is that you, the site owner, know what you're doing which is not the case here.

Let me also put it this way. Are you not currently replying to this ticket on our site, which uses the Joomla 4 version you are using, the same Akeeba Ticket System version you installed on your site, the same default view templates we ship with ATS, using the same TinyMCE editor I've set up on your site, Using the same reply area and reply button? Of course you do. That's how we are having this conversation! This proves the point that ATS does work, as long as you set up the permissions correctly.

Further to that, your menu structure is a mess. At this point I am not sure which menu item ID is being chosen when replying to a ticket. You have many ways to get to the same page of the ticket system with different user access levels.

I cannot help you fix that. Your site is in a language I can't even read, let alone understand. 

What you need to do is create a hidden menu. Put a top level Categories menu item. Create submenu items for each category with the appropriate access level. This will create a nice menu items structure.

Wherever in your real menu structure you'd like to have an ATS page create an Alias menu item type and link it to one of the properly structured menu items in your hidden menu.

This is standard practice which overcomes Joomla's triple and conflicting cascading structure for extensions: menu items (ItemID), categories AND SEF router. This is not a problem unique to ATS, it also happens with Joomla's core Articles but you are less likely to see it because you seldom need to create and edit articles in the frontend.

So, again your problems are:

- You had set No New Replies to Yes. We fixed that.

- You had hard Deny permissions. We fixed that.

- Your menu structure is confusing and results in Joomla picking the wrong menu item, with the wrong Access level when parsing the SEF URLs. Therefore it gives you an Access Forbidden error when you try to submit a ticket reply. As I said, you need to fix that because I neither speak nor can read your language.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: Typically we work Monday to Friday, 9am to 7pm Cyprus timezone (EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets, but we cannot respond to them, outside of our working hours.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!