Thu, 28 Aug 2008 16:42:14 -0400 http://bugs.horde.org/ticket/3789 pick up number for guest ,if without read permission Follow up ticket 3630 >If have a queue where guests have the rights "Show" and "Edit", but not "Read" >So they are able to report something, but not to read the content afterwards. On this way it is possible to *report critical content* that should not be accessible by anyone. How about send guest a pick-up number in the first notification message,so they can read ticket's history ,if guest just have Show and Edit permission. Tue, 18 Apr 2006 20:47:33 -0400 http://bugs.horde.org/ticket/3789#t19132 What would the pick-up number link to? One problem is that SHOW permission means you can see an object exists, but not what it is (more or less - times for calendar events but not titles, etc.). How would having SHOW let someone see information about a ticket, using that understanding of SHOW? Wed, 19 Apr 2006 00:41:09 -0400 http://bugs.horde.org/ticket/3789#t19146 Yes, the permissions should be opposite. E.g. if the user has read but not show permissions, he will get the regular notification message and can access the ticket through the url, but it won't show up in any bug listings. This won't keep any anonymous user from trying several bug number manually though, so it's only obfuscation by hiding. Wed, 19 Apr 2006 02:51:55 -0400 http://bugs.horde.org/ticket/3789#t19151 Here is my thought about this issue: First,the ticket did not realy created into system until guest confirm by the url or pick-up number given in the first notification.This is for verify guest's mail address. Second,those who can provide corrct pick-up number or url,system will treat them as CREATOR not GUEST only for that ticket. David Wed, 19 Apr 2006 12:02:13 -0400 http://bugs.horde.org/ticket/3789#t19186