Skip to content
  1. Extras
  2. Tickets
  3. Interface
  4. Policies and permissions

Policies and permissions

Tickets ships three access policies. Keys are checked on the frontend (forms, AJAX) and in mgr.

Policies

PolicyForPurpose
TicketUserPolicysite user grouptickets and comments on the frontend
TicketVipPolicyprivileged usersTicketUserPolicy + private ticket viewing
TicketSectionPolicyticket section resourceallow creating tickets in that section

Basic group setup: User permissions setup.

TicketSectionPolicy

Attach to the section resource. Main key:

KeyDescription
section_add_childrenCreate tickets in the section

TicketForm and web/section/getlist hide sections without this permission. No snippet parameter overrides the check.

TicketUserPolicy and TicketVipPolicy

Assigned to a group in web. VIP adds ticket_view_private.

TicketUserPolicy / TicketVipPolicy keys

KeyDescription
ticket_saveCreate and edit own ticket
ticket_deleteDelete own ticket
ticket_publishPublish/unpublish own ticket
ticket_view_privateView private tickets (VIP only)
ticket_voteVote on ticket
ticket_starStar ticket
ticket_file_uploadUpload ticket files
ticket_file_deleteDelete own ticket files
section_unsubscribeUnsubscribe users from section (mgr)
comment_saveCreate and edit comments
comment_deleteDelete/restore comment
comment_removePermanently remove comment and children
comment_publishPublish/unpublish comment
comment_file_uploadUpload files on comments
comment_voteVote on comment
comment_starStar comment
thread_closeClose/open thread
thread_deleteDelete/restore thread
thread_removePermanently remove thread and all comments

MODX edit_document still allows editing others' tickets in mgr.

Private tickets

private / privateweb on the ticket. Without ticket_view_private, redirect to tickets_private_ticket_page.

Subscriptions

  • Section — checkbox in tpl.Tickets.comment.wrapper, AJAX section/subscribe
  • AuthorsubscribeAuthor, AJAX author/subscribe

Both require a logged-in frontend user.