Here you can define which actions the user or group can perform. All members receive their allowed actions from the group or resource.

The list of actions is managed in the Configuration module.

Many actions apply only in certain situations/states of a ticket for specific users. Each user can only ever take one role to a specific ticket, depending on permissions, resource memberships, and ticket state. If no role applies, there is also no access to the ticket and no action can be executed.

The following roles are distinguished:

• End user - this is the ticket owner, the person who created the ticket or whose issue it is about. An end user can only see and, if necessary, change their own tickets. An end user has no other permissions in terms of ticket editing
• Supporter - any user whose permissions to edit tickets exceed those of the end user.
• Dispatcher - these are users with the Dispatcher permission. If the ticket is a request they can process it and authorize (i.e. assign) it to the responsible resource. When using automatic authorization, this role may not be needed.
• Resource member - these are users who belong to a resource and have at least read access to that resource - or if they have the Read all tickets permission. Resource members with write access to a resource, or the Write all tickets permissions, edit and complete the ticket by performing actions allowed for Resource Members.

Note: If a user has created their own ticket, and it has been authorized to the resource they are a member of, then the user is considered a Resource Member, not an End User. Any special features for resource members then apply as well.

Analogous to permissions, allowed actions are additive, i.e. an action allowed by any membership is not revoked by another membership in which that action is not allowed.

All allowed actions have a global effect. This means that no matter by which group or resource the action was allowed for a user, the user is then allowed this action in all groups or resources. It is not possible to allow one user to do something in one resource A and not in another resource B.

Either two or three pieces of information are displayed for each individual action:

1. The checkbox explicitly allows this action for the user or group
2. Inheritance is displayed for users only and means that this action was allowed by a group of the user.
3. The addition GRANTED means that this action is available to the user or group, either directly or inherited.

To find out for a user which group(s) inherit an action, click the 'Open Inheritance Details' button in the dialog.

The following actions are available for all users (end users, resource members and dispatchers, see above):

• Anfrage erstellen: Whether the user can create new tickets. This has no effect on whether new tickets are created via email.

• Auftrag/Anfrage löschen: Whether an existing ticket can be deleted. End users can only delete their own tickets. Dispatcher can only delete requests that are not yet authorized. Resource members can delete tickets to whose resource they have write access. Resource members can also delete closed tickets.
  • Special feature: the corresponding resource must allow deleting tickets for resource members.

• Anlage löschen: Whether an attachment may be deleted from the ticket.
  • Special feature: By default, only open tickets can be edited. If the option "Allow editing of step content after closing a ticket" is enabled, resource members and dispatchers can also remove attachments from deleted and finished tickets.

• Anlage manuell hinzufügen: Whether users can manually add additional attachments to the ticket. Regardless, attachments can always be added to steps of any type. If attachments are generally not desired, disable the attachment plugin.

• Auftrag Reaktivieren: Whether closed and deleted orders can be reactivated.
  • Note: in the i-net HelpDesk Desktop application for Supporter, Reactivate is not supported for end users.

• Beenden: Whether the user is allowed to end a ticket. End users can only end their own tickets. Dispatcher can close open tickets directly. Resource staff can end tickets in resources they have write access to.
  • Special feature: Dispatcher can close tickets in the i-net HelpDesk Desktop application for supporters only if they have write access to at least one resource.

• Benutzer Kommentar: Whether the end user of a ticket is allowed to write comments. Comments can only be written for own tickets.
  • Special feature: If a user is a supervisor of a group, then he can also comment if the action has been allowed for the supervisor. This action can reactivate closed tickets, regardless of whether the action Reactivate is allowed. Deleted tickets cannot be reactivated by a comment.

All other actions are only available for Resource Members or Dispatchers. They will also only be displayed if the current user is a Resource Member or Dispatcher, or the current group is not the end user group.

The following actions are available for resource members and dispatcher when editing.

• Autorisieren (Resource Member/Dispatcher): whether requests to a resource can be authorized. This is mostly only useful for Dispatchers. It has no effect on automatic authorization by email account, category, mail triggers or tickets created by end users. When resource members manually create tickets, they can authorize them directly if the action is allowed.

• Bearbeiten (Resource Member): Whether the resource member is allowed to perform the action Edit.

• Email senden (Resource Member/Dispatcher): Whether emails can be sent to the end user. Emails can only be sent if an SMTP server is set in the configuration.

• Text eines Bearbeitungsschrittes ändern (Resource Member/Dispatcher): Whether the user can reedit the texts of existing steps. This applies to requests as well as authorized tickets.
  • Special feature: If the option "Allow editing of step content after closing a ticket" is active, then closed and deleted tickets can be edited as well.

• Termin entfernen (Resource Member): Whether the resource member can delete a set appointment.

• Termin vereinbaren (Resource Member): Whether the resource member is allowed to make new appointments.

• Weiterleiten (Manuell Eskalieren) (Resource Member): Whether the resource member may forward an authorized ticket to another resource. This action replaces the action Ressource ändern. It can be performed only by resource members. Dispatchers can always change the resource of requests.

• Wiedervorlegen (Resource Member): Whether a ticket can be put on resubmission.

• Übernehmen (Resource Member): Whether the resource member can perform the take over action, stating, that the user will handle the ticket.

• Benutzerdefinierte Aktionen (Custom) (Resource Member): All user-defined actions are always only possible for resource members and can only be applied to open tickets.

These actions restrict the fields that a Resource Member or Dispatcher can change in tickets.

Note: in the i-net HelpDesk Desktop application for supporters dispatchers can always change the fields of existing tickets.

• Benutzer ändern (Resource Member/Dispatcher): Whether the end user can be changed from existing tickets.
  • Special feature: For authorized tickets, the resource must also allow changing users.

• Deadline ändern (Resource Member/Dispatcher): Whether the deadline can be changed after the ticket has been created.

• Kategorie ändern, Kennung ändern, Klassifizierung ändern, Priorität ändern, Ticket-Feld ändern, Sollzeit ändern, Betreff ändern, ITIL ändern¹⁾ (Resource Member/Dispatcher): Whether the user can change the corresponding fields in existing tickets.

Organizational actions are special operations for Resource Members or Dispatchers.

• Auftrag Bündeln (Resource Member): Whether the user is allowed to bundle tickets together as one.

• Auftrag Entbündeln (Resource Member): Whether the user is allowed to unbundle tickets from a bundle.

• Freigaben ändern (Resource Member/Dispatcher): Whether the user is allowed to give other users or groups access to a ticket, or modify that access. See ticket sharing for additional information.

• Tickets verknüpfen (Resource Member/Dispatcher): This permission allows "free linking" of any tickets using the Ticket Extension Links.

• Workflow eingeleitet (Resource Member/Dispatcher): Whether workflows can be applied by the user.
  • Note: Even if workflows create new tickets in the form of substeps, the action Create request is not necessary here. Likewise, the Authorize action is not required when a workflow is applied to a request.