By David Rodriguez (dvr@arsdigita.com)
There are two classes of users: Administrators and Users. Administrators can create/delete/edit feature areas and choose which users are allowed access to the ticket tracker. Users can add tickets and comments, and assign users to tickets (a feature of dubious value that might be removed at some point).
Although an administrator is allowed to do anything a user can do, only Users show up in the pull-down menus as candidates for assignment to tickets.
Internally, administrators are those users with 'admin' privilege for the package, and ticket tracker users are those who have the 'write' privilege.
Since the ticket tracker is ofter mounted as private directory on a public site, we don't want read privileges inherited from the node above. Our solution: when checking for 'admin' privilege, use the standard permission_p plsql function, but when looking for the 'write' privilege, query directly against the acs_permissions table. Look at the source for ttl_top_privilege_for_object to see exactly how this works.
Permissions are only set at the instance level because I haven't seen the need for attaching records at the level of the feature area or induvidual ticket.
Ticket Tracker Lite comes with its own template because it uses a style sheets to control the appearance. If you want to change the template, edit the source of the tcl procedure ttl_master_template.