GOTRS 0.6.1 delivered two major automation systems: the GenericAgent execution engine and ACL-based access control.

The Problem

Manual ticket processing doesn’t scale. Agents shouldn’t spend time on repetitive tasks that follow clear rules. “If ticket is pending for 7 days, escalate to manager” should happen automatically.

Similarly, form options shouldn’t be static. If a ticket is in the Billing queue, why show Development-related states? Context should drive what options appear.

And permissions were checked inconsistently. Some handlers validated access, others didn’t. Security shouldn’t depend on remembering to add checks.

Our Solution

GenericAgent is cron for tickets. Define matching criteria (state, queue, priority, customer, age), specify actions (change state, move queue, add note, reassign), set a schedule. Tickets get processed automatically.

ACLs filter form options based on context. Wildcards, negation, and regex for matching. Whitelist, blacklist, and additive rules for filtering. Chain processing with StopAfterMatch for complex logic.

Group-Based Queue Permissions at the middleware layer. Routes declare required permissions in YAML. Middleware checks before requests reach handlers. No permission? 403. Every time.

Permission types mirror OTRS: ro, rw, create, move_into, note, owner, priority. The abstraction works for both direct group membership and role-based access.

The Benefits

Repetitive ticket processing is automated. Agents focus on work that requires human judgment.

Forms show only relevant options. Users aren’t overwhelmed with choices that don’t apply to their context.

Permissions are enforced consistently. Security doesn’t depend on handler authors remembering to check access.

This release also expanded i18n to 15 languages including RTL support for Arabic, Hebrew, Persian, and Urdu. Complex ticketing workflows need automation foundations. These systems provide them.