Most end users are Guest users invited from external client companies. They submit tickets that agents work on.
Can we set this up so that Submitters can see all the tickets related to the Client/Organization they belong to, and no others?
(Office365/SharePoint Online version)
The submission form also may have fields that have information linked to that particular organization.
Submitters should not even be able to see a list of other clients, users, or any data that might be linked to them. So that, based on the person's log in ID and what Client/Organization they are associated with, they see only their own company's information.
In looking through some other topics here on "Organization" topics, I was thinking that we could create a separate List with Client/Organization data, including all users associated with that Client and any data needed to populate drop downs specific to them. Then we could add Lookup columns to the ticket.
Where I'm unsure is how to get this truly permissions-controlled so that a logged-in user gets to see more than just their own submitted tickets (they should see ALL tickets for their company), but not anything from any other companies.
We could possibly create one list per company and create a permissions group per client and unique permissions to that list, or keep all the data in one list but set permissions by folders in that list. Not really sure if that would work.
I'm also not sure how the query works to try to pull back all data for that company (not just what the user submitted).
Help?