diff -Nur osticket_1.6.rc2/upload/include/staff/viewticket.inc.php osticket_1.6.rc2-patch4/upload/include/staff/viewticket.inc.php
--- osticket_1.6.rc2/upload/include/staff/viewticket.inc.php	2008-01-01 04:40:46.000000000 +0100
+++ osticket_1.6.rc2-patch4/upload/include/staff/viewticket.inc.php	2008-01-24 09:36:31.000000000 +0100
@@ -414,6 +414,19 @@
                                 //TODO: make sure the user's group is also active....DO a join.
                                 $sql=' SELECT staff_id,CONCAT_WS(", ",lastname,firstname) as name FROM '.STAFF_TABLE.
                                      ' WHERE isactive=1 AND onvacation=0 ';
+
+                                $depts=$thisuser->getDepts();
+                                if(!$depts or !is_array($depts) or !count($depts)){
+                                       //if dept returns nothing...show only orphaned staff (without dept) which could mean..none...and display an error.
+                                       $sql .='  AND dept_id IN ( 0 ) ';
+                                }else if($thisuser->isadmin()){
+                                       //user allowed acess to all departments.
+                                       $sql .='  AND 1=1'; // Brain fart...can not thing of a better way other than selecting all depts + 0 ..wasted query in my book?
+                                }else{
+                                       //limited depts....user can access tickets assigned to them regardless of the dept.
+                                       $sql .=' AND dept_id IN ('.implode(',',$depts).')';
+                                }
+
                                 if($ticket->isAssigned()) 
                                     $sql.=' AND staff_id!='.db_input($ticket->getStaffId());
                                 $depts= db_query($sql.' ORDER BY lastname,firstname ');