And exactly how do assign a ticket to a group?
There are multiple options possible and scripting might be just part of the solution.
a) A portal could be used to limit which tickets are visible.
b) record level access control in Manage Security might be used.
c) Scripts that perform finds and constrain found sets can be performed when a layout is entered and when a window enters Browse mode.
After waking up this morning I realized that I have what I want for the most part already.
Relationships: Contacts::Dept = Tickets::Dept another instance is: Contacts::Name = Tickets::Name
Ticket Creation: When a ticket is fist opened the AccountName is added to the ticket::origination field, the department the account name is a part of is added to the ticket::Department field and the account name is also added to the tickets::name field. The tickets::name field is the field I would change to reassign the ticket to a different member or leave it blank to be assigned back to the group. I currently have a portal on the tickets layout that shows all tickets assigned to a member by the Tickets::Name field and by using their account name when they first logon. I also have a ticket list layout that show all tickets where I have a script to filter out tickets based on user.
I guess what I need help with is "locking" those tickets that are assigned to other members to prevent anyone from sabotage (fore lack of a better term). But also give managers the ability to reassign tickets as they see fit.
If you wish to be absolutely sure that no one can view and/or edit a ticket not assigned to them, Record Level Access control is the best approach.