trabajo-afectivo/app/policies/activity_stream_policy/scope.rb

31 lines
774 B
Ruby
Raw Normal View History

# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class ActivityStreamPolicy < ApplicationPolicy
class Scope < ApplicationPolicy::Scope
def resolve
if customer?
scope.where(id: nil)
elsif group_ids.blank?
scope.where(permission_id: permission_ids, group_id: nil)
else
scope.where(permission_id: [*permission_ids, nil], group_id: [*group_ids, nil])
.where.not('permission_id IS NULL AND group_id IS NULL')
end
end
private
def customer?
!user.permissions?(%w[admin ticket.agent])
end
def permission_ids
@permission_ids ||= user.permissions_with_child_ids
end
def group_ids
@group_ids ||= user.group_ids_access('read')
end
end
end