Added permission lookup.
This commit is contained in:
parent
ff9b7ad990
commit
5835e719c6
1 changed files with 16 additions and 6 deletions
|
@ -462,13 +462,23 @@ class TicketsController < ApplicationController
|
||||||
query = params[:term]
|
query = params[:term]
|
||||||
limit = params[:limit] || 15
|
limit = params[:limit] || 15
|
||||||
|
|
||||||
|
conditions = []
|
||||||
|
if current_user.is_role('Agent')
|
||||||
|
group_ids = Group.select( 'groups.id' ).joins(:users).
|
||||||
|
where( 'groups_users.user_id = ?', current_user.id ).
|
||||||
|
where( 'groups.active = ?', true ).
|
||||||
|
map( &:id )
|
||||||
|
conditions = [ 'group_id IN (?)', group_ids ]
|
||||||
|
else
|
||||||
|
if !current_user.organization || !current_user.organization.shared
|
||||||
|
conditions = [ 'customer_id = ?', current_user.id ]
|
||||||
|
else
|
||||||
|
conditions = [ '( customer_id = ? OR organization_id = ? )', current_user.id, current_user.organization.shared ]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
# do query
|
# do query
|
||||||
tickets_all = Ticket.find(
|
tickets_all = Ticket.where(conditions).where( '( title LIKE ? OR number LIKE ? )', "%#{query}%", "%#{query}%" ).limit(limit).order(:created_at)
|
||||||
:all,
|
|
||||||
:limit => limit,
|
|
||||||
:conditions => ['title LIKE ? OR number LIKE ?', "%#{query}%", "%#{query}%" ],
|
|
||||||
:order => 'created_at'
|
|
||||||
)
|
|
||||||
|
|
||||||
# build result list
|
# build result list
|
||||||
tickets = []
|
tickets = []
|
||||||
|
|
Loading…
Reference in a new issue