From 59c944a945800f887f5b598c612db9517f806f01 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Wed, 21 Dec 2016 01:00:25 +0100
Subject: [PATCH] Fixed issue #499 - Improved error handling. Fixed
 Ticket::Overviews.all - use permissions not, not longer role names to decide
 if user is agent or customer.

---
 app/models/ticket/overviews.rb | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/app/models/ticket/overviews.rb b/app/models/ticket/overviews.rb
index 05f502deb..1c9074aa0 100644
--- a/app/models/ticket/overviews.rb
+++ b/app/models/ticket/overviews.rb
@@ -16,32 +16,31 @@ returns
 =end
 
   def self.all(data)
+    current_user = data[:current_user]
 
     # get customer overviews
-    if data[:current_user].role?('Customer')
-      role_id = Role.lookup(name: 'Customer').id
-      overviews = if data[:current_user].organization_id && data[:current_user].organization.shared
-                    Overview.where(role_id: role_id, active: true).order(:prio)
+    if current_user.permissions?('ticket.customer')
+      overviews = if current_user.organization_id && current_user.organization.shared
+                    Overview.where(role_id: current_user.role_ids, active: true).order(:prio)
                   else
-                    Overview.where(role_id: role_id, organization_shared: false, active: true).order(:prio)
+                    Overview.where(role_id: current_user.role_ids, organization_shared: false, active: true).order(:prio)
                   end
       overviews_list = []
       overviews.each { |overview|
         user_ids = overview.user_ids
-        next if !user_ids.empty? && !user_ids.include?(data[:current_user].id)
+        next if !user_ids.empty? && !user_ids.include?(current_user.id)
         overviews_list.push overview
       }
       return overviews_list
     end
 
     # get agent overviews
-    return if !data[:current_user].role?('Agent')
-    role_id = Role.lookup(name: 'Agent').id
-    overviews = Overview.where(role_id: role_id, active: true).order(:prio)
+    return [] if !current_user.permissions?('ticket.agent')
+    overviews = Overview.where(role_id: current_user.role_ids, active: true).order(:prio)
     overviews_list = []
     overviews.each { |overview|
       user_ids = overview.user_ids
-      next if !user_ids.empty? && !user_ids.include?(data[:current_user].id)
+      next if !user_ids.empty? && !user_ids.include?(current_user.id)
       overviews_list.push overview
     }
     overviews_list
@@ -86,6 +85,7 @@ returns
     overviews = Ticket::Overviews.all(
       current_user: user,
     )
+    return [] if overviews.blank?
 
     # get only tickets with permissions
     access_condition = Ticket.access_condition(user)