Allow also to search in inactive groups.

2016-05-22 23:17:46 +02:00 · 2016-05-22 23:17:46 +02:00 · a6cdde345c
commit a6cdde345c
parent 10e0592140
2 changed files with 9 additions and 14 deletions
--- a/app/controllers/tickets_controller.rb
+++ b/app/controllers/tickets_controller.rb
@ -116,20 +116,15 @@ class TicketsController < ApplicationController
    assets = ticket.assets({})

    # open tickets by customer
-    group_ids = Group.select('groups.id')
-                     .joins(:users)
-                     .where('groups_users.user_id = ?', current_user.id)
-                     .map(&:id)
-
-    access_condition = [ 'group_id IN (?)', group_ids ]
+    access_condition = Ticket.access_condition(current_user)

    ticket_lists = Ticket
                   .where(
                     customer_id: ticket.customer_id,
-                     state_id: Ticket::State.by_category( 'open' )
+                     state_id: Ticket::State.by_category('open')
                   )
                   .where(access_condition)
-                   .where( 'id != ?', [ ticket.id ] )
+                   .where('id != ?', [ ticket.id ])
                   .order('created_at DESC')
                   .limit(6)

@ -174,7 +169,7 @@ class TicketsController < ApplicationController
    return if !ticket_permission(ticket_master)

    # check slave ticket
-    ticket_slave = Ticket.find_by(id: params[:slave_ticket_id] )
+    ticket_slave = Ticket.find_by(id: params[:slave_ticket_id])
    if !ticket_slave
      render json: {
        result: 'faild',
--- a/app/models/ticket.rb
+++ b/app/models/ticket.rb
@ -108,16 +108,16 @@ returns
  def self.access_condition(user)
    access_condition = []
    if user.role?(Z_ROLENAME_AGENT)
-      group_ids = Group.select( 'groups.id' ).joins(:users)
-                       .where( 'groups_users.user_id = ?', user.id )
-                       .where( 'groups.active = ?', true )
-                       .map( &:id )
+      group_ids = Group.select('groups.id').joins(:users)
+                       .where('groups_users.user_id = ?', user.id)
+                       .where('groups.active = ?', true)
+                       .map(&:id)
      access_condition = [ 'group_id IN (?)', group_ids ]
    else
      access_condition = if !user.organization || ( !user.organization.shared || user.organization.shared == false )
                           [ 'tickets.customer_id = ?', user.id ]
                         else
-                           [ '( tickets.customer_id = ? OR tickets.organization_id = ? )', user.id, user.organization.id ]
+                           [ '(tickets.customer_id = ? OR tickets.organization_id = ?)', user.id, user.organization.id ]
                         end
    end
    access_condition