From a6cdde345cc956c47aa3f84729ade72e59a9e3fd Mon Sep 17 00:00:00 2001 From: Martin Edenhofer Date: Sun, 22 May 2016 23:17:46 +0200 Subject: [PATCH] Allow also to search in inactive groups. --- app/controllers/tickets_controller.rb | 13 ++++--------- app/models/ticket.rb | 10 +++++----- 2 files changed, 9 insertions(+), 14 deletions(-) diff --git a/app/controllers/tickets_controller.rb b/app/controllers/tickets_controller.rb index 8a5e3a9cd..2436bc1f6 100644 --- a/app/controllers/tickets_controller.rb +++ b/app/controllers/tickets_controller.rb @@ -116,20 +116,15 @@ class TicketsController < ApplicationController assets = ticket.assets({}) # open tickets by customer - group_ids = Group.select('groups.id') - .joins(:users) - .where('groups_users.user_id = ?', current_user.id) - .map(&:id) - - access_condition = [ 'group_id IN (?)', group_ids ] + access_condition = Ticket.access_condition(current_user) ticket_lists = Ticket .where( customer_id: ticket.customer_id, - state_id: Ticket::State.by_category( 'open' ) + state_id: Ticket::State.by_category('open') ) .where(access_condition) - .where( 'id != ?', [ ticket.id ] ) + .where('id != ?', [ ticket.id ]) .order('created_at DESC') .limit(6) @@ -174,7 +169,7 @@ class TicketsController < ApplicationController return if !ticket_permission(ticket_master) # check slave ticket - ticket_slave = Ticket.find_by(id: params[:slave_ticket_id] ) + ticket_slave = Ticket.find_by(id: params[:slave_ticket_id]) if !ticket_slave render json: { result: 'faild', diff --git a/app/models/ticket.rb b/app/models/ticket.rb index 9d449ab8a..9520ebd12 100644 --- a/app/models/ticket.rb +++ b/app/models/ticket.rb @@ -108,16 +108,16 @@ returns def self.access_condition(user) access_condition = [] if user.role?(Z_ROLENAME_AGENT) - group_ids = Group.select( 'groups.id' ).joins(:users) - .where( 'groups_users.user_id = ?', user.id ) - .where( 'groups.active = ?', true ) - .map( &:id ) + group_ids = Group.select('groups.id').joins(:users) + .where('groups_users.user_id = ?', user.id) + .where('groups.active = ?', true) + .map(&:id) access_condition = [ 'group_id IN (?)', group_ids ] else access_condition = if !user.organization || ( !user.organization.shared || user.organization.shared == false ) [ 'tickets.customer_id = ?', user.id ] else - [ '( tickets.customer_id = ? OR tickets.organization_id = ? )', user.id, user.organization.id ] + [ '(tickets.customer_id = ? OR tickets.organization_id = ?)', user.id, user.organization.id ] end end access_condition