Fixes #3454 - No indication in ticket sidebar when a subscribed user no longer has access to a ticket.

app/assets/javascripts/app/controllers/widget/mention.coffee

@@ -43,6 +43,7 @@ class App.WidgetMention extends App.Controller
 
       user = App.User.find(mention.user_id)
       continue if !user
+      continue if !user.active
 
       if mention.user_id is App.Session.get().id
         subscribed = true
@@ -50,7 +51,13 @@ class App.WidgetMention extends App.Controller
       # no break because we need to check if user is subscribed
       continue if counter > 10
 
-      mention.avatar = user.avatar('30', '', '')
+      css            = ''
+      mention.access = true
+      if !@object.isAccessibleBy(user, 'read')
+        css            = 'avatar--inactive'
+        mention.access = false
+
+      mention.avatar = user.avatar('30', '', css)
 
       mentions.push(mention)
       counter++

app/assets/javascripts/app/models/ticket.coffee

@@ -324,7 +324,31 @@ class App.Ticket extends App.Model
     return @userGroupAccess(permission)
 
   userGroupAccess: (permission) ->
-    user      = App.User.current()
+    user = App.User.current()
+    return @isAccessibleByGroup(user, permission)
+
+  userIsCustomer: ->
+    user = App.User.current()
+    return true if user.id is @customer_id
+    false
+
+  userIsOwner: ->
+    user = App.User.current()
+    return @isAccessibleByOwner(user)
+
+  currentView: ->
+    return 'agent' if App.User.current()?.permission('ticket.agent') && @userGroupAccess('read')
+    return 'customer' if App.User.current()?.permission('ticket.customer')
+    return
+
+  isAccessibleByOwner: (user) ->
+    return false if !user
+    return true if user.id is @owner_id
+    false
+
+  isAccessibleByGroup: (user, permission) ->
+    return false if !user
+
     group_ids = user.allGroupIds(permission)
     return false if !@group_id
 
@@ -334,17 +358,8 @@ class App.Ticket extends App.Model
 
     return false
 
-  userIsCustomer: ->
+  isAccessibleBy: (user, permission) ->
-    user = App.User.current()
+    return false if !user
-    return true if user.id is @customer_id
+    return false if !user.permission('ticket.agent')
-    false
+    return true if @isAccessibleByOwner(user)
-
+    return @isAccessibleByGroup(user, permission)
-  userIsOwner: ->
-    user = App.User.current()
-    return true if user.id is @owner_id
-    false
-
-  currentView: ->
-    return 'agent' if App.User.current()?.permission('ticket.agent') && @userGroupAccess('read')
-    return 'customer' if App.User.current()?.permission('ticket.customer')
-    return

app/assets/javascripts/app/models/user.coffee

@@ -269,13 +269,13 @@ class App.User extends App.Model
   ###
   allGroupIds: (permission = 'full') ->
     group_ids = []
-    user_group_ids = App.Session.get('group_ids')
+    user_group_ids = @group_ids
     if user_group_ids
       for local_group_id, local_permission of user_group_ids
         if _.include(local_permission, permission) || _.include(local_permission, 'full')
           group_ids.push local_group_id
 
-    user_role_ids = App.Session.get('role_ids')
+    user_role_ids = @role_ids
     if user_role_ids
       for role_id in user_role_ids
         if App.Role.exists(role_id)

app/assets/javascripts/app/views/widget/mention.jst.eco

@@ -9,6 +9,6 @@
 </form>
 <div class="controls-label">
 <% for mention in @mentions: %>
-  <a href="#user/profile/<%= mention.user_id %>"><%- mention.avatar %></a>
+  <a href="#user/profile/<%= mention.user_id %>"<% if !mention.access: %> title="<%- @T('User has no access and will not recieve notifications.') %>"<% end %>><%- mention.avatar %></a>
 <% end %>
 </div>