trabajo-afectivo/app/policies/ticket_policy.rb
2022-01-01 14:38:12 +01:00

87 lines
2 KiB
Ruby

# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
class TicketPolicy < ApplicationPolicy
def show?
access?('read')
end
def create?
ensure_group!
access?('create')
end
def update?
access?('change')
end
def destroy?
return true if user.permissions?('admin')
# This might look like a bug is actually just defining
# what exception is being raised and shown to the user.
return false if !access?('delete')
not_authorized('admin permission required')
end
def full?
access?('full')
end
def ensure_group!
return if record.group_id
raise Exceptions::UnprocessableEntity, __("Group can't be blank")
end
def follow_up?
return true if user.permissions?('ticket.agent') # agents can always reopen tickets, regardless of group configuration
return true if record.group.follow_up_possible != 'new_ticket' # check if the setting for follow_up_possible is disabled
return true if record.state.name != 'closed' # check if the ticket state is already closed
raise Exceptions::UnprocessableEntity, __('Cannot follow-up on a closed ticket. Please create a new ticket.')
end
def agent_read_access?
agent_access?('read')
end
private
def access?(access)
return true if agent_access?(access)
customer_access?
end
def agent_access?(access)
return false if !user.permissions?('ticket.agent')
return true if owner?
user.group_access?(record.group.id, access)
end
def owner?
record.owner_id == user.id
end
def customer_access?
return false if !user.permissions?('ticket.customer')
return true if customer?
shared_organization?
end
def customer?
record.customer_id == user.id
end
def shared_organization?
return false if record.organization_id.blank?
return false if user.organization_id.blank?
return false if record.organization_id != user.organization_id
record.organization.shared?
end
end