Fixes #3454 - No indication in ticket sidebar when a subscribed user no longer has access to a ticket.

app/assets/javascripts/app/controllers/widget/mention.coffee

@@ -43,6 +43,7 @@ class App.WidgetMention extends App.Controller
 
       user = App.User.find(mention.user_id)
       continue if !user
+      continue if !user.active
 
       if mention.user_id is App.Session.get().id
         subscribed = true
@@ -50,7 +51,13 @@ class App.WidgetMention extends App.Controller
       # no break because we need to check if user is subscribed
       continue if counter > 10
 
-      mention.avatar = user.avatar('30', '', '')
+      css            = ''
+      mention.access = true
+      if !@object.isAccessibleBy(user, 'read')
+        css            = 'avatar--inactive'
+        mention.access = false
+
+      mention.avatar = user.avatar('30', '', css)
 
       mentions.push(mention)
       counter++

app/assets/javascripts/app/models/ticket.coffee

@@ -324,15 +324,8 @@ class App.Ticket extends App.Model
     return @userGroupAccess(permission)
 
   userGroupAccess: (permission) ->
-    user      = App.User.current()
-    group_ids = user.allGroupIds(permission)
-    return false if !@group_id
-
-    for local_group_id in group_ids
-      if local_group_id.toString() is @group_id.toString()
-        return true
-
-    return false
+    user = App.User.current()
+    return @isAccessibleByGroup(user, permission)
 
   userIsCustomer: ->
     user = App.User.current()
@@ -341,10 +334,32 @@ class App.Ticket extends App.Model
 
   userIsOwner: ->
     user = App.User.current()
-    return true if user.id is @owner_id
-    false
+    return @isAccessibleByOwner(user)
 
   currentView: ->
     return 'agent' if App.User.current()?.permission('ticket.agent') && @userGroupAccess('read')
     return 'customer' if App.User.current()?.permission('ticket.customer')
     return
+
+  isAccessibleByOwner: (user) ->
+    return false if !user
+    return true if user.id is @owner_id
+    false
+
+  isAccessibleByGroup: (user, permission) ->
+    return false if !user
+
+    group_ids = user.allGroupIds(permission)
+    return false if !@group_id
+
+    for local_group_id in group_ids
+      if local_group_id.toString() is @group_id.toString()
+        return true
+
+    return false
+
+  isAccessibleBy: (user, permission) ->
+    return false if !user
+    return false if !user.permission('ticket.agent')
+    return true if @isAccessibleByOwner(user)
+    return @isAccessibleByGroup(user, permission)

app/assets/javascripts/app/models/user.coffee

@@ -269,13 +269,13 @@ class App.User extends App.Model
   ###
   allGroupIds: (permission = 'full') ->
     group_ids = []
-    user_group_ids = App.Session.get('group_ids')
+    user_group_ids = @group_ids
     if user_group_ids
       for local_group_id, local_permission of user_group_ids
         if _.include(local_permission, permission) || _.include(local_permission, 'full')
           group_ids.push local_group_id
 
-    user_role_ids = App.Session.get('role_ids')
+    user_role_ids = @role_ids
     if user_role_ids
       for role_id in user_role_ids
         if App.Role.exists(role_id)

app/assets/javascripts/app/views/widget/mention.jst.eco

@@ -9,6 +9,6 @@
 </form>
 <div class="controls-label">
 <% for mention in @mentions: %>
-  <a href="#user/profile/<%= mention.user_id %>"><%- mention.avatar %></a>
+  <a href="#user/profile/<%= mention.user_id %>"<% if !mention.access: %> title="<%- @T('User has no access and will not recieve notifications.') %>"<% end %>><%- mention.avatar %></a>
 <% end %>
 </div>