group_policy.rb 1.0 KB

12345678910111213141516171819202122232425262728293031323334353637
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. class GroupPolicy < ApplicationPolicy
  3. def show?
  4. return true if admin?
  5. return true if user.group_access?(record, %w[read create change])
  6. if user.permissions?('ticket.customer')
  7. return group_is_customer_group? || group_has_customer_tickets? ? customer_field_scope : false
  8. end
  9. false
  10. end
  11. private
  12. def admin?
  13. user.permissions?('admin.group')
  14. end
  15. def group_is_customer_group?
  16. create_group_ids = Setting.get('customer_ticket_create_group_ids')
  17. return create_group_ids.include?(record.id) if create_group_ids.present?
  18. true # All groups allowed if 'customer_ticket_create_group_ids' is empty.
  19. end
  20. def group_has_customer_tickets?
  21. # Check if user is customer for any tickets in this group.
  22. Ticket.exists?(customer: user, group: record)
  23. end
  24. def customer_field_scope
  25. @customer_field_scope ||= ApplicationPolicy::FieldScope.new(allow: %w[id name follow_up_possible reopen_time_in_days active])
  26. end
  27. end