scope.rb 775 B

123456789101112131415161718192021222324252627282930
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
  2. class ActivityStreamPolicy < ApplicationPolicy
  3. class Scope < ApplicationPolicy::Scope
  4. def resolve
  5. if customer?
  6. scope.where(id: nil)
  7. elsif group_ids.blank?
  8. scope.where(permission_id: permission_ids, group_id: nil)
  9. else
  10. scope.where(permission_id: [*permission_ids, nil], group_id: [*group_ids, nil])
  11. .where.not('permission_id IS NULL AND group_id IS NULL')
  12. end
  13. end
  14. private
  15. def customer?
  16. !user.permissions?(%w[admin ticket.agent])
  17. end
  18. def permission_ids
  19. @permission_ids ||= user.permissions_with_child_ids
  20. end
  21. def group_ids
  22. @group_ids ||= user.group_ids_access('read')
  23. end
  24. end
  25. end