123456789101112131415161718192021222324252627282930 |
- # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
- class ActivityStreamPolicy < ApplicationPolicy
- class Scope < ApplicationPolicy::Scope
- def resolve
- if customer?
- scope.where(id: nil)
- elsif group_ids.blank?
- scope.where(permission_id: permission_ids, group_id: nil)
- else
- scope.where(permission_id: [*permission_ids, nil], group_id: [*group_ids, nil])
- .where.not('permission_id IS NULL AND group_id IS NULL')
- end
- end
- private
- def customer?
- !user.permissions?(%w[admin ticket.agent])
- end
- def permission_ids
- @permission_ids ||= user.permissions_with_child_ids
- end
- def group_ids
- @group_ids ||= user.group_ids_access('read')
- end
- end
- end
|