ticket_policy.rb 1.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778
  1. class TicketPolicy < ApplicationPolicy
  2. def show?
  3. access?('read')
  4. end
  5. def create?
  6. access?('create')
  7. end
  8. def update?
  9. access?('change')
  10. end
  11. def destroy?
  12. return true if user.permissions?('admin')
  13. # This might look like a bug is actually just defining
  14. # what exception is being raised and shown to the user.
  15. return false if !access?('delete')
  16. not_authorized('admin permission required')
  17. end
  18. def full?
  19. access?('full')
  20. end
  21. def follow_up?
  22. return true if user.permissions?('ticket.agent') # agents can always reopen tickets, regardless of group configuration
  23. return true if record.group.follow_up_possible != 'new_ticket' # check if the setting for follow_up_possible is disabled
  24. return true if record.state.name != 'closed' # check if the ticket state is already closed
  25. raise Exceptions::UnprocessableEntity, 'Cannot follow-up on a closed ticket. Please create a new ticket.'
  26. end
  27. def agent_read_access?
  28. agent_access?('read')
  29. end
  30. private
  31. def access?(access)
  32. return true if agent_access?(access)
  33. customer_access?
  34. end
  35. def agent_access?(access)
  36. return false if !user.permissions?('ticket.agent')
  37. return true if owner?
  38. user.group_access?(record.group.id, access)
  39. end
  40. def owner?
  41. record.owner_id == user.id
  42. end
  43. def customer_access?
  44. return false if !user.permissions?('ticket.customer')
  45. return true if customer?
  46. shared_organization?
  47. end
  48. def customer?
  49. record.customer_id == user.id
  50. end
  51. def shared_organization?
  52. return false if record.organization_id.blank?
  53. return false if user.organization_id.blank?
  54. return false if record.organization_id != user.organization_id
  55. record.organization.shared?
  56. end
  57. end