Tickets Visibility

Unify ticket visibility as a routine to make sure it's applied uniformly.

Tickets Visibility
Unify ticket visibility as a routine to make sure it's applied uniformly.
5bfabd28 · Peter Rotich · c1781bf6 · 5bfabd28 · 5bfabd28 · 5bfabd28
Commit 5bfabd28 authored 7 years ago by Peter Rotich
--- a/include/ajax.search.php
+++ b/include/ajax.search.php
@@ -369,23 +369,8 @@ class SearchAjaxAPI extends AjaxController {

        // Visibility contraints ------------------
        // TODO: Consider SavedSearch::ignoreVisibilityConstraints()
-
-        // -- Open and assigned to me
-        $assigned = Q::any(array(
-            'staff_id' => $thisstaff->getId(),
-        ));
-        // -- Open and assigned to a team of mine
-        if ($teams = array_filter($thisstaff->getTeams()))
-            $assigned->add(array('team_id__in' => $teams));
-
-        $visibility = Q::any(new Q(array('status__state'=>'open', $assigned)));
-
-        // -- Routed to a department of mine
-        if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts()))
-            $visibility->add(array('dept_id__in' => $depts));
-
+        $visibility = $thisstaff->getTicketsVisibility();
        $query->filter($visibility);
-
        foreach ($queues as $queue) {
            $Q = $queue->getBasicQuery();
            if (count($Q->extra) || $Q->isWindowed()) {

--- a/include/ajax.thread.php
+++ b/include/ajax.thread.php
@@ -33,15 +33,7 @@ class ThreadAjaxAPI extends AjaxController {
        $limit = isset($_REQUEST['limit']) ? (int) $_REQUEST['limit']:25;
        $tickets=array();

-        $visibility = Q::any(array(
-            'staff_id' => $thisstaff->getId(),
-            'team_id__in' => $thisstaff->teams->values_flat('team_id'),
-        ));
-        if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts())) {
-            $visibility->add(array('dept_id__in' => $depts));
-        }
-
-
+        $visibility = $thisstaff->getTicketsVisibility();
        $hits = Ticket::objects()
            ->filter(Q::any(array(
                'number__startswith' => $_REQUEST['q'],

--- a/include/ajax.tickets.php
+++ b/include/ajax.tickets.php
@@ -32,15 +32,7 @@ class TicketsAjaxAPI extends AjaxController {
        if (!$_REQUEST['q'])
            return $this->json_encode($tickets);

-        $visibility = Q::any(array(
-            'staff_id' => $thisstaff->getId(),
-            'team_id__in' => $thisstaff->teams->values_flat('team_id'),
-        ));
-
-        if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts())) {
-            $visibility->add(array('dept_id__in' => $depts));
-        }
-
+        $visibility = $thisstaff->getTicketsVisibility();
        $hits = Ticket::objects()
            ->filter($visibility)
            ->values('user__default_email__address')

--- a/include/class.export.php
+++ b/include/class.export.php
@@ -98,6 +98,12 @@ class Export {

    static  function saveTickets($sql, $fields, $filename, $how='csv',
            $options=array()) {
+       global $thisstaff;
+
+       if (!$thisstaff)
+               return null;
+
+       $sql->filter($thisstaff->getTicketsVisibility());
        Http::download($filename, "text/$how");
        self::dumpTickets($sql, $fields, $how, $options);
        exit;

--- a/include/staff/templates/queue-tickets.tmpl.php
+++ b/include/staff/templates/queue-tickets.tmpl.php
@@ -3,28 +3,10 @@
 // $tickets - <QuerySet> with all columns and annotations necessary to
 //      render the full page

-// For searches, some staff members may be able to see everything
-$view_all_tickets = $queue->ignoreVisibilityConstraints();
-
 // Impose visibility constraints
 // ------------------------------------------------------------
-if (!$view_all_tickets) {
-    // -- Open and assigned to me
-    $assigned = Q::any(array(
-        'staff_id' => $thisstaff->getId(),
-    ));
-    // -- Open and assigned to a team of mine
-    if ($teams = array_filter($thisstaff->getTeams()))
-        $assigned->add(array('team_id__in' => $teams));
-
-    $visibility = Q::any(new Q(array('status__state'=>'open', $assigned)));
-
-    // -- Routed to a department of mine
-    if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts()))
-        $visibility->add(array('dept_id__in' => $depts));
-
-    $tickets->filter($visibility);
-}
+if (!($queue->ignoreVisibilityConstraints()))
+    $tickets->filter($thisstaff->getTicketsVisibility());

 // Make sure the cdata materialized view is available
 TicketForm::ensureDynamicDataView();

--- a/include/staff/templates/tickets.tmpl.php
+++ b/include/staff/templates/tickets.tmpl.php
@@ -24,21 +24,8 @@ if ($user) {
 $tickets->filter(array('ticket_id__in' => $filter));

 // Apply staff visibility
-if (!$thisstaff->hasPerm(SearchBackend::PERM_EVERYTHING)) {
-    // -- Open and assigned to me
-    $visibility = array(
-        new Q(array('status__state'=>'open', 'staff_id' => $thisstaff->getId()))
-    );
-    // -- Routed to a department of mine
-    if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts()))
-        $visibility[] = new Q(array('dept_id__in' => $depts));
-    // -- Open and assigned to a team of mine
-    if (($teams = $thisstaff->getTeams()) && count(array_filter($teams)))
-        $visibility[] = new Q(array(
-            'team_id__in' => array_filter($teams), 'status__state'=>'open'
-        ));
-    $tickets->filter(Q::any($visibility));
-}
+if (!$thisstaff->hasPerm(SearchBackend::PERM_EVERYTHING))
+    $tickets->filter($thisstaff->getTicketsVisibility());

 $tickets->constrain(array('lock' => array(
                'lock__expire__gt' => SqlFunction::NOW())));