diff --git a/include/ajax.search.php b/include/ajax.search.php
index 70c0a71acbc574e8ed4183f653bd0aace6731d3a..80ebd621ca61503df97026c1f196d8c7e199ba87 100644
--- a/include/ajax.search.php
+++ b/include/ajax.search.php
@@ -369,23 +369,8 @@ class SearchAjaxAPI extends AjaxController {
// Visibility contraints ------------------
// TODO: Consider SavedSearch::ignoreVisibilityConstraints()
-
- // -- Open and assigned to me
- $assigned = Q::any(array(
- 'staff_id' => $thisstaff->getId(),
- ));
- // -- Open and assigned to a team of mine
- if ($teams = array_filter($thisstaff->getTeams()))
- $assigned->add(array('team_id__in' => $teams));
-
- $visibility = Q::any(new Q(array('status__state'=>'open', $assigned)));
-
- // -- Routed to a department of mine
- if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts()))
- $visibility->add(array('dept_id__in' => $depts));
-
+ $visibility = $thisstaff->getTicketsVisibility();
$query->filter($visibility);
-
foreach ($queues as $queue) {
$Q = $queue->getBasicQuery();
if (count($Q->extra) || $Q->isWindowed()) {
diff --git a/include/ajax.thread.php b/include/ajax.thread.php
index 3a0c92e392c0b24951abf519b1639ec3a696143d..a66062e0b933607397803545f98c384d46b5b53c 100644
--- a/include/ajax.thread.php
+++ b/include/ajax.thread.php
@@ -33,15 +33,7 @@ class ThreadAjaxAPI extends AjaxController {
$limit = isset($_REQUEST['limit']) ? (int) $_REQUEST['limit']:25;
$tickets=array();
- $visibility = Q::any(array(
- 'staff_id' => $thisstaff->getId(),
- 'team_id__in' => $thisstaff->teams->values_flat('team_id'),
- ));
- if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts())) {
- $visibility->add(array('dept_id__in' => $depts));
- }
-
-
+ $visibility = $thisstaff->getTicketsVisibility();
$hits = Ticket::objects()
->filter(Q::any(array(
'number__startswith' => $_REQUEST['q'],
diff --git a/include/ajax.tickets.php b/include/ajax.tickets.php
index 1cf501d73932bc90197877b6b9791b9d4a15ab7e..3f53acd180bb79283d90de1c7766e674ec20c55b 100644
--- a/include/ajax.tickets.php
+++ b/include/ajax.tickets.php
@@ -32,15 +32,7 @@ class TicketsAjaxAPI extends AjaxController {
if (!$_REQUEST['q'])
return $this->json_encode($tickets);
- $visibility = Q::any(array(
- 'staff_id' => $thisstaff->getId(),
- 'team_id__in' => $thisstaff->teams->values_flat('team_id'),
- ));
-
- if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts())) {
- $visibility->add(array('dept_id__in' => $depts));
- }
-
+ $visibility = $thisstaff->getTicketsVisibility();
$hits = Ticket::objects()
->filter($visibility)
->values('user__default_email__address')
diff --git a/include/class.export.php b/include/class.export.php
index 4dcc851b30c3cf5e78106be38f93a87a3ce64aa9..6a25afc4fe760931e1b41f72689cd0063c45e883 100644
--- a/include/class.export.php
+++ b/include/class.export.php
@@ -98,6 +98,12 @@ class Export {
static function saveTickets($sql, $fields, $filename, $how='csv',
$options=array()) {
+ global $thisstaff;
+
+ if (!$thisstaff)
+ return null;
+
+ $sql->filter($thisstaff->getTicketsVisibility());
Http::download($filename, "text/$how");
self::dumpTickets($sql, $fields, $how, $options);
exit;
diff --git a/include/staff/templates/queue-tickets.tmpl.php b/include/staff/templates/queue-tickets.tmpl.php
index 9c45da9370a20658185faffd0c22120a2caae588..c03cfacdb2de879337a7640926d3c5acd7f880fd 100644
--- a/include/staff/templates/queue-tickets.tmpl.php
+++ b/include/staff/templates/queue-tickets.tmpl.php
@@ -3,28 +3,10 @@
// $tickets - <QuerySet> with all columns and annotations necessary to
// render the full page
-// For searches, some staff members may be able to see everything
-$view_all_tickets = $queue->ignoreVisibilityConstraints();
-
// Impose visibility constraints
// ------------------------------------------------------------
-if (!$view_all_tickets) {
- // -- Open and assigned to me
- $assigned = Q::any(array(
- 'staff_id' => $thisstaff->getId(),
- ));
- // -- Open and assigned to a team of mine
- if ($teams = array_filter($thisstaff->getTeams()))
- $assigned->add(array('team_id__in' => $teams));
-
- $visibility = Q::any(new Q(array('status__state'=>'open', $assigned)));
-
- // -- Routed to a department of mine
- if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts()))
- $visibility->add(array('dept_id__in' => $depts));
-
- $tickets->filter($visibility);
-}
+if (!($queue->ignoreVisibilityConstraints()))
+ $tickets->filter($thisstaff->getTicketsVisibility());
// Make sure the cdata materialized view is available
TicketForm::ensureDynamicDataView();
diff --git a/include/staff/templates/tickets.tmpl.php b/include/staff/templates/tickets.tmpl.php
index 160bfa6de5f813e20250b89c5c5cf527c5209911..32406f98a4a4741fea717e8cd0a74d3032eb8fb6 100644
--- a/include/staff/templates/tickets.tmpl.php
+++ b/include/staff/templates/tickets.tmpl.php
@@ -24,21 +24,8 @@ if ($user) {
$tickets->filter(array('ticket_id__in' => $filter));
// Apply staff visibility
-if (!$thisstaff->hasPerm(SearchBackend::PERM_EVERYTHING)) {
- // -- Open and assigned to me
- $visibility = array(
- new Q(array('status__state'=>'open', 'staff_id' => $thisstaff->getId()))
- );
- // -- Routed to a department of mine
- if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts()))
- $visibility[] = new Q(array('dept_id__in' => $depts));
- // -- Open and assigned to a team of mine
- if (($teams = $thisstaff->getTeams()) && count(array_filter($teams)))
- $visibility[] = new Q(array(
- 'team_id__in' => array_filter($teams), 'status__state'=>'open'
- ));
- $tickets->filter(Q::any($visibility));
-}
+if (!$thisstaff->hasPerm(SearchBackend::PERM_EVERYTHING))
+ $tickets->filter($thisstaff->getTicketsVisibility());
$tickets->constrain(array('lock' => array(
'lock__expire__gt' => SqlFunction::NOW())));