From f50ef72f402585991b56680e894517e8e61a5788 Mon Sep 17 00:00:00 2001
From: aydreeihn <adriane@enhancesoft.com>
Date: Wed, 8 Aug 2018 14:09:44 -0500
Subject: [PATCH] Search All Tickets Setting

If an Agent has the Miscellaneous setting checked to see all Tickets in search results, they should be able to see the list of Tickets regardless of their access or if the search is saved or not. They should NOT, however, be able to view those Tickets.
---
 include/class.queue.php  | 12 ++++++++++--
 include/class.search.php |  6 ++++++
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/include/class.queue.php b/include/class.queue.php
index dfa384642..760042a73 100644
--- a/include/class.queue.php
+++ b/include/class.queue.php
@@ -937,10 +937,14 @@ class CustomQueue extends VerySimpleModel {
         return $agent && $this->isPrivate() && $this->checkOwnership($agent);
     }
 
+    function isSaved() {
+        return true;
+    }
+
     function ignoreVisibilityConstraints(Staff $agent) {
-        // For saved searches (not queues), some staff can have a permission to
+        // For searches (not queues), some staff can have a permission to
         // see all records
-        return (!$this->isASubQueue()
+        return ($this->isASearch()
                 && $this->isOwner($agent)
                 && $agent->canSearchEverything());
     }
@@ -994,6 +998,10 @@ class CustomQueue extends VerySimpleModel {
         return $this->hasFlag(self::FLAG_QUEUE);
     }
 
+    function isASearch() {
+        return !$this->isAQueue() || !$this->isSaved();
+    }
+
     function isPrivate() {
         return !$this->isAQueue() && !$this->isPublic() &&
             $this->staff_id;
diff --git a/include/class.search.php b/include/class.search.php
index be1790226..e4c6111b5 100644
--- a/include/class.search.php
+++ b/include/class.search.php
@@ -912,6 +912,10 @@ extends SavedSearch {
         return false;
     }
 
+    function isOwner(Staff $staff) {
+        return $this->ht['staff_id'] == $staff->getId();
+    }
+
     function checkAccess($staff) {
         return true;
     }
@@ -921,6 +925,7 @@ extends SavedSearch {
     }
 
     function load($key) {
+        global $thisstaff;
 
         if (strpos($key, 'adhoc') === 0)
             list(, $key) = explode(',', $key, 2);
@@ -933,6 +938,7 @@ extends SavedSearch {
        $queue = new AdhocSearch(array(
                    'id' => "adhoc,$key",
                    'root' => 'T',
+                   'staff_id' => $thisstaff->getId(),
                    'title' => __('Advanced Search'),
                 ));
        $queue->config = $config;
-- 
GitLab