mention permission

application/Espo/Core/Acl/Permission.php

@@ -39,4 +39,5 @@ class Permission
     public const AUDIT = 'audit';
     public const DATA_PRIVACY = 'dataPrivacy';
     public const MESSAGE = 'message';
+    public const MENTION = 'mention';
 }

application/Espo/Core/Upgrades/Migrations/V8_2/AfterUpgrade.php

@@ -33,8 +33,11 @@
 use Espo\Core\InjectableFactory;
 use Espo\Core\Utils\Config;
 use Espo\Core\Utils\Metadata;
+use Espo\Entities\Role;
 use Espo\Entities\Template;
 use Espo\ORM\EntityManager;
+use Espo\ORM\Query\Part\Expression;
+use Espo\ORM\Query\UpdateBuilder;
 use Espo\Tools\Pdf\Template as PdfTemplate;
 
 class AfterUpgrade implements Script
@@ -61,6 +64,7 @@ public function run(): void
 
         $this->updateTemplates($em, $config);
         $this->updateTargetList($this->metadata);
+        $this->updateRoles();
     }
 
     private function updateTemplates(EntityManager $entityManager, Config $config): void
@@ -122,4 +126,14 @@ private function updateTargetList(Metadata $metadata): void
 
         $metadata->save();
     }
+
+    private function updateRoles(): void
+    {
+        $query = UpdateBuilder::create()
+            ->in(Role::ENTITY_TYPE)
+            ->set(['mentionPermission' => Expression::column('assignmentPermission')])
+            ->build();
+
+        $this->entityManager->getQueryExecutor()->execute($query);
+    }
 }

application/Espo/Resources/i18n/en_US/Role.json

@@ -12,6 +12,7 @@
         "followerManagementPermission": "Follower Management Permission",
         "dataPrivacyPermission": "Data Privacy Permission",
         "auditPermission": "Audit Permission",
+        "mentionPermission": "Mention Permission",
         "data": "Data",
         "fieldData": "Field Data"
     },
@@ -29,7 +30,8 @@
         "massUpdatePermission": "The ability to perform mass update of records.",
         "followerManagementPermission": "Allows to manage followers of specific records.",
         "dataPrivacyPermission": "Allows to view and erase personal data.",
-        "auditPermission": "Allows to view the audit log."
+        "auditPermission": "Allows to view the audit log.",
+        "mentionPermission": "Allows to mention other users in the Stream.\n\n* all – can mention all\n* team – can mention only teammates\n* no – cannot mention"
     },
     "labels": {
         "Access": "Access",

application/Espo/Resources/layouts/Role/detail.json

@@ -27,7 +27,7 @@
             ],
             [
                 {"name": "auditPermission"},
-                false,
+                {"name": "mentionPermission"},
                 false
             ]
         ]

application/Espo/Resources/metadata/app/acl.json

@@ -166,7 +166,8 @@
         "massUpdatePermission",
         "followerManagementPermission",
         "dataPrivacyPermission",
-        "auditPermission"
+        "auditPermission",
+        "mentionPermission"
     ],
     "valuePermissionHighestLevels": {
         "assignmentPermission": "all",
@@ -178,7 +179,8 @@
         "massUpdatePermission": "yes",
         "followerManagementPermission": "all",
         "dataPrivacyPermission": "yes",
-        "auditPermission": "yes"
+        "auditPermission": "yes",
+        "mentionPermission": "yes"
     },
     "permissionsStrictDefaults": {
         "assignmentPermission": "no",
@@ -190,7 +192,8 @@
         "massUpdatePermission": "no",
         "followerManagementPermission": "no",
         "dataPrivacyPermission": "no",
-        "auditPermission": "no"
+        "auditPermission": "no",
+        "mentionPermission": "no"
     },
     "scopeLevelTypesStrictDefaults": {
         "boolean": false,

application/Espo/Resources/metadata/entityDefs/Role.json

@@ -96,6 +96,15 @@
             "view": "views/role/fields/permission",
             "audited": true
         },
+        "mentionPermission": {
+            "type": "enum",
+            "options": ["not-set", "all", "team", "no"],
+            "default": "not-set",
+            "tooltip": true,
+            "translation": "Role.options.levelList",
+            "view": "views/role/fields/permission",
+            "audited": true
+        },
         "data": {
             "type": "jsonObject",
             "audited": true

application/Espo/Tools/Notification/NoteMentionHookProcessor.php

@@ -129,7 +129,7 @@ private function processMatches(
                 continue;
             }
 
-            if (!$this->acl->checkUserPermission($user, Permission::ASSIGNMENT)) {
+            if (!$this->acl->checkUserPermission($user, Permission::MENTION)) {
                 continue;
             }
 

client/src/views/note/fields/post.js

@@ -118,53 +118,58 @@ class NotePostFieldView extends TextFieldView {
             this.$textarea.attr('placeholder', originalPlaceholderText);
         });
 
-        const assignmentPermission = this.getAcl().getPermissionLevel('assignment');
+        this.initMentions();
+    }
+
+    initMentions() {
+        const mentionPermissionLevel = this.getAcl().getPermissionLevel('mention');
 
         const buildUserListUrl = term => {
             let url = 'User?q=' + term + '&' + $.param({'primaryFilter': 'active'}) +
                 '&orderBy=name&maxSize=' + this.getConfig().get('recordsPerPage') +
                 '&select=id,name,userName';
 
-            if (assignmentPermission === 'team') {
+            if (mentionPermissionLevel === 'team') {
                 url += '&' + $.param({'boolFilterList': ['onlyMyTeam']})
             }
 
             return url;
         };
 
-        if (assignmentPermission !== 'no' && this.model.isNew()) {
-            // noinspection JSUnresolvedReference
-            this.$element.textcomplete([{
-                match: /(^|\s)@(\w*)$/,
-                search: (term, callback) => {
-                    if (term.length === 0) {
-                        callback([]);
+        if (!(mentionPermissionLevel !== 'no' && this.model.isNew())) {
+            return;
+        }
 
-                        return;
-                    }
+        // noinspection JSUnresolvedReference
+        this.$element.textcomplete([{
+            match: /(^|\s)@(\w*)$/,
+            search: (term, callback) => {
+                if (term.length === 0) {
+                    callback([]);
 
-                    Espo.Ajax
-                        .getRequest(buildUserListUrl(term))
-                        .then(data => {
-                            callback(data.list)
-                        });
-                },
-                template: mention => {
-                    return this.getHelper().escapeString(mention.name) +
-                        ' <span class="text-muted">@' +
-                        this.getHelper().escapeString(mention.userName) + '</span>';
-                },
-                replace: o => {
-                    return '$1@' + o.userName + '';
-                },
-            }], {zIndex: 1100});
-
-            this.once('remove', () => {
-                if (this.$element.length) {
-                    this.$element.textcomplete('destroy');
+                    return;
                 }
-            });
-        }
+
+                Espo.Ajax
+                    .getRequest(buildUserListUrl(term))
+                    .then(data => {
+                        callback(data.list)
+                    });
+            },
+            template: mention => {
+                return this.getHelper().escapeString(mention.name) +
+                    ' <span class="text-muted">@' +
+                    this.getHelper().escapeString(mention.userName) + '</span>';
+            },
+            replace: o => {
+                return '$1@' + o.userName + '';
+            },
+        }], {zIndex: 1100});
+        this.once('remove', () => {
+            if (this.$element.length) {
+                this.$element.textcomplete('destroy');
+            }
+        });
     }
 
     validateRequired() {