Fix showing only assigned to the user tickets - closes #3843

freescout-helpdesk · Mar 2, 2024 · 911e157 · 911e157
1 parent 100b406
commit 911e157
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 3 deletions.
diff --git a/app/Conversation.php b/app/Conversation.php
@@ -1134,7 +1134,12 @@ public static function getQueryByFolder($folder, $user_id)
             if ($user->id == $user_id
                 && $user->hasManageMailboxPermission($folder->mailbox_id, Mailbox::ACCESS_PERM_ASSIGNED)
             ) {
-                $query_conversations->where('user_id', '=', $user_id);
+                if ($folder->type != Folder::TYPE_DRAFTS) {
+                    $query_conversations->where('user_id', '=', $user_id);
+                } else {
+                    $query_conversations->where('user_id', '=', $user_id)
+                        ->orWhere('created_by_user_id', '=', $user_id);
+                }
             }
         }
 

diff --git a/app/Http/Controllers/ConversationsController.php b/app/Http/Controllers/ConversationsController.php
@@ -1346,7 +1346,7 @@ public function ajax(Request $request)
                 $new = true;
                 if (!$response['msg'] && !empty($request->conversation_id)) {
                     $conversation = Conversation::find($request->conversation_id);
-                    if ($conversation && !$user->can('view', $conversation)) {
+                    if ($conversation && !$user->can('view', $conversation) && !$user->hasManageMailboxPermission($request->mailbox_id, Mailbox::ACCESS_PERM_ASSIGNED)) {
                         $response['msg'] = __('Not enough permissions');
                     } else {
                         $new = false;

diff --git a/app/Policies/ConversationPolicy.php b/app/Policies/ConversationPolicy.php
@@ -54,7 +54,7 @@ public function viewCached(User $user, Conversation $conversation)
             if ($conversation->mailbox->users_cached->contains($user)) {
                 // Maybe user can see only assigned conversations.
                 if (!\Eventy::filter('conversation.is_user_assignee', $conversation->user_id == $user->id, $conversation, $user->id)
-                    && $user->hasManageMailboxPermission($conversation->mailbox_id, Mailbox::ACCESS_PERM_ASSIGNED)
+                    && !$user->hasManageMailboxPermission($conversation->mailbox_id, Mailbox::ACCESS_PERM_ASSIGNED)
                 ) {
                     return false;
                 } else {