diff --git a/app/controllers/global_activities_controller.rb b/app/controllers/global_activities_controller.rb index 9fab2fcaa..4c88f22b3 100644 --- a/app/controllers/global_activities_controller.rb +++ b/app/controllers/global_activities_controller.rb @@ -6,9 +6,11 @@ class GlobalActivitiesController < ApplicationController teams = current_user.teams if teams.blank? @teams = teams @activity_types = Activity.activity_types_list - @users = UserTeam.my_employees(current_user) + @user_list = User.where(id: UserTeam.where(team: current_user.teams).select(:user_id)) + .distinct + .pluck(:full_name, :id) @grouped_activities, more_activities = - ActivitiesService.load_activities(teams, activity_filters) + ActivitiesService.load_activities(current_user, teams, activity_filters) respond_to do |format| format.json do render json: { diff --git a/app/models/user_team.rb b/app/models/user_team.rb index 8b31f278b..fdcd89453 100644 --- a/app/models/user_team.rb +++ b/app/models/user_team.rb @@ -1,8 +1,6 @@ class UserTeam < ApplicationRecord enum role: { guest: 0, normal_user: 1, admin: 2 } - scope :my_teams, -> { where(role: 2) } - validates :role, presence: true validates :user, presence: true validates :team, presence: true @@ -21,15 +19,6 @@ class UserTeam < ApplicationRecord I18n.t("user_teams.enums.role.#{role}") end - def self.my_employees(user) - users = where(team_id: user.user_teams.my_teams.pluck(:team_id)) - .joins(:user).select(:full_name, 'users.id as id').as_json.uniq - if users.empty? - users = [user.as_json.select { |k| %w(id full_name).include? k }] - end - users - end - def create_samples_table_state SamplesTable.create_samples_table_state(self) end diff --git a/app/services/activities_service.rb b/app/services/activities_service.rb index 7aeeee1ae..ff9c55996 100644 --- a/app/services/activities_service.rb +++ b/app/services/activities_service.rb @@ -1,18 +1,20 @@ # frozen_string_literal: true class ActivitiesService - def self.load_activities(team_ids, filters = {}) + def self.load_activities(user, teams, filters = {}) + # Create condition for view permissions checking first + visible_projects = Project.viewable_by_user(user, teams) + query = Activity.where('project_id IS NULL AND team_id IN (?)', teams.select(:id)) + .or(Activity.where(project: visible_projects)) + if filters[:subjects].present? - query = Activity.where( + query = query.where( filters[:subjects].map { '(subject_type = ? AND subject_id IN(?))' } .join(' OR '), *filters[:subjects].flatten ) - else - query = Activity end - query = query.where(team_id: team_ids) query = query.where(owner_id: filters[:users]) if filters[:users] query = query.where(type_of: filters[:types]) if filters[:types] diff --git a/app/views/global_activities/_side_filters.html.erb b/app/views/global_activities/_side_filters.html.erb index 38d1bd929..a8860b06e 100644 --- a/app/views/global_activities/_side_filters.html.erb +++ b/app/views/global_activities/_side_filters.html.erb @@ -37,7 +37,7 @@
<%= t('global_activities.index.clear') %>
<%= select_tag "activity", options_for_select(@activity_types.map{|i| [i[:name], i[:id]]}),{ - 'data-select-all-button': t('global_activities.index.all_activities'), + 'data-select-all-button': t('global_activities.index.all_activities'), 'data-select-all': 'true', 'data-select-multiple-name': t('global_activities.index.l_activities'), 'data-select-multiple-all-selected': t('global_activities.index.all_activities') @@ -49,8 +49,8 @@

<%= t('global_activities.index.user') %>

<%= t('global_activities.index.clear') %>
- <%= select_tag "user", options_for_select(@users.map{|i| [i['full_name'], i['id']]}),{ - 'data-select-all-button': t('global_activities.index.all_users'), + <%= select_tag "user", options_for_select(@user_list),{ + 'data-select-all-button': t('global_activities.index.all_users'), 'data-select-all': 'true', 'data-select-multiple-name': t('global_activities.index.l_users'), 'data-select-multiple-all-selected': t('global_activities.index.all_users')