Merge pull request #8788 from artoscinote/ma_SCI_12249

Fix permission team scoping [SCI-2249]

app/models/concerns/permission_checkable_model.rb

@@ -50,7 +50,7 @@ module PermissionCheckableModel
     end
 
     user_roles = UserRole.left_outer_joins(:team_assignments, user_group_assignments: { user_group: :users })
-    user_roles.where(user_group_assignments: { assignable: self, user_groups: { users: user } })
+    user_roles.where(user_group_assignments: { assignable: self, user_groups: { users: user }, team: permission_team })
               .or(user_roles.where(team_assignments: { assignable: self, team: permission_team }))
               .exists?(['user_roles.permissions @> ARRAY[?]::varchar[]', [permission]])
   end

app/serializers/concerns/assignments_helper.rb

@@ -11,7 +11,7 @@ module AssignmentsHelper
       }
     end
 
-    user_groups = object.user_group_assignments.map do |ua|
+    user_groups = object.user_group_assignments.where(team: current_user.current_team).map do |ua|
       {
         avatar: ActionController::Base.helpers.asset_path('icon/group.svg'),
         full_name: ua.user_group_name_with_role