scottk/chatwoot
1
0
Fork 0
mirror of https://github.com/lingble/chatwoot.git synced 2025-11-02 12:08:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: don't add inbox condition for admins in search (#12028)

Browse Source
This commit is contained in:
Shivam Mishra
2025-07-23 16:30:07 +04:00
committed by GitHub
parent eb412b67bd
commit e5ee6027b4
2 changed files with 47 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/services/search_service.rb
View File

@@ -1,6 +1,10 @@
class SearchService class SearchService
pattr_initialize [:current_user!, :current_account!, :params!, :search_type!] pattr_initialize [:current_user!, :current_account!, :params!, :search_type!]
def account_user
@account_user ||= current_account.account_users.find_by(user: current_user)
end
def perform def perform
case search_type case search_type
when 'Message' when 'Message'
@@ -78,8 +82,9 @@ class SearchService
end end
def message_base_query def message_base_query
current_account.messages.where(inbox_id: accessable_inbox_ids) query = current_account.messages.where('created_at >= ?', 3.months.ago)
.where('created_at >= ?', 3.months.ago) query = query.where(inbox_id: accessable_inbox_ids) unless account_user.administrator?
query
end end
def use_gin_search def use_gin_search

40
spec/services/search_service_spec.rb
View File

@@ -185,6 +185,46 @@ describe SearchService do
end end
end end
describe '#message_base_query' do
let(:params) { { q: 'test' } }
let(:search_type) { 'Message' }
context 'when user is admin' do
let(:admin_user) { create(:user) }
let(:admin_search) do
create(:account_user, account: account, user: admin_user, role: 'administrator')
described_class.new(current_user: admin_user, current_account: account, params: params, search_type: search_type)
end
it 'does not filter by inbox_id' do
# Testing the private method itself seems like the best way to ensure
# that the inboxes are not added to the search query
base_query = admin_search.send(:message_base_query)
# Should only have the time filter, not inbox filter
expect(base_query.to_sql).to include('created_at >= ')
expect(base_query.to_sql).not_to include('inbox_id')
end
end
context 'when user is not admin' do
before do
account_user = account.account_users.find_or_create_by(user: user)
account_user.update!(role: 'agent')
end
it 'filters by accessible inbox_id' do
# Testing the private method itself seems like the best way to ensure
# that the inboxes are not added to the search query
base_query = search.send(:message_base_query)
# Should have both time and inbox filters
expect(base_query.to_sql).to include('created_at >= ')
expect(base_query.to_sql).to include('inbox_id')
end
end
end
describe '#use_gin_search' do describe '#use_gin_search' do
let(:params) { { q: 'test' } } let(:params) { { q: 'test' } }