diff --git a/application/Espo/Hooks/Note/Mentions.php b/application/Espo/Hooks/Note/Mentions.php
index 0e0237e704..44c38ad1f8 100644
--- a/application/Espo/Hooks/Note/Mentions.php
+++ b/application/Espo/Hooks/Note/Mentions.php
@@ -63,6 +63,9 @@ class Mentions extends \Espo\Core\Hooks\Base
$userName = substr($item, 1);
$user = $this->getEntityManager()->getRepository('User')->where(array('userName' => $userName))->findOne();
if ($user) {
+ if (!$this->getAcl()->checkPermission('assignmentPermission', $user)) {
+ continue;
+ }
$m = array(
'id' => $user->id,
'name' => $user->get('name'),
diff --git a/frontend/client/src/views/note/fields/post.js b/frontend/client/src/views/note/fields/post.js
index e07ff178e8..aba6b87211 100644
--- a/frontend/client/src/views/note/fields/post.js
+++ b/frontend/client/src/views/note/fields/post.js
@@ -49,35 +49,46 @@ Espo.define('views/note/fields/post', ['views/fields/text', 'lib!Textcomplete'],
Dep.prototype.afterRender.call(this);
this.$element.attr('placeholder', this.translate('writeMessage', 'messages', 'Note'));
- this.$element.textcomplete([{
- match: /(^|\s)@(\w*)$/,
- search: function (term, callback) {
- if (term.length == 0) {
- callback([]);
- return;
+ var assignmentPermission = this.getAcl().get('assignmentPermission');
+
+ var buildUserListUrl = function (term) {
+ var url = 'User?orderBy=name&limit=7&q=' + term + '&' + $.param({'primaryFilter': 'active'});
+ if (assignmentPermission == 'team') {
+ url += '&' + $.param({'boolFilterList': ['onlyMyTeam']})
+ }
+ return url;
+ }.bind(this);
+
+ if (assignmentPermission !== 'no') {
+ this.$element.textcomplete([{
+ match: /(^|\s)@(\w*)$/,
+ search: function (term, callback) {
+ if (term.length == 0) {
+ callback([]);
+ return;
+ }
+ $.ajax({
+ url: buildUserListUrl(term)
+ }).done(function (data) {
+ callback(data.list)
+ });
+ },
+ template: function (mention) {
+ return mention.name + ' @' + mention.userName + '';
+ },
+ replace: function (o) {
+ return '$1@' + o.userName + '';
}
- $.ajax({
- url: 'User?orderBy=name&limit=7&q=' + term,
+ }],{
+ zIndex: 1100
+ });
- }).done(function (data) {
- callback(data.list)
- });
- },
- template: function (mention) {
- return mention.name + ' @' + mention.userName + '';
- },
- replace: function (o) {
- return '$1@' + o.userName + '';
- }
- }],{
- zIndex: 1100
- });
-
- this.once('remove', function () {
- if (this.$element.size()) {
- this.$element.textcomplete('destroy');
- }
- }, this);
+ this.once('remove', function () {
+ if (this.$element.size()) {
+ this.$element.textcomplete('destroy');
+ }
+ }, this);
+ }
},
validateRequired: function () {
diff --git a/frontend/client/src/views/stream/panel.js b/frontend/client/src/views/stream/panel.js
index fea1959f22..a0410c1ecd 100644
--- a/frontend/client/src/views/stream/panel.js
+++ b/frontend/client/src/views/stream/panel.js
@@ -153,34 +153,45 @@ Espo.define('views/stream/panel', ['views/record/panels/relationship', 'lib!Text
collection.fetch();
}
- this.$textarea.textcomplete([{
- match: /(^|\s)@(\w*)$/,
- index: 2,
- search: function (term, callback) {
- if (term.length == 0) {
- callback([]);
- return;
+ var assignmentPermission = this.getAcl().get('assignmentPermission');
+
+ var buildUserListUrl = function (term) {
+ var url = 'User?orderBy=name&limit=7&q=' + term + '&' + $.param({'primaryFilter': 'active'});
+ if (assignmentPermission == 'team') {
+ url += '&' + $.param({'boolFilterList': ['onlyMyTeam']})
+ }
+ return url;
+ }.bind(this);
+
+ if (assignmentPermission !== 'no') {
+ this.$textarea.textcomplete([{
+ match: /(^|\s)@(\w*)$/,
+ index: 2,
+ search: function (term, callback) {
+ if (term.length == 0) {
+ callback([]);
+ return;
+ }
+ $.ajax({
+ url: buildUserListUrl(term),
+ }).done(function (data) {
+ callback(data.list)
+ });
+ },
+ template: function (mention) {
+ return mention.name + ' @' + mention.userName + '';
+ },
+ replace: function (o) {
+ return '$1@' + o.userName + '';
}
- $.ajax({
- url: 'User?orderBy=name&limit=7&q=' + term,
+ }]);
- }).done(function (data) {
- callback(data.list)
- });
- },
- template: function (mention) {
- return mention.name + ' @' + mention.userName + '';
- },
- replace: function (o) {
- return '$1@' + o.userName + '';
- }
- }]);
-
- this.once('remove', function () {
- if (this.$textarea.size()) {
- this.$textarea.textcomplete('destroy');
- }
- }, this);
+ this.once('remove', function () {
+ if (this.$textarea.size()) {
+ this.$textarea.textcomplete('destroy');
+ }
+ }, this);
+ }
$a = this.$el.find('.buttons-panel a.stream-post-info');
diff --git a/frontend/client/src/views/stream/record/edit.js b/frontend/client/src/views/stream/record/edit.js
index aedb2991c7..136278471c 100644
--- a/frontend/client/src/views/stream/record/edit.js
+++ b/frontend/client/src/views/stream/record/edit.js
@@ -154,7 +154,7 @@ Espo.define('views/stream/record/edit', 'views/record/base', function (Dep) {
$('body').off('click.stream-create-post');
$('body').on('click.stream-create-post', function (e) {
if ($.contains(window.document.body, e.target) && !$.contains(this.$el.get(0), e.target) && !$(e.target).closest('.modal-dialog').size()) {
- if (this.getView('post').$element.val() == '') {
+ if (this.hasView('post') && this.getView('post').$element.val() == '') {
if (!(this.model.get('attachmentsIds') || []).length) {
this.disablePostingMode();
}