opensupports/server/controllers/ticket/get.php

<?php
use Respect\Validation\Validator as DataValidator;
DataValidator::with('CustomValidations', true);
/**
 * @api {post} /ticket/get Get ticket
 * @apiVersion 4.0.0
 *
 * @apiName Get ticket
 *
 * @apiGroup Ticket
 *
 * @apiDescription This path retrieves information about a ticket.
 *
 * @apiPermission user
 *
 * @apiParam {Number} ticketNumber The number of the ticket.
 *
 * @apiUse INVALID_TICKET
 * @apiUse NO_PERMISSION
 * 
 * @apiSuccess {[Ticket](#api-Data_Structures-ObjectTicket)} data Information about the requested ticket.
 * 
 */


class TicketGetController extends Controller {
    const PATH = '/get';
    const METHOD = 'POST';

    private $ticket;

    public function validations() {
        $session = Session::getInstance();
        
        if (Controller::isUserSystemEnabled() || Controller::isStaffLogged()) {
            return [
                'permission' => 'user',
                'requestData' => [
                    'ticketNumber' => [
                        'validation' => DataValidator::validTicketNumber(),
                        'error' => ERRORS::INVALID_TICKET
                    ]
                ]
            ];
        } else {
            return [
                'permission' => 'any',
                'requestData' => [
                    'ticketNumber' => [
                        'validation' => DataValidator::equals($session->getTicketNumber()),
                        'error' => ERRORS::INVALID_TICKET
                    ],
                    'csrf_token' => [
                        'validation' => DataValidator::equals($session->getToken()),
                        'error' => $session->getToken() . ' != ' . Controller::request('csrf_token')
                    ]
                ]
            ];
        }
    }

    public function handler() {
        $this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));

        if(Controller::isUserSystemEnabled() || Controller::isStaffLogged()) {
            if ($this->shouldDenyPermission()) {
                throw new Exception(ERRORS::NO_PERMISSION);
            } else {
                Response::respondSuccess($this->ticket->toArray());
            }
        } else {
            Response::respondSuccess($this->ticket->toArray());
        }
    }

    private function shouldDenyPermission() {
        $user = Controller::getLoggedUser();

        return (!Controller::isStaffLogged() && (Controller::isUserSystemEnabled() && $this->ticket->author->id !== $user->id)) ||
               (Controller::isStaffLogged() && (($this->ticket->owner && $this->ticket->owner->id !== $user->id) || !$user->sharedDepartmentList->includesId($this->ticket->department->id)));
    }
}
Ivan - Backend - Create /ticket/get path [skip ci] 2016-09-04 02:46:08 +02:00			`<?php`
			`use Respect\Validation\Validator as DataValidator;`
			`DataValidator::with('CustomValidations', true);`
Guillermo - data ticket [skip ci] 2017-04-17 04:59:11 +02:00			`/**`
Ivan - Update controller documentations 2017-05-12 06:58:40 +02:00			`* @api {post} /ticket/get Get ticket`
			`* @apiVersion 4.0.0`
Guillermo - data ticket [skip ci] 2017-04-17 04:59:11 +02:00			`*`
Ivan - Update controller documentations 2017-05-12 06:58:40 +02:00			`* @apiName Get ticket`
Guillermo - data ticket [skip ci] 2017-04-17 04:59:11 +02:00			`*`
			`* @apiGroup Ticket`
			`*`
Guillermo - things [skip ci] 2017-04-21 08:09:24 +02:00			`* @apiDescription This path retrieves information about a ticket.`
Guillermo - data ticket [skip ci] 2017-04-17 04:59:11 +02:00			`*`
Ivan - Update controller documentations 2017-05-12 06:58:40 +02:00			`* @apiPermission user`
Guillermo - data ticket [skip ci] 2017-04-17 04:59:11 +02:00			`*`
Guillermo - things [skip ci] 2017-04-21 08:09:24 +02:00			`* @apiParam {Number} ticketNumber The number of the ticket.`
Guillermo - data ticket [skip ci] 2017-04-17 04:59:11 +02:00			`*`
Ivan - Add error documentation 2017-04-20 05:55:38 +02:00			`* @apiUse INVALID_TICKET`
Guillermo - things [skip ci] 2017-04-21 08:09:24 +02:00			`* @apiUse NO_PERMISSION`
			`*`
Ivan - Add error documentation [skip ci] 2017-04-20 07:23:30 +02:00			`* @apiSuccess {[Ticket](#api-Data_Structures-ObjectTicket)} data Information about the requested ticket.`
Guillermo - things [skip ci] 2017-04-21 08:09:24 +02:00			`*`
Guillermo - data ticket [skip ci] 2017-04-17 04:59:11 +02:00			`*/`

Ivan - Add error documentation 2017-04-20 05:55:38 +02:00
Ivan - Backend - Create /ticket/get path [skip ci] 2016-09-04 02:46:08 +02:00			`class TicketGetController extends Controller {`
			`const PATH = '/get';`
Ivan - Update backend methods [skip ci] 2017-02-08 19:09:15 +01:00			`const METHOD = 'POST';`
Ivan - Backend - Create /ticket/get path [skip ci] 2016-09-04 02:46:08 +02:00
Ivan - Fixes for Deploy 2016-11-21 03:01:38 +01:00			`private $ticket;`

Ivan - Backend - Create /ticket/get path [skip ci] 2016-09-04 02:46:08 +02:00			`public function validations() {`
Ivan - Add new logo, fix user system disabled architecture [skip ci] 2017-03-04 01:39:59 +01:00			`$session = Session::getInstance();`

			`if (Controller::isUserSystemEnabled() \|\| Controller::isStaffLogged()) {`
			`return [`
			`'permission' => 'user',`
			`'requestData' => [`
			`'ticketNumber' => [`
			`'validation' => DataValidator::validTicketNumber(),`
			`'error' => ERRORS::INVALID_TICKET`
			`]`
Ivan - Backend - Create /ticket/get path [skip ci] 2016-09-04 02:46:08 +02:00			`]`
Ivan - Add new logo, fix user system disabled architecture [skip ci] 2017-03-04 01:39:59 +01:00			`];`
			`} else {`
			`return [`
			`'permission' => 'any',`
			`'requestData' => [`
			`'ticketNumber' => [`
			`'validation' => DataValidator::equals($session->getTicketNumber()),`
			`'error' => ERRORS::INVALID_TICKET`
			`],`
			`'csrf_token' => [`
			`'validation' => DataValidator::equals($session->getToken()),`
			`'error' => $session->getToken() . ' != ' . Controller::request('csrf_token')`
			`]`
			`]`
			`];`
Guillermo - disable-user-system [skip ci] 2017-01-16 20:07:53 +01:00			`}`
Ivan - Backend - Create /ticket/get path [skip ci] 2016-09-04 02:46:08 +02:00			`}`

			`public function handler() {`
Ivan - Fixes for Deploy 2016-11-21 03:01:38 +01:00			`$this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));`
Ivan - Backend - Create /ticket/get path [skip ci] 2016-09-04 02:46:08 +02:00
Ivan - Add new logo, fix user system disabled architecture [skip ci] 2017-03-04 01:39:59 +01:00			`if(Controller::isUserSystemEnabled() \|\| Controller::isStaffLogged()) {`
			`if ($this->shouldDenyPermission()) {`
Guillermo - disable-user-system [skip ci] 2017-01-16 20:07:53 +01:00			`throw new Exception(ERRORS::NO_PERMISSION);`
Ivan - Add new logo, fix user system disabled architecture [skip ci] 2017-03-04 01:39:59 +01:00			`} else {`
			`Response::respondSuccess($this->ticket->toArray());`
Guillermo - disable-user-system [skip ci] 2017-01-16 20:07:53 +01:00			`}`
Ivan - Backend - Create /user/get path [skip ci] 2016-09-09 05:38:58 +02:00			`} else {`
Ivan - Fixes for Deploy 2016-11-21 03:01:38 +01:00			`Response::respondSuccess($this->ticket->toArray());`
Ivan - Backend - Create /user/get path [skip ci] 2016-09-09 05:38:58 +02:00			`}`
Ivan - Backend - Create /ticket/get path [skip ci] 2016-09-04 02:46:08 +02:00			`}`
Ivan - Fixes for Deploy 2016-11-21 03:01:38 +01:00
			`private function shouldDenyPermission() {`
			`$user = Controller::getLoggedUser();`

Guillermo - disable-user-system [skip ci] 2017-01-16 20:07:53 +01:00			`return (!Controller::isStaffLogged() && (Controller::isUserSystemEnabled() && $this->ticket->author->id !== $user->id)) \|\|`
Ivan - Fix test issues [skip ci] 2017-02-25 07:42:10 +01:00			`(Controller::isStaffLogged() && (($this->ticket->owner && $this->ticket->owner->id !== $user->id) \|\| !$user->sharedDepartmentList->includesId($this->ticket->department->id)));`
Ivan - Fixes for Deploy 2016-11-21 03:01:38 +01:00			`}`
Ivan - Backend - Create /ticket/get path [skip ci] 2016-09-04 02:46:08 +02:00			`}`