opensupports/server/controllers/ticket/delete.php

<?php
use Respect\Validation\Validator as DataValidator;
DataValidator::with('CustomValidations', true);

/**
 * @api {post} /ticket/delete Delete a ticket
 * @apiVersion 4.3.2
 *
 * @apiName Delete ticket
 *
 * @apiGroup Ticket
 *
 * @apiDescription This path deletes a ticket.
 *
 * @apiPermission user
 *
 * @apiParam {Number} ticketNumber The number of the ticket to delete.
 *
 * @apiUse NO_PERMISSION
 * @apiUse INVALID_TICKET
 *
 * @apiSuccess {Object} data Empty object
 *ulp d
 */

class DeleteController extends Controller {
    const PATH = '/delete';
    const METHOD = 'POST';

    public function validations() {
        return [
            'permission' => 'user',
            'requestData' => [
                'ticketNumber' => [
                    'validation' => DataValidator::validTicketNumber(),
                    'error' => ERRORS::INVALID_TICKET
                ]
            ]
        ];
    }

    public function handler() {
        $user = Controller::getLoggedUser();
        $ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
        $ticketAuthor = $ticket->authorToArray();

        if($ticket->owner) {
            throw new RequestException(ERRORS::NO_PERMISSION);
        }

        if(Controller::isStaffLogged() && $user->level < 3) {
            throw new RequestException(ERRORS::NO_PERMISSION);
        }

        if(!Controller::isStaffLogged() && ($user->email !== $ticketAuthor['email'] || $ticketAuthor['staff'])) {
            throw new RequestException(ERRORS::NO_PERMISSION);
        }

        $ticket->delete();

        Response::respondSuccess();
    }
}
feature #311 2018-10-19 03:30:06 +02:00			`<?php`
			`use Respect\Validation\Validator as DataValidator;`
			`DataValidator::with('CustomValidations', true);`

			`/**`
			`* @api {post} /ticket/delete Delete a ticket`
Prepare v4.3.2 release 2018-11-29 17:35:14 +01:00			`* @apiVersion 4.3.2`
feature #311 2018-10-19 03:30:06 +02:00			`*`
			`* @apiName Delete ticket`
			`*`
			`* @apiGroup Ticket`
			`*`
			`* @apiDescription This path deletes a ticket.`
			`*`
			`* @apiPermission user`
			`*`
			`* @apiParam {Number} ticketNumber The number of the ticket to delete.`
			`*`
			`* @apiUse NO_PERMISSION`
			`* @apiUse INVALID_TICKET`
			`*`
			`* @apiSuccess {Object} data Empty object`
s 2018-10-29 15:32:31 +01:00			`*ulp d`
feature #311 2018-10-19 03:30:06 +02:00			`*/`

			`class DeleteController extends Controller {`
			`const PATH = '/delete';`
			`const METHOD = 'POST';`

			`public function validations() {`
			`return [`
			`'permission' => 'user',`
			`'requestData' => [`
			`'ticketNumber' => [`
			`'validation' => DataValidator::validTicketNumber(),`
			`'error' => ERRORS::INVALID_TICKET`
			`]`
			`]`
			`];`
			`}`

			`public function handler() {`
			`$user = Controller::getLoggedUser();`
			`$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));`
Fix ticket delete test issues 2018-10-29 23:32:03 +01:00			`$ticketAuthor = $ticket->authorToArray();`
feature #311 2018-10-19 03:30:06 +02:00
Fix ticket delete test issues 2018-10-29 23:32:03 +01:00			`if($ticket->owner) {`
Use own exception class 2018-11-20 23:41:00 +01:00			`throw new RequestException(ERRORS::NO_PERMISSION);`
feature #311 2018-10-19 03:30:06 +02:00			`}`
Fix ticket delete test issues 2018-10-29 23:32:03 +01:00
			`if(Controller::isStaffLogged() && $user->level < 3) {`
Use own exception class 2018-11-20 23:41:00 +01:00			`throw new RequestException(ERRORS::NO_PERMISSION);`
feature #311 2018-10-19 03:30:06 +02:00			`}`
Fix ticket delete test issues 2018-10-29 23:32:03 +01:00
			`if(!Controller::isStaffLogged() && ($user->email !== $ticketAuthor['email'] \|\| $ticketAuthor['staff'])) {`
Use own exception class 2018-11-20 23:41:00 +01:00			`throw new RequestException(ERRORS::NO_PERMISSION);`
Fix ticket delete test issues 2018-10-29 23:32:03 +01:00			`}`

feature #311 2018-10-19 03:30:06 +02:00			`$ticket->delete();`

			`Response::respondSuccess();`
			`}`
			`}`