opensupports/server/controllers/ticket/comment.php

<?php
use Respect\Validation\Validator as DataValidator;
DataValidator::with('CustomValidations', true);

/**
 * @api {post} /ticket/comment Comment a ticket.
 *
 * @apiName Comment
 *
 * @apiGroup Ticket
 *
 * @apiDescription This path comment a ticket.
 *
 * @apiPermission user
 *
 * @apiParam {string} content Content of the comment.
 *
 * @apiParam {number} ticketNumber The number of the ticket to comment.
 *
 * @apiParam {string} csrf_token Token of the session.
 *
 * @apiError {String} message
 *
 * @apiSuccess {Object} data
 *
 */

class CommentController extends Controller {
    const PATH = '/comment';
    const METHOD = 'POST';

    private $ticket;
    private $content;

    public function validations() {
        $session = Session::getInstance();

        if (Controller::isUserSystemEnabled() || Controller::isStaffLogged()) {
            return [
                'permission' => 'user',
                'requestData' => [
                    'content' => [
                        'validation' => DataValidator::length(20, 5000),
                        'error' => ERRORS::INVALID_CONTENT
                    ],
                    'ticketNumber' => [
                        'validation' => DataValidator::validTicketNumber(),
                        'error' => ERRORS::INVALID_TICKET
                    ]
                ]
            ];
        } else {
            return [
                'permission' => 'any',
                'requestData' => [
                    'content' => [
                        'validation' => DataValidator::length(20, 5000),
                        'error' => ERRORS::INVALID_CONTENT
                    ],
                    'ticketNumber' => [
                        'validation' => DataValidator::equals($session->getTicketNumber()),
                        'error' => ERRORS::INVALID_TICKET
                    ],
                    'csrf_token' => [
                        'validation' => DataValidator::equals($session->getToken()),
                        'error' => Controller::request('csrf_token') . ' ' . $session->getToken()

                    ]
                ]
            ];
        }
    }

    public function handler() {
        $session = Session::getInstance();
        $this->requestData();

        if ((!Controller::isUserSystemEnabled() && !Controller::isStaffLogged()) || $session->isLoggedWithId(($this->ticket->author) ? $this->ticket->author->id : 0) || (Controller::isStaffLogged() && $session->isLoggedWithId(($this->ticket->owner) ? $this->ticket->owner->id : 0))) {
            $this->storeComment();

            if(Controller::isStaffLogged()) {
                $this->sendMail();
            }

            Log::createLog('COMMENT', $this->ticket->ticketNumber);
            
            Response::respondSuccess();
        } else {
            Response::respondError(ERRORS::NO_PERMISSION);
        }
    }

    private function requestData() {
        $ticketNumber = Controller::request('ticketNumber');
        $this->ticket = Ticket::getByTicketNumber($ticketNumber);
        $this->content = Controller::request('content', true);
    }

    private function storeComment() {
        $fileUploader = $this->uploadFile();

        $comment = Ticketevent::getEvent(Ticketevent::COMMENT);
        $comment->setProperties(array(
            'content' => $this->content,
            'file' => ($fileUploader instanceof FileUploader) ? $fileUploader->getFileName() : null,
            'date' => Date::getCurrentDate()
        ));

        if(Controller::isStaffLogged()) {
            $this->ticket->unread = true;
            $comment->authorStaff = Controller::getLoggedUser();
        } else if(Controller::isUserSystemEnabled()) {
            $this->ticket->unreadStaff = true;
            $comment->authorUser = Controller::getLoggedUser();
        }

        $this->ticket->addEvent($comment);
        $this->ticket->store();
    }

    private function sendMail() {
        $mailSender = new MailSender();

        $mailSender->setTemplate(MailTemplate::TICKET_RESPONDED, [
            'to' => ($this->ticket->author) ? $this->ticket->author->email : $this->ticket->authorEmail,
            'name' => ($this->ticket->author) ? $this->ticket->author->name : $this->ticket->authorName,
            'ticketNumber' => $this->ticket->ticketNumber,
            'title' => $this->ticket->title,
            'url' => Setting::getSetting('url')->getValue()
        ]);

        $mailSender->send();
    }
}
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00			`<?php`
Ivan - Add ruby api testing for comment/create 2016-08-04 20:18:29 +02:00			`use Respect\Validation\Validator as DataValidator;`
			`DataValidator::with('CustomValidations', true);`
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00
Guillermo - data ticket [skip ci] 2017-04-17 04:59:11 +02:00			`/**`
			`* @api {post} /ticket/comment Comment a ticket.`
			`*`
			`* @apiName Comment`
			`*`
			`* @apiGroup Ticket`
			`*`
			`* @apiDescription This path comment a ticket.`
			`*`
			`* @apiPermission user`
			`*`
			`* @apiParam {string} content Content of the comment.`
			`*`
			`* @apiParam {number} ticketNumber The number of the ticket to comment.`
			`*`
			`* @apiParam {string} csrf_token Token of the session.`
			`*`
			`* @apiError {String} message`
			`*`
			`* @apiSuccess {Object} data`
			`*`
			`*/`

[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00			`class CommentController extends Controller {`
			`const PATH = '/comment';`
Ivan - Update backend methods [skip ci] 2017-02-08 19:09:15 +01:00			`const METHOD = 'POST';`
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00
Ivan - Add ruby api testing for comment/create 2016-08-04 20:18:29 +02:00			`private $ticket;`
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00			`private $content;`

Ivan - Fix master phpunit build: Add validations to comment 2016-07-08 09:46:28 +02:00			`public function validations() {`
Ivan - Add new logo, fix user system disabled architecture [skip ci] 2017-03-04 01:39:59 +01:00			`$session = Session::getInstance();`
Ivan - Add token ticket for backend [skip ci] 2017-01-21 05:17:28 +01:00
Ivan - Add new logo, fix user system disabled architecture [skip ci] 2017-03-04 01:39:59 +01:00			`if (Controller::isUserSystemEnabled() \|\| Controller::isStaffLogged()) {`
			`return [`
			`'permission' => 'user',`
			`'requestData' => [`
			`'content' => [`
			`'validation' => DataValidator::length(20, 5000),`
			`'error' => ERRORS::INVALID_CONTENT`
			`],`
			`'ticketNumber' => [`
			`'validation' => DataValidator::validTicketNumber(),`
			`'error' => ERRORS::INVALID_TICKET`
			`]`
			`]`
Ivan - Add token ticket for backend [skip ci] 2017-01-21 05:17:28 +01:00			`];`
Ivan - Add new logo, fix user system disabled architecture [skip ci] 2017-03-04 01:39:59 +01:00			`} else {`
			`return [`
			`'permission' => 'any',`
			`'requestData' => [`
			`'content' => [`
			`'validation' => DataValidator::length(20, 5000),`
			`'error' => ERRORS::INVALID_CONTENT`
			`],`
			`'ticketNumber' => [`
			`'validation' => DataValidator::equals($session->getTicketNumber()),`
			`'error' => ERRORS::INVALID_TICKET`
			`],`
			`'csrf_token' => [`
			`'validation' => DataValidator::equals($session->getToken()),`
			`'error' => Controller::request('csrf_token') . ' ' . $session->getToken()`

			`]`
			`]`
Guillermo - disable-user-system [skip ci] 2017-01-16 20:07:53 +01:00			`];`
			`}`
Ivan - Fix master phpunit build: Add validations to comment 2016-07-08 09:46:28 +02:00			`}`

[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00			`public function handler() {`
Ivan - Add ruby api testing for comment/create 2016-08-04 20:18:29 +02:00			`$session = Session::getInstance();`
Ivan - Update ownCommentList logic for tickets [skip ci] 2016-07-04 02:32:34 +02:00			`$this->requestData();`
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00
Ivan - Add new logo, fix user system disabled architecture [skip ci] 2017-03-04 01:39:59 +01:00			`if ((!Controller::isUserSystemEnabled() && !Controller::isStaffLogged()) \|\| $session->isLoggedWithId(($this->ticket->author) ? $this->ticket->author->id : 0) \|\| (Controller::isStaffLogged() && $session->isLoggedWithId(($this->ticket->owner) ? $this->ticket->owner->id : 0))) {`
Ivan - Add ruby api testing for comment/create 2016-08-04 20:18:29 +02:00			`$this->storeComment();`
Ivan - Update email translations [skip ci] 2017-03-19 22:07:56 +01:00
			`if(Controller::isStaffLogged()) {`
			`$this->sendMail();`
			`}`
Ivan - Add all mail templates [skip ci] 2017-03-17 00:00:21 +01:00
Max Red - Finally we did it! [skip ci] 2017-01-05 22:01:56 +01:00			`Log::createLog('COMMENT', $this->ticket->ticketNumber);`
Guillermo - add TESTS log [skip ci] 2016-12-29 21:25:45 +01:00
Ivan - Add ruby api testing for comment/create 2016-08-04 20:18:29 +02:00			`Response::respondSuccess();`
			`} else {`
			`Response::respondError(ERRORS::NO_PERMISSION);`
			`}`
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00			`}`

Ivan - Update ownCommentList logic for tickets [skip ci] 2016-07-04 02:32:34 +02:00			`private function requestData() {`
Ivan - Backend - Create /user/get path [skip ci] 2016-09-09 05:38:58 +02:00			`$ticketNumber = Controller::request('ticketNumber');`
			`$this->ticket = Ticket::getByTicketNumber($ticketNumber);`
Ivan - Add XSS protection backend [skip ci] 2017-03-02 06:56:42 +01:00			`$this->content = Controller::request('content', true);`
Ivan - Update ownCommentList logic for tickets [skip ci] 2016-07-04 02:32:34 +02:00			`}`
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00
Ivan - Update ownCommentList logic for tickets [skip ci] 2016-07-04 02:32:34 +02:00			`private function storeComment() {`
Guillermo - disable-user-system [skip ci] 2017-01-16 22:04:26 +01:00			`$fileUploader = $this->uploadFile();`

Ivan - Add events to backend [skip ci] 2016-09-29 19:34:20 +02:00			`$comment = Ticketevent::getEvent(Ticketevent::COMMENT);`
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00			`$comment->setProperties(array(`
Ivan - Add ruby api testing for comment/create 2016-08-04 20:18:29 +02:00			`'content' => $this->content,`
Guillermo - disable-user-system [skip ci] 2017-01-16 22:04:26 +01:00			`'file' => ($fileUploader instanceof FileUploader) ? $fileUploader->getFileName() : null,`
Ivan - Add ruby api testing for comment/create 2016-08-04 20:18:29 +02:00			`'date' => Date::getCurrentDate()`
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00			`));`

Ivan - Add events to backend [skip ci] 2016-09-29 19:34:20 +02:00			`if(Controller::isStaffLogged()) {`
Guillermo - Ticket-seen [skip ci] 2016-10-21 21:12:17 +02:00			`$this->ticket->unread = true;`
Ivan - Fix authorUser/authorStaff issues, fix date, add tests for ticket events [skip ci] 2016-11-20 23:00:39 +01:00			`$comment->authorStaff = Controller::getLoggedUser();`
Guillermo - disable-user-system [skip ci] 2017-01-16 20:07:53 +01:00			`} else if(Controller::isUserSystemEnabled()) {`
Guillermo - Ticket-seen [skip ci] 2016-10-21 21:12:17 +02:00			`$this->ticket->unreadStaff = true;`
Ivan - Fix authorUser/authorStaff issues, fix date, add tests for ticket events [skip ci] 2016-11-20 23:00:39 +01:00			`$comment->authorUser = Controller::getLoggedUser();`
Ivan - Add events to backend [skip ci] 2016-09-29 19:34:20 +02:00			`}`
Ivan - Add new logo, fix user system disabled architecture [skip ci] 2017-03-04 01:39:59 +01:00
Ivan - Create Ticket::addEvent function [skip ci] 2016-09-29 19:46:31 +02:00			`$this->ticket->addEvent($comment);`
Ivan - Add ruby api testing for comment/create 2016-08-04 20:18:29 +02:00			`$this->ticket->store();`
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00			`}`
Ivan - Add all mail templates [skip ci] 2017-03-17 00:00:21 +01:00
			`private function sendMail() {`
			`$mailSender = new MailSender();`

			`$mailSender->setTemplate(MailTemplate::TICKET_RESPONDED, [`
Ivan - Fix Installation issues [skip ci] 2017-03-29 23:46:26 +02:00			`'to' => ($this->ticket->author) ? $this->ticket->author->email : $this->ticket->authorEmail,`
			`'name' => ($this->ticket->author) ? $this->ticket->author->name : $this->ticket->authorName,`
Ivan - Add all mail templates [skip ci] 2017-03-17 00:00:21 +01:00			`'ticketNumber' => $this->ticket->ticketNumber,`
			`'title' => $this->ticket->title,`
			`'url' => Setting::getSetting('url')->getValue()`
			`]);`

			`$mailSender->send();`
			`}`
[Ivan Diaz] - Ticket comment WIP [skip ci] 2016-06-30 23:03:17 +02:00			`}`