edit title for system without users
This commit is contained in:
Guillermo
parent
943c910181
commit
0174233a24
|
|
@ -234,7 +234,7 @@ export default {
|
|||
'ACTIVITY_DEPARTMENT_CHANGED': 'changed department of ticket',
|
||||
'ACTIVITY_PRIORITY_CHANGED': 'changed priority of ticket',
|
||||
'ACTIVITY_EDIT_COMMENT': 'edited a comment of ticket',
|
||||
|
||||
'ACTIVITY_EDIT_TITLE': 'edited title of ticket',
|
||||
'ACTIVITY_EDIT_SETTINGS': 'edited settings',
|
||||
'ACTIVITY_SIGNUP': 'signed up',
|
||||
'ACTIVITY_INVITE': 'invited user',
|
||||
|
|
@ -361,6 +361,7 @@ export default {
|
|||
'TICKET_COMMENT_ERROR': 'An error occurred while trying to add the comment.',
|
||||
'NO_PERMISSION': 'You\'ve no permission to access to this page.',
|
||||
'INVALID_USER': 'User id is invalid',
|
||||
'INVALID_TITLE': 'invalid title',
|
||||
'ERROR_RETRIEVING_TICKETS': 'An error occurred while trying to retrieve tickets.',
|
||||
'ERROR_RETRIEVING_USERS': 'An error occurred while trying to retrieve users.',
|
||||
'ERROR_RETRIEVING_BAN_LIST': 'An error occurred while trying to retrieve the list of banned emails.',
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ DataValidator::with('CustomValidations', true);
|
|||
*
|
||||
* @apiUse NO_PERMISSION
|
||||
* @apiUse INVALID_CONTENT
|
||||
* @apiUse INVALID_TOKEN
|
||||
*
|
||||
* @apiSuccess {Object} data Empty object
|
||||
*
|
||||
|
|
@ -30,19 +31,39 @@ class EditCommentController extends Controller {
|
|||
const METHOD = 'POST';
|
||||
|
||||
public function validations() {
|
||||
return [
|
||||
'permission' => 'user',
|
||||
'requestData' => [
|
||||
'content' => [
|
||||
'validation' => DataValidator::length(10, 5000),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'ticketNumber' => [
|
||||
'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()),
|
||||
'error' => ERRORS::INVALID_TICKET
|
||||
if(Controller::isUserSystemEnabled()){
|
||||
return [
|
||||
'permission' => 'user',
|
||||
'requestData' => [
|
||||
'content' => [
|
||||
'validation' => DataValidator::length(10, 5000),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'ticketNumber' => [
|
||||
'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()),
|
||||
'error' => ERRORS::INVALID_TICKET
|
||||
]
|
||||
]
|
||||
]
|
||||
];
|
||||
];
|
||||
} else {
|
||||
return [
|
||||
'permission' => 'any',
|
||||
'requestData' => [
|
||||
'content' => [
|
||||
'validation' => DataValidator::length(10, 5000),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'ticketNumber' => [
|
||||
'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()),
|
||||
'error' => ERRORS::INVALID_TICKET
|
||||
],
|
||||
'csrf_token' => [
|
||||
'validation' => DataValidator::equals(Session::getInstance()->getToken()),
|
||||
'error' => ERRORS::INVALID_TOKEN
|
||||
]
|
||||
]
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
public function handler() {
|
||||
|
|
@ -53,7 +74,7 @@ class EditCommentController extends Controller {
|
|||
$ticketevent = Ticketevent::getTicketEvent(Controller::request('ticketEventId'));
|
||||
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
|
||||
if(!Controller::isStaffLogged() && ($user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId ) ){
|
||||
if(Controller::isUserSystemEnabled() && !Controller::isStaffLogged() && ($user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId ) ){
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ DataValidator::with('CustomValidations', true);
|
|||
*
|
||||
* @apiUse NO_PERMISSION
|
||||
* @apiUse INVALID_TITLE
|
||||
* @apiUse INVALID_TOKEN
|
||||
*
|
||||
* @apiSuccess {Object} data Empty object
|
||||
*
|
||||
|
|
@ -29,19 +30,39 @@ class EditTitleController extends Controller {
|
|||
const METHOD = 'POST';
|
||||
|
||||
public function validations() {
|
||||
return [
|
||||
'permission' => 'user',
|
||||
'requestData' => [
|
||||
'title' => [
|
||||
'validation' => DataValidator::length(1, 200),
|
||||
'error' => ERRORS::INVALID_TITLE
|
||||
],
|
||||
'ticketNumber' => [
|
||||
'validation' => DataValidator::validTicketNumber(),
|
||||
'error' => ERRORS::INVALID_TICKET
|
||||
if(Controller::isUserSystemEnabled()){
|
||||
return [
|
||||
'permission' => 'user',
|
||||
'requestData' => [
|
||||
'title' => [
|
||||
'validation' => DataValidator::length(1, 200),
|
||||
'error' => ERRORS::INVALID_TITLE
|
||||
],
|
||||
'ticketNumber' => [
|
||||
'validation' => DataValidator::validTicketNumber(),
|
||||
'error' => ERRORS::INVALID_TICKET
|
||||
]
|
||||
]
|
||||
]
|
||||
];
|
||||
];
|
||||
} else {
|
||||
return [
|
||||
'permission' => 'any',
|
||||
'requestData' => [
|
||||
'title' => [
|
||||
'validation' => DataValidator::length(1, 200),
|
||||
'error' => ERRORS::INVALID_TITLE
|
||||
],
|
||||
'ticketNumber' => [
|
||||
'validation' => DataValidator::validTicketNumber(),
|
||||
'error' => ERRORS::INVALID_TICKET
|
||||
],
|
||||
'csrf_token' => [
|
||||
'validation' => DataValidator::equals(Session::getInstance()->getToken()),
|
||||
'error' => ERRORS::INVALID_TOKEN
|
||||
]
|
||||
]
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
public function handler() {
|
||||
|
|
@ -49,7 +70,7 @@ class EditTitleController extends Controller {
|
|||
$newtitle = Controller::request('title');
|
||||
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
|
||||
if(!$user->canManageTicket($ticket)) {
|
||||
if(Controller::isUserSystemEnabled() && !$user->canManageTicket($ticket)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue