tyler.durden/opensupports
1
0
Fork 0
mirror of https://github.com/opensupports/opensupports.git synced 2025-07-30 01:05:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

edit title for system without users

Browse Source
This commit is contained in:
Guillermo 2020-01-08 10:09:35 -03:00
parent 943c910181
commit 0174233a24
3 changed files with 70 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
client/src/data/languages/en.js
View File

@ -234,7 +234,7 @@ export default {
'ACTIVITY_DEPARTMENT_CHANGED': 'changed department of ticket', 'ACTIVITY_DEPARTMENT_CHANGED': 'changed department of ticket',
'ACTIVITY_PRIORITY_CHANGED': 'changed priority of ticket', 'ACTIVITY_PRIORITY_CHANGED': 'changed priority of ticket',
'ACTIVITY_EDIT_COMMENT': 'edited a comment of ticket', 'ACTIVITY_EDIT_COMMENT': 'edited a comment of ticket',
'ACTIVITY_EDIT_TITLE': 'edited title of ticket',
'ACTIVITY_EDIT_SETTINGS': 'edited settings', 'ACTIVITY_EDIT_SETTINGS': 'edited settings',
'ACTIVITY_SIGNUP': 'signed up', 'ACTIVITY_SIGNUP': 'signed up',
'ACTIVITY_INVITE': 'invited user', 'ACTIVITY_INVITE': 'invited user',
@ -361,6 +361,7 @@ export default {
'TICKET_COMMENT_ERROR': 'An error occurred while trying to add the comment.', 'TICKET_COMMENT_ERROR': 'An error occurred while trying to add the comment.',
'NO_PERMISSION': 'You\'ve no permission to access to this page.', 'NO_PERMISSION': 'You\'ve no permission to access to this page.',
'INVALID_USER': 'User id is invalid', 'INVALID_USER': 'User id is invalid',
'INVALID_TITLE': 'invalid title',
'ERROR_RETRIEVING_TICKETS': 'An error occurred while trying to retrieve tickets.', 'ERROR_RETRIEVING_TICKETS': 'An error occurred while trying to retrieve tickets.',
'ERROR_RETRIEVING_USERS': 'An error occurred while trying to retrieve users.', 'ERROR_RETRIEVING_USERS': 'An error occurred while trying to retrieve users.',
'ERROR_RETRIEVING_BAN_LIST': 'An error occurred while trying to retrieve the list of banned emails.', 'ERROR_RETRIEVING_BAN_LIST': 'An error occurred while trying to retrieve the list of banned emails.',

47
server/controllers/ticket/edit-comment.php
View File

@ -20,6 +20,7 @@ DataValidator::with('CustomValidations', true);
* *
* @apiUse NO_PERMISSION * @apiUse NO_PERMISSION
* @apiUse INVALID_CONTENT * @apiUse INVALID_CONTENT
* @apiUse INVALID_TOKEN
* *
* @apiSuccess {Object} data Empty object * @apiSuccess {Object} data Empty object
* *
@ -30,19 +31,39 @@ class EditCommentController extends Controller {
const METHOD = 'POST'; const METHOD = 'POST';
public function validations() { public function validations() {
return [ if(Controller::isUserSystemEnabled()){
'permission' => 'user', return [
'requestData' => [ 'permission' => 'user',
'content' => [ 'requestData' => [
'validation' => DataValidator::length(10, 5000), 'content' => [
'error' => ERRORS::INVALID_CONTENT 'validation' => DataValidator::length(10, 5000),
], 'error' => ERRORS::INVALID_CONTENT
'ticketNumber' => [ ],
'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()), 'ticketNumber' => [
'error' => ERRORS::INVALID_TICKET 'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()),
'error' => ERRORS::INVALID_TICKET
]
] ]
] ];
]; } else {
return [
'permission' => 'any',
'requestData' => [
'content' => [
'validation' => DataValidator::length(10, 5000),
'error' => ERRORS::INVALID_CONTENT
],
'ticketNumber' => [
'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()),
'error' => ERRORS::INVALID_TICKET
],
'csrf_token' => [
'validation' => DataValidator::equals(Session::getInstance()->getToken()),
'error' => ERRORS::INVALID_TOKEN
]
]
];
}
} }
public function handler() { public function handler() {
@ -53,7 +74,7 @@ class EditCommentController extends Controller {
$ticketevent = Ticketevent::getTicketEvent(Controller::request('ticketEventId')); $ticketevent = Ticketevent::getTicketEvent(Controller::request('ticketEventId'));
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber')); $ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
if(!Controller::isStaffLogged() && ($user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId ) ){ if(Controller::isUserSystemEnabled() && !Controller::isStaffLogged() && ($user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId ) ){
throw new RequestException(ERRORS::NO_PERMISSION); throw new RequestException(ERRORS::NO_PERMISSION);
} }

47
server/controllers/ticket/edit-title.php
View File

@ -19,6 +19,7 @@ DataValidator::with('CustomValidations', true);
* *
* @apiUse NO_PERMISSION * @apiUse NO_PERMISSION
* @apiUse INVALID_TITLE * @apiUse INVALID_TITLE
* @apiUse INVALID_TOKEN
* *
* @apiSuccess {Object} data Empty object * @apiSuccess {Object} data Empty object
* *
@ -29,19 +30,39 @@ class EditTitleController extends Controller {
const METHOD = 'POST'; const METHOD = 'POST';
public function validations() { public function validations() {
return [ if(Controller::isUserSystemEnabled()){
'permission' => 'user', return [
'requestData' => [ 'permission' => 'user',
'title' => [ 'requestData' => [
'validation' => DataValidator::length(1, 200), 'title' => [
'error' => ERRORS::INVALID_TITLE 'validation' => DataValidator::length(1, 200),
], 'error' => ERRORS::INVALID_TITLE
'ticketNumber' => [ ],
'validation' => DataValidator::validTicketNumber(), 'ticketNumber' => [
'error' => ERRORS::INVALID_TICKET 'validation' => DataValidator::validTicketNumber(),
'error' => ERRORS::INVALID_TICKET
]
] ]
] ];
]; } else {
return [
'permission' => 'any',
'requestData' => [
'title' => [
'validation' => DataValidator::length(1, 200),
'error' => ERRORS::INVALID_TITLE
],
'ticketNumber' => [
'validation' => DataValidator::validTicketNumber(),
'error' => ERRORS::INVALID_TICKET
],
'csrf_token' => [
'validation' => DataValidator::equals(Session::getInstance()->getToken()),
'error' => ERRORS::INVALID_TOKEN
]
]
];
}
} }
public function handler() { public function handler() {
@ -49,7 +70,7 @@ class EditTitleController extends Controller {
$newtitle = Controller::request('title'); $newtitle = Controller::request('title');
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber')); $ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
if(!$user->canManageTicket($ticket)) { if(Controller::isUserSystemEnabled() && !$user->canManageTicket($ticket)) {
throw new RequestException(ERRORS::NO_PERMISSION); throw new RequestException(ERRORS::NO_PERMISSION);
} }