From 27e86c934c63f237d0a56b903c665fe401d09339 Mon Sep 17 00:00:00 2001 From: Guillermo Giuliana Date: Wed, 22 Sep 2021 18:20:19 -0300 Subject: [PATCH] [DEV-131] Fix delete ticket bug (#1035) * verify ticket author-user before reduce amount of tickets created * add ruby test * change geting tickets by id in ruby tests --- server/controllers/ticket/delete.php | 10 ++++++---- tests/init.rb | 3 +-- tests/staff/assign-ticket.rb | 8 ++++---- tests/staff/get-tickets.rb | 4 ++-- tests/staff/un-assign-ticket.rb | 18 +++++++++--------- tests/system/edit-settings.rb | 16 ++++++++++++++++ tests/system/mandatory-login.rb | 2 +- tests/ticket/change-department.rb | 8 ++++---- tests/ticket/re-open.rb | 4 ++-- tests/ticket/seen.rb | 10 +++++----- 10 files changed, 50 insertions(+), 33 deletions(-) diff --git a/server/controllers/ticket/delete.php b/server/controllers/ticket/delete.php index 8ed9cc4c..32f3c9ea 100644 --- a/server/controllers/ticket/delete.php +++ b/server/controllers/ticket/delete.php @@ -55,12 +55,14 @@ class DeleteController extends Controller { if(!Controller::isStaffLogged() && ($user->email !== $ticketAuthor['email'] || $ticketAuthor['staff'])) { throw new RequestException(ERRORS::NO_PERMISSION); } - - $ticketAuthor = User::getUser($ticket->authorToArray()['id']); - $ticketAuthor->tickets--; + + if($ticket->author){ + $ticketAuthor = User::getUser($ticket->authorToArray()['id']); + $ticketAuthor->tickets--; + $ticketAuthor->store(); + } $ticket->delete(); - $ticketAuthor->store(); Response::respondSuccess(); } diff --git a/tests/init.rb b/tests/init.rb index bcf2d30b..bf03be99 100644 --- a/tests/init.rb +++ b/tests/init.rb @@ -23,7 +23,6 @@ require './user/recover-password.rb' require './user/edit-password.rb' require './user/edit-email.rb' require './user/get.rb' - require './user/enable-disable.rb' require './ticket/create.rb' require './ticket/seen.rb' @@ -80,4 +79,4 @@ require './system/default-department.rb' require './user/edit-supervised-list.rb' require './user/get-supervised-tickets.rb' require './system/apikey-permissions.rb' -require './system/get-stats.rb' +require './system/get-stats.rb' \ No newline at end of file diff --git a/tests/staff/assign-ticket.rb b/tests/staff/assign-ticket.rb index 220d24f5..034e54d6 100644 --- a/tests/staff/assign-ticket.rb +++ b/tests/staff/assign-ticket.rb @@ -46,7 +46,7 @@ describe '/staff/assign-ticket' do ticket16 = $database.getRow('ticket', 'ticket_to_assing_16', 'title') ticket17 = $database.getRow('ticket', 'ticket_to_assing_17', 'title') ticket18 = $database.getRow('ticket', 'ticket_to_assing_18', 'title') - ticket_with_id_1 = $database.getRow('ticket', 1 , 'id') + ticket_with_id_1 = $database.getRow('ticket', 'Should we pay?', 'title') tickets = [ ticket1, @@ -92,7 +92,7 @@ describe '/staff/assign-ticket' do it 'should assign ticket if a staff choose another to assing a ticket ' do staffId = $database.getRow('staff','ayra2@opensupports.com','email')['id'] - ticket = $database.getRow('ticket', 3 , 'id') + ticket = $database.getRow('ticket', 'Winter is coming!', 'title') result = request('/staff/assign-ticket', { ticketNumber: ticket['ticket_number'], staffId: staffId, @@ -101,7 +101,7 @@ describe '/staff/assign-ticket' do }) (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 3 , 'id') + ticket = $database.getRow('ticket', 'Winter is coming!', 'title') (ticket['owner_id']).should.equal(staffId) @@ -109,7 +109,7 @@ describe '/staff/assign-ticket' do end it 'should fail if ticket is already owned' do - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') result = request('/staff/assign-ticket', { ticketNumber: ticket['ticket_number'], diff --git a/tests/staff/get-tickets.rb b/tests/staff/get-tickets.rb index ba7a660c..1cb69e21 100644 --- a/tests/staff/get-tickets.rb +++ b/tests/staff/get-tickets.rb @@ -4,14 +4,14 @@ describe '/staff/get-tickets' do it 'should get ticket list' do - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') request('/staff/assign-ticket', { ticketNumber: ticket['ticket_number'], page: 1, csrf_userid: $csrf_userid, csrf_token: $csrf_token }) - ticket = $database.getRow('ticket', 2 , 'id') + ticket = $database.getRow('ticket', 'Test', 'content') request('/staff/assign-ticket', { ticketNumber: ticket['ticket_number'], page: 1, diff --git a/tests/staff/un-assign-ticket.rb b/tests/staff/un-assign-ticket.rb index 4f8d3cbe..4ab920c4 100644 --- a/tests/staff/un-assign-ticket.rb +++ b/tests/staff/un-assign-ticket.rb @@ -9,7 +9,7 @@ describe '/staff/un-assign-ticket' do #end it 'should unassign ticket if it is the current owner' do - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') result = request('/staff/un-assign-ticket', { ticketNumber: ticket['ticket_number'], @@ -19,7 +19,7 @@ describe '/staff/un-assign-ticket' do (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') (ticket['owner_id']).should.equal(nil) (ticket['unread']).should.equal(1) @@ -32,7 +32,7 @@ describe '/staff/un-assign-ticket' do it 'should unassign ticket if you are a staff level 1' do $database.query('update staff set level="1" where id="1";') - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') Scripts.logout() Scripts.login('ayra2@opensupports.com', 'starkpassword', true) @@ -45,7 +45,7 @@ describe '/staff/un-assign-ticket' do (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) @@ -64,7 +64,7 @@ describe '/staff/un-assign-ticket' do it 'should unassign ticket if you are a staff level 2' do $database.query('update staff set level="2" where id="1";') - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') Scripts.logout() Scripts.login('ayra2@opensupports.com', 'starkpassword', true) @@ -77,7 +77,7 @@ describe '/staff/un-assign-ticket' do (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) @@ -94,7 +94,7 @@ describe '/staff/un-assign-ticket' do end it 'should unassign ticket if you are a staff level 3' do - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?' , 'title') Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) @@ -107,7 +107,7 @@ describe '/staff/un-assign-ticket' do (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?' , 'title') result = request('/staff/un-assign-ticket', { ticketNumber: ticket['ticket_number'], @@ -117,7 +117,7 @@ describe '/staff/un-assign-ticket' do (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?' , 'title') (ticket['owner_id']).should.equal(nil) (ticket['unread']).should.equal(1) diff --git a/tests/system/edit-settings.rb b/tests/system/edit-settings.rb index a6caf63f..b2bd70c2 100755 --- a/tests/system/edit-settings.rb +++ b/tests/system/edit-settings.rb @@ -96,4 +96,20 @@ describe'system/edit-settings' do Scripts.updateLockedDepartmentSetting(0); request('/user/logout') end + + it 'should delete ticket when user table is not created' do + request('/user/logout') + Scripts.login($staff[:email], $staff[:password], true) + + Scripts.createTicket('TicketToDeleteWithoutUsersCreated') + ticket = $database.getRow('ticket', 'TicketToDeleteWithoutUsersCreated', 'title'); + + result = request('/ticket/delete', { + ticketNumber: ticket['ticket_number'], + csrf_userid: $csrf_userid, + csrf_token: $csrf_token + }) + (result['status']).should.equal('success') + end + end diff --git a/tests/system/mandatory-login.rb b/tests/system/mandatory-login.rb index 25d888bc..81f36ee4 100644 --- a/tests/system/mandatory-login.rb +++ b/tests/system/mandatory-login.rb @@ -136,7 +136,7 @@ describe'system/mandatory-login' do end it 'should fail if a creator check others ticket' do - $ticketRow = $database.getRow('ticket',1,'id') + $ticketRow = $database.getRow('ticket','Should we pay?','title') result = request('/ticket/check', { email: 'nonuser@os4.com', diff --git a/tests/ticket/change-department.rb b/tests/ticket/change-department.rb index 3a5249e7..a397194d 100644 --- a/tests/ticket/change-department.rb +++ b/tests/ticket/change-department.rb @@ -34,7 +34,7 @@ describe '/ticket/change-department' do request('/user/logout') Scripts.login($staff[:email], $staff[:password], true) - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') result = request('/ticket/change-department', { ticketNumber: ticket['ticket_number'], @@ -45,7 +45,7 @@ describe '/ticket/change-department' do (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') (ticket['unread']).should.equal(1) (ticket['department_id']).should.equal(4) @@ -55,7 +55,7 @@ describe '/ticket/change-department' do it 'should unassing ticket if staff does not server new department' do - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') Scripts.assignTicket(ticket['ticket_number']) request('/staff/edit', { csrf_userid: $csrf_userid, @@ -73,7 +73,7 @@ describe '/ticket/change-department' do (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') (ticket['unread']).should.equal(1) (ticket['department_id']).should.equal(3) (ticket['owner_id']).should.equal(nil) diff --git a/tests/ticket/re-open.rb b/tests/ticket/re-open.rb index 8372cc47..11b56ae1 100644 --- a/tests/ticket/re-open.rb +++ b/tests/ticket/re-open.rb @@ -3,7 +3,7 @@ describe '/ticket/re-open' do Scripts.login($staff[:email], $staff[:password], true) it 'should re open a ticket if staff member has the deparment of the ticket' do - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?' , 'title') result = request('/ticket/re-open', { ticketNumber: ticket['ticket_number'], @@ -13,7 +13,7 @@ describe '/ticket/re-open' do (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 1 , 'id') + ticket = $database.getRow('ticket', 'Should we pay?' , 'title') (ticket['closed']).should.equal(0) (ticket['unread']).should.equal(1) diff --git a/tests/ticket/seen.rb b/tests/ticket/seen.rb index 8b7058ad..1e33c5ed 100644 --- a/tests/ticket/seen.rb +++ b/tests/ticket/seen.rb @@ -2,7 +2,7 @@ describe '/ticket/seen' do describe 'when a staff is logged' do request('/user/logout') - ticket = $database.getRow('ticket', 1, 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') Scripts.login($staff[:email], $staff[:password], true) Scripts.assignTicket(ticket['ticket_number']) @@ -14,7 +14,7 @@ describe '/ticket/seen' do csrf_token: $csrf_token }) (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 1, 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') (ticket['unread_staff']).should.equal(0) end @@ -25,7 +25,7 @@ describe '/ticket/seen' do request('/user/logout') Scripts.login() it 'should fail if user is not author' do - ticket = $database.getRow('ticket', 1, 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') result = request('/ticket/seen', { ticketNumber: ticket['ticket_number'], csrf_userid: $csrf_userid, @@ -39,7 +39,7 @@ describe '/ticket/seen' do request('/user/logout') Scripts.login('user_get@os4.com', 'user_get') it 'should change unread if everything is okey ' do - ticket = $database.getRow('ticket', 1, 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') result = request('/ticket/seen', { ticketNumber: ticket['ticket_number'], csrf_userid: $csrf_userid, @@ -47,7 +47,7 @@ describe '/ticket/seen' do }) (result['status']).should.equal('success') - ticket = $database.getRow('ticket', 1, 'id') + ticket = $database.getRow('ticket', 'Should we pay?', 'title') (ticket['unread']).should.equal(0) end end