mirror of
https://github.com/opensupports/opensupports.git
synced 2025-07-27 15:54:23 +02:00
fix bug 115/166
This commit is contained in:
Guillermo
parent
d26d511ebd
commit
30fdb384f3
@ -50,12 +50,12 @@ class AssignStaffController extends Controller {
|
|||||||
$this->ticket = Ticket::getByTicketNumber($ticketNumber);
|
$this->ticket = Ticket::getByTicketNumber($ticketNumber);
|
||||||
|
|
||||||
if($this->ticket->owner) {
|
if($this->ticket->owner) {
|
||||||
Response::respondError(ERRORS::TICKET_ALREADY_ASSIGNED);
|
throw new Exception(ERRORS::TICKET_ALREADY_ASSIGNED);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!$this->ticketHasStaffDepartment()) {
|
if(!$this->ticketHasStaffDepartment()) {
|
||||||
Response::respondError(ERRORS::INVALID_DEPARTMENT);
|
throw new Exception(ERRORS::INVALID_DEPARTMENT);
|
||||||
} else {
|
} else {
|
||||||
$this->user->sharedTicketList->add($this->ticket);
|
$this->user->sharedTicketList->add($this->ticket);
|
||||||
$this->ticket->owner = $this->user;
|
$this->ticket->owner = $this->user;
|
||||||
|
|||||||
@ -44,25 +44,25 @@ class UnAssignStaffController extends Controller {
|
|||||||
$user = Controller::getLoggedUser();
|
$user = Controller::getLoggedUser();
|
||||||
$ticket = Ticket::getByTicketNumber($ticketNumber);
|
$ticket = Ticket::getByTicketNumber($ticketNumber);
|
||||||
|
|
||||||
if($ticket->owner && $ticket->owner->id == $user->id) {
|
if($ticket->owner && $ticket->owner->id === $user->id || $user->level !== 1) {
|
||||||
$user->sharedTicketList->remove($ticket);
|
$user->sharedTicketList->remove($ticket);
|
||||||
$user->store();
|
$user->store();
|
||||||
|
|
||||||
$ticket->owner = null;
|
$ticket->owner = null;
|
||||||
$ticket->unread = true;
|
$ticket->unread = true;
|
||||||
|
|
||||||
$event = Ticketevent::getEvent(Ticketevent::UN_ASSIGN);
|
$event = Ticketevent::getEvent(Ticketevent::UN_ASSIGN);
|
||||||
$event->setProperties(array(
|
$event->setProperties(array(
|
||||||
'authorStaff' => $user,
|
'authorStaff' => $user,
|
||||||
'date' => Date::getCurrentDate()
|
'date' => Date::getCurrentDate()
|
||||||
));
|
));
|
||||||
|
|
||||||
$ticket->addEvent($event);
|
$ticket->addEvent($event);
|
||||||
$ticket->store();
|
$ticket->store();
|
||||||
Response::respondSuccess();
|
Response::respondSuccess();
|
||||||
} else {
|
} else {
|
||||||
Response::respondError(ERRORS::NO_PERMISSION);
|
throw new Exception(ERRORS::NO_PERMISSION);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -73,6 +73,10 @@ class EditSettingsController extends Controller {
|
|||||||
$allowed = json_decode(Controller::request('allowedLanguages'));
|
$allowed = json_decode(Controller::request('allowedLanguages'));
|
||||||
$supported = json_decode(Controller::request('supportedLanguages'));
|
$supported = json_decode(Controller::request('supportedLanguages'));
|
||||||
|
|
||||||
|
if (array_diff($supported, $allowed)) {
|
||||||
|
throw new Exception(ERRORS::INVALID_SUPPORTED_LANGUAGES);
|
||||||
|
}
|
||||||
|
|
||||||
foreach(Language::LANGUAGES as $languageCode) {
|
foreach(Language::LANGUAGES as $languageCode) {
|
||||||
$language = Language::getDataStore($languageCode, 'code');
|
$language = Language::getDataStore($languageCode, 'code');
|
||||||
|
|
||||||
|
|||||||
@ -52,8 +52,8 @@ class ChangeDepartmentController extends Controller {
|
|||||||
$department = Department::getDataStore($departmentId);
|
$department = Department::getDataStore($departmentId);
|
||||||
$user = Controller::getLoggedUser();
|
$user = Controller::getLoggedUser();
|
||||||
|
|
||||||
if($ticket->owner && $ticket->owner->id !== $user->id){
|
if($ticket->owner && $ticket->owner->id !== $user->id || $user->level === 1){
|
||||||
Response::respondError(ERRORS::NO_PERMISSION);
|
throw new Exception(ERRORS::NO_PERMISSION);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -194,6 +194,7 @@ class ERRORS {
|
|||||||
const INVALID_CAPTCHA = 'INVALID_CAPTCHA';
|
const INVALID_CAPTCHA = 'INVALID_CAPTCHA';
|
||||||
const INVALID_TICKET_EVENT = 'INVALID_TICKET_EVENT';
|
const INVALID_TICKET_EVENT = 'INVALID_TICKET_EVENT';
|
||||||
const INVALID_LANGUAGE = 'INVALID_LANGUAGE';
|
const INVALID_LANGUAGE = 'INVALID_LANGUAGE';
|
||||||
|
const INVALID_SUPPORTED_LANGUAGES = 'INVALID_SUPPORTED_LANGUAGES';
|
||||||
const TICKET_ALREADY_ASSIGNED = 'TICKET_ALREADY_ASSIGNED';
|
const TICKET_ALREADY_ASSIGNED = 'TICKET_ALREADY_ASSIGNED';
|
||||||
const INVALID_PRIORITY = 'INVALID_PRIORITY';
|
const INVALID_PRIORITY = 'INVALID_PRIORITY';
|
||||||
const INVALID_PAGE = 'INVALID_PAGE';
|
const INVALID_PAGE = 'INVALID_PAGE';
|
||||||
|
|||||||
@ -28,15 +28,4 @@ describe '/staff/un-assign-ticket' do
|
|||||||
(staff_ticket).should.equal(nil)
|
(staff_ticket).should.equal(nil)
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'should fail if ticket is not yours' do
|
end
|
||||||
ticket = $database.getRow('ticket', 1 , 'id')
|
|
||||||
result = request('/staff/un-assign-ticket', {
|
|
||||||
ticketNumber: ticket['ticket_number'],
|
|
||||||
csrf_userid: $csrf_userid,
|
|
||||||
csrf_token: $csrf_token
|
|
||||||
})
|
|
||||||
|
|
||||||
(result['status']).should.equal('fail')
|
|
||||||
(result['message']).should.equal('NO_PERMISSION')
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|||||||
@ -37,6 +37,20 @@ describe'system/edit-settings' do
|
|||||||
|
|
||||||
request('/user/logout')
|
request('/user/logout')
|
||||||
end
|
end
|
||||||
|
it 'should fail if supported languages are invalid' do
|
||||||
|
request('/user/logout')
|
||||||
|
Scripts.login($staff[:email], $staff[:password], true)
|
||||||
|
|
||||||
|
result= request('/system/edit-settings', {
|
||||||
|
"csrf_userid" => $csrf_userid,
|
||||||
|
"csrf_token" => $csrf_token,
|
||||||
|
"supportedLanguages" => '["en", "pt", "jp", "ru", "de"]',
|
||||||
|
"allowedLanguages" => '["en", "pt", "jp", "ru"]'
|
||||||
|
})
|
||||||
|
|
||||||
|
(result['status']).should.equal('fail')
|
||||||
|
(result['message']).should.equal('INVALID_SUPPORTED_LANGUAGES')
|
||||||
|
end
|
||||||
it 'should change allowed and supported languages' do
|
it 'should change allowed and supported languages' do
|
||||||
request('/user/logout')
|
request('/user/logout')
|
||||||
Scripts.login($staff[:email], $staff[:password], true)
|
Scripts.login($staff[:email], $staff[:password], true)
|
||||||
@ -45,7 +59,7 @@ describe'system/edit-settings' do
|
|||||||
"csrf_userid" => $csrf_userid,
|
"csrf_userid" => $csrf_userid,
|
||||||
"csrf_token" => $csrf_token,
|
"csrf_token" => $csrf_token,
|
||||||
"supportedLanguages" => '["en", "pt", "jp", "ru"]',
|
"supportedLanguages" => '["en", "pt", "jp", "ru"]',
|
||||||
"allowedLanguages" => '["en","pt", "jp", "ru", "de"]'
|
"allowedLanguages" => '["en", "pt", "jp", "ru", "de"]'
|
||||||
})
|
})
|
||||||
|
|
||||||
(result['status']).should.equal('success')
|
(result['status']).should.equal('success')
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user