tyler.durden
/
opensupports
mirror of https://github.com/opensupports/opensupports.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix review comments

This commit is contained in:
Kallys 2017-06-12 12:22:31 +02:00
parent d576ec726e
commit 33ddbd972d
1 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
server/controllers/ticket/close.php
View File

@ -18,7 +18,7 @@ DataValidator::with('CustomValidations', true);
*
* @apiUse NO_PERMISSION
* @apiUse INVALID_TICKET
*
*
* @apiSuccess {Object} data Empty object
*
*/
@ -52,8 +52,7 @@ class CloseController extends Controller {
],
'csrf_token' => [
'validation' => DataValidator::equals($session->getToken()),
'error' => Controller::request('csrf_token') . ' != ' . $session->getToken()
'error' => ERRORS::INVALID_TOKEN
]
]
];
@ -76,18 +75,17 @@ class CloseController extends Controller {
$this->sendMail();
Log::createLog('CLOSE', $this->ticket->ticketNumber);
Response::respondSuccess();
}
private function shouldDenyPermission() {
if(Controller::isUserSystemEnabled() || Controller::isStaffLogged()) {
$user = Controller::getLoggedUser();
return (!Controller::isStaffLogged() && $this->ticket->author->id !== $user->id) ||
(Controller::isStaffLogged() && $this->ticket->owner && $this->ticket->owner->id !== $user->id);
if(Controller::isStaffLogged()) {
return $this->ticket->owner && $this->ticket->owner->id !== Controller::getLoggedUser()->id;
} else if(Controller::isUserSystemEnabled()) {
return $this->ticket->author->id !== Controller::getLoggedUser()->id;
} else {
return $this->ticket->ticket_number != Session::getInstance()->getTicketNumber();
return false;
}
}