staff allow manage ticket feature
This commit is contained in:
Guillermo
parent
b495b83a93
commit
53e88a78f7
|
|
@ -19,6 +19,7 @@ class ActivityRow extends React.Component {
|
|||
'RE_OPEN',
|
||||
'DEPARTMENT_CHANGED',
|
||||
'PRIORITY_CHANGED',
|
||||
'EDIT_COMMENT',
|
||||
|
||||
'EDIT_SETTINGS',
|
||||
'SIGNUP',
|
||||
|
|
|
|||
|
|
@ -97,20 +97,24 @@
|
|||
padding: 20px 10px;
|
||||
text-align: left;
|
||||
position:relative;
|
||||
|
||||
|
||||
&:hover {
|
||||
.ticket-event__comment-content__edit {
|
||||
color: grey;
|
||||
cursor:pointer;
|
||||
}
|
||||
}
|
||||
|
||||
img {
|
||||
max-width:100%;
|
||||
}
|
||||
|
||||
&__edit {
|
||||
position:absolute;
|
||||
top: 3px;
|
||||
right: 9px;
|
||||
align-self: right;
|
||||
color:white;
|
||||
:hover {
|
||||
color: grey;
|
||||
cursor:pointer;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -49,6 +49,7 @@ class AssignStaffController extends Controller {
|
|||
$ticketNumber = Controller::request('ticketNumber');
|
||||
$staffId = Controller::request('staffId');
|
||||
$this->ticket = Ticket::getByTicketNumber($ticketNumber);
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if($staffId) {
|
||||
$this->staffToAssign = Staff::getDataStore($staffId, 'id');
|
||||
|
|
@ -68,8 +69,8 @@ class AssignStaffController extends Controller {
|
|||
throw new RequestException(ERRORS::TICKET_ALREADY_ASSIGNED);
|
||||
}
|
||||
|
||||
if(!$this->ticketHasStaffDepartment()) {
|
||||
throw new RequestException(ERRORS::INVALID_DEPARTMENT);
|
||||
if(!$user->canManageTicket($this->ticket)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
} else {
|
||||
$this->staffToAssign->sharedTicketList->add($this->ticket);
|
||||
$this->ticket->owner = $this->staffToAssign;
|
||||
|
|
@ -90,15 +91,4 @@ class AssignStaffController extends Controller {
|
|||
|
||||
}
|
||||
|
||||
public function ticketHasStaffDepartment() {
|
||||
$departmentMatch = false;
|
||||
|
||||
foreach ($this->staffToAssign->sharedDepartmentList as $department) {
|
||||
if($this->ticket->department->id === $department->id) {
|
||||
$departmentMatch = true;
|
||||
}
|
||||
}
|
||||
|
||||
return $departmentMatch;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,6 +51,10 @@ class UnAssignStaffController extends Controller {
|
|||
$ticket = Ticket::getByTicketNumber($ticketNumber);
|
||||
$owner = $ticket->owner;
|
||||
|
||||
if(!$user->canManageTicket($ticket)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
if($owner && ($ticket->isOwner($user) || $user->level > 2)) {
|
||||
if(!$ticket->isAuthor($owner)) {
|
||||
$owner->sharedTicketList->remove($ticket);
|
||||
|
|
|
|||
|
|
@ -50,6 +50,9 @@ class AddTagController extends Controller {
|
|||
$tagId = Controller::request('tagId');
|
||||
$tag = Tag::getDataStore($tagId);
|
||||
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if(!$user->canManageTicket($ticket)) throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
|
||||
if ($ticket->sharedTagList->includesId($tagId)) throw new RequestException(ERRORS::TAG_EXISTS);
|
||||
|
||||
|
|
|
|||
|
|
@ -56,6 +56,8 @@ class ChangeDepartmentController extends Controller {
|
|||
throw new Exception(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
if (!$user->canManageTicket($ticket)) throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
|
||||
if($ticket->owner && $ticket->owner->id !== $user->id && $user->level == 1){
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -50,6 +50,9 @@ class ChangePriorityController extends Controller {
|
|||
$ticket = Ticket::getByTicketNumber($ticketNumber);
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if (!$user->canManageTicket($ticket)) throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
|
||||
|
||||
if($ticket->owner && $user->id === $ticket->owner->id) {
|
||||
$ticket->priority = $priority;
|
||||
$ticket->unread = !$ticket->isAuthor($user);
|
||||
|
|
|
|||
|
|
@ -70,6 +70,12 @@ class CloseController extends Controller {
|
|||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
if(Controller::isStaffLogged()){
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if (!$user->canManageTicket($this->ticket)) throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
$this->markAsUnread();
|
||||
$this->addCloseEvent();
|
||||
$this->ticket->closed = true;
|
||||
|
|
|
|||
|
|
@ -81,11 +81,18 @@ class CommentController extends Controller {
|
|||
$ticketAuthor = $this->ticket->authorToArray();
|
||||
$isAuthor = $this->ticket->isAuthor(Controller::getLoggedUser()) || Session::getInstance()->isTicketSession();
|
||||
$isOwner = $this->ticket->isOwner(Controller::getLoggedUser());
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if((Controller::isUserSystemEnabled() || Controller::isStaffLogged()) && !$isOwner && !$isAuthor) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
if(Controller::isStaffLogged()){
|
||||
if(!$user->canManageTicket($this->ticket)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
}
|
||||
|
||||
$this->storeComment();
|
||||
|
||||
if($isAuthor && $this->ticket->owner) {
|
||||
|
|
|
|||
|
|
@ -44,6 +44,7 @@ class EditCommentController extends Controller {
|
|||
public function handler() {
|
||||
$user = Controller::getLoggedUser();
|
||||
$newcontent = Controller::request('content');
|
||||
$ticketNumberLog = null;
|
||||
|
||||
$ticketevent = Ticketevent::getTicketEvent(Controller::request('ticketEventId'));
|
||||
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
|
|
@ -52,17 +53,32 @@ class EditCommentController extends Controller {
|
|||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
if(Controller::isStaffLogged()){
|
||||
if(!$ticketevent->isNull()){
|
||||
$ticket = $ticketevent->ticket;
|
||||
}
|
||||
|
||||
if(!$user->canManageTicket($ticket)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
}
|
||||
|
||||
if(!$ticketevent->isNull()){
|
||||
$ticketNumber = Ticket::getTicket($ticketevent->ticketId)->ticketNumber;
|
||||
|
||||
$ticketevent->content = $newcontent;
|
||||
$ticketevent->editedContent = true;
|
||||
$ticketevent->store();
|
||||
}else{
|
||||
$ticketNumber = $ticket->ticketNumber;
|
||||
|
||||
$ticket->content = $newcontent;
|
||||
$ticket->editedContent = true;
|
||||
$ticket->store();
|
||||
}
|
||||
|
||||
|
||||
Log::createLog('EDIT_COMMENT', $ticketNumber);
|
||||
|
||||
Response::respondSuccess();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -43,9 +43,10 @@ class ReOpenController extends Controller {
|
|||
public function handler() {
|
||||
$this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
|
||||
if($this->shouldDenyPermission()) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
return;
|
||||
if(Controller::isStaffLogged()){
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if (!$user->canManageTicket($this->ticket)) throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
$this->markAsUnread();
|
||||
|
|
@ -59,19 +60,6 @@ class ReOpenController extends Controller {
|
|||
Response::respondSuccess();
|
||||
}
|
||||
|
||||
|
||||
private function shouldDenyPermission() {
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
return !(
|
||||
$this->ticket->isAuthor($user) ||
|
||||
(
|
||||
Controller::isStaffLogged() &&
|
||||
$user->sharedDepartmentList->includesId($this->ticket->department->id)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
private function markAsUnread() {
|
||||
if(Controller::isStaffLogged()) {
|
||||
$this->ticket->unread = true;
|
||||
|
|
|
|||
|
|
@ -49,6 +49,9 @@ class RemoveTagController extends Controller {
|
|||
$tagId = Controller::request('tagId');
|
||||
$tag = Tag::getDataStore($tagId);
|
||||
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if (!$user->canManageTicket($ticket)) throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
|
||||
if (!$ticket->sharedTagList->includesId($tagId)) throw new RequestException(ERRORS::INVALID_TAG);
|
||||
|
||||
|
|
|
|||
|
|
@ -28,9 +28,9 @@ class Log extends DataStore {
|
|||
|
||||
public static function createLog($type,$to, $author = null) {
|
||||
if($author === null) {
|
||||
$author = Controller::getLoggedUser();
|
||||
}
|
||||
|
||||
$author = Controller::getLoggedUser();
|
||||
}
|
||||
|
||||
$log = new Log();
|
||||
|
||||
$log->setProperties(array(
|
||||
|
|
@ -50,7 +50,9 @@ class Log extends DataStore {
|
|||
|
||||
public function toArray() {
|
||||
$author = ($this->authorUser instanceof User) ? $this->authorUser : $this->authorStaff;
|
||||
|
||||
if(!$author){
|
||||
throw new Exception($this->id);
|
||||
}
|
||||
return [
|
||||
'type' => $this->type,
|
||||
'to' => $this->to,
|
||||
|
|
@ -59,7 +61,7 @@ class Log extends DataStore {
|
|||
'id' => $author->id,
|
||||
'staff' => $author instanceof Staff
|
||||
],
|
||||
'date' => $this->date
|
||||
'date' => $this->date
|
||||
];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ class Staff extends DataStore {
|
|||
return [
|
||||
'level' => 1,
|
||||
'ownStatList' => new DataStoreList(),
|
||||
'sendEmailOnNewTicket' => 0
|
||||
'sendEmailOnNewTicket' => 0
|
||||
];
|
||||
}
|
||||
|
||||
|
|
@ -49,6 +49,10 @@ class Staff extends DataStore {
|
|||
return parent::getDataStore($value, $property);
|
||||
}
|
||||
|
||||
public function canManageTicket(Ticket $ticket){
|
||||
return $this->sharedDepartmentList->includesId($ticket->departmentId);
|
||||
}
|
||||
|
||||
public function toArray() {
|
||||
return [
|
||||
'id' => $this->id,
|
||||
|
|
|
|||
|
|
@ -45,37 +45,4 @@ describe '/ticket/change-department' do
|
|||
(lastLog['type']).should.equal('DEPARTMENT_CHANGED')
|
||||
end
|
||||
|
||||
it 'should unassing ticket if staff does not server new department' do
|
||||
ticket = $database.getRow('ticket', 1 , 'id')
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2]',
|
||||
staffId: 1
|
||||
})
|
||||
|
||||
result = request('/ticket/change-department', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
departmentId: 3,
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
ticket = $database.getRow('ticket', 1 , 'id')
|
||||
(ticket['unread']).should.equal('1')
|
||||
(ticket['department_id']).should.equal('3')
|
||||
(ticket['owner_id']).should.equal(nil)
|
||||
|
||||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('DEPARTMENT_CHANGED')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2, 3]',
|
||||
staffId: 1
|
||||
})
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue