commit
5b1d3d8b50
|
@ -14,7 +14,7 @@ class AdminPanelSearchTickets extends React.Component {
|
|||
return (
|
||||
<div className="admin-panel-all-tickets">
|
||||
<Header title={this.getList().title} description={i18n('SEARCH_TICKETS_DESCRIPTION')} />
|
||||
{(this.props.error) ? <Message type="error">{i18n('ERROR_RETRIEVING_TICKETS')}</Message> : <TicketQueryList customList ={this.getList().filters}/>}
|
||||
{(this.props.error) ? <Message type="error">{i18n('ERROR_RETRIEVING_TICKETS')}</Message> : <TicketQueryList customList ={this.getList()}/>}
|
||||
</div>
|
||||
);
|
||||
}
|
||||
|
|
|
@ -363,6 +363,7 @@ export default {
|
|||
'NO_PERMISSION': 'You\'ve no permission to access to this page.',
|
||||
'INVALID_USER': 'User id is invalid',
|
||||
'INVALID_TITLE': 'invalid title',
|
||||
'INVALID_NAME': 'invalid name',
|
||||
'ERROR_RETRIEVING_TICKETS': 'An error occurred while trying to retrieve tickets.',
|
||||
'ERROR_RETRIEVING_USERS': 'An error occurred while trying to retrieve users.',
|
||||
'ERROR_RETRIEVING_BAN_LIST': 'An error occurred while trying to retrieve the list of banned emails.',
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
import Validator from 'lib-app/validations/validator';
|
||||
import _ from 'lodash';
|
||||
|
||||
class LengthValidator extends Validator {
|
||||
constructor(length, errorKey = 'INVALID_VALUE', validator = null) {
|
||||
|
@ -12,8 +13,10 @@ class LengthValidator extends Validator {
|
|||
let div = document.createElement("div");
|
||||
div.innerHTML = value;
|
||||
let text = div.textContent || div.innerText || "";
|
||||
|
||||
if (text.length < this.minlength) return this.getError(this.errorKey);
|
||||
if(_.every(text, c => c === " ")) {
|
||||
text = text.replace(/\s/g, '');
|
||||
}
|
||||
if(text.length < this.minlength) return this.getError(this.errorKey);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
import Validator from 'lib-app/validations/validator';
|
||||
|
||||
class SpaceValidator extends Validator {
|
||||
constructor(errorKey = 'INVALID_VALUE', validator = null) {
|
||||
super(validator);
|
||||
|
||||
this.errorKey = errorKey;
|
||||
}
|
||||
|
||||
validate(value = '', form = {}) {
|
||||
let div = document.createElement("div");
|
||||
div.innerHTML = value;
|
||||
let text = div.textContent || div.innerText || "";
|
||||
|
||||
if (text.replace(/\s/g, '').length < 1) return this.getError(this.errorKey);
|
||||
}
|
||||
}
|
||||
|
||||
export default SpaceValidator;
|
|
@ -4,13 +4,14 @@ import RepeatPasswordValidator from 'lib-app/validations/repeat-password-validat
|
|||
import LengthValidator from 'lib-app/validations/length-validator';
|
||||
import ListValidator from 'lib-app/validations/list-validator';
|
||||
import ImageSizeValidator from 'lib-app/validations/image-size-validator';
|
||||
import SpaceValidator from './space-validator';
|
||||
|
||||
let validators = {
|
||||
'DEFAULT': new Validator(),
|
||||
'NAME': new LengthValidator(2, 'ERROR_NAME'),
|
||||
'TITLE': new LengthValidator(1, 'ERROR_TITLE'),
|
||||
'EMAIL': new EmailValidator(),
|
||||
'TEXT_AREA': new ImageSizeValidator(undefined, new LengthValidator(10, 'ERROR_CONTENT_SHORT')),
|
||||
'TEXT_AREA': new ImageSizeValidator(undefined, new LengthValidator(1, 'ERROR_CONTENT_SHORT')),
|
||||
'PASSWORD': new LengthValidator(6, 'ERROR_PASSWORD'),
|
||||
'REPEAT_PASSWORD': new RepeatPasswordValidator(),
|
||||
'URL': new LengthValidator(5, 'ERROR_URL'),
|
||||
|
|
|
@ -36,9 +36,9 @@ class AddTopicController extends Controller {
|
|||
'permission' => 'staff_2',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(2, 100),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
]
|
||||
'validation' => DataValidator::notBlank()->length(1, 200),
|
||||
'error' => ERRORS::INVALID_TITLE
|
||||
],
|
||||
]
|
||||
];
|
||||
}
|
||||
|
|
|
@ -40,11 +40,11 @@ class AddArticleController extends Controller {
|
|||
'permission' => 'staff_2',
|
||||
'requestData' => [
|
||||
'title' => [
|
||||
'validation' => DataValidator::length(1, 100),
|
||||
'validation' => DataValidator::notBlank()->length(1, 100),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
'content' => [
|
||||
'validation' => DataValidator::length(10),
|
||||
'validation' => DataValidator::content(),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'topicId' => [
|
||||
|
|
|
@ -38,7 +38,12 @@ class EditTopicController extends Controller {
|
|||
'topicId' => [
|
||||
'validation' => DataValidator::dataStoreId('topic'),
|
||||
'error' => ERRORS::INVALID_TOPIC
|
||||
]
|
||||
],
|
||||
'name' => [
|
||||
'validation' => DataValidator::notBlank()->length(1, 200),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
|
||||
]
|
||||
];
|
||||
}
|
||||
|
|
|
@ -41,7 +41,15 @@ class EditArticleController extends Controller {
|
|||
'articleId' => [
|
||||
'validation' => DataValidator::dataStoreId('article'),
|
||||
'error' => ERRORS::INVALID_TOPIC
|
||||
]
|
||||
],
|
||||
'title' => [
|
||||
'validation' => DataValidator::oneOf(DataValidator::notBlank()->length(1, 200),DataValidator::nullType()),
|
||||
'error' => ERRORS::INVALID_TITLE
|
||||
],
|
||||
'content' => [
|
||||
'validation' => DataValidator::oneOf(DataValidator::content(),DataValidator::nullType()),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
]
|
||||
];
|
||||
}
|
||||
|
|
|
@ -42,7 +42,7 @@ class EditStaffController extends Controller {
|
|||
'error' => ERRORS::INVALID_EMAIL
|
||||
],
|
||||
'password' => [
|
||||
'validation' => DataValidator::oneOf(DataValidator::length(5, 200), DataValidator::falseVal()),
|
||||
'validation' => DataValidator::oneOf(DataValidator::notBlank()->length(5, 200), DataValidator::falseVal()),
|
||||
'error' => ERRORS::INVALID_PASSWORD
|
||||
],
|
||||
'level' => [
|
||||
|
|
|
@ -64,7 +64,7 @@ class GetAllTicketsStaffController extends Controller {
|
|||
$query .= $this->getStaffDepartmentsQueryFilter();
|
||||
$query .= $this->getClosedFilter();
|
||||
$query .= "ORDER BY CASE WHEN (title LIKE ?) THEN 1 ELSE 2 END ASC, id DESC LIMIT 10 OFFSET " . (($page-1)*10);
|
||||
|
||||
|
||||
return Ticket::find($query, [
|
||||
Controller::request('query') . '%',
|
||||
'%' . Controller::request('query') . '%',
|
||||
|
|
|
@ -47,7 +47,7 @@ class InviteStaffController extends Controller {
|
|||
'permission' => 'staff_3',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(2, 55),
|
||||
'validation' => DataValidator::notBlank()->length(2, 55),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
'email' => [
|
||||
|
|
|
@ -35,7 +35,7 @@ class SearchTicketStaffController extends Controller {
|
|||
'permission' => 'staff_1',
|
||||
'requestData' => [
|
||||
'query' => [
|
||||
'validation' => DataValidator::length(1),
|
||||
'validation' => DataValidator::notBlank()->length(1),
|
||||
'error' => ERRORS::INVALID_QUERY
|
||||
],
|
||||
'page' => [
|
||||
|
|
|
@ -34,7 +34,7 @@ class AddAPIKeyController extends Controller {
|
|||
'permission' => 'staff_3',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(2, 55)->alnum(),
|
||||
'validation' => DataValidator::notBlank()->length(2, 55)->alnum(),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
'type' => [
|
||||
|
|
|
@ -37,9 +37,13 @@ class AddCustomFieldController extends Controller {
|
|||
'permission' => 'staff_2',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(2, 100),
|
||||
'validation' => DataValidator::notBlank()->length(2, 100),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
'description' => [
|
||||
'validation' => DataValidator::notBlank()->length(2, 100),
|
||||
'error' => ERRORS::INVALID_DESCRIPTION
|
||||
],
|
||||
'type' => [
|
||||
'validation' => DataValidator::oneOf(
|
||||
DataValidator::equals('text'),
|
||||
|
|
|
@ -31,7 +31,7 @@ class AddDepartmentController extends Controller {
|
|||
'permission' => 'staff_3',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(2, 100),
|
||||
'validation' => DataValidator::notBlank()->length(2, 100),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
]
|
||||
]
|
||||
|
|
|
@ -31,7 +31,7 @@ class DeleteAPIKeyController extends Controller {
|
|||
'permission' => 'staff_3',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(2, 55),
|
||||
'validation' => DataValidator::notBlank()->length(2, 55),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
]
|
||||
]
|
||||
|
|
|
@ -37,7 +37,11 @@ class EditDepartmentController extends Controller {
|
|||
'departmentId' => [
|
||||
'validation' => DataValidator::dataStoreId('department'),
|
||||
'error' => ERRORS::INVALID_DEPARTMENT
|
||||
]
|
||||
],
|
||||
'name' => [
|
||||
'validation' => DataValidator::notBlank()->length(1, 200),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
]
|
||||
];
|
||||
}
|
||||
|
|
|
@ -46,15 +46,15 @@ class EditMailTemplateController extends Controller {
|
|||
'permission' => 'staff_3',
|
||||
'requestData' => [
|
||||
'template' => [
|
||||
'validation' => DataValidator::length(4),
|
||||
'validation' => DataValidator::notBlank()->length(4),
|
||||
'error' => ERRORS::INVALID_TEMPLATE
|
||||
],
|
||||
'language' => [
|
||||
'validation' => DataValidator::length(2, 2),
|
||||
'validation' => DataValidator::notBlank()->length(2,2),
|
||||
'error' => ERRORS::INVALID_LANGUAGE
|
||||
],
|
||||
'subject' => [
|
||||
'validation' => DataValidator::length(4),
|
||||
'validation' => DataValidator::notBlank()->length(4),
|
||||
'error' => ERRORS::INVALID_SUBJECT
|
||||
],
|
||||
]
|
||||
|
|
|
@ -12,7 +12,7 @@ class EmailPollingController extends Controller {
|
|||
'permission' => 'any',
|
||||
'requestData' => [
|
||||
'token' => [
|
||||
'validation' => DataValidator::length(1, 200),
|
||||
'validation' => DataValidator::notBlank()->length(1, 200),
|
||||
'error' => ERRORS::INVALID_TOKEN
|
||||
]
|
||||
]
|
||||
|
|
|
@ -31,11 +31,11 @@ class GetMailTemplateController extends Controller {
|
|||
'permission' => 'staff_3',
|
||||
'requestData' => [
|
||||
'template' => [
|
||||
'validation' => DataValidator::length(4),
|
||||
'validation' => DataValidator::notBlank()->length(4),
|
||||
'error' => ERRORS::INVALID_TEMPLATE
|
||||
],
|
||||
'language' => [
|
||||
'validation' => DataValidator::length(2, 2),
|
||||
'validation' => DataValidator::notBlank()->length(2, 2),
|
||||
'error' => ERRORS::INVALID_LANGUAGE
|
||||
],
|
||||
]
|
||||
|
|
|
@ -36,7 +36,7 @@ class InitAdminController extends Controller {
|
|||
'permission' => 'any',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(2, 55),
|
||||
'validation' => DataValidator::notBlank()->length(2, 55),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
'email' => [
|
||||
|
@ -44,7 +44,7 @@ class InitAdminController extends Controller {
|
|||
'error' => ERRORS::INVALID_EMAIL
|
||||
],
|
||||
'password' => [
|
||||
'validation' => DataValidator::length(5, 200),
|
||||
'validation' => DataValidator::notBlank()->length(5, 200),
|
||||
'error' => ERRORS::INVALID_PASSWORD
|
||||
],
|
||||
]
|
||||
|
|
|
@ -33,11 +33,11 @@ class RecoverMailTemplateController extends Controller {
|
|||
'permission' => 'staff_3',
|
||||
'requestData' => [
|
||||
'template' => [
|
||||
'validation' => DataValidator::length(4),
|
||||
'validation' => DataValidator::notBlank()->length(4),
|
||||
'error' => ERRORS::INVALID_TEMPLATE
|
||||
],
|
||||
'language' => [
|
||||
'validation' => DataValidator::length(2, 2),
|
||||
'validation' => DataValidator::notBlank()->length(2, 2),
|
||||
'error' => ERRORS::INVALID_LANGUAGE
|
||||
],
|
||||
]
|
||||
|
|
|
@ -36,11 +36,11 @@ class AddCustomResponseController extends Controller {
|
|||
'permission' => 'staff_2',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(5, 100),
|
||||
'validation' => DataValidator::notBlank()->length(5, 100),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
'content' => [
|
||||
'validation' => DataValidator::length(20, 500),
|
||||
'validation' => DataValidator::content(),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'language' => [
|
||||
|
|
|
@ -47,7 +47,7 @@ class CommentController extends Controller {
|
|||
'permission' => 'user',
|
||||
'requestData' => [
|
||||
'content' => [
|
||||
'validation' => DataValidator::length(20, 5000),
|
||||
'validation' => DataValidator::content(),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'ticketNumber' => [
|
||||
|
@ -61,7 +61,7 @@ class CommentController extends Controller {
|
|||
'permission' => 'any',
|
||||
'requestData' => [
|
||||
'content' => [
|
||||
'validation' => DataValidator::length(20, 5000),
|
||||
'validation' => DataValidator::content(),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'ticketNumber' => [
|
||||
|
@ -83,11 +83,10 @@ class CommentController extends Controller {
|
|||
$isAuthor = $this->session->isTicketSession() || $this->ticket->isAuthor($this->user);
|
||||
$isOwner = $this->ticket->isOwner($this->user);
|
||||
$private = Controller::request('private');
|
||||
|
||||
if(!Controller::isStaffLogged() && Controller::isUserSystemEnabled() && !$isAuthor){
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
|
||||
if(!$this->session->isTicketSession() && !$this->user->canManageTicket($this->ticket)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
|
|
@ -34,7 +34,7 @@ class CreateTagController extends Controller {
|
|||
'permission' => 'staff_3',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(2, 100),
|
||||
'validation' => DataValidator::notBlank()->length(2, 100),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
'color' => [
|
||||
|
|
|
@ -54,11 +54,11 @@ class CreateController extends Controller {
|
|||
'permission' => 'user',
|
||||
'requestData' => [
|
||||
'title' => [
|
||||
'validation' => DataValidator::length(1, 200),
|
||||
'validation' => DataValidator::notBlank()->length(1, 200),
|
||||
'error' => ERRORS::INVALID_TITLE
|
||||
],
|
||||
'content' => [
|
||||
'validation' => DataValidator::length(10, 5000),
|
||||
'validation' => DataValidator::content(),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'departmentId' => [
|
||||
|
@ -83,7 +83,7 @@ class CreateController extends Controller {
|
|||
'error' => ERRORS::INVALID_EMAIL
|
||||
];
|
||||
$validations['requestData']['name'] = [
|
||||
'validation' => DataValidator::length(2, 40),
|
||||
'validation' => DataValidator::notBlank()->length(2, 40),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
];
|
||||
}
|
||||
|
|
|
@ -36,7 +36,7 @@ class EditCommentController extends Controller {
|
|||
'permission' => 'user',
|
||||
'requestData' => [
|
||||
'content' => [
|
||||
'validation' => DataValidator::length(10, 5000),
|
||||
'validation' => DataValidator::content(),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'ticketNumber' => [
|
||||
|
@ -50,7 +50,7 @@ class EditCommentController extends Controller {
|
|||
'permission' => 'any',
|
||||
'requestData' => [
|
||||
'content' => [
|
||||
'validation' => DataValidator::length(10, 5000),
|
||||
'validation' => DataValidator::content(),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'ticketNumber' => [
|
||||
|
|
|
@ -37,7 +37,15 @@ class EditCustomResponseController extends Controller {
|
|||
'id' => [
|
||||
'validation' => DataValidator::dataStoreId('customresponse'),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
]
|
||||
],
|
||||
'content' => [
|
||||
'validation' => DataValidator::content(),
|
||||
'error' => ERRORS::INVALID_CONTENT
|
||||
],
|
||||
'name' => [
|
||||
'validation' => DataValidator::oneOf(DataValidator::notBlank()->length(1, 200),DataValidator::nullType()),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
]
|
||||
];
|
||||
}
|
||||
|
|
|
@ -41,6 +41,10 @@ class EditTagController extends Controller {
|
|||
'color' => [
|
||||
'validation' => DataValidator::hexRgbColor()->startsWith('#'),
|
||||
'error' => ERRORS::INVALID_COLOR
|
||||
],
|
||||
'name' => [
|
||||
'validation' => DataValidator::notBlank()->length(1, 200),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
]
|
||||
]
|
||||
];
|
||||
|
|
|
@ -95,6 +95,10 @@ class SearchController extends Controller {
|
|||
'validation' => DataValidator::oneOf(DataValidator::in(['0','1']),DataValidator::nullType()),
|
||||
'error' => ERRORS::INVALID_ASSIGNED_FILTER
|
||||
],
|
||||
'query' => [
|
||||
'validation' => DataValidator::oneOf(DataValidator::notBlank(),DataValidator::nullType()),
|
||||
'error' => ERRORS::INVALID_QUERY_FILTER
|
||||
],
|
||||
'orderBy' => [
|
||||
'validation' => DataValidator::oneOf(DataValidator::validOrderBy(),DataValidator::nullType()),
|
||||
'error' => ERRORS::INVALID_ORDER_BY
|
||||
|
@ -104,6 +108,12 @@ class SearchController extends Controller {
|
|||
}
|
||||
|
||||
public function handler() {
|
||||
|
||||
$allowedDepartmentsId = [];
|
||||
foreach (Controller::getLoggedUser()->sharedDepartmentList->toArray() as $department) {
|
||||
array_push($allowedDepartmentsId,$department['id']);
|
||||
}
|
||||
|
||||
$inputs = [
|
||||
'closed' => Controller::request('closed'),
|
||||
'tags' => json_decode(Controller::request('tags')),
|
||||
|
@ -117,14 +127,14 @@ class SearchController extends Controller {
|
|||
'query' => Controller::request('query'),
|
||||
'orderBy' => json_decode(Controller::request('orderBy'),true),
|
||||
'page' => Controller::request('page'),
|
||||
'allowedDepartments' => Controller::getLoggedUser()->sharedDepartmentList->toArray(),
|
||||
'allowedDepartments' => $allowedDepartmentsId,
|
||||
'staffId' => Controller::getLoggedUser()->id
|
||||
];
|
||||
|
||||
|
||||
$query = $this->getSQLQuery($inputs);
|
||||
$queryWithOrder = $this->getSQLQueryWithOrder($inputs);
|
||||
$totalCount = RedBean::getAll("SELECT COUNT(*) FROM (SELECT COUNT(*) " . $query . " ) AS T2", [':query' => $inputs['query']])[0]['COUNT(*)'];
|
||||
$totalCount = RedBean::getAll("SELECT COUNT(*) FROM (SELECT COUNT(*) " . $query . " ) AS T2", [':query' => "%" . $inputs['query'] . "%"])[0]['COUNT(*)'];
|
||||
$ticketIdList = RedBean::getAll($queryWithOrder, [':query' => "%" . $inputs['query'] . "%"]);
|
||||
$ticketList = [];
|
||||
|
||||
|
@ -133,7 +143,6 @@ class SearchController extends Controller {
|
|||
array_push($ticketList, $ticket->toArray());
|
||||
}
|
||||
$ticketTableExists = RedBean::exec("select table_name from information_schema.tables where table_name = 'ticket';");
|
||||
|
||||
if($ticketTableExists){
|
||||
Response::respondSuccess([
|
||||
'tickets' => $ticketList,
|
||||
|
@ -254,13 +263,29 @@ class SearchController extends Controller {
|
|||
}
|
||||
}
|
||||
|
||||
private function setDepartmentFilter($departments,$allowedDepartments, $idStaff, &$filters){
|
||||
private function setDepartmentFilter($requestedDepartments,$myDepartments, $idStaff, &$filters){
|
||||
if ($filters != "") $filters .= " and ";
|
||||
|
||||
$validDepartments = $this->generateValidDepartmentList($departments, $allowedDepartments);
|
||||
if (!$requestedDepartments) $requestedDepartments = [];
|
||||
|
||||
$requestedOwnedDepartments = $this->getRequestedOwnedDepartments($requestedDepartments, $myDepartments);
|
||||
$requestedNotOwnedDepartments = $this->getRequestedNotOwnedDepartments($requestedDepartments, $myDepartments);
|
||||
$first = TRUE;
|
||||
if($validDepartments){
|
||||
foreach($validDepartments as $department) {
|
||||
|
||||
if(!$requestedOwnedDepartments && !$requestedNotOwnedDepartments){
|
||||
foreach($myDepartments as $department) {
|
||||
if($first){
|
||||
$filters .= " ( ";
|
||||
$first = FALSE;
|
||||
} else {
|
||||
$filters .= " or ";
|
||||
}
|
||||
$filters .= "ticket.department_id = " . $department;
|
||||
}
|
||||
$filters .= ")";
|
||||
}
|
||||
|
||||
if($requestedOwnedDepartments){
|
||||
foreach($requestedOwnedDepartments as $department) {
|
||||
if($first){
|
||||
$filters .= " ( ";
|
||||
$first = FALSE;
|
||||
|
@ -269,11 +294,24 @@ class SearchController extends Controller {
|
|||
}
|
||||
$filters .= "ticket.department_id = " . $department;
|
||||
}
|
||||
$filters .= " or ";
|
||||
}else{
|
||||
$filters .= "(";
|
||||
}
|
||||
$filters .= "ticket.author_staff_id = " . $idStaff . ")";
|
||||
|
||||
if($requestedNotOwnedDepartments){
|
||||
if($requestedOwnedDepartments) $filters .= " or ";
|
||||
$filters .= "(ticket.author_staff_id = " . $idStaff . " and ";
|
||||
$first = TRUE;
|
||||
foreach($requestedNotOwnedDepartments as $department) {
|
||||
if($first){
|
||||
$filters .= " ( ";
|
||||
$first = FALSE;
|
||||
} else {
|
||||
$filters .= " or ";
|
||||
}
|
||||
$filters .= "ticket.department_id = " . $department;
|
||||
}
|
||||
$filters .= "))";
|
||||
}
|
||||
if($requestedOwnedDepartments) $filters .= " )";
|
||||
}
|
||||
|
||||
private function setAuthorFilter($authors, &$filters){
|
||||
|
@ -338,21 +376,21 @@ class SearchController extends Controller {
|
|||
$filters .= " (ticket.title LIKE :query or ticket.content LIKE :query or ticket.ticket_number LIKE :query". $ticketevent ." )";
|
||||
};
|
||||
}
|
||||
|
||||
private function getRequestedOwnedDepartments($requestedDepartments, $myDepartments){
|
||||
$requestedOwnedDepartments = [];
|
||||
$requestedOwnedDepartments = array_values(array_unique(array_intersect($requestedDepartments, $myDepartments)));
|
||||
|
||||
return $requestedOwnedDepartments;
|
||||
}
|
||||
|
||||
private function generateValidDepartmentList($departments, $allowedDepartments){
|
||||
$result = [];
|
||||
$managedDepartments = [];
|
||||
if($departments == null) $departments = [];
|
||||
foreach ($allowedDepartments as $department) {
|
||||
array_push($managedDepartments,$department['id']);
|
||||
}
|
||||
$result = array_intersect($departments,$managedDepartments);
|
||||
|
||||
if(empty($result)) $result = $managedDepartments;
|
||||
|
||||
$result = array_unique($result);
|
||||
|
||||
return $result;
|
||||
private function getRequestedNotOwnedDepartments($requestedDepartments, $myDepartments){
|
||||
$requestedNotOwnedDepartments = [];
|
||||
$requestedOwnedDepartments = [];
|
||||
$requestedOwnedDepartments = array_values(array_unique(array_intersect($requestedDepartments, $myDepartments)));
|
||||
$requestedNotOwnedDepartments = array_values(array_diff($requestedDepartments, $requestedOwnedDepartments));
|
||||
|
||||
return $requestedNotOwnedDepartments;
|
||||
}
|
||||
|
||||
//ORDER
|
||||
|
|
|
@ -33,7 +33,7 @@ class EditPassword extends Controller {
|
|||
'permission' => 'user',
|
||||
'requestData' => [
|
||||
'newPassword' => [
|
||||
'validation' => DataValidator::length(5, 200),
|
||||
'validation' => DataValidator::notBlank()->length(5, 200),
|
||||
'error' => ERRORS::INVALID_PASSWORD
|
||||
]
|
||||
]
|
||||
|
|
|
@ -45,7 +45,7 @@ class InviteUserController extends Controller {
|
|||
'permission' => 'staff_1',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(2, 55),
|
||||
'validation' => DataValidator::notBlank()->length(2, 55),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
'email' => [
|
||||
|
|
|
@ -48,7 +48,7 @@ class RecoverPasswordController extends Controller {
|
|||
'error' => ERRORS::INVALID_EMAIL
|
||||
],
|
||||
'password' => [
|
||||
'validation' => DataValidator::length(5, 200),
|
||||
'validation' => DataValidator::notBlank()->length(5, 200),
|
||||
'error' => ERRORS::INVALID_PASSWORD
|
||||
]
|
||||
]
|
||||
|
|
|
@ -56,7 +56,7 @@ class SignUpController extends Controller {
|
|||
'permission' => 'any',
|
||||
'requestData' => [
|
||||
'name' => [
|
||||
'validation' => DataValidator::length(2, 55),
|
||||
'validation' => DataValidator::notBlank()->length(2, 55),
|
||||
'error' => ERRORS::INVALID_NAME
|
||||
],
|
||||
'email' => [
|
||||
|
@ -64,7 +64,7 @@ class SignUpController extends Controller {
|
|||
'error' => ERRORS::INVALID_EMAIL
|
||||
],
|
||||
'password' => [
|
||||
'validation' => DataValidator::length(5, 200),
|
||||
'validation' => DataValidator::notBlank()->length(5, 200),
|
||||
'error' => ERRORS::INVALID_PASSWORD
|
||||
]
|
||||
]
|
||||
|
|
|
@ -39,6 +39,10 @@
|
|||
* @apiDefine INVALID_NAME
|
||||
* @apiError {String} INVALID_NAME The name is invalid, probably too short.
|
||||
*/
|
||||
/**
|
||||
* @apiDefine INVALID_DESCRIPTION
|
||||
* @apiError {String} INVALID_DESCRIPTION The description is invalid.
|
||||
*/
|
||||
/**
|
||||
* @apiDefine INVALID_SETTING
|
||||
* @apiError {String} INVALID_SETTING The setting are invalid.
|
||||
|
@ -127,6 +131,10 @@
|
|||
* @apiDefine INVALID_ASSIGNED_FILTER
|
||||
* @apiError {String} INVALID_ASSIGNED_FILTER The assigned filter is invalid.
|
||||
*/
|
||||
/**
|
||||
* @apiDefine INVALID_QUERY_FILTER
|
||||
* @apiError {String} INVALID_QUERY_FILTER The query filter is invalid.
|
||||
*/
|
||||
/**
|
||||
* @apiDefine INVALID_ORDER_BY
|
||||
* @apiError {String} INVALID_ORDER_BY The order-by is invalid.
|
||||
|
@ -307,6 +315,7 @@ class ERRORS {
|
|||
const INVALID_EMAIL = 'INVALID_EMAIL';
|
||||
const INVALID_PASSWORD = 'INVALID_PASSWORD';
|
||||
const INVALID_NAME = 'INVALID_NAME';
|
||||
const INVALID_DESCRIPTION = 'INVALID_DESCRIPTION';
|
||||
const INVALID_SETTING = 'INVALID_SETTING';
|
||||
const INVALID_DEPARTMENT = 'INVALID_DEPARTMENT';
|
||||
const INVALID_TICKET = 'INVALID_TICKET';
|
||||
|
@ -330,6 +339,7 @@ class ERRORS {
|
|||
const INVALID_AUTHOR_FILTER = 'INVALID_AUTHOR_FILTER';
|
||||
const INVALID_OWNER_FILTER = 'INVALID_OWNER_FILTER';
|
||||
const INVALID_ASSIGNED_FILTER = 'INVALID_ASSIGNED_FILTER';
|
||||
const INVALID_QUERY_FILTER = 'INVALID_QUERY_FILTER';
|
||||
const INVALID_ORDER_BY = 'INVALID_ORDER_BY';
|
||||
const INVALID_TOPIC = 'INVALID_TOPIC';
|
||||
const INVALID_SEARCH = 'INVALID_SEARCH';
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
<?php
|
||||
|
||||
namespace CustomValidations;
|
||||
|
||||
use Respect\Validation\Rules\AbstractRule;
|
||||
|
||||
class Content extends AbstractRule {
|
||||
public function validate($content) {
|
||||
$content = str_replace(" ",'',preg_replace("/<\s*[^>]*>/",'',$content));
|
||||
|
||||
if($content == '') return false;
|
||||
if(strlen($content) > 10000) return false;
|
||||
return true;
|
||||
}
|
||||
}
|
|
@ -209,7 +209,7 @@ class SearchControllerTest extends TestCase {
|
|||
]
|
||||
]
|
||||
]),
|
||||
'FROM (ticket LEFT JOIN tag_ticket ON tag_ticket.ticket_id = ticket.id LEFT JOIN ticketevent ON ticketevent.ticket_id = ticket.id) WHERE ( ticket.department_id = 2 or ticket.department_id = 1 or ticket.department_id = 3 or ticket.author_staff_id = 1) GROUP BY ticket.id'
|
||||
'FROM (ticket LEFT JOIN tag_ticket ON tag_ticket.ticket_id = ticket.id LEFT JOIN ticketevent ON ticketevent.ticket_id = ticket.id) WHERE ( ticket.department_id = 2 or ticket.department_id = 1 or ticket.department_id = 3) GROUP BY ticket.id'
|
||||
);
|
||||
|
||||
$this->assertEquals(
|
||||
|
@ -228,12 +228,12 @@ class SearchControllerTest extends TestCase {
|
|||
]
|
||||
]
|
||||
]),
|
||||
'FROM (ticket LEFT JOIN tag_ticket ON tag_ticket.ticket_id = ticket.id LEFT JOIN ticketevent ON ticketevent.ticket_id = ticket.id) WHERE ( ticket.department_id = 1 or ticket.author_staff_id = 1) GROUP BY ticket.id'
|
||||
'FROM (ticket LEFT JOIN tag_ticket ON tag_ticket.ticket_id = ticket.id LEFT JOIN ticketevent ON ticketevent.ticket_id = ticket.id) WHERE ( ticket.department_id = 1 ) GROUP BY ticket.id'
|
||||
);
|
||||
|
||||
$this->assertEquals(
|
||||
$this->searchController->getSQLQuery([
|
||||
'departments' => [1,2,3],
|
||||
'departments' => [1,2,3,4],
|
||||
'staffId' => 1,
|
||||
'allowedDepartments' => [
|
||||
[
|
||||
|
@ -241,13 +241,26 @@ class SearchControllerTest extends TestCase {
|
|||
],
|
||||
[
|
||||
'id' => 1
|
||||
],
|
||||
[
|
||||
'id' => 3
|
||||
]
|
||||
]
|
||||
]),
|
||||
'FROM (ticket LEFT JOIN tag_ticket ON tag_ticket.ticket_id = ticket.id LEFT JOIN ticketevent ON ticketevent.ticket_id = ticket.id) WHERE ( ticket.department_id = 1 or ticket.department_id = 2 or ticket.department_id = 3 or ticket.author_staff_id = 1) GROUP BY ticket.id'
|
||||
'FROM (ticket LEFT JOIN tag_ticket ON tag_ticket.ticket_id = ticket.id LEFT JOIN ticketevent ON ticketevent.ticket_id = ticket.id) WHERE ( ticket.department_id = 1 or ticket.department_id = 2 or (ticket.author_staff_id = 1 and ( ticket.department_id = 3 or ticket.department_id = 4)) ) GROUP BY ticket.id'
|
||||
);
|
||||
|
||||
$this->assertEquals(
|
||||
$this->searchController->getSQLQuery([
|
||||
'departments' => [2],
|
||||
'staffId' => 1,
|
||||
'allowedDepartments' => [
|
||||
[
|
||||
'id' => 5
|
||||
],
|
||||
[
|
||||
'id' => 6
|
||||
]
|
||||
]
|
||||
]),
|
||||
'FROM (ticket LEFT JOIN tag_ticket ON tag_ticket.ticket_id = ticket.id LEFT JOIN ticketevent ON ticketevent.ticket_id = ticket.id) WHERE (ticket.author_staff_id = 1 and ( ticket.department_id = 2)) GROUP BY ticket.id'
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
@ -121,7 +121,7 @@ describe 'Custom fields' do
|
|||
it 'should success and shows all custom fields' do
|
||||
Scripts.createTextCustomField('mocktextfield1','description number 1')
|
||||
Scripts.createTextCustomField('mocktextfield2','description number 2')
|
||||
Scripts.createTextCustomField('mocktextfield3',nil)
|
||||
Scripts.createTextCustomField('mocktextfield3','description number 3')
|
||||
|
||||
result = request('/system/get-custom-fields', {
|
||||
csrf_userid: $csrf_userid,
|
||||
|
@ -147,7 +147,7 @@ describe 'Custom fields' do
|
|||
result['data'][2]['description'].should.equal('description number 2')
|
||||
result['data'][3]['name'].should.equal('mocktextfield3')
|
||||
result['data'][3]['type'].should.equal('text')
|
||||
result['data'][3]['description'].should.equal('')
|
||||
result['data'][3]['description'].should.equal('description number 3')
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ describe'system/disable-user-system' do
|
|||
|
||||
numberOftickets = $database.query("SELECT * FROM ticket WHERE author_id IS NULL AND author_email IS NOT NULL AND author_name IS NOT NULL")
|
||||
|
||||
(numberOftickets.num_rows).should.equal(52)
|
||||
(numberOftickets.num_rows).should.equal(53)
|
||||
|
||||
request('/user/logout')
|
||||
|
||||
|
@ -220,7 +220,7 @@ describe'system/disable-user-system' do
|
|||
|
||||
numberOftickets= $database.query("SELECT * FROM ticket WHERE author_email IS NULL AND author_name IS NULL AND author_id IS NOT NULL" )
|
||||
|
||||
(numberOftickets.num_rows).should.equal(55)
|
||||
(numberOftickets.num_rows).should.equal(56)
|
||||
end
|
||||
|
||||
it 'should not enable the user system' do
|
||||
|
|
|
@ -18,33 +18,6 @@ describe '/ticket/comment/' do
|
|||
(result['message']).should.equal('NO_PERMISSION')
|
||||
end
|
||||
|
||||
it 'should fail if content is too short' do
|
||||
result = request('/ticket/comment', {
|
||||
content: 'Test',
|
||||
ticketNumber: @ticketNumber,
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('INVALID_CONTENT')
|
||||
end
|
||||
|
||||
it 'should fail if content is very long' do
|
||||
long_text = ''
|
||||
6000.times {long_text << 'a'}
|
||||
|
||||
result = request('/ticket/comment', {
|
||||
content: long_text,
|
||||
ticketNumber: @ticketNumber,
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('INVALID_CONTENT')
|
||||
end
|
||||
|
||||
it 'should fail if ticket does not exist' do
|
||||
result = request('/ticket/comment', {
|
||||
content: 'some comment content',
|
||||
|
|
|
@ -32,7 +32,7 @@ describe '/ticket/create' do
|
|||
(result['message']).should.equal('INVALID_TITLE')
|
||||
end
|
||||
|
||||
it 'should fail if content is too short' do
|
||||
it 'should craete ticket with a short content' do
|
||||
result = request('/ticket/create', {
|
||||
title: 'Winter is coming',
|
||||
content: 'Test',
|
||||
|
@ -42,13 +42,12 @@ describe '/ticket/create' do
|
|||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('INVALID_CONTENT')
|
||||
(result['status']).should.equal('success')
|
||||
end
|
||||
|
||||
it 'should fail if content is very long' do
|
||||
it 'should fail if the ticket has a very large content' do
|
||||
long_text = ''
|
||||
6000.times {long_text << 'a'}
|
||||
10001.times {long_text << 'a'}
|
||||
|
||||
result = request('/ticket/create',{
|
||||
title: 'Winter is coming',
|
||||
|
@ -114,7 +113,7 @@ describe '/ticket/create' do
|
|||
Scripts.login('creator@os4.com','creator')
|
||||
|
||||
result = request('/ticket/create', {
|
||||
title: 'Winter is coming',
|
||||
title: 'Winter is coming!',
|
||||
content: 'The north remembers',
|
||||
departmentId: 1,
|
||||
language: 'en',
|
||||
|
@ -124,7 +123,7 @@ describe '/ticket/create' do
|
|||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
ticket = $database.getRow('ticket','Winter is coming','title')
|
||||
ticket = $database.getRow('ticket','Winter is coming!','title')
|
||||
(ticket['content']).should.equal('The north remembers')
|
||||
(ticket['unread']).should.equal('0')
|
||||
(ticket['closed']).should.equal('0')
|
||||
|
@ -168,7 +167,7 @@ describe '/ticket/create' do
|
|||
|
||||
ticket_number_gap = $database.getRow('setting', 'ticket-gap', 'name')['value'].to_i
|
||||
|
||||
ticket0 = $database.getRow('ticket','Winter is coming','title')['ticket_number'].to_i
|
||||
ticket0 = $database.getRow('ticket','Winter is coming!','title')['ticket_number'].to_i
|
||||
ticket1 = $database.getRow('ticket','Winter is coming1','title')['ticket_number'].to_i
|
||||
ticket2 = $database.getRow('ticket','Winter is coming2','title')['ticket_number'].to_i
|
||||
ticket3 = $database.getRow('ticket','Winter is coming3','title')['ticket_number'].to_i
|
||||
|
|
|
@ -34,7 +34,6 @@ describe 'CustomResponses' do
|
|||
})
|
||||
|
||||
customResponse = $database.getRow('customresponse', 1)
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
(customResponse['name']).should.equal('Some common problem')
|
||||
(customResponse['content']).should.equal('this is the content of a custom response for a common problem 2')
|
||||
|
|
Loading…
Reference in New Issue