Fix user system disabled issues, add tests

2018-10-06 16:06:50 -03:00 · 2018-10-06 16:06:50 -03:00 · 60066bb9ca
parent e33c97116a
commit 60066bb9ca
3 changed files with 38 additions and 2 deletions
--- a/server/controllers/staff/un-assign-ticket.php
+++ b/server/controllers/staff/un-assign-ticket.php
@ -45,7 +45,7 @@ class UnAssignStaffController extends Controller {
        $ticket = Ticket::getByTicketNumber($ticketNumber);
        $owner = $ticket->owner;

-        if($ticket->isOwner($user) || $user->level > 2) {
+        if($owner && ($ticket->isOwner($user) || $user->level > 2)) {
            if(!$ticket->isAuthor($owner)) {
                $owner->sharedTicketList->remove($ticket);
                $owner->store();
--- a/server/models/Ticket.php
+++ b/server/models/Ticket.php
@ -141,6 +141,8 @@ class Ticket extends DataStore {
            ];
        } else {
            return [
+              'id' => NULL,
+              'staff' => false,
              'name' => $this->authorName,
              'email' => $this->authorEmail
            ];
@ -200,9 +202,9 @@ class Ticket extends DataStore {
    }

    public function isAuthor($user) {
-        if(!$user->isNull()) return false;
        $ticketAuthor = $this->authorToArray();
        if(is_string($user)) return $user == $ticketAuthor['email'];
+        if(!($user instanceof DataStore) || $user->isNull()) return false;
        return $user->id == $ticketAuthor['id'] && ($user instanceof Staff) == $ticketAuthor['staff'];
    }

--- a/tests/system/disable-user-system.rb
+++ b/tests/system/disable-user-system.rb
@ -65,6 +65,40 @@ describe'system/disable-user-system' do
            (result['status']).should.equal('success')
        end

+        it 'should be able to assign and respond tickets' do
+            Scripts.login($staff[:email], $staff[:password], true);
+            ticket = $database.getLastRow('ticket');
+            result = request('/staff/assign-ticket', {
+                ticketNumber: ticket['ticket_number'],
+                csrf_userid: $csrf_userid,
+                csrf_token: $csrf_token,
+            })
+            (result['status']).should.equal('success')
+
+            result = request('/ticket/comment', {
+                ticketNumber: ticket['ticket_number'],
+                content: 'This is a staff response for a ticket without an user',
+                csrf_userid: $csrf_userid,
+                csrf_token: $csrf_token,
+            })
+            (result['status']).should.equal('success')
+        end
+
+        it 'should be be able to create a ticket as an admin' do
+            result = request('/ticket/create', {
+                title: 'created by staff with user system disabled',
+                content: 'an staff created this ticket while user system disabled',
+                departmentId: 1,
+                language: 'en',
+                csrf_userid: $csrf_userid,
+                csrf_token: $csrf_token
+            })
+            (result['status']).should.equal('success')
+            ticket = $database.getRow('ticket', result['data']['ticketNumber'], 'ticket_number')
+            (ticket['author_id']).should.equal(nil)
+            (ticket['author_staff_id']).should.equal('1')
+        end
+
        it 'should not disable the user system if it is already disabled 'do
            request('/user/logout')
            Scripts.login($staff[:email], $staff[:password], true)