From 60066bb9ca66413904fce02774bedc7ea042d79e Mon Sep 17 00:00:00 2001
From: Ivan Diaz <ivan@opensupports.com>
Date: Sat, 6 Oct 2018 16:06:50 -0300
Subject: [PATCH] Fix user system disabled issues, add tests

---
 server/controllers/staff/un-assign-ticket.php |  2 +-
 server/models/Ticket.php                      |  4 ++-
 tests/system/disable-user-system.rb           | 34 +++++++++++++++++++
 3 files changed, 38 insertions(+), 2 deletions(-)

diff --git a/server/controllers/staff/un-assign-ticket.php b/server/controllers/staff/un-assign-ticket.php
index 537e6cff..a162d4d4 100755
--- a/server/controllers/staff/un-assign-ticket.php
+++ b/server/controllers/staff/un-assign-ticket.php
@@ -45,7 +45,7 @@ class UnAssignStaffController extends Controller {
         $ticket = Ticket::getByTicketNumber($ticketNumber);
         $owner = $ticket->owner;
 
-        if($ticket->isOwner($user) || $user->level > 2) {
+        if($owner && ($ticket->isOwner($user) || $user->level > 2)) {
             if(!$ticket->isAuthor($owner)) {
                 $owner->sharedTicketList->remove($ticket);
                 $owner->store();
diff --git a/server/models/Ticket.php b/server/models/Ticket.php
index f407ab02..282bd54e 100755
--- a/server/models/Ticket.php
+++ b/server/models/Ticket.php
@@ -141,6 +141,8 @@ class Ticket extends DataStore {
             ];
         } else {
             return [
+              'id' => NULL,
+              'staff' => false,
               'name' => $this->authorName,
               'email' => $this->authorEmail
             ];
@@ -200,9 +202,9 @@ class Ticket extends DataStore {
     }
 
     public function isAuthor($user) {
-        if(!$user->isNull()) return false;
         $ticketAuthor = $this->authorToArray();
         if(is_string($user)) return $user == $ticketAuthor['email'];
+        if(!($user instanceof DataStore) || $user->isNull()) return false;
         return $user->id == $ticketAuthor['id'] && ($user instanceof Staff) == $ticketAuthor['staff'];
     }
 
diff --git a/tests/system/disable-user-system.rb b/tests/system/disable-user-system.rb
index 81884ea8..e96adb56 100644
--- a/tests/system/disable-user-system.rb
+++ b/tests/system/disable-user-system.rb
@@ -65,6 +65,40 @@ describe'system/disable-user-system' do
             (result['status']).should.equal('success')
         end
 
+        it 'should be able to assign and respond tickets' do
+            Scripts.login($staff[:email], $staff[:password], true);
+            ticket = $database.getLastRow('ticket');
+            result = request('/staff/assign-ticket', {
+                ticketNumber: ticket['ticket_number'],
+                csrf_userid: $csrf_userid,
+                csrf_token: $csrf_token,
+            })
+            (result['status']).should.equal('success')
+
+            result = request('/ticket/comment', {
+                ticketNumber: ticket['ticket_number'],
+                content: 'This is a staff response for a ticket without an user',
+                csrf_userid: $csrf_userid,
+                csrf_token: $csrf_token,
+            })
+            (result['status']).should.equal('success')
+        end
+
+        it 'should be be able to create a ticket as an admin' do
+            result = request('/ticket/create', {
+                title: 'created by staff with user system disabled',
+                content: 'an staff created this ticket while user system disabled',
+                departmentId: 1,
+                language: 'en',
+                csrf_userid: $csrf_userid,
+                csrf_token: $csrf_token
+            })
+            (result['status']).should.equal('success')
+            ticket = $database.getRow('ticket', result['data']['ticketNumber'], 'ticket_number')
+            (ticket['author_id']).should.equal(nil)
+            (ticket['author_staff_id']).should.equal('1')
+        end
+
         it 'should not disable the user system if it is already disabled 'do
             request('/user/logout')
             Scripts.login($staff[:email], $staff[:password], true)