From 62bd70cc3b68dd6f574d27aa0f5167dbabeabacb Mon Sep 17 00:00:00 2001
From: LautaroCesso <59095036+LautaroCesso@users.noreply.github.com>
Date: Mon, 25 Apr 2022 12:43:25 -0300
Subject: [PATCH] [DEV-318] Make staffs able to edit their own content (#1187)

* Fix edit ticket comment permissions

* wip

* Rename ticketEventToArray variable
---
 server/controllers/ticket/edit-comment.php | 28 ++++++++++++----------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/server/controllers/ticket/edit-comment.php b/server/controllers/ticket/edit-comment.php
index 396aefb8..830ce731 100644
--- a/server/controllers/ticket/edit-comment.php
+++ b/server/controllers/ticket/edit-comment.php
@@ -52,20 +52,22 @@ class EditCommentController extends Controller {
         $user = Controller::getLoggedUser();
         $newcontent = Controller::request('content', true);
         $ticketNumberLog = null;
-        $ticketevent = Ticketevent::getTicketEvent(Controller::request('ticketEventId'));
+        $ticketEvent = Ticketevent::getTicketEvent(Controller::request('ticketEventId'));
 
-        if(!$ticketevent->isNull()) {
-            $ticket = Ticket::getDataStore($ticketevent->ticketId);
+        if(!$ticketEvent->isNull()) {
+            $ticket = Ticket::getDataStore($ticketEvent->ticketId);
         } else {
             $ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
         }
 
-        if(!Controller::isStaffLogged() &&  $user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId) {
+        $ticketEventArray = $ticketEvent->toArray();
+
+        if(!Controller::isStaffLogged() &&  $user->id !== $ticketEventArray["author"]["id"] && $user->id !== $ticket->authorId) {
             throw new RequestException(ERRORS::NO_PERMISSION);
         }
 
-        if (!$ticketevent->isNull()) {
-            if($user->id !== $ticketevent->authorUserId) {
+        if (!$ticketEvent->isNull()) {
+            if($user->id !== $ticketEventArray["author"]["id"]) {
                 throw new RequestException(ERRORS::NO_PERMISSION);
             }
         } else if ($user->id !== $ticket->authorId) {
@@ -76,20 +78,20 @@ class EditCommentController extends Controller {
             throw new RequestException(ERRORS::NO_PERMISSION);
         }
 
-        if(!$ticketevent->isNull()) {
-            if($ticketevent->type !== "COMMENT" || $ticket->closed || $ticket->getLatestEventOfType("COMMENT")['id'] !== $ticketevent->id) {
+        if(!$ticketEvent->isNull()) {
+            if($ticketEvent->type !== "COMMENT" || $ticket->closed || $ticket->getLatestEventOfType("COMMENT")['id'] !== $ticketEvent->id) {
                 throw new RequestException(ERRORS::INVALID_TICKET_EVENT);
             }
         } else if(sizeof($ticket->getEventsOfType("COMMENT"))) {
             throw new RequestException(ERRORS::TICKET_CONTENT_CANNOT_BE_EDITED);
         }
 
-        if(!$ticketevent->isNull()){
-            $ticketNumber = Ticket::getTicket($ticketevent->ticketId)->ticketNumber;
+        if(!$ticketEvent->isNull()){
+            $ticketNumber = Ticket::getTicket($ticketEvent->ticketId)->ticketNumber;
 
-            $ticketevent->content = $newcontent;
-            $ticketevent->editedContent = true;
-            $ticketevent->store();
+            $ticketEvent->content = $newcontent;
+            $ticketEvent->editedContent = true;
+            $ticketEvent->store();
         } else {
             $ticketNumber = $ticket->ticketNumber;