From a093bb41a56bff91ef3a86b630e25633085a419e Mon Sep 17 00:00:00 2001
From: Guillermo <guillermo@opensupports.com>
Date: Fri, 20 Jul 2018 18:21:18 -0300
Subject: [PATCH] back-end structure and tests of feature #161 #80

---
 server/controllers/staff/assign-ticket.php    | 15 +++++++++++--
 server/controllers/user/recover-password.php  | 11 +++++++---
 .../user/send-recover-password.php            | 22 +++++++++++++------
 server/models/RecoverPassword.php             |  9 ++++----
 tests/staff/assign-ticket.rb                  | 17 ++++++++++++++
 tests/staff/get-all.rb                        |  2 +-
 tests/staff/get-new-tickets.rb                |  2 +-
 7 files changed, 60 insertions(+), 18 deletions(-)

diff --git a/server/controllers/staff/assign-ticket.php b/server/controllers/staff/assign-ticket.php
index 93af3332..670aee05 100755
--- a/server/controllers/staff/assign-ticket.php
+++ b/server/controllers/staff/assign-ticket.php
@@ -15,6 +15,7 @@ DataValidator::with('CustomValidations', true);
  * @apiPermission staff1
  *
  * @apiParam {Number} ticketNumber The number of the ticket to assign.
+ * @apiParam {Number} staffId The id of the staff.
  *
  * @apiUse NO_PERMISSION
  * @apiUse INVALID_TICKET
@@ -46,12 +47,22 @@ class AssignStaffController extends Controller {
 
     public function handler() {
         $ticketNumber = Controller::request('ticketNumber');
-        $this->user = Controller::getLoggedUser();
+        $staffId = Controller::request('staffId');
         $this->ticket = Ticket::getByTicketNumber($ticketNumber);
+        if($staffId) {
+            $this->user = Staff::getDataStore($staffId, 'id');
+            if($this->user->isNull()) {
+                throw new Exception(ERRORS::INVALID_STAFF);
+            }
+            if(!$this->user->sharedDepartmentList->includesId($this->ticket->department->id)) {
+                throw new Exception(ERRORS::INVALID_DEPARTMENT);
+            }
+        } else {
+            $this->user = Controller::getLoggedUser();
+        }
 
         if($this->ticket->owner) {
             throw new Exception(ERRORS::TICKET_ALREADY_ASSIGNED);
-            return;
         }
 
         if(!$this->ticketHasStaffDepartment())  {
diff --git a/server/controllers/user/recover-password.php b/server/controllers/user/recover-password.php
index c57ef82d..1050d82d 100755
--- a/server/controllers/user/recover-password.php
+++ b/server/controllers/user/recover-password.php
@@ -56,7 +56,7 @@ class RecoverPasswordController extends Controller {
         if(!Controller::isUserSystemEnabled()) {
             throw new Exception(ERRORS::USER_SYSTEM_DISABLED);
         }
-        
+
         $this->requestData();
         $this->changePassword();
     }
@@ -68,7 +68,12 @@ class RecoverPasswordController extends Controller {
     }
     public function changePassword() {
         $recoverPassword = RecoverPassword::getDataStore($this->token, 'token');
-        $this->user = User::getDataStore($this->email, 'email');
+
+        if($recoverPassword->staff) {
+            $this->user = Staff::getDataStore($this->email, 'email');
+        }else {
+            $this->user = User::getDataStore($this->email, 'email');
+        }
 
         if (!$recoverPassword->isNull() && !$this->user->isNull()) {
             $recoverPassword->delete();
@@ -80,7 +85,7 @@ class RecoverPasswordController extends Controller {
             $this->user->store();
 
             $this->sendMail();
-            Response::respondSuccess();
+            Response::respondSuccess(['staff' => $recoverPassword->staff]);
         } else {
             Response::respondError(ERRORS::NO_PERMISSION);
         }
diff --git a/server/controllers/user/send-recover-password.php b/server/controllers/user/send-recover-password.php
index 93ee08a4..04619319 100755
--- a/server/controllers/user/send-recover-password.php
+++ b/server/controllers/user/send-recover-password.php
@@ -10,11 +10,12 @@ DataValidator::with('CustomValidations', true);
  *
  * @apiGroup User
  *
- * @apiDescription This path sends a token to the email of the user to change his password.
+ * @apiDescription This path sends a token to the email of the user/staff to change his password.
  *
  * @apiPermission any
  *
- * @apiParam {String} email The email of the user who forgot the password.
+ * @apiParam {String} email The email of the user/staff who forgot the password.
+ * @apiParam {Boolean} staff Indicates if the user is a staff member.
  *
  * @apiUse INVALID_EMAIL
  * @apiUse USER_SYSTEM_DISABLED
@@ -30,6 +31,7 @@ class SendRecoverPasswordController extends Controller {
 
     private $token;
     private $user;
+    private $staff;
 
     public function validations() {
         return [
@@ -47,17 +49,24 @@ class SendRecoverPasswordController extends Controller {
         if(!Controller::isUserSystemEnabled()) {
             throw new Exception(ERRORS::USER_SYSTEM_DISABLED);
         }
-        
+
+        $this->staff = Controller::request('staff');
         $email = Controller::request('email');
-        $this->user = User::getUser($email,'email');
-        
+
+        if($this->staff){
+            $this->user = Staff::getUser($email,'email');
+        }else {
+            $this->user = User::getUser($email,'email');
+        }
+
         if(!$this->user->isNull()) {
             $this->token = Hashing::generateRandomToken();
 
             $recoverPassword = new RecoverPassword();
             $recoverPassword->setProperties(array(
                 'email' => $email,
-                'token' => $this->token
+                'token' => $this->token,
+                'staff' => $this->staff
             ));
             $recoverPassword->store();
 
@@ -67,7 +76,6 @@ class SendRecoverPasswordController extends Controller {
         } else {
             Response::respondError(ERRORS::INVALID_EMAIL);
         }
-        
     }
 
     public function sendEmail() {
diff --git a/server/models/RecoverPassword.php b/server/models/RecoverPassword.php
index 1cf15f1b..9ecd2785 100755
--- a/server/models/RecoverPassword.php
+++ b/server/models/RecoverPassword.php
@@ -1,15 +1,16 @@
 <?php
 class RecoverPassword extends DataStore {
     const TABLE = 'recoverpassword';
-    
+
     public static function getProps() {
         return array (
             'email',
-            'token'
+            'token',
+            'staff'
         );
     }
-    
+
     public function getDefaultProps() {
         return array();
     }
-}
\ No newline at end of file
+}
diff --git a/tests/staff/assign-ticket.rb b/tests/staff/assign-ticket.rb
index 9b53ef9a..0af17f4b 100644
--- a/tests/staff/assign-ticket.rb
+++ b/tests/staff/assign-ticket.rb
@@ -30,6 +30,23 @@ describe '/staff/assign-ticket' do
 
         (staff_ticket['ticket_id']).should.equal('1')
     end
+    it 'should assign ticket if a staff choose another to assing a ticket ' do
+        ticket = $database.getRow('ticket', 3 , 'id')
+        result = request('/staff/assign-ticket', {
+            ticketNumber: ticket['ticket_number'],
+            staffId:4,
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token
+        })
+        (result['status']).should.equal('success')
+
+        ticket = $database.getRow('ticket', 3 , 'id')
+
+        (ticket['owner_id']).should.equal('4')
+
+        (ticket['unread']).should.equal('1')
+
+    end
 
     it 'should fail if ticket is already owned' do
         ticket = $database.getRow('ticket', 1 , 'id')
diff --git a/tests/staff/get-all.rb b/tests/staff/get-all.rb
index 07f76825..4a508ea0 100644
--- a/tests/staff/get-all.rb
+++ b/tests/staff/get-all.rb
@@ -29,7 +29,7 @@ describe'/staff/get-all' do
         (result['data'][2]['level']).should.equal('2')
         (result['data'][2]['departments'][0]['id']).should.equal('1')
         (result['data'][2]['departments'][0]['name']).should.equal('Help and Support')
-        (result['data'][2]['assignedTickets']).should.equal(0)
+        (result['data'][2]['assignedTickets']).should.equal(1)
         (result['data'][2]['closedTickets']).should.equal(0)
     end
 end
diff --git a/tests/staff/get-new-tickets.rb b/tests/staff/get-new-tickets.rb
index 1d7caa1f..95833c40 100644
--- a/tests/staff/get-new-tickets.rb
+++ b/tests/staff/get-new-tickets.rb
@@ -10,6 +10,6 @@ describe '/staff/get-new-tickets' do
         })
 
         (result['status']).should.equal('success')
-        (result['data'].size).should.equal(9)
+        (result['data'].size).should.equal(8)
     end
 end