mirror of
https://github.com/opensupports/opensupports.git
synced 2025-07-31 01:35:15 +02:00
Remove special functionality of "ticket assignment", other minor fixes (#587)
* fix ticketEventId submit * staff allow manage ticket feature * edit-comment log * fix staff1/2 change own perfile pic * Makes frontend allow ticket editing for any staff member * Allows all staff members in charge of the department of a ticket to manage it (change its department, priority, comment on it, etc.) * fix comments github pt1 * tests ruby * fix * Fix ruby tests * add commenteed tests
This commit is contained in:
Guillermo Giuliana
Ivan Diaz
parent
2e4817b144
commit
63ef66198a
@ -19,6 +19,7 @@ class ActivityRow extends React.Component {
|
||||
'RE_OPEN',
|
||||
'DEPARTMENT_CHANGED',
|
||||
'PRIORITY_CHANGED',
|
||||
'EDIT_COMMENT',
|
||||
|
||||
'EDIT_SETTINGS',
|
||||
'SIGNUP',
|
||||
@ -56,7 +57,8 @@ class ActivityRow extends React.Component {
|
||||
'CREATE_TICKET',
|
||||
'RE_OPEN',
|
||||
'DEPARTMENT_CHANGED',
|
||||
'PRIORITY_CHANGED'
|
||||
'PRIORITY_CHANGED',
|
||||
'COMMENT_EDITED',
|
||||
];
|
||||
|
||||
return (
|
||||
@ -100,6 +102,7 @@ class ActivityRow extends React.Component {
|
||||
'RE_OPEN': 'unlock-alt',
|
||||
'DEPARTMENT_CHANGED': 'exchange',
|
||||
'PRIORITY_CHANGED': 'exclamation',
|
||||
'EDIT_COMMENT': 'edit',
|
||||
|
||||
'EDIT_SETTINGS': 'wrench',
|
||||
'SIGNUP': 'user-plus',
|
||||
|
||||
@ -98,19 +98,23 @@
|
||||
text-align: left;
|
||||
position:relative;
|
||||
|
||||
&:hover {
|
||||
.ticket-event__comment-content__edit {
|
||||
color: grey;
|
||||
cursor:pointer;
|
||||
}
|
||||
}
|
||||
|
||||
img {
|
||||
max-width:100%;
|
||||
}
|
||||
|
||||
&__edit {
|
||||
position:absolute;
|
||||
top: 3px;
|
||||
right: 9px;
|
||||
align-self: right;
|
||||
color:white;
|
||||
:hover {
|
||||
color: grey;
|
||||
cursor:pointer;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -444,6 +444,7 @@ class TicketViewer extends React.Component {
|
||||
}
|
||||
}).then(this.onTicketModification.bind(this));
|
||||
}
|
||||
|
||||
addTag(tag) {
|
||||
API.call({
|
||||
path: '/ticket/add-tag',
|
||||
@ -463,6 +464,7 @@ class TicketViewer extends React.Component {
|
||||
}
|
||||
}).then(this.onTicketModification.bind(this))
|
||||
}
|
||||
|
||||
onCustomResponsesChanged({index}) {
|
||||
let replaceContentWithCustomResponse = () => {
|
||||
this.setState({
|
||||
@ -492,7 +494,7 @@ class TicketViewer extends React.Component {
|
||||
const data = {};
|
||||
|
||||
if(ticketeventid){
|
||||
data.ticketeventId = ticketeventid
|
||||
data.ticketEventId = ticketeventid
|
||||
}else{
|
||||
data.ticketNumber = this.props.ticket.ticketNumber
|
||||
}
|
||||
@ -523,6 +525,7 @@ class TicketViewer extends React.Component {
|
||||
commentError: true
|
||||
});
|
||||
}
|
||||
|
||||
onSubmit(formState) {
|
||||
this.setState({
|
||||
loading: true
|
||||
|
||||
@ -75,10 +75,7 @@ class AdminPanelViewTicket extends React.Component {
|
||||
onChange: this.retrieveTicket.bind(this),
|
||||
assignmentAllowed: this.props.assignmentAllowed,
|
||||
customResponses: this.props.customResponses,
|
||||
editable: (
|
||||
(this.state.ticket.owner && this.state.ticket.owner.id == SessionStore.getSessionData().userId) ||
|
||||
(this.state.ticket.author && this.state.ticket.author.staff && this.state.ticket.author.id == SessionStore.getSessionData().userId)
|
||||
)
|
||||
editable: true
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
@ -228,6 +228,7 @@ export default {
|
||||
'ACTIVITY_RE_OPEN': 'reopened ticket',
|
||||
'ACTIVITY_DEPARTMENT_CHANGED': 'changed department of ticket',
|
||||
'ACTIVITY_PRIORITY_CHANGED': 'changed priority of ticket',
|
||||
'ACTIVITY_EDIT_COMMENT': 'edited a comment of ticket',
|
||||
|
||||
'ACTIVITY_EDIT_SETTINGS': 'edited settings',
|
||||
'ACTIVITY_SIGNUP': 'signed up',
|
||||
|
||||
@ -49,6 +49,7 @@ class AssignStaffController extends Controller {
|
||||
$ticketNumber = Controller::request('ticketNumber');
|
||||
$staffId = Controller::request('staffId');
|
||||
$this->ticket = Ticket::getByTicketNumber($ticketNumber);
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if($staffId) {
|
||||
$this->staffToAssign = Staff::getDataStore($staffId, 'id');
|
||||
@ -68,8 +69,8 @@ class AssignStaffController extends Controller {
|
||||
throw new RequestException(ERRORS::TICKET_ALREADY_ASSIGNED);
|
||||
}
|
||||
|
||||
if(!$this->ticketHasStaffDepartment()) {
|
||||
throw new RequestException(ERRORS::INVALID_DEPARTMENT);
|
||||
if(!$user->canManageTicket($this->ticket)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
} else {
|
||||
$this->staffToAssign->sharedTicketList->add($this->ticket);
|
||||
$this->ticket->owner = $this->staffToAssign;
|
||||
@ -90,15 +91,4 @@ class AssignStaffController extends Controller {
|
||||
|
||||
}
|
||||
|
||||
public function ticketHasStaffDepartment() {
|
||||
$departmentMatch = false;
|
||||
|
||||
foreach ($this->staffToAssign->sharedDepartmentList as $department) {
|
||||
if($this->ticket->department->id === $department->id) {
|
||||
$departmentMatch = true;
|
||||
}
|
||||
}
|
||||
|
||||
return $departmentMatch;
|
||||
}
|
||||
}
|
||||
|
||||
@ -59,7 +59,7 @@ class EditStaffController extends Controller {
|
||||
|
||||
if(!$staffId) {
|
||||
$this->staffInstance = Controller::getLoggedUser();
|
||||
} else if(Controller::isStaffLogged(3)) {
|
||||
} else if(Controller::isStaffLogged(3) || ((Controller::isStaffLogged() && Controller::getLoggedUser()->id == $staffId)) ) {
|
||||
$this->staffInstance = Staff::getDataStore($staffId, 'id');
|
||||
|
||||
if($this->staffInstance->isNull()) {
|
||||
|
||||
@ -51,6 +51,10 @@ class UnAssignStaffController extends Controller {
|
||||
$ticket = Ticket::getByTicketNumber($ticketNumber);
|
||||
$owner = $ticket->owner;
|
||||
|
||||
if(!$user->canManageTicket($ticket)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
if($owner && ($ticket->isOwner($user) || $user->level > 2)) {
|
||||
if(!$ticket->isAuthor($owner)) {
|
||||
$owner->sharedTicketList->remove($ticket);
|
||||
|
||||
@ -50,6 +50,9 @@ class AddTagController extends Controller {
|
||||
$tagId = Controller::request('tagId');
|
||||
$tag = Tag::getDataStore($tagId);
|
||||
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if(!$user->canManageTicket($ticket)) throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
|
||||
if ($ticket->sharedTagList->includesId($tagId)) throw new RequestException(ERRORS::TAG_EXISTS);
|
||||
|
||||
|
||||
@ -56,7 +56,7 @@ class ChangeDepartmentController extends Controller {
|
||||
throw new Exception(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
if($ticket->owner && $ticket->owner->id !== $user->id && $user->level == 1){
|
||||
if(!$user->canManageTicket($ticket)){
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
|
||||
@ -50,7 +50,8 @@ class ChangePriorityController extends Controller {
|
||||
$ticket = Ticket::getByTicketNumber($ticketNumber);
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if($ticket->owner && $user->id === $ticket->owner->id) {
|
||||
if(!$user->canManageTicket($ticket)) throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
|
||||
$ticket->priority = $priority;
|
||||
$ticket->unread = !$ticket->isAuthor($user);
|
||||
$event = Ticketevent::getEvent(Ticketevent::PRIORITY_CHANGED);
|
||||
@ -64,9 +65,5 @@ class ChangePriorityController extends Controller {
|
||||
|
||||
Log::createLog('PRIORITY_CHANGED', $ticket->ticketNumber);
|
||||
Response::respondSuccess();
|
||||
} else {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@ -61,12 +61,14 @@ class CloseController extends Controller {
|
||||
|
||||
public function handler() {
|
||||
$this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if(
|
||||
(Controller::isUserSystemEnabled() || Controller::isStaffLogged()) &&
|
||||
!$this->ticket->isOwner(Controller::getLoggedUser()) &&
|
||||
!$this->ticket->isAuthor(Controller::getLoggedUser())
|
||||
) {
|
||||
if(!Controller::isStaffLogged() && Controller::isUserSystemEnabled() &&
|
||||
!$user->canManageTicket($this->ticket)){
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
if(Controller::isStaffLogged() && (!$user->canManageTicket($this->ticket))){
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
|
||||
@ -81,8 +81,13 @@ class CommentController extends Controller {
|
||||
$ticketAuthor = $this->ticket->authorToArray();
|
||||
$isAuthor = $this->ticket->isAuthor(Controller::getLoggedUser()) || Session::getInstance()->isTicketSession();
|
||||
$isOwner = $this->ticket->isOwner(Controller::getLoggedUser());
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if((Controller::isUserSystemEnabled() || Controller::isStaffLogged()) && !$isOwner && !$isAuthor) {
|
||||
if(!Controller::isStaffLogged() && Controller::isUserSystemEnabled() && !$isAuthor){
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
if(!$user->canManageTicket($this->ticket)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
|
||||
@ -44,24 +44,40 @@ class EditCommentController extends Controller {
|
||||
public function handler() {
|
||||
$user = Controller::getLoggedUser();
|
||||
$newcontent = Controller::request('content');
|
||||
$ticketNumberLog = null;
|
||||
|
||||
$ticketevent = Ticketevent::getTicketEvent(Controller::request('ticketEventId'));
|
||||
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
|
||||
if(!Controller::isStaffLogged() && ($user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId )){
|
||||
if(!Controller::isStaffLogged() && ($user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId ) ){
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
if(Controller::isStaffLogged()){
|
||||
if(!$ticketevent->isNull()){
|
||||
$ticket = $ticketevent->ticket;
|
||||
}
|
||||
|
||||
if(!$user->canManageTicket($ticket)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
}
|
||||
|
||||
if(!$ticketevent->isNull()){
|
||||
$ticketNumber = Ticket::getTicket($ticketevent->ticketId)->ticketNumber;
|
||||
|
||||
$ticketevent->content = $newcontent;
|
||||
$ticketevent->editedContent = true;
|
||||
$ticketevent->store();
|
||||
}else{
|
||||
$ticketNumber = $ticket->ticketNumber;
|
||||
|
||||
$ticket->content = $newcontent;
|
||||
$ticket->editedContent = true;
|
||||
$ticket->store();
|
||||
}
|
||||
|
||||
Log::createLog('EDIT_COMMENT', $ticketNumber);
|
||||
|
||||
Response::respondSuccess();
|
||||
}
|
||||
|
||||
@ -77,7 +77,7 @@ class TicketGetController extends Controller {
|
||||
private function shouldDenyPermission() {
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
return (!Controller::isStaffLogged() && (Controller::isUserSystemEnabled() && $this->ticket->author->id !== $user->id)) ||
|
||||
(Controller::isStaffLogged() && (!$user->sharedTicketList->includesId($this->ticket->id) && !$user->sharedDepartmentList->includesId($this->ticket->department->id)));
|
||||
return (!Controller::isStaffLogged() && (Controller::isUserSystemEnabled() && !$user->canManageTicket($this->ticket))) ||
|
||||
(Controller::isStaffLogged() && !$user->canManageTicket($this->ticket));
|
||||
}
|
||||
}
|
||||
|
||||
@ -42,11 +42,9 @@ class ReOpenController extends Controller {
|
||||
|
||||
public function handler() {
|
||||
$this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if($this->shouldDenyPermission()) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
return;
|
||||
}
|
||||
if (!$user->canManageTicket($this->ticket)) throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
|
||||
$this->markAsUnread();
|
||||
$this->addReopenEvent();
|
||||
@ -59,19 +57,6 @@ class ReOpenController extends Controller {
|
||||
Response::respondSuccess();
|
||||
}
|
||||
|
||||
|
||||
private function shouldDenyPermission() {
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
return !(
|
||||
$this->ticket->isAuthor($user) ||
|
||||
(
|
||||
Controller::isStaffLogged() &&
|
||||
$user->sharedDepartmentList->includesId($this->ticket->department->id)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
private function markAsUnread() {
|
||||
if(Controller::isStaffLogged()) {
|
||||
$this->ticket->unread = true;
|
||||
|
||||
@ -49,6 +49,9 @@ class RemoveTagController extends Controller {
|
||||
$tagId = Controller::request('tagId');
|
||||
$tag = Tag::getDataStore($tagId);
|
||||
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
$user = Controller::getLoggedUser();
|
||||
|
||||
if (!$user->canManageTicket($ticket)) throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
|
||||
if (!$ticket->sharedTagList->includesId($tagId)) throw new RequestException(ERRORS::INVALID_TAG);
|
||||
|
||||
|
||||
@ -44,7 +44,7 @@ class SeenController extends Controller {
|
||||
$user = Controller::getLoggedUser();
|
||||
$ticket = Ticket::getByTicketNumber($ticketnumber);
|
||||
|
||||
if(!$ticket->isOwner($user) && !$ticket->isAuthor($user)) {
|
||||
if(!$user->canManageTicket($this->ticket) && !$ticket->isAuthor($user)) {
|
||||
throw new RequestException(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
|
||||
@ -49,6 +49,10 @@ class Staff extends DataStore {
|
||||
return parent::getDataStore($value, $property);
|
||||
}
|
||||
|
||||
public function canManageTicket(Ticket $ticket){
|
||||
return $this->sharedDepartmentList->includesId($ticket->departmentId) || $this->id === $ticket->author_staff_id;
|
||||
}
|
||||
|
||||
public function toArray() {
|
||||
return [
|
||||
'id' => $this->id,
|
||||
|
||||
@ -43,6 +43,10 @@ class User extends DataStore {
|
||||
return parent::getDataStore($value, $property);
|
||||
}
|
||||
|
||||
public function canManageTicket(Ticket $ticket){
|
||||
return $ticket->isAuthor($this);
|
||||
}
|
||||
|
||||
public function toArray() {
|
||||
return [
|
||||
'email' => $this->email,
|
||||
|
||||
@ -67,16 +67,15 @@ class Scripts
|
||||
request('/user/logout')
|
||||
end
|
||||
|
||||
def self.createTicket(title = 'Winter is coming',content = 'The north remembers')
|
||||
def self.createTicket(title = 'Winter is coming',content = 'The north remembers', department = 1)
|
||||
result = request('/ticket/create', {
|
||||
title: title,
|
||||
content: content,
|
||||
departmentId: 1,
|
||||
departmentId: department,
|
||||
language: 'en',
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
result['data']
|
||||
end
|
||||
|
||||
|
||||
@ -24,7 +24,7 @@ describe'/staff/add' do
|
||||
(row['level']).should.equal('2')
|
||||
|
||||
row = $database.getRow('department', 1, 'id')
|
||||
(row['owners']).should.equal('3')
|
||||
(row['owners']).should.equal('4')
|
||||
|
||||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('ADD_STAFF')
|
||||
@ -46,6 +46,6 @@ describe'/staff/add' do
|
||||
(result['message']).should.equal('ALREADY_A_STAFF')
|
||||
|
||||
row = $database.getRow('department', 1, 'id')
|
||||
(row['owners']).should.equal('3')
|
||||
(row['owners']).should.equal('4')
|
||||
end
|
||||
end
|
||||
@ -16,7 +16,7 @@ describe'/staff/delete' do
|
||||
(row).should.equal(nil)
|
||||
|
||||
row = $database.getRow('department', 1, 'id')
|
||||
(row['owners']).should.equal('3')
|
||||
(row['owners']).should.equal('4')
|
||||
|
||||
end
|
||||
|
||||
@ -31,6 +31,6 @@ describe'/staff/delete' do
|
||||
(result['message']).should.equal('INVALID_STAFF')
|
||||
|
||||
row = $database.getRow('department', 1, 'id')
|
||||
(row['owners']).should.equal('3')
|
||||
(row['owners']).should.equal('4')
|
||||
end
|
||||
end
|
||||
|
||||
@ -25,20 +25,20 @@ describe'/staff/edit' do
|
||||
(rows['department_id']).should.equal('1')
|
||||
|
||||
row = $database.getRow('department', 1, 'id')
|
||||
(row['owners']).should.equal('3')
|
||||
(row['owners']).should.equal('4')
|
||||
|
||||
row = $database.getRow('department', 2, 'id')
|
||||
(row['owners']).should.equal('2')
|
||||
(row['owners']).should.equal('3')
|
||||
end
|
||||
|
||||
it 'should edit staff member ' do
|
||||
it 'should edit own data staff' do
|
||||
request('/staff/add', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
name: 'Arya Stark',
|
||||
password: 'starkpassword',
|
||||
email: 'arya@opensupports.com',
|
||||
level: 2,
|
||||
level: 1,
|
||||
profilePic: '',
|
||||
departments: '[1]'
|
||||
})
|
||||
@ -51,7 +51,8 @@ describe'/staff/edit' do
|
||||
staffId: row['id'],
|
||||
email: 'ayra2@opensupports.com',
|
||||
departments: '[1, 2, 3]',
|
||||
sendEmailOnNewTicket: 1
|
||||
sendEmailOnNewTicket: 1,
|
||||
level: 2
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
@ -63,10 +64,10 @@ describe'/staff/edit' do
|
||||
(row['send_email_on_new_ticket']).should.equal('0')
|
||||
|
||||
row = $database.getRow('department', 1, 'id')
|
||||
(row['owners']).should.equal('4')
|
||||
(row['owners']).should.equal('5')
|
||||
|
||||
row = $database.getRow('department', 2, 'id')
|
||||
(row['owners']).should.equal('3')
|
||||
(row['owners']).should.equal('4')
|
||||
|
||||
row = $database.getRow('department', 3, 'id')
|
||||
(row['owners']).should.equal('2')
|
||||
@ -82,4 +83,23 @@ describe'/staff/edit' do
|
||||
row = $database.getRow('staff', 'Arya Stark', 'name')
|
||||
(row['send_email_on_new_ticket']).should.equal('1')
|
||||
end
|
||||
|
||||
it 'should fail if is not staff logged' do
|
||||
|
||||
request('/user/logout')
|
||||
|
||||
result = request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
staffId: 1,
|
||||
email: 'stafffalse@opensupports.com',
|
||||
departments: '[1, 2]',
|
||||
sendEmailOnNewTicket: 1
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
@ -46,7 +46,7 @@ describe 'Retrieve all tickets' do
|
||||
})
|
||||
|
||||
(response['status']).should.equal('success')
|
||||
(response['data']['pages']).should.equal(4)
|
||||
(response['data']['pages']).should.equal(5)
|
||||
(response['data']['tickets'].size).should.equal(10)
|
||||
(response['data']['tickets'][0]['title']).should.equal('Quisque egestas ipsum')
|
||||
(response['data']['tickets'][1]['title']).should.equal('placerat id velit')
|
||||
@ -68,7 +68,7 @@ describe 'Retrieve all tickets' do
|
||||
})
|
||||
|
||||
(response['status']).should.equal('success')
|
||||
(response['data']['pages']).should.equal(4)
|
||||
(response['data']['pages']).should.equal(5)
|
||||
(response['data']['tickets'].size).should.equal(10)
|
||||
(response['data']['tickets'][0]['title']).should.equal('quis vulputate lectus feugiat eu')
|
||||
(response['data']['tickets'][1]['title']).should.equal('Fusce venenatis iaculis commodo')
|
||||
|
||||
@ -14,14 +14,14 @@ describe'/staff/get-all' do
|
||||
(result['data'][0]['email']).should.equal('staff@opensupports.com')
|
||||
(result['data'][0]['profilePic']).should.equal('')
|
||||
(result['data'][0]['level']).should.equal('3')
|
||||
(result['data'][0]['departments'][0]['id']).should.equal('1')
|
||||
(result['data'][0]['departments'][0]['name']).should.equal('Help and Support')
|
||||
(result['data'][0]['departments'][1]['id']).should.equal('2')
|
||||
(result['data'][0]['departments'][1]['name']).should.equal('useless private deapartment')
|
||||
(result['data'][0]['departments'][0]['id']).should.equal('2')
|
||||
(result['data'][0]['departments'][0]['name']).should.equal('useless private deapartment')
|
||||
(result['data'][0]['departments'][1]['id']).should.equal('1')
|
||||
(result['data'][0]['departments'][1]['name']).should.equal('Help and Support')
|
||||
(result['data'][0]['departments'][2]['id']).should.equal('3')
|
||||
(result['data'][0]['departments'][2]['name']).should.equal('Suggestions')
|
||||
(result['data'][0]['assignedTickets']).should.equal(6)
|
||||
(result['data'][0]['closedTickets']).should.equal(0)
|
||||
(result['data'][0]['assignedTickets']).should.equal(10)
|
||||
(result['data'][0]['closedTickets']).should.equal(1)
|
||||
|
||||
(result['data'][2]['name']).should.equal('Arya Stark')
|
||||
(result['data'][2]['email']).should.equal('ayra2@opensupports.com')
|
||||
|
||||
@ -10,6 +10,6 @@ describe '/staff/get-new-tickets' do
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
(result['data']['tickets'].size).should.equal(8)
|
||||
(result['data']['tickets'].size).should.equal(10)
|
||||
end
|
||||
end
|
||||
|
||||
@ -25,6 +25,6 @@ describe '/staff/get-tickets' do
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
(result['data']['tickets'].size).should.equal(5)
|
||||
(result['data']['tickets'].size).should.equal(9)
|
||||
end
|
||||
end
|
||||
|
||||
@ -29,7 +29,7 @@ describe'system/add-department' do
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
row = $database.getRow('department', 5, 'id')
|
||||
row = $database.getRow('department', 6, 'id')
|
||||
|
||||
(row['name']).should.equal('new department')
|
||||
(row['private']).should.equal("0")
|
||||
|
||||
@ -19,7 +19,7 @@ describe'system/disable-user-system' do
|
||||
|
||||
numberOftickets= $database.query("SELECT * FROM ticket WHERE author_id IS NULL AND author_email IS NOT NULL AND author_name IS NOT NULL")
|
||||
|
||||
(numberOftickets.num_rows).should.equal(41)
|
||||
(numberOftickets.num_rows).should.equal(51)
|
||||
|
||||
request('/user/logout')
|
||||
|
||||
@ -127,7 +127,7 @@ describe'system/disable-user-system' do
|
||||
|
||||
numberOftickets= $database.query("SELECT * FROM ticket WHERE author_email IS NULL AND author_name IS NULL AND author_id IS NOT NULL" )
|
||||
|
||||
(numberOftickets.num_rows).should.equal(42)
|
||||
(numberOftickets.num_rows).should.equal(52)
|
||||
|
||||
end
|
||||
|
||||
|
||||
@ -30,7 +30,7 @@ describe '/ticket/add-tag' do
|
||||
(result['message']).should.equal('INVALID_TICKET')
|
||||
end
|
||||
|
||||
it 'should add a tag' do
|
||||
it 'should add a tag if staff member serves to the deparment of the ticket' do
|
||||
result = request('/ticket/add-tag', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
@ -43,6 +43,58 @@ describe '/ticket/add-tag' do
|
||||
(result['status']).should.equal('success')
|
||||
end
|
||||
|
||||
it 'should add tag if staff member does not serve to the department of the ticket but is the author' do
|
||||
Scripts.createTicket('titleofthetickettoaddtags','thisisthecontentofthetickettoaddtags',3)
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2]',
|
||||
staffId: 1
|
||||
})
|
||||
|
||||
ticket = $database.getRow('ticket', 'thisisthecontentofthetickettoaddtags' , 'content')
|
||||
|
||||
result = request('/ticket/add-tag', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
tagId: 3,
|
||||
ticketNumber: ticket['ticket_number']
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
end
|
||||
|
||||
it 'should fail if staff member does not serve to the department of the ticket and he is not the author' do
|
||||
request('/user/logout')
|
||||
Scripts.createUser('pepito@pepito.com', 'pepito12345','pepito')
|
||||
Scripts.login('pepito@pepito.com', 'pepito12345')
|
||||
Scripts.createTicket('title70','contentoftheticket70',3)
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
ticket = $database.getRow('ticket','title70', 'title')
|
||||
|
||||
result = request('/ticket/add-tag', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
tagId: 2,
|
||||
ticketNumber: ticket['ticket_number']
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2, 3]',
|
||||
staffId: 1
|
||||
})
|
||||
end
|
||||
|
||||
|
||||
|
||||
it 'should fail if the tag is already attached' do
|
||||
result = request('/ticket/add-tag', {
|
||||
csrf_userid: $csrf_userid,
|
||||
|
||||
@ -2,6 +2,12 @@ describe '/ticket/change-department' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
Scripts.createTicket('Stafftitle','This ticket was made by an staff',1)
|
||||
request('/user/logout')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
request('/system/add-department', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
@ -12,6 +18,11 @@ describe '/ticket/change-department' do
|
||||
csrf_token: $csrf_token,
|
||||
name: 'Tech support'
|
||||
})
|
||||
request('/system/add-department', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
name: 'Instalation problems'
|
||||
})
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
@ -19,17 +30,15 @@ describe '/ticket/change-department' do
|
||||
staffId: 1
|
||||
})
|
||||
|
||||
it 'should change department if everything is okey' do
|
||||
it 'should change department if staff has same department as ticket' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
ticket = $database.getRow('ticket', 1 , 'id')
|
||||
request('/staff/assign-ticket', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
result = request('/ticket/change-department', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
departmentId: 3,
|
||||
departmentId: 4,
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
@ -38,19 +47,20 @@ describe '/ticket/change-department' do
|
||||
|
||||
ticket = $database.getRow('ticket', 1 , 'id')
|
||||
(ticket['unread']).should.equal('1')
|
||||
(ticket['department_id']).should.equal('3')
|
||||
(ticket['owner_id']).should.equal('1')
|
||||
(ticket['department_id']).should.equal('4')
|
||||
|
||||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('DEPARTMENT_CHANGED')
|
||||
end
|
||||
|
||||
it 'should unassing ticket if staff does not server new department' do
|
||||
|
||||
ticket = $database.getRow('ticket', 1 , 'id')
|
||||
Scripts.assignTicket(ticket['ticket_number'])
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2]',
|
||||
departments: '[2, 4]',
|
||||
staffId: 1
|
||||
})
|
||||
|
||||
@ -71,6 +81,21 @@ describe '/ticket/change-department' do
|
||||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('DEPARTMENT_CHANGED')
|
||||
|
||||
end
|
||||
it 'should change department if staff does not have ticket department and is author' do
|
||||
|
||||
ticket = $database.getRow('ticket', 'Stafftitle', 'title')
|
||||
|
||||
result = request('/ticket/change-department', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
departmentId: 1,
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
(ticket['department_id']).should.equal('1')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
|
||||
@ -1,59 +1,15 @@
|
||||
describe '/ticket/close' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should not close ticket if not assigned' do
|
||||
ticket = $database.getRow('ticket', 1 , 'id')
|
||||
request('/staff/un-assign-ticket', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
result = request('/ticket/close', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
end
|
||||
|
||||
it 'should close ticket if you have it assigned' do
|
||||
ticket = $database.getRow('ticket', 1 , 'id')
|
||||
|
||||
request('/staff/assign-ticket', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
result = request('/ticket/close', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
ticket = $database.getRow('ticket', 1 , 'id')
|
||||
(ticket['closed']).should.equal('1')
|
||||
(ticket['unread']).should.equal('1')
|
||||
|
||||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('CLOSE')
|
||||
request('/staff/un-assign-ticket', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
end
|
||||
|
||||
it 'should close ticket if you are the author' do
|
||||
it 'should close ticket if staff member has the same department as ticket' do
|
||||
request('/user/logout')
|
||||
Scripts.createUser('closer@os4.com','closer','Closer')
|
||||
Scripts.login('closer@os4.com','closer')
|
||||
Scripts.createTicket('tickettoclose')
|
||||
Scripts.createTicket('tickettoclose','thecontentoftickettoclose',1)
|
||||
Scripts.createTicket('tickettoclose2','thecontentoftickettoclose2',3)
|
||||
Scripts.createTicket('tickettoclose3','thecontentoftickettoclose3',3)
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
ticket = $database.getRow('ticket', 'tickettoclose', 'title')
|
||||
|
||||
@ -72,4 +28,78 @@ describe '/ticket/close' do
|
||||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('CLOSE')
|
||||
end
|
||||
it 'should close ticket if staff member does not serve to the department of the ticket but he is the author' do
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2]',
|
||||
staffId: 1
|
||||
})
|
||||
Scripts.createTicket('thisisanewticket','thisisthecontentofthenewticket',3)
|
||||
|
||||
ticket = $database.getRow('ticket', 'thisisanewticket', 'title')
|
||||
|
||||
result = request('/ticket/close', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
ticket = $database.getRow('ticket', 'tickettoclose', 'title')
|
||||
(ticket['closed']).should.equal('1')
|
||||
|
||||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('CLOSE')
|
||||
|
||||
end
|
||||
it 'should not close ticket if staff does not serve to the department of the ticket and he is not the author'do
|
||||
|
||||
ticket = $database.getRow('ticket', 'tickettoclose2', 'title')
|
||||
|
||||
result = request('/ticket/close', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
|
||||
ticket = $database.getRow('ticket', 'tickettoclose2', 'title')
|
||||
(ticket['closed']).should.equal('0')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2, 3]',
|
||||
staffId: 1
|
||||
})
|
||||
end
|
||||
it 'should close ticket if User is the author' do
|
||||
request('/user/logout')
|
||||
Scripts.login('closer@os4.com','closer')
|
||||
|
||||
ticket = $database.getRow('ticket', 'tickettoclose3', 'title')
|
||||
|
||||
result = request('/ticket/close', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
ticket = $database.getRow('ticket', 'tickettoclose3', 'title')
|
||||
(ticket['closed']).should.equal('1')
|
||||
|
||||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('CLOSE')
|
||||
|
||||
request('/user/logout')
|
||||
end
|
||||
end
|
||||
|
||||
@ -78,7 +78,7 @@ describe '/ticket/comment/' do
|
||||
(lastLog['type']).should.equal('COMMENT')
|
||||
end
|
||||
|
||||
it 'should add comment to ticket created by staff' do
|
||||
it 'should add comment if staff member serves to the same department as the ticket' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
result = request('/ticket/comment', {
|
||||
@ -102,6 +102,69 @@ describe '/ticket/comment/' do
|
||||
|
||||
request('/user/logout')
|
||||
end
|
||||
it 'should comment the ticket if staff member does not serve the deparment of the ticket and he is author' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createTicket('ticketttobecommented', 'tickettobecommentedbytheauthor', 2)
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1]',
|
||||
staffId: 1
|
||||
})
|
||||
ticket = $database.getRow('ticket', 'ticketttobecommented' , 'title')
|
||||
|
||||
result = request('/ticket/comment', {
|
||||
content: 'some comment content jeje',
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
ticket = $database.getRow('ticket', 'ticketttobecommented' , 'title')
|
||||
comment = $database.getRow('ticketevent', ticket['id'], 'ticket_id')
|
||||
(comment['content']).should.equal('some comment content jeje')
|
||||
(comment['type']).should.equal('COMMENT')
|
||||
(comment['author_staff_id']).should.equal($csrf_userid)
|
||||
|
||||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('COMMENT')
|
||||
|
||||
end
|
||||
it 'should not comment the ticket if staff member does not serve to the department of the ticket and he is not the author' do
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[]',
|
||||
staffId: 1
|
||||
})
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.login('commenter@os4.com', 'commenter')
|
||||
Scripts.createTicket('title138','commentofthetitkect138', 1)
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
ticket = $database.getRow('ticket', 'title138' , 'title')
|
||||
|
||||
result = request('/ticket/comment', {
|
||||
content: 'some comment content jeje',
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2]',
|
||||
staffId: 1
|
||||
})
|
||||
end
|
||||
|
||||
it 'should fail if user is not the author nor owner' do
|
||||
Scripts.createUser('no_commenter@comment.com', 'no_commenter', 'No Commenter')
|
||||
@ -139,8 +202,7 @@ describe '/ticket/comment/' do
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
(result['status']).should.equal('success')
|
||||
end
|
||||
|
||||
it 'should keep private on 0 if an user creates a private comment' do
|
||||
@ -179,7 +241,7 @@ describe '/ticket/comment/' do
|
||||
csrf_token: $csrf_token,
|
||||
private: 1
|
||||
})
|
||||
puts result['message']
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
comment = $database.getRow('ticketevent', 'this is a private comment', 'content')
|
||||
(comment['private']).should.equal("1")
|
||||
|
||||
@ -69,7 +69,6 @@ describe '/ticket/edit-comment' do
|
||||
request('/user/logout')
|
||||
end
|
||||
|
||||
|
||||
it 'should not change the content of a comment if the user is not the author' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
@ -81,4 +81,71 @@ describe '/ticket/get/' do
|
||||
(result['data']['events'][0]['type']).should.equal('COMMENT')
|
||||
(result['data']['events'][0]['content']).should.equal('some valid comment made')
|
||||
end
|
||||
it 'should successfully return the ticket information if staff member serves to the department of the ticket' do
|
||||
request('/user/logout')
|
||||
Scripts.login('cersei@os4.com', 'cersei')
|
||||
Scripts.createTicket('titleofticket87','contentoftheticket87',1)
|
||||
Scripts.createTicket('2titleofticket87','2contentoftheticket87',1)
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
ticket = $database.getRow('ticket','titleofticket87', 'title')
|
||||
|
||||
result = request('/ticket/get', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
(result['data']['ticketNumber']).should.equal(ticket['ticket_number'])
|
||||
(result['data']['title']).should.equal('titleofticket87')
|
||||
(result['data']['content']).should.equal('contentoftheticket87')
|
||||
|
||||
end
|
||||
it 'should successfully return the ticket information if staff member does not serve to the deparment of the ticket but is author' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
Scripts.createTicket('titleoftheticket107','contentoftheticket107',1)
|
||||
ticket = $database.getRow('ticket','titleoftheticket107', 'title')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[]'
|
||||
})
|
||||
|
||||
result = request('/ticket/get', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
(result['data']['ticketNumber']).should.equal(ticket['ticket_number'])
|
||||
(result['data']['title']).should.equal('titleoftheticket107')
|
||||
(result['data']['content']).should.equal('contentoftheticket107')
|
||||
end
|
||||
|
||||
it 'should fail if staff member does not serve to the department of the ticket and is not the author' do
|
||||
ticket = $database.getRow('ticket','2titleofticket87', 'title')
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/ticket/get', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2, 3]',
|
||||
staffId: 1
|
||||
})
|
||||
end
|
||||
end
|
||||
@ -2,7 +2,7 @@ describe '/ticket/re-open' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should re open a ticket if everything is okey' do
|
||||
it 'should re open a ticket if staff member has the deparment of the ticket' do
|
||||
ticket = $database.getRow('ticket', 1 , 'id')
|
||||
|
||||
result = request('/ticket/re-open', {
|
||||
@ -21,12 +21,50 @@ describe '/ticket/re-open' do
|
||||
(lastLog['type']).should.equal('RE_OPEN')
|
||||
|
||||
request('/user/logout')
|
||||
end
|
||||
it 'Should re-open if staff member does not serve to the department of the ticket and its the author'do
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createTicket('tickettitle','contentoftheticketthatisgoingtosucces',3)
|
||||
|
||||
ticket = $database.getRow('ticket', 'contentoftheticketthatisgoingtosucces' , 'content')
|
||||
|
||||
Scripts.closeTicket(ticket['ticketNumber'])
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2]',
|
||||
staffId: 1
|
||||
})
|
||||
|
||||
result = request('/ticket/re-open', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
ticket = $database.getRow('ticket', 'contentoftheticketthatisgoingtosucces' , 'content')
|
||||
(ticket['closed']).should.equal('0')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2, 3]',
|
||||
staffId: 1
|
||||
})
|
||||
end
|
||||
|
||||
it 'Should re-open ticket if the user is author' do
|
||||
Scripts.createUser('reopener@os4.com','reopener','Reopener')
|
||||
Scripts.login('reopener@os4.com','reopener')
|
||||
Scripts.createTicket('tickettoreopen')
|
||||
Scripts.createTicket('tickettuser','this ticket was made by an user',3)
|
||||
|
||||
ticket = $database.getRow('ticket', 'this ticket was made by an user', 'content')
|
||||
Scripts.closeTicket(ticket['ticketNumber'])
|
||||
|
||||
ticket = $database.getRow('ticket', 'tickettoreopen', 'title')
|
||||
|
||||
Scripts.closeTicket(ticket['ticketNumber'])
|
||||
|
||||
result = request('/ticket/re-open', {
|
||||
@ -42,5 +80,36 @@ describe '/ticket/re-open' do
|
||||
|
||||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('RE_OPEN')
|
||||
|
||||
request('/user/logout')
|
||||
end
|
||||
|
||||
it 'Should fail re-open the ticket if the staff does not serve to the department and he is not the author' do
|
||||
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
ticket = $database.getRow('ticket', 'this ticket was made by an user' , 'content')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2]',
|
||||
staffId: 1
|
||||
})
|
||||
|
||||
result = request('/ticket/re-open', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2, 3]',
|
||||
staffId: 1
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
@ -29,7 +29,7 @@ describe '/ticket/remove-tag' do
|
||||
(result['message']).should.equal('INVALID_TAG')
|
||||
end
|
||||
|
||||
it 'should remove an attached tag' do
|
||||
it 'should remove an attached tag if staff member serves to the department of the ticket' do
|
||||
result = request('/ticket/remove-tag', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
@ -40,7 +40,79 @@ describe '/ticket/remove-tag' do
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
end
|
||||
it 'should remove an attached tag if staff member does not serve to department ticket but is author' do
|
||||
Scripts.createTicket('title44','contentoftheticket44',3)
|
||||
ticket = $database.getRow('ticket','title44', 'title')
|
||||
|
||||
request('/ticket/add-tag', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
tagId: 1,
|
||||
ticketNumber: ticket['ticket_number']
|
||||
})
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2]',
|
||||
staffId: 1
|
||||
})
|
||||
|
||||
result = request('/ticket/remove-tag', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
tagId: 1,
|
||||
ticketNumber: ticket['ticket_number']
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2, 3]',
|
||||
staffId: 1
|
||||
})
|
||||
end
|
||||
it 'should fail if staff does not serve to department of the ticket and is not the author' do
|
||||
request('/user/logout')
|
||||
Scripts.login('pepito@pepito.com', 'pepito12345')
|
||||
Scripts.createTicket('title73','contentoftheticket73',3)
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
ticket = $database.getRow('ticket','title73', 'title')
|
||||
|
||||
request('/ticket/add-tag', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
tagId: 1,
|
||||
ticketNumber: ticket['ticket_number']
|
||||
})
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2]',
|
||||
staffId: 1
|
||||
})
|
||||
|
||||
result = request('/ticket/remove-tag', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
tagId: 1,
|
||||
ticketNumber: ticket['ticket_number']
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
departments: '[1, 2, 3]',
|
||||
staffId: 1
|
||||
})
|
||||
end
|
||||
|
||||
it 'should fail if the tag is not attached' do
|
||||
result = request('/ticket/remove-tag', {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user