From af92a6bbf242d089b3af1cfaf948f96afd6e14f5 Mon Sep 17 00:00:00 2001 From: Guillermo Date: Thu, 2 Jan 2020 09:55:55 -0300 Subject: [PATCH 1/8] part 1 edit ticket title --- client/src/app-components/ticket-viewer.js | 15 ++++- server/controllers/ticket.php | 1 + server/controllers/ticket/edit-comment.php | 4 ++ server/controllers/ticket/edit-title.php | 65 ++++++++++++++++++++++ server/models/Ticket.php | 3 +- tests/init.rb | 1 + tests/ticket/edit-title.rb | 62 +++++++++++++++++++++ 7 files changed, 149 insertions(+), 2 deletions(-) create mode 100644 server/controllers/ticket/edit-title.php create mode 100644 tests/ticket/edit-title.rb diff --git a/client/src/app-components/ticket-viewer.js b/client/src/app-components/ticket-viewer.js index e965fe8e..dac48eda 100644 --- a/client/src/app-components/ticket-viewer.js +++ b/client/src/app-components/ticket-viewer.js @@ -73,10 +73,13 @@ class TicketViewer extends React.Component {
#{ticket.ticketNumber} - {ticket.title} + { false ? {ticket.title} : this.editTitle()} + + +
{this.props.editable ? this.renderEditableHeaders() : this.renderHeaders()}
@@ -104,6 +107,16 @@ class TicketViewer extends React.Component { ); } + editTitle(){ + return( + +
+ + +
+ ) + } + renderEditableHeaders() { const ticket = this.props.ticket; const departments = this.getDepartmentsForTransfer(); diff --git a/server/controllers/ticket.php b/server/controllers/ticket.php index e60c253e..bc046c51 100755 --- a/server/controllers/ticket.php +++ b/server/controllers/ticket.php @@ -4,6 +4,7 @@ $ticketControllers->setGroupPath('/ticket'); $ticketControllers->addController(new CreateController); $ticketControllers->addController(new EditCommentController); +$ticketControllers->addController(new EditTitleController); $ticketControllers->addController(new CommentController); $ticketControllers->addController(new TicketGetController); $ticketControllers->addController(new CheckTicketController); diff --git a/server/controllers/ticket/edit-comment.php b/server/controllers/ticket/edit-comment.php index c924694b..faa76539 100644 --- a/server/controllers/ticket/edit-comment.php +++ b/server/controllers/ticket/edit-comment.php @@ -36,6 +36,10 @@ class EditCommentController extends Controller { 'content' => [ 'validation' => DataValidator::length(10, 5000), 'error' => ERRORS::INVALID_CONTENT + ], + 'ticketNumber' => [ + 'validation' => DataValidator::validTicketNumber(), + 'error' => ERRORS::INVALID_TICKET ] ] ]; diff --git a/server/controllers/ticket/edit-title.php b/server/controllers/ticket/edit-title.php new file mode 100644 index 00000000..84450141 --- /dev/null +++ b/server/controllers/ticket/edit-title.php @@ -0,0 +1,65 @@ + 'user', + 'requestData' => [ + 'title' => [ + 'validation' => DataValidator::length(1, 200), + 'error' => ERRORS::INVALID_TITLE + ], + 'ticketNumber' => [ + 'validation' => DataValidator::validTicketNumber(), + 'error' => ERRORS::INVALID_TICKET + ] + ] + ]; + } + + public function handler() { + $user = Controller::getLoggedUser(); + $newtitle = Controller::request('title'); + $ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber')); + + if(!$user->canManageTicket($ticket)) { + throw new RequestException(ERRORS::NO_PERMISSION); + } + + $ticket->title = $newtitle; + $ticket->editedTitle = true; + $ticket->store(); + + $ticketNumber = $ticket->ticketNumber; + Log::createLog('EDIT_TITLE', $ticketNumber); + + Response::respondSuccess(); + } +} diff --git a/server/models/Ticket.php b/server/models/Ticket.php index 5ad71589..c820c270 100755 --- a/server/models/Ticket.php +++ b/server/models/Ticket.php @@ -51,7 +51,8 @@ class Ticket extends DataStore { 'authorEmail', 'authorName', 'sharedTagList', - 'editedContent' + 'editedContent', + 'editedTitle' ); } diff --git a/tests/init.rb b/tests/init.rb index e86faea2..8c6cb9f4 100644 --- a/tests/init.rb +++ b/tests/init.rb @@ -70,6 +70,7 @@ require './ticket/delete-tag.rb' require './ticket/add-tag.rb' require './ticket/delete-tag.rb' require './ticket/edit-comment.rb' +require './ticket/edit-title.rb' require './system/disable-user-system.rb' require './ticket/search.rb' # require './system/get-stats.rb' diff --git a/tests/ticket/edit-title.rb b/tests/ticket/edit-title.rb new file mode 100644 index 00000000..095be590 --- /dev/null +++ b/tests/ticket/edit-title.rb @@ -0,0 +1,62 @@ +describe '/ticket/edit-title' do + + request('/user/logout') + Scripts.login(); + Scripts.createTicket('Valar Morghulis','content of the ticket made by an user') + ticket = $database.getRow('ticket', 'Valar Morghulis', 'title') + ticketNumber = ticket['ticket_number'] + + it 'should change title of the ticket if the author user tries it' do + result = request('/ticket/edit-title', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + title: 'Valar dohaeris', + ticketNumber: ticket['ticket_number'] + }) + + ticket = $database.getRow('ticket', ticketNumber, 'ticket_number') + + (result['status']).should.equal('success') + (ticket['title']).should.equal('Valar dohaeris') + (ticket['edited_title']).should.equal('1') + end + + it 'should change the title of the ticket if staff is logged' do + request('/user/logout') + Scripts.login($staff[:email], $staff[:password], true) + + result = request('/ticket/edit-title', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + title: 'Valar dohaeris by Staff', + ticketNumber: ticket['ticket_number'] + }) + + ticket = $database.getRow('ticket', ticketNumber, 'ticket_number') + + (result['status']).should.equal('success') + (ticket['title']).should.equal('Valar dohaeris by Staff') + (ticket['edited_title']).should.equal('1') + + end + + it 'should not change the title if the user is not the author' do + request('/user/logout') + Scripts.login($staff[:email], $staff[:password], true) + Scripts.createTicket('Winterfell') + ticket = $database.getRow('ticket', 'Winterfell', 'title') + + request('/user/logout') + Scripts.login() + + result = request('/ticket/edit-title', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + title: 'Casterly Rock', + ticketEventId: ticket['ticket_number'] + }) + (result['status']).should.equal('fail') + (result['message']).should.equal('NO_PERMISSION') + end + +end From eb9a9703532dc9000312acdbf59973d544176a4c Mon Sep 17 00:00:00 2001 From: Guillermo Date: Tue, 7 Jan 2020 17:11:52 -0300 Subject: [PATCH 2/8] Edit ticket title feature --- client/src/app-components/activity-row.js | 4 + client/src/app-components/ticket-viewer.js | 74 +++- client/src/app-components/ticket-viewer.scss | 36 ++ client/src/data/languages/en.js | 436 ------------------- server/controllers/ticket/edit-comment.php | 2 +- server/models/Ticket.php | 3 +- tests/system/disable-user-system.rb | 6 +- tests/ticket/edit-comment.rb | 2 +- tests/ticket/edit-title.rb | 16 +- 9 files changed, 117 insertions(+), 462 deletions(-) delete mode 100644 client/src/data/languages/en.js diff --git a/client/src/app-components/activity-row.js b/client/src/app-components/activity-row.js index 1b3da113..ef029498 100644 --- a/client/src/app-components/activity-row.js +++ b/client/src/app-components/activity-row.js @@ -19,6 +19,7 @@ class ActivityRow extends React.Component { 'RE_OPEN', 'DEPARTMENT_CHANGED', 'PRIORITY_CHANGED', + 'EDIT_TITLE', 'EDIT_COMMENT', 'EDIT_SETTINGS', @@ -60,6 +61,8 @@ class ActivityRow extends React.Component { 'DEPARTMENT_CHANGED', 'PRIORITY_CHANGED', 'COMMENT_EDITED', + 'EDIT_TITLE', + 'EDIT_COMMENT', ]; return ( @@ -113,6 +116,7 @@ class ActivityRow extends React.Component { 'RE_OPEN': 'unlock-alt', 'DEPARTMENT_CHANGED': 'exchange', 'PRIORITY_CHANGED': 'exclamation', + 'EDIT_TITLE': 'edit', 'EDIT_COMMENT': 'edit', 'EDIT_SETTINGS': 'wrench', diff --git a/client/src/app-components/ticket-viewer.js b/client/src/app-components/ticket-viewer.js index dac48eda..162725d8 100644 --- a/client/src/app-components/ticket-viewer.js +++ b/client/src/app-components/ticket-viewer.js @@ -23,6 +23,7 @@ import InfoTooltip from 'core-components/info-tooltip'; import DepartmentDropdown from 'app-components/department-dropdown'; import TagSelector from 'core-components/tag-selector'; import Tag from 'core-components/tag'; +import Input from 'core-components/input'; class TicketViewer extends React.Component { static propTypes = { @@ -58,7 +59,10 @@ class TicketViewer extends React.Component { commentEdited: false, commentPrivate: false, edit: false, - editId: 0 + editTitle: false, + editId: 0, + newTitle: this.props.ticket.title, + editTitleError: false }; componentDidMount() { @@ -71,16 +75,7 @@ class TicketViewer extends React.Component { const ticket = this.props.ticket; return (
-
- #{ticket.ticketNumber} - { false ? {ticket.title} : this.editTitle()} - - - - - - -
+ {this.state.editTitle ? this.renderEditableTitle() : this.renderTitleHeader()} {this.props.editable ? this.renderEditableHeaders() : this.renderHeaders()}
); } - - editTitle(){ + renderTitleHeader() { return( - -
- - -
+
+ #{this.props.ticket.ticketNumber} + {this.props.ticket.title} + + + + {((this.props.ticket.author.id == this.props.userId && this.props.ticket.author.staff == this.props.userStaff) || this.props.userStaff) ? this.renderEditTitleOption() : null} + {this.props.ticket.editedTitle ? this.renderEditedTitleText() : null } +
+ ) + } + renderEditedTitleText(){ + return( +
{i18n('TITLE_EDITED')}
+ ) + } + renderEditTitleOption() { + return( + + {this.setState({editTitle: true})}} /> + + ) + } + + renderEditableTitle(){ + return( +
+
+ {this.setState({newTitle: e.target.value })}} /> +
+ +
) } @@ -404,6 +427,20 @@ class TicketViewer extends React.Component { AreYouSure.openModal(null, this.deleteTicket.bind(this)); } + changeTitle(){ + API.call({ + path: '/ticket/edit-title', + data: { + ticketNumber: this.props.ticket.ticketNumber, + title: this.state.newTitle + } + }).then(() => { + this.setState({editTitle: false,editTitleError: false}) ;this.onTicketModification(); + }).catch((result) => { + this.setState({editTitleError: i18n(result.message)} ) + }); + } + reopenTicket() { API.call({ path: '/ticket/re-open', @@ -617,7 +654,6 @@ class TicketViewer extends React.Component { } export default connect((store) => { - return { userId: store.session.userId, userStaff: store.session.staff, diff --git a/client/src/app-components/ticket-viewer.scss b/client/src/app-components/ticket-viewer.scss index 17de6a8c..87b2f6fe 100644 --- a/client/src/app-components/ticket-viewer.scss +++ b/client/src/app-components/ticket-viewer.scss @@ -9,6 +9,42 @@ color: white; font-size: 16px; padding: 6px 0; + display: flex; + align-items:center; + justify-content:center; + position: relative; + &:hover { + .ticket-viewer__edit-title-icon { + color: $grey; + } + } + } + + &__edited-title-text { + font-style: italic; + font-size: 14px; + margin-left: 10px; + } + + &__edit-title-icon { + position: absolute; + color: #414A59; + right: 12px; + &:hover { + cursor:pointer; + } + } + + &___input-edit-title { + color: black; + align-items:center; + justify-content: center; + margin-bottom: 6px; + margin-right: 6px; + + .input__text { + height: 25px; + } } &__number { diff --git a/client/src/data/languages/en.js b/client/src/data/languages/en.js deleted file mode 100644 index 7816e9c3..00000000 --- a/client/src/data/languages/en.js +++ /dev/null @@ -1,436 +0,0 @@ -export default { - 'WELCOME': 'Welcome', - 'TICKETS': 'Tickets', - 'ARTICLES': 'Articles', - 'ACCOUNT': 'Account', - 'SUBMIT': 'Submit', - 'EMAIL': 'Email', - 'PASSWORD': 'Password', - 'REPEAT_PASSWORD': 'Repeat password', - 'LOG_IN': 'Log in', - 'SIGN_UP': 'Sign up', - 'FORGOT_PASSWORD': 'Forgot your password?', - 'RECOVER_PASSWORD': 'Recover Password', - 'SET_UP_PASSWORD': 'Set up your password', - 'RECOVER_SENT': 'An email with recover instructions has been sent.', - 'NEW_EMAIL': 'New email', - 'FULL_NAME': 'Full name', - 'OLD_PASSWORD': 'Old password', - 'NEW_PASSWORD': 'New password', - 'REPEAT_NEW_PASSWORD': 'Repeat new password', - 'BACK_LOGIN_FORM': 'Back to login form', - 'VIEW_ARTICLES': 'View Articles', - 'EDIT_PROFILE': 'Edit Profile', - 'CLOSE_SESSION': 'Close session', - 'CREATE_TICKET': 'Create Ticket', - 'TICKET_LIST': 'Ticket List', - 'SUPPORT_CENTER': 'Support Center', - 'DEPARTMENT': 'Department', - 'AUTHOR': 'Author', - 'DATE': 'Date', - 'RESPOND': 'Respond', - 'RESPOND_TICKET': 'Respond Ticket', - 'CLOSE_TICKET': 'Close ticket', - 'DELETE_TICKET': 'Delete ticket', - 'NO_ATTACHMENT': 'No file attachment', - 'STAFF': 'Staff', - 'CUSTOMER': 'Customer', - 'YES': 'Yes', - 'NO': 'No', - 'CANCEL': 'Cancel', - 'MY_ACCOUNT': 'My Account', - 'DASHBOARD': 'Dashboard', - 'USERS': 'Users', - 'SETTINGS': 'Settings', - 'STATISTICS': 'Statistics', - 'LAST_ACTIVITY': 'Last Activity', - 'MY_TICKETS': 'My Tickets', - 'NEW_TICKETS': 'New Tickets', - 'ALL_TICKETS': 'All Tickets', - 'CUSTOM_RESPONSES': 'Custom Responses', - 'CUSTOM_TAGS': 'Custom Tags', - 'LIST_USERS': 'List Users', - 'BAN_USERS': 'Ban Users', - 'LIST_ARTICLES': 'Article List', - 'STAFF_MEMBERS': 'Staff Members', - 'DEPARTMENTS': 'Departments', - 'SYSTEM_PREFERENCES': 'System Preferences', - 'ADVANCED_SETTINGS': 'Advanced Settings', - 'EMAIL_TEMPLATES': 'Email Templates', - 'FILTERS_CUSTOM_FIELDS': 'Filters and Custom Fields', - 'PRIORITY': 'Priority', - 'NUMBER': 'Number', - 'HIGH': 'High', - 'MEDIUM': 'Medium', - 'LOW': 'Low', - 'TITLE': 'Title', - 'CONTENT': 'Content', - 'SAVE': 'Save', - 'DISCARD_CHANGES': 'Discard changes', - 'DELETE': 'Delete', - 'LANGUAGE': 'Language', - 'OWNER': 'Owner', - 'OWNED': 'Owned', - 'STATUS': 'Status', - 'NONE': 'None', - 'OPENED': 'Opened', - 'CLOSED': 'Closed', - 'CLOSE': 'Close', - 'RE_OPEN': 'Re open', - 'ASSIGN_TO_ME': 'Assign to me', - 'UN_ASSIGN': 'Unassign', - 'VIEW_TICKET': 'View Ticket', - 'VIEW_TICKET_DESCRIPTION': 'Check the status of your ticket using your ticket number and email.', - 'SELECT_CUSTOM_RESPONSE': 'Select a custom response...', - 'WARNING': 'Warning', - 'INFO': 'Information', - 'ALL_DEPARTMENTS': 'All Departments', - 'EMAIL_BANNED': 'Email banned', - 'UN_BAN': 'Disable ban', - 'BAN_NEW_EMAIL': 'Ban new email', - 'BAN_EMAIL': 'Ban email', - 'EDIT_EMAIL': 'Edit email', - 'EDIT_PASSWORD': 'Edit password', - 'CHANGE_EMAIL': 'Change email', - 'CHANGE_PASSWORD': 'Change password', - 'NAME': 'Name', - 'SEARCH': 'Search', - 'SIGNUP_DATE': 'Sign up date', - 'SEARCH_USERS': 'Search users...', - 'SEARCH_EMAIL': 'Search email...', - 'USER_VIEW_TITLE': 'User #{userId}', - 'EDIT_TOPIC': 'Edit Topic', - 'ADD_TOPIC': 'Add Topic', - 'ICON': 'Icon', - 'COLOR': 'Color', - 'ADD_NEW_ARTICLE': 'Add new article', - 'ADD_ARTICLE': 'Add article', - 'LAST_EDITED_IN': 'Last edited in {date}', - 'EDIT': 'Edit', - 'ADD_CUSTOM_TAG': 'Add custom tag', - 'EDIT_CUSTOM_TAG': 'Edit custom tag', - 'NO_RESULTS': 'No results', - 'DELETE_AND_BAN': 'Delete and ban', - 'STAFF_LEVEL': 'Staff Level', - 'ASSIGNED': 'Assigned', - 'ASSIGNED_TICKETS': '{tickets} assigned tickets', - 'CLOSED_TICKETS': '{tickets} closed tickets', - 'LAST_LOGIN': 'Last login', - 'ADD_NEW_STAFF': 'Add new staff', - 'ADD_STAFF': 'Add staff', - 'LEVEL': 'Level', - 'LEVEL_1': 'Level 1 (Tickets)', - 'LEVEL_2': 'Level 2 (Tickets + Articles)', - 'LEVEL_3': 'Level 3 (Tickets + Articles + Staff)', - 'LEVEL_1_DESCRIPTION': 'can only respond tickets and manage users.', - 'LEVEL_2_DESCRIPTION': 'can do every Level 1 does, can create or edit articles and it can create custom responses.', - 'LEVEL_3_DESCRIPTION': 'can do every Level 2 does, can create or edit staff members and can manage the whole system.', - 'UPDATE_EMAIL': 'Update email', - 'UPDATE_PASSWORD': 'Update password', - 'UPDATE_LEVEL': 'Update level', - 'UPDATE_DEPARTMENTS': 'Update departments', - 'EDIT_STAFF': 'Edit staff member', - 'ADD_DEPARTMENT': 'Add department', - 'UPDATE_DEPARTMENT': 'Update department', - 'TRANSFER_TICKETS_TO': 'Transfer tickets to', - 'COMMENTS': 'Comments', - 'DELETE_STAFF_MEMBER': 'Delete staff member', - 'MAINTENANCE_MODE': 'Maintenance mode', - 'MAINTENANCE_MODE_INFO': 'It will temporary disable the system for regular users.', - 'RECOVER_DEFAULT': 'Recover default', - 'SUPPORT_CENTER_URL': 'Support Center URL', - 'SUPPORT_CENTER_TITLE': 'Support Center Title', - 'SUPPORT_CENTER_LAYOUT': 'Support Center Layout', - 'DEFAULT_TIMEZONE': 'Default Timezone (GMT)', - 'NOREPLY_EMAIL': 'Noreply Email', - 'SMTP_USER': 'SMTP User', - 'SMTP_SERVER': 'SMTP Server', - 'SMTP_PASSWORD': 'SMTP Password', - 'IMAP_USER': 'IMAP User', - 'IMAP_SERVER': 'IMAP Server', - 'IMAP_PASSWORD': 'IMAP Password', - 'IMAP_TOKEN': 'IMAP Token', - 'IMAP_TOKEN_DESCRIPTION': 'Use this token to authenticate the polling request.', - 'PORT': 'Port', - 'RECAPTCHA_PUBLIC_KEY': 'Recaptcha Public Key', - 'RECAPTCHA_PRIVATE_KEY': 'Recaptcha Private Key', - 'ALLOW_FILE_ATTACHMENTS': 'Allow file attachments', - 'MAX_SIZE_MB': 'Max Size (MB)', - 'UPDATE_SETTINGS': 'Update settings', - 'DEFAULT_LANGUAGE': 'Default Language', - 'SUPPORTED_LANGUAGES': 'Supported Languages', - 'SUPPORTED_LANGUAGES_INFO': 'Supported languages are the languages that tickets can be written in.', - 'ALLOWED_LANGUAGES': 'Allowed Languages', - 'ALLOWED_LANGUAGES_INFO': 'Allowed languages are the languages that can be used by an user.', - 'SETTINGS_UPDATED': 'Settings have been updated', - 'ON': 'On', - 'OFF': 'Off', - 'BOXED': 'Boxed', - 'FULL_WIDTH': 'Full width', - 'LOAD_MORE': 'Load More', - 'MY_NOTIFICATIONS': 'My notifications', - 'ALL_NOTIFICATIONS': 'All notifications', - 'VERIFY_SUCCESS': 'User verified', - 'VERIFY_FAILED': 'Could not verify', - 'ENABLE_USER_SYSTEM': 'Use user system for customers', - 'ENABLE_USER_REGISTRATION': 'Enable user registration', - 'INCLUDE_USERS_VIA_CSV': 'Include users via CSV file', - 'BACKUP_DATABASE': 'Backup database', - 'DELETE_ALL_USERS': 'Delete all users', - 'PLEASE_CONFIRM_PASSWORD': 'Please confirm your password to make these changes', - 'REGISTRATION_API_KEYS': 'Registration API keys', - 'NAME_OF_KEY': 'Name of key', - 'KEY': 'Key', - 'ADD_API_KEY': 'Add API Key', - 'NO_KEY_SELECTED': 'No Key selected', - 'CHECK_TICKET': 'Check Ticket', - 'ACTIVITY': 'Activity', - 'HOME': 'Home', - 'TICKET_NUMBER': 'Ticket number', - 'NEXT': 'Next', - 'SUBJECT': 'Subject', - 'SEND_EMAIL_ON_NEW_TICKET': 'Send email on new ticket', - 'STAFF_UPDATED': 'Staff member has been updated', - 'UPDATE': 'Update', - 'NEVER': 'Never', - 'HIMSELF': 'himself', - 'ADD_USER': 'Add user', - 'INVITE_USER': 'Invite user', - 'INVITE_STAFF': 'Invite staff', - 'UPLOAD_FILE': 'Upload file', - 'PRIVATE': 'Private', - 'ENABLE_USER': 'Enable User', - 'DISABLE_USER': 'Disable User', - 'SHOW_CLOSED_TICKETS': 'Show Closed Tickets', - 'IMAGE_HEADER_URL': 'Image header URL', - 'IMAGE_HEADER_DESCRIPTION': 'Image that will be used as header of the email', - 'EMAIL_SETTINGS': 'Email Settings', - 'ADDITIONAL_FIELDS': 'Additonal Fields', - 'NEW_CUSTOM_FIELD': 'New Custom field', - 'TYPE': 'Type', - 'SELECT_INPUT': 'Select input', - 'TEXT_INPUT': 'Text input', - 'OPTION': 'Option {index}', - 'OPTIONS': 'Options', - 'FIELD_DESCRIPTION': 'Field description (Optional)', - 'DESCRIPTION_ADD_CUSTOM_TAG': 'here you can add a new custom tag', - 'DESCRIPTION_EDIT_CUSTOM_TAG': 'here you can edit a custom tag', - 'CUSTOM_FIELDS': 'Custom fields', - - 'CHART_CREATE_TICKET': 'Tickets created', - 'CHART_CLOSE': 'Tickets closed', - 'CHART_SIGNUP': 'Signups', - 'CHART_COMMENT': 'Replies', - 'CHART_ASSIGN': 'Assigned', - - //ACTIVITIES - 'ACTIVITY_COMMENT': 'commented ticket', - 'ACTIVITY_ASSIGN': 'assigned ticket', - 'ACTIVITY_UN_ASSIGN': 'unassigned ticket', - 'ACTIVITY_CLOSE': 'closed ticket', - 'ACTIVITY_CREATE_TICKET': 'created ticket', - 'ACTIVITY_RE_OPEN': 'reopened ticket', - 'ACTIVITY_DEPARTMENT_CHANGED': 'changed department of ticket', - 'ACTIVITY_PRIORITY_CHANGED': 'changed priority of ticket', - 'ACTIVITY_EDIT_COMMENT': 'edited a comment of ticket', - - 'ACTIVITY_EDIT_SETTINGS': 'edited settings', - 'ACTIVITY_SIGNUP': 'signed up', - 'ACTIVITY_INVITE': 'invited user', - 'ACTIVITY_ADD_TOPIC': 'added topic', - 'ACTIVITY_ADD_ARTICLE': 'added article', - 'ACTIVITY_DELETE_TOPIC': 'deleted topic', - 'ACTIVITY_DELETE_ARTICLE': 'deleted article', - 'ACTIVITY_EDIT_ARTICLE': 'edited article', - 'ACTIVITY_ADD_STAFF': 'added staff', - 'ACTIVITY_ADD_DEPARTMENT': 'added department', - 'ACTIVITY_DELETE_DEPARTMENT': 'deleted department', - 'ACTIVITY_EDIT_DEPARTMENT': 'edited department', - 'ACTIVITY_ADD_CUSTOM_RESPONSE': 'added custom response', - 'ACTIVITY_DELETE_CUSTOM_RESPONSE': 'deleted custom response', - 'ACTIVITY_EDIT_CUSTOM_RESPONSE': 'edited custom response', - 'ACTIVITY_BAN_USER': 'banned user', - 'ACTIVITY_DELETE_USER': 'deleted user', - 'ACTIVITY_UN_BAN_USER': 'unbanned user', - - 'SERVER_REQUIREMENTS': 'Server requirements', - 'DATABASE_CONFIGURATION': 'Database configuration', - 'ADMIN_SETUP': 'Admin setup', - 'COMPLETED': 'Completed', - 'INSTALL_HEADER_TITLE': 'OpenSupports Installation Wizard', - 'INSTALL_HEADER_DESCRIPTION': 'This wizard will help you to configure and install OpenSupports on your website', - 'SELECT_LANGUAGE': 'Select language', - 'REQUIREMENT': 'Requirement', - 'VALUE': 'Value', - 'REFRESH': 'Refresh', - 'USER_SYSTEM': 'User System', - 'PREVIOUS': 'Previous', - 'DATABASE_HOST': 'MySQL server', - 'DATABASE_PORT': 'MySQL server port', - 'DATABASE_NAME': 'MySQL database name', - 'DATABASE_USER': 'MySQL user', - 'DATABASE_PASSWORD': 'MySQL password', - 'ADMIN_NAME': 'Admin account name', - 'ADMIN_EMAIL': 'Admin account email', - 'ADMIN_PASSWORD': 'Admin account password', - 'ADMIN_PASSWORD_DESCRIPTION': 'Please remember this password. It is needed for accessing the admin panel. You can change it later.', - 'INSTALLATION_COMPLETED': 'Installation completed.', - 'INSTALLATION_COMPLETED_DESCRIPTION': 'The installation of OpenSupports is completed. Redirecting to admin panel...', - - 'STEP_TITLE': 'Step {current} of {total} - {title}', - 'STEP_1_DESCRIPTION': 'Select your preferred language for the installation wizard.', - 'STEP_2_DESCRIPTION': 'Here are listed the requirements for running OpenSupports. Please make sure that all requirements are satisfied.', - 'STEP_3_DESCRIPTION': 'Please fill the MySQL database configuration.', - 'STEP_4_DESCRIPTION': 'Please select your user system preferences.', - 'STEP_5_DESCRIPTION': 'Please fill your general system preferences.', - 'STEP_6_DESCRIPTION': 'Please configure the administrator account.', - 'STEP_7_DESCRIPTION': 'Installation is completed.', - - //VIEW DESCRIPTIONS - 'CREATE_TICKET_DESCRIPTION': 'This is a form for creating tickets. Fill the form and send us your issues/doubts/suggestions. Our support system will answer it as soon as possible.', - 'TICKET_LIST_DESCRIPTION': 'Here you can find a list of all tickets you have sent to our support team.', - 'TICKETS_DESCRIPTION': 'Send ticket through our support center and get response of your doubts, suggestions and issues.', - 'ARTICLES_DESCRIPTION': 'Take a look to our articles about common issues, guides and documentation.', - 'ACCOUNT_DESCRIPTION': 'All your tickets are stored in your account\'s profile. Keep track of all your tickets you send to our staff team.', - 'SUPPORT_CENTER_DESCRIPTION': 'Welcome to our support center. You can contact us through a tickets system. Your tickets will be answered by our staff.', - 'CUSTOM_RESPONSES_DESCRIPTION': 'Custom responses are automated responses for common problems', - 'CUSTOM_TAGS_DESCRIPTION': 'Here you can view manage the custom tags for tickets to identify them better', - 'MY_TICKETS_DESCRIPTION': 'Here you can view the tickets you are responsible for.', - 'NEW_TICKETS_DESCRIPTION': 'Here you can view all the new tickets that are not assigned by anyone.', - 'ALL_TICKETS_DESCRIPTION': 'Here you can view the tickets of the departments you are assigned.', - 'SEARCH_TICKETS_DESCRIPTION': 'Here you can search tickets by specific filters', - 'TICKET_VIEW_DESCRIPTION': 'This ticket has been sent by a customer. Here you can respond or assign the ticket', - 'BAN_USERS_DESCRIPTION': 'Here you can see a list of banned emails, you can un-ban them or add more emails to the list.', - 'LIST_USERS_DESCRIPTION': 'This is the list of users that are registered in this platform. You can search for someone in particular, delete it or ban it.', - 'USER_VIEW_DESCRIPTION': 'Here you can find all the information about an user and all the tickets sent by the user. You can also delete or ban it.', - 'DELETE_USER_DESCRIPTION': 'The user will not be able to log in aging and all its tickets will be erased. Also, the email can not be used any more.', - 'DELETE_TOPIC_DESCRIPTION': 'By deleting the topic, all articles on it will be erased.', - 'EDIT_TOPIC_DESCRIPTION': 'Here you can change the name, the icon and the icon color of the topic.', - 'ADD_ARTICLE_DESCRIPTION': 'Here you can add an article that will be available for every user. It will be added inside the category {category}.', - 'LIST_ARTICLES_DESCRIPTION': 'This is a list of articles that includes information about our services.', - 'ADD_TOPIC_DESCRIPTION': 'Here you can add a topic that works as a category for articles.', - 'DELETE_ARTICLE_DESCRIPTION': 'You\'re going to delete this article forever.', - 'STAFF_MEMBERS_DESCRIPTION': 'Here you can see who are your staff members.', - 'ADD_STAFF_DESCRIPTION': 'Here you can add staff members to your teams.', - 'EDIT_STAFF_DESCRIPTION': 'Here you can edit information about a staff member.', - 'MY_ACCOUNT_DESCRIPTION': 'Here you can edit information about you.', - 'DEPARTMENTS_DESCRIPTION': 'A department is a group where the tickets can go. They are used to categorize the tickets. You can assign them to other staff members.', - 'MAINTENANCE_MODE_DESCRIPTION': 'The support system is in maintenance mode, thus unavailable at the moment. We will come back as soon as possible.', - 'EMAIL_TEMPLATES_DESCRIPTION': 'Here you can edit the templates of the emails that will be sent to users. Remember that the double brackets curly braces indicate a variable value. For example, \'name\' represents the user\'s name.', - 'SYSTEM_PREFERENCES_DESCRIPTION': 'Here you can edit the preferences of the system.', - 'VERIFY_SUCCESS_DESCRIPTION': 'You user has been verified correctly. You can log in now.', - 'VERIFY_FAILED_DESCRIPTION': 'The verification could not be done.', - 'STATISTICS_DESCRIPTION': 'Here you can view statistics related to tickets and signups.', - 'ADVANCED_SETTINGS_DESCRIPTION': 'Here you can change the advanced settings of your system. Please be careful, the changes you make can not be reversed.', - 'USER_SYSTEM_DISABLED': 'User system has been disabled', - 'USER_SYSTEM_ENABLED': 'User system has been enabled', - 'REGISTRATION_DISABLED': 'Registration has been disabled', - 'REGISTRATION_ENABLED': 'Registration has been enabled', - 'ADD_API_KEY_DESCRIPTION': 'Insert the name and a registration api key will be generated.', - 'SIGN_UP_VIEW_DESCRIPTION': 'Here you can create an account for our support center. It is required to send tickets and see documentation.', - 'EDIT_PROFILE_VIEW_DESCRIPTION': 'Here you can edit your user by changing your email or your password.', - 'ENABLE_USER_SYSTEM_DESCRIPTION': 'Enable/disable the use of an user system. If you disable it, all users will be deleted but the tickets will be kept. If you enable it, the users of existent tickets will be created.', - 'CSV_DESCRIPTION': 'The CSV file must have 3 columns: email, password, name. There is no limit in row count. It will be created one user per row in the file.', - 'SMTP_SERVER_DESCRIPTION': 'The configuration of the SMTP server allows the application to send mails. If you do not configure it, no emails will be sent by OpenSupports.', - 'IMAP_SERVER_DESCRIPTION': 'The configuration of the IMAP server allows the application to create tickets from the emails sent to a mailbox.', - 'ENABLE_USER_DESCRIPTION': 'This action allows the user to sign in and create tickets.', - 'DISABLE_USER_DESCRIPTION': 'User will be disabled and will not be able to sign in and create tickets.', - 'PRIVATE_RESPONSE_DESCRIPTION': 'This response will only be seen by staff members', - 'PRIVATE_TOPIC_DESCRIPTION': 'This topic will only be seen by staff members', - 'PRIVATE_DEPARTMENT_DESCRIPTION': 'This department will only be seen by staff members', - 'EMAIL_SETTINGS_DESCRIPTION': 'Here you can edit the settings for receiving and sending email to your customers.', - 'IMAP_POLLING_DESCRIPTION': 'Inbox checking will not be done automatically by OpenSupports. You have to make POST requests periodically to this url to process the emails: {url}', - 'NEW_CUSTOM_FIELD_DESCRIPTION': 'Here you can create a custom field for an user, it can be a blank text box or a fixed set of options.', - 'CUSTOM_FIELDS_DESCRIPTION': 'Custom fields are defined additional fields the users are able to fill to provide more information about them.', - 'INVITE_USER_VIEW_DESCRIPTION': 'Here you can invite an user to join our support system, he will just need to provide his password to create a new user.', - 'INVITE_STAFF_DESCRIPTION': 'Here you can invite staff members to your teams.', - - //ERRORS - 'EMAIL_OR_PASSWORD': 'Email or password invalid', - 'EMAIL_NOT_EXIST': 'Email does not exist', - 'ERROR_EMPTY': 'Invalid value', - 'ERROR_PASSWORD': 'Invalid password', - 'ERROR_NAME': 'Invalid name', - 'ERROR_TITLE': 'Invalid title', - 'ERROR_EMAIL': 'Invalid email', - 'ERROR_CONTENT_SHORT': 'Content too short', - 'PASSWORD_NOT_MATCH': 'Password does not match', - 'INVALID_RECOVER': 'Invalid recover data', - 'TICKET_SENT_ERROR': 'An error occurred while trying to create the ticket.', - 'TICKET_COMMENT_ERROR': 'An error occurred while trying to add the comment.', - 'NO_PERMISSION': 'You\'ve no permission to access to this page.', - 'INVALID_USER': 'User id is invalid', - 'ERROR_RETRIEVING_TICKETS': 'An error occurred while trying to retrieve tickets.', - 'ERROR_RETRIEVING_USERS': 'An error occurred while trying to retrieve users.', - 'ERROR_RETRIEVING_BAN_LIST': 'An error occurred while trying to retrieve the list of banned emails.', - 'ERROR_BANNING_EMAIL': 'An error occurred while trying to ban the email.', - 'ERROR_RETRIEVING_ARTICLES': 'An error occurred while trying to retrieve articles.', - 'ERROR_LIST': 'Select at least one', - 'ERROR_URL': 'Invalid URL', - 'UNVERIFIED_EMAIL': 'Email is not verified yet', - 'ERROR_UPDATING_SETTINGS': 'An error occurred while trying to update settings', - 'INVALID_EMAIL_OR_TICKET_NUMBER': 'Invalid email or ticket number', - 'INVALID_FILE': 'Invalid file', - 'ERRORS_FOUND': 'Errors found', - 'ERROR_IMAGE_SIZE': 'No image can have a size greater than {size} MB', - 'USER_DISABLED': 'This account is disabled.', - 'INVALID_SYNTAX': 'Invalid syntax.', - 'DEPARTMENT_PRIVATE_TICKETS': 'This department has tickets created by non-staff and it can not be private', - 'CURRENTLY_UNAVAILABLE': 'Currently unavailable', - - //MESSAGES - 'SIGNUP_SUCCESS': 'You have registered successfully in our support system.', - 'INVITE_USER_SUCCESS': 'You have invited a new user successfully in our support system', - 'TICKET_SENT': 'Ticket has been created successfully.', - 'VALID_RECOVER': 'Password recovered successfully', - 'EMAIL_EXISTS': 'Email already exists', - 'ARE_YOU_SURE': 'Confirm action', - 'EMAIL_WILL_CHANGE': 'The current email will be changed', - 'PASSWORD_WILL_CHANGE': 'The current password will be changed', - 'EMAIL_CHANGED': 'Email has been changed successfully', - 'PASSWORD_CHANGED': 'Password has been changed successfully', - 'OLD_PASSWORD_INCORRECT': 'Old password is incorrect', - 'WILL_LOSE_CHANGES': 'You haven\'t save. Your changes will be lost.', - 'WILL_DELETE_CUSTOM_RESPONSE': 'The custom response will be deleted.', - 'WILL_DELETE_DEPARTMENT': 'The department will be deleted. All the tickets will be transfer to the department selected.', - 'NO_STAFF_ASSIGNED': 'No staff member is assigned to this department.', - 'NO_DEPARTMENT_ASSIGNED': 'No ticket department is assigned you.', - 'LEVEL_UPDATED': 'Level has been updated successfully.', - 'DEPARTMENTS_UPDATED': 'Departments have been updated successfully.', - 'FAILED_EDIT_STAFF': 'An error occurred while trying to edit staff member.', - 'EMAIL_BANNED_SUCCESSFULLY': 'Email has been banned successfully', - 'WILL_DELETE_STAFF': 'This staff member will be deleted and all its tickets will be unassigned.', - 'WILL_RECOVER_EMAIL_TEMPLATE': 'This email template will be recover to it\'s default value on this language.', - 'SUCCESS_IMPORTING_CSV_DESCRIPTION': 'CSV File has been imported successfully', - 'SUCCESS_DELETING_ALL_USERS': 'Users have beend deleted successfully', - 'SUCCESSFUL_CONNECTION': 'Successful connection', - 'UNSUCCESSFUL_CONNECTION': 'Unsuccessful connection', - 'SERVER_CREDENTIALS_WORKING': 'Server credentials are working correctly', - 'DELETE_CUSTOM_FIELD_SURE': 'Some users may be using this field. Are you sure you want to delete it?', - - 'COMMENT_EDITED': '(comment edited)', - 'LAST_7_DAYS': 'Last 7 days', - 'LAST_30_DAYS': 'Last 30 days', - 'LAST_90_DAYS': 'Last 90 days', - 'LAST_365_DAYS': 'Last 365 days', - - 'TEST': 'Test', - 'ACTIVITY_COMMENT_THIS': 'commented this ticket', - 'ACTIVITY_ASSIGN_THIS': 'assigned this ticket to', - 'ACTIVITY_UN_ASSIGN_THIS': 'unassigned this ticket to', - 'ACTIVITY_CLOSE_THIS': 'closed this ticket', - 'ACTIVITY_CREATE_TICKET_THIS': 'created this ticket', - 'ACTIVITY_RE_OPEN_THIS': 'reopened this ticket', - 'ACTIVITY_DEPARTMENT_CHANGED_THIS': 'changed department of this ticket to ', - 'ACTIVITY_PRIORITY_CHANGED_THIS': 'changed priority of this ticket to', - 'DATE_PREFIX': 'on', - 'LEFT_EMPTY_DATABASE': 'Leave empty for automatic database creation', - 'DEFAULT_PORT': 'Leave empty for 3306 as default', - 'REMEMBER_ME': 'Remember me', - 'EMAIL_LOWERCASE': 'email', - 'PASSWORD_LOWERCASE': 'password', - 'TEST_SMTP_CONNECTION': 'Test SMTP connection', - 'SERVER_ERROR': 'Can not connect to server.', - 'EMAIL_SERVER_ADDRESS': 'Email server address', - 'EMAIL_SERVER_ADDRESS_DESCRIPTION': 'Address where mails will be received and sent' -}; diff --git a/server/controllers/ticket/edit-comment.php b/server/controllers/ticket/edit-comment.php index faa76539..84a980ca 100644 --- a/server/controllers/ticket/edit-comment.php +++ b/server/controllers/ticket/edit-comment.php @@ -38,7 +38,7 @@ class EditCommentController extends Controller { 'error' => ERRORS::INVALID_CONTENT ], 'ticketNumber' => [ - 'validation' => DataValidator::validTicketNumber(), + 'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()), 'error' => ERRORS::INVALID_TICKET ] ] diff --git a/server/models/Ticket.php b/server/models/Ticket.php index c820c270..991487fc 100755 --- a/server/models/Ticket.php +++ b/server/models/Ticket.php @@ -133,7 +133,8 @@ class Ticket extends DataStore { 'owner' => $this->ownerToArray(), 'events' => $minimized ? [] : $this->eventsToArray(), 'tags' => $this->sharedTagList->toArray(true), - 'edited' => $this->editedContent + 'edited' => $this->editedContent, + 'editedTitle' => $this->editedTitle ]; } diff --git a/tests/system/disable-user-system.rb b/tests/system/disable-user-system.rb index 9ae8dd15..7f3c63e1 100644 --- a/tests/system/disable-user-system.rb +++ b/tests/system/disable-user-system.rb @@ -19,7 +19,7 @@ describe'system/disable-user-system' do numberOftickets= $database.query("SELECT * FROM ticket WHERE author_id IS NULL AND author_email IS NOT NULL AND author_name IS NOT NULL") - (numberOftickets.num_rows).should.equal(51) + (numberOftickets.num_rows).should.equal(52) request('/user/logout') @@ -122,7 +122,7 @@ describe'system/disable-user-system' do (result['status']).should.equal('success') (result['data'].size).should.equal(10) end - + it 'should be able to get system logs as admin' do result = request('/system/get-logs', { page: 1, @@ -205,7 +205,7 @@ describe'system/disable-user-system' do numberOftickets= $database.query("SELECT * FROM ticket WHERE author_email IS NULL AND author_name IS NULL AND author_id IS NOT NULL" ) - (numberOftickets.num_rows).should.equal(53) + (numberOftickets.num_rows).should.equal(54) end it 'should not enable the user system' do diff --git a/tests/ticket/edit-comment.rb b/tests/ticket/edit-comment.rb index 89b8d662..ae1093b9 100644 --- a/tests/ticket/edit-comment.rb +++ b/tests/ticket/edit-comment.rb @@ -15,7 +15,7 @@ describe '/ticket/edit-comment' do }) ticket = $database.getRow('ticket', 'ticket made by an user', 'title') - + (result['status']).should.equal('success') (ticket['content']).should.equal('content edited by the user') end diff --git a/tests/ticket/edit-title.rb b/tests/ticket/edit-title.rb index 095be590..2f1a3242 100644 --- a/tests/ticket/edit-title.rb +++ b/tests/ticket/edit-title.rb @@ -6,6 +6,20 @@ describe '/ticket/edit-title' do ticket = $database.getRow('ticket', 'Valar Morghulis', 'title') ticketNumber = ticket['ticket_number'] + it 'should fail change title of the ticket if the title is invalid' do + result = request('/ticket/edit-title', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + title: '', + ticketNumber: ticket['ticket_number'] + }) + + ticket = $database.getRow('ticket', ticketNumber, 'ticket_number') + + (result['status']).should.equal('fail') + (result['message']).should.equal('INVALID_TITLE') + end + it 'should change title of the ticket if the author user tries it' do result = request('/ticket/edit-title', { csrf_userid: $csrf_userid, @@ -53,7 +67,7 @@ describe '/ticket/edit-title' do csrf_userid: $csrf_userid, csrf_token: $csrf_token, title: 'Casterly Rock', - ticketEventId: ticket['ticket_number'] + ticketNumber: ticket['ticket_number'] }) (result['status']).should.equal('fail') (result['message']).should.equal('NO_PERMISSION') From 943c910181e05a3bfebef7972149dbff2eba2ec4 Mon Sep 17 00:00:00 2001 From: Guillermo Date: Tue, 7 Jan 2020 18:48:59 -0300 Subject: [PATCH 3/8] add minor changes --- client/src/app-components/ticket-viewer.js | 1 - client/src/data/languages/en.js | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/client/src/app-components/ticket-viewer.js b/client/src/app-components/ticket-viewer.js index 2c4ed3b9..c68771db 100644 --- a/client/src/app-components/ticket-viewer.js +++ b/client/src/app-components/ticket-viewer.js @@ -24,7 +24,6 @@ import InfoTooltip from 'core-components/info-tooltip'; import DepartmentDropdown from 'app-components/department-dropdown'; import TagSelector from 'core-components/tag-selector'; import Tag from 'core-components/tag'; -import Input from 'core-components/input'; class TicketViewer extends React.Component { static propTypes = { diff --git a/client/src/data/languages/en.js b/client/src/data/languages/en.js index dc512fd5..92ca10cf 100644 --- a/client/src/data/languages/en.js +++ b/client/src/data/languages/en.js @@ -91,6 +91,7 @@ export default { 'BAN_EMAIL': 'Ban email', 'EDIT_EMAIL': 'Edit email', 'EDIT_PASSWORD': 'Edit password', + 'EDIT_TITLE': 'Edit title', 'CHANGE_EMAIL': 'Change email', 'CHANGE_PASSWORD': 'Change password', 'NAME': 'Name', @@ -408,6 +409,7 @@ export default { 'SERVER_CREDENTIALS_WORKING': 'Server credentials are working correctly', 'DELETE_CUSTOM_FIELD_SURE': 'Some users may be using this field. Are you sure you want to delete it?', + 'TITLE_EDITED': '(title edited)', 'COMMENT_EDITED': '(comment edited)', 'LAST_7_DAYS': 'Last 7 days', 'LAST_30_DAYS': 'Last 30 days', From 0174233a24a513507814b2cb92d8fd76671cffe4 Mon Sep 17 00:00:00 2001 From: Guillermo Date: Wed, 8 Jan 2020 10:09:35 -0300 Subject: [PATCH 4/8] edit title for system without users --- client/src/data/languages/en.js | 3 +- server/controllers/ticket/edit-comment.php | 47 ++++++++++++++++------ server/controllers/ticket/edit-title.php | 47 ++++++++++++++++------ 3 files changed, 70 insertions(+), 27 deletions(-) diff --git a/client/src/data/languages/en.js b/client/src/data/languages/en.js index 92ca10cf..c1839ae1 100644 --- a/client/src/data/languages/en.js +++ b/client/src/data/languages/en.js @@ -234,7 +234,7 @@ export default { 'ACTIVITY_DEPARTMENT_CHANGED': 'changed department of ticket', 'ACTIVITY_PRIORITY_CHANGED': 'changed priority of ticket', 'ACTIVITY_EDIT_COMMENT': 'edited a comment of ticket', - + 'ACTIVITY_EDIT_TITLE': 'edited title of ticket', 'ACTIVITY_EDIT_SETTINGS': 'edited settings', 'ACTIVITY_SIGNUP': 'signed up', 'ACTIVITY_INVITE': 'invited user', @@ -361,6 +361,7 @@ export default { 'TICKET_COMMENT_ERROR': 'An error occurred while trying to add the comment.', 'NO_PERMISSION': 'You\'ve no permission to access to this page.', 'INVALID_USER': 'User id is invalid', + 'INVALID_TITLE': 'invalid title', 'ERROR_RETRIEVING_TICKETS': 'An error occurred while trying to retrieve tickets.', 'ERROR_RETRIEVING_USERS': 'An error occurred while trying to retrieve users.', 'ERROR_RETRIEVING_BAN_LIST': 'An error occurred while trying to retrieve the list of banned emails.', diff --git a/server/controllers/ticket/edit-comment.php b/server/controllers/ticket/edit-comment.php index 84a980ca..a0ffe1bf 100644 --- a/server/controllers/ticket/edit-comment.php +++ b/server/controllers/ticket/edit-comment.php @@ -20,6 +20,7 @@ DataValidator::with('CustomValidations', true); * * @apiUse NO_PERMISSION * @apiUse INVALID_CONTENT + * @apiUse INVALID_TOKEN * * @apiSuccess {Object} data Empty object * @@ -30,19 +31,39 @@ class EditCommentController extends Controller { const METHOD = 'POST'; public function validations() { - return [ - 'permission' => 'user', - 'requestData' => [ - 'content' => [ - 'validation' => DataValidator::length(10, 5000), - 'error' => ERRORS::INVALID_CONTENT - ], - 'ticketNumber' => [ - 'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()), - 'error' => ERRORS::INVALID_TICKET + if(Controller::isUserSystemEnabled()){ + return [ + 'permission' => 'user', + 'requestData' => [ + 'content' => [ + 'validation' => DataValidator::length(10, 5000), + 'error' => ERRORS::INVALID_CONTENT + ], + 'ticketNumber' => [ + 'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()), + 'error' => ERRORS::INVALID_TICKET + ] ] - ] - ]; + ]; + } else { + return [ + 'permission' => 'any', + 'requestData' => [ + 'content' => [ + 'validation' => DataValidator::length(10, 5000), + 'error' => ERRORS::INVALID_CONTENT + ], + 'ticketNumber' => [ + 'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()), + 'error' => ERRORS::INVALID_TICKET + ], + 'csrf_token' => [ + 'validation' => DataValidator::equals(Session::getInstance()->getToken()), + 'error' => ERRORS::INVALID_TOKEN + ] + ] + ]; + } } public function handler() { @@ -53,7 +74,7 @@ class EditCommentController extends Controller { $ticketevent = Ticketevent::getTicketEvent(Controller::request('ticketEventId')); $ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber')); - if(!Controller::isStaffLogged() && ($user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId ) ){ + if(Controller::isUserSystemEnabled() && !Controller::isStaffLogged() && ($user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId ) ){ throw new RequestException(ERRORS::NO_PERMISSION); } diff --git a/server/controllers/ticket/edit-title.php b/server/controllers/ticket/edit-title.php index 84450141..f407d28d 100644 --- a/server/controllers/ticket/edit-title.php +++ b/server/controllers/ticket/edit-title.php @@ -19,6 +19,7 @@ DataValidator::with('CustomValidations', true); * * @apiUse NO_PERMISSION * @apiUse INVALID_TITLE + * @apiUse INVALID_TOKEN * * @apiSuccess {Object} data Empty object * @@ -29,19 +30,39 @@ class EditTitleController extends Controller { const METHOD = 'POST'; public function validations() { - return [ - 'permission' => 'user', - 'requestData' => [ - 'title' => [ - 'validation' => DataValidator::length(1, 200), - 'error' => ERRORS::INVALID_TITLE - ], - 'ticketNumber' => [ - 'validation' => DataValidator::validTicketNumber(), - 'error' => ERRORS::INVALID_TICKET + if(Controller::isUserSystemEnabled()){ + return [ + 'permission' => 'user', + 'requestData' => [ + 'title' => [ + 'validation' => DataValidator::length(1, 200), + 'error' => ERRORS::INVALID_TITLE + ], + 'ticketNumber' => [ + 'validation' => DataValidator::validTicketNumber(), + 'error' => ERRORS::INVALID_TICKET + ] ] - ] - ]; + ]; + } else { + return [ + 'permission' => 'any', + 'requestData' => [ + 'title' => [ + 'validation' => DataValidator::length(1, 200), + 'error' => ERRORS::INVALID_TITLE + ], + 'ticketNumber' => [ + 'validation' => DataValidator::validTicketNumber(), + 'error' => ERRORS::INVALID_TICKET + ], + 'csrf_token' => [ + 'validation' => DataValidator::equals(Session::getInstance()->getToken()), + 'error' => ERRORS::INVALID_TOKEN + ] + ] + ]; + } } public function handler() { @@ -49,7 +70,7 @@ class EditTitleController extends Controller { $newtitle = Controller::request('title'); $ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber')); - if(!$user->canManageTicket($ticket)) { + if(Controller::isUserSystemEnabled() && !$user->canManageTicket($ticket)) { throw new RequestException(ERRORS::NO_PERMISSION); } From 7c1315c2449741770785ef369db52067d861bd1c Mon Sep 17 00:00:00 2001 From: Guillermo Date: Wed, 8 Jan 2020 10:27:39 -0300 Subject: [PATCH 5/8] fix disable user system ruby test --- tests/system/disable-user-system.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/system/disable-user-system.rb b/tests/system/disable-user-system.rb index a9279051..9550c0df 100644 --- a/tests/system/disable-user-system.rb +++ b/tests/system/disable-user-system.rb @@ -220,7 +220,7 @@ describe'system/disable-user-system' do numberOftickets= $database.query("SELECT * FROM ticket WHERE author_email IS NULL AND author_name IS NULL AND author_id IS NOT NULL" ) - (numberOftickets.num_rows).should.equal(54) + (numberOftickets.num_rows).should.equal(55) end it 'should not enable the user system' do From f87f809b1508baaa696727680e45d67390a5da87 Mon Sep 17 00:00:00 2001 From: Guillermo Date: Wed, 8 Jan 2020 16:16:36 -0300 Subject: [PATCH 6/8] simplification of code --- client/src/app-components/ticket-viewer.js | 28 +++++++++++++++------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/client/src/app-components/ticket-viewer.js b/client/src/app-components/ticket-viewer.js index c68771db..4d0866bf 100644 --- a/client/src/app-components/ticket-viewer.js +++ b/client/src/app-components/ticket-viewer.js @@ -102,15 +102,19 @@ class TicketViewer extends React.Component { ); } renderTitleHeader() { + + const {ticket, userStaff, userId} = this.props; + const {ticketNumber, title, author, editedTitle, language} = ticket; + return(
- #{this.props.ticket.ticketNumber} - {this.props.ticket.title} + #{ticketNumber} + {title} - + - {((this.props.ticket.author.id == this.props.userId && this.props.ticket.author.staff == this.props.userStaff) || this.props.userStaff) ? this.renderEditTitleOption() : null} - {this.props.ticket.editedTitle ? this.renderEditedTitleText() : null } + {((author.id == userId && author.staff == userStaff) || userStaff) ? this.renderEditTitleOption() : null} + {editedTitlee ? this.renderEditedTitleText() : null }
) } @@ -122,7 +126,7 @@ class TicketViewer extends React.Component { renderEditTitleOption() { return( - {this.setState({editTitle: true})}} /> + this.setState({editTitle: true})} /> ) } @@ -131,7 +135,7 @@ class TicketViewer extends React.Component { return(
- {this.setState({newTitle: e.target.value })}} /> + this.setState({newTitle: e.target.value })} />
) } From 8b32d5e86b256dd1bde757657a878994de5da196 Mon Sep 17 00:00:00 2001 From: Guillermo Date: Thu, 9 Jan 2020 12:07:29 -0300 Subject: [PATCH 8/8] . --- client/src/app-components/ticket-viewer.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/client/src/app-components/ticket-viewer.js b/client/src/app-components/ticket-viewer.js index 082cc284..70c24645 100644 --- a/client/src/app-components/ticket-viewer.js +++ b/client/src/app-components/ticket-viewer.js @@ -101,8 +101,8 @@ class TicketViewer extends React.Component {
); } - renderTitleHeader() { + renderTitleHeader() { const {ticket, userStaff, userId} = this.props; const {ticketNumber, title, author, editedTitle, language} = ticket; @@ -118,11 +118,13 @@ class TicketViewer extends React.Component {
) } + renderEditedTitleText(){ return(
{i18n('TITLE_EDITED')}
) } + renderEditTitleOption() { return(