tyler.durden
/
opensupports
mirror of https://github.com/opensupports/opensupports.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow tickets to be created by staff members #175

This commit is contained in:
Ivan Diaz 2018-07-17 01:17:49 -03:00
parent 2c1e5f1a61
commit 96868abd92
5 changed files with 97 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
server/controllers/ticket/close.php
View File

@ -62,9 +62,12 @@ class CloseController extends Controller {
public function handler() {
$this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
if($this->shouldDenyPermission()) {
Response::respondError(ERRORS::NO_PERMISSION);
return;
if(
(Controller::isUserSystemEnabled() || Controller::isStaffLogged()) &&
!$this->ticket->isOwner(Controller::getLoggedUser()) &&
!$this->ticket->isAuthor(Controller::getLoggedUser())
) {
throw new Exception(ERRORS::NO_PERMISSION);
}
$this->markAsUnread();
@ -79,16 +82,6 @@ class CloseController extends Controller {
Response::respondSuccess();
}
private function shouldDenyPermission() {
if(Controller::isStaffLogged()) {
return $this->ticket->owner && $this->ticket->owner->id !== Controller::getLoggedUser()->id;
} else if(Controller::isUserSystemEnabled()) {
return $this->ticket->author->id !== Controller::getLoggedUser()->id;
} else {
return false;
}
}
private function markAsUnread() {
if(Controller::isStaffLogged()) {
$this->ticket->unread = true;

51
server/controllers/ticket/comment.php
View File

@ -65,7 +65,6 @@ class CommentController extends Controller {
'csrf_token' => [
'validation' => DataValidator::equals($session->getToken()),
'error' => ERRORS::INVALID_TOKEN
]
]
];
@ -73,24 +72,30 @@ class CommentController extends Controller {
}
public function handler() {
$session = Session::getInstance();
$this->requestData();
$ticketAuthor = $this->ticket->authorToArray();
$isAuthor = $this->ticket->isAuthor(Controller::getLoggedUser());
$isOwner = $this->ticket->isOwner(Controller::getLoggedUser());
if ((!Controller::isUserSystemEnabled() && !Controller::isStaffLogged()) ||
(!Controller::isStaffLogged() && $session->isLoggedWithId(($this->ticket->author) ? $this->ticket->author->id : 0)) ||
(Controller::isStaffLogged() && $session->isLoggedWithId(($this->ticket->owner) ? $this->ticket->owner->id : 0))) {
$this->storeComment();
if(Controller::isStaffLogged() || $this->ticket->owner) {
$this->sendMail();
}
Log::createLog('COMMENT', $this->ticket->ticketNumber);
Response::respondSuccess();
} else {
Response::respondError(ERRORS::NO_PERMISSION);
if((Controller::isUserSystemEnabled() || Controller::isStaffLogged()) && !$isOwner && !$isAuthor) {
throw new Exception(ERRORS::NO_PERMISSION);
}
$this->storeComment();
if($isAuthor && $this->ticket->owner) {
$this->sendMail([
'email' => $this->ticket->owner->email,
'name' => $this->ticket->owner->name,
'staff' => true
]);
} else {
$this->sendMail($ticketAuthor);
}
Log::createLog('COMMENT', $this->ticket->ticketNumber);
Response::respondSuccess();
}
private function requestData() {
@ -121,20 +126,16 @@ class CommentController extends Controller {
$this->ticket->store();
}
private function sendMail() {
private function sendMail($recipient) {
$mailSender = MailSender::getInstance();
$email = ($this->ticket->author) ? $this->ticket->author->email : $this->ticket->authorEmail;
$name = ($this->ticket->author) ? $this->ticket->author->name : $this->ticket->authorName;
if(!Controller::isStaffLogged() && $this->ticket->owner) {
$email = $this->ticket->owner->email;
$name = $this->ticket->owner->name;
}
$email = $recipient['email'];
$name = $recipient['name'];
$isStaff = $recipient['staff'];
$url = Setting::getSetting('url')->getValue();
if(!Controller::isUserSystemEnabled()) {
if(!Controller::isUserSystemEnabled() && !$isStaff) {
$url .= '/check-ticket/' . $this->ticket->ticketNumber;
$url .= '/' . $email;
}

7
server/controllers/ticket/create.php
View File

@ -122,7 +122,6 @@ class CreateController extends Controller {
'title' => $this->title,
'content' => $this->content,
'language' => $this->language,
'author' => $author,
'department' => $department,
'file' => ($fileUploader instanceof FileUploader) ? $fileUploader->getFileName() : null,
'date' => Date::getCurrentDate(),
@ -130,10 +129,12 @@ class CreateController extends Controller {
'unreadStaff' => true,
'closed' => false,
'authorName' => $this->name,
'authorEmail' => $this->email
'authorEmail' => $this->email,
));
if(Controller::isUserSystemEnabled()) {
$ticket->setAuthor($author);
if(Controller::isUserSystemEnabled() && !Controller::isStaffLogged()) {
$author->sharedTicketList->add($ticket);
$author->tickets++;

36
server/models/Ticket.php
View File

@ -43,6 +43,7 @@ class Ticket extends DataStore {
'closed',
'priority',
'author',
'authorStaff',
'owner',
'ownTicketeventList',
'unreadStaff',
@ -60,6 +61,22 @@ class Ticket extends DataStore {
return Ticket::getTicket($value, 'ticketNumber');
}
public function setAuthor($author) {
if($author instanceof User) {
$this->author = $author;
} else if($author instanceof Staff) {
$this->authorStaff = $author;
}
}
public function getAuthor() {
if($this->author && !$this->author->isNull()) {
return $this->author;
} else {
return $this->authorStaff;
}
}
public function getDefaultProps() {
return array(
'priority' => 'low',
@ -112,18 +129,20 @@ class Ticket extends DataStore {
}
public function authorToArray() {
$author = $this->author;
$author = $this->getAuthor();
if ($author && !$author->isNull()) {
return [
'id' => $author->id,
'name' => $author->name,
'staff' => $author instanceof Staff,
'profilePic' => ($author instanceof Staff) ? $author->profilePic : null,
'email' => $author->email
];
} else {
return [
'name' => $this->authorName,
'email' => $this->authorEmail
'name' => $this->authorName,
'email' => $this->authorEmail
];
}
}
@ -155,7 +174,7 @@ class Ticket extends DataStore {
];
$author = $ticketEvent->getAuthor();
if(!$author->isNull()) {
if($author && !$author->isNull()) {
$event['author'] = [
'id'=> $author->id,
'name' => $author->name,
@ -174,4 +193,13 @@ class Ticket extends DataStore {
public function addEvent(Ticketevent $event) {
$this->ownTicketeventList->add($event);
}
public function isAuthor($user) {
$ticketAuthor = $this->authorToArray();
return $user->id == $ticketAuthor['id'] && ($user instanceof Staff) == $ticketAuthor['staff'];
}
public function isOwner($user) {
return $this->owner && $user->id == $this->owner->id && ($user instanceof Staff);
}
}

29
tests/ticket/close.rb
View File

@ -4,9 +4,32 @@ describe '/ticket/close' do
#TODO: DO THINGS
it 'should not close ticket if not assigned' do
ticket = $database.getRow('ticket', 1 , 'id')
request('/staff/un-assign-ticket', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
result = request('/ticket/close', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('fail')
end
it 'should close a ticket if everything is okey' do
ticket = $database.getRow('ticket', 1 , 'id')
request('/staff/assign-ticket', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
result = request('/ticket/close', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
@ -21,5 +44,11 @@ describe '/ticket/close' do
lastLog = $database.getLastRow('log')
(lastLog['type']).should.equal('CLOSE')
request('/staff/un-assign-ticket', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
end
end