Allow tickets to be created by staff members #175

This commit is contained in:
Ivan Diaz 2018-07-17 01:17:49 -03:00
parent 2c1e5f1a61
commit 96868abd92
5 changed files with 97 additions and 45 deletions

View File

@ -62,9 +62,12 @@ class CloseController extends Controller {
public function handler() { public function handler() {
$this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber')); $this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
if($this->shouldDenyPermission()) { if(
Response::respondError(ERRORS::NO_PERMISSION); (Controller::isUserSystemEnabled() || Controller::isStaffLogged()) &&
return; !$this->ticket->isOwner(Controller::getLoggedUser()) &&
!$this->ticket->isAuthor(Controller::getLoggedUser())
) {
throw new Exception(ERRORS::NO_PERMISSION);
} }
$this->markAsUnread(); $this->markAsUnread();
@ -79,16 +82,6 @@ class CloseController extends Controller {
Response::respondSuccess(); Response::respondSuccess();
} }
private function shouldDenyPermission() {
if(Controller::isStaffLogged()) {
return $this->ticket->owner && $this->ticket->owner->id !== Controller::getLoggedUser()->id;
} else if(Controller::isUserSystemEnabled()) {
return $this->ticket->author->id !== Controller::getLoggedUser()->id;
} else {
return false;
}
}
private function markAsUnread() { private function markAsUnread() {
if(Controller::isStaffLogged()) { if(Controller::isStaffLogged()) {
$this->ticket->unread = true; $this->ticket->unread = true;

View File

@ -65,7 +65,6 @@ class CommentController extends Controller {
'csrf_token' => [ 'csrf_token' => [
'validation' => DataValidator::equals($session->getToken()), 'validation' => DataValidator::equals($session->getToken()),
'error' => ERRORS::INVALID_TOKEN 'error' => ERRORS::INVALID_TOKEN
] ]
] ]
]; ];
@ -73,24 +72,30 @@ class CommentController extends Controller {
} }
public function handler() { public function handler() {
$session = Session::getInstance();
$this->requestData(); $this->requestData();
$ticketAuthor = $this->ticket->authorToArray();
$isAuthor = $this->ticket->isAuthor(Controller::getLoggedUser());
$isOwner = $this->ticket->isOwner(Controller::getLoggedUser());
if ((!Controller::isUserSystemEnabled() && !Controller::isStaffLogged()) || if((Controller::isUserSystemEnabled() || Controller::isStaffLogged()) && !$isOwner && !$isAuthor) {
(!Controller::isStaffLogged() && $session->isLoggedWithId(($this->ticket->author) ? $this->ticket->author->id : 0)) || throw new Exception(ERRORS::NO_PERMISSION);
(Controller::isStaffLogged() && $session->isLoggedWithId(($this->ticket->owner) ? $this->ticket->owner->id : 0))) {
$this->storeComment();
if(Controller::isStaffLogged() || $this->ticket->owner) {
$this->sendMail();
}
Log::createLog('COMMENT', $this->ticket->ticketNumber);
Response::respondSuccess();
} else {
Response::respondError(ERRORS::NO_PERMISSION);
} }
$this->storeComment();
if($isAuthor && $this->ticket->owner) {
$this->sendMail([
'email' => $this->ticket->owner->email,
'name' => $this->ticket->owner->name,
'staff' => true
]);
} else {
$this->sendMail($ticketAuthor);
}
Log::createLog('COMMENT', $this->ticket->ticketNumber);
Response::respondSuccess();
} }
private function requestData() { private function requestData() {
@ -121,20 +126,16 @@ class CommentController extends Controller {
$this->ticket->store(); $this->ticket->store();
} }
private function sendMail() { private function sendMail($recipient) {
$mailSender = MailSender::getInstance(); $mailSender = MailSender::getInstance();
$email = ($this->ticket->author) ? $this->ticket->author->email : $this->ticket->authorEmail; $email = $recipient['email'];
$name = ($this->ticket->author) ? $this->ticket->author->name : $this->ticket->authorName; $name = $recipient['name'];
$isStaff = $recipient['staff'];
if(!Controller::isStaffLogged() && $this->ticket->owner) {
$email = $this->ticket->owner->email;
$name = $this->ticket->owner->name;
}
$url = Setting::getSetting('url')->getValue(); $url = Setting::getSetting('url')->getValue();
if(!Controller::isUserSystemEnabled()) { if(!Controller::isUserSystemEnabled() && !$isStaff) {
$url .= '/check-ticket/' . $this->ticket->ticketNumber; $url .= '/check-ticket/' . $this->ticket->ticketNumber;
$url .= '/' . $email; $url .= '/' . $email;
} }

View File

@ -122,7 +122,6 @@ class CreateController extends Controller {
'title' => $this->title, 'title' => $this->title,
'content' => $this->content, 'content' => $this->content,
'language' => $this->language, 'language' => $this->language,
'author' => $author,
'department' => $department, 'department' => $department,
'file' => ($fileUploader instanceof FileUploader) ? $fileUploader->getFileName() : null, 'file' => ($fileUploader instanceof FileUploader) ? $fileUploader->getFileName() : null,
'date' => Date::getCurrentDate(), 'date' => Date::getCurrentDate(),
@ -130,10 +129,12 @@ class CreateController extends Controller {
'unreadStaff' => true, 'unreadStaff' => true,
'closed' => false, 'closed' => false,
'authorName' => $this->name, 'authorName' => $this->name,
'authorEmail' => $this->email 'authorEmail' => $this->email,
)); ));
if(Controller::isUserSystemEnabled()) { $ticket->setAuthor($author);
if(Controller::isUserSystemEnabled() && !Controller::isStaffLogged()) {
$author->sharedTicketList->add($ticket); $author->sharedTicketList->add($ticket);
$author->tickets++; $author->tickets++;

View File

@ -43,6 +43,7 @@ class Ticket extends DataStore {
'closed', 'closed',
'priority', 'priority',
'author', 'author',
'authorStaff',
'owner', 'owner',
'ownTicketeventList', 'ownTicketeventList',
'unreadStaff', 'unreadStaff',
@ -60,6 +61,22 @@ class Ticket extends DataStore {
return Ticket::getTicket($value, 'ticketNumber'); return Ticket::getTicket($value, 'ticketNumber');
} }
public function setAuthor($author) {
if($author instanceof User) {
$this->author = $author;
} else if($author instanceof Staff) {
$this->authorStaff = $author;
}
}
public function getAuthor() {
if($this->author && !$this->author->isNull()) {
return $this->author;
} else {
return $this->authorStaff;
}
}
public function getDefaultProps() { public function getDefaultProps() {
return array( return array(
'priority' => 'low', 'priority' => 'low',
@ -112,18 +129,20 @@ class Ticket extends DataStore {
} }
public function authorToArray() { public function authorToArray() {
$author = $this->author; $author = $this->getAuthor();
if ($author && !$author->isNull()) { if ($author && !$author->isNull()) {
return [ return [
'id' => $author->id, 'id' => $author->id,
'name' => $author->name, 'name' => $author->name,
'staff' => $author instanceof Staff,
'profilePic' => ($author instanceof Staff) ? $author->profilePic : null,
'email' => $author->email 'email' => $author->email
]; ];
} else { } else {
return [ return [
'name' => $this->authorName, 'name' => $this->authorName,
'email' => $this->authorEmail 'email' => $this->authorEmail
]; ];
} }
} }
@ -155,7 +174,7 @@ class Ticket extends DataStore {
]; ];
$author = $ticketEvent->getAuthor(); $author = $ticketEvent->getAuthor();
if(!$author->isNull()) { if($author && !$author->isNull()) {
$event['author'] = [ $event['author'] = [
'id'=> $author->id, 'id'=> $author->id,
'name' => $author->name, 'name' => $author->name,
@ -174,4 +193,13 @@ class Ticket extends DataStore {
public function addEvent(Ticketevent $event) { public function addEvent(Ticketevent $event) {
$this->ownTicketeventList->add($event); $this->ownTicketeventList->add($event);
} }
public function isAuthor($user) {
$ticketAuthor = $this->authorToArray();
return $user->id == $ticketAuthor['id'] && ($user instanceof Staff) == $ticketAuthor['staff'];
}
public function isOwner($user) {
return $this->owner && $user->id == $this->owner->id && ($user instanceof Staff);
}
} }

View File

@ -4,9 +4,32 @@ describe '/ticket/close' do
#TODO: DO THINGS #TODO: DO THINGS
it 'should not close ticket if not assigned' do
ticket = $database.getRow('ticket', 1 , 'id')
request('/staff/un-assign-ticket', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
result = request('/ticket/close', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('fail')
end
it 'should close a ticket if everything is okey' do it 'should close a ticket if everything is okey' do
ticket = $database.getRow('ticket', 1 , 'id') ticket = $database.getRow('ticket', 1 , 'id')
request('/staff/assign-ticket', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
result = request('/ticket/close', { result = request('/ticket/close', {
ticketNumber: ticket['ticket_number'], ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid, csrf_userid: $csrf_userid,
@ -21,5 +44,11 @@ describe '/ticket/close' do
lastLog = $database.getLastRow('log') lastLog = $database.getLastRow('log')
(lastLog['type']).should.equal('CLOSE') (lastLog['type']).should.equal('CLOSE')
request('/staff/un-assign-ticket', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
end end
end end