mirror of
https://github.com/opensupports/opensupports.git
synced 2025-07-31 01:35:15 +02:00
Allow tickets to be created by staff members #175
This commit is contained in:
parent
2c1e5f1a61
commit
96868abd92
@ -62,9 +62,12 @@ class CloseController extends Controller {
|
|||||||
public function handler() {
|
public function handler() {
|
||||||
$this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
$this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||||
|
|
||||||
if($this->shouldDenyPermission()) {
|
if(
|
||||||
Response::respondError(ERRORS::NO_PERMISSION);
|
(Controller::isUserSystemEnabled() || Controller::isStaffLogged()) &&
|
||||||
return;
|
!$this->ticket->isOwner(Controller::getLoggedUser()) &&
|
||||||
|
!$this->ticket->isAuthor(Controller::getLoggedUser())
|
||||||
|
) {
|
||||||
|
throw new Exception(ERRORS::NO_PERMISSION);
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->markAsUnread();
|
$this->markAsUnread();
|
||||||
@ -79,16 +82,6 @@ class CloseController extends Controller {
|
|||||||
Response::respondSuccess();
|
Response::respondSuccess();
|
||||||
}
|
}
|
||||||
|
|
||||||
private function shouldDenyPermission() {
|
|
||||||
if(Controller::isStaffLogged()) {
|
|
||||||
return $this->ticket->owner && $this->ticket->owner->id !== Controller::getLoggedUser()->id;
|
|
||||||
} else if(Controller::isUserSystemEnabled()) {
|
|
||||||
return $this->ticket->author->id !== Controller::getLoggedUser()->id;
|
|
||||||
} else {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private function markAsUnread() {
|
private function markAsUnread() {
|
||||||
if(Controller::isStaffLogged()) {
|
if(Controller::isStaffLogged()) {
|
||||||
$this->ticket->unread = true;
|
$this->ticket->unread = true;
|
||||||
|
@ -65,7 +65,6 @@ class CommentController extends Controller {
|
|||||||
'csrf_token' => [
|
'csrf_token' => [
|
||||||
'validation' => DataValidator::equals($session->getToken()),
|
'validation' => DataValidator::equals($session->getToken()),
|
||||||
'error' => ERRORS::INVALID_TOKEN
|
'error' => ERRORS::INVALID_TOKEN
|
||||||
|
|
||||||
]
|
]
|
||||||
]
|
]
|
||||||
];
|
];
|
||||||
@ -73,24 +72,30 @@ class CommentController extends Controller {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function handler() {
|
public function handler() {
|
||||||
$session = Session::getInstance();
|
|
||||||
$this->requestData();
|
$this->requestData();
|
||||||
|
$ticketAuthor = $this->ticket->authorToArray();
|
||||||
|
$isAuthor = $this->ticket->isAuthor(Controller::getLoggedUser());
|
||||||
|
$isOwner = $this->ticket->isOwner(Controller::getLoggedUser());
|
||||||
|
|
||||||
if ((!Controller::isUserSystemEnabled() && !Controller::isStaffLogged()) ||
|
if((Controller::isUserSystemEnabled() || Controller::isStaffLogged()) && !$isOwner && !$isAuthor) {
|
||||||
(!Controller::isStaffLogged() && $session->isLoggedWithId(($this->ticket->author) ? $this->ticket->author->id : 0)) ||
|
throw new Exception(ERRORS::NO_PERMISSION);
|
||||||
(Controller::isStaffLogged() && $session->isLoggedWithId(($this->ticket->owner) ? $this->ticket->owner->id : 0))) {
|
|
||||||
$this->storeComment();
|
|
||||||
|
|
||||||
if(Controller::isStaffLogged() || $this->ticket->owner) {
|
|
||||||
$this->sendMail();
|
|
||||||
}
|
|
||||||
|
|
||||||
Log::createLog('COMMENT', $this->ticket->ticketNumber);
|
|
||||||
|
|
||||||
Response::respondSuccess();
|
|
||||||
} else {
|
|
||||||
Response::respondError(ERRORS::NO_PERMISSION);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$this->storeComment();
|
||||||
|
|
||||||
|
if($isAuthor && $this->ticket->owner) {
|
||||||
|
$this->sendMail([
|
||||||
|
'email' => $this->ticket->owner->email,
|
||||||
|
'name' => $this->ticket->owner->name,
|
||||||
|
'staff' => true
|
||||||
|
]);
|
||||||
|
} else {
|
||||||
|
$this->sendMail($ticketAuthor);
|
||||||
|
}
|
||||||
|
|
||||||
|
Log::createLog('COMMENT', $this->ticket->ticketNumber);
|
||||||
|
|
||||||
|
Response::respondSuccess();
|
||||||
}
|
}
|
||||||
|
|
||||||
private function requestData() {
|
private function requestData() {
|
||||||
@ -121,20 +126,16 @@ class CommentController extends Controller {
|
|||||||
$this->ticket->store();
|
$this->ticket->store();
|
||||||
}
|
}
|
||||||
|
|
||||||
private function sendMail() {
|
private function sendMail($recipient) {
|
||||||
$mailSender = MailSender::getInstance();
|
$mailSender = MailSender::getInstance();
|
||||||
|
|
||||||
$email = ($this->ticket->author) ? $this->ticket->author->email : $this->ticket->authorEmail;
|
$email = $recipient['email'];
|
||||||
$name = ($this->ticket->author) ? $this->ticket->author->name : $this->ticket->authorName;
|
$name = $recipient['name'];
|
||||||
|
$isStaff = $recipient['staff'];
|
||||||
if(!Controller::isStaffLogged() && $this->ticket->owner) {
|
|
||||||
$email = $this->ticket->owner->email;
|
|
||||||
$name = $this->ticket->owner->name;
|
|
||||||
}
|
|
||||||
|
|
||||||
$url = Setting::getSetting('url')->getValue();
|
$url = Setting::getSetting('url')->getValue();
|
||||||
|
|
||||||
if(!Controller::isUserSystemEnabled()) {
|
if(!Controller::isUserSystemEnabled() && !$isStaff) {
|
||||||
$url .= '/check-ticket/' . $this->ticket->ticketNumber;
|
$url .= '/check-ticket/' . $this->ticket->ticketNumber;
|
||||||
$url .= '/' . $email;
|
$url .= '/' . $email;
|
||||||
}
|
}
|
||||||
|
@ -122,7 +122,6 @@ class CreateController extends Controller {
|
|||||||
'title' => $this->title,
|
'title' => $this->title,
|
||||||
'content' => $this->content,
|
'content' => $this->content,
|
||||||
'language' => $this->language,
|
'language' => $this->language,
|
||||||
'author' => $author,
|
|
||||||
'department' => $department,
|
'department' => $department,
|
||||||
'file' => ($fileUploader instanceof FileUploader) ? $fileUploader->getFileName() : null,
|
'file' => ($fileUploader instanceof FileUploader) ? $fileUploader->getFileName() : null,
|
||||||
'date' => Date::getCurrentDate(),
|
'date' => Date::getCurrentDate(),
|
||||||
@ -130,10 +129,12 @@ class CreateController extends Controller {
|
|||||||
'unreadStaff' => true,
|
'unreadStaff' => true,
|
||||||
'closed' => false,
|
'closed' => false,
|
||||||
'authorName' => $this->name,
|
'authorName' => $this->name,
|
||||||
'authorEmail' => $this->email
|
'authorEmail' => $this->email,
|
||||||
));
|
));
|
||||||
|
|
||||||
if(Controller::isUserSystemEnabled()) {
|
$ticket->setAuthor($author);
|
||||||
|
|
||||||
|
if(Controller::isUserSystemEnabled() && !Controller::isStaffLogged()) {
|
||||||
$author->sharedTicketList->add($ticket);
|
$author->sharedTicketList->add($ticket);
|
||||||
$author->tickets++;
|
$author->tickets++;
|
||||||
|
|
||||||
|
@ -43,6 +43,7 @@ class Ticket extends DataStore {
|
|||||||
'closed',
|
'closed',
|
||||||
'priority',
|
'priority',
|
||||||
'author',
|
'author',
|
||||||
|
'authorStaff',
|
||||||
'owner',
|
'owner',
|
||||||
'ownTicketeventList',
|
'ownTicketeventList',
|
||||||
'unreadStaff',
|
'unreadStaff',
|
||||||
@ -60,6 +61,22 @@ class Ticket extends DataStore {
|
|||||||
return Ticket::getTicket($value, 'ticketNumber');
|
return Ticket::getTicket($value, 'ticketNumber');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function setAuthor($author) {
|
||||||
|
if($author instanceof User) {
|
||||||
|
$this->author = $author;
|
||||||
|
} else if($author instanceof Staff) {
|
||||||
|
$this->authorStaff = $author;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getAuthor() {
|
||||||
|
if($this->author && !$this->author->isNull()) {
|
||||||
|
return $this->author;
|
||||||
|
} else {
|
||||||
|
return $this->authorStaff;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public function getDefaultProps() {
|
public function getDefaultProps() {
|
||||||
return array(
|
return array(
|
||||||
'priority' => 'low',
|
'priority' => 'low',
|
||||||
@ -112,18 +129,20 @@ class Ticket extends DataStore {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function authorToArray() {
|
public function authorToArray() {
|
||||||
$author = $this->author;
|
$author = $this->getAuthor();
|
||||||
|
|
||||||
if ($author && !$author->isNull()) {
|
if ($author && !$author->isNull()) {
|
||||||
return [
|
return [
|
||||||
'id' => $author->id,
|
'id' => $author->id,
|
||||||
'name' => $author->name,
|
'name' => $author->name,
|
||||||
|
'staff' => $author instanceof Staff,
|
||||||
|
'profilePic' => ($author instanceof Staff) ? $author->profilePic : null,
|
||||||
'email' => $author->email
|
'email' => $author->email
|
||||||
];
|
];
|
||||||
} else {
|
} else {
|
||||||
return [
|
return [
|
||||||
'name' => $this->authorName,
|
'name' => $this->authorName,
|
||||||
'email' => $this->authorEmail
|
'email' => $this->authorEmail
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -155,7 +174,7 @@ class Ticket extends DataStore {
|
|||||||
];
|
];
|
||||||
|
|
||||||
$author = $ticketEvent->getAuthor();
|
$author = $ticketEvent->getAuthor();
|
||||||
if(!$author->isNull()) {
|
if($author && !$author->isNull()) {
|
||||||
$event['author'] = [
|
$event['author'] = [
|
||||||
'id'=> $author->id,
|
'id'=> $author->id,
|
||||||
'name' => $author->name,
|
'name' => $author->name,
|
||||||
@ -174,4 +193,13 @@ class Ticket extends DataStore {
|
|||||||
public function addEvent(Ticketevent $event) {
|
public function addEvent(Ticketevent $event) {
|
||||||
$this->ownTicketeventList->add($event);
|
$this->ownTicketeventList->add($event);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function isAuthor($user) {
|
||||||
|
$ticketAuthor = $this->authorToArray();
|
||||||
|
return $user->id == $ticketAuthor['id'] && ($user instanceof Staff) == $ticketAuthor['staff'];
|
||||||
|
}
|
||||||
|
|
||||||
|
public function isOwner($user) {
|
||||||
|
return $this->owner && $user->id == $this->owner->id && ($user instanceof Staff);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -4,9 +4,32 @@ describe '/ticket/close' do
|
|||||||
|
|
||||||
#TODO: DO THINGS
|
#TODO: DO THINGS
|
||||||
|
|
||||||
|
it 'should not close ticket if not assigned' do
|
||||||
|
ticket = $database.getRow('ticket', 1 , 'id')
|
||||||
|
request('/staff/un-assign-ticket', {
|
||||||
|
ticketNumber: ticket['ticket_number'],
|
||||||
|
csrf_userid: $csrf_userid,
|
||||||
|
csrf_token: $csrf_token
|
||||||
|
})
|
||||||
|
|
||||||
|
result = request('/ticket/close', {
|
||||||
|
ticketNumber: ticket['ticket_number'],
|
||||||
|
csrf_userid: $csrf_userid,
|
||||||
|
csrf_token: $csrf_token
|
||||||
|
})
|
||||||
|
|
||||||
|
(result['status']).should.equal('fail')
|
||||||
|
end
|
||||||
|
|
||||||
it 'should close a ticket if everything is okey' do
|
it 'should close a ticket if everything is okey' do
|
||||||
ticket = $database.getRow('ticket', 1 , 'id')
|
ticket = $database.getRow('ticket', 1 , 'id')
|
||||||
|
|
||||||
|
request('/staff/assign-ticket', {
|
||||||
|
ticketNumber: ticket['ticket_number'],
|
||||||
|
csrf_userid: $csrf_userid,
|
||||||
|
csrf_token: $csrf_token
|
||||||
|
})
|
||||||
|
|
||||||
result = request('/ticket/close', {
|
result = request('/ticket/close', {
|
||||||
ticketNumber: ticket['ticket_number'],
|
ticketNumber: ticket['ticket_number'],
|
||||||
csrf_userid: $csrf_userid,
|
csrf_userid: $csrf_userid,
|
||||||
@ -21,5 +44,11 @@ describe '/ticket/close' do
|
|||||||
|
|
||||||
lastLog = $database.getLastRow('log')
|
lastLog = $database.getLastRow('log')
|
||||||
(lastLog['type']).should.equal('CLOSE')
|
(lastLog['type']).should.equal('CLOSE')
|
||||||
|
|
||||||
|
request('/staff/un-assign-ticket', {
|
||||||
|
ticketNumber: ticket['ticket_number'],
|
||||||
|
csrf_userid: $csrf_userid,
|
||||||
|
csrf_token: $csrf_token
|
||||||
|
})
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
Loading…
x
Reference in New Issue
Block a user