tyler.durden
/
opensupports
mirror of https://github.com/opensupports/opensupports.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #639 from guillegiu/master 

fix release v4.5.0
This commit is contained in:
Maximiliano Redigonda 2019-10-14 10:06:03 -03:00 committed by GitHub
parent 620cd6b876 d0a6dd06d8
commit d9becc4e45
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 32 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
client/src/actions/session-actions.js
View File

@ -58,7 +58,7 @@ export default {
}
}).then((result) => {
store.dispatch(this.getUserData(result.data.userId, result.data.token));
return result;
})
};

2
client/src/app-components/ticket-event.js
View File

@ -117,7 +117,7 @@ class TicketEvent extends React.Component {
return (
<div className="ticket-event__comment-content">
<div dangerouslySetInnerHTML={{__html: this.props.content}}></div>
{((this.props.author.id === this.props.userId) || (this.props.userStaff)) ? this.renderEditIcon() : null}
{((this.props.author.id == this.props.userId && this.props.author.staff == this.props.userStaff) || this.props.userStaff) ? this.renderEditIcon() : null}
</div>
)
}

2
client/src/app-components/ticket-viewer.js
View File

@ -69,7 +69,6 @@ class TicketViewer extends React.Component {
render() {
const ticket = this.props.ticket;
return (
<div className="ticket-viewer">
<div className="ticket-viewer__header row">
@ -605,6 +604,7 @@ class TicketViewer extends React.Component {
}
export default connect((store) => {
return {
userId: store.session.userId,
userStaff: store.session.staff,

4
client/src/reducers/session-reducer.js
View File

@ -77,7 +77,8 @@ class SessionReducer extends Reducer {
logged: true,
pending: false,
failed: false,
userId: payload.data.userId
userId: payload.data.userId,
staff: payload.data.staff
});
}
@ -94,6 +95,7 @@ class SessionReducer extends Reducer {
sessionStore.storeRememberData({
token: resultData.rememberToken,
userId: resultData.userId,
staff: resultData.staff,
expiration: resultData.rememberExpiration
});
}

2
server/controllers/ticket/seen.php
View File

@ -44,7 +44,7 @@ class SeenController extends Controller {
$user = Controller::getLoggedUser();
$ticket = Ticket::getByTicketNumber($ticketnumber);
if(!$user->canManageTicket($this->ticket) && !$ticket->isAuthor($user)) {
if(!$user->canManageTicket($ticket) && !$ticket->isAuthor($user)) {
throw new RequestException(ERRORS::NO_PERMISSION);
}

1
server/controllers/user/get.php
View File

@ -54,6 +54,7 @@ class GetUserController extends Controller {
Response::respondSuccess([
'name' => $user->name,
'email' => $user->email,
'staff' => false,
'verified' => !$user->verificationToken,
'tickets' => $parsedTicketList,
'customfields' => $user->xownCustomfieldvalueList->toArray(),

2
server/controllers/user/login.php
View File

@ -108,7 +108,7 @@ class LoginController extends Controller {
return array(
'userId' => $userInstance->id,
'userEmail' => $userInstance->email,
'staff' => Controller::request('staff'),
'staff' => !!Controller::request('staff'),
'token' => Session::getInstance()->getToken(),
'rememberToken' => $this->rememberToken,
'rememberExpiration' => $this->rememberExpiration

2
server/models/Staff.php
View File

@ -50,7 +50,7 @@ class Staff extends DataStore {
}
public function canManageTicket(Ticket $ticket){
return $this->sharedDepartmentList->includesId($ticket->departmentId) || $this->id === $ticket->author_staff_id;
return $this->sharedDepartmentList->includesId($ticket->departmentId) || $this->id === $ticket->authorStaffId;
}
public function toArray() {

1
tests/init.rb
View File

@ -25,6 +25,7 @@ require './user/edit-email.rb'
require './user/get.rb'
require './user/enable-disable.rb'
require './ticket/create.rb'
require './ticket/seen.rb'
require './ticket/comment.rb'
require './ticket/get.rb'
require './ticket/custom-response.rb'

24
tests/ticket/seen.rb
View File

@ -2,10 +2,12 @@ describe '/ticket/seen' do
describe 'when a staff is logged' do
request('/user/logout')
Scripts.login($staff[:email], $staff[:password], true)
ticket = $database.getRow('ticket', 1, 'id')
Scripts.login($staff[:email], $staff[:password], true)
Scripts.assignTicket(ticket['ticket_number'])
it 'should change unread if everything is okey ' do
ticket = $database.getRow('ticket', 1, 'id')
result = request('/ticket/seen', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
@ -13,15 +15,29 @@ describe '/ticket/seen' do
})
(result['status']).should.equal('success')
ticket = $database.getRow('ticket', 1, 'id')
(ticket['unreadStaff']).should.equal('0')
(ticket['unread_staff']).should.equal('0')
end
end
describe 'when an user is logged' do
request('/user/logout')
Scripts.login()
it 'should fail if user is not author' do
ticket = $database.getRow('ticket', 1, 'id')
result = request('/ticket/seen', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('fail')
(result['message']).should.equal('NO_PERMISSION')
end
request('/user/logout')
Scripts.login('user_get@os4.com', 'user_get')
it 'should change unread if everything is okey ' do
ticket = $database.getRow('ticket', 1, 'id')
result = request('/ticket/seen', {

2
tests/user/login.rb
View File

@ -41,7 +41,7 @@ describe '/user/login' do
})
(result['status']).should.equal('success')
(result['data']['staff']).should.equal('true')
(result['data']['staff']).should.equal(true)
end
it 'should work with remember token' do