tyler.durden/opensupports
1
0
Fork 0
mirror of https://github.com/opensupports/opensupports.git synced 2025-07-27 07:44:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #639 from guillegiu/master

Browse Source 
fix release v4.5.0
This commit is contained in:
Maximiliano Redigonda 2019-10-14 10:06:03 -03:00 committed by GitHub
commit d9becc4e45
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 32 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
client/src/app-components/ticket-event.js
View File

@ -117,7 +117,7 @@ class TicketEvent extends React.Component {
return ( return (
<div className="ticket-event__comment-content"> <div className="ticket-event__comment-content">
<div dangerouslySetInnerHTML={{__html: this.props.content}}></div> <div dangerouslySetInnerHTML={{__html: this.props.content}}></div>
{((this.props.author.id === this.props.userId) || (this.props.userStaff)) ? this.renderEditIcon() : null} {((this.props.author.id == this.props.userId && this.props.author.staff == this.props.userStaff) || this.props.userStaff) ? this.renderEditIcon() : null}
</div> </div>
) )
} }

2
client/src/app-components/ticket-viewer.js
View File

@ -69,7 +69,6 @@ class TicketViewer extends React.Component {
render() { render() {
const ticket = this.props.ticket; const ticket = this.props.ticket;
return ( return (
<div className="ticket-viewer"> <div className="ticket-viewer">
<div className="ticket-viewer__header row"> <div className="ticket-viewer__header row">
@ -605,6 +604,7 @@ class TicketViewer extends React.Component {
} }
export default connect((store) => { export default connect((store) => {
return { return {
userId: store.session.userId, userId: store.session.userId,
userStaff: store.session.staff, userStaff: store.session.staff,

4
client/src/reducers/session-reducer.js
View File

@ -77,7 +77,8 @@ class SessionReducer extends Reducer {
logged: true, logged: true,
pending: false, pending: false,
failed: false, failed: false,
userId: payload.data.userId userId: payload.data.userId,
staff: payload.data.staff
}); });
} }
@ -94,6 +95,7 @@ class SessionReducer extends Reducer {
sessionStore.storeRememberData({ sessionStore.storeRememberData({
token: resultData.rememberToken, token: resultData.rememberToken,
userId: resultData.userId, userId: resultData.userId,
staff: resultData.staff,
expiration: resultData.rememberExpiration expiration: resultData.rememberExpiration
}); });
} }

2
server/controllers/ticket/seen.php
View File

@ -44,7 +44,7 @@ class SeenController extends Controller {
$user = Controller::getLoggedUser(); $user = Controller::getLoggedUser();
$ticket = Ticket::getByTicketNumber($ticketnumber); $ticket = Ticket::getByTicketNumber($ticketnumber);
if(!$user->canManageTicket($this->ticket) && !$ticket->isAuthor($user)) { if(!$user->canManageTicket($ticket) && !$ticket->isAuthor($user)) {
throw new RequestException(ERRORS::NO_PERMISSION); throw new RequestException(ERRORS::NO_PERMISSION);
} }

1
server/controllers/user/get.php
View File

@ -54,6 +54,7 @@ class GetUserController extends Controller {
Response::respondSuccess([ Response::respondSuccess([
'name' => $user->name, 'name' => $user->name,
'email' => $user->email, 'email' => $user->email,
'staff' => false,
'verified' => !$user->verificationToken, 'verified' => !$user->verificationToken,
'tickets' => $parsedTicketList, 'tickets' => $parsedTicketList,
'customfields' => $user->xownCustomfieldvalueList->toArray(), 'customfields' => $user->xownCustomfieldvalueList->toArray(),

2
server/controllers/user/login.php
View File

@ -108,7 +108,7 @@ class LoginController extends Controller {
return array( return array(
'userId' => $userInstance->id, 'userId' => $userInstance->id,
'userEmail' => $userInstance->email, 'userEmail' => $userInstance->email,
'staff' => Controller::request('staff'), 'staff' => !!Controller::request('staff'),
'token' => Session::getInstance()->getToken(), 'token' => Session::getInstance()->getToken(),
'rememberToken' => $this->rememberToken, 'rememberToken' => $this->rememberToken,
'rememberExpiration' => $this->rememberExpiration 'rememberExpiration' => $this->rememberExpiration

2
server/models/Staff.php
View File

@ -50,7 +50,7 @@ class Staff extends DataStore {
} }
public function canManageTicket(Ticket $ticket){ public function canManageTicket(Ticket $ticket){
return $this->sharedDepartmentList->includesId($ticket->departmentId) || $this->id === $ticket->author_staff_id; return $this->sharedDepartmentList->includesId($ticket->departmentId) || $this->id === $ticket->authorStaffId;
} }
public function toArray() { public function toArray() {

1
tests/init.rb
View File

@ -25,6 +25,7 @@ require './user/edit-email.rb'
require './user/get.rb' require './user/get.rb'
require './user/enable-disable.rb' require './user/enable-disable.rb'
require './ticket/create.rb' require './ticket/create.rb'
require './ticket/seen.rb'
require './ticket/comment.rb' require './ticket/comment.rb'
require './ticket/get.rb' require './ticket/get.rb'
require './ticket/custom-response.rb' require './ticket/custom-response.rb'

22
tests/ticket/seen.rb
View File

@ -2,10 +2,12 @@ describe '/ticket/seen' do
describe 'when a staff is logged' do describe 'when a staff is logged' do
request('/user/logout') request('/user/logout')
Scripts.login($staff[:email], $staff[:password], true) ticket = $database.getRow('ticket', 1, 'id')
Scripts.login($staff[:email], $staff[:password], true)
Scripts.assignTicket(ticket['ticket_number'])
it 'should change unread if everything is okey ' do it 'should change unread if everything is okey ' do
ticket = $database.getRow('ticket', 1, 'id')
result = request('/ticket/seen', { result = request('/ticket/seen', {
ticketNumber: ticket['ticket_number'], ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid, csrf_userid: $csrf_userid,
@ -13,7 +15,7 @@ describe '/ticket/seen' do
}) })
(result['status']).should.equal('success') (result['status']).should.equal('success')
ticket = $database.getRow('ticket', 1, 'id') ticket = $database.getRow('ticket', 1, 'id')
(ticket['unreadStaff']).should.equal('0') (ticket['unread_staff']).should.equal('0')
end end
end end
@ -22,6 +24,20 @@ describe '/ticket/seen' do
request('/user/logout') request('/user/logout')
Scripts.login() Scripts.login()
it 'should fail if user is not author' do
ticket = $database.getRow('ticket', 1, 'id')
result = request('/ticket/seen', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('fail')
(result['message']).should.equal('NO_PERMISSION')
end
request('/user/logout')
Scripts.login('user_get@os4.com', 'user_get')
it 'should change unread if everything is okey ' do it 'should change unread if everything is okey ' do
ticket = $database.getRow('ticket', 1, 'id') ticket = $database.getRow('ticket', 1, 'id')
result = request('/ticket/seen', { result = request('/ticket/seen', {

2
tests/user/login.rb
View File

@ -41,7 +41,7 @@ describe '/user/login' do
}) })
(result['status']).should.equal('success') (result['status']).should.equal('success')
(result['data']['staff']).should.equal('true') (result['data']['staff']).should.equal(true)
end end
it 'should work with remember token' do it 'should work with remember token' do