tyler.durden
/
opensupports
mirror of https://github.com/opensupports/opensupports.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'guillermo/master'

This commit is contained in:
ivan 2018-04-12 22:23:26 -03:00
parent e573a5460d d0d6db77b7
commit f7ef552da1
9 changed files with 125 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/controllers/staff/assign-ticket.php
View File

@ -50,12 +50,12 @@ class AssignStaffController extends Controller {
$this->ticket = Ticket::getByTicketNumber($ticketNumber);
if($this->ticket->owner) {
Response::respondError(ERRORS::TICKET_ALREADY_ASSIGNED);
throw new Exception(ERRORS::TICKET_ALREADY_ASSIGNED);
return;
}
if(!$this->ticketHasStaffDepartment()) {
Response::respondError(ERRORS::INVALID_DEPARTMENT);
throw new Exception(ERRORS::INVALID_DEPARTMENT);
} else {
$this->user->sharedTicketList->add($this->ticket);
$this->ticket->owner = $this->user;

4
server/controllers/staff/un-assign-ticket.php
View File

@ -44,7 +44,7 @@ class UnAssignStaffController extends Controller {
$user = Controller::getLoggedUser();
$ticket = Ticket::getByTicketNumber($ticketNumber);
if($ticket->owner && $ticket->owner->id == $user->id) {
if(($ticket->owner && $ticket->owner->id === $user->id) || $user->level !== 1) {
$user->sharedTicketList->remove($ticket);
$user->store();
@ -61,7 +61,7 @@ class UnAssignStaffController extends Controller {
$ticket->store();
Response::respondSuccess();
} else {
Response::respondError(ERRORS::NO_PERMISSION);
throw new Exception(ERRORS::NO_PERMISSION);
return;
}
}

4
server/controllers/system/edit-settings.php
View File

@ -73,6 +73,10 @@ class EditSettingsController extends Controller {
$allowed = json_decode(Controller::request('allowedLanguages'));
$supported = json_decode(Controller::request('supportedLanguages'));
if (array_diff($supported, $allowed)) {
throw new Exception(ERRORS::INVALID_SUPPORTED_LANGUAGES);
}
foreach(Language::LANGUAGES as $languageCode) {
$language = Language::getDataStore($languageCode, 'code');

20
server/controllers/ticket/change-department.php
View File

@ -52,8 +52,8 @@ class ChangeDepartmentController extends Controller {
$department = Department::getDataStore($departmentId);
$user = Controller::getLoggedUser();
if($ticket->owner && $ticket->owner->id !== $user->id){
Response::respondError(ERRORS::NO_PERMISSION);
if($ticket->owner && $ticket->owner->id !== $user->id || $user->level === 1){
throw new Exception(ERRORS::NO_PERMISSION);
return;
}
@ -66,11 +66,21 @@ class ChangeDepartmentController extends Controller {
$ticket->addEvent($event);
$ticket->department = $department;
$ticket->unread = true;
if(!Controller::getLoggedUser()->sharedDepartmentList->includesId($department->id)) {
$ticket->owner = null;
}
$ticket->store();
if(!Controller::getLoggedUser()->sharedDepartmentList->includesId($department->id)) {
Controller::setDataRequester(function ($key) use ($ticketNumber) {
if($key === 'ticketNumber') {
return $ticketNumber;
}
return null;
});
$unAssignTicketController = new UnAssignStaffController();
$unAssignTicketController->validate();
$unAssignTicketController->handler();
}
Log::createLog('DEPARTMENT_CHANGED', $ticket->ticketNumber);
Response::respondSuccess();

1
server/data/ERRORS.php
View File

@ -194,6 +194,7 @@ class ERRORS {
const INVALID_CAPTCHA = 'INVALID_CAPTCHA';
const INVALID_TICKET_EVENT = 'INVALID_TICKET_EVENT';
const INVALID_LANGUAGE = 'INVALID_LANGUAGE';
const INVALID_SUPPORTED_LANGUAGES = 'INVALID_SUPPORTED_LANGUAGES';
const TICKET_ALREADY_ASSIGNED = 'TICKET_ALREADY_ASSIGNED';
const INVALID_PRIORITY = 'INVALID_PRIORITY';
const INVALID_PAGE = 'INVALID_PAGE';

20
tests/scripts.rb
View File

@ -16,6 +16,26 @@ class Scripts
})
end
def self.createStaff(email, password, name, level='1')
departments = request('/system/get-settings', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})['departments']
departments = departments.collect { |x| x.id }
response = request('/staff/add', {
:name => name,
:email => email,
:password => password,
:level => level,
:departments => departments.to_string
})
if response['status'] === 'fail'
raise response['message']
end
end
def self.login(email = 'steve@jobs.com', password = 'custompassword', staff = false)
request('/user/logout')
response = request('/user/login', {

52
tests/staff/un-assign-ticket.rb
View File

@ -7,8 +7,21 @@ describe '/staff/un-assign-ticket' do
#it 'should fail if staff is not assign to the ticket'do
#end
it 'should fail if ticket is not yours and you are a staff level 1' do
$database.query('update staff set level="1" where id="1";')
ticket = $database.getRow('ticket', 1 , 'id')
result = request('/staff/un-assign-ticket', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
it 'should un assign ticket if everything is okey' do
(result['status']).should.equal('fail')
(result['message']).should.equal('NO_PERMISSION')
$database.query('update staff set level="3" where id="1";')
end
it 'should unassign ticket if it is the current owner' do
ticket = $database.getRow('ticket', 1 , 'id')
result = request('/staff/un-assign-ticket', {
ticketNumber: ticket['ticket_number'],
@ -28,15 +41,34 @@ describe '/staff/un-assign-ticket' do
(staff_ticket).should.equal(nil)
end
it 'should fail if ticket is not yours' do
ticket = $database.getRow('ticket', 1 , 'id')
result = request('/staff/un-assign-ticket', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
it 'should unassign ticket if you are a staff level 3' do
Scripts.createStaff('staff_level_1', 'password', 'maxi')
Scripts.logout()
Scripts.login('staff_level_1',)
ticket = $database.getRow('ticket', 1 , 'id')
request('/staff/assign-ticket', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
Scripts.logout()
Scripts.login($staff[:email], $staff[:password], true)
result = request('/staff/un-assign-ticket', {
ticketNumber: ticket['ticket_number'],
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('fail')
(result['message']).should.equal('NO_PERMISSION')
(result['status']).should.equal('success')
ticket = $database.getRow('ticket', 1 , 'id')
(ticket['owner_id']).should.equal(nil)
(ticket['unread']).should.equal('1')
staff_ticket = $database.getRow('staff_ticket', 1 , 'id')
(staff_ticket).should.equal(nil)
end
end

16
tests/system/edit-settings.rb
View File

@ -37,6 +37,20 @@ describe'system/edit-settings' do
request('/user/logout')
end
it 'should fail if supported languages are invalid' do
request('/user/logout')
Scripts.login($staff[:email], $staff[:password], true)
result= request('/system/edit-settings', {
"csrf_userid" => $csrf_userid,
"csrf_token" => $csrf_token,
"supportedLanguages" => '["en", "pt", "jp", "ru", "de"]',
"allowedLanguages" => '["en", "pt", "jp", "ru"]'
})
(result['status']).should.equal('fail')
(result['message']).should.equal('INVALID_SUPPORTED_LANGUAGES')
end
it 'should change allowed and supported languages' do
request('/user/logout')
Scripts.login($staff[:email], $staff[:password], true)
@ -45,7 +59,7 @@ describe'system/edit-settings' do
"csrf_userid" => $csrf_userid,
"csrf_token" => $csrf_token,
"supportedLanguages" => '["en", "pt", "jp", "ru"]',
"allowedLanguages" => '["en","pt", "jp", "ru", "de"]'
"allowedLanguages" => '["en", "pt", "jp", "ru", "de"]'
})
(result['status']).should.equal('success')

36
tests/system/get-stats.rb
View File

@ -13,62 +13,62 @@ describe'/system/get-stats' do
#day 1
for i in 0..5
$database.query("INSERT INTO log VALUES('', 'SIGNUP', NULL, " + yesterday3 + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'SIGNUP', NULL, " + yesterday3 + ", NULL, NULL, NULL);")
end
for i in 0..0
$database.query("INSERT INTO log VALUES('', 'CREATE_TICKET', NULL, " + yesterday3 + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'CREATE_TICKET', NULL, " + yesterday3 + ", NULL, NULL, NULL);")
end
for i in 0..1
$database.query("INSERT INTO log VALUES('', 'CLOSE', NULL, " + yesterday3 + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'CLOSE', NULL, " + yesterday3 + ", NULL, NULL, NULL);")
end
for i in 0..2
$database.query("INSERT INTO log VALUES('', 'COMMENT', NULL, " + yesterday3 + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'COMMENT', NULL, " + yesterday3 + ", NULL, NULL, NULL);")
end
for i in 0..8
$database.query("INSERT INTO ticketevent VALUES('', 'CLOSE', NULL, NULL, " + yesterday3 + ", NULL, NULL, 1);")
$database.query("INSERT INTO ticketevent VALUES(NULL, 'CLOSE', NULL, NULL, " + yesterday3 + ", NULL, NULL, 1);")
end
for i in 0..4
$database.query("INSERT INTO ticketevent VALUES('', 'ASSIGN', NULL, NULL, " + yesterday3 + ", NULL, NULL, 1);")
$database.query("INSERT INTO ticketevent VALUES(NULL, 'ASSIGN', NULL, NULL, " + yesterday3 + ", NULL, NULL, 1);")
end
#day 2
for i in 0..7
$database.query("INSERT INTO log VALUES('', 'SIGNUP', NULL, " + yesterday2 + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'SIGNUP', NULL, " + yesterday2 + ", NULL, NULL, NULL);")
end
for i in 0..2
$database.query("INSERT INTO log VALUES('', 'CREATE_TICKET', NULL, " + yesterday2 + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'CREATE_TICKET', NULL, " + yesterday2 + ", NULL, NULL, NULL);")
end
for i in 0..9
$database.query("INSERT INTO log VALUES('', 'CLOSE', NULL, " + yesterday2 + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'CLOSE', NULL, " + yesterday2 + ", NULL, NULL, NULL);")
end
for i in 0..2
$database.query("INSERT INTO log VALUES('', 'COMMENT', NULL, " + yesterday2 + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'COMMENT', NULL, " + yesterday2 + ", NULL, NULL, NULL);")
end
for i in 0..10
$database.query("INSERT INTO ticketevent VALUES('', 'CLOSE', NULL, NULL, " + yesterday2 + ", NULL, NULL, 1);")
$database.query("INSERT INTO ticketevent VALUES(NULL, 'CLOSE', NULL, NULL, " + yesterday2 + ", NULL, NULL, 1);")
end
for i in 0..2
$database.query("INSERT INTO ticketevent VALUES('', 'ASSIGN', NULL, NULL, " + yesterday2 + ", NULL, NULL, 1);")
$database.query("INSERT INTO ticketevent VALUES(NULL, 'ASSIGN', NULL, NULL, " + yesterday2 + ", NULL, NULL, 1);")
end
#day 3
for i in 0..0
$database.query("INSERT INTO log VALUES('', 'SIGNUP', NULL, " + yesterday + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'SIGNUP', NULL, " + yesterday + ", NULL, NULL, NULL);")
end
for i in 0..1
$database.query("INSERT INTO log VALUES('', 'CREATE_TICKET', NULL, " + yesterday + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'CREATE_TICKET', NULL, " + yesterday + ", NULL, NULL, NULL);")
end
for i in 0..4
$database.query("INSERT INTO log VALUES('', 'CLOSE', NULL, " + yesterday + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'CLOSE', NULL, " + yesterday + ", NULL, NULL, NULL);")
end
for i in 0..7
$database.query("INSERT INTO log VALUES('', 'COMMENT', NULL, " + yesterday + ", NULL, NULL, NULL);")
$database.query("INSERT INTO log VALUES(NULL, 'COMMENT', NULL, " + yesterday + ", NULL, NULL, NULL);")
end
for i in 0..3
$database.query("INSERT INTO ticketevent VALUES('', 'CLOSE', NULL, NULL, " + yesterday + ", NULL, NULL, 1);")
$database.query("INSERT INTO ticketevent VALUES(NULL, 'CLOSE', NULL, NULL, " + yesterday + ", NULL, NULL, 1);")
end
for i in 0..7
$database.query("INSERT INTO ticketevent VALUES('', 'ASSIGN', NULL, NULL, " + yesterday + ", NULL, NULL, 1);")
$database.query("INSERT INTO ticketevent VALUES(NULL, 'ASSIGN', NULL, NULL, " + yesterday + ", NULL, NULL, 1);")
end
@result = request('/system/get-stats', {