Merge pull request #25 from Kallys/close-ticket

Allow users to close their tickets with user system disabled
2017-06-12 18:58:14 -03:00 · 2017-06-12 18:58:14 -03:00 · f9c05d9792
parent db3ef9be13 33ddbd972d
commit f9c05d9792
1 changed files with 38 additions and 17 deletions
--- a/server/controllers/ticket/close.php
+++ b/server/controllers/ticket/close.php
@ -18,7 +18,7 @@ DataValidator::with('CustomValidations', true);
 *
 * @apiUse NO_PERMISSION
 * @apiUse INVALID_TICKET
- * 
+ *
 * @apiSuccess {Object} data Empty object
 *
 */
@ -30,15 +30,33 @@ class CloseController extends Controller {
    private $ticket;

    public function validations() {
-        return [
-            'permission' => 'user',
-            'requestData' => [
-                'ticketNumber' => [
-                    'validation' => DataValidator::validTicketNumber(),
-                    'error' => ERRORS::INVALID_TICKET
+        $session = Session::getInstance();
+
+        if (Controller::isUserSystemEnabled() || Controller::isStaffLogged()) {
+            return [
+                'permission' => 'user',
+                'requestData' => [
+                    'ticketNumber' => [
+                        'validation' => DataValidator::validTicketNumber(),
+                        'error' => ERRORS::INVALID_TICKET
+                    ]
                ]
-            ]
-        ];
+            ];
+        } else {
+            return [
+                'permission' => 'any',
+                'requestData' => [
+                    'ticketNumber' => [
+                        'validation' => DataValidator::equals($session->getTicketNumber()),
+                        'error' => ERRORS::INVALID_TICKET
+                    ],
+                    'csrf_token' => [
+                        'validation' => DataValidator::equals($session->getToken()),
+                    	'error' => ERRORS::INVALID_TOKEN
+                    ]
+                ]
+            ];
+        }
    }

    public function handler() {
@ -57,15 +75,18 @@ class CloseController extends Controller {

        $this->sendMail();
        Log::createLog('CLOSE', $this->ticket->ticketNumber);
-        
+
        Response::respondSuccess();
    }

    private function shouldDenyPermission() {
-        $user = Controller::getLoggedUser();
-
-        return (!Controller::isStaffLogged() && $this->ticket->author->id !== $user->id) ||
-               (Controller::isStaffLogged() && $this->ticket->owner && $this->ticket->owner->id !== $user->id);
+        if(Controller::isStaffLogged()) {
+        	return $this->ticket->owner && $this->ticket->owner->id !== Controller::getLoggedUser()->id;
+        } else if(Controller::isUserSystemEnabled()) {
+        	return $this->ticket->author->id !== Controller::getLoggedUser()->id;
+        } else {
+        	return false;
+        }
    }

    private function markAsUnread() {
@ -95,8 +116,8 @@ class CloseController extends Controller {
        $mailSender = new MailSender();

        $mailSender->setTemplate(MailTemplate::TICKET_CLOSED, [
-            'to' => $this->ticket->author->email,
-            'name' => $this->ticket->author->name,
+            'to' => ($this->ticket->author) ? $this->ticket->author->email : $this->ticket->authorEmail,
+            'name' => ($this->ticket->author) ? $this->ticket->author->name : $this->ticket->authorName,
            'ticketNumber' => $this->ticket->ticketNumber,
            'title' => $this->ticket->title,
            'url' => Setting::getSetting('url')->getValue()
@ -104,4 +125,4 @@ class CloseController extends Controller {

        $mailSender->send();
    }
-}
+}