'user', 'requestData' => [ 'content' => [ 'validation' => DataValidator::content(), 'error' => ERRORS::INVALID_CONTENT ], 'ticketNumber' => [ 'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()), 'error' => ERRORS::INVALID_TICKET ] ] ]; } public function handler() { $user = Controller::getLoggedUser(); $newcontent = Controller::request('content', true); $ticketNumberLog = null; $ticketevent = Ticketevent::getTicketEvent(Controller::request('ticketEventId')); $ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber')); if(!Controller::isStaffLogged() && ($user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId ) ){ throw new RequestException(ERRORS::NO_PERMISSION); } if(Controller::isStaffLogged()){ if(!$ticketevent->isNull()){ $ticket = $ticketevent->ticket; } if(!$user->canManageTicket($ticket)) { throw new RequestException(ERRORS::NO_PERMISSION); } } if(!$ticketevent->isNull()){ $ticketNumber = Ticket::getTicket($ticketevent->ticketId)->ticketNumber; $ticketevent->content = $newcontent; $ticketevent->editedContent = true; $ticketevent->store(); } else { $ticketNumber = $ticket->ticketNumber; $ticket->content = $newcontent; $ticket->editedContent = true; $ticket->store(); } Log::createLog('EDIT_COMMENT', $ticketNumber); Response::respondSuccess(); } }