'user', 'requestData' => [ 'content' => [ 'validation' => DataValidator::content(), 'error' => ERRORS::INVALID_CONTENT ], 'ticketNumber' => [ 'validation' => DataValidator::oneOf(DataValidator::validTicketNumber(),DataValidator::nullType()), 'error' => ERRORS::INVALID_TICKET ] ] ]; } public function handler() { $user = Controller::getLoggedUser(); $newcontent = Controller::request('content', true); $ticketNumberLog = null; $ticketevent = Ticketevent::getTicketEvent(Controller::request('ticketEventId')); if(!$ticketevent->isNull()) { $ticket = Ticket::getDataStore($ticketevent->ticketId); } else { $ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber')); } if(!Controller::isStaffLogged() && $user->id !== $ticketevent->authorUserId && $user->id !== $ticket->authorId) { throw new RequestException(ERRORS::NO_PERMISSION); } if (!$ticketevent->isNull()) { if($user->id !== $ticketevent->authorUserId) { throw new RequestException(ERRORS::NO_PERMISSION); } } else if ($user->id !== $ticket->authorId) { throw new RequestException(ERRORS::NO_PERMISSION); } if(Controller::isStaffLogged() && !$user->canManageTicket($ticket)) { throw new RequestException(ERRORS::NO_PERMISSION); } if(!$ticketevent->isNull()) { if($ticketevent->type !== "COMMENT" || $ticket->closed || $ticket->getLatestEventOfType("COMMENT")['id'] !== $ticketevent->id) { throw new RequestException(ERRORS::INVALID_TICKET_EVENT); } } else if(sizeof($ticket->getEventsOfType("COMMENT"))) { throw new RequestException(ERRORS::TICKET_CONTENT_CANNOT_BE_EDITED); } if(!$ticketevent->isNull()){ $ticketNumber = Ticket::getTicket($ticketevent->ticketId)->ticketNumber; $ticketevent->content = $newcontent; $ticketevent->editedContent = true; $ticketevent->store(); } else { $ticketNumber = $ticket->ticketNumber; $ticket->content = $newcontent; $ticket->editedContent = true; $ticket->store(); } Log::createLog('EDIT_COMMENT', $ticketNumber); Response::respondSuccess(); } }