user = $user; } public function validations() { return [ 'permission' => 'staff_1', 'requestData' => [ 'ticketNumber' => [ 'validation' => DataValidator::validTicketNumber(), 'error' => ERRORS::INVALID_TICKET ] ] ]; } public function handler() { $ticketNumber = Controller::request('ticketNumber'); $user = ($this->user? $this->user : Controller::getLoggedUser()); $ticket = Ticket::getByTicketNumber($ticketNumber); $owner = $ticket->owner; if(!$user->canManageTicket($ticket)) { throw new RequestException(ERRORS::NO_PERMISSION); } if($owner && ($ticket->isOwner($user) || $user->level > 2)) { if(!$ticket->isAuthor($owner)) { $owner->sharedTicketList->remove($ticket); $owner->store(); } $ticket->owner = null; $ticket->unread = !$ticket->isAuthor($user); $event = Ticketevent::getEvent(Ticketevent::UN_ASSIGN); $event->setProperties(array( 'authorStaff' => $user, 'date' => Date::getCurrentDate(), 'content' => $owner->name )); $ticket->addEvent($event); $ticket->store(); Response::respondSuccess(); } else { throw new RequestException(ERRORS::NO_PERMISSION); } } }