tyler.durden
/
opensupports
mirror of https://github.com/opensupports/opensupports.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
opensupports/server/controllers/ticket/delete.php

64 lines
1.6 KiB
PHP
Raw Blame History

<?php
use Respect\Validation\Validator as DataValidator;
DataValidator::with('CustomValidations', true);
/**
* @api {post} /ticket/delete Delete a ticket
* @apiVersion 4.7.0
*
* @apiName Delete ticket
*
* @apiGroup Ticket
*
* @apiDescription This path deletes a ticket.
*
* @apiPermission user
*
* @apiParam {Number} ticketNumber The number of the ticket to delete.
*
* @apiUse NO_PERMISSION
* @apiUse INVALID_TICKET
*
* @apiSuccess {Object} data Empty object
*ulp d
*/
class DeleteController extends Controller {
const PATH = '/delete';
const METHOD = 'POST';
public function validations() {
return [
'permission' => 'user',
'requestData' => [
'ticketNumber' => [
'validation' => DataValidator::validTicketNumber(),
'error' => ERRORS::INVALID_TICKET
]
]
];
}
public function handler() {
$user = Controller::getLoggedUser();
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
$ticketAuthor = $ticket->authorToArray();
if($ticket->owner) {
throw new RequestException(ERRORS::NO_PERMISSION);
}
if(Controller::isStaffLogged() && $user->level < 3 && ($user->email !== $ticketAuthor['email'])) {
throw new RequestException(ERRORS::NO_PERMISSION);
}
if(!Controller::isStaffLogged() && ($user->email !== $ticketAuthor['email'] || $ticketAuthor['staff'])) {
throw new RequestException(ERRORS::NO_PERMISSION);
}
$ticket->delete();
Response::respondSuccess();
}
}
Reference in New Issue View Git Blame Copy Permalink