Newer
Older
<?php
/*********************************************************************
ajax.tickets.php
AJAX interface for tickets
Peter Rotich <peter@osticket.com>
http://www.osticket.com
Released under the GNU General Public License WITHOUT ANY WARRANTY.
See LICENSE.TXT for details.
vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/
if(!defined('INCLUDE_DIR')) die('403');
include_once(INCLUDE_DIR.'class.ticket.php');
require_once(INCLUDE_DIR.'class.ajax.php');
require_once(INCLUDE_DIR.'class.note.php');
include_once INCLUDE_DIR . 'class.thread_actions.php';
class TicketsAjaxAPI extends AjaxController {
$limit = isset($_REQUEST['limit']) ? (int) $_REQUEST['limit']:25;
$visibility = Q::any(array(
'staff_id' => $thisstaff->getId(),
'team_id__in' => $thisstaff->teams->values_flat('team_id'),
));
if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts())) {
$visibility->add(array('dept_id__in' => $depts));
}
$hits = TicketModel::objects()
->filter($visibility)
->values('user__default_email__address')
->annotate(array(
'number' => new SqlCode('null'),
'tickets' => SqlAggregate::COUNT('ticket_id', true)))
->limit($limit);
$q = $_REQUEST['q'];
return $this->encode(array());
global $ost;
$hits = $ost->searcher->find($q, $hits)
->order_by(new SqlCode('__relevance__'), QuerySet::DESC);
if (preg_match('/\d{2,}[^*]/', $q, $T = array())) {
$hits = TicketModel::objects()
->values('user__default_email__address', 'number')
->annotate(array(
'tickets' => new SqlCode('1'),
'__relevance__' => new SqlCode(1)
))
->filter($visibility)
->filter(array('number__startswith' => $q))
->limit($limit)
->union($hits);
}
elseif (!count($hits) && preg_match('`\w$`u', $q)) {
// Do wild-card fulltext search
$_REQUEST['q'] = $q.'*';
foreach ($hits as $T) {
$email = $T['user__default_email__address'];
$count = $T['tickets'];
if ($T['number']) {
$tickets[] = array('id'=>$T['number'], 'value'=>$T['number'],
'info'=>"{$T['number']} — {$email}",
'matches'=>$_REQUEST['q']);
}
else {
$tickets[] = array('email'=>$email, 'value'=>$email,
'info'=>"$email ($count)", 'matches'=>$_REQUEST['q']);
}
if(!$cfg || !$cfg->getLockTime() || $cfg->getTicketLockMode() == Lock::MODE_DISABLED)
Http::response(418, $this->encode(array('id'=>0, 'retry'=>false)));
if(!$tid || !is_numeric($tid) || !$thisstaff)
if (!($ticket = Ticket::lookup($tid)) || !$ticket->checkStaffPerm($thisstaff))
return $this->encode(array('id'=>0, 'retry'=>false, 'msg'=>__('Lock denied!')));
if ($ticket->isLocked() && ($lock=$ticket->getLock()) && !$lock->isExpired()) {
/*Note: Ticket->acquireLock does the same logic...but we need it here since we need to know who owns the lock up front*/
//Ticket is locked by someone else.??
if ($lock->getStaffId() != $thisstaff->getId())
return $this->json_encode(array('id'=>0, 'retry'=>false,
'msg' => sprintf(__('Currently locked by %s'),
$lock->getStaff()->getAvatarAndName())
//Ticket already locked by staff...try renewing it.
$lock->renew(); //New clock baby!
Peter Rotich
committed
} elseif(!($lock=$ticket->acquireLock($thisstaff->getId(),$cfg->getLockTime()))) {
//unable to obtain the lock..for some really weired reason!
//Client should watch for possible loop on retries. Max attempts?
return $this->json_encode(array('id'=>0, 'retry'=>true));
Peter Rotich
committed
return $this->json_encode(array(
'id'=>$lock->getId(), 'time'=>$lock->getTime(),
'code' => $lock->getCode()
));
function renewLock($id, $ticketId) {
if (!$id || !is_numeric($id) || !$thisstaff)
Http::response(403, $this->encode(array('id'=>0, 'retry'=>false)));
if (!($lock = Lock::lookup($id)))
Http::response(404, $this->encode(array('id'=>0, 'retry'=>'acquire')));
if (!($ticket = Ticket::lookup($ticketId)) || $ticket->lock_id != $lock->lock_id)
// Ticket / Lock mismatch
Http::response(400, $this->encode(array('id'=>0, 'retry'=>false)));
if (!$lock->getStaffId() || $lock->isExpired())
// Said lock doesn't exist or is is expired — fetch a new lock
return self::acquireLock($ticket->getId());
if ($lock->getStaffId() != $thisstaff->getId())
// user doesn't own the lock anymore??? sorry...try to next time.
Http::response(403, $this->encode(array('id'=>0, 'retry'=>false,
'msg' => sprintf(__('Currently locked by %s'),
$lock->getStaff->getAvatarAndName())
))); //Give up...
// Ensure staff still has access
if (!$ticket->checkStaffPerm($thisstaff))
Http::response(403, $this->encode(array('id'=>0, 'retry'=>false,
'msg' => sprintf(__('You no longer have access to #%s.'),
$ticket->getNumber())
)));
// Renew the lock.
// Failure here is not an issue since the lock is not expired yet.. client need to check time!
$lock->renew();
return $this->encode(array('id'=>$lock->getId(), 'time'=>$lock->getTime(),
'code' => $lock->getCode()));
if (!$id || !is_numeric($id) || !$thisstaff)
Http::response(403, $this->encode(array('id'=>0, 'retry'=>true)));
if (!($lock = Lock::lookup($id)))
Http::response(404, $this->encode(array('id'=>0, 'retry'=>true)));
// You have to own the lock
if ($lock->getStaffId() != $thisstaff->getId()) {
// Can't be expired
if ($lock->isExpired()) {
return 1;
}
function previewTicket ($tid) {
global $thisstaff;
if(!$thisstaff || !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
Http::response(404, __('No such ticket'));
include STAFFINC_DIR . 'templates/ticket-preview.tmpl.php';
function viewUser($tid) {
global $thisstaff;
if(!$thisstaff
|| !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
if(!($user = User::lookup($ticket->getOwnerId())))
Http::response(404, 'Unknown user');
$info = array(
'title' => sprintf(__('Ticket #%s: %s'), $ticket->getNumber(),
Format::htmlchars($user->getName()))
);
ob_start();
include(STAFFINC_DIR . 'templates/user.tmpl.php');
$resp = ob_get_contents();
ob_end_clean();
return $resp;
}
function updateUser($tid) {
global $thisstaff;
if(!$thisstaff
|| !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff)
|| !($user = User::lookup($ticket->getOwnerId())))
Http::response(404, 'No such ticket/user');
$errors = array();
if($user->updateInfo($_POST, $errors, true))
Http::response(201, $user->to_json());
$forms = $user->getForms();
$info = array(
'title' => sprintf(__('Ticket #%s: %s'), $ticket->getNumber(),
Format::htmlchars($user->getName()))
);
ob_start();
include(STAFFINC_DIR . 'templates/user.tmpl.php');
$resp = ob_get_contents();
ob_end_clean();
return $resp;
}
function changeUserForm($tid) {
global $thisstaff;
if(!$thisstaff
|| !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
$user = User::lookup($ticket->getOwnerId());
'title' => sprintf(__('Change user for ticket #%s'), $ticket->getNumber())
return self::_userlookup($user, null, $info);
ob_start();
include(STAFFINC_DIR . 'templates/user-lookup.tmpl.php');
$resp = ob_get_contents();
ob_end_clean();
return $resp;
}
function manageForms($ticket_id) {
$forms = DynamicFormEntry::forTicket($ticket_id);
$info = array('action' => '#tickets/'.Format::htmlchars($ticket_id).'/forms/manage');
include(STAFFINC_DIR . 'templates/form-manage.tmpl.php');
}
function updateForms($ticket_id) {
global $thisstaff;
if (!$thisstaff)
Http::response(403, "Login required");
elseif (!($ticket = Ticket::lookup($ticket_id)))
Http::response(404, "No such ticket");
elseif (!$ticket->checkStaffPerm($thisstaff))
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
Http::response(403, "Access Denied");
elseif (!isset($_POST['forms']))
Http::response(422, "Send updated forms list");
// Add new forms
$forms = DynamicFormEntry::forTicket($ticket_id);
foreach ($_POST['forms'] as $sort => $id) {
$found = false;
foreach ($forms as $e) {
if ($e->get('form_id') == $id) {
$e->set('sort', $sort);
$e->save();
$found = true;
break;
}
}
// New form added
if (!$found && ($new = DynamicForm::lookup($id))) {
$f = $new->instanciate();
$f->set('sort', $sort);
$f->setTicketId($ticket_id);
$f->save();
}
}
// Deleted forms
foreach ($forms as $idx => $e) {
if (!in_array($e->get('form_id'), $_POST['forms']))
$e->delete();
}
Http::response(201, 'Successfully managed');
}
function cannedResponse($tid, $cid, $format='text') {
global $thisstaff, $cfg;
if (!($ticket = Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
if ($cid && !is_numeric($cid)) {
if (!($response=$ticket->getThread()->getVar($cid)))
// Ticket thread variables are assumed to be quotes
$response = "<br/><blockquote>{$response->asVar()}</blockquote><br/>";
if (!$cfg->isRichTextEnabled())
else
$response = Format::viewableImages($response);
// XXX: assuming json format for now.
return Format::json_encode(array('response' => $response));
}
if (!$cfg->isRichTextEnabled())
$format.='.plain';
$varReplacer = function (&$var) use($ticket) {
return $ticket->replaceVars($var);
};
include_once(INCLUDE_DIR.'class.canned.php');
if (!$cid || !($canned=Canned::lookup($cid)) || !$canned->isEnabled())
Http::response(404, 'No such premade reply');
return $canned->getFormattedResponse($format, $varReplacer);
}
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
function transfer($tid) {
global $thisstaff;
if (!($ticket=Ticket::lookup($tid)))
Http::response(404, __('No such ticket'));
if (!$ticket->checkStaffPerm($thisstaff, Ticket::PERM_TRANSFER))
Http::response(403, __('Permission Denied'));
$errors = array();
$info = array(
':title' => sprintf(__('Ticket #%s: %s'),
$ticket->getNumber(),
__('Transfer')),
':action' => sprintf('#tickets/%d/transfer',
$ticket->getId())
);
$form = $ticket->getTransferForm($_POST);
if ($_POST && $form->isValid()) {
if ($ticket->transfer($form, $errors)) {
$_SESSION['::sysmsgs']['msg'] = sprintf(
__('%s successfully'),
sprintf(
__('%s transferred to %s department'),
__('Ticket'),
$ticket->getDept()
)
);
Http::response(201, $ticket->getId());
}
$form->addErrors($errors);
$info['error'] = $errors['err'] ?: __('Unable to transfer ticket');
}
$info['dept_id'] = $info['dept_id'] ?: $ticket->getDeptId();
include STAFFINC_DIR . 'templates/transfer.tmpl.php';
}
function assign($tid, $target=null) {
global $thisstaff;
if (!($ticket=Ticket::lookup($tid)))
Http::response(404, __('No such ticket'));
if (!$ticket->checkStaffPerm($thisstaff, Ticket::PERM_ASSIGN)
|| !($form = $ticket->getAssignmentForm($_POST,
array('target' => $target))))
Http::response(403, __('Permission Denied'));
$errors = array();
$info = array(
':title' => sprintf(__('Ticket #%s: %s'),
$ticket->getNumber(),
sprintf('%s %s',
$ticket->isAssigned() ?
__('Reassign') : __('Assign'),
!strcasecmp($target, 'agents') ?
__('to an Agent') : __('to a Team')
)),
':action' => sprintf('#tickets/%d/assign%s',
$ticket->getId(),
if ($ticket->getStaffId() == $thisstaff->getId())
$assigned = __('you');
else
$assigned = $ticket->getAssigned();
$info['notice'] = sprintf(__('%s is currently assigned to <b>%s</b>'),
__('This ticket'),
Format::htmlchars($assigned)
);
}
if ($_POST && $form->isValid()) {
if ($ticket->assign($form, $errors)) {
$_SESSION['::sysmsgs']['msg'] = sprintf(
__('%s successfully'),
sprintf(
__('%s assigned to %s'),
__('Ticket'),
$form->getAssignee())
);
Http::response(201, $ticket->getId());
}
$form->addErrors($errors);
$info['error'] = $errors['err'] ?: __('Unable to assign ticket');
}
include STAFFINC_DIR . 'templates/assign.tmpl.php';
}
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
function claim($tid) {
global $thisstaff;
if (!($ticket=Ticket::lookup($tid)))
Http::response(404, __('No such ticket'));
// Check for premissions and such
if (!$ticket->checkStaffPerm($thisstaff, Ticket::PERM_ASSIGN)
|| !$ticket->isOpen() // Claim only open
|| $ticket->getStaff() // cannot claim assigned ticket
|| !($form = $ticket->getClaimForm($_POST)))
Http::response(403, __('Permission Denied'));
$errors = array();
$info = array(
':title' => sprintf(__('Ticket #%s: %s'),
$ticket->getNumber(),
__('Claim')),
':action' => sprintf('#tickets/%d/claim',
$ticket->getId()),
);
if ($ticket->isAssigned()) {
if ($ticket->getStaffId() == $thisstaff->getId())
$assigned = __('you');
else
$assigneed = $ticket->getAssigned();
$info['error'] = sprintf(__('%s is currently assigned to <b>%s</b>'),
__('This ticket'),
$assigned);
} else {
$info['warn'] = sprintf(__('Are you sure you want to claim %s?'),
__('this ticket'));
}
if ($_POST && $form->isValid()) {
if ($ticket->claim($form, $errors)) {
$_SESSION['::sysmsgs']['msg'] = sprintf(
__('%s successfully'),
sprintf(
__('%s assigned to %s'),
__('Ticket'),
__('you'))
);
Http::response(201, $ticket->getId());
}
$form->addErrors($errors);
$info['error'] = $errors['err'] ?: __('Unable to claim ticket');
}
$verb = sprintf('%s, %s', __('Yes'), __('Claim'));
include STAFFINC_DIR . 'templates/assign.tmpl.php';
}
global $thisstaff;
$actions = array(
'transfer' => array(
'verbed' => __('transferred'),
),
'assign' => array(
'verbed' => __('assigned'),
),
'claim' => array(
'verbed' => __('assigned'),
),
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
'delete' => array(
'verbed' => __('deleted'),
),
'reopen' => array(
'verbed' => __('reopen'),
),
'close' => array(
'verbed' => __('closed'),
),
);
if (!isset($actions[$action]))
Http::response(404, __('Unknown action'));
$info = $errors = $e = array();
$inc = null;
$i = $count = 0;
if ($_POST) {
if (!$_POST['tids'] || !($count=count($_POST['tids'])))
$errors['err'] = sprintf(
__('You must select at least %s.'),
__('one ticket'));
} else {
$count = $_REQUEST['count'];
}
switch ($action) {
case 'assign':
$inc = 'assign.tmpl.php';
$info[':action'] = '#tickets/mass/assign';
$info[':title'] = sprintf('Assign %s',
_N('selected ticket', 'selected tickets', $count));
$assignCB = function($t, $f, $e) {
return $t->assign($f, $e);
};
switch ($w) {
case 'agents':
$prompt = __('Select an Agent');
foreach (Staff::getAvailableStaffMembers() as $id => $name)
$assignees['s'.$id] = $name;
if (!$assignees)
$info['warn'] = __('No agents available for assignment');
$prompt = __('Select a Team');
foreach (Team::getActiveTeams() as $id => $name)
$assignees['t'.$id] = $name;
if (!$assignees)
$info['warn'] = __('No teams available for assignment');
break;
case 'me':
$info[':action'] = '#tickets/mass/claim';
$info[':title'] = sprintf('Claim %s',
_N('selected ticket', 'selected tickets', $count));
$info['warn'] = sprintf(__('Are you sure you want to claim %s?'),
_N('selected ticket', 'selected tickets', $count));
$verb = sprintf('%s, %s', __('Yes'), __('Claim'));
$id = sprintf('s%s', $thisstaff->getId());
$assignees = array($id => $thisstaff->getName());
$vars = $_POST ?: array('assignee' => array($id));
$form = ClaimForm::instantiate($vars);
$assignCB = function($t, $f, $e) {
return $t->claim($f, $e);
};
break;
}
$form->setAssignees($assignees);
if ($prompt && ($f=$form->getField('assignee')))
$f->configure('prompt', $prompt);
if ($_POST && $form->isValid()) {
foreach ($_POST['tids'] as $tid) {
if (($t=Ticket::lookup($tid))
// Make sure the agent is allowed to
// access and assign the task.
&& $t->checkStaffPerm($thisstaff, Ticket::PERM_ASSIGN)
// Do the assignment
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
)
$i++;
}
if (!$i) {
$info['error'] = sprintf(
__('Unable to %1$s %2$s'),
__('assign'),
_N('selected ticket', 'selected tickets', $count));
}
}
break;
case 'transfer':
$inc = 'transfer.tmpl.php';
$info[':action'] = '#tickets/mass/transfer';
$info[':title'] = sprintf('Transfer %s',
_N('selected ticket', 'selected tickets', $count));
$form = TransferForm::instantiate($_POST);
if ($_POST && $form->isValid()) {
foreach ($_POST['tids'] as $tid) {
if (($t=Ticket::lookup($tid))
// Make sure the agent is allowed to
// access and transfer the task.
&& $t->checkStaffPerm($thisstaff, Ticket::PERM_TRANSFER)
// Do the transfer
&& $t->transfer($form, $e)
)
$i++;
}
if (!$i) {
$info['error'] = sprintf(
__('Unable to %1$s %2$s'),
__('transfer'),
_N('selected ticket', 'selected tickets', $count));
}
}
break;
case 'delete':
$inc = 'delete.tmpl.php';
$info[':action'] = '#tickets/mass/delete';
$info[':title'] = sprintf('Delete %s',
_N('selected ticket', 'selected tickets', $count));
$info[':placeholder'] = sprintf(__(
'Optional reason for deleting %s'),
_N('selected ticket', 'selected tickets', $count));
$info['warn'] = sprintf(__(
'Are you sure you want to DELETE %s?'),
_N('selected ticket', 'selected tickets', $count));
$info[':extra'] = sprintf('<strong>%s</strong>',
__('Deleted tickets CANNOT be recovered, including any associated attachments.')
);
// Generic permission check.
if (!$thisstaff->hasPerm(Ticket::PERM_DELETE, false))
$errors['err'] = sprintf(
__('You do not have permission to %s %s'),
__('delete'),
__('tickets'));
if ($_POST && !$errors) {
foreach ($_POST['tids'] as $tid) {
if (($t=Ticket::lookup($tid))
&& $t->checkStaffPerm($thisstaff, Ticket::PERM_DELETE)
&& $t->delete($_POST['comments'], $e)
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
)
$i++;
}
if (!$i) {
$info['error'] = sprintf(
__('Unable to %1$s %2$s'),
__('delete'),
_N('selected ticket', 'selected tickets', $count));
}
}
break;
default:
Http::response(404, __('Unknown action'));
}
if ($_POST && $i) {
// Assume success
if ($i==$count) {
$msg = sprintf(__('Successfully %s %s.'),
$actions[$action]['verbed'],
sprintf(__('%1$d %2$s'),
$count,
_N('selected ticket', 'selected tickets', $count))
);
$_SESSION['::sysmsgs']['msg'] = $msg;
} else {
$warn = sprintf(
__('%1$d of %2$d %3$s %4$s'), $i, $count,
_N('selected ticket', 'selected tickets',
$count),
$actions[$action]['verbed']);
$_SESSION['::sysmsgs']['warn'] = $warn;
}
Http::response(201, 'processed');
} elseif($_POST && !isset($info['error'])) {
$info['error'] = $errors['err'] ?: sprintf(
__('Unable to %1$s %2$s'),
__('process'),
_N('selected ticket', 'selected tickets', $count));
}
if ($_POST)
$info = array_merge($info, Format::htmlchars($_POST));
include STAFFINC_DIR . "templates/$inc";
// Copy checked tickets to the form.
echo "
<script type=\"text/javascript\">
$(function() {
$('form#tickets input[name=\"tids[]\"]:checkbox:checked')
.each(function() {
$('<input>')
.prop('type', 'hidden')
.attr('name', 'tids[]')
.val($(this).val())
.appendTo('form.mass-action');
});
});
</script>";
}
function changeTicketStatus($tid, $status, $id=0) {
global $thisstaff;
if (!$thisstaff)
Http::response(403, 'Access denied');
elseif (!$tid
|| !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
$role = $thisstaff->getRole($ticket->getDeptId());
switch($status) {
case 'open':
case 'reopen':
$state = 'open';
break;
case 'close':
if (!$role->hasPerm(TicketModel::PERM_CLOSE))
Http::response(403, 'Access denied');
$state = 'closed';
// Check if ticket is closeable
if (is_string($closeable=$ticket->isCloseable()))
$info['warn'] = $closeable;
if (!$role->hasPerm(TicketModel::PERM_DELETE))
Http::response(403, 'Access denied');
$state = 'deleted';
break;
default:
$info['warn'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
return self::_changeTicketStatus($ticket, $state, $info);
global $thisstaff, $ost;
if (!$thisstaff)
Http::response(403, 'Access denied');
elseif (!$tid
|| !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
if (!$_POST['status_id']
|| !($status= TicketStatus::lookup($_POST['status_id'])))
$errors['status_id'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
elseif ($status->getId() == $ticket->getStatusId())
$errors['err'] = sprintf(__('Ticket already set to %s status'),
__($status->getName()));
elseif (($role = $thisstaff->getRole($ticket->getDeptId()))) {
// Make sure the agent has permission to set the status
switch(mb_strtolower($status->getState())) {
case 'open':
if (!$role->hasPerm(TicketModel::PERM_CLOSE)
&& !$role->hasPerm(TicketModel::PERM_CREATE))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to reopen tickets'));
if (!$role->hasPerm(TicketModel::PERM_CLOSE))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to resolve/close tickets'));
if (!$role->hasPerm(TicketModel::PERM_DELETE))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to archive/delete tickets'));
default:
$errors['err'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
} else {
$errors['err'] = __('Access denied');
if (!$errors && $ticket->setStatus($status, $_REQUEST['comments'], $errors)) {
$msg = sprintf('%s %s',
sprintf(__('Ticket #%s'), $ticket->getNumber()),
__('deleted sucessfully')
);
} elseif ($state != 'open') {
$msg = sprintf(__('%s status changed to %s'),
sprintf(__('Ticket #%s'), $ticket->getNumber()),
$status->getName());
$status->getName());
}
$_SESSION['::sysmsgs']['msg'] = $msg;
} elseif (!$errors['err']) {
$errors['err'] = __('Error updating ticket status');
$state = $state ?: $ticket->getStatus()->getState();
$info['status_id'] = $status
? $status->getId() : $ticket->getStatusId();
return self::_changeTicketStatus($ticket, $state, $info, $errors);
global $thisstaff, $cfg;
if (!$thisstaff)
Http::response(403, 'Access denied');
$state = null;
$info = array();
switch($status) {
case 'open':
case 'reopen':
$state = 'open';
break;
case 'close':
if (!$thisstaff->hasPerm(TicketModel::PERM_CLOSE, false))
Http::response(403, 'Access denied');
$state = 'closed';
break;
case 'delete':
if (!$thisstaff->hasPerm(TicketModel::PERM_DELETE, false))
Http::response(403, 'Access denied');
$state = 'deleted';
break;
default:
$info['warn'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
return self::_changeSelectedTicketsStatus($state, $info);
$errors['err'] = sprintf('%s %s',
sprintf(__('You do not have permission %s.'),
__('to mass manage tickets')),
__('Contact admin for such access'));
elseif (!$_REQUEST['tids'] || !count($_REQUEST['tids']))
$errors['err']=sprintf(__('You must select at least %s.'),
__('one ticket'));
elseif (!($status= TicketStatus::lookup($_REQUEST['status_id'])))
$errors['status_id'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
elseif (!$errors) {
// Make sure the agent has permission to set the status
switch(mb_strtolower($status->getState())) {
case 'open':
if (!$thisstaff->hasPerm(TicketModel::PERM_CLOSE, false)
&& !$thisstaff->hasPerm(TicketModel::PERM_CREATE, false))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to reopen tickets'));
if (!$thisstaff->hasPerm(TicketModel::PERM_CLOSE, false))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to resolve/close tickets'));
if (!$thisstaff->hasPerm(TicketModel::PERM_DELETE, false))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to archive/delete tickets'));
default:
$errors['err'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
if (!$errors) {
$i = 0;
$comments = $_REQUEST['comments'];
foreach ($_REQUEST['tids'] as $tid) {
if (($ticket=Ticket::lookup($tid))
&& $ticket->getStatusId() != $status->getId()
&& $ticket->checkStaffPerm($thisstaff)
&& $ticket->setStatus($status, $comments, $errors))
if (!$i) {
$errors['err'] = $errors['err']
?: sprintf(__('Unable to change status for %s'),
_N('the selected ticket', 'any of the selected tickets', $count));
if (!strcasecmp($status->getState(), 'deleted')) {
$msg = sprintf(__( 'Successfully deleted %s.'),
_N('selected ticket', 'selected tickets',
$count));
} else {
$msg = sprintf(
__(
/* 1$ will be 'selected ticket(s)', 2$ is the new status */
_N('selected ticket', 'selected tickets',
$count),
$status->getName());
if (!strcasecmp($status->getState(), 'deleted')) {
$warn = sprintf(__('Successfully deleted %s.'),
sprintf(__('%1$d of %2$d selected tickets'),