Newer
Older
<?php
/*********************************************************************
ajax.tickets.php
AJAX interface for tickets
Peter Rotich <peter@osticket.com>
http://www.osticket.com
Released under the GNU General Public License WITHOUT ANY WARRANTY.
See LICENSE.TXT for details.
vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/
if(!defined('INCLUDE_DIR')) die('403');
include_once(INCLUDE_DIR.'class.ticket.php');
require_once(INCLUDE_DIR.'class.ajax.php');
require_once(INCLUDE_DIR.'class.note.php');
include_once INCLUDE_DIR . 'class.thread_actions.php';
class TicketsAjaxAPI extends AjaxController {
$limit = isset($_REQUEST['limit']) ? (int) $_REQUEST['limit']:25;
$visibility = Q::any(array(
'staff_id' => $thisstaff->getId(),
'team_id__in' => $thisstaff->teams->values_flat('team_id'),
));
if (!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts())) {
$visibility->add(array('dept_id__in' => $depts));
}
$hits = TicketModel::objects()
->filter($visibility)
->values('user__default_email__address')
->annotate(array(
'number' => new SqlCode('null'),
'tickets' => SqlAggregate::COUNT('ticket_id', true)))
->limit($limit);
$q = $_REQUEST['q'];
return $this->encode(array());
global $ost;
$hits = $ost->searcher->find($q, $hits)
->order_by(new SqlCode('__relevance__'), QuerySet::DESC);
if (preg_match('/\d{2,}[^*]/', $q, $T = array())) {
$hits = TicketModel::objects()
->values('user__default_email__address', 'number')
->annotate(array(
'tickets' => new SqlCode('1'),
'__relevance__' => new SqlCode(1)
))
->filter($visibility)
->filter(array('number__startswith' => $q))
->limit($limit)
->union($hits);
}
elseif (!count($hits) && preg_match('`\w$`u', $q)) {
// Do wild-card fulltext search
$_REQUEST['q'] = $q.'*';
foreach ($hits as $T) {
$email = $T['user__default_email__address'];
$count = $T['tickets'];
if ($T['number']) {
$tickets[] = array('id'=>$T['number'], 'value'=>$T['number'],
'info'=>"{$T['number']} — {$email}",
'matches'=>$_REQUEST['q']);
}
else {
$tickets[] = array('email'=>$email, 'value'=>$email,
'info'=>"$email ($count)", 'matches'=>$_REQUEST['q']);
}
if(!$cfg || !$cfg->getLockTime() || $cfg->getTicketLockMode() == Lock::MODE_DISABLED)
Http::response(418, $this->encode(array('id'=>0, 'retry'=>false)));
if(!$tid || !is_numeric($tid) || !$thisstaff)
if (!($ticket = Ticket::lookup($tid)) || !$ticket->checkStaffPerm($thisstaff))
return $this->encode(array('id'=>0, 'retry'=>false, 'msg'=>__('Lock denied!')));
if ($ticket->isLocked() && ($lock=$ticket->getLock()) && !$lock->isExpired()) {
/*Note: Ticket->acquireLock does the same logic...but we need it here since we need to know who owns the lock up front*/
//Ticket is locked by someone else.??
if ($lock->getStaffId() != $thisstaff->getId())
return $this->json_encode(array('id'=>0, 'retry'=>false,
'msg' => sprintf(__('Currently locked by %s'),
$lock->getStaff()->getAvatarAndName())
//Ticket already locked by staff...try renewing it.
$lock->renew(); //New clock baby!
Peter Rotich
committed
} elseif(!($lock=$ticket->acquireLock($thisstaff->getId(),$cfg->getLockTime()))) {
//unable to obtain the lock..for some really weired reason!
//Client should watch for possible loop on retries. Max attempts?
return $this->json_encode(array('id'=>0, 'retry'=>true));
Peter Rotich
committed
return $this->json_encode(array(
'id'=>$lock->getId(), 'time'=>$lock->getTime(),
'code' => $lock->getCode()
));
function renewLock($id, $ticketId) {
if (!$id || !is_numeric($id) || !$thisstaff)
Http::response(403, $this->encode(array('id'=>0, 'retry'=>false)));
if (!($lock = Lock::lookup($id)))
Http::response(404, $this->encode(array('id'=>0, 'retry'=>'acquire')));
if (!($ticket = Ticket::lookup($ticketId)) || $ticket->lock_id != $lock->lock_id)
// Ticket / Lock mismatch
Http::response(400, $this->encode(array('id'=>0, 'retry'=>false)));
if (!$lock->getStaffId() || $lock->isExpired())
// Said lock doesn't exist or is is expired — fetch a new lock
return self::acquireLock($ticket->getId());
if ($lock->getStaffId() != $thisstaff->getId())
// user doesn't own the lock anymore??? sorry...try to next time.
Http::response(403, $this->encode(array('id'=>0, 'retry'=>false,
'msg' => sprintf(__('Currently locked by %s'),
$lock->getStaff->getAvatarAndName())
))); //Give up...
// Ensure staff still has access
if (!$ticket->checkStaffPerm($thisstaff))
Http::response(403, $this->encode(array('id'=>0, 'retry'=>false,
'msg' => sprintf(__('You no longer have access to #%s.'),
$ticket->getNumber())
)));
// Renew the lock.
// Failure here is not an issue since the lock is not expired yet.. client need to check time!
$lock->renew();
return $this->encode(array('id'=>$lock->getId(), 'time'=>$lock->getTime(),
'code' => $lock->getCode()));
if (!$id || !is_numeric($id) || !$thisstaff)
Http::response(403, $this->encode(array('id'=>0, 'retry'=>true)));
if (!($lock = Lock::lookup($id)))
Http::response(404, $this->encode(array('id'=>0, 'retry'=>true)));
// You have to own the lock
if ($lock->getStaffId() != $thisstaff->getId()) {
// Can't be expired
if ($lock->isExpired()) {
return 1;
}
function previewTicket ($tid) {
global $thisstaff;
if(!$thisstaff || !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
Http::response(404, __('No such ticket'));
include STAFFINC_DIR . 'templates/ticket-preview.tmpl.php';
function viewUser($tid) {
global $thisstaff;
if(!$thisstaff
|| !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
if(!($user = User::lookup($ticket->getOwnerId())))
Http::response(404, 'Unknown user');
$info = array(
'title' => sprintf(__('Ticket #%s: %s'), $ticket->getNumber(),
Format::htmlchars($user->getName()))
);
ob_start();
include(STAFFINC_DIR . 'templates/user.tmpl.php');
$resp = ob_get_contents();
ob_end_clean();
return $resp;
}
function updateUser($tid) {
global $thisstaff;
if(!$thisstaff
|| !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff)
|| !($user = User::lookup($ticket->getOwnerId())))
Http::response(404, 'No such ticket/user');
$errors = array();
if($user->updateInfo($_POST, $errors, true))
Http::response(201, $user->to_json());
$forms = $user->getForms();
$info = array(
'title' => sprintf(__('Ticket #%s: %s'), $ticket->getNumber(),
Format::htmlchars($user->getName()))
);
ob_start();
include(STAFFINC_DIR . 'templates/user.tmpl.php');
$resp = ob_get_contents();
ob_end_clean();
return $resp;
}
function changeUserForm($tid) {
global $thisstaff;
if(!$thisstaff
|| !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
$user = User::lookup($ticket->getOwnerId());
'title' => sprintf(__('Change user for ticket #%s'), $ticket->getNumber())
return self::_userlookup($user, null, $info);
ob_start();
include(STAFFINC_DIR . 'templates/user-lookup.tmpl.php');
$resp = ob_get_contents();
ob_end_clean();
return $resp;
}
function manageForms($ticket_id) {
global $thisstaff;
if (!$thisstaff)
Http::response(403, "Login required");
elseif (!($ticket = Ticket::lookup($ticket_id)))
Http::response(404, "No such ticket");
elseif (!$ticket->checkStaffPerm($thisstaff, Ticket::PERM_EDIT))
Http::response(403, "Access Denied");
$forms = DynamicFormEntry::forTicket($ticket->getId());
$info = array('action' => '#tickets/'.$ticket->getId().'/forms/manage');
include(STAFFINC_DIR . 'templates/form-manage.tmpl.php');
}
function updateForms($ticket_id) {
global $thisstaff;
if (!$thisstaff)
Http::response(403, "Login required");
elseif (!($ticket = Ticket::lookup($ticket_id)))
Http::response(404, "No such ticket");
elseif (!$ticket->checkStaffPerm($thisstaff, Ticket::PERM_EDIT))
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
Http::response(403, "Access Denied");
elseif (!isset($_POST['forms']))
Http::response(422, "Send updated forms list");
// Add new forms
$forms = DynamicFormEntry::forTicket($ticket_id);
foreach ($_POST['forms'] as $sort => $id) {
$found = false;
foreach ($forms as $e) {
if ($e->get('form_id') == $id) {
$e->set('sort', $sort);
$e->save();
$found = true;
break;
}
}
// New form added
if (!$found && ($new = DynamicForm::lookup($id))) {
$f = $new->instanciate();
$f->set('sort', $sort);
$f->setTicketId($ticket_id);
$f->save();
}
}
// Deleted forms
foreach ($forms as $idx => $e) {
if (!in_array($e->get('form_id'), $_POST['forms']))
$e->delete();
}
Http::response(201, 'Successfully managed');
}
function cannedResponse($tid, $cid, $format='text') {
global $thisstaff, $cfg;
if (!($ticket = Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
if ($cid && !is_numeric($cid)) {
if (!($response=$ticket->getThread()->getVar($cid)))
// Ticket thread variables are assumed to be quotes
$response = "<br/><blockquote>{$response->asVar()}</blockquote><br/>";
if (!$cfg->isRichTextEnabled())
else
$response = Format::viewableImages($response);
// XXX: assuming json format for now.
return Format::json_encode(array('response' => $response));
}
if (!$cfg->isRichTextEnabled())
$format.='.plain';
$varReplacer = function (&$var) use($ticket) {
return $ticket->replaceVars($var);
};
include_once(INCLUDE_DIR.'class.canned.php');
if (!$cid || !($canned=Canned::lookup($cid)) || !$canned->isEnabled())
Http::response(404, 'No such premade reply');
return $canned->getFormattedResponse($format, $varReplacer);
}
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
function transfer($tid) {
global $thisstaff;
if (!($ticket=Ticket::lookup($tid)))
Http::response(404, __('No such ticket'));
if (!$ticket->checkStaffPerm($thisstaff, Ticket::PERM_TRANSFER))
Http::response(403, __('Permission Denied'));
$errors = array();
$info = array(
':title' => sprintf(__('Ticket #%s: %s'),
$ticket->getNumber(),
__('Transfer')),
':action' => sprintf('#tickets/%d/transfer',
$ticket->getId())
);
$form = $ticket->getTransferForm($_POST);
if ($_POST && $form->isValid()) {
if ($ticket->transfer($form, $errors)) {
$_SESSION['::sysmsgs']['msg'] = sprintf(
__('%s successfully'),
sprintf(
__('%s transferred to %s department'),
__('Ticket'),
$ticket->getDept()
)
);
Http::response(201, $ticket->getId());
}
$form->addErrors($errors);
$info['error'] = $errors['err'] ?: __('Unable to transfer ticket');
}
$info['dept_id'] = $info['dept_id'] ?: $ticket->getDeptId();
include STAFFINC_DIR . 'templates/transfer.tmpl.php';
}
function assign($tid, $target=null) {
global $thisstaff;
if (!($ticket=Ticket::lookup($tid)))
Http::response(404, __('No such ticket'));
if (!$ticket->checkStaffPerm($thisstaff, Ticket::PERM_ASSIGN)
|| !($form = $ticket->getAssignmentForm($_POST,
array('target' => $target))))
Http::response(403, __('Permission Denied'));
$errors = array();
$info = array(
':title' => sprintf(__('Ticket #%s: %s'),
$ticket->getNumber(),
sprintf('%s %s',
$ticket->isAssigned() ?
__('Reassign') : __('Assign'),
!strcasecmp($target, 'agents') ?
__('to an Agent') : __('to a Team')
)),
':action' => sprintf('#tickets/%d/assign%s',
$ticket->getId(),
if ($ticket->getStaffId() == $thisstaff->getId())
$assigned = __('you');
else
$assigned = $ticket->getAssigned();
$info['notice'] = sprintf(__('%s is currently assigned to <b>%s</b>'),
__('This ticket'),
Format::htmlchars($assigned)
);
}
if ($_POST && $form->isValid()) {
if ($ticket->assign($form, $errors)) {
$_SESSION['::sysmsgs']['msg'] = sprintf(
__('%s successfully'),
sprintf(
__('%s assigned to %s'),
__('Ticket'),
$form->getAssignee())
);
Http::response(201, $ticket->getId());
}
$form->addErrors($errors);
$info['error'] = $errors['err'] ?: __('Unable to assign ticket');
}
include STAFFINC_DIR . 'templates/assign.tmpl.php';
}
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
function claim($tid) {
global $thisstaff;
if (!($ticket=Ticket::lookup($tid)))
Http::response(404, __('No such ticket'));
// Check for premissions and such
if (!$ticket->checkStaffPerm($thisstaff, Ticket::PERM_ASSIGN)
|| !$ticket->isOpen() // Claim only open
|| $ticket->getStaff() // cannot claim assigned ticket
|| !($form = $ticket->getClaimForm($_POST)))
Http::response(403, __('Permission Denied'));
$errors = array();
$info = array(
':title' => sprintf(__('Ticket #%s: %s'),
$ticket->getNumber(),
__('Claim')),
':action' => sprintf('#tickets/%d/claim',
$ticket->getId()),
);
if ($ticket->isAssigned()) {
if ($ticket->getStaffId() == $thisstaff->getId())
$assigned = __('you');
else
$assigneed = $ticket->getAssigned();
$info['error'] = sprintf(__('%s is currently assigned to <b>%s</b>'),
__('This ticket'),
$assigned);
} else {
$info['warn'] = sprintf(__('Are you sure you want to CLAIM %s?'),
}
if ($_POST && $form->isValid()) {
if ($ticket->claim($form, $errors)) {
$_SESSION['::sysmsgs']['msg'] = sprintf(
__('%s successfully'),
sprintf(
__('%s assigned to %s'),
__('Ticket'),
__('you'))
);
Http::response(201, $ticket->getId());
}
$form->addErrors($errors);
$info['error'] = $errors['err'] ?: __('Unable to claim ticket');
}
$verb = sprintf('%s, %s', __('Yes'), __('Claim'));
include STAFFINC_DIR . 'templates/assign.tmpl.php';
}
$actions = array(
'transfer' => array(
'verbed' => __('transferred'),
),
'assign' => array(
'verbed' => __('assigned'),
),
'claim' => array(
'verbed' => __('assigned'),
),
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
'delete' => array(
'verbed' => __('deleted'),
),
'reopen' => array(
'verbed' => __('reopen'),
),
'close' => array(
'verbed' => __('closed'),
),
);
if (!isset($actions[$action]))
Http::response(404, __('Unknown action'));
$info = $errors = $e = array();
$inc = null;
$i = $count = 0;
if ($_POST) {
if (!$_POST['tids'] || !($count=count($_POST['tids'])))
$errors['err'] = sprintf(
__('You must select at least %s.'),
__('one ticket'));
} else {
$count = $_REQUEST['count'];
}
switch ($action) {
$info[':title'] = sprintf('Assign %s',
_N('selected ticket', 'selected tickets', $count));
$assignCB = function($t, $f, $e) {
return $t->assign($f, $e);
};
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
$depts = array();
$tids = $_POST['tids'] ?: array_filter(explode(',', $_REQUEST['tids']));
if ($tids) {
$tickets = TicketModel::objects()
->distinct('dept_id')
->filter(array('ticket_id__in' => $tids));
$depts = $tickets->values_flat('dept_id');
}
$members = Staff::objects()
->distinct('staff_id')
->filter(array(
'onvacation' => 0,
'isactive' => 1,
)
);
if ($depts) {
$members->filter(Q::any( array(
'dept_id__in' => $depts,
Q::all(array(
'dept_access__dept__id__in' => $depts,
Q::not(array('dept_access__dept__flags__hasbit'
=> Dept::FLAG_ASSIGN_MEMBERS_ONLY))
))
)));
}
switch ($cfg->getAgentNameFormat()) {
case 'last':
case 'lastfirst':
case 'legal':
$members->order_by('lastname', 'firstname');
break;
default:
$members->order_by('firstname', 'lastname');
}
foreach ($members as $member)
$assignees['s'.$member->getId()] = $member->getName();
if (!$assignees)
$info['warn'] = __('No agents available for assignment');
$prompt = __('Select a Team');
foreach (Team::getActiveTeams() as $id => $name)
$assignees['t'.$id] = $name;
if (!$assignees)
$info['warn'] = __('No teams available for assignment');
break;
case 'me':
$info[':action'] = '#tickets/mass/claim';
$info[':title'] = sprintf('Claim %s',
_N('selected ticket', 'selected tickets', $count));
$info['warn'] = sprintf(
__('Are you sure you want to CLAIM %s?'),
_N('selected ticket', 'selected tickets', $count));
$verb = sprintf('%s, %s', __('Yes'), __('Claim'));
$id = sprintf('s%s', $thisstaff->getId());
$assignees = array($id => $thisstaff->getName());
$vars = $_POST ?: array('assignee' => array($id));
$form = ClaimForm::instantiate($vars);
$assignCB = function($t, $f, $e) {
return $t->claim($f, $e);
};
break;
}
$form->setAssignees($assignees);
if ($prompt && ($f=$form->getField('assignee')))
$f->configure('prompt', $prompt);
if ($_POST && $form->isValid()) {
foreach ($_POST['tids'] as $tid) {
if (($t=Ticket::lookup($tid))
// Make sure the agent is allowed to
// access and assign the task.
&& $t->checkStaffPerm($thisstaff, Ticket::PERM_ASSIGN)
// Do the assignment
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
)
$i++;
}
if (!$i) {
$info['error'] = sprintf(
__('Unable to %1$s %2$s'),
__('assign'),
_N('selected ticket', 'selected tickets', $count));
}
}
break;
case 'transfer':
$inc = 'transfer.tmpl.php';
$info[':action'] = '#tickets/mass/transfer';
$info[':title'] = sprintf('Transfer %s',
_N('selected ticket', 'selected tickets', $count));
$form = TransferForm::instantiate($_POST);
if ($_POST && $form->isValid()) {
foreach ($_POST['tids'] as $tid) {
if (($t=Ticket::lookup($tid))
// Make sure the agent is allowed to
// access and transfer the task.
&& $t->checkStaffPerm($thisstaff, Ticket::PERM_TRANSFER)
// Do the transfer
&& $t->transfer($form, $e)
)
$i++;
}
if (!$i) {
$info['error'] = sprintf(
__('Unable to %1$s %2$s'),
__('transfer'),
_N('selected ticket', 'selected tickets', $count));
}
}
break;
case 'delete':
$inc = 'delete.tmpl.php';
$info[':action'] = '#tickets/mass/delete';
$info[':title'] = sprintf('Delete %s',
_N('selected ticket', 'selected tickets', $count));
$info[':placeholder'] = sprintf(__(
'Optional reason for deleting %s'),
_N('selected ticket', 'selected tickets', $count));
$info['warn'] = sprintf(__(
'Are you sure you want to DELETE %s?'),
_N('selected ticket', 'selected tickets', $count));
$info[':extra'] = sprintf('<strong>%s</strong>',
__('Deleted tickets CANNOT be recovered, including any associated attachments.')
);
// Generic permission check.
if (!$thisstaff->hasPerm(Ticket::PERM_DELETE, false))
$errors['err'] = sprintf(
__('You do not have permission to %s %s'),
__('delete'),
__('tickets'));
if ($_POST && !$errors) {
foreach ($_POST['tids'] as $tid) {
if (($t=Ticket::lookup($tid))
&& $t->checkStaffPerm($thisstaff, Ticket::PERM_DELETE)
&& $t->delete($_POST['comments'], $e)
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
)
$i++;
}
if (!$i) {
$info['error'] = sprintf(
__('Unable to %1$s %2$s'),
__('delete'),
_N('selected ticket', 'selected tickets', $count));
}
}
break;
default:
Http::response(404, __('Unknown action'));
}
if ($_POST && $i) {
// Assume success
if ($i==$count) {
$msg = sprintf(__('Successfully %s %s.'),
$actions[$action]['verbed'],
sprintf(__('%1$d %2$s'),
$count,
_N('selected ticket', 'selected tickets', $count))
);
$_SESSION['::sysmsgs']['msg'] = $msg;
} else {
$warn = sprintf(
__('%1$d of %2$d %3$s %4$s'), $i, $count,
_N('selected ticket', 'selected tickets',
$count),
$actions[$action]['verbed']);
$_SESSION['::sysmsgs']['warn'] = $warn;
}
Http::response(201, 'processed');
} elseif($_POST && !isset($info['error'])) {
$info['error'] = $errors['err'] ?: sprintf(
__('Unable to %1$s %2$s'),
__('process'),
_N('selected ticket', 'selected tickets', $count));
}
if ($_POST)
$info = array_merge($info, Format::htmlchars($_POST));
include STAFFINC_DIR . "templates/$inc";
// Copy checked tickets to the form.
echo "
<script type=\"text/javascript\">
$(function() {
$('form#tickets input[name=\"tids[]\"]:checkbox:checked')
.each(function() {
$('<input>')
.prop('type', 'hidden')
.attr('name', 'tids[]')
.val($(this).val())
.appendTo('form.mass-action');
});
});
</script>";
}
function changeTicketStatus($tid, $status, $id=0) {
global $thisstaff;
if (!$thisstaff)
Http::response(403, 'Access denied');
elseif (!$tid
|| !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
$role = $thisstaff->getRole($ticket->getDeptId());
switch($status) {
case 'open':
case 'reopen':
$state = 'open';
break;
case 'close':
if (!$role->hasPerm(TicketModel::PERM_CLOSE))
Http::response(403, 'Access denied');
$state = 'closed';
// Check if ticket is closeable
if (is_string($closeable=$ticket->isCloseable()))
$info['warn'] = $closeable;
if (!$role->hasPerm(TicketModel::PERM_DELETE))
Http::response(403, 'Access denied');
$state = 'deleted';
break;
default:
$info['warn'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
return self::_changeTicketStatus($ticket, $state, $info);
global $thisstaff, $ost;
if (!$thisstaff)
Http::response(403, 'Access denied');
elseif (!$tid
|| !($ticket=Ticket::lookup($tid))
|| !$ticket->checkStaffPerm($thisstaff))
if (!$_POST['status_id']
|| !($status= TicketStatus::lookup($_POST['status_id'])))
$errors['status_id'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
elseif ($status->getId() == $ticket->getStatusId())
$errors['err'] = sprintf(__('Ticket already set to %s status'),
__($status->getName()));
elseif (($role = $thisstaff->getRole($ticket->getDeptId()))) {
// Make sure the agent has permission to set the status
switch(mb_strtolower($status->getState())) {
case 'open':
if (!$role->hasPerm(TicketModel::PERM_CLOSE)
&& !$role->hasPerm(TicketModel::PERM_CREATE))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to reopen tickets'));
if (!$role->hasPerm(TicketModel::PERM_CLOSE))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to resolve/close tickets'));
if (!$role->hasPerm(TicketModel::PERM_DELETE))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to archive/delete tickets'));
default:
$errors['err'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
} else {
$errors['err'] = __('Access denied');
if (!$errors && $ticket->setStatus($status, $_REQUEST['comments'], $errors)) {
$msg = sprintf('%s %s',
sprintf(__('Ticket #%s'), $ticket->getNumber()),
__('deleted sucessfully')
);
} elseif ($state != 'open') {
$msg = sprintf(__('%s status changed to %s'),
sprintf(__('Ticket #%s'), $ticket->getNumber()),
$status->getName());
$status->getName());
}
$_SESSION['::sysmsgs']['msg'] = $msg;
} elseif (!$errors['err']) {
$errors['err'] = __('Error updating ticket status');
$state = $state ?: $ticket->getStatus()->getState();
$info['status_id'] = $status
? $status->getId() : $ticket->getStatusId();
return self::_changeTicketStatus($ticket, $state, $info, $errors);
global $thisstaff, $cfg;
if (!$thisstaff)
Http::response(403, 'Access denied');
$state = null;
$info = array();
switch($status) {
case 'open':
case 'reopen':
$state = 'open';
break;
case 'close':
if (!$thisstaff->hasPerm(TicketModel::PERM_CLOSE, false))
Http::response(403, 'Access denied');
$state = 'closed';
break;
case 'delete':
if (!$thisstaff->hasPerm(TicketModel::PERM_DELETE, false))
Http::response(403, 'Access denied');
$state = 'deleted';
break;
default:
$info['warn'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
return self::_changeSelectedTicketsStatus($state, $info);
$errors['err'] = sprintf('%s %s',
sprintf(__('You do not have permission %s.'),
__('to mass manage tickets')),
__('Contact admin for such access'));
elseif (!$_REQUEST['tids'] || !count($_REQUEST['tids']))
$errors['err']=sprintf(__('You must select at least %s.'),
__('one ticket'));
elseif (!($status= TicketStatus::lookup($_REQUEST['status_id'])))
$errors['status_id'] = sprintf('%s %s',
__('Unknown or invalid'), __('status'));
elseif (!$errors) {
// Make sure the agent has permission to set the status
switch(mb_strtolower($status->getState())) {
case 'open':
if (!$thisstaff->hasPerm(TicketModel::PERM_CLOSE, false)
&& !$thisstaff->hasPerm(TicketModel::PERM_CREATE, false))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to reopen tickets'));
if (!$thisstaff->hasPerm(TicketModel::PERM_CLOSE, false))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to resolve/close tickets'));
if (!$thisstaff->hasPerm(TicketModel::PERM_DELETE, false))
$errors['err'] = sprintf(__('You do not have permission %s.'),
__('to archive/delete tickets'));