diff --git a/include/class.thread.php b/include/class.thread.php
index e715b6f465273901d62e2d63aeebf57651708e41..759a03b0c5ccc4948ee920b53e34a3c981d306a6 100644
--- a/include/class.thread.php
+++ b/include/class.thread.php
@@ -16,6 +16,7 @@
**********************************************************************/
include_once(INCLUDE_DIR.'class.ticket.php');
include_once(INCLUDE_DIR.'class.draft.php');
+include_once(INCLUDE_DIR.'class.role.php');
//Ticket thread.
class Thread extends VerySimpleModel {
@@ -435,11 +436,20 @@ class ThreadEntry extends VerySimpleModel {
const FLAG_EDITED = 0x0002;
const FLAG_HIDDEN = 0x0004;
+ const PERM_EDIT = 'thread.edit';
+
var $_headers;
var $_thread;
var $_actions;
var $_attachments;
+ static protected $perms = array(
+ self::PERM_EDIT => array(
+ 'title' => /* @trans */ 'Edit Thread',
+ 'desc' => /* @trans */ 'Ability to edit thread items of other agents',
+ ),
+ );
+
function postEmail($mailinfo) {
if (!($thread = $this->getThread()))
// Kind of hard to continue a discussion without a thread ...
@@ -1252,8 +1262,14 @@ class ThreadEntry extends VerySimpleModel {
self::$action_registry[$group][$action::getId()] = $action;
}
+
+ static function getPermissions() {
+ return self::$perms;
+ }
}
+RolePermission::register(/* @trans */ 'Tickets', ThreadEntry::getPermissions());
+
class ThreadEntryBody /* extends SplString */ {
diff --git a/include/class.thread_actions.php b/include/class.thread_actions.php
index 503578ec46ba4f4e9cceced3e9e52583f1047ff6..121ecb8b98267fb2ad060bdb0f9c064a12167c9f 100644
--- a/include/class.thread_actions.php
+++ b/include/class.thread_actions.php
@@ -66,15 +66,17 @@ class TEA_EditThreadEntry extends ThreadEntryAction {
function isEnabled() {
global $thisstaff;
+ $T = $this->entry->getThread()->getObject();
// You can edit your own posts or posts by your department members
// if your a manager, or everyone's if your an admin
return $thisstaff && (
- $thisstaff->isAdmin()
- || (($T = $this->entry->getThread()->getObject())
- && $T instanceof Ticket
+ $thisstaff->getId() == $this->entry->staff_id
+ || ($T instanceof Ticket
&& $T->getDept()->getManagerId() == $thisstaff->getId()
)
- || ($this->entry->getStaffId() == $thisstaff->getId())
+ || ($T instanceof Ticket
+ && $thisstaff->getRole($T->getDeptId())->hasPerm(ThreadEntry::PERM_EDIT)
+ )
);
}
diff --git a/include/staff/ticket-view.inc.php b/include/staff/ticket-view.inc.php
index 8823977dae020f16d792e772cedb25947c2676d7..8e3c73d86fa69f200c2a293f74b9139942dd7d9b 100644
--- a/include/staff/ticket-view.inc.php
+++ b/include/staff/ticket-view.inc.php
@@ -423,8 +423,12 @@ $tcount = $ticket->getThreadEntries($types)->count();
<?php foreach ($actions as $group => $list) {
foreach ($list as $id => $action) { ?>
<li>
- <a class="no-pjax" href="#" onclick="javascript:
- <?php echo str_replace('"', '\\"', $action->getJsStub()); ?>; return false;">
+ <a class="no-pjax <?php
+ if (!$action->isEnabled())
+ echo 'disabled';
+ ?>" href="#" onclick="javascript:
+ if ($(this).hasClass('disabled')) return false;
+ <?php echo str_replace('"', '\\"', $action->getJsStub()); ?>; return false;">
<i class="<?php echo $action->getIcon(); ?>"></i> <?php
echo $action->getName();
?></a></li>
diff --git a/scp/css/dropdown.css b/scp/css/dropdown.css
index 6105ea27fc4098cc3ba0fce3ae3467af0e8e7afb..236deb3664c1c7f424e901130e9a71c41e7fd2c4 100644
--- a/scp/css/dropdown.css
+++ b/scp/css/dropdown.css
@@ -42,6 +42,11 @@
color: #FFF !important;
cursor: pointer;
}
+.action-dropdown ul li > a.disabled {
+ pointer-events: none;
+ color: #999;
+ color: rgba(85,85,85,0.5);
+}
.action-dropdown hr {
height: 1px;
border: none;
diff --git a/scp/roles.php b/scp/roles.php
index 824d13b14e285a4ae22d22283a9e988f36eaf0bf..749dee96fad1f00cf7d40535a3a242b7b4b93356 100644
--- a/scp/roles.php
+++ b/scp/roles.php
@@ -21,6 +21,7 @@ include_once INCLUDE_DIR . 'class.canned.php';
include_once INCLUDE_DIR . 'class.faq.php';
include_once INCLUDE_DIR . 'class.email.php';
include_once INCLUDE_DIR . 'class.report.php';
+include_once INCLUDE_DIR . 'class.thread.php';
$errors = array();
$role=null;