From 71f74f736627672b091a7319771bdfb61ab3a164 Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@enhancesoft.com>
Date: Tue, 26 Nov 2013 19:54:45 +0000
Subject: [PATCH] Change forms to accept data source Unpack user data for
filtering purposes for staff created tickets
---
include/class.forms.php | 7 +++++
include/class.ticket.php | 51 ++++++++++++++++---------------
include/class.user.php | 12 +++++---
include/staff/ticket-view.inc.php | 4 +--
scp/tickets.php | 5 +--
5 files changed, 44 insertions(+), 35 deletions(-)
diff --git a/include/class.forms.php b/include/class.forms.php
index e94adcfdb..0654a2648 100644
--- a/include/class.forms.php
+++ b/include/class.forms.php
@@ -49,6 +49,13 @@ class Form {
function getFields() {
return $this->fields;
}
+
+ function getField($name) {
+ foreach($this->getFields() as $f)
+ if(!strcasecmp($f->get('name'), $name))
+ return $f;
+ }
+
function getTitle() { return $this->title; }
function getInstructions() { return $this->instructions; }
function getSource() { return $this->_source; }
diff --git a/include/class.ticket.php b/include/class.ticket.php
index a2283c242..b8dbe2187 100644
--- a/include/class.ticket.php
+++ b/include/class.ticket.php
@@ -1924,18 +1924,6 @@ class Ticket {
return true;
}
};
- // Identify the user creating the ticket and unpack user information
- // fields into local scope for filtering and banning purposes
- if (strtolower($origin) == 'api')
- $user_form = UserForm::getUserForm()->getForm($vars);
- else
- $user_form = UserForm::getUserForm()->getForm($_POST);
-
- $user_info = $user_form->getClean();
- if ($user_form->isValid($field_filter))
- $vars += $user_info;
- else
- $errors['user'] = 'Incomplete client information';
//Check for 403
if ($vars['email'] && Validator::is_email($vars['email'])) {
@@ -2028,23 +2016,29 @@ class Ticket {
$errors['duedate']='Due date must be in the future';
}
- // Data is slightly different between HTTP posts and emails
- if ((isset($vars['emailId']) && $vars['emailId'])
- || !isset($user_info['email']) || !$user_info['email']) {
- $user_info = $vars;
+ if (!$errors) {
+
+ if ($vars['uid'] && ($user = User::lookup($vars['uid']))) {
+ $vars['email'] = $user->getEmail();
+ $vars['name'] = $user->getName();
+ }
+
+ # Perform ticket filter actions on the new ticket arguments
+ if ($ticket_filter) $ticket_filter->apply($vars);
+
+ // Allow vars to be changed in ticket filter and applied to the user
+ // account created or detected
+ if (!$user) {
+ $user_form = UserForm::getUserForm()->getForm($vars);
+ if (!$user_form->isValid($field_filter)
+ || !($user=User::fromForm($user_form->getClean())))
+ $errors['user'] = 'Incomplete client information';
+ }
}
//Any error above is fatal.
if($errors) return 0;
- # Perform ticket filter actions on the new ticket arguments
- if ($ticket_filter) $ticket_filter->apply($vars);
-
- // Allow vars to be changed in ticket filter and applied to the user
- // account created or detected
- $user = User::fromForm($vars);
- $user_email = UserEmail::ensure($vars['email']);
-
# Some things will need to be unpacked back into the scope of this
# function
if (isset($vars['autorespond'])) $autorespond=$vars['autorespond'];
@@ -2195,6 +2189,15 @@ class Ticket {
if($vars['source'] && !in_array(strtolower($vars['source']),array('email','phone','other')))
$errors['source']='Invalid source - '.Format::htmlchars($vars['source']);
+ if (!$vars['uid']) {
+ //Special validation required here
+ if (!$vars['email'] || !Validator::is_email($vars['email']))
+ $errors['email'] = 'Valid email required';
+
+ if (!$vars['name'])
+ $errors['name'] = 'Name required';
+ }
+
if(!($ticket=Ticket::create($vars, $errors, 'staff', false, (!$vars['assignId']))))
return false;
diff --git a/include/class.user.php b/include/class.user.php
index d05e1fd1b..15f35223c 100644
--- a/include/class.user.php
+++ b/include/class.user.php
@@ -160,13 +160,13 @@ class User extends UserModel {
return $this->_entries;
}
- function getForms($populate=true) {
+ function getForms($data=null) {
if (!isset($this->_forms)) {
$this->_forms = array();
foreach ($this->getDynamicData() as $cd) {
$cd->addMissingFields();
- if($populate
+ if(!$data
&& ($form = $cd->getForm())
&& $form->get('type') == 'U' ) {
foreach ($cd->getFields() as $f) {
@@ -187,12 +187,14 @@ class User extends UserModel {
function updateInfo($vars, &$errors) {
$valid = true;
- $forms = $this->getForms(false);
+ $forms = $this->getForms($vars);
foreach ($forms as $cd) {
if (!$cd->isValid())
$valid = false;
- elseif (($f=$cd->getField('email'))
- && $cd->get('type') == 'U'
+ if ($cd->get('type') == 'U'
+ && ($form= $cd->getForm($data))
+ && ($f=$form->getField('email'))
+ && $f->getClean()
&& ($u=User::lookup(array('emails__address'=>$f->getClean())))
&& $u->id != $this->getId()) {
$valid = false;
diff --git a/include/staff/ticket-view.inc.php b/include/staff/ticket-view.inc.php
index a8a028627..de1fb3a0f 100644
--- a/include/staff/ticket-view.inc.php
+++ b/include/staff/ticket-view.inc.php
@@ -884,7 +884,7 @@ $tcount+= $ticket->getNumNotes();
</p>
<p class="confirm-action" style="display:none;" id="changeuser-confirm">
Are you sure want to <b>change</b> ticket owner to <b><span id="newuser">this guy</span></b>?
- <br><br><b><?php echo $ticket->getName(); ?></b> will no longer have access to the ticket.
+ <br><br><b><?php echo $ticket->getName(); ?></b> <<?php echo $ticket->getEmail(); ?>> will no longer have access to the ticket.
</p>
<p class="confirm-action" style="display:none;" id="delete-confirm">
<font color="red"><strong>Are you sure you want to DELETE this ticket?</strong></font>
@@ -919,7 +919,7 @@ $(function() {
$.userLookup(url, function(user) {
if(cid!=user.id
&& $('.dialog#confirm-action #changeuser-confirm').length) {
- $('#newuser').html(user.name +' <'+user.email+'>');
+ $('#newuser').html(user.name +' <'+user.email+'>');
$('.dialog#confirm-action #action').val('changeuser');
$('#confirm-form').append('<input type=hidden name=user_id value='+user.id+' />');
$('#overlay').show();
diff --git a/scp/tickets.php b/scp/tickets.php
index 36b1ef9be..8d7966c64 100644
--- a/scp/tickets.php
+++ b/scp/tickets.php
@@ -491,10 +491,7 @@ if($_POST && !$errors):
$errors['err']='You do not have permission to create tickets. Contact admin for such access';
} else {
$vars = $_POST;
- if ($user) {
- $vars['name'] = $user->getName();
- $vars['email'] = $user->getEmail();
- }
+ $vars['uid'] = $user? $user->getId() : 0;
if($_FILES['attachments'])
$vars['files'] = AttachmentFile::format($_FILES['attachments']);
--
GitLab