diff options
Diffstat (limited to 'help')
-rw-r--r-- | help/app/controllers/tickets_controller.rb | 67 | ||||
-rw-r--r-- | help/app/models/ticket.rb | 4 | ||||
-rw-r--r-- | help/app/views/tickets/index.html.haml | 2 | ||||
-rw-r--r-- | help/app/views/tickets/show.html.haml | 9 |
4 files changed, 59 insertions, 23 deletions
diff --git a/help/app/controllers/tickets_controller.rb b/help/app/controllers/tickets_controller.rb index 4684a40..4130ee6 100644 --- a/help/app/controllers/tickets_controller.rb +++ b/help/app/controllers/tickets_controller.rb @@ -33,25 +33,32 @@ class TicketsController < ApplicationController def show @ticket = Ticket.find(params[:id]) + ticket_access_denied? # @ticket.comments.build # build ticket comments? end def update - @ticket = Ticket.find(params[:id]) - @ticket.attributes = params[:ticket] - # what if there is an update and no new comment? Confirm that there is a new comment to update posted_by. will @tickets.comments_changed? work? - @ticket.comments.last.posted_by = (current_user ? current_user.id : nil) #protecting posted_by isn't working, so this should protect it. + @ticket = Ticket.find(params[:id]) + if !ticket_access_denied? - if @ticket.save - flash[:notice] = 'Ticket was successfully updated.' - respond_with @ticket - else - #redirect_to [:show, @ticket] # - flash[:alert] = 'Ticket has not been changed' - redirect_to @ticket - #respond_with(@ticket) # why does this go to edit?? redirect??? + #below is excessively complicated. issue is that we don't need a new comment if we have changed anything else (currently, is_open is the only other thing to change.) However, if we don't change anything else, then we want to try to add a new comment (and possibly fail.) Likely this should all be redone. + @ticket.is_open = params[:ticket][:is_open] + if !params[:ticket][:comments_attributes].values.first[:body].blank? or !@ticket.changed? + @ticket.attributes = params[:ticket] + end + # what if there is an update and no new comment? Confirm that there is a new comment to update posted_by. will @tickets.comments_changed? work? + @ticket.comments.last.posted_by = (current_user ? current_user.id : nil) if @ticket.comments_changed? #protecting posted_by isn't working, so this should protect it. + if @ticket.save + flash[:notice] = 'Ticket was successfully updated.' + respond_with @ticket + else + #redirect_to [:show, @ticket] # + flash[:alert] = 'Ticket has not been changed' + redirect_to @ticket + #respond_with(@ticket) # why does this go to edit?? redirect??? + end end end @@ -59,18 +66,42 @@ class TicketsController < ApplicationController # @tickets = Ticket.by_title #not actually what we will want #we'll want only tickets that this user can access # @tickets = Ticket.by_is_open.key(params[:status]) - if params[:status] == 'open' - @tickets = Ticket.by_is_open.key(true) - elsif params[:status] == 'closed' - @tickets = Ticket.by_is_open.key(false) + + #below is obviously too messy and not what we want, but wanted to get basic functionality there + if admin? + if params[:status] == 'open' + @tickets = Ticket.by_is_open.key(true) + elsif params[:status] == 'closed' + @tickets = Ticket.by_is_open.key(false) + else + @tickets = Ticket.all + end + elsif logged_in? + if params[:status] == 'open' + @tickets = Ticket.by_is_open_and_created_by.key([true, current_user.id]).all + elsif params[:status] == 'closed' + @tickets = Ticket.by_is_open_and_created_by.key([false, current_user.id]).all + else + @tickets = Ticket.by_created_by.key(current_user.id).all + end else - @tickets = Ticket.all - end + access_denied + end + respond_with(@tickets) end private + def ticket_access_denied? + # TODO---we will allow unauthenticated users to view tickets with a code + if !admin? and current_user.id != @ticket.created_by + @ticket = nil + access_denied + end + + end + # not using now, as we are using comment_attributes= from the Ticket model =begin def add_comment diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb index 0407012..6301e9e 100644 --- a/help/app/models/ticket.rb +++ b/help/app/models/ticket.rb @@ -38,6 +38,9 @@ class Ticket < CouchRest::Model::Base design do view :by_title view :by_is_open + view :by_created_by + view :by_is_open_and_created_by + end validates :title, :presence => true @@ -78,7 +81,6 @@ class Ticket < CouchRest::Model::Base end def comments_attributes=(attributes) - comment = TicketComment.new(attributes.values.first) #TicketComment.new(attributes) #comment.posted_by = User.current.id if User.current #we want to avoid User.current, and current_user won't work here. instead will set in tickets_controller # what about: comment.posted_by = self.updated_by (will need to add ticket.updated_by) diff --git a/help/app/views/tickets/index.html.haml b/help/app/views/tickets/index.html.haml index 1f46433..dff39ce 100644 --- a/help/app/views/tickets/index.html.haml +++ b/help/app/views/tickets/index.html.haml @@ -1,4 +1,4 @@ -%h2 tickets index (just as space) +%h1 tickets index (just as space) Create a = link_to "new ticket", new_ticket_path = # below shouldn't be unless logged in diff --git a/help/app/views/tickets/show.html.haml b/help/app/views/tickets/show.html.haml index a9b994e..3fb1d34 100644 --- a/help/app/views/tickets/show.html.haml +++ b/help/app/views/tickets/show.html.haml @@ -1,10 +1,10 @@ +%h1 tickets show (just as space) +%h1 tickets show (just as space) - if flash[:notice] =flash[:notice] - if flash[:alert] =flash[:alert] %h2= @ticket.title -is open? -= @ticket.is_open - if @ticket.code code: = @ticket.code @@ -22,5 +22,8 @@ is open? = f.simple_fields_for :comments, TicketComment.new do |c| = c.input :body, :label => 'Comment', :as => :text = #render :partial => 'new_comment' - = f.button :submit + = f.label :is_open + = f.select :is_open, [true, false] + = f.button :submit # have button to close + = # want to ahve button to close = link_to t(:cancel), tickets_path, :class => :btn
\ No newline at end of file |