1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
class TicketsController < ApplicationController
respond_to :html, :json
#has_scope :open, :type => boolean
before_filter :set_strings
before_filter :authorize, :only => [:index]
def new
@ticket = Ticket.new
@ticket.comments.build
end
def create
@ticket = Ticket.new(params[:ticket])
if logged_in?
@ticket.created_by = current_user.id
@ticket.email = current_user.email if current_user.email
@ticket.comments.last.posted_by = current_user.id
else
@ticket.comments.last.posted_by = nil #hacky, but protecting this attribute doesn't work right, so this should make sure it isn't set.
end
flash[:notice] = 'Ticket was successfully created.' if @ticket.save
if !logged_in?
flash[:notice] = flash[:notice] + ' You can later access this ticket at the url ' + request.protocol + request.host_with_port + ticket_path(@ticket.id) + '. You might want to bookmark this page to find it again. Anybody with this URL will be able to access this ticket, so if you are on a shared computer you might want to remove it from the browser history' #todo
end
respond_with(@ticket)
end
=begin
def edit
@ticket = Ticket.find(params[:id])
@ticket.comments.build
# build ticket comments?
end
=end
def show
@ticket = Ticket.find(params[:id])
if !@ticket
redirect_to tickets_path, :alert => "No such ticket"
return
end
ticket_access_denied? #authorize_ticket_access
# @ticket.comments.build
# build ticket comments?
end
def update
@ticket = Ticket.find(params[:id])
if !ticket_access_denied?
if params[:post][:title] #title was changed with x-editable form
respond_to do |format|
if @ticket.update_attributes(params[:post])
format.html { redirect_to @ticket, notice: 'Ticket was successfully updated.' }
format.json { head :no_content } # 204 No Content
else
format.html { render action: "show" }
format.json { render json: @ticket.errors, status: :unprocessable_entity }
end
return
end
# TODO: do we want to keep the history of title changes? one possibility was adding a comment that said something like 'user changed the title from a to b'
# TODO: this is throwing a missing template error
return
elsif status = params[:change_status] #close or open button was pressed
@ticket.close if params[:change_status] == 'close'
@ticket.reopen if params[:change_status] == 'open'
else
params[:ticket][:comments_attributes] = nil if params[:ticket][:comments_attributes].values.first[:body].blank? #unset comments hash if no new comment was typed
@ticket.attributes = params[:ticket] #this will call comments_attributes=
# @ticket.is_open = false if params[:commit] == @reply_close_str #this overrides is_open selection
@ticket.close if params[:commit] == @reply_close_str #this overrides is_open selection
# what if there is an update and no new comment? Confirm that there is a new comment to update posted_by:
@ticket.comments.last.posted_by = (current_user ? current_user.id : nil) if @ticket.comments_changed? #protecting posted_by isn't working, so this should protect it.
end
if @ticket.changed? and @ticket.save
flash[:notice] = 'Ticket was successfully updated.'
if @ticket.is_open
respond_with @ticket
else #for closed tickets, redirect to index.
redirect_to tickets_path
end
else
#redirect_to [:show, @ticket] #
flash[:alert] = 'Ticket has not been changed'
redirect_to @ticket
#respond_with(@ticket) # why does this go to edit?? redirect???
end
end
end
def index
#TODO: we will need pagination
@all_tickets = Ticket.for_user(current_user, params, admin?) #for tests, useful to have as separate variable
#below works if @tickets is a CouchRest::Model::Designs::View, but not if it is an Array
@tickets = @all_tickets.page(params[:page]).per(10) #TEST
#respond_with(@tickets)
end
def destroy
@ticket = Ticket.find(params[:id])
@ticket.destroy if admin?
redirect_to tickets_path
end
private
def ticket_access?
@ticket and (admin? or !@ticket.created_by or (current_user and current_user.id == @ticket.created_by))
end
def ticket_access_denied?
access_denied unless ticket_access?
end
def set_strings
@post_reply_str = 'Post reply' #t :post_reply
@reply_close_str = 'Reply and close' #t :reply_and_close
end
# not using now, as we are using comment_attributes= from the Ticket model
=begin
def add_comment
comment = TicketComment.new(params[:comment])
comment.posted_by = User.current.id if User.current #could be nil
comment.posted_at = Time.now # TODO: it seems strange to have this here, and not in model
@ticket.comments << comment
end
=end
end
|
