summaryrefslogtreecommitdiff
path: root/help/app/controllers/tickets_controller.rb
blob: 3be7d10d76a3e750a117a951e0d38a5d7b7bd9cf (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
class TicketsController < ApplicationController

  respond_to :html, :json
  #has_scope :open, :type => boolean

  before_filter :authorize, :only => [:index]
  before_filter :fetch_ticket, :only => [:show, :update, :destroy] # don't now have an edit method
  before_filter :set_title

  def new
    @ticket = Ticket.new
    @ticket.comments.build
  end

  def create
    @ticket = Ticket.new(params[:ticket])

    @ticket.comments.last.posted_by = (logged_in? ? current_user.id : nil) #protecting posted_by isn't working, so this should protect it.
    @ticket.created_by = current_user.id if logged_in?
    @ticket.email = current_user.email_address if logged_in? and current_user.email_address

    if @ticket.save
      flash[:notice] = t(:thing_was_successfully_created, :thing => t(:ticket))
    end

    # cannot set this until ticket has been saved, as @ticket.id will not be set
    if !logged_in? and flash[:notice]
      flash[:notice] += " " + t(:access_ticket_text, :full_url => ticket_url(@ticket.id))
    end
    respond_with(@ticket)
  end

  def show
    @comment = TicketComment.new
    if !@ticket
      redirect_to tickets_path, :alert => t(:no_such_thing, :thing => t(:ticket))
      return
    end
  end

  def update
    if params[:commit] == t(:close)
      @ticket.is_open = false
      @ticket.save
      redirect_to_tickets
    elsif params[:commit] == t(:open)
      @ticket.is_open = true
      @ticket.save
      redirect_to @ticket
    elsif params[:commit] == t(:cancel)
      redirect_to_tickets
    else
      @ticket.attributes = cleanup_ticket_params(params[:ticket])

      if params[:commit] == t(:reply_and_close)
        @ticket.close
      end

      if @ticket.comments_changed?
        @ticket.comments.last.posted_by = (current_user ? current_user.id : nil)
      end

      if @ticket.changed?
        if @ticket.save
          flash[:notice] = t(:changes_saved)
          redirect_to_tickets
        else
          respond_with @ticket
        end
      else
        redirect_to @ticket
      end
    end
  end

  def index
    @all_tickets = Ticket.for_user(current_user, params, admin?) #for tests, useful to have as separate variable
    @tickets = @all_tickets.page(params[:page]).per(APP_CONFIG[:pagination_size])
  end

  def destroy
    # should we allow non-admins to delete their own tickets? i don't think necessary.
    @ticket.destroy if admin?
    redirect_to tickets_path
  end

  protected

  def set_title
    @title = t(:tickets)
  end

  private

  #
  # redirects to ticket index, if appropriate.
  # otherwise, just redirects to @ticket
  #
  def redirect_to_tickets
    if logged_in?
      if params[:commit] == t(:reply_and_close)
        redirect_to tickets_url
      else
        redirect_to @ticket
      end
    else
      # if we are not logged in, there is no index to view
      redirect_to @ticket
    end
  end

  # unset comments hash if no new comment was typed
  def cleanup_ticket_params(ticket)
    if ticket && ticket[:comments_attributes]
      if ticket[:comments_attributes].values.first[:body].blank?
        ticket[:comments_attributes] = nil
      end
    end
    return ticket
  end

  def ticket_access?
    @ticket and (admin? or !@ticket.created_by or (current_user and current_user.id == @ticket.created_by))
  end

  def fetch_ticket
    @ticket = Ticket.find(params[:id])
    if !@ticket and admin?
      redirect_to tickets_path, :alert => t(:no_such_thing, :thing => 'ticket')
      return
    end
    access_denied unless ticket_access?
  end

end