From da5c6e5156ee4d50e48b3e33603a4d11372528e4 Mon Sep 17 00:00:00 2001 From: tp_dhu Date: Sun, 9 Feb 2025 20:04:45 +0000 Subject: [PATCH] TicketController with associated ui --- app/controllers/TicketController.php | 161 +++++++++++++++++++++++++++ ui/views/home.html | 5 +- ui/views/ticket/create.html | 16 +++ ui/views/ticket/edit.html | 17 +++ ui/views/ticket/index.html | 34 ++++++ ui/views/ticket/view.html | 16 +++ 6 files changed, 247 insertions(+), 2 deletions(-) create mode 100644 app/controllers/TicketController.php create mode 100644 ui/views/ticket/create.html create mode 100644 ui/views/ticket/edit.html create mode 100644 ui/views/ticket/index.html create mode 100644 ui/views/ticket/view.html diff --git a/app/controllers/TicketController.php b/app/controllers/TicketController.php new file mode 100644 index 0000000..c290211 --- /dev/null +++ b/app/controllers/TicketController.php @@ -0,0 +1,161 @@ +exists('SESSION.user')){ + // $f3->set('SESSION.error', 'You don\'t have permission for this ticket.'); + $f3->reroute('/login'); + } + } + + // list all tickts + public function index($f3){ + $this->check_access($f3); + + $db = $f3->get('DB'); + + // retrieve tickets + $tickets = $db->exec('SELECT * FROM tickets ORDER BY created_at DESC'); + + // pass data to template + $f3->set('tickets', $tickets); + + // render + $f3->set('content', '../ui/views/ticket/index.html'); + echo \Template::instance()->render('../ui/templates/layout.html'); + + $f3->clear('SESSION.error'); + } + + // view a single ticket + public function view($f3){ + $this->check_access($f3); + + $ticket_id = $f3->get('PARAMS.id'); + $db = $f3->get('DB'); + + $result = $db->exec( + 'SELECT t.*, u.username as created_by_name + FROM tickets t + LEFT JOIN users u ON t.created_by = u.id + WHERE t.id =? LIMIT 1', + [$ticket_id] + ); + + if(!$result){ + // no record + $f3->set('SESSION.error', 'Ticket not found.'); + $f3->reroute('/tickets'); + } + + $ticket = $result[0]; + $f3->set('ticket', $ticket); + + // render + $f3->set('content', '../ui/views/ticket/view.html'); + echo \Template::instance()->render('../ui/templates/layout.html'); + + } + + // show create form + public function createForm($f3){ + $this->check_access($f3); + $f3->set('content', '../ui/views/ticket/create.html'); + echo \Template::instance()->render('../ui/templates/layout.html'); + } + + // handle POST + public function create($f3){ + $this->check_access($f3); + + $title = $f3->get('POST.title'); + $description = $f3->get('POST.description'); + $priority = $f3->get('POST.priority'); // eg - low, medium, high + $status = $f3->get('POST.status'); // eg - new, in_progress + $created_by = $f3->get('SESSION.user.id'); // current logged in user + + $db = $f3->get('DB'); + + $db->exec( + 'INSERT + INTO tickets (title, description, priority, status, created_by, created_at, updated_at) + VALUES (?,?,?,?,?,NOW(), NOW())', + [$title, $description, $priority, $status, $created_by] + ); + + $f3->reroute('/tickets'); + } + + protected function get_ticket_check_edit_permission($f3){ + + $db = $f3->get('DB'); + + $ticket_id = $f3->get('PARAMS.id'); + $result = $db->exec('SELECT * FROM tickets WHERE id = ? LIMIT 1', [$ticket_id]); + + if(!$result){ + $f3->set('SESSION.error', 'Ticket not found.'); + $f3->reroute('/tickets'); + } + + $ticket = $result[0]; + + // TODO: refine + $current_user = $f3->get('SESSION.user'); + $is_admin = (isset($current_user['role']) && $current_user['role'] == 'admin'); + $is_assigned = ($ticket['assigned_to'] == $current_user['id']); + + if(!$is_admin && !$is_assigned){ // should this be || + // if not assigned and not admin, disallow edit + $f3->set('SESSION.error', 'You do not have permission to edit this ticket.'); + $f3->reroute('/tickets'); + } + + return $ticket; + + } + + // show edit form + public function editForm($f3){ + $this->check_access($f3); + + $ticket_id = $f3->get('PARAMS.id'); + $db = $f3->get('DB'); + + + $ticket = $this->get_ticket_check_edit_permission($f3); + $f3->set('ticket', $ticket); + + $f3->set('ticket', $ticket); + $f3->set('content', '../ui/views/ticket/edit.html'); + echo \Template::instance()->render('../ui/templates/layout.html'); + } + + // process edit POST TODO: if assigned or admin + public function update($f3){ + $this->check_access($f3); + $ticket = $this->get_ticket_check_edit_permission($f3); + $ticket_id = $ticket['id']; + $db = $f3->get('DB'); + + // get updated fields from post + $title = $f3->get('POST.title'); + $description = $f3->get('POST.description'); + $priority = $f3->get('POST.priority'); // eg - low, medium, high + $status = $f3->get('POST.status'); // eg - new, in_progress + $updated_by = $f3->get('SESSION.user.id'); // current logged in user + + // TODO: if you want to update assignment, should be added here. + + $db->exec( + 'UPDATE tickets + SET title=?, description=?, priority=?, status=?, updated_by=?, updated_at=? + WHERE id=?', + [$title, $description, $priority, $status, $updated_by, 'NOW()', $ticket_id] + ); + + $f3->reroute('/ticket/' . $ticket_id); + } + +} \ No newline at end of file diff --git a/ui/views/home.html b/ui/views/home.html index d9427c7..a437d37 100644 --- a/ui/views/home.html +++ b/ui/views/home.html @@ -28,6 +28,7 @@ + \ No newline at end of file diff --git a/ui/views/ticket/index.html b/ui/views/ticket/index.html new file mode 100644 index 0000000..64bc601 --- /dev/null +++ b/ui/views/ticket/index.html @@ -0,0 +1,34 @@ +

View Tickets

+ + +
+ {{ @SESSION.error }} +
+ + +

create ticket

+
+ + + + + + + + + + + + + + + + + + + + + + + +
idtitledescriptionstatusprioritycreated_at
{{@ticket.id}}{{@ticket.title}}{{@ticket.description}}{{@ticket.status}}{{@ticket.priority}}{{@ticket.created_at}}
\ No newline at end of file diff --git a/ui/views/ticket/view.html b/ui/views/ticket/view.html new file mode 100644 index 0000000..b1c44c7 --- /dev/null +++ b/ui/views/ticket/view.html @@ -0,0 +1,16 @@ +

Ticket - View

+ +
+ + + + + + + + + + +
PropertyValue
{{@key}} {{@value}}
+ +