tp_dhu/tp_servicedesk
1
0
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
tp_servicedesk/app/controllers/TicketController.php
tp_dhu 4a421564c2 implemented csrf
2025-05-10 08:50:41 +01:00

210 lines
6.7 KiB
PHP
Raw Blame History

<?php
class TicketController extends BaseController implements CRUD {
use RequiresAuth, CheckCSRF;
// list all tickts
public function index($f3){
$this->requireLogin();
$filter = $f3->get('GET.status');
// retrieve tickets
$ticket_mapper = new Ticket($this->getDB());
if($filter){
$tickets = $ticket_mapper->findFiltered($filter);
} else {
$tickets = $ticket_mapper->findAll();
}
// render
$this->renderView('views/ticket/index.html',
['tickets' => $tickets]
);
$f3->clear('SESSION.error');
}
// view a single ticket
// TODO_PROJECTS: show a link back to the related project
public function view($f3){
$this->requireLogin();
$ticket_id = $f3->get('PARAMS.id');
$ticket_mapper = new Ticket($this->getDB());
$ticket = $ticket_mapper->findById($ticket_id);
$assigned_user = $ticket->getAssignedUser();
// render
$this->renderView('views/ticket/view.html', [
'ticket' => $ticket,
'assigned_user' => $assigned_user,
'attachments' => $ticket->attachments(),
'comments' => $ticket->comments(),
'parent_tickets' => $ticket->getParentTickets(),
'child_tickets' => $ticket->getChildTickets(),
'ticket_meta' => $ticket->getMetaAssoc()
]);
}
// show create form
// TODO_PROJECTS: dropdown to associate ticket with project
public function createForm($f3){
$db = $this->getDB();
$priorities = (new TicketPriority($db))->findAll();
$statuses = (new TicketStatus($db))->findAll();
// TODO: this needs moving into a model?
$users = $this->getDB()->exec('SELECT id, username, display_name FROM users ORDER BY display_name ASC');
$users = array_merge([['id'=>'-1', 'display_name'=>'--']], $users);
$this->requireLogin();
$this->renderView('views/ticket/create.html',[
'priorities' => $priorities,
'statuses' => $statuses,
'users' => $users
]);
}
// handle POST
// including custom forms
public function create($f3){
$this->requireLogin();
$this->checkCSRF($f3, '/ticket/create');
$data = [
'title' => $this->f3->get('POST.title'),
'created_at' => $this->f3->get('POST.created_at'),
'description' => $this->f3->get('POST.description'),
'priority_id' => $this->f3->get('POST.priority_id'),
'status_id' => $this->f3->get('POST.status_id'),
'created_by' => $this->f3->get('SESSION.user.id')
];
$ticket_mapper = new Ticket($this->getDB());
$new_ticket_id = $ticket_mapper->createTicket($data);
// custom field
$meta_keys = $this->f3->get('POST.meta_key');
$meta_values = $this->f3->get('POST.meta_value');
$meta_assoc = $ticket_mapper->assocMetaFromKeyValue($meta_keys, $meta_values);
$ticket_mapper->setCustomFields($meta_assoc);
$this->f3->reroute('/ticket/' . $new_ticket_id);
}
// show edit form
// including custom forms
// TODO_PROJECTS: allow reasssigning or removing a project association
public function editForm($f3)
{
$this->requireLogin();
$ticket_id = $f3->get('PARAMS.id');
$ticket_mapper = new Ticket($this->getDB());
$ticket = $ticket_mapper->findById($ticket_id);
if(!$ticket){
$this->f3->set('SESSION.error', 'Ticket not found.');
$this->f3->reroute('/tickets');
}
//
$f3->set('js', 'markdown_preview.js');
// dropdowns
$priorities = (new TicketPriority($this->getDB()))->findAll();
$statuses = (new TicketStatus($this->getDB()))->findAll();
// TODO: this needs moving into a model?
$users = $this->getDB()->exec('SELECT id, username, display_name FROM users ORDER BY display_name ASC');
$users = array_merge([['id'=>'-1', 'display_name'=>'--']], $users);
$this->renderView('views/ticket/edit.html',[
'ticket' => $ticket,
'ticket_meta' => $ticket->getMeta(),
'priorities' => $priorities,
'statuses' => $statuses,
'users' => $users
]
);
return;
}
// process edit POST TODO: if assigned or admin
public function update($f3)
{
$this->requireLogin();
$this->checkCSRF($f3, '/ticket/create');
$ticket_id = $this->f3->get('PARAMS.id');
$ticket_mapper = new Ticket($this->getDB());
$ticket = $ticket_mapper->findById($ticket_id);
if(!$ticket){
$this->f3->set('SESSION.error', 'Ticket not found.');
$this->f3->reroute('/tickets');
}
$data = [
'title' => $this->f3->get('POST.title'),
'created_at' => $this->f3->get('POST.created_at'),
'description' => $this->f3->get('POST.description'),
'priority_id' => $this->f3->get('POST.priority_id'),
'status_id' => $this->f3->get('POST.status_id'),
'updated_by' => $this->f3->get('SESSION.user.id') ,
'assigned_to' => $this->f3->get('POST.assigned_to') ?: null
];
$ticket->updateTicket($data);
// deal with meta data / custom fields
$meta_keys = $this->f3->get('POST.meta_key');
$meta_values = $this->f3->get('POST.meta_value');
$meta_assoc = $ticket->assocMetaFromKeyValue($meta_keys, $meta_values);
$ticket->setCustomFields($meta_assoc);
$f3->reroute('/ticket/' . $ticket_id);
}
// subtask
public function addSubtask($f3){
$this->requireLogin();
$this->checkCSRF($f3, '/ticket/create');
$parent_id = (int) $f3->get('PARAMS.id');
$child_id = (int) $f3->get('POST.child_ticket_id');
$ticket_mapper = new Ticket($this->getDB());
$ticket = $ticket_mapper->findById($parent_id);
if(!$ticket){
$this->f3->set('SESSION.error', 'Parent Ticket not found');
$this->f3->reroute('/tickets');
}
$ticket->addChildTicket($child_id);
$this->f3->reroute('/ticket/' . $parent_id);
}
public function delete(): void
{
$this->requireLogin();
$ticket_id = (int)$this->f3->get('PARAMS.id');
$ticket_mapper = new Ticket($this->getDB());
$ticket = $ticket_mapper->findById($ticket_id);
if(!$ticket){
$this->f3->set('SESSION.error', 'Ticket not found');
$this->f3->reroute('/tickets');
}
$ticket->softDelete();
$this->f3->reroute('/tickets');
}
}
Reference in New Issue View Git Blame Copy Permalink