tp_dhu/tp_servicedesk
1
0
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
tp_servicedesk/app/controllers/TicketController.php

161 lines
4.8 KiB
PHP
Raw Blame History

<?php
class TicketController {
protected function check_access($f3){
if(!$f3->exists('SESSION.user')){
// $f3->set('SESSION.error', 'You don\'t have permission for this ticket.');
$f3->reroute('/login');
}
}
// list all tickts
public function index($f3){
$this->check_access($f3);
$db = $f3->get('DB');
// retrieve tickets
$tickets = $db->exec('SELECT * FROM tickets ORDER BY created_at DESC');
// pass data to template
$f3->set('tickets', $tickets);
// render
$f3->set('content', '../ui/views/ticket/index.html');
echo \Template::instance()->render('../ui/templates/layout.html');
$f3->clear('SESSION.error');
}
// view a single ticket
public function view($f3){
$this->check_access($f3);
$ticket_id = $f3->get('PARAMS.id');
$db = $f3->get('DB');
$result = $db->exec(
'SELECT t.*, u.username as created_by_name
FROM tickets t
LEFT JOIN users u ON t.created_by = u.id
WHERE t.id =? LIMIT 1',
[$ticket_id]
);
if(!$result){
// no record
$f3->set('SESSION.error', 'Ticket not found.');
$f3->reroute('/tickets');
}
$ticket = $result[0];
$f3->set('ticket', $ticket);
// render
$f3->set('content', '../ui/views/ticket/view.html');
echo \Template::instance()->render('../ui/templates/layout.html');
}
// show create form
public function createForm($f3){
$this->check_access($f3);
$f3->set('content', '../ui/views/ticket/create.html');
echo \Template::instance()->render('../ui/templates/layout.html');
}
// handle POST
public function create($f3){
$this->check_access($f3);
$title = $f3->get('POST.title');
$description = $f3->get('POST.description');
$priority = $f3->get('POST.priority'); // eg - low, medium, high
$status = $f3->get('POST.status'); // eg - new, in_progress
$created_by = $f3->get('SESSION.user.id'); // current logged in user
$db = $f3->get('DB');
$db->exec(
'INSERT
INTO tickets (title, description, priority, status, created_by, created_at, updated_at)
VALUES (?,?,?,?,?,NOW(), NOW())',
[$title, $description, $priority, $status, $created_by]
);
$f3->reroute('/tickets');
}
protected function get_ticket_check_edit_permission($f3){
$db = $f3->get('DB');
$ticket_id = $f3->get('PARAMS.id');
$result = $db->exec('SELECT * FROM tickets WHERE id = ? LIMIT 1', [$ticket_id]);
if(!$result){
$f3->set('SESSION.error', 'Ticket not found.');
$f3->reroute('/tickets');
}
$ticket = $result[0];
// TODO: refine
$current_user = $f3->get('SESSION.user');
$is_admin = (isset($current_user['role']) && $current_user['role'] == 'admin');
$is_assigned = ($ticket['assigned_to'] == $current_user['id']);
if(!$is_admin && !$is_assigned){ // should this be ||
// if not assigned and not admin, disallow edit
$f3->set('SESSION.error', 'You do not have permission to edit this ticket.');
$f3->reroute('/tickets');
}
return $ticket;
}
// show edit form
public function editForm($f3){
$this->check_access($f3);
$ticket_id = $f3->get('PARAMS.id');
$db = $f3->get('DB');
$ticket = $this->get_ticket_check_edit_permission($f3);
$f3->set('ticket', $ticket);
$f3->set('ticket', $ticket);
$f3->set('content', '../ui/views/ticket/edit.html');
echo \Template::instance()->render('../ui/templates/layout.html');
}
// process edit POST TODO: if assigned or admin
public function update($f3){
$this->check_access($f3);
$ticket = $this->get_ticket_check_edit_permission($f3);
$ticket_id = $ticket['id'];
$db = $f3->get('DB');
// get updated fields from post
$title = $f3->get('POST.title');
$description = $f3->get('POST.description');
$priority = $f3->get('POST.priority'); // eg - low, medium, high
$status = $f3->get('POST.status'); // eg - new, in_progress
$updated_by = $f3->get('SESSION.user.id'); // current logged in user
// TODO: if you want to update assignment, should be added here.
$db->exec(
'UPDATE tickets
SET title=?, description=?, priority=?, status=?, updated_by=?, updated_at=?
WHERE id=?',
[$title, $description, $priority, $status, $updated_by, 'NOW()', $ticket_id]
);
$f3->reroute('/ticket/' . $ticket_id);
}
}
Reference in New Issue View Git Blame Copy Permalink