/** * @param $request * @param Closure $next * @return \BladeView|bool|\Illuminate\Contracts\Routing\ResponseFactory * \Illuminate\Contracts\View\Factory * \Illuminate\View\View * \Symfony\Component\HttpFoundation\Response * @throws \Exception */ public function handle($request, Closure $next) { /* * TODO: find how laravel passes $ticketID and $token from the controller to middleware * this will remove the need of parsing the URI ourselves */ $uri = explode('/', Request::path()); if ($uri[0] === 'ash' && $uri['1'] === 'collect') { $ticketID = $uri[2]; $token = $uri[3]; $ticket = Ticket::find($ticketID); if (!empty($ticket)) { // Prevent unauthorized access by UNDEF contact tokens(default) $validTokenIP = md5(Uuid::generate(4)); $validTokenDomain = md5(Uuid::generate(4)); if ($ticket->ip_contact_reference != 'UNDEF') { $validTokenIP = md5($ticket->id . $ticket->ip . $ticket->ip_contact_reference); } if ($token == $validTokenIP) { $request->merge(['AshAuthorisedBy' => 'TokenIP']); return $next($request); } if ($ticket->domain_contact_reference != 'UNDEF') { $request->merge(['AshAuthorisedBy' => 'TokenDomain']); $validTokenDomain = md5($ticket->id . $ticket->domain . $ticket->domain_contact_reference); } if ($token == $validTokenDomain) { return $next($request); } } } return $request->ajax ? response('Unauthorized.', 401) : view('errors.403'); }
/** * Method to add a note to a ticket. * * @param int $ticketID * @param string $token * * @return \Illuminate\Http\Response */ public function addNote($ticketID, $token) { $submittor = false; $ticket = Ticket::find($ticketID); $AshAuthorisedBy = Request::get('AshAuthorisedBy'); if ($AshAuthorisedBy == 'TokenIP') { $account = Account::find($ticket->ip_contact_account_ip); $submittor = trans('ash.basic.ip') . ' ' . trans('ash.communication.contact'); } if ($AshAuthorisedBy == 'TokenDomain') { $account = Account::find($ticket->domain_contact_account_id); $submittor = trans('ash.basic.domain') . ' ' . trans('ash.communication.contact'); } $brand = empty($account) ? Brand::getSystemBrand() : $account->brand; if (empty($brand) || empty($submittor)) { abort(500); } $changeStatus = Input::get('changeStatus'); if ($changeStatus == 'IGNORED' || $changeStatus == 'RESOLVED') { $ticket->contact_status_id = $changeStatus; $ticket->save(); } $text = Input::get('text'); if (empty($text) || strlen($text) < 1) { $message = 'noteEmpty'; } else { $message = 'noteAdded'; $note = new Note(); $note->ticket_id = $ticket->id; $note->submitter = $submittor; $note->text = $text; $note->save(); } return view('ash')->with('brand', $brand)->with('ticket', $ticket)->with('allowedChanges', $this->allowedStatusChanges($ticket))->with('token', $token)->with('message', $message); }
/** * Method to add a note to a ticket * * @param integer $ticketID * @param string $token * @return \Illuminate\Http\Response */ public function addNote($ticketID, $token) { $brand = false; $submittor = false; $ticket = Ticket::find($ticketID); $AshAuthorisedBy = Request::get('AshAuthorisedBy'); if ($AshAuthorisedBy == 'TokenIP') { $brand = $ticket->accountIp->brand; $submittor = trans('ash.basic.ip') . ' ' . trans('ash.communication.contact'); } if ($AshAuthorisedBy == 'TokenDomain') { $brand = $ticket->accountDomain->brand; $submittor = trans('ash.basic.domain') . ' ' . trans('ash.communication.contact'); } if (empty($brand) || empty($submittor)) { abort(500); } $text = Input::get('text'); if (empty($text)) { $message = 'You cannot add an empty message!'; } else { $message = 'Note has been added.'; $note = new Note(); $note->ticket_id = $ticket->id; $note->submitter = $submittor; $note->text = $text; $note->save(); } return view('ash')->with('brand', $brand)->with('ticket', $ticket)->with('token', $token)->with('message', $message); }
/** * Display a listing of the resource. * @return Response */ public function index($ticketID, $token) { $ticket = Ticket::find($ticketID); $validTokenIP = md5($ticket->id . $ticket->ip . $ticket->ip_contact_reference); $validTokenDomain = md5($ticket->id . $ticket->ip . $ticket->domain_contact_reference); if ($token == $validTokenIP || $token == $validTokenDomain) { return view('ash')->with('ticket', $ticket); } else { return view('errors.403'); } }
/** * Display a listing of the resource. * * @return Response */ public function index($ticketID, $token) { $ticket = Ticket::find($ticketID); // 6bb1aef09ea536260e3afe3fb9b432e4 // c1eee3ce87f1fd774eb8819c820fa5be $validTokenIP = md5($ticket->id . $ticket->ip . $ticket->ip_contact_reference); $validTokenDomain = md5($ticket->id . $ticket->ip . $ticket->domain_contact_reference); if ($token == $validTokenIP || $token == $validTokenDomain) { return view('ash')->with('ticket', $ticket); } else { return view('errors.403'); } }
/** * {@inheritdoc}. */ protected function getObjectByArguments() { return Ticket::find($this->argument('id')); }