Is the current user have right to approve solution of the current ticket ?
| public canApprove ( ) : boolean | ||
| return | boolean | |
*/
/** @file
* @brief
*/
include '../inc/includes.php';
Session::checkLoginUser();
$fup = new TicketFollowup();
if (isset($_POST["add"])) {
$fup->check(-1, CREATE, $_POST);
$fup->add($_POST);
Event::log($fup->getField('tickets_id'), "ticket", 4, "tracking", sprintf(__('%s adds a followup'), $_SESSION["glpiname"]));
Html::back();
} else {
if (isset($_POST['add_close']) || isset($_POST['add_reopen'])) {
$ticket = new Ticket();
if ($ticket->getFromDB($_POST["tickets_id"]) && $ticket->canApprove()) {
$fup->add($_POST);
Event::log($fup->getField('tickets_id'), "ticket", 4, "tracking", sprintf(__('%s approves or refuses a solution'), $_SESSION["glpiname"]));
Html::back();
}
} else {
if (isset($_POST["update"])) {
$fup->check($_POST['id'], UPDATE);
$fup->update($_POST);
Event::log($fup->getField('tickets_id'), "ticket", 4, "tracking", sprintf(__('%s updates a followup'), $_SESSION["glpiname"]));
Html::redirect(Toolbox::getItemTypeFormURL('Ticket') . "?id=" . $fup->getField('tickets_id'));
} else {
if (isset($_POST["purge"])) {
$fup->check($_POST['id'], PURGE);
$fup->delete($_POST, 1);
Event::log($fup->getField('tickets_id'), "ticket", 4, "tracking", sprintf(__('%s purges a followup'), $_SESSION["glpiname"]));
/**
* Add a followup to a existing ticket
* for an authenticated user
*
* @param $params array of options (ticket, content)
* @param $protocol
*
* @return array of hashtable
**/
static function methodAddTicketFollowup($params, $protocol)
{
if (isset($params['help'])) {
return array('ticket' => 'integer,mandatory', 'content' => 'string,mandatory', 'users_login' => 'string,optional', 'close' => 'bool,optional', 'reopen' => 'bool,optional', 'source' => 'string,optional', 'private' => 'bool,optional', 'help' => 'bool,optional');
}
if (!Session::getLoginUserID()) {
return self::Error($protocol, WEBSERVICES_ERROR_NOTAUTHENTICATED);
}
$ticket = new Ticket();
if (isset($params['users_login']) && is_numeric($params['users_login'])) {
return self::Error($protocol, WEBSERVICES_ERROR_BADPARAMETER, '', 'users_login should be a string');
}
if (isset($params['users_login']) && is_string($params['users_login'])) {
$user = new User();
if (!($users_id = $user->getIdByName($params['users_login']))) {
return self::Error($protocol, WEBSERVICES_ERROR_BADPARAMETER, '', 'unable to get users_id with the users_login');
}
}
if (!isset($params['ticket'])) {
return self::Error($protocol, WEBSERVICES_ERROR_MISSINGPARAMETER, '', 'ticket');
}
if (!is_numeric($params['ticket'])) {
return self::Error($protocol, WEBSERVICES_ERROR_BADPARAMETER, '', 'ticket');
}
if (!$ticket->can($params['ticket'], 'r')) {
return self::Error($protocol, WEBSERVICES_ERROR_NOTFOUND);
}
if (!$ticket->canAddFollowups()) {
return self::Error($protocol, WEBSERVICES_ERROR_NOTALLOWED);
}
if (in_array($ticket->fields["status"], $ticket->getSolvedStatusArray()) && !$ticket->canApprove()) {
// Logged user not allowed
if (isset($users_id)) {
// If we get the users id
$approbationSolution = self::checkApprobationSolution($users_id, $ticket);
if (!$approbationSolution) {
return self::Error($protocol, WEBSERVICES_ERROR_NOTALLOWED);
}
} else {
return self::Error($protocol, WEBSERVICES_ERROR_NOTALLOWED);
}
}
if (!isset($params['content'])) {
return self::Error($protocol, WEBSERVICES_ERROR_MISSINGPARAMETER, '', 'content');
}
// Source of the ticket, dynamically created
if (isset($params['source'])) {
if (empty($params['content'])) {
return self::Error($protocol, WEBSERVICES_ERROR_MISSINGPARAMETER, '', 'source');
}
$source = Dropdown::importExternal('RequestType', $params['source']);
} else {
$source = Dropdown::importExternal('RequestType', 'WebServices');
}
$private = isset($params['private']) && $params['private'] ? 1 : 0;
$followup = new TicketFollowup();
$user = 0;
if (isset($users_id)) {
$user = $users_id;
}
$data = array('tickets_id' => $params['ticket'], 'requesttypes_id' => $source, 'is_private' => $private, 'users_id' => $user, 'content' => addslashes(Toolbox::clean_cross_side_scripting_deep($params["content"])));
if (isset($params['close'])) {
if (isset($params['reopen'])) {
return self::Error($protocol, WEBSERVICES_ERROR_BADPARAMETER, '', 'can\'t use both reopen and close options');
}
if (in_array($ticket->fields["status"], $ticket->getSolvedStatusArray())) {
$data['add_close'] = 1;
if (isset($users_id)) {
$data['users_id'] = $users_id;
}
} else {
return self::Error($protocol, WEBSERVICES_ERROR_BADPARAMETER, '', 'close for not solved ticket');
}
}
if (isset($params['reopen'])) {
if (in_array($ticket->fields['status'], array(Ticket::SOLVED, Ticket::WAITING))) {
$data['add_reopen'] = 1;
if (isset($users_id)) {
$data['users_id'] = $users_id;
}
} else {
return self::Error($protocol, WEBSERVICES_ERROR_BADPARAMETER, '', 'reopen for not solved or waiting ticket');
}
}
if (in_array($ticket->fields["status"], $ticket->getSolvedStatusArray()) && !isset($params['close']) && !isset($params['reopen'])) {
return self::Error($protocol, WEBSERVICES_ERROR_BADPARAMETER, '', 'missing reopen/close option for solved ticket');
}
if (in_array($ticket->fields["status"], $ticket->getClosedStatusArray())) {
return self::Error($protocol, WEBSERVICES_ERROR_BADPARAMETER, '', 'cannot add to a closed ticket');
}
if ($followup->add($data)) {
return self::methodGetTicket(array('ticket' => $params['ticket']), $protocol);
}
return self::Error($protocol, WEBSERVICES_ERROR_FAILED, '', self::getDisplayError());
}