if ($thisuser->canEditTickets() || $thisuser->isManager() && $ticket->getDeptId() == $thisuser->getDeptId()) {
$page = 'editticket.inc.php';
} else {
$errors['err'] = 'Access denied. You are not allowed to edit this ticket. Contact admin if you believe this is in error';
}
}
} elseif ($_REQUEST['a'] == 'open') {
//TODO: Check perm here..
$page = 'newticket.inc.php';
} elseif ($_REQUEST['a'] == 'actualclose') {
$ticket = new ticket($_SESSION['ticketId']);
if (!$ticket || !$thisuser->canEditTickets()) {
//$ticket=new ticket($_SESSION['ticketId']);
//if(!$ticket )
$errors['err'] = 'Perm. Denied. You are not allowed to edit tickets';
} elseif ($ticket->updateinfo($_POST, $errors) && $ticket->close()) {
$msg = 'Ticket updated and closed successfully';
$page = $ticket = null;
} elseif (!$errors['err']) {
$errors['err'] = 'Error(s) occured! Try again.';
}
}
//At this stage we know the access status. we can process the post.
if ($_GET['action'] == "assign") {
$assign_message = "Ticket claimed by user " . $_GET['assign_message'];
if (!$thisuser->isadmin() && !$thisuser->isManager() && $thisuser->getId() != $ticket->getStaffId() && !$thisuser->isStaff()) {
$errors['err'] = 'Ticket already assigned. You do not have permission to re-assign assigned tickets';
}
if (!$errors && $ticket->assignStaff($_GET['staff_id'], $assign_message)) {
$msg = 'Ticket Assigned to staff';
$ticket->reload();