|
42 | 42 |
|
43 | 43 | global $CFG_GLPI, $DB; |
44 | 44 |
|
45 | | -$track = new Ticket(); |
| 45 | +$ticket = new Ticket(); |
46 | 46 |
|
47 | 47 | if (!isset($_GET['id'])) { |
48 | 48 | $_GET['id'] = ""; |
|
66 | 66 | } |
67 | 67 | } |
68 | 68 |
|
| 69 | +// form submitted (add & update) |
69 | 70 | // as _actors virtual field stores json, bypass automatic escaping |
70 | 71 | if (isset($_POST['_actors'])) { |
71 | 72 | $_POST['_actors'] = json_decode($_POST['_actors'], true); |
72 | 73 | $_REQUEST['_actors'] = $_POST['_actors']; |
73 | 74 | } |
74 | 75 |
|
| 76 | +// form submitted (add) |
75 | 77 | if (isset($_POST["add"])) { |
76 | | - $track->check(-1, CREATE, $_POST); |
77 | | - $_POST = $track->enforceReadonlyFields($_POST, true); |
| 78 | + $ticket->check(-1, CREATE, $_POST); |
| 79 | + $_POST = $ticket->enforceReadonlyFields($_POST, true); |
78 | 80 |
|
79 | | - if ($track->add($_POST)) { |
| 81 | + if ($ticket->add($_POST)) { |
80 | 82 | if ($_SESSION['glpibackcreated']) { |
81 | | - Html::redirect($track->getLinkURL()); |
| 83 | + Html::redirect($ticket->getLinkURL()); |
82 | 84 | } |
83 | 85 | } |
84 | 86 | Html::back(); |
85 | | -} elseif (isset($_POST['update'])) { |
86 | | - if (!$track::canUpdate()) { |
| 87 | +} |
| 88 | +// form submitted (update) |
| 89 | +elseif (isset($_POST['update'])) { |
| 90 | + if (!$ticket::canUpdate()) { |
87 | 91 | throw new AccessDeniedHttpException(); |
88 | 92 | } |
89 | | - $_POST = $track->enforceReadonlyFields($_POST); |
90 | | - $track->update($_POST); |
| 93 | + $_POST = $ticket->enforceReadonlyFields($_POST); |
| 94 | + $ticket->update($_POST); |
91 | 95 |
|
92 | 96 | if (isset($_POST['kb_linked_id'])) { |
93 | 97 | //if solution should be linked to selected KB entry |
94 | 98 | $params = [ |
95 | 99 | 'knowbaseitems_id' => $_POST['kb_linked_id'], |
96 | | - 'itemtype' => $track->getType(), |
97 | | - 'items_id' => $track->getID(), |
| 100 | + 'itemtype' => $ticket->getType(), |
| 101 | + 'items_id' => $ticket->getID(), |
98 | 102 | ]; |
99 | 103 | $existing = $DB->request([ |
100 | 104 | 'FROM' => 'glpi_knowbaseitems_items', |
|
115 | 119 | sprintf(__('%s updates an item'), $_SESSION["glpiname"]) |
116 | 120 | ); |
117 | 121 |
|
118 | | - if ($track->can($_POST["id"], READ)) { |
| 122 | + if ($ticket->can($_POST["id"], READ)) { |
119 | 123 | $toadd = ''; |
120 | 124 | // Copy solution to KB redirect to KB |
121 | 125 | if (isset($_POST['_sol_to_kb']) && $_POST['_sol_to_kb']) { |
122 | 126 | $toadd = "&_sol_to_kb=1"; |
123 | 127 | } |
124 | 128 | Html::redirect(Ticket::getFormURLWithID($_POST["id"]) . $toadd); |
125 | 129 | } |
| 130 | + |
| 131 | + // in case user can update the ticket but not read it, redirect to the ticket list |
126 | 132 | Session::addMessageAfterRedirect( |
127 | 133 | __s('You have been redirected because you no longer have access to this ticket'), |
128 | 134 | true, |
129 | 135 | ERROR |
130 | 136 | ); |
131 | 137 | Html::redirect($CFG_GLPI["root_doc"] . "/front/ticket.php"); |
132 | 138 | } elseif (isset($_POST['delete'])) { |
133 | | - $track->check($_POST['id'], DELETE); |
134 | | - if ($track->delete($_POST)) { |
| 139 | + $ticket->check($_POST['id'], DELETE); |
| 140 | + if ($ticket->delete($_POST)) { |
135 | 141 | Event::log( |
136 | 142 | $_POST["id"], |
137 | 143 | "ticket", |
|
141 | 147 | sprintf(__('%s deletes an item'), $_SESSION["glpiname"]) |
142 | 148 | ); |
143 | 149 | } |
144 | | - $track->redirectToList(); |
| 150 | + $ticket->redirectToList(); |
145 | 151 | } elseif (isset($_POST['purge'])) { |
146 | | - $track->check($_POST['id'], PURGE); |
147 | | - if ($track->delete($_POST, true)) { |
| 152 | + $ticket->check($_POST['id'], PURGE); |
| 153 | + if ($ticket->delete($_POST, true)) { |
148 | 154 | Event::log( |
149 | 155 | $_POST["id"], |
150 | 156 | "ticket", |
|
154 | 160 | sprintf(__('%s purges an item'), $_SESSION["glpiname"]) |
155 | 161 | ); |
156 | 162 | } |
157 | | - $track->redirectToList(); |
| 163 | + $ticket->redirectToList(); |
158 | 164 | } elseif (isset($_POST["restore"])) { |
159 | | - $track->check($_POST['id'], DELETE); |
160 | | - if ($track->restore($_POST)) { |
| 165 | + $ticket->check($_POST['id'], DELETE); |
| 166 | + if ($ticket->restore($_POST)) { |
161 | 167 | Event::log( |
162 | 168 | $_POST["id"], |
163 | 169 | "ticket", |
|
169 | 175 | } |
170 | 176 | Html::back(); |
171 | 177 | } elseif (isset($_POST['sla_delete'])) { |
172 | | - $track->check($_POST["id"], UPDATE); |
173 | | - |
174 | | - $track->deleteLevelAgreement("SLA", $_POST["id"], $_POST['type'], $_POST['delete_date']); |
175 | | - Event::log( |
176 | | - $_POST["id"], |
177 | | - "ticket", |
178 | | - 4, |
179 | | - "tracking", |
180 | | - //TRANS: %s is the user login |
181 | | - sprintf(__('%s updates an item'), $_SESSION["glpiname"]) |
182 | | - ); |
183 | | - |
184 | | - Html::redirect(Ticket::getFormURLWithID($_POST["id"])); |
185 | | -} elseif (isset($_POST['ola_delete'])) { |
186 | | - $track->check($_POST["id"], UPDATE); |
| 178 | + $ticket->check($_POST["id"], UPDATE); |
187 | 179 |
|
188 | | - $track->deleteLevelAgreement("OLA", $_POST["id"], $_POST['type'], $_POST['delete_date']); |
| 180 | + $ticket->deleteLevelAgreement("SLA", $_POST["id"], $_POST['type'], $_POST['delete_date']); |
189 | 181 | Event::log( |
190 | 182 | $_POST["id"], |
191 | 183 | "ticket", |
|
198 | 190 | Html::redirect(Ticket::getFormURLWithID($_POST["id"])); |
199 | 191 | } elseif (isset($_POST['addme_as_actor'])) { |
200 | 192 | $id = (int) $_POST['id']; |
201 | | - $track->check($id, READ); |
202 | | - $input = array_merge($track->fields, [ |
| 193 | + $ticket->check($id, READ); |
| 194 | + $input = array_merge($ticket->fields, [ |
203 | 195 | 'id' => $id, |
204 | 196 | '_itil_' . $_POST['actortype'] => [ |
205 | 197 | '_type' => "user", |
206 | 198 | 'users_id' => Session::getLoginUserID(), |
207 | 199 | 'use_notification' => 1, |
208 | 200 | ], |
209 | 201 | ]); |
210 | | - $track->update($input); |
| 202 | + $ticket->update($input); |
211 | 203 | Event::log( |
212 | 204 | $id, |
213 | 205 | "ticket", |
|
218 | 210 | ); |
219 | 211 | Html::redirect(Ticket::getFormURLWithID($id)); |
220 | 212 | } elseif (isset($_POST['delete_document'])) { |
221 | | - $track->getFromDB((int) $_POST['tickets_id']); |
| 213 | + $ticket->getFromDB((int) $_POST['tickets_id']); |
222 | 214 | $doc = new Document(); |
223 | 215 | $doc->getFromDB((int) $_POST['documents_id']); |
224 | 216 | if ($doc->can($doc->getID(), UPDATE)) { |
225 | 217 | $document_item = new Document_Item(); |
226 | 218 | $found_document_items = $document_item->find([ |
227 | | - $track->getAssociatedDocumentsCriteria(), |
| 219 | + $ticket->getAssociatedDocumentsCriteria(), |
228 | 220 | 'documents_id' => $doc->getID(), |
229 | 221 | ]); |
230 | 222 | foreach ($found_document_items as $item) { |
|
234 | 226 | Html::back(); |
235 | 227 | } |
236 | 228 |
|
| 229 | +// show form when editing a ticket |
237 | 230 | $id = (int) $_GET['id']; |
238 | 231 | if ($id > 0) { |
239 | 232 | $available_options = ['_openfollowup']; |
|
289 | 282 |
|
290 | 283 | if (isset($_GET['showglobalkanban']) && $_GET['showglobalkanban']) { |
291 | 284 | Html::header(sprintf(__('%s Kanban'), Ticket::getTypeName(1)), '', "helpdesk", "ticket"); |
292 | | - $track::showKanban(0); |
| 285 | + $ticket::showKanban(0); |
293 | 286 | Html::footer(); |
294 | 287 | } else { |
295 | 288 | $menus = ["helpdesk", "ticket"]; |
|
0 commit comments