|
42 | 42 |
|
43 | 43 | global $CFG_GLPI, $DB; |
44 | 44 |
|
45 | | -$track = new Ticket(); |
| 45 | +$ticket = new Ticket(); |
46 | 46 |
|
47 | 47 | if (!isset($_GET['id'])) { |
48 | 48 | $_GET['id'] = ""; |
|
66 | 66 | } |
67 | 67 | } |
68 | 68 |
|
| 69 | +// form submitted (add & update) |
69 | 70 | // as _actors virtual field stores json, bypass automatic escaping |
70 | 71 | if (isset($_POST['_actors'])) { |
71 | 72 | $_POST['_actors'] = json_decode($_POST['_actors'], true); |
72 | 73 | $_REQUEST['_actors'] = $_POST['_actors']; |
73 | 74 | } |
74 | 75 |
|
| 76 | +// form submitted (add) |
75 | 77 | if (isset($_POST["add"])) { |
76 | | - $track->check(-1, CREATE, $_POST); |
| 78 | + $ticket->check(-1, CREATE, $_POST); |
77 | 79 |
|
78 | | - if ($track->add($_POST)) { |
| 80 | + if ($ticket->add($_POST)) { |
79 | 81 | if ($_SESSION['glpibackcreated']) { |
80 | | - Html::redirect($track->getLinkURL()); |
| 82 | + Html::redirect($ticket->getLinkURL()); |
81 | 83 | } |
82 | 84 | } |
83 | 85 | Html::back(); |
84 | | -} elseif (isset($_POST['update'])) { |
85 | | - if (!$track::canUpdate()) { |
| 86 | +} |
| 87 | +// form submitted (update) |
| 88 | +elseif (isset($_POST['update'])) { |
| 89 | + if (!$ticket::canUpdate()) { |
86 | 90 | throw new AccessDeniedHttpException(); |
87 | 91 | } |
88 | | - $track->update($_POST); |
| 92 | + $ticket->update($_POST); |
89 | 93 |
|
90 | 94 | if (isset($_POST['kb_linked_id'])) { |
91 | 95 | //if solution should be linked to selected KB entry |
92 | 96 | $params = [ |
93 | 97 | 'knowbaseitems_id' => $_POST['kb_linked_id'], |
94 | | - 'itemtype' => $track->getType(), |
95 | | - 'items_id' => $track->getID(), |
| 98 | + 'itemtype' => $ticket->getType(), |
| 99 | + 'items_id' => $ticket->getID(), |
96 | 100 | ]; |
97 | 101 | $existing = $DB->request([ |
98 | 102 | 'FROM' => 'glpi_knowbaseitems_items', |
|
113 | 117 | sprintf(__('%s updates an item'), $_SESSION["glpiname"]) |
114 | 118 | ); |
115 | 119 |
|
116 | | - if ($track->can($_POST["id"], READ)) { |
| 120 | + if ($ticket->can($_POST["id"], READ)) { |
117 | 121 | $toadd = ''; |
118 | 122 | // Copy solution to KB redirect to KB |
119 | 123 | if (isset($_POST['_sol_to_kb']) && $_POST['_sol_to_kb']) { |
120 | 124 | $toadd = "&_sol_to_kb=1"; |
121 | 125 | } |
122 | 126 | Html::redirect(Ticket::getFormURLWithID($_POST["id"]) . $toadd); |
123 | 127 | } |
| 128 | + |
| 129 | + // in case user can update the ticket but not read it, redirect to the ticket list |
124 | 130 | Session::addMessageAfterRedirect( |
125 | 131 | __s('You have been redirected because you no longer have access to this ticket'), |
126 | 132 | true, |
127 | 133 | ERROR |
128 | 134 | ); |
129 | 135 | Html::redirect($CFG_GLPI["root_doc"] . "/front/ticket.php"); |
130 | 136 | } elseif (isset($_POST['delete'])) { |
131 | | - $track->check($_POST['id'], DELETE); |
132 | | - if ($track->delete($_POST)) { |
| 137 | + $ticket->check($_POST['id'], DELETE); |
| 138 | + if ($ticket->delete($_POST)) { |
133 | 139 | Event::log( |
134 | 140 | $_POST["id"], |
135 | 141 | "ticket", |
|
139 | 145 | sprintf(__('%s deletes an item'), $_SESSION["glpiname"]) |
140 | 146 | ); |
141 | 147 | } |
142 | | - $track->redirectToList(); |
| 148 | + $ticket->redirectToList(); |
143 | 149 | } elseif (isset($_POST['purge'])) { |
144 | | - $track->check($_POST['id'], PURGE); |
145 | | - if ($track->delete($_POST, true)) { |
| 150 | + $ticket->check($_POST['id'], PURGE); |
| 151 | + if ($ticket->delete($_POST, true)) { |
146 | 152 | Event::log( |
147 | 153 | $_POST["id"], |
148 | 154 | "ticket", |
|
152 | 158 | sprintf(__('%s purges an item'), $_SESSION["glpiname"]) |
153 | 159 | ); |
154 | 160 | } |
155 | | - $track->redirectToList(); |
| 161 | + $ticket->redirectToList(); |
156 | 162 | } elseif (isset($_POST["restore"])) { |
157 | | - $track->check($_POST['id'], DELETE); |
158 | | - if ($track->restore($_POST)) { |
| 163 | + $ticket->check($_POST['id'], DELETE); |
| 164 | + if ($ticket->restore($_POST)) { |
159 | 165 | Event::log( |
160 | 166 | $_POST["id"], |
161 | 167 | "ticket", |
|
167 | 173 | } |
168 | 174 | Html::back(); |
169 | 175 | } elseif (isset($_POST['sla_delete'])) { |
170 | | - $track->check($_POST["id"], UPDATE); |
171 | | - |
172 | | - $track->deleteLevelAgreement("SLA", $_POST["id"], $_POST['type'], $_POST['delete_date']); |
173 | | - Event::log( |
174 | | - $_POST["id"], |
175 | | - "ticket", |
176 | | - 4, |
177 | | - "tracking", |
178 | | - //TRANS: %s is the user login |
179 | | - sprintf(__('%s updates an item'), $_SESSION["glpiname"]) |
180 | | - ); |
181 | | - |
182 | | - Html::redirect(Ticket::getFormURLWithID($_POST["id"])); |
183 | | -} elseif (isset($_POST['ola_delete'])) { |
184 | | - $track->check($_POST["id"], UPDATE); |
| 176 | + $ticket->check($_POST["id"], UPDATE); |
185 | 177 |
|
186 | | - $track->deleteLevelAgreement("OLA", $_POST["id"], $_POST['type'], $_POST['delete_date']); |
| 178 | + $ticket->deleteLevelAgreement("SLA", $_POST["id"], $_POST['type'], $_POST['delete_date']); |
187 | 179 | Event::log( |
188 | 180 | $_POST["id"], |
189 | 181 | "ticket", |
|
196 | 188 | Html::redirect(Ticket::getFormURLWithID($_POST["id"])); |
197 | 189 | } elseif (isset($_POST['addme_as_actor'])) { |
198 | 190 | $id = (int) $_POST['id']; |
199 | | - $track->check($id, READ); |
200 | | - $input = array_merge($track->fields, [ |
| 191 | + $ticket->check($id, READ); |
| 192 | + $input = array_merge($ticket->fields, [ |
201 | 193 | 'id' => $id, |
202 | 194 | '_itil_' . $_POST['actortype'] => [ |
203 | 195 | '_type' => "user", |
204 | 196 | 'users_id' => Session::getLoginUserID(), |
205 | 197 | 'use_notification' => 1, |
206 | 198 | ], |
207 | 199 | ]); |
208 | | - $track->update($input); |
| 200 | + $ticket->update($input); |
209 | 201 | Event::log( |
210 | 202 | $id, |
211 | 203 | "ticket", |
|
216 | 208 | ); |
217 | 209 | Html::redirect(Ticket::getFormURLWithID($id)); |
218 | 210 | } elseif (isset($_POST['delete_document'])) { |
219 | | - $track->getFromDB((int) $_POST['tickets_id']); |
| 211 | + $ticket->getFromDB((int) $_POST['tickets_id']); |
220 | 212 | $doc = new Document(); |
221 | 213 | $doc->getFromDB((int) $_POST['documents_id']); |
222 | 214 | if ($doc->can($doc->getID(), UPDATE)) { |
223 | 215 | $document_item = new Document_Item(); |
224 | 216 | $found_document_items = $document_item->find([ |
225 | | - $track->getAssociatedDocumentsCriteria(), |
| 217 | + $ticket->getAssociatedDocumentsCriteria(), |
226 | 218 | 'documents_id' => $doc->getID(), |
227 | 219 | ]); |
228 | 220 | foreach ($found_document_items as $item) { |
|
232 | 224 | Html::back(); |
233 | 225 | } |
234 | 226 |
|
| 227 | +// show form when editing a ticket |
235 | 228 | $id = (int) $_GET['id']; |
236 | 229 | if ($id > 0) { |
237 | 230 | $available_options = ['_openfollowup']; |
|
287 | 280 |
|
288 | 281 | if (isset($_GET['showglobalkanban']) && $_GET['showglobalkanban']) { |
289 | 282 | Html::header(sprintf(__('%s Kanban'), Ticket::getTypeName(1)), '', "helpdesk", "ticket"); |
290 | | - $track::showKanban(0); |
| 283 | + $ticket::showKanban(0); |
291 | 284 | Html::footer(); |
292 | 285 | } else { |
293 | 286 | $menus = ["helpdesk", "ticket"]; |
|
0 commit comments