Merge remote-tracking branch 'origin/1.0' into HEAD

Author: Sanjeev Papnoi

Controller/Article.php

@@ -87,8 +87,6 @@ public function articleListByCategory(Request $request)
 
     public function ArticleListBySolution(Request $request)
     {
-
-
         $solution = $this->getDoctrine()
             ->getRepository('UVDeskSupportCenterBundle:Solutions')
             ->findSolutionById(['id' => $request->attributes->get('solution')]);
@@ -212,6 +210,12 @@ public function article(Request $request)
     }
     public function articleXhr(Request $request)
     {
+        // Proceed only if user has access to the resource        
+        if( (!$this->userService->getSessionUser()) || (!$this->userService->isAccessAuthorized('ROLE_AGENT_MANAGE_KNOWLEDGEBASE')) )
+        {
+            throw new \Exception('Access Denied', 403); 
+        }
+
         $json = array();
 
         if ($request->getMethod() == "POST") {

Controller/Customer.php

@@ -15,18 +15,21 @@
 use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
 use Webkul\UVDesk\CoreFrameworkBundle\FileSystem\FileSystem;
 use Symfony\Component\Translation\TranslatorInterface;
+use Webkul\UVDesk\CoreFrameworkBundle\Services\FileUploadService;
 
 Class Customer extends AbstractController
 {
     private $translator;
     private $fileSystem;
     private $passwordEncoder;
+    private $fileUploadService;
 
-    public function __construct(TranslatorInterface $translator, UserPasswordEncoderInterface $passwordEncoder, FileSystem $fileSystem)
+    public function __construct(TranslatorInterface $translator, UserPasswordEncoderInterface $passwordEncoder, FileSystem $fileSystem, FileUploadService $fileUploadService)
     {
         $this->translator = $translator;
         $this->fileSystem = $fileSystem;
         $this->passwordEncoder = $passwordEncoder;
+        $this->fileUploadService = $fileUploadService;
     }
 
     protected function redirectUserToLogin()
@@ -171,10 +174,19 @@ public function Account(Request $request)
                     $userInstance = $em->getRepository('UVDeskCoreFrameworkBundle:UserInstance')->findOneBy(array('user' => $user->getId()));
 
                     if (isset($dataFiles['profileImage'])) {
+                        $previousImage = $userInstance->getProfileImagePath();
+                        if($previousImage != null){
+                            $image = str_replace("\\","/",$this->getParameter('kernel.project_dir').'/public'.$previousImage);
+                            $check = $this->fileUploadService->fileRemoveFromFolder($image); 
+                        }
                         $assetDetails = $this->fileSystem->getUploadManager()->uploadFile($dataFiles['profileImage'], 'profile');
                         $userInstance->setProfileImagePath($assetDetails['path']);
                     }
 
+                    if ($request->get('removeImage') == 'on') {
+                       $userInstance->setProfileImagePath(null);
+                    } 
+
                     $userInstance  = $userInstance->setContactNumber($data['contactNumber']);
                     $em->persist($userInstance);
                     $em->flush();

Controller/Ticket.php

@@ -160,7 +160,7 @@ public function ticketadd(Request $request)
 
                             $customerEmail = $params['email'] = $request->request->get('from');
                             $customer = $em->getRepository('UVDeskCoreFrameworkBundle:User')->findOneBy(array('email' => $customerEmail));
-                            $params['flag'] = (!$customer) ? 1 : 0;$request->getSession()->getFlashBag()->set('success', $this->translator->trans('Success ! Ticket has been created successfully.'));
+                            $params['flag'] = (!$customer) ? 1 : 0;
 
                             $data['firstName'] = current($nameDetails = explode(' ', $request->request->get('name')));
                             $data['fullname'] = $request->request->get('name');
@@ -197,7 +197,7 @@ public function ticketadd(Request $request)
                             if($request->request->get('customFields') || $request->files->get('customFields')) {
                                 $this->get('ticket.service')->addTicketCustomFields($ticket, $request->request->get('customFields'), $request->files->get('customFields'));                        
                             }
-                            $request->getSession()->getFlashBag()->set('success', sprintf('Success ! Ticket #%s has been created successfully.', $ticket->getId()));
+                            $this->addFlash('success', $this->translator->trans('Success ! Ticket has been created successfully.'));
                         } else {
                             $this->addFlash('warning', $this->translator->trans('Warning ! Can not create ticket, invalid details.'));
                         }
@@ -275,6 +275,14 @@ public function saveReply(int $id, Request $request)
         $this->isWebsiteActive();
         $data = $request->request->all();
         $ticket = $this->getDoctrine()->getRepository('UVDeskCoreFrameworkBundle:Ticket')->find($id);
+        $user = $this->userService->getSessionUser();
+
+        // process only if access for the resource.
+        if (empty($ticket) || ( (!empty($user)) && $user->getId() != $ticket->getCustomer()->getId()) ) {
+            if(!$this->isCollaborator($ticket, $user)) {
+                throw new \Exception('Access Denied', 403);
+            }
+        }
 
         if($_POST) {
             if(str_replace(' ','',str_replace('&nbsp;','',trim(strip_tags($data['message'], '<img>')))) != "") {
@@ -293,7 +301,7 @@ public function saveReply(int $id, Request $request)
                 }
 
                 // @TODO: Refactor -> Why are we filtering only these two characters?
-                $data['message'] = str_replace(['&lt;script&gt;', '&lt;/script&gt;'], '', $data['message']);
+                $data['message'] = str_replace(['&lt;script&gt;', '&lt;/script&gt;'], '', htmlspecialchars($data['message']));
 
                 $userDetail = $this->userService->getCustomerPartialDetailById($data['user']->getId());
                 $data['fullname'] = $userDetail['name'];
@@ -318,10 +326,12 @@ public function saveReply(int $id, Request $request)
                 if ($thread->getcreatedBy() == 'customer') {
                     $event = new GenericEvent(CoreWorkflowEvents\Ticket\CustomerReply::getId(), [
                         'entity' =>  $ticket,
+                        'thread' =>  $thread
                     ]);
                 } else {
                     $event = new GenericEvent(CoreWorkflowEvents\Ticket\CollaboratorReply::getId(), [
                         'entity' =>  $ticket,
+                        'thread' =>  $thread
                     ]);
                 }
 
@@ -504,6 +514,16 @@ public function downloadAttachmentZip(Request $request)
             $this->noResultFound();
         }
 
+        $ticket = $attachment->getThread()->getTicket();
+        $user = $this->userService->getSessionUser();
+        
+        // process only if access for the resource.
+        if (empty($ticket) || ( (!empty($user)) && $user->getId() != $ticket->getCustomer()->getId()) ) {
+            if(!$this->isCollaborator($ticket, $user)) {
+                throw new \Exception('Access Denied', 403);
+            }
+        }
+
         $zipname = 'attachments/' .$threadId.'.zip';
         $zip = new \ZipArchive;
 
@@ -535,6 +555,12 @@ public function downloadAttachment(Request $request)
             $this->noResultFound();
         }
 
+        $ticket = $attachment->getThread()->getTicket();
+        // Proceed only if user has access to the resource
+        if (false == $this->ticketService->isTicketAccessGranted($ticket, $user)) {
+            throw new \Exception('Access Denied', 403);
+        }
+
         $path = $this->get('kernel')->getProjectDir() . "/public/". $attachment->getPath();
 
         $response = new Response();
@@ -555,6 +581,14 @@ public function ticketCollaboratorXhr(Request $request)
         $content = json_decode($request->getContent(), true);
         $em = $this->getDoctrine()->getManager();
         $ticket = $em->getRepository('UVDeskCoreFrameworkBundle:Ticket')->find($content['ticketId']);
+        $user = $this->userService->getSessionUser();
+        
+        // process only if access for the resource.
+        if (empty($ticket) || ( (!empty($user)) && $user->getId() != $ticket->getCustomer()->getId()) ) {
+            if(!$this->isCollaborator($ticket, $user)) {
+                throw new \Exception('Access Denied', 403);
+            }
+        }
 
         if ($request->getMethod() == "POST") {
             if ($content['email'] == $ticket->getCustomer()->getEmail()) {
@@ -580,7 +614,6 @@ public function ticketCollaboratorXhr(Request $request)
                     $ticket->lastCollaborator = $collaborator;
                     $collaborator = $em->getRepository('UVDeskCoreFrameworkBundle:User')->find($collaborator->getId());
 
-
                     $json['collaborator'] =  $this->userService->getCustomerPartialDetailById($collaborator->getId());
                     $json['alertClass'] = 'success';
                     $json['alertMessage'] = $this->translator->trans('Success ! Collaborator added successfully.');
@@ -609,4 +642,4 @@ public function ticketCollaboratorXhr(Request $request)
         $response->headers->set('Content-Type', 'application/json');
         return $response;
     }
-}
+}

Resources/views/Knowledgebase/customerAccount.html.twig

@@ -187,7 +187,18 @@
                     </div>
                 </div>
                 <!-- //Profile image -->
-
+               
+                {% if isHaveImage %} 
+                    <div class="uv-element-block"> 
+                        <label>
+                            <div class="uv-checkbox">
+                                <input name="removeImage" id="removeImage" type="checkbox">
+                                <span class="uv-checkbox-view"></span>
+                            </div><span class="uv-checkbox-label">{{ 'Remove profile picture'|trans }}</span>
+                        </label>
+                    </div>
+                {% endif %}
+                
                 <!-- Field -->
                 <div class="uv-element-block">
                     <label class="uv-field-label">{{ 'First Name'|trans }}</label>

Resources/views/Knowledgebase/ticket.html.twig

@@ -217,6 +217,9 @@
 	{{ include('@UVDeskCoreFramework/Templates/attachment.html.twig') }}
 
 	<script type="text/javascript">
+	{% if user_service.isfileExists('apps/uvdesk/form-component') == false %}
+	customFieldValidation = {};
+	{% endif %}
 		$(function () {
 			{% if(removeMe is defined) %}
 				$.each({{ removeMe | json_encode |raw }}, function(key, value){

Resources/views/Knowledgebase/ticketList.html.twig

@@ -192,7 +192,21 @@
         </td>
         <td data-value="{{ 'Status'|trans }}">
 	       	<a class="not-shiny" href="<%- path %>">
-	       		<%- status.description %>
+	       		<% if (status.description == 'Open') { %>
+				   		{{ 'Open'|trans }}
+				<% } else if (status.description == 'Closed') { %>
+						{{ 'Closed'|trans }}
+				<% } else if (status.description == 'Pending') { %>
+						{{ 'Pending'|trans }}
+				<% } else if (status.description == 'Answered') { %>
+						{{ 'Answered'|trans }}
+				<% } else if(status.description == 'Resolved') { %>
+						{{ 'Resolved'|trans }}
+				<% } else if(status.description == 'UnAnswered') { %>
+						{{ 'UnAnswered'|trans }}
+				<% } else if(status.description == 'UnAssigned') { %>
+						{{ 'UnAssigned'|trans }}
+				<% } %>
 	    	</a>
         </td>
         <td data-value="{{ 'Timestamp'|trans }}">

Resources/views/Knowledgebase/ticketView.html.twig

@@ -415,6 +415,44 @@
         </div>
     </div>
 
+        <div class="uv-kudo">
+        <div class="uv-kudo-button">
+            <!--uv-kudo-button-active-->
+            <div class="uv-kudo-icon"></div>
+            <span>{{ 'Rate Support'|trans }}</span>
+        </div>
+
+        <div class="uv-kudo-plank">
+            {% set count = 0 %}
+            {% for rating in ticket.ratings %}
+                {% if rating.getCustomer.id == app.user.id %}
+                    {% set count = rating.getStars %}
+                {% endif %}
+            {% endfor %}
+            <div class="uv-kudo-response-wrapper">
+                <span class="uv-kudo-response uv-kudo-very-sad {% if count == 1 %}uv-kudo-done{% endif %}" data-id="1"></span>
+                <span class="uv-kudo-response uv-kudo-sad {% if count == 2 %}uv-kudo-done{% endif %}" data-id="2"></span>
+                <span class="uv-kudo-response uv-kudo-neutral {% if count == 3 %}uv-kudo-done{% endif %}" data-id="3"></span>
+                <span class="uv-kudo-response uv-kudo-happy {% if count == 4 %}uv-kudo-done{% endif %}" data-id="4"></span>
+                <span class="uv-kudo-response uv-kudo-very-happy  {% if count == 5 %}uv-kudo-done{% endif %}" data-id="5"></span>
+            </div>
+
+            <span class="uv-kudo-message">
+                {% if count == 1 %}
+                    {{ 'I am very Sad'|trans }}
+                {% elseif count == 2 %}
+                    {{ 'I am Sad'|trans }}
+                {% elseif count == 3 %}
+                    {{ 'I am Neutral'|trans }}
+                {% elseif count == 4 %}
+                    {{ 'I am Happy'|trans }}
+                {% elseif count == 5 %}
+                    {{ 'I am Very Happy'|trans }}
+                {% endif %}
+            </span>
+        </div>
+    </div>
+
     <div class="uv-pop-up-overlay" id="confirm-ticket-close-modal" style="display: none;">
         <div class="uv-pop-up-box uv-pop-up-slim">
             <span class="uv-pop-up-close"></span>
@@ -519,6 +557,7 @@
                 el: $('.uv-body'),
                 stopDraftSaveFlag: 0,
                 events: {
+                    'click .uv-kudo-response-wrapper .uv-kudo-response': 'rateTicket',
                     'click .collaborator-list .uv-btn-tag': 'removeCcCollaborator',
                     'change .uv-element-block.cc-bcc .cc-bcc-toggle': 'showCcBccBlock',
                     'keypress .uv-element-block.cc-bcc .uv-group-field': 'addCcBccInput',
@@ -535,7 +574,40 @@
                     $('#confirm-ticket-close-modal').hide();
                     this.validateForm(e);
                 },
+                ratingText: {
+                    '1' : "{{ 'I am very Sad'|trans }}",
+                    '2' : "{{ 'I am Sad'|trans }}",
+                    '3' : "{{ 'I am Neutral'|trans }}",
+                    '4' : "{{ 'I am Happy'|trans }}",
+                    '5' : "{{ 'I am Very Happy'|trans }}",
+                },
                 loaderTemplate : _.template($("#loader-tmp").html()),
+                rateTicket : function(e) {
+                    var element = Backbone.$(e.currentTarget);
+                    var count = element.attr('data-id');
+                    this.model.set('rating', count);
+
+                    var self = this;
+                    app.appView.showLoader()
+                    this.model.save({}, {
+                        url : "{{ path('helpdesk_customer_rate_ticket', {'id': ticket.id}) }}",
+                        success: function (model, response, options) {
+                            app.appView.hideLoader()
+                            if(response.alertClass == 'success') {
+                                $('.uv-kudo-response').removeClass('uv-kudo-done');
+                                element.addClass('uv-kudo-done');
+                                $('.uv-kudo-message').text(self.ratingText[count])
+                                $('.uv-kudo-button').trigger('click')
+                            } else {
+                                app.appView.renderResponseAlert(response);
+                            }
+                        },
+                        error: function (model, xhr, options) {
+                            if(url = xhr.getResponseHeader('Location'))
+                                window.location = url;
+                        }
+                    });
+                },
                 addCCCollaborators: function() {
                     if(collaboratorCollection.length) {
                         var collaboratorContainer = $('.uv-element-block.collaborators');
@@ -876,4 +948,19 @@
             }
 		});
 	</script>
+
+    <script>
+        document.addEventListener("DOMContentLoaded", function(){
+            var uvKudoButton = document.querySelector(".uv-kudo-button");
+            var uvKudoIcon = document.querySelector(".uv-kudo-icon");
+            var uvKudoPlank = document.querySelector(".uv-kudo-plank");
+            var uvKudoMessage = document.querySelector(".uv-kudo-message");
+            var uvKudoResponse = document.querySelector(".uv-kudo-response");
+
+            uvKudoButton.addEventListener("click", function(){
+                uvKudoButton.classList.toggle("uv-kudo-button-active");
+                uvKudoPlank.classList.toggle("uv-kudo-plank-active");
+            });
+        });
+    </script>
 {% endblock %}