2014-02-03 19:24:49 +00:00
|
|
|
# Copyright (C) 2012-2014 Zammad Foundation, http://zammad-foundation.org/
|
2013-06-12 15:59:58 +00:00
|
|
|
|
2012-04-10 14:06:46 +00:00
|
|
|
class TicketArticlesController < ApplicationController
|
2015-05-07 11:23:55 +00:00
|
|
|
before_action :authentication_check
|
2012-04-10 14:06:46 +00:00
|
|
|
|
|
|
|
# GET /articles
|
|
|
|
def index
|
|
|
|
@articles = Ticket::Article.all
|
|
|
|
|
2015-04-27 13:42:53 +00:00
|
|
|
render json: @articles
|
2012-04-10 14:06:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
# GET /articles/1
|
|
|
|
def show
|
2012-11-13 10:34:45 +00:00
|
|
|
@article = Ticket::Article.find( params[:id] )
|
2012-04-10 14:06:46 +00:00
|
|
|
|
2015-04-27 13:42:53 +00:00
|
|
|
render json: @article
|
2012-04-10 14:06:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
# POST /articles
|
|
|
|
def create
|
2016-01-15 17:22:57 +00:00
|
|
|
form_id = params[:ticket_article][:form_id]
|
2012-12-02 10:18:55 +00:00
|
|
|
params[:ticket_article].delete(:form_id)
|
2013-06-19 20:44:18 +00:00
|
|
|
@article = Ticket::Article.new( Ticket::Article.param_validation( params[:ticket_article] ) )
|
2012-11-13 10:34:45 +00:00
|
|
|
|
2012-04-10 14:06:46 +00:00
|
|
|
# find attachments in upload cache
|
2012-12-02 10:18:55 +00:00
|
|
|
if form_id
|
2013-03-28 23:13:15 +00:00
|
|
|
@article.attachments = Store.list(
|
2015-04-27 13:42:53 +00:00
|
|
|
object: 'UploadCache',
|
|
|
|
o_id: form_id,
|
2012-12-02 10:18:55 +00:00
|
|
|
)
|
|
|
|
end
|
2012-04-10 14:06:46 +00:00
|
|
|
|
2012-04-12 11:27:01 +00:00
|
|
|
if @article.save
|
|
|
|
|
|
|
|
# remove attachments from upload cache
|
|
|
|
Store.remove(
|
2015-04-27 13:42:53 +00:00
|
|
|
object: 'UploadCache',
|
|
|
|
o_id: form_id,
|
2012-04-12 11:27:01 +00:00
|
|
|
)
|
2012-11-13 10:34:45 +00:00
|
|
|
|
2015-04-27 13:42:53 +00:00
|
|
|
render json: @article, status: :created
|
2012-04-12 11:27:01 +00:00
|
|
|
else
|
2015-04-27 13:42:53 +00:00
|
|
|
render json: @article.errors, status: :unprocessable_entity
|
2012-04-10 14:06:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# PUT /articles/1
|
|
|
|
def update
|
2012-11-13 10:34:45 +00:00
|
|
|
@article = Ticket::Article.find( params[:id] )
|
2012-04-10 14:06:46 +00:00
|
|
|
|
2013-06-19 20:44:18 +00:00
|
|
|
if @article.update_attributes( Ticket::Article.param_validation( params[:ticket_article] ) )
|
2015-04-27 13:42:53 +00:00
|
|
|
render json: @article, status: :ok
|
2012-04-12 11:27:01 +00:00
|
|
|
else
|
2015-04-27 13:42:53 +00:00
|
|
|
render json: @article.errors, status: :unprocessable_entity
|
2012-04-10 14:06:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# DELETE /articles/1
|
|
|
|
def destroy
|
2012-11-13 10:34:45 +00:00
|
|
|
@article = Ticket::Article.find( params[:id] )
|
2012-04-10 14:06:46 +00:00
|
|
|
@article.destroy
|
|
|
|
|
2012-04-12 11:27:01 +00:00
|
|
|
head :ok
|
2012-04-10 14:06:46 +00:00
|
|
|
end
|
2012-09-20 12:08:02 +00:00
|
|
|
|
2014-10-06 20:24:21 +00:00
|
|
|
# DELETE /ticket_attachment_upload
|
|
|
|
def ticket_attachment_upload_delete
|
2015-11-04 11:42:57 +00:00
|
|
|
if params[:store_id]
|
|
|
|
Store.remove_item(params[:store_id])
|
|
|
|
render json: {
|
|
|
|
success: true,
|
|
|
|
}
|
|
|
|
return
|
|
|
|
elsif params[:form_id]
|
|
|
|
Store.remove(
|
|
|
|
object: 'UploadCache',
|
|
|
|
o_id: params[:form_id],
|
|
|
|
)
|
|
|
|
render json: {
|
|
|
|
success: true,
|
|
|
|
}
|
|
|
|
return
|
|
|
|
end
|
2014-10-06 20:24:21 +00:00
|
|
|
|
2015-11-04 11:42:57 +00:00
|
|
|
render json: { message: 'No such store_id or form_id!' }, status: :unprocessable_entity
|
2014-10-06 20:24:21 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
# POST /ticket_attachment_upload
|
|
|
|
def ticket_attachment_upload_add
|
2012-09-20 12:08:02 +00:00
|
|
|
|
|
|
|
# store file
|
2014-10-06 20:24:21 +00:00
|
|
|
file = params[:File]
|
|
|
|
content_type = file.content_type
|
2012-09-20 12:08:02 +00:00
|
|
|
if !content_type || content_type == 'application/octet-stream'
|
2016-01-15 17:22:57 +00:00
|
|
|
content_type = if MIME::Types.type_for(file.original_filename).first
|
|
|
|
MIME::Types.type_for(file.original_filename).first.content_type
|
|
|
|
else
|
|
|
|
'application/octet-stream'
|
|
|
|
end
|
2012-09-20 12:08:02 +00:00
|
|
|
end
|
|
|
|
headers_store = {
|
|
|
|
'Content-Type' => content_type
|
|
|
|
}
|
2014-10-06 20:24:21 +00:00
|
|
|
store = Store.add(
|
2015-04-27 13:42:53 +00:00
|
|
|
object: 'UploadCache',
|
|
|
|
o_id: params[:form_id],
|
|
|
|
data: file.read,
|
|
|
|
filename: file.original_filename,
|
|
|
|
preferences: headers_store
|
2012-09-20 12:08:02 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
# return result
|
2015-04-27 13:42:53 +00:00
|
|
|
render json: {
|
|
|
|
success: true,
|
|
|
|
data: {
|
|
|
|
store_id: store.id,
|
|
|
|
filename: file.original_filename,
|
|
|
|
size: store.size,
|
2014-10-06 20:24:21 +00:00
|
|
|
}
|
2012-09-20 12:08:02 +00:00
|
|
|
}
|
|
|
|
end
|
2012-12-02 10:18:55 +00:00
|
|
|
|
2012-09-20 12:08:02 +00:00
|
|
|
# GET /ticket_attachment/1
|
|
|
|
def attachment
|
|
|
|
|
2016-01-27 18:26:10 +00:00
|
|
|
# permission check
|
2012-09-20 12:08:02 +00:00
|
|
|
ticket = Ticket.find( params[:ticket_id] )
|
|
|
|
if !ticket_permission(ticket)
|
2015-04-27 13:42:53 +00:00
|
|
|
render( json: 'No such ticket.', status: :unauthorized )
|
2012-09-20 12:08:02 +00:00
|
|
|
return
|
|
|
|
end
|
|
|
|
article = Ticket::Article.find( params[:article_id] )
|
|
|
|
if ticket.id != article.ticket_id
|
2015-04-27 13:42:53 +00:00
|
|
|
render( json: 'No access, article_id/ticket_id is not matching.', status: :unauthorized )
|
2012-09-20 12:08:02 +00:00
|
|
|
return
|
|
|
|
end
|
|
|
|
|
2014-02-05 12:22:14 +00:00
|
|
|
list = article.attachments || []
|
2012-09-20 12:08:02 +00:00
|
|
|
access = false
|
|
|
|
list.each {|item|
|
|
|
|
if item.id.to_i == params[:id].to_i
|
|
|
|
access = true
|
|
|
|
end
|
|
|
|
}
|
|
|
|
if !access
|
2015-04-27 13:42:53 +00:00
|
|
|
render( json: 'Requested file id is not linked with article_id.', status: :unauthorized )
|
2012-09-20 12:08:02 +00:00
|
|
|
return
|
|
|
|
end
|
|
|
|
|
|
|
|
# find file
|
|
|
|
file = Store.find(params[:id])
|
|
|
|
send_data(
|
2014-04-28 07:44:36 +00:00
|
|
|
file.content,
|
2015-04-27 13:42:53 +00:00
|
|
|
filename: file.filename,
|
|
|
|
type: file.preferences['Content-Type'] || file.preferences['Mime-Type'],
|
|
|
|
disposition: 'inline'
|
2012-09-20 12:08:02 +00:00
|
|
|
)
|
|
|
|
end
|
|
|
|
|
|
|
|
# GET /ticket_article_plain/1
|
|
|
|
def article_plain
|
|
|
|
|
2016-01-27 18:26:10 +00:00
|
|
|
# permission check
|
2012-09-20 12:08:02 +00:00
|
|
|
article = Ticket::Article.find( params[:id] )
|
|
|
|
return if !ticket_permission( article.ticket )
|
|
|
|
|
|
|
|
list = Store.list(
|
2015-04-27 13:42:53 +00:00
|
|
|
object: 'Ticket::Article::Mail',
|
|
|
|
o_id: params[:id],
|
2012-09-20 12:08:02 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
# find file
|
2015-04-30 15:25:04 +00:00
|
|
|
return if !list
|
|
|
|
|
|
|
|
file = Store.find(list.first)
|
|
|
|
send_data(
|
|
|
|
file.content,
|
|
|
|
filename: file.filename,
|
|
|
|
type: 'message/rfc822',
|
|
|
|
disposition: 'inline'
|
|
|
|
)
|
2012-09-20 12:08:02 +00:00
|
|
|
end
|
|
|
|
|
2012-04-10 14:06:46 +00:00
|
|
|
end
|