trabajo-afectivo/app/controllers/tickets_controller.rb

607 lines
15 KiB
Ruby
Raw Normal View History

2016-10-19 03:11:36 +00:00
# Copyright (C) 2012-2016 Zammad Foundation, http://zammad-foundation.org/
2012-04-10 14:06:46 +00:00
class TicketsController < ApplicationController
include CreatesTicketArticles
include TicketStats
prepend_before_action :authentication_check
2012-04-10 14:06:46 +00:00
# GET /api/v1/tickets
def index
offset = 0
per_page = 100
if params[:page] && params[:per_page]
offset = (params[:page].to_i - 1) * params[:per_page].to_i
per_page = params[:per_page].to_i
end
if per_page > 100
per_page = 100
end
access_condition = Ticket.access_condition(current_user, 'read')
tickets = Ticket.where(access_condition).order(id: 'ASC').offset(offset).limit(per_page)
if params[:expand]
list = []
2016-06-30 20:04:48 +00:00
tickets.each { |ticket|
list.push ticket.attributes_with_association_names
}
render json: list, status: :ok
return
end
if params[:full]
assets = {}
item_ids = []
2016-06-30 20:04:48 +00:00
tickets.each { |item|
item_ids.push item.id
assets = item.assets(assets)
}
render json: {
record_ids: item_ids,
assets: assets,
}, status: :ok
return
end
render json: tickets
end
# GET /api/v1/tickets/1
2012-04-10 14:06:46 +00:00
def show
ticket = Ticket.find(params[:id])
access!(ticket, 'read')
if params[:expand]
result = ticket.attributes_with_association_names
render json: result, status: :ok
return
end
if params[:full]
full = Ticket.full(params[:id])
render json: full
return
end
if params[:all]
render json: ticket_all(ticket)
return
end
2012-09-04 21:28:49 +00:00
render json: ticket
2012-04-10 14:06:46 +00:00
end
# POST /api/v1/tickets
2012-04-10 14:06:46 +00:00
def create
clean_params = Ticket.association_name_to_id_convert(params)
# overwrite params
if !current_user.permissions?('ticket.agent')
[:owner, :owner_id, :customer, :customer_id, :organization, :organization_id, :preferences].each { |key|
clean_params.delete(key)
}
clean_params[:customer_id] = current_user.id
end
# try to create customer if needed
if clean_params[:customer_id] && clean_params[:customer_id] =~ /^guess:(.+?)$/
email = $1
if email !~ /@/ || email =~ /(>|<|\||\!|"|§|'|\$|%|&|\(|\)|\?|\s)/
render json: { error: 'Invalid email of customer' }, status: :unprocessable_entity
return
end
2017-09-08 08:28:34 +00:00
customer = User.find_by(email: email.downcase)
if !customer
role_ids = Role.signup_role_ids
customer = User.create(
firstname: '',
lastname: '',
email: email,
password: '',
active: true,
role_ids: role_ids,
)
end
clean_params[:customer_id] = customer.id
end
clean_params = Ticket.param_cleanup(clean_params, true)
ticket = Ticket.new(clean_params)
2012-04-10 14:06:46 +00:00
# check if article is given
if !params[:article]
render json: { error: 'article hash is missing' }, status: :unprocessable_entity
return
end
# create ticket
ticket.save!
ticket.with_lock do
# create tags if given
2017-09-08 08:28:34 +00:00
if params[:tags].present?
tags = params[:tags].split(/,/)
tags.each { |tag|
2017-04-12 07:34:49 +00:00
ticket.tag_add(tag)
}
end
2012-10-02 05:46:08 +00:00
# create article if given
if params[:article]
article_create(ticket, params[:article])
end
2012-04-10 14:06:46 +00:00
end
# create links (e. g. in case of ticket split)
# links: {
# Ticket: {
# parent: [ticket_id1, ticket_id2, ...]
# normal: [ticket_id1, ticket_id2, ...]
# child: [ticket_id1, ticket_id2, ...]
# },
# }
2017-09-08 08:28:34 +00:00
if params[:links].present?
link = params[:links].permit!.to_h
raise Exceptions::UnprocessableEntity, 'Invalid link structure' if !link.is_a? Hash
link.each { |target_object, link_types_with_object_ids|
raise Exceptions::UnprocessableEntity, 'Invalid link structure (Object)' if !link_types_with_object_ids.is_a? Hash
link_types_with_object_ids.each { |link_type, object_ids|
2017-09-08 08:28:34 +00:00
raise Exceptions::UnprocessableEntity, 'Invalid link structure (Object->LinkType)' if !object_ids.is_a? Array
object_ids.each { |local_object_id|
link = Link.add(
link_type: link_type,
link_object_target: target_object,
link_object_target_value: local_object_id,
link_object_source: 'Ticket',
link_object_source_value: ticket.id,
)
}
}
}
end
if params[:expand]
result = ticket.reload.attributes_with_association_names
render json: result, status: :created
return
end
if params[:all]
render json: ticket_all(ticket.reload)
return
end
render json: ticket.reload, status: :created
2012-04-10 14:06:46 +00:00
end
# PUT /api/v1/tickets/1
2012-04-10 14:06:46 +00:00
def update
ticket = Ticket.find(params[:id])
access!(ticket, 'change')
2014-09-23 05:37:43 +00:00
clean_params = Ticket.association_name_to_id_convert(params)
clean_params = Ticket.param_cleanup(clean_params, true)
# overwrite params
if !current_user.permissions?('ticket.agent')
[:owner, :owner_id, :customer, :customer_id, :organization, :organization_id, :preferences].each { |key|
clean_params.delete(key)
}
end
2012-09-04 21:28:49 +00:00
ticket.with_lock do
ticket.update_attributes!(clean_params)
if params[:article]
article_create(ticket, params[:article])
end
end
if params[:expand]
result = ticket.reload.attributes_with_association_names
render json: result, status: :ok
return
2012-04-10 14:06:46 +00:00
end
if params[:all]
render json: ticket_all(ticket.reload)
return
end
render json: ticket.reload, status: :ok
2012-04-10 14:06:46 +00:00
end
# DELETE /api/v1/tickets/1
2012-04-10 14:06:46 +00:00
def destroy
ticket = Ticket.find(params[:id])
access!(ticket, 'delete')
2012-09-04 21:28:49 +00:00
raise Exceptions::NotAuthorized, 'Not authorized (admin permission required)!' if !current_user.permissions?('admin')
ticket.destroy!
2012-04-10 14:06:46 +00:00
head :ok
2012-04-10 14:06:46 +00:00
end
# GET /api/v1/ticket_customer
# GET /api/v1/tickets_customer
def ticket_customer
2012-10-02 05:46:08 +00:00
# return result
result = Ticket::ScreenOptions.list_by_customer(
customer_id: params[:customer_id],
limit: 15,
)
render json: result
end
# GET /api/v1/ticket_history/1
def ticket_history
# get ticket data
ticket = Ticket.find(params[:id])
access!(ticket, 'read')
# get history of ticket
2013-09-29 16:40:42 +00:00
history = ticket.history_get(true)
# return result
render json: history
end
# GET /api/v1/ticket_related/1
def ticket_related
2012-10-18 19:23:05 +00:00
ticket = Ticket.find(params[:ticket_id])
assets = ticket.assets({})
# open tickets by customer
access_condition = Ticket.access_condition(current_user, 'read')
2015-04-30 15:53:03 +00:00
ticket_lists = Ticket
.where(
customer_id: ticket.customer_id,
state_id: Ticket::State.by_category(:open)
2015-04-30 15:53:03 +00:00
)
.where(access_condition)
.where('id != ?', [ ticket.id ])
2015-04-30 15:53:03 +00:00
.order('created_at DESC')
.limit(6)
2012-10-18 19:23:05 +00:00
# if we do not have open related tickets, search for any tickets
if ticket_lists.empty?
ticket_lists = Ticket
.where(
customer_id: ticket.customer_id,
).where.not(
state_id: Ticket::State.by_category(:merged)
)
.where(access_condition)
.where('id != ?', [ ticket.id ])
.order('created_at DESC')
.limit(6)
end
# get related assets
2014-02-03 19:24:49 +00:00
ticket_ids_by_customer = []
2016-06-30 20:04:48 +00:00
ticket_lists.each { |ticket_list|
2015-04-30 15:53:03 +00:00
ticket_ids_by_customer.push ticket_list.id
assets = ticket_list.assets(assets)
2012-10-18 19:23:05 +00:00
}
ticket_ids_recent_viewed = []
2017-04-27 09:31:23 +00:00
recent_views = RecentView.list(current_user, 8, 'Ticket').delete_if { |object| object['o_id'] == ticket.id }
2016-06-30 20:04:48 +00:00
recent_views.each { |recent_view|
2015-04-30 15:53:03 +00:00
next if recent_view['object'] != 'Ticket'
ticket_ids_recent_viewed.push recent_view['o_id']
recent_view_ticket = Ticket.find(recent_view['o_id'])
next if recent_view_ticket.state.state_type.name == 'merged'
assets = recent_view_ticket.assets(assets)
}
2012-10-18 19:23:05 +00:00
# return result
render json: {
assets: assets,
ticket_ids_by_customer: ticket_ids_by_customer,
ticket_ids_recent_viewed: ticket_ids_recent_viewed,
2012-10-18 19:23:05 +00:00
}
end
# GET /api/v1/ticket_merge/1/1
def ticket_merge
# check master ticket
ticket_master = Ticket.find_by(number: params[:master_ticket_number])
if !ticket_master
render json: {
2017-02-24 14:02:58 +00:00
result: 'failed',
message: 'No such master ticket number!',
}
return
end
access!(ticket_master, 'full')
# check slave ticket
ticket_slave = Ticket.find_by(id: params[:slave_ticket_id])
if !ticket_slave
render json: {
2017-02-24 14:02:58 +00:00
result: 'failed',
message: 'No such slave ticket!',
}
return
end
access!(ticket_slave, 'full')
# merge ticket
2015-04-30 15:53:03 +00:00
ticket_slave.merge_to(
ticket_id: ticket_master.id,
created_by_id: current_user.id,
)
# return result
render json: {
result: 'success',
master_ticket: ticket_master.attributes,
slave_ticket: ticket_slave.attributes,
}
end
# GET /api/v1/ticket_split
def ticket_split
ticket = Ticket.find(params[:ticket_id])
access!(ticket, 'read')
assets = ticket.assets({})
# get related articles
article = Ticket::Article.find(params[:article_id])
assets = article.assets(assets)
render json: {
assets: assets
}
end
# GET /api/v1/ticket_create
def ticket_create
2013-01-04 08:09:59 +00:00
# get attributes to update
attributes_to_change = Ticket::ScreenOptions.attributes_to_change(
current_user: current_user,
)
render json: attributes_to_change
end
# GET /api/v1/tickets/search
2012-11-14 01:05:53 +00:00
def search
2014-09-01 13:09:43 +00:00
# permit nested conditions
2016-09-11 08:46:01 +00:00
if params[:condition]
params.require(:condition).permit!
end
2014-09-01 13:09:43 +00:00
# set limit for pagination if needed
if params[:page] && params[:per_page]
params[:limit] = params[:page].to_i * params[:per_page].to_i
end
if params[:limit] && params[:limit].to_i > 100
params[:limit].to_i = 100
end
2012-11-14 01:05:53 +00:00
# build result list
2013-05-21 22:30:09 +00:00
tickets = Ticket.search(
limit: params[:limit],
2016-09-07 08:39:06 +00:00
query: params[:query],
condition: params[:condition],
current_user: current_user,
2013-05-21 22:30:09 +00:00
)
# do pagination if needed
if params[:page] && params[:per_page]
offset = (params[:page].to_i - 1) * params[:per_page].to_i
2017-09-08 08:28:34 +00:00
tickets = tickets[offset, params[:per_page].to_i] || []
end
if params[:expand]
list = []
2016-06-30 20:04:48 +00:00
tickets.each { |ticket|
list.push ticket.attributes_with_association_names
}
render json: list, status: :ok
return
end
assets = {}
2013-05-21 22:30:09 +00:00
ticket_result = []
tickets.each do |ticket|
ticket_result.push ticket.id
assets = ticket.assets(assets)
2012-11-14 01:05:53 +00:00
end
# return result
render json: {
tickets: ticket_result,
tickets_count: tickets.count,
assets: assets,
2012-11-14 01:05:53 +00:00
}
end
2015-09-17 01:04:16 +00:00
# GET /api/v1/tickets/selector
def selector
permission_check('admin.*')
2015-09-17 01:04:16 +00:00
ticket_count, tickets = Ticket.selectors(params[:condition], 6)
assets = {}
ticket_ids = []
if tickets
tickets.each do |ticket|
ticket_ids.push ticket.id
assets = ticket.assets(assets)
end
end
# return result
render json: {
ticket_ids: ticket_ids,
ticket_count: ticket_count || 0,
assets: assets,
}
end
2014-11-10 07:34:20 +00:00
# GET /api/v1/ticket_stats
2014-11-09 23:42:17 +00:00
def stats
2014-11-10 07:34:20 +00:00
if !params[:user_id] && !params[:organization_id]
2016-03-01 14:26:46 +00:00
raise 'Need user_id or organization_id as param'
2014-11-10 07:34:20 +00:00
end
2014-11-09 23:42:17 +00:00
# lookup open user tickets
limit = 100
assets = {}
access_condition = Ticket.access_condition(current_user, 'read')
user_tickets = {}
2014-11-10 07:34:20 +00:00
if params[:user_id]
user = User.lookup(id: params[:user_id])
if !user
raise "No such user with id #{params[:user_id]}"
end
conditions = {
closed_ids: {
'ticket.state_id' => {
operator: 'is',
value: Ticket::State.by_category(:closed).pluck(:id),
},
'ticket.customer_id' => {
operator: 'is',
value: user.id,
},
},
open_ids: {
'ticket.state_id' => {
operator: 'is',
value: Ticket::State.by_category(:open).pluck(:id),
},
'ticket.customer_id' => {
operator: 'is',
value: user.id,
},
},
2014-11-10 07:34:20 +00:00
}
conditions.each { |key, local_condition|
user_tickets[key] = ticket_ids_and_assets(local_condition, current_user, limit, assets)
2014-11-10 07:34:20 +00:00
}
2014-11-09 23:42:17 +00:00
2014-11-10 07:34:20 +00:00
# generate stats by user
condition = {
'tickets.customer_id' => user.id,
2014-11-10 07:34:20 +00:00
}
user_tickets[:volume_by_year] = ticket_stats_last_year(condition, access_condition)
2014-11-10 07:34:20 +00:00
end
2014-11-09 23:42:17 +00:00
# lookup open org tickets
org_tickets = {}
2014-11-10 07:34:20 +00:00
if params[:organization_id] && !params[:organization_id].empty?
organization = Organization.lookup(id: params[:organization_id])
if !organization
raise "No such organization with id #{params[:organization_id]}"
end
conditions = {
closed_ids: {
'ticket.state_id' => {
operator: 'is',
value: Ticket::State.by_category(:closed).pluck(:id),
},
'ticket.organization_id' => {
operator: 'is',
value: organization.id,
},
},
open_ids: {
'ticket.state_id' => {
operator: 'is',
value: Ticket::State.by_category(:open).pluck(:id),
},
'ticket.organization_id' => {
operator: 'is',
value: organization.id,
},
},
2014-11-09 23:42:17 +00:00
}
conditions.each { |key, local_condition|
org_tickets[key] = ticket_ids_and_assets(local_condition, current_user, limit, assets)
2014-11-09 23:42:17 +00:00
}
2014-11-10 07:34:20 +00:00
# generate stats by org
condition = {
'tickets.organization_id' => organization.id,
2014-11-09 23:42:17 +00:00
}
org_tickets[:volume_by_year] = ticket_stats_last_year(condition, access_condition)
2014-11-10 07:34:20 +00:00
end
2014-11-09 23:42:17 +00:00
# return result
render json: {
user: user_tickets,
organization: org_tickets,
assets: assets,
2014-11-09 23:42:17 +00:00
}
end
2014-09-23 05:37:43 +00:00
private
def ticket_all(ticket)
# get attributes to update
attributes_to_change = Ticket::ScreenOptions.attributes_to_change(
current_user: current_user,
ticket: ticket
)
# get related users
assets = attributes_to_change[:assets]
assets = ticket.assets(assets)
# get related users
article_ids = []
ticket.articles.each { |article|
# ignore internal article if customer is requesting
next if article.internal == true && current_user.permissions?('ticket.customer')
article_ids.push article.id
assets = article.assets(assets)
}
# get links
links = Link.list(
link_object: 'Ticket',
link_object_value: ticket.id,
)
link_list = []
links.each { |item|
link_list.push item
if item['link_object'] == 'Ticket'
linked_ticket = Ticket.lookup(id: item['link_object_value'])
assets = linked_ticket.assets(assets)
end
}
# get tags
2017-04-12 07:34:49 +00:00
tags = ticket.tag_list
# return result
{
ticket_id: ticket.id,
ticket_article_ids: article_ids,
assets: assets,
links: link_list,
tags: tags,
form_meta: attributes_to_change[:form_meta],
}
end
2012-04-10 14:06:46 +00:00
end