public async Task <ActionResult> ShowTicket(int?id)
{
if (id != null)
{
User curUser = await userManager.GetCurrentUser();
Ticket ticket = await db.Tickets.Include(y => y.User).Include(s => s.ChildTickets)
.SingleOrDefaultAsync(x => x.Id == id);
ticket.ChildTickets = await db.Tickets.Include(z => z.User).Include(e => e.Type).Include(y => y.ChildTickets).Include(w => w.Comments)
.Where(x => x.ParentTicket.Id == ticket.Id).ToListAsync();
Team team = await db.Teams.Include(x => x.UserPermissions).SingleOrDefaultAsync(y => y.Id == ticket.TeamId);
UserPermission teamUserPerms = team.UserPermissions.SingleOrDefault(x => x.User.Id == curUser.Id);
TeamPermissions teamPerms = null;
if (teamUserPerms != null)
{
teamPerms = teamUserPerms.TeamRole.Permissions;
}
if (team.Users.Find(x => x.Id == curUser.Id) != null || curUser.AppRole.Permissions.IsAdmin)
{
TicketDTO ticketDto = dtoConverter.ConvertTicket(ticket, curUser, teamPerms);
ticketDto.ChildTickets = dtoConverter.ConvertTicketList(ticket.ChildTickets, curUser, teamPerms);
ticketDto.Comments = dtoConverter.ConvertCommentList(ticket.Comments, curUser, teamPerms);
ticketDto.Logs = dtoConverter.ConvertTicketLogList(ticket.Logs);
await FillTypeList();
return(View(ticketDto));
}
}
return(RedirectToAction("Tickets", "Ticket"));
}
public async Task <JsonResult> GetUserTeamPermissions(int?teamId)
{
User appUser = await userManager.GetCurrentUser();
if (appUser != null && teamId != null)
{
if (appUser.AppRole.Permissions.IsAdmin)
{
TeamPermissions teamPerms = new TeamPermissions()
{
CanChangeTicketState = true,
CanCommentTicket = true,
CanCreateTicket = true,
CanDeleteComments = true,
CanDeleteTickets = true,
CanEditComments = true,
CanEditTickets = true,
CanInviteToTeam = true,
CanSetUserRoles = true
};
return(Json(teamPerms, JsonRequestBehavior.AllowGet));
}
else
{
TeamPermissions curPerms = appUser.Teams.SingleOrDefault(x => x.Id == teamId).UserPermissions
.SingleOrDefault(x => x.User.Id == appUser.Id).TeamRole.Permissions;
return(Json(curPerms, JsonRequestBehavior.AllowGet));
}
}
return(Json(null, JsonRequestBehavior.AllowGet));
}
public async Task <JsonResult> EditSave(int?id, string description, int?type)
{
if (id != null && description != null && type != null && description != "")
{
string unescapedText = htmlValidator.ValidateHtml(HttpUtility.UrlDecode(description));
description = unescapedText;
Ticket ticket = await ticketManager.GetTicketNoInclude(id);
User curUser = await userManager.GetCurrentUser();
TeamPermissions teamPerms = await GetCurrentTeamPermissions(ticket.TeamId, curUser.Id);
if (ticket.User.Id == curUser.Id || curUser.AppRole.Permissions.IsAdmin || teamPerms.CanEditTickets)
{
TicketType newType = await db.TicketTypes.SingleOrDefaultAsync(x => x.Id == type);
if (ticket != null && newType != null)
{
await ticketManager.Edit(id, description, type, curUser);
return(Json(true, JsonRequestBehavior.AllowGet));
}
}
}
return(Json(false, JsonRequestBehavior.AllowGet));
}
public async Task <ActionResult> Edit(int?id)
{
if (id != null)
{
await FillTypeList();
Ticket ticket = await db.Tickets.Include(z => z.User).Include(x => x.ChildTickets).Include(y => y.Comments)
.SingleOrDefaultAsync(x => x.Id == id);
User curUser = await userManager.GetCurrentUser();
TeamPermissions teamPerms = await GetCurrentTeamPermissions(ticket.TeamId, curUser.Id);
if (ticket != null && curUser != null && teamPerms != null)
{
if (ticket.User.Id == curUser.Id || curUser.AppRole.Permissions.IsAdmin || teamPerms.CanEditTickets)
{
return(View(ticket));
}
else
{
return(RedirectToAction("NoPermissionError", "Ticket"));
}
}
}
return(RedirectToAction("Tickets", "Ticket"));
}
public List <TicketDTO> ConvertTicketList(List <Ticket> tickets, User user, TeamPermissions permissions)
{
if (tickets != null && user != null && permissions != null)
{
List <TicketDTO> returnList = new List <TicketDTO>();
foreach (Ticket value in tickets)
{
returnList.Add(ConvertTicket(value, user, permissions));
}
return(returnList);
}
throw new ArgumentNullException();
}
private async Task <TeamPermissions> GetCurrentTeamPermissions(int ticketTeamId, int curUserId)
{
Team team = await db.Teams.SingleOrDefaultAsync(x => x.Id == ticketTeamId);
UserPermission userPerms = team.UserPermissions.SingleOrDefault(x => x.User.Id == curUserId);
if (userPerms != null)
{
TeamPermissions teamPerms = userPerms.TeamRole.Permissions;
return(teamPerms);
}
return(new TeamPermissions());
}
public CommentDTO ConvertComment(Comment comment, User user, TeamPermissions permissions)
{
if (comment != null && user != null && permissions != null)
{
CommentDTO dto = new CommentDTO(comment);
if (comment.User.Id == user.Id || user.AppRole.Permissions.IsAdmin || permissions.CanDeleteComments)
{
dto.CanDelete = true;
}
else
{
dto.CanDelete = false;
}
return(dto);
}
throw new ArgumentNullException();
}
public async Task <JsonResult> AddTicket(TicketBase newTicket)
{
User curUser = await userManager.GetCurrentUser();
string unescapedText = htmlValidator.ValidateHtml(HttpUtility.UrlDecode(newTicket.Description));
newTicket.Description = unescapedText;
TeamPermissions userPerms = await GetCurrentTeamPermissions(newTicket.BaseTeamId, curUser.Id);
if (userPerms.CanCreateTicket == true || curUser.AppRole.Permissions.IsAdmin == true)
{
Ticket createdTicket = await ticketManager.Add(newTicket, curUser);
TicketDTO ticketDto = dtoConverter.ConvertTicket(createdTicket, curUser, userPerms);
return(Json(ticketDto));
}
return(Json(null));
}
public TicketDTO ConvertTicket(Ticket ticket, User user, TeamPermissions permissions)
{
if (ticket != null && user != null && permissions != null)
{
TicketDTO dto = new TicketDTO(ticket);
if (ticket.User.Id == user.Id || user.AppRole.Permissions.IsAdmin)
{
dto.CanDelete = true;
dto.CanEdit = true;
}
else
{
dto.CanDelete = permissions.CanDeleteTickets;
dto.CanEdit = permissions.CanEditTickets;
}
return(dto);
}
throw new ArgumentNullException();
}
public async Task <JsonResult> ChangeTicketState(int?ticketId, int?state)
{
if (ticketId != null && state != null && ticketId > 0 && state >= 0 && state <= 3)
{
User curUser = await userManager.GetCurrentUser();
Ticket ticket = await ticketManager.GetTicketNoInclude(ticketId);
if (curUser != null && ticket != null)
{
TeamPermissions teamPerms = await GetCurrentTeamPermissions(ticket.TeamId, curUser.Id);
if (curUser.AppRole.Permissions.IsAdmin || teamPerms.CanChangeTicketState)
{
await ticketManager.ChangeState(ticketId, state, curUser);
return(Json(true));
}
}
}
return(Json(false));
}
public async Task <JsonResult> AddComment(int?ticketId, string text)
{
if (text != null && ticketId != null && ticketId > 0)
{
string unescapedText = htmlValidator.ValidateHtml(HttpUtility.UrlDecode(text));
text = unescapedText;
User curUser = await userManager.GetCurrentUser();
Ticket curTicket = await db.Tickets.Include(y => y.Comments).SingleOrDefaultAsync(x => x.Id == ticketId);
TeamPermissions userPerms = await GetCurrentTeamPermissions(curTicket.TeamId, curUser.Id);
if (userPerms.CanCommentTicket || curUser.AppRole.Permissions.IsAdmin)
{
Comment newComment = await commentManager.Add(curUser, curTicket, text);
CommentDTO commentToJs = dtoConverter.ConvertComment(newComment, curUser, userPerms);
return(Json(commentToJs));
}
}
return(Json(null));
}
public async Task <JsonResult> DeleteTicket(int?id)
{
if (id != null)
{
Ticket ticket = await db.Tickets.Include(z => z.ParentTicket).Include(z => z.User).SingleOrDefaultAsync(x => x.Id == id);
User curUser = await userManager.GetCurrentUser();
TeamPermissions teamPerms = await GetCurrentTeamPermissions(ticket.TeamId, curUser.Id);
if (ticket != null && teamPerms != null)
{
if (ticket.User.Id == curUser.Id || curUser.AppRole.Permissions.IsAdmin || teamPerms.CanDeleteTickets)
{
await ticketManager.Delete(id, curUser);
return(Json(true, JsonRequestBehavior.AllowGet));
}
}
}
return(Json(false, JsonRequestBehavior.AllowGet));
}
public async Task <JsonResult> DeleteComment(int?id)
{
if (id != null)
{
Comment comment = await db.Comments.SingleOrDefaultAsync(x => x.Id == id);
Ticket curTicket = await ticketManager.GetTicketNoInclude(comment.BaseTicketId);
User curUser = await userManager.GetCurrentUser();
TeamPermissions teamPerms = await GetCurrentTeamPermissions(comment.TeamId, curUser.Id);
if (comment != null && teamPerms != null)
{
if (comment.User.Id == curUser.Id || curUser.AppRole.Permissions.IsAdmin || teamPerms.CanDeleteComments)
{
bool result = await commentManager.Delete(id, curUser, curTicket);
return(Json(result, JsonRequestBehavior.AllowGet));
}
}
}
return(Json(false, JsonRequestBehavior.AllowGet));
}
public async Task <JsonResult> GetTicketsByTeamAndType(int?teamId, int?typeId)
{
if (teamId != null && typeId != null && teamId > 0 && typeId > 0)
{
User curUser = await userManager.GetCurrentUser();
TicketType curType = await db.TicketTypes.SingleOrDefaultAsync(x => x.Id == typeId);
Team curTeam = await db.Teams.SingleOrDefaultAsync(x => x.Id == teamId);
if (curTeam != null && curType != null && curUser != null)
{
if (curTeam.Users.Find(x => x.Id == curUser.Id) != null)
{
TeamPermissions teamPerms = curTeam.UserPermissions.SingleOrDefault(x => x.User.Id == curUser.Id).TeamRole.Permissions;
List <Ticket> ticketsList = await ticketManager.GetTicketsByTeamAndType(teamId, typeId);
List <TicketDTO> dtoTicketsList = dtoConverter.ConvertTicketList(ticketsList, curUser, teamPerms);
return(Json(dtoTicketsList));
}
}
}
return(Json(false));
}
public IEnumerable <Team> GetTeams()
{
return(TeamPermissions.Select(p => p.Team).Distinct());
}
public List <CommentDTO> ConvertCommentList(List <Comment> comments, User user, TeamPermissions permissions)
{
if (comments != null && user != null && permissions != null)
{
List <CommentDTO> returnList = new List <CommentDTO>();
foreach (Comment value in comments)
{
returnList.Add(ConvertComment(value, user, permissions));
}
return(returnList);
}
throw new ArgumentNullException();
}
public bool IsTeamAdmin(string slug)
{
return(TeamPermissions.Any(a => a.Team.Slug == slug && a.Role.Name == TeamRole.Codes.Admin));
}
