Exemple #1
0
        public void EditTicket(HttpListenerContext context)
        {
            try
            {
                var data    = GetRequestPostData(context.Request);
                var session = ValidateSession(data);

                if (!data.AllKeys.Contains("ticketId"))
                {
                    throw new InputException("ticketId");
                }
                int ticketId = Convert.ToInt32(data["ticketId"]);

                var ticket = ticketData.GetTicket(session, ticketId);
                if (ticket == null || !ticket.Permissions.CanEdit)
                {
                    ticketData.LogEvent(session, ticketId, TICKET_EVENT.SECURITY_PREVENTED, null);
                    throw new RequestException("Not authorized to edit ticket");
                }

                TicketEdit edit = new TicketEdit(session, data, ticket);
                ticketData.ApplyEdit(session, ticketId, edit);
                SendTextResponse(context, "1");
            }
            catch (RequestException e)
            {
                SendUnexpectedError(context, e.Reason);
            }
            catch (InputException e)
            {
                SendMissingParameter(context, e.Reason);
            }
        }
        public void ApplyEdit(Session session, int ticketId, TicketEdit edit)
        {
            string updates = String.Join(",", edit.UpdateQueries);

            Update(ApplyEditQuery, Config.Get("mysql_db"), ticketId, session.UserId, updates);

            foreach (var e in edit.Events)
            {
                LogEvent(session, ticketId, e.Key, e.Value);
            }
        }