public async Task <ActionResult> ShowTicket(int?id) { if (id != null) { User curUser = await userManager.GetCurrentUser(); Ticket ticket = await db.Tickets.Include(y => y.User).Include(s => s.ChildTickets) .SingleOrDefaultAsync(x => x.Id == id); ticket.ChildTickets = await db.Tickets.Include(z => z.User).Include(e => e.Type).Include(y => y.ChildTickets).Include(w => w.Comments) .Where(x => x.ParentTicket.Id == ticket.Id).ToListAsync(); Team team = await db.Teams.Include(x => x.UserPermissions).SingleOrDefaultAsync(y => y.Id == ticket.TeamId); UserPermission teamUserPerms = team.UserPermissions.SingleOrDefault(x => x.User.Id == curUser.Id); TeamPermissions teamPerms = null; if (teamUserPerms != null) { teamPerms = teamUserPerms.TeamRole.Permissions; } if (team.Users.Find(x => x.Id == curUser.Id) != null || curUser.AppRole.Permissions.IsAdmin) { TicketDTO ticketDto = dtoConverter.ConvertTicket(ticket, curUser, teamPerms); ticketDto.ChildTickets = dtoConverter.ConvertTicketList(ticket.ChildTickets, curUser, teamPerms); ticketDto.Comments = dtoConverter.ConvertCommentList(ticket.Comments, curUser, teamPerms); ticketDto.Logs = dtoConverter.ConvertTicketLogList(ticket.Logs); await FillTypeList(); return(View(ticketDto)); } } return(RedirectToAction("Tickets", "Ticket")); }
public async Task <JsonResult> GetUserTeamPermissions(int?teamId) { User appUser = await userManager.GetCurrentUser(); if (appUser != null && teamId != null) { if (appUser.AppRole.Permissions.IsAdmin) { TeamPermissions teamPerms = new TeamPermissions() { CanChangeTicketState = true, CanCommentTicket = true, CanCreateTicket = true, CanDeleteComments = true, CanDeleteTickets = true, CanEditComments = true, CanEditTickets = true, CanInviteToTeam = true, CanSetUserRoles = true }; return(Json(teamPerms, JsonRequestBehavior.AllowGet)); } else { TeamPermissions curPerms = appUser.Teams.SingleOrDefault(x => x.Id == teamId).UserPermissions .SingleOrDefault(x => x.User.Id == appUser.Id).TeamRole.Permissions; return(Json(curPerms, JsonRequestBehavior.AllowGet)); } } return(Json(null, JsonRequestBehavior.AllowGet)); }
public async Task <JsonResult> EditSave(int?id, string description, int?type) { if (id != null && description != null && type != null && description != "") { string unescapedText = htmlValidator.ValidateHtml(HttpUtility.UrlDecode(description)); description = unescapedText; Ticket ticket = await ticketManager.GetTicketNoInclude(id); User curUser = await userManager.GetCurrentUser(); TeamPermissions teamPerms = await GetCurrentTeamPermissions(ticket.TeamId, curUser.Id); if (ticket.User.Id == curUser.Id || curUser.AppRole.Permissions.IsAdmin || teamPerms.CanEditTickets) { TicketType newType = await db.TicketTypes.SingleOrDefaultAsync(x => x.Id == type); if (ticket != null && newType != null) { await ticketManager.Edit(id, description, type, curUser); return(Json(true, JsonRequestBehavior.AllowGet)); } } } return(Json(false, JsonRequestBehavior.AllowGet)); }
public async Task <ActionResult> Edit(int?id) { if (id != null) { await FillTypeList(); Ticket ticket = await db.Tickets.Include(z => z.User).Include(x => x.ChildTickets).Include(y => y.Comments) .SingleOrDefaultAsync(x => x.Id == id); User curUser = await userManager.GetCurrentUser(); TeamPermissions teamPerms = await GetCurrentTeamPermissions(ticket.TeamId, curUser.Id); if (ticket != null && curUser != null && teamPerms != null) { if (ticket.User.Id == curUser.Id || curUser.AppRole.Permissions.IsAdmin || teamPerms.CanEditTickets) { return(View(ticket)); } else { return(RedirectToAction("NoPermissionError", "Ticket")); } } } return(RedirectToAction("Tickets", "Ticket")); }
public List <TicketDTO> ConvertTicketList(List <Ticket> tickets, User user, TeamPermissions permissions) { if (tickets != null && user != null && permissions != null) { List <TicketDTO> returnList = new List <TicketDTO>(); foreach (Ticket value in tickets) { returnList.Add(ConvertTicket(value, user, permissions)); } return(returnList); } throw new ArgumentNullException(); }
private async Task <TeamPermissions> GetCurrentTeamPermissions(int ticketTeamId, int curUserId) { Team team = await db.Teams.SingleOrDefaultAsync(x => x.Id == ticketTeamId); UserPermission userPerms = team.UserPermissions.SingleOrDefault(x => x.User.Id == curUserId); if (userPerms != null) { TeamPermissions teamPerms = userPerms.TeamRole.Permissions; return(teamPerms); } return(new TeamPermissions()); }
public CommentDTO ConvertComment(Comment comment, User user, TeamPermissions permissions) { if (comment != null && user != null && permissions != null) { CommentDTO dto = new CommentDTO(comment); if (comment.User.Id == user.Id || user.AppRole.Permissions.IsAdmin || permissions.CanDeleteComments) { dto.CanDelete = true; } else { dto.CanDelete = false; } return(dto); } throw new ArgumentNullException(); }
public async Task <JsonResult> AddTicket(TicketBase newTicket) { User curUser = await userManager.GetCurrentUser(); string unescapedText = htmlValidator.ValidateHtml(HttpUtility.UrlDecode(newTicket.Description)); newTicket.Description = unescapedText; TeamPermissions userPerms = await GetCurrentTeamPermissions(newTicket.BaseTeamId, curUser.Id); if (userPerms.CanCreateTicket == true || curUser.AppRole.Permissions.IsAdmin == true) { Ticket createdTicket = await ticketManager.Add(newTicket, curUser); TicketDTO ticketDto = dtoConverter.ConvertTicket(createdTicket, curUser, userPerms); return(Json(ticketDto)); } return(Json(null)); }
public TicketDTO ConvertTicket(Ticket ticket, User user, TeamPermissions permissions) { if (ticket != null && user != null && permissions != null) { TicketDTO dto = new TicketDTO(ticket); if (ticket.User.Id == user.Id || user.AppRole.Permissions.IsAdmin) { dto.CanDelete = true; dto.CanEdit = true; } else { dto.CanDelete = permissions.CanDeleteTickets; dto.CanEdit = permissions.CanEditTickets; } return(dto); } throw new ArgumentNullException(); }
public async Task <JsonResult> ChangeTicketState(int?ticketId, int?state) { if (ticketId != null && state != null && ticketId > 0 && state >= 0 && state <= 3) { User curUser = await userManager.GetCurrentUser(); Ticket ticket = await ticketManager.GetTicketNoInclude(ticketId); if (curUser != null && ticket != null) { TeamPermissions teamPerms = await GetCurrentTeamPermissions(ticket.TeamId, curUser.Id); if (curUser.AppRole.Permissions.IsAdmin || teamPerms.CanChangeTicketState) { await ticketManager.ChangeState(ticketId, state, curUser); return(Json(true)); } } } return(Json(false)); }
public async Task <JsonResult> AddComment(int?ticketId, string text) { if (text != null && ticketId != null && ticketId > 0) { string unescapedText = htmlValidator.ValidateHtml(HttpUtility.UrlDecode(text)); text = unescapedText; User curUser = await userManager.GetCurrentUser(); Ticket curTicket = await db.Tickets.Include(y => y.Comments).SingleOrDefaultAsync(x => x.Id == ticketId); TeamPermissions userPerms = await GetCurrentTeamPermissions(curTicket.TeamId, curUser.Id); if (userPerms.CanCommentTicket || curUser.AppRole.Permissions.IsAdmin) { Comment newComment = await commentManager.Add(curUser, curTicket, text); CommentDTO commentToJs = dtoConverter.ConvertComment(newComment, curUser, userPerms); return(Json(commentToJs)); } } return(Json(null)); }
public async Task <JsonResult> DeleteTicket(int?id) { if (id != null) { Ticket ticket = await db.Tickets.Include(z => z.ParentTicket).Include(z => z.User).SingleOrDefaultAsync(x => x.Id == id); User curUser = await userManager.GetCurrentUser(); TeamPermissions teamPerms = await GetCurrentTeamPermissions(ticket.TeamId, curUser.Id); if (ticket != null && teamPerms != null) { if (ticket.User.Id == curUser.Id || curUser.AppRole.Permissions.IsAdmin || teamPerms.CanDeleteTickets) { await ticketManager.Delete(id, curUser); return(Json(true, JsonRequestBehavior.AllowGet)); } } } return(Json(false, JsonRequestBehavior.AllowGet)); }
public async Task <JsonResult> DeleteComment(int?id) { if (id != null) { Comment comment = await db.Comments.SingleOrDefaultAsync(x => x.Id == id); Ticket curTicket = await ticketManager.GetTicketNoInclude(comment.BaseTicketId); User curUser = await userManager.GetCurrentUser(); TeamPermissions teamPerms = await GetCurrentTeamPermissions(comment.TeamId, curUser.Id); if (comment != null && teamPerms != null) { if (comment.User.Id == curUser.Id || curUser.AppRole.Permissions.IsAdmin || teamPerms.CanDeleteComments) { bool result = await commentManager.Delete(id, curUser, curTicket); return(Json(result, JsonRequestBehavior.AllowGet)); } } } return(Json(false, JsonRequestBehavior.AllowGet)); }
public async Task <JsonResult> GetTicketsByTeamAndType(int?teamId, int?typeId) { if (teamId != null && typeId != null && teamId > 0 && typeId > 0) { User curUser = await userManager.GetCurrentUser(); TicketType curType = await db.TicketTypes.SingleOrDefaultAsync(x => x.Id == typeId); Team curTeam = await db.Teams.SingleOrDefaultAsync(x => x.Id == teamId); if (curTeam != null && curType != null && curUser != null) { if (curTeam.Users.Find(x => x.Id == curUser.Id) != null) { TeamPermissions teamPerms = curTeam.UserPermissions.SingleOrDefault(x => x.User.Id == curUser.Id).TeamRole.Permissions; List <Ticket> ticketsList = await ticketManager.GetTicketsByTeamAndType(teamId, typeId); List <TicketDTO> dtoTicketsList = dtoConverter.ConvertTicketList(ticketsList, curUser, teamPerms); return(Json(dtoTicketsList)); } } } return(Json(false)); }
public IEnumerable <Team> GetTeams() { return(TeamPermissions.Select(p => p.Team).Distinct()); }
public List <CommentDTO> ConvertCommentList(List <Comment> comments, User user, TeamPermissions permissions) { if (comments != null && user != null && permissions != null) { List <CommentDTO> returnList = new List <CommentDTO>(); foreach (Comment value in comments) { returnList.Add(ConvertComment(value, user, permissions)); } return(returnList); } throw new ArgumentNullException(); }
public bool IsTeamAdmin(string slug) { return(TeamPermissions.Any(a => a.Team.Slug == slug && a.Role.Name == TeamRole.Codes.Admin)); }