From 1f529f82e0664cafc27af5ec73457ba8fad49e27 Mon Sep 17 00:00:00 2001 From: Chris Brame Date: Fri, 8 Mar 2019 00:38:38 -0500 Subject: [PATCH] fix(permissions): roles allowed to edit ticket after socket update --- src/emitter/events.js | 1 + src/public/js/modules/helpers.js | 2 +- src/public/js/modules/ui.js | 10 ++++++---- src/socketio/ticketSocket.js | 1 + src/views/subviews/singleticket.hbs | 24 ++++++++++++++++++++---- 5 files changed, 29 insertions(+), 9 deletions(-) diff --git a/src/emitter/events.js b/src/emitter/events.js index 06a263966..20c150dc5 100644 --- a/src/emitter/events.js +++ b/src/emitter/events.js @@ -317,6 +317,7 @@ var notifications = require('../notifications') // Load Push Events emitter.on('ticket:updated', function (ticket) { io.sockets.emit('updateTicketStatus', { tid: ticket._id, + owner: ticket.owner, status: ticket.status }) diff --git a/src/public/js/modules/helpers.js b/src/public/js/modules/helpers.js index 9f345e06a..9e61386fb 100644 --- a/src/public/js/modules/helpers.js +++ b/src/public/js/modules/helpers.js @@ -1680,7 +1680,7 @@ define([ } helpers.hasPermOverRole = function (ownerRole, extRole, action, adminOverride) { - if (action && !helpers.canUser(action)) return false + if (action && !helpers.canUser(action, adminOverride)) return false if (!extRole) extRole = window.trudeskSessionService.getUser().role._id if (adminOverride === true) { diff --git a/src/public/js/modules/ui.js b/src/public/js/modules/ui.js index 71153c88d..a796636aa 100644 --- a/src/public/js/modules/ui.js +++ b/src/public/js/modules/ui.js @@ -273,10 +273,12 @@ define('modules/ui', [ // Setup assignee list if (assigneeListBtn.length > 0) { - assigneeListBtn.attr('data-notifications', 'assigneeDropdown') - assigneeListBtn.attr('data-updateui', 'assigneeList') - nav.notifications() - socketUi.updateUi() + if (helpers.hasPermOverRole(payload.owner.role._id, null, 'agent:*', true)) { + assigneeListBtn.attr('data-notifications', 'assigneeDropdown') + assigneeListBtn.attr('data-updateui', 'assigneeList') + nav.notifications() + socketUi.updateUi() + } } } } diff --git a/src/socketio/ticketSocket.js b/src/socketio/ticketSocket.js index 950f90a0c..71291af7e 100644 --- a/src/socketio/ticketSocket.js +++ b/src/socketio/ticketSocket.js @@ -70,6 +70,7 @@ events.onUpdateTicketStatus = function (socket) { emitter.emit('ticket:updated', ticketId) utils.sendToAllConnectedClients(io, 'updateTicketStatus', { tid: t._id, + owner: t.owner, status: status }) }) diff --git a/src/views/subviews/singleticket.hbs b/src/views/subviews/singleticket.hbs index 00b3f7ddb..86d94a0fc 100644 --- a/src/views/subviews/singleticket.hbs +++ b/src/views/subviews/singleticket.hbs @@ -15,28 +15,44 @@
{{#is data.ticket.status 0}} {{#canUserOrAdmin data.common.loggedInAccount "agent:*"}} -
New
+ {{#hasPermOverRole data.ticket.owner.role data.common.loggedInAccount.role "tickets:update"}} +
New
+ {{else}} +
New
+ {{/hasPermOverRole}} {{else}}
New
{{/canUserOrAdmin}} {{/is}} {{#is data.ticket.status 1}} {{#canUserOrAdmin data.common.loggedInAccount "agent:*"}} -
Open
+ {{#hasPermOverRole data.ticket.owner.role data.common.loggedInAccount.role "tickets:update"}} +
Open
+ {{else}} +
Open
+ {{/hasPermOverRole}} {{else}}
Open
{{/canUserOrAdmin}} {{/is}} {{#is data.ticket.status 2}} {{#canUserOrAdmin data.common.loggedInAccount "agent:*"}} -
Pending
+ {{#hasPermOverRole data.ticket.owner.role data.common.loggedInAccount.role "tickets:update"}} +
Pending
+ {{else}} +
Pending
+ {{/hasPermOverRole}} {{else}}
Pending
{{/canUserOrAdmin}} {{/is}} {{#is data.ticket.status 3}} {{#canUserOrAdmin data.common.loggedInAccount "agent:*"}} -
Closed
+ {{#hasPermOverRole data.ticket.owner.role data.common.loggedInAccount.role "tickets:update"}} +
Closed
+ {{else}} +
Closed
+ {{/hasPermOverRole}} {{else}}
Closed
{{/canUserOrAdmin}}