Hesk v3.2.0
This commit is contained in:
Luke Tainton
@@ -30,6 +30,7 @@ $hesk_settings['possible_ticket_list'] = array(
|
||||
'staffreplies' => $hesklang['replies'] . ' (' . $hesklang['staff'] .')',
|
||||
'lastreplier' => $hesklang['last_replier'],
|
||||
'time_worked' => $hesklang['ts'],
|
||||
'due_date' => $hesklang['due_date']
|
||||
);
|
||||
|
||||
define('HESK_NO_ROBOTS', true);
|
||||
@@ -214,7 +215,7 @@ function hesk_mergeTickets($merge_these, $merge_into)
|
||||
hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`='".intval($row['id'])."'");
|
||||
|
||||
/* Log that ticket has been merged */
|
||||
$history .= sprintf($hesklang['thist13'],hesk_date(),$row['trackid'],$_SESSION['name'].' ('.$_SESSION['user'].')');
|
||||
$history .= sprintf($hesklang['thist13'],hesk_date(),$row['trackid'],addslashes($_SESSION['name']).' ('.$_SESSION['user'].')');
|
||||
|
||||
/* Add old ticket ID to target ticket "merged" field */
|
||||
$merged .= '#' . $row['trackid'];
|
||||
@@ -736,43 +737,43 @@ function hesk_jsString($str)
|
||||
|
||||
function hesk_myOwnership()
|
||||
{
|
||||
// Admins can see all tickets
|
||||
if ( ! empty($_SESSION['isadmin']) )
|
||||
{
|
||||
return '1';
|
||||
}
|
||||
|
||||
// For staff, let's check permissions
|
||||
$can_view_unassigned = hesk_checkPermission('can_view_unassigned',0);
|
||||
$can_view_ass_others = hesk_checkPermission('can_view_ass_others',0);
|
||||
$can_view_ass_by = hesk_checkPermission('can_view_ass_by', 0);
|
||||
|
||||
// Can view all
|
||||
// Can see all assigned and unassigned tickets
|
||||
if ($can_view_unassigned && $can_view_ass_others)
|
||||
{
|
||||
return '1';
|
||||
}
|
||||
|
||||
$sql = '';
|
||||
|
||||
if ( ! $can_view_unassigned && ! $can_view_ass_others)
|
||||
// Can see my tickets, unassigned and tickets I assigned to others
|
||||
if ($can_view_unassigned && $can_view_ass_by)
|
||||
{
|
||||
$sql .= "`owner`=" . intval($_SESSION['id']);
|
||||
}
|
||||
elseif ( ! $can_view_unassigned)
|
||||
{
|
||||
$sql .= "`owner` != 0 ";
|
||||
}
|
||||
elseif ( ! $can_view_ass_others)
|
||||
{
|
||||
$sql .= "`owner` IN (0, " . intval($_SESSION['id']) . ") ";
|
||||
return " (`owner` IN ('0', '" . intval($_SESSION['id']) . "') OR `assignedby` = " . intval($_SESSION['id']) . ") ";
|
||||
}
|
||||
|
||||
// Include tickets he/she assigned to others?
|
||||
if ($can_view_ass_by)
|
||||
// Can see unassigned
|
||||
if ($can_view_unassigned)
|
||||
{
|
||||
return "(" . $sql . " OR `assignedby`=" . intval($_SESSION['id']) . ")";
|
||||
return " `owner` IN ('0', '" . intval($_SESSION['id']) . "') ";
|
||||
}
|
||||
|
||||
return $sql;
|
||||
// Can see my tickets and assigned to others
|
||||
if ($can_view_ass_others)
|
||||
{
|
||||
return " `owner` != 0 ";
|
||||
}
|
||||
|
||||
// Can see my tickets and tickets I assigned to others
|
||||
return " (`owner` = " . intval($_SESSION['id']) . " OR `assignedby` = " . intval($_SESSION['id']) . ") ";
|
||||
|
||||
} // END hesk_myOwnership()
|
||||
|
||||
|
||||
Reference in New Issue
Block a user