1# -- 2# Copyright (C) 2001-2020 OTRS AG, https://otrs.com/ 3# -- 4# This software comes with ABSOLUTELY NO WARRANTY. For details, see 5# the enclosed file COPYING for license information (GPL). If you 6# did not receive this file, see https://www.gnu.org/licenses/gpl-3.0.txt. 7# -- 8 9package Kernel::Modules::AgentTicketWatcher; 10 11use strict; 12use warnings; 13 14our $ObjectManagerDisabled = 1; 15 16use Kernel::System::VariableCheck qw(:all); 17use Kernel::Language qw(Translatable); 18 19sub new { 20 my ( $Type, %Param ) = @_; 21 22 # allocate new hash for object 23 my $Self = {%Param}; 24 bless( $Self, $Type ); 25 26 return $Self; 27} 28 29sub Run { 30 my ( $Self, %Param ) = @_; 31 32 # get needed objects 33 my $ConfigObject = $Kernel::OM->Get('Kernel::Config'); 34 my $LayoutObject = $Kernel::OM->Get('Kernel::Output::HTML::Layout'); 35 36 # ------------------------------------------------------------ # 37 # check if feature is active 38 # ------------------------------------------------------------ # 39 if ( !$ConfigObject->Get('Ticket::Watcher') ) { 40 return $LayoutObject->ErrorScreen( 41 Message => Translatable('Feature is not active'), 42 ); 43 } 44 45 # ------------------------------------------------------------ # 46 # check access 47 # ------------------------------------------------------------ # 48 my @Groups; 49 if ( $ConfigObject->Get('Ticket::WatcherGroup') ) { 50 @Groups = @{ $ConfigObject->Get('Ticket::WatcherGroup') }; 51 } 52 53 my $GroupObject = $Kernel::OM->Get('Kernel::System::Group'); 54 my $Access = 1; 55 if (@Groups) { 56 $Access = 0; 57 for my $Group (@Groups) { 58 my $HasPermission = $GroupObject->PermissionCheck( 59 UserID => $Self->{UserID}, 60 GroupName => $Group, 61 Type => 'rw', 62 ); 63 if ($HasPermission) { 64 $Access = 1; 65 } 66 } 67 } 68 if ( !$Access ) { 69 return $Self->{Layout}->NoPermission(); 70 } 71 72 # get ACL restrictions 73 my %PossibleActions = ( 1 => $Self->{Action} ); 74 75 # get ticket object 76 my $TicketObject = $Kernel::OM->Get('Kernel::System::Ticket'); 77 78 my $ACL = $TicketObject->TicketAcl( 79 Data => \%PossibleActions, 80 Action => $Self->{Action}, 81 TicketID => $Self->{TicketID}, 82 ReturnType => 'Action', 83 ReturnSubType => '-', 84 UserID => $Self->{UserID}, 85 ); 86 my %AclAction = $TicketObject->TicketAclActionData(); 87 88 # check if ACL restrictions exist 89 if ( $ACL || IsHashRefWithData( \%AclAction ) ) { 90 91 my %AclActionLookup = reverse %AclAction; 92 93 # show error screen if ACL prohibits this action 94 if ( !$AclActionLookup{ $Self->{Action} } ) { 95 return $LayoutObject->NoPermission( WithHeader => 'yes' ); 96 } 97 } 98 99 # ------------------------------------------------------------ # 100 # subscribe a ticket 101 # ------------------------------------------------------------ # 102 if ( $Self->{Subaction} eq 'Subscribe' ) { 103 104 # challenge token check for write action 105 $LayoutObject->ChallengeTokenCheck(); 106 107 # Checks if the user has permissions to see the ticket. 108 # This is needed because watching grants ro permissions (depending on configuration). 109 my $Access = $TicketObject->TicketPermission( 110 Type => 'ro', 111 TicketID => $Self->{TicketID}, 112 UserID => $Self->{UserID}, 113 ); 114 if ( !$Access ) { 115 return $LayoutObject->NoPermission( WithHeader => 'yes' ); 116 } 117 118 # set subscribe 119 my $Subscribe = $TicketObject->TicketWatchSubscribe( 120 TicketID => $Self->{TicketID}, 121 WatchUserID => $Self->{UserID}, 122 UserID => $Self->{UserID}, 123 ); 124 125 if ( !$Subscribe ) { 126 return $LayoutObject->ErrorScreen(); 127 } 128 129 # redirect 130 return $LayoutObject->Redirect( 131 OP => "Action=AgentTicketZoom;TicketID=$Self->{TicketID}", 132 ); 133 } 134 135 # ------------------------------------------------------------ # 136 # unsubscribe a ticket 137 # ------------------------------------------------------------ # 138 elsif ( $Self->{Subaction} eq 'Unsubscribe' ) { 139 140 # challenge token check for write action 141 $LayoutObject->ChallengeTokenCheck(); 142 143 # We don't need a permission check here as we will remove 144 # permissions by unsubscribing. 145 my $Unsubscribe = $TicketObject->TicketWatchUnsubscribe( 146 TicketID => $Self->{TicketID}, 147 WatchUserID => $Self->{UserID}, 148 UserID => $Self->{UserID}, 149 ); 150 151 if ( !$Unsubscribe ) { 152 return $LayoutObject->ErrorScreen(); 153 } 154 155 # redirect 156 # checks if the user has permissions to see the ticket 157 my $Access = $TicketObject->TicketPermission( 158 Type => 'ro', 159 TicketID => $Self->{TicketID}, 160 UserID => $Self->{UserID}, 161 ); 162 if ( !$Access ) { 163 164 # generate output 165 return $LayoutObject->Redirect( 166 OP => $Self->{LastScreenOverview} || 'Action=AgentDashboard', 167 ); 168 } 169 return $LayoutObject->Redirect( 170 OP => "Action=AgentTicketZoom;TicketID=$Self->{TicketID}", 171 ); 172 } 173 174 return $LayoutObject->ErrorScreen( 175 Message => Translatable('Invalid Subaction.'), 176 ); 177} 178 1791; 180