fix(permissions): roles allowed to edit ticket after socket update

src/emitter/events.js

@@ -317,6 +317,7 @@ var notifications = require('../notifications') // Load Push Events
   emitter.on('ticket:updated', function (ticket) {
     io.sockets.emit('updateTicketStatus', {
       tid: ticket._id,
+      owner: ticket.owner,
       status: ticket.status
     })
 

src/public/js/modules/helpers.js

@@ -1680,7 +1680,7 @@ define([
   }
 
   helpers.hasPermOverRole = function (ownerRole, extRole, action, adminOverride) {
-    if (action && !helpers.canUser(action)) return false
+    if (action && !helpers.canUser(action, adminOverride)) return false
     if (!extRole) extRole = window.trudeskSessionService.getUser().role._id
 
     if (adminOverride === true) {

src/public/js/modules/ui.js

@@ -273,10 +273,12 @@ define('modules/ui', [
 
           // Setup assignee list
           if (assigneeListBtn.length > 0) {
-            assigneeListBtn.attr('data-notifications', 'assigneeDropdown')
-            assigneeListBtn.attr('data-updateui', 'assigneeList')
-            nav.notifications()
-            socketUi.updateUi()
+            if (helpers.hasPermOverRole(payload.owner.role._id, null, 'agent:*', true)) {
+              assigneeListBtn.attr('data-notifications', 'assigneeDropdown')
+              assigneeListBtn.attr('data-updateui', 'assigneeList')
+              nav.notifications()
+              socketUi.updateUi()
+            }
           }
         }
       }

src/socketio/ticketSocket.js

@@ -70,6 +70,7 @@ events.onUpdateTicketStatus = function (socket) {
           emitter.emit('ticket:updated', ticketId)
           utils.sendToAllConnectedClients(io, 'updateTicketStatus', {
             tid: t._id,
+            owner: t.owner,
             status: status
           })
         })

src/views/subviews/singleticket.hbs

@@ -15,28 +15,44 @@
                     <div class="floating-ticket-status" data-ticketId="{{data.ticket._id}}">
                         {{#is data.ticket.status 0}}
                             {{#canUserOrAdmin data.common.loggedInAccount "agent:*"}}
-                                <div title="Change Status" class="ticket-status ticket-new cursor-pointer" ng-click="showStatusSelect()"><span>New</span></div>
+                                {{#hasPermOverRole data.ticket.owner.role data.common.loggedInAccount.role "tickets:update"}}
+                                    <div title="Change Status" class="ticket-status ticket-new cursor-pointer" ng-click="showStatusSelect()"><span>New</span></div>
+                                {{else}}
+                                    <div class="ticket-status ticket-new"><span>New</span></div>
+                                {{/hasPermOverRole}}
                             {{else}}
                                 <div class="ticket-status ticket-new"><span>New</span></div>
                             {{/canUserOrAdmin}}
                         {{/is}}
                         {{#is data.ticket.status 1}}
                             {{#canUserOrAdmin data.common.loggedInAccount "agent:*"}}
-                                <div title="Change Status" class="ticket-status ticket-open cursor-pointer" ng-click="showStatusSelect()"><span>Open</span></div>
+                                {{#hasPermOverRole data.ticket.owner.role data.common.loggedInAccount.role "tickets:update"}}
+                                        <div title="Change Status" class="ticket-status ticket-open cursor-pointer" ng-click="showStatusSelect()"><span>Open</span></div>
+                                {{else}}
+                                    <div class="ticket-status ticket-open"><span>Open</span></div>
+                                {{/hasPermOverRole}}
                             {{else}}
                                 <div class="ticket-status ticket-open"><span>Open</span></div>
                             {{/canUserOrAdmin}}
                         {{/is}}
                         {{#is data.ticket.status 2}}
                             {{#canUserOrAdmin data.common.loggedInAccount "agent:*"}}
-                                <div title="Change Status" class="ticket-status ticket-pending cursor-pointer" ng-click="showStatusSelect()"><span>Pending</span></div>
+                                {{#hasPermOverRole data.ticket.owner.role data.common.loggedInAccount.role "tickets:update"}}
+                                    <div title="Change Status" class="ticket-status ticket-pending cursor-pointer" ng-click="showStatusSelect()"><span>Pending</span></div>
+                                {{else}}
+                                    <div class="ticket-status ticket-pending"><span>Pending</span></div>
+                                {{/hasPermOverRole}}
                             {{else}}
                                 <div class="ticket-status ticket-pending"><span>Pending</span></div>
                             {{/canUserOrAdmin}}
                         {{/is}}
                         {{#is data.ticket.status 3}}
                             {{#canUserOrAdmin data.common.loggedInAccount "agent:*"}}
-                                <div title="Change Status" class="ticket-status ticket-closed cursor-pointer" ng-click="showStatusSelect()"><span>Closed</span></div>
+                                {{#hasPermOverRole data.ticket.owner.role data.common.loggedInAccount.role "tickets:update"}}
+                                    <div title="Change Status" class="ticket-status ticket-closed cursor-pointer" ng-click="showStatusSelect()"><span>Closed</span></div>
+                                {{else}}
+                                    <div class="ticket-status ticket-closed"><span>Closed</span></div>
+                                {{/hasPermOverRole}}
                             {{else}}
                                 <div class="ticket-status ticket-closed"><span>Closed</span></div>
                             {{/canUserOrAdmin}}