TicketController with associated ui

app/controllers/TicketController.php

@@ -0,0 +1,161 @@
+<?php
+
+class TicketController {
+
+    protected function check_access($f3){
+        if(!$f3->exists('SESSION.user')){
+            // $f3->set('SESSION.error', 'You don\'t have permission for this ticket.');
+            $f3->reroute('/login');
+        }
+    }
+
+    // list all tickts
+    public function index($f3){
+        $this->check_access($f3);
+
+        $db = $f3->get('DB');
+
+        // retrieve tickets
+        $tickets = $db->exec('SELECT * FROM tickets ORDER BY created_at DESC');
+
+        // pass data to template
+        $f3->set('tickets', $tickets);
+
+        // render
+        $f3->set('content', '../ui/views/ticket/index.html');
+        echo \Template::instance()->render('../ui/templates/layout.html');
+
+        $f3->clear('SESSION.error');
+    }
+
+    // view a single ticket
+    public function view($f3){
+        $this->check_access($f3);
+
+        $ticket_id = $f3->get('PARAMS.id');
+        $db = $f3->get('DB');
+
+        $result = $db->exec(
+            'SELECT t.*, u.username as created_by_name
+            FROM tickets t
+            LEFT JOIN users u ON t.created_by = u.id
+            WHERE t.id =? LIMIT 1',
+            [$ticket_id]
+        );
+
+        if(!$result){
+            // no record
+            $f3->set('SESSION.error', 'Ticket not found.');
+            $f3->reroute('/tickets');
+        }
+
+        $ticket = $result[0];
+        $f3->set('ticket', $ticket);
+
+        // render
+        $f3->set('content', '../ui/views/ticket/view.html');
+        echo \Template::instance()->render('../ui/templates/layout.html');
+
+    }
+
+    // show create form
+    public function createForm($f3){
+        $this->check_access($f3);
+        $f3->set('content', '../ui/views/ticket/create.html');
+        echo \Template::instance()->render('../ui/templates/layout.html');
+    }
+
+    // handle POST
+    public function create($f3){
+        $this->check_access($f3);
+
+        $title = $f3->get('POST.title');
+        $description = $f3->get('POST.description');
+        $priority = $f3->get('POST.priority');   // eg - low, medium, high
+        $status = $f3->get('POST.status');   // eg - new, in_progress
+        $created_by = $f3->get('SESSION.user.id'); // current logged in user
+
+        $db = $f3->get('DB');
+
+        $db->exec(
+            'INSERT 
+                INTO tickets (title, description, priority, status, created_by, created_at, updated_at)
+                VALUES (?,?,?,?,?,NOW(), NOW())',
+                [$title, $description, $priority, $status, $created_by]
+        );
+
+        $f3->reroute('/tickets');
+    }
+
+    protected function get_ticket_check_edit_permission($f3){
+
+        $db = $f3->get('DB');
+        
+        $ticket_id = $f3->get('PARAMS.id');
+        $result = $db->exec('SELECT * FROM tickets WHERE id = ? LIMIT 1', [$ticket_id]);
+
+        if(!$result){
+            $f3->set('SESSION.error', 'Ticket not found.');
+            $f3->reroute('/tickets');
+        }
+
+        $ticket = $result[0];
+
+        // TODO: refine
+        $current_user = $f3->get('SESSION.user');
+        $is_admin = (isset($current_user['role']) && $current_user['role'] == 'admin');
+        $is_assigned = ($ticket['assigned_to'] == $current_user['id']);
+
+        if(!$is_admin && !$is_assigned){ // should this be ||
+            // if not assigned and not admin, disallow edit
+            $f3->set('SESSION.error', 'You do not have permission to edit this ticket.');
+            $f3->reroute('/tickets');
+        }
+
+        return $ticket;
+
+    }
+
+    // show edit form
+    public function editForm($f3){
+        $this->check_access($f3);
+
+        $ticket_id = $f3->get('PARAMS.id');
+        $db = $f3->get('DB');
+        
+
+        $ticket = $this->get_ticket_check_edit_permission($f3);
+        $f3->set('ticket', $ticket);
+
+        $f3->set('ticket', $ticket);
+        $f3->set('content', '../ui/views/ticket/edit.html');
+        echo \Template::instance()->render('../ui/templates/layout.html');
+    }
+
+    // process edit POST TODO: if assigned or admin
+    public function update($f3){
+        $this->check_access($f3);
+        $ticket = $this->get_ticket_check_edit_permission($f3);
+        $ticket_id = $ticket['id'];
+        $db = $f3->get('DB');
+
+        // get updated fields from post
+        $title = $f3->get('POST.title');
+        $description = $f3->get('POST.description');
+        $priority = $f3->get('POST.priority');   // eg - low, medium, high
+        $status = $f3->get('POST.status');   // eg - new, in_progress
+        $updated_by = $f3->get('SESSION.user.id'); // current logged in user
+        
+        // TODO: if you want to update assignment, should be added here.
+
+        $db->exec(
+            'UPDATE tickets
+            SET title=?, description=?, priority=?, status=?, updated_by=?, updated_at=?
+            WHERE id=?', 
+            [$title, $description, $priority, $status, $updated_by, 'NOW()', $ticket_id]
+        );
+
+        $f3->reroute('/ticket/' . $ticket_id);
+    }
+
+}

ui/views/home.html

@@ -28,6 +28,7 @@
 
     <div id="mainNavbar" class="navbar-menu">
       <div class="navbar-start">
+        <a class="navbar-item" href="/dashboard">Dashboard</a>
         <a class="navbar-item" href="/tickets">Tickets</a>
         <a class="navbar-item" href="/projects">Projects</a>
         <a class="navbar-item" href="/knowledge">Knowledge Base</a>
@@ -35,7 +36,7 @@
       <div class="navbar-end">
         <div class="navbar-item">
           <div class="buttons">
-            <a class="button is-primary">Log in</a>
+            <a class="button is-primary" href="/login">Log in</a>
           </div>
         </div>
       </div>
@@ -46,7 +47,7 @@
   <main class="section" id="page">
     <div class="container">
       <!-- Fat-Free Framework content injection -->
-      @content
+      {{@content}}
     </div>
   </main>
 

ui/views/ticket/create.html

@@ -0,0 +1,16 @@
+<h1 class="title">Create Ticket Form</h1>
+
+
+<form action="/ticket/create" method="POST">
+
+    {{ BulmaForm::horizontal_field_input('Title:', 'title') }}
+
+    {{ BulmaForm::horizontal_field_textarea('Description:', 'description') }}
+
+    {{ BulmaForm::horizontal_field_select('Priority:', 'priority', ['Low', 'Medium', 'High'])}}
+
+    {{ BulmaForm::horizontal_field_select('Status:', 'status', ['New', 'In Progress', 'On Hold', 'Completed'])}}
+
+    <button class="button is-primary" type="submit">Create Ticket</button>
+</div>
+</form>

ui/views/ticket/edit.html

@@ -0,0 +1,17 @@
+<h1 class="title">Edit Ticket Form</h1>
+
+{{print_r(@ticket,1)}}
+
+<form action="/ticket/{{ @PARAMS.id }}/update" method="POST">
+
+    {{ BulmaForm::horizontal_field_input('Title:', 'title', @ticket.title) }}
+
+    {{ BulmaForm::horizontal_field_textarea('Description:', 'description', @ticket.description) }}
+
+    {{ BulmaForm::horizontal_field_select('Priority:', 'priority', ['Low', 'Medium', 'High'])}}
+
+    {{ BulmaForm::horizontal_field_select('Status:', 'status', ['New', 'In Progress', 'On Hold', 'Completed'])}}
+
+    <button class="button is-primary" type="submit">Edit Ticket</button>
+</div>
+</form>

ui/views/ticket/index.html

@@ -0,0 +1,34 @@
+<h1 class="title">View Tickets</h1>
+
+<check if="{{isset(@SESSION.error)}}">
+    <div class="notification is-warning">
+        {{ @SESSION.error }}
+    </div>
+</check>
+
+<p><a href="/ticket/create">create ticket</a></p>
+<hr>
+
+<table class="table is-fullwidth is-bordered">
+    <thead>
+        <tr>
+            <th>id</th><th>title</th><th>description</th>
+            <th>status</th><th>priority</th><th>created_at</th>
+            <th></th>
+        </tr>
+    </thead>
+
+    <tbody>
+        <repeat group="{{@tickets}}" value="{{@ticket}}">
+            <tr>
+                <td>{{@ticket.id}}</td>
+                <td>{{@ticket.title}}</td>
+                <td>{{@ticket.description}}</td>
+                <td>{{@ticket.status}}</td>
+                <td>{{@ticket.priority}}</td>
+                <td>{{@ticket.created_at}}</td>
+                <td><a href="/ticket/{{@ticket.id}}"><i class="fa fa-edit"></i></a></td>
+            </tr>
+        </repeat>
+    </tbody>
+</table>

ui/views/ticket/view.html

@@ -0,0 +1,16 @@
+<h1 class="title">Ticket - View</h1>
+
+<div class="box">
+
+    <table class="table is-bordered is-fullwidth">
+        <thead>
+            <tr><th class="has-width-200">Property</th><th>Value</th></tr>
+        </thead>
+        <tbody>
+            <repeat group="{{ @ticket }}" key="{{ @key }}" value="{{ @value }}">
+                <tr><td>{{@key}}</td> <td>{{@value}}</td></tr>
+            </repeat>
+        </tbody>
+    </table>
+
+</div>