MALIO-DEV/Lesstime
3
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases 32 Wiki Activity

fix : allow admin users to create client tickets on any project

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
THOLOT DECHENE Matthieu
2026-03-15 20:07:19 +01:00
parent 0c8fb654a9
commit 6d7e6f5f48
1 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/State/ClientTicketNumberProcessor.php
View File

@@ -35,17 +35,20 @@ final readonly class ClientTicketNumberProcessor implements ProcessorInterface
$user = $this->security->getUser(); $user = $this->security->getUser();
assert($user instanceof User); assert($user instanceof User);
if (null === $user->getClient()) {
throw new AccessDeniedHttpException('Only client users can create tickets.');
}
$project = $data->getProject(); $project = $data->getProject();
if (null === $project) { if (null === $project) {
throw new BadRequestHttpException('Project is required.'); throw new BadRequestHttpException('Project is required.');
} }
if (!$user->getAllowedProjects()->contains($project)) { // Admins can create tickets on any project; clients only on allowed projects
throw new AccessDeniedHttpException('You do not have access to this project.'); if (!$this->security->isGranted('ROLE_ADMIN')) {
if (null === $user->getClient()) {
throw new AccessDeniedHttpException('Only client users can create tickets.');
}
if (!$user->getAllowedProjects()->contains($project)) {
throw new AccessDeniedHttpException('You do not have access to this project.');
}
} }
$nextNumber = $this->clientTicketRepository->findNextNumberForProject($project); $nextNumber = $this->clientTicketRepository->findNextNumberForProject($project);