def getfile(id, name):
"""
Retorna um arquivo em anexo.
"""
mime = mimetypes.guess_type(name)[0]
if mime is None:
mime = "application/octet-stream"
c = get_cursor()
c.execute(
"""
select files.ticket_id as ticket_id,
files.size as size,
files.contents as contents,
tickets.admin_only as admin_only
from files
join tickets
on tickets.id = files.ticket_id
where files.id = :id
""",
{"id": id},
)
row = c.fetchone()
blob = zlib.decompress(row["contents"])
if not user_admin(current_user()) and row["admin_only"] == 1:
return "você não tem permissão para acessar este recurso!"
else:
response.content_type = mime
return blob
def newticketpost():
"""
Salva um novo ticket.
"""
assert "title" in request.forms
title = request.forms.get("title").strip()
if title == "":
return "erro: título inválido"
username = current_user()
with db_trans() as c:
c.execute(
"""
insert into tickets (
title,
user
)
values (
:title,
:username
)
""",
{
"title": title,
"username": username
},
)
ticket_id = c.lastrowid
populate_search(ticket_id)
return redirect("/ticket/%s" % ticket_id)
def removeuser(username):
"""
Apaga um usuário.
"""
if username == current_user():
return "não é possível remover usuário corrente"
user_remove(username)
return redirect("/admin")
def forceuserpassword(username):
"""
Reseta senha de um usuário.
"""
password = str(int(random.random() * 999999))
if username == current_user():
return "não é possível forçar nova senha de usuário corrente"
user_password_save(username, password)
return "usuário %s teve nova senha forçada: %s" % (username, password)
def uploadfile(ticket_id):
"""
Anexa um arquivo ao ticket.
"""
if "file" not in request.files:
return "arquivo inválido"
filename = request.files.get("file").filename
maxfilesize = int(cfg("attachments", "max-size"))
blob = b""
filesize = 0
while True:
chunk = request.files.get("file").file.read(4096)
if not chunk:
break
chunksize = len(chunk)
if filesize + chunksize > maxfilesize:
return "erro: arquivo maior do que máximo permitido"
filesize += chunksize
blob += chunk
log.debug(type(blob))
blob = zlib.compress(blob)
username = current_user()
with db_trans() as c:
c.execute(
"""
insert into files (
ticket_id,
name,
user,
size,
contents
)
values (
:ticket_id,
:filename,
:username,
:filesize,
:blob
)
""",
{
"ticket_id": ticket_id,
"filename": filename,
"username": username,
"filesize": filesize,
"blob": blob,
},
)
c.execute(
"""
update tickets
set datemodified = datetime('now', 'localtime')
where id = :ticket_id
""",
{"ticket_id": ticket_id},
)
return redirect("/ticket/%s" % ticket_id)
def closeticket(ticket_id):
"""
Fecha um ticket.
"""
# Verifica se existem tickets que bloqueiam este ticket que ainda estão abertos.
c = get_cursor()
c.execute(
"""
select d.ticket_id as ticket_id
from dependencies as d
inner join tickets as t
on t.id = d.ticket_id
where d.blocks = :ticket_id
and t.status = 0
""",
{"ticket_id": ticket_id},
)
blocks = [r["ticket_id"] for r in c]
if blocks:
return ("os seguintes tickets bloqueiam este ticket e " +
"estão em aberto: %s" % " ".join([str(x) for x in blocks]))
username = current_user()
with db_trans() as c:
c.execute(
"""
update tickets
set status = 1,
dateclosed = datetime('now', 'localtime'),
datemodified = datetime('now', 'localtime')
where id = :ticket_id
""",
{"ticket_id": ticket_id},
)
c.execute(
"""
insert into statustrack (
ticket_id,
user,
status
)
values (
:ticket_id,
:username,
'close'
)
""",
{
"ticket_id": ticket_id,
"username": username
},
)
return redirect("/ticket/%s" % ticket_id)
def __init__(self):
self.version = __version__
self.username = current_user()
if self.username is not None:
self.user_is_admin = user_admin(self.username)
else:
self.user_is_admin = 0
self.config = cfg
self.features = features
self.priocolor = priocolor
self.priodesc = priodesc
self.tags_desc = tags_desc()
def reopenticket(ticket_id):
"""
Reabre um ticket.
"""
# Verifica se existem tickets bloqueados por este ticket que estão fechados.
c = get_cursor()
c.execute(
"""
select d.blocks as blocks
from dependencies as d
inner join tickets as t
on t.id = d.blocks
where d.ticket_id = :ticket_id
and t.status = 1
""",
{"ticket_id": ticket_id},
)
blocks = [r["blocks"] for r in c]
if blocks:
return ("os seguintes tickets são bloqueados por este ticket " +
"e estão fechados: %s" % " ".join([str(x) for x in blocks]))
username = current_user()
with db_trans() as c:
c.execute(
"""
update tickets
set status = 0,
dateclosed = null,
datemodified = datetime('now', 'localtime')
where id = :ticket_id
""",
{"ticket_id": ticket_id},
)
c.execute(
"""
insert into statustrack (
ticket_id,
user,
status
)
values (
:ticket_id,
:username,
'reopen'
)
""",
{
"ticket_id": ticket_id,
"username": username
},
)
return redirect("/ticket/%s" % ticket_id)
def changeuseradminstatus(username, status):
"""
Altera status de administrador de um usuário.
"""
if username == current_user():
return "não é possível alterar status de admin para usuário corrente"
assert status in ("0", "1")
if status == "1":
is_admin = True
else:
is_admin = False
user_data = user(username)
user_data.is_admin = is_admin
user_save(user_data)
return redirect("/admin")
def change_password_save():
"""
Altera a senha do usuário.
"""
assert "oldpasswd" in request.forms
assert "newpasswd" in request.forms
assert "newpasswd2" in request.forms
oldpasswd = request.forms.get("oldpasswd")
newpasswd = request.forms.get("newpasswd")
newpasswd2 = request.forms.get("newpasswd2")
username = current_user()
if not validate_user_db(username, oldpasswd):
return "senha atual inválida!"
if newpasswd.strip() == "" or newpasswd2.strip() == "":
return "nova senha inválida!"
if newpasswd != newpasswd2:
return "confirmação de nova senha diferente de nova senha!"
change_password(username, newpasswd)
return redirect("/")
def registerminutes(ticket_id):
"""
Registra tempo trabalhado em um ticket.
"""
assert "minutes" in request.forms
if not re.match(r"^[\-0-9\.]+$", request.forms.get("minutes")):
return "tempo inválido"
minutes = float(request.forms.get("minutes"))
if minutes <= 0.0:
return "tempo inválido"
username = current_user()
with db_trans() as c:
c.execute(
"""
insert into timetrack (
ticket_id,
user,
minutes
)
values (
:ticket_id,
:username,
:minutes
)""",
{
"ticket_id": ticket_id,
"username": username,
"minutes": minutes
},
)
c.execute(
"""
update tickets
set datemodified = datetime('now', 'localtime')
where id = :ticket_id
""",
{"ticket_id": ticket_id},
)
return redirect("/ticket/%s" % ticket_id)
def newnote(ticket_id):
"""
Cria um novo comentário para um ticket.
"""
assert "text" in request.forms
contacts = []
if "contacts" in request.forms:
contacts = request.forms.get("contacts").strip().split()
note = request.forms.get("text")
if note.strip() == "":
return "nota inválida"
if len(contacts) > 0:
note += " [Notificação enviada para: %s]" % (", ".join(contacts))
username = current_user()
with db_trans() as c:
c.execute(
"""
insert into comments (
ticket_id,
user,
comment
)
values (
:ticket_id,
:username,
:note
)
""",
{
"ticket_id": ticket_id,
"username": username,
"note": note
},
)
c.execute(
"""
update tickets
set datemodified = datetime('now', 'localtime')
where id = :ticket_id
""",
{"ticket_id": ticket_id},
)
populate_search(ticket_id)
user = user_ident(username)
if len(contacts) > 0 and user["name"] and user["email"]:
title = ticket_title(ticket_id)
subject = "#%s - %s" % (ticket_id, title)
body = """
[%s] (%s):
%s
-- Este é um e-mail automático enviado pelo sistema ticket.
""" % (
time.strftime("%Y-%m-%d %H:%M"),
user["name"],
note,
)
send_mail(user["email"], contacts, cfg("smtp", "host"), subject, body)
return redirect("/ticket/%s" % ticket_id)
