✨ Creation of reopen request feature (#68)

* Creation of button and SQL

* Movement of buttons

* Changes to authorisation requirements

* Update to errors

* 🎨 Tidy up a little

Signed-off-by: Luke Tainton <luke@tainton.uk>

* 🎨 Fix comment

Signed-off-by: Luke Tainton <luke@tainton.uk>

Co-authored-by: Luke Tainton <luke@tainton.uk>

app/public/actions/close.php

@@ -4,7 +4,11 @@
 
     $request = get_request($db, $_GET['rid']);
     $authorised_users = get_subscribers($db, $request);
-    $is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
+    if ($_SESSION['uuid'] == $request['created_by']) {
+      $is_authorised = true;
+    } else {
+      $is_authorised = false;
+    };
 
     // Close request
     if ($is_authorised == true) {

app/public/actions/reopen.php

@@ -0,0 +1,31 @@
+<?php
+    $PAGE_NAME = "Reopen request";
+    require_once __DIR__ . "/../../includes/prereqs.php";
+
+    $request = get_request($db, $_GET['rid']);
+    $authorised_users = get_subscribers($db, $request);
+    if ($_SESSION['uuid'] == $request['created_by']) {
+      $is_authorised = true;
+    } else {
+      $is_authorised = false;
+    };
+
+    // Reopen request
+    if ($is_authorised == true) {
+      try {
+          $stmt = "UPDATE tickets SET status='Reopened' WHERE uuid=:uuid";
+          $sql = $db->prepare($stmt);
+          $sql->bindParam(':uuid', $_GET['rid']);
+          $sql->execute();
+      } catch (PDOException $e) {
+          $alert = array("danger", "Failed to reopen request: " . $e->getMessage());
+      }
+      $newURL = "/";
+      echo("<script>window.location = '$newURL'</script>");
+    } else {
+        $alert = array("danger", "You are not authorised to reopen this request.");
+        $newURL = "/view?rid=" . $request['uuid'];
+        echo("<script>window.location = '$newURL'</script>");
+    }
+
+?>

app/public/view.php

@@ -51,37 +51,38 @@
           <p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
           <p class="lead text-muted"><?php echo($request['description']); ?></p>
             <p>
-              <?php if ($_SESSION['uuid'] == $request['created_by']) { ?>
-                <a href='/editsub?rid=<?php echo($request["uuid"]); ?>' class='btn btn-secondary my-2'>Manage subscribers</a>
-              <?php } ?>
               <?php if ($request['status'] != 'Closed') { ?>
                 <a href='/update?rid=<?php echo($request["uuid"]); ?>' class='btn btn-primary my-2'>Update the request</a>
                 <a href='/upload?rid=<?php echo($request["uuid"]); ?>' class='btn btn-primary my-2'>Add attachment(s)</a>
-                <button type="button" class="btn btn-danger" data-toggle="modal" data-target="#closeModal">Close the request</button>
-              <?php } ?>
+                <?php if ($_SESSION['uuid'] == $request['created_by']) { ?>
+                  <a href='/editsub?rid=<?php echo($request["uuid"]); ?>' class='btn btn-secondary my-2'>Manage subscribers</a>
+                  <button type="button" class="btn btn-danger" data-toggle="modal" data-target="#closeModal">Close the request</button>
+                  <div class="modal fade" id="closeModal" tabindex="-1" aria-labelledby="closeModalLabel" aria-hidden="true">
+                    <div class="modal-dialog">
+                      <div class="modal-content">
+                        <div class="modal-header">
+                          <h5 class="modal-title" id="closeModalLabel">Close the request?</h5>
+                          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                            <span aria-hidden="true">&times;</span>
+                          </button>
+                        </div>
+                        <div class="modal-body">
+                          Are you sure you want to close request <b><?php echo($request['title']); ?></b>? This action is irreversible.
+                        </div>
+                        <div class="modal-footer">
+                          <button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
+                          <a href='/actions/close?rid=<?php echo($request["uuid"]); ?>' class='btn btn-danger'>Close request</a>
+                        </div>
+                      </div>
+                    </div>
+                  </div>
+                <?php } ?>
+              <?php } elseif ($request['status'] == 'Closed') { ?>
+                <?php if ($_SESSION['uuid'] == $request['created_by']) { ?>
+                  <a href='/reopen?rid=<?php echo($request["uuid"]); ?>' class='btn btn-success my-2'>Reopen request</a>
+                <?php } } ?>
             </p>
         </div>
-
-        <div class="modal fade" id="closeModal" tabindex="-1" aria-labelledby="closeModalLabel" aria-hidden="true">
-          <div class="modal-dialog">
-            <div class="modal-content">
-              <div class="modal-header">
-                <h5 class="modal-title" id="closeModalLabel">Close the request?</h5>
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                  <span aria-hidden="true">&times;</span>
-                </button>
-              </div>
-              <div class="modal-body">
-                Are you sure you want to close request <b><?php echo($request['title']); ?></b>? This action is irreversible.
-              </div>
-              <div class="modal-footer">
-                <button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
-                <a href='/actions/close?rid=<?php echo($request["uuid"]); ?>' class='btn btn-danger'>Close request</a>
-              </div>
-            </div>
-          </div>
-        </div>
-
       </section>
       <section>
         <div class="container-fluid">