Feature 3: Implement Status Transitions with Workflow Validation
Add comprehensive workflow management system for ticket status transitions: - Created WorkflowModel.php for managing status transition rules - Updated TicketController.php to load allowed transitions for each ticket - Modified TicketView.php to display dynamic status dropdown with only allowed transitions - Enhanced api/update_ticket.php with server-side workflow validation - Added updateTicketStatus() JavaScript function for client-side status changes - Included CSS styling for status select dropdown with color-coded states - Transitions can require comments or admin privileges - Status changes are validated against status_transitions table This feature enforces proper ticket workflows and prevents invalid status changes. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -45,11 +45,13 @@ try {
|
||||
$ticketModelPath = dirname(__DIR__) . '/models/TicketModel.php';
|
||||
$commentModelPath = dirname(__DIR__) . '/models/CommentModel.php';
|
||||
$auditLogModelPath = dirname(__DIR__) . '/models/AuditLogModel.php';
|
||||
$workflowModelPath = dirname(__DIR__) . '/models/WorkflowModel.php';
|
||||
|
||||
debug_log("Loading models from: $ticketModelPath and $commentModelPath");
|
||||
require_once $ticketModelPath;
|
||||
require_once $commentModelPath;
|
||||
require_once $auditLogModelPath;
|
||||
require_once $workflowModelPath;
|
||||
debug_log("Models loaded successfully");
|
||||
|
||||
// Check authentication via session
|
||||
@@ -59,22 +61,27 @@ try {
|
||||
}
|
||||
$currentUser = $_SESSION['user'];
|
||||
$userId = $currentUser['user_id'];
|
||||
debug_log("User authenticated: " . $currentUser['username']);
|
||||
$isAdmin = $currentUser['is_admin'] ?? false;
|
||||
debug_log("User authenticated: " . $currentUser['username'] . " (admin: " . ($isAdmin ? 'yes' : 'no') . ")");
|
||||
|
||||
// Updated controller class that handles partial updates
|
||||
class ApiTicketController {
|
||||
private $ticketModel;
|
||||
private $commentModel;
|
||||
private $auditLog;
|
||||
private $workflowModel;
|
||||
private $envVars;
|
||||
private $userId;
|
||||
private $isAdmin;
|
||||
|
||||
public function __construct($conn, $envVars = [], $userId = null) {
|
||||
public function __construct($conn, $envVars = [], $userId = null, $isAdmin = false) {
|
||||
$this->ticketModel = new TicketModel($conn);
|
||||
$this->commentModel = new CommentModel($conn);
|
||||
$this->auditLog = new AuditLogModel($conn);
|
||||
$this->workflowModel = new WorkflowModel($conn);
|
||||
$this->envVars = $envVars;
|
||||
$this->userId = $userId;
|
||||
$this->isAdmin = $isAdmin;
|
||||
}
|
||||
|
||||
public function update($id, $data) {
|
||||
@@ -120,14 +127,21 @@ try {
|
||||
];
|
||||
}
|
||||
|
||||
// Validate status
|
||||
$validStatuses = ['Open', 'Closed', 'In Progress', 'Pending'];
|
||||
if (!in_array($updateData['status'], $validStatuses)) {
|
||||
// Validate status transition using workflow model
|
||||
if ($currentTicket['status'] !== $updateData['status']) {
|
||||
$allowed = $this->workflowModel->isTransitionAllowed(
|
||||
$currentTicket['status'],
|
||||
$updateData['status'],
|
||||
$this->isAdmin
|
||||
);
|
||||
|
||||
if (!$allowed) {
|
||||
return [
|
||||
'success' => false,
|
||||
'error' => 'Invalid status value'
|
||||
'error' => 'Status transition not allowed: ' . $currentTicket['status'] . ' → ' . $updateData['status']
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
debug_log("Validation passed, calling ticketModel->updateTicket");
|
||||
|
||||
@@ -286,7 +300,7 @@ try {
|
||||
|
||||
// Initialize controller
|
||||
debug_log("Initializing controller");
|
||||
$controller = new ApiTicketController($conn, $envVars, $userId);
|
||||
$controller = new ApiTicketController($conn, $envVars, $userId, $isAdmin);
|
||||
debug_log("Controller initialized");
|
||||
|
||||
// Update ticket
|
||||
|
||||
@@ -516,3 +516,58 @@ body.dark-mode .timeline-content {
|
||||
--text-muted: #a0aec0;
|
||||
--text-secondary: #cbd5e0;
|
||||
}
|
||||
/* Status select dropdown */
|
||||
.status-select {
|
||||
padding: 8px 16px;
|
||||
border-radius: 6px;
|
||||
font-weight: 500;
|
||||
text-transform: uppercase;
|
||||
font-size: 0.9em;
|
||||
letter-spacing: 0.5px;
|
||||
border: 2px solid transparent;
|
||||
cursor: pointer;
|
||||
transition: all 0.2s ease;
|
||||
}
|
||||
|
||||
.status-select:hover {
|
||||
opacity: 0.9;
|
||||
border-color: rgba(255, 255, 255, 0.3);
|
||||
}
|
||||
|
||||
.status-select:focus {
|
||||
outline: none;
|
||||
border-color: rgba(255, 255, 255, 0.5);
|
||||
}
|
||||
|
||||
/* Status colors for dropdown */
|
||||
.status-select.status-open {
|
||||
background-color: var(--status-open) !important;
|
||||
color: white !important;
|
||||
}
|
||||
|
||||
.status-select.status-in-progress {
|
||||
background-color: var(--status-in-progress) !important;
|
||||
color: #212529 !important;
|
||||
}
|
||||
|
||||
.status-select.status-closed {
|
||||
background-color: var(--status-closed) !important;
|
||||
color: white !important;
|
||||
}
|
||||
|
||||
.status-select.status-resolved {
|
||||
background-color: #28a745 !important;
|
||||
color: white !important;
|
||||
}
|
||||
|
||||
/* Dropdown options inherit colors */
|
||||
.status-select option {
|
||||
background-color: var(--bg-primary);
|
||||
color: var(--text-primary);
|
||||
padding: 8px;
|
||||
}
|
||||
|
||||
body.dark-mode .status-select option {
|
||||
background-color: #2d3748;
|
||||
color: #f7fafc;
|
||||
}
|
||||
|
||||
@@ -267,6 +267,98 @@ function handleAssignmentChange() {
|
||||
});
|
||||
}
|
||||
|
||||
function updateTicketStatus() {
|
||||
const statusSelect = document.getElementById('statusSelect');
|
||||
const selectedOption = statusSelect.options[statusSelect.selectedIndex];
|
||||
const newStatus = selectedOption.value;
|
||||
const requiresComment = selectedOption.dataset.requiresComment === '1';
|
||||
const requiresAdmin = selectedOption.dataset.requiresAdmin === '1';
|
||||
|
||||
// Check if transitioning to the same status (current)
|
||||
if (selectedOption.text.includes('(current)')) {
|
||||
return; // No change needed
|
||||
}
|
||||
|
||||
// Warn if comment is required
|
||||
if (requiresComment) {
|
||||
const proceed = confirm(`This status change requires a comment. Please add a comment explaining the reason for this transition.\n\nProceed with status change to "${newStatus}"?`);
|
||||
if (!proceed) {
|
||||
// Reset to current status
|
||||
statusSelect.selectedIndex = 0;
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
// Extract ticket ID
|
||||
let ticketId;
|
||||
if (window.location.href.includes('?id=')) {
|
||||
ticketId = window.location.href.split('id=')[1];
|
||||
} else {
|
||||
const matches = window.location.pathname.match(/\/ticket\/(\d+)/);
|
||||
ticketId = matches ? matches[1] : null;
|
||||
}
|
||||
|
||||
if (!ticketId) {
|
||||
console.error('Could not determine ticket ID');
|
||||
statusSelect.selectedIndex = 0;
|
||||
return;
|
||||
}
|
||||
|
||||
// Update status via API
|
||||
fetch('/api/update_ticket.php', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/json'
|
||||
},
|
||||
body: JSON.stringify({
|
||||
ticket_id: ticketId,
|
||||
status: newStatus
|
||||
})
|
||||
})
|
||||
.then(response => {
|
||||
if (!response.ok) {
|
||||
return response.text().then(text => {
|
||||
console.error('Server response:', text);
|
||||
throw new Error('Network response was not ok');
|
||||
});
|
||||
}
|
||||
return response.json();
|
||||
})
|
||||
.then(data => {
|
||||
if (data.success) {
|
||||
// Update the dropdown to show new status as current
|
||||
const newClass = 'status-' + newStatus.toLowerCase().replace(/ /g, '-');
|
||||
statusSelect.className = 'editable status-select ' + newClass;
|
||||
|
||||
// Update the selected option text to show as current
|
||||
selectedOption.text = newStatus + ' (current)';
|
||||
|
||||
// Move the selected option to the top
|
||||
statusSelect.remove(statusSelect.selectedIndex);
|
||||
statusSelect.insertBefore(selectedOption, statusSelect.firstChild);
|
||||
statusSelect.selectedIndex = 0;
|
||||
|
||||
console.log('Status updated successfully to:', newStatus);
|
||||
|
||||
// Reload page to refresh activity timeline
|
||||
setTimeout(() => {
|
||||
window.location.reload();
|
||||
}, 500);
|
||||
} else {
|
||||
console.error('Error updating status:', data.error || 'Unknown error');
|
||||
alert('Error updating status: ' + (data.error || 'Unknown error'));
|
||||
// Reset to current status
|
||||
statusSelect.selectedIndex = 0;
|
||||
}
|
||||
})
|
||||
.catch(error => {
|
||||
console.error('Error updating status:', error);
|
||||
alert('Error updating status: ' + error.message);
|
||||
// Reset to current status
|
||||
statusSelect.selectedIndex = 0;
|
||||
});
|
||||
}
|
||||
|
||||
function showTab(tabName) {
|
||||
// Hide all tab contents
|
||||
const descriptionTab = document.getElementById('description-tab');
|
||||
|
||||
@@ -4,12 +4,14 @@ require_once dirname(__DIR__) . '/models/TicketModel.php';
|
||||
require_once dirname(__DIR__) . '/models/CommentModel.php';
|
||||
require_once dirname(__DIR__) . '/models/AuditLogModel.php';
|
||||
require_once dirname(__DIR__) . '/models/UserModel.php';
|
||||
require_once dirname(__DIR__) . '/models/WorkflowModel.php';
|
||||
|
||||
class TicketController {
|
||||
private $ticketModel;
|
||||
private $commentModel;
|
||||
private $auditLogModel;
|
||||
private $userModel;
|
||||
private $workflowModel;
|
||||
private $envVars;
|
||||
|
||||
public function __construct($conn) {
|
||||
@@ -17,6 +19,7 @@ class TicketController {
|
||||
$this->commentModel = new CommentModel($conn);
|
||||
$this->auditLogModel = new AuditLogModel($conn);
|
||||
$this->userModel = new UserModel($conn);
|
||||
$this->workflowModel = new WorkflowModel($conn);
|
||||
|
||||
// Load environment variables for Discord webhook
|
||||
$envPath = dirname(__DIR__) . '/.env';
|
||||
@@ -67,6 +70,9 @@ class TicketController {
|
||||
// Get all users for assignment dropdown
|
||||
$allUsers = $this->userModel->getAllUsers();
|
||||
|
||||
// Get allowed status transitions for this ticket
|
||||
$allowedTransitions = $this->workflowModel->getAllowedTransitions($ticket['status']);
|
||||
|
||||
// Load the view
|
||||
include dirname(__DIR__) . '/views/TicketView.php';
|
||||
}
|
||||
|
||||
117
models/WorkflowModel.php
Normal file
117
models/WorkflowModel.php
Normal file
@@ -0,0 +1,117 @@
|
||||
<?php
|
||||
/**
|
||||
* WorkflowModel - Handles status transition workflows and validation
|
||||
*/
|
||||
class WorkflowModel {
|
||||
private $conn;
|
||||
|
||||
public function __construct($conn) {
|
||||
$this->conn = $conn;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get allowed status transitions for a given status
|
||||
*
|
||||
* @param string $currentStatus Current ticket status
|
||||
* @return array Array of allowed transitions with requirements
|
||||
*/
|
||||
public function getAllowedTransitions($currentStatus) {
|
||||
$sql = "SELECT to_status, requires_comment, requires_admin
|
||||
FROM status_transitions
|
||||
WHERE from_status = ? AND is_active = TRUE";
|
||||
$stmt = $this->conn->prepare($sql);
|
||||
$stmt->bind_param("s", $currentStatus);
|
||||
$stmt->execute();
|
||||
$result = $stmt->get_result();
|
||||
|
||||
$transitions = [];
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$transitions[] = $row;
|
||||
}
|
||||
|
||||
$stmt->close();
|
||||
return $transitions;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if a status transition is allowed
|
||||
*
|
||||
* @param string $fromStatus Current status
|
||||
* @param string $toStatus Desired status
|
||||
* @param bool $isAdmin Whether user is admin
|
||||
* @return bool True if transition is allowed
|
||||
*/
|
||||
public function isTransitionAllowed($fromStatus, $toStatus, $isAdmin = false) {
|
||||
// Allow same status (no change)
|
||||
if ($fromStatus === $toStatus) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$sql = "SELECT requires_admin FROM status_transitions
|
||||
WHERE from_status = ? AND to_status = ? AND is_active = TRUE";
|
||||
$stmt = $this->conn->prepare($sql);
|
||||
$stmt->bind_param("ss", $fromStatus, $toStatus);
|
||||
$stmt->execute();
|
||||
$result = $stmt->get_result();
|
||||
|
||||
if ($result->num_rows === 0) {
|
||||
$stmt->close();
|
||||
return false; // Transition not defined
|
||||
}
|
||||
|
||||
$row = $result->fetch_assoc();
|
||||
$stmt->close();
|
||||
|
||||
if ($row['requires_admin'] && !$isAdmin) {
|
||||
return false; // Admin required
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all possible statuses from transitions table
|
||||
*
|
||||
* @return array Array of unique status values
|
||||
*/
|
||||
public function getAllStatuses() {
|
||||
$sql = "SELECT DISTINCT from_status as status FROM status_transitions
|
||||
UNION
|
||||
SELECT DISTINCT to_status as status FROM status_transitions
|
||||
ORDER BY status";
|
||||
$result = $this->conn->query($sql);
|
||||
|
||||
$statuses = [];
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$statuses[] = $row['status'];
|
||||
}
|
||||
|
||||
return $statuses;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get transition requirements
|
||||
*
|
||||
* @param string $fromStatus Current status
|
||||
* @param string $toStatus Desired status
|
||||
* @return array|null Transition requirements or null if not found
|
||||
*/
|
||||
public function getTransitionRequirements($fromStatus, $toStatus) {
|
||||
$sql = "SELECT requires_comment, requires_admin
|
||||
FROM status_transitions
|
||||
WHERE from_status = ? AND to_status = ? AND is_active = TRUE";
|
||||
$stmt = $this->conn->prepare($sql);
|
||||
$stmt->bind_param("ss", $fromStatus, $toStatus);
|
||||
$stmt->execute();
|
||||
$result = $stmt->get_result();
|
||||
|
||||
if ($result->num_rows === 0) {
|
||||
$stmt->close();
|
||||
return null;
|
||||
}
|
||||
|
||||
$row = $result->fetch_assoc();
|
||||
$stmt->close();
|
||||
return $row;
|
||||
}
|
||||
}
|
||||
@@ -182,7 +182,20 @@ function formatDetails($details, $actionType) {
|
||||
</div>
|
||||
<div class="header-controls">
|
||||
<div class="status-priority-group">
|
||||
<span id="statusDisplay" class="status-<?php echo str_replace(' ', '-', $ticket["status"]); ?>"><?php echo $ticket["status"]; ?></span>
|
||||
<select id="statusSelect" class="editable status-select status-<?php echo str_replace(' ', '-', strtolower($ticket["status"])); ?>" data-field="status" onchange="updateTicketStatus()">
|
||||
<option value="<?php echo $ticket['status']; ?>" selected>
|
||||
<?php echo $ticket['status']; ?> (current)
|
||||
</option>
|
||||
<?php foreach ($allowedTransitions as $transition): ?>
|
||||
<option value="<?php echo $transition['to_status']; ?>"
|
||||
data-requires-comment="<?php echo $transition['requires_comment'] ? '1' : '0'; ?>"
|
||||
data-requires-admin="<?php echo $transition['requires_admin'] ? '1' : '0'; ?>">
|
||||
<?php echo $transition['to_status']; ?>
|
||||
<?php if ($transition['requires_comment']): ?> *<?php endif; ?>
|
||||
<?php if ($transition['requires_admin']): ?> (Admin)<?php endif; ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
<span class="priority-indicator priority-<?php echo $ticket["priority"]; ?>">P<?php echo $ticket["priority"]; ?></span>
|
||||
</div>
|
||||
<button id="editButton" class="btn" onclick="toggleEditMode()">Edit Ticket</button>
|
||||
|
||||
Reference in New Issue
Block a user