From 1de92c0d2605ff484602a0de84ff0112210bf82d Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Fri, 20 Jul 2018 12:55:54 -0400
Subject: [PATCH] #651 Add 'can_change_due_date' permission

---
 admin/admin_ticket.php                       | 6 ++++--
 api/BusinessLogic/Security/UserPrivilege.php | 1 +
 api/BusinessLogic/Tickets/TicketEditor.php   | 2 +-
 inc/common.inc.php                           | 1 +
 language/en/text-mfh.php                     | 5 ++++-
 5 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php
index 535b5b31..55be5707 100644
--- a/admin/admin_ticket.php
+++ b/admin/admin_ticket.php
@@ -53,6 +53,7 @@ $can_resolve = hesk_checkPermission('can_resolve', 0);
 $can_view_ass_by = hesk_checkPermission('can_view_ass_by', 0);
 $can_privacy = hesk_checkPermission('can_privacy',0);
 $can_export = hesk_checkPermission('can_export',0);
+$can_change_due_date = hesk_checkPermission('can_change_due_date', 0);
 
 // Get ticket ID
 $trackingID = hesk_cleanID() or print_form();
@@ -172,7 +173,8 @@ if ($isManager) {
     $can_resolve =
     $can_view_ass_by =
     $can_privacy =
-    $can_export = true;
+    $can_export =
+    $can_change_due_date = true;
 }
 
 /* Is this user allowed to view tickets inside this category? */
@@ -757,7 +759,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                     ?>
                                 </span>
                             </b><br>
-                            <?php if ($can_edit): ?>
+                            <?php if ($can_change_due_date): ?>
                             <button class="btn btn-default btn-sm" id="change-button">
                                 <?php echo $hesklang['chg']; ?>
                             </button>
diff --git a/api/BusinessLogic/Security/UserPrivilege.php b/api/BusinessLogic/Security/UserPrivilege.php
index 5834fabf..31668a97 100644
--- a/api/BusinessLogic/Security/UserPrivilege.php
+++ b/api/BusinessLogic/Security/UserPrivilege.php
@@ -19,4 +19,5 @@ class UserPrivilege extends \BaseClass {
     const CAN_VIEW_UNASSIGNED = 'can_view_unassigned';
     const CAN_VIEW_ASSIGNED_BY_ME = 'can_view_ass_by';
     const CAN_MANAGE_SERVICE_MESSAGES = 'can_service_msg';
+    const CAN_CHANGE_DUE_DATE = 'can_change_due_date';
 }
\ No newline at end of file
diff --git a/api/BusinessLogic/Tickets/TicketEditor.php b/api/BusinessLogic/Tickets/TicketEditor.php
index 13eceaa6..4c0a6c42 100644
--- a/api/BusinessLogic/Tickets/TicketEditor.php
+++ b/api/BusinessLogic/Tickets/TicketEditor.php
@@ -193,7 +193,7 @@ class TicketEditor extends \BaseClass {
             $validationModel->errorKeys[] = 'TICKET_MUST_EXIST_FOR_ID';
         }
 
-        if (!$this->userToTicketChecker->isTicketAccessibleToUser($userContext, $ticket, $heskSettings, array(UserPrivilege::CAN_EDIT_TICKETS))) {
+        if (!$this->userToTicketChecker->isTicketAccessibleToUser($userContext, $ticket, $heskSettings, array(UserPrivilege::CAN_CHANGE_DUE_DATE))) {
             $validationModel->errorKeys[] = 'TICKET_MUST_BE_ACCESSIBLE_TO_USER';
         }
 
diff --git a/inc/common.inc.php b/inc/common.inc.php
index e862aa99..fd7693e4 100644
--- a/inc/common.inc.php
+++ b/inc/common.inc.php
@@ -2083,6 +2083,7 @@ function hesk_getFeatureArray()
         'can_del_notes',        /* User can delete ticket notes posted by other staff members */
         'can_change_cat',		/* User can move ticket to any category/department */
         'can_change_own_cat',	/* User can move ticket to a category/department he/she has access to */
+        'can_change_due_date',  /* User can change a ticket's due date */
         'can_man_kb',            /* User can manage knowledgebase articles and categories */
         'can_man_users',        /* User can create and edit staff accounts */
         'can_man_cat',            /* User can manage categories/departments */
diff --git a/language/en/text-mfh.php b/language/en/text-mfh.php
index 8a805622..c373d9cd 100644
--- a/language/en/text-mfh.php
+++ b/language/en/text-mfh.php
@@ -683,7 +683,7 @@ $hesklang['emails_to_receive'] = 'Emails to receive';
 $hesklang['emails_sent_to_staff'] = 'Emails sent to staff';
 $hesklang['emails_sent_to_customer'] = 'Emails sent to customer';
 
-// Added or modified in Mods for HESK 4.0.0
+// Added or modified in Mods for HESK 2018.1.0
 $hesklang['audit_anonymized'] = '%s anonymized ticket';
 $hesklang['location_unavailable_6'] = "This ticket was anonymized, so location information has been removed.";
 $hesklang['anon_user_agent'] = '[User Agent]';
@@ -691,5 +691,8 @@ $hesklang['anon_screen_resolution'] = '0';
 $hesklang['audit_submitted_via_imap']='Ticket submitted via IMAP fetching';
 $hesklang['thist'] = 'Audit Log'; // Overriding text.php's value
 
+// Added or modified in Mods for HESK 2018.2.0
+$hesklang['can_change_due_date'] = 'Can change ticket due dates';
+
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');
\ No newline at end of file