fix: expanded permission logic for admins

ticketsystem/forms.py

@@ -28,6 +28,13 @@ class TicketForm(forms.ModelForm):
             'in_progress': [],
             'resolved': ['closed', 'new'],
             'closed': [],
+        },
+        'superuser': {
+            # Superuser können alle Übergänge machen
+            'new': ['in_progress', 'resolved', 'closed'],
+            'in_progress': ['new', 'resolved', 'closed'],
+            'resolved': ['new', 'in_progress', 'closed'],
+            'closed': ['new', 'in_progress', 'resolved'],
         }
     }
 
@@ -61,32 +68,39 @@ class TicketForm(forms.ModelForm):
         is_superuser = self.user.is_superuser
 
         # Status-Choices einschränken
-        self._limit_status_choices(is_tutor, is_creator)
+        self._limit_status_choices(is_tutor, is_creator, is_superuser)
 
         # Feld-Berechtigungen setzen
         self._set_field_permissions(is_tutor, is_creator, is_superuser)
 
     def _set_field_permissions(self, is_tutor, is_creator, is_superuser):
         """Setzt welche Felder bearbeitet werden dürfen"""
-        if self.ticket.status == 'resolved' and is_creator and not is_superuser:
+        # Superuser können alles bearbeiten
+        if is_superuser:
+            return
+
+        if self.ticket.status == 'resolved' and is_creator:
             for field_name in self.fields:
                 if field_name == "answer":
                     self.fields[field_name].disabled = True
-        elif is_tutor and not is_superuser:
+        elif is_tutor:
             # Tutor darf ändern:
             readonly_fields = ['title', 'description', 'material']
             for field_name in readonly_fields:
                 if field_name in self.fields:
                     self.fields[field_name].disabled = True
-        elif is_creator and not is_superuser and self.ticket.status != 'resolved':
+        elif is_creator and self.ticket.status != 'resolved':
             for field_name in self.fields:
                 self.fields[field_name].disabled = True
 
-    def _limit_status_choices(self, is_tutor, is_creator):
+    def _limit_status_choices(self, is_tutor, is_creator, is_superuser):
         """Beschränkt verfügbare Status-Optionen basierend auf der zentralen Logik"""
         current_status = self.ticket.status
 
-        if is_tutor:
+        # Superuser bekommen alle Status-Optionen
+        if is_superuser:
+            role = 'superuser'
+        elif is_tutor:
             role = 'tutor'
         elif is_creator:
             role = 'creator'
@@ -132,8 +146,12 @@ class TicketForm(forms.ModelForm):
         old_status = self.ticket.status
         is_tutor = self.user == self.ticket.assigned_to
         is_creator = self.user == self.ticket.created_by
+        is_superuser = self.user.is_superuser
 
-        if is_tutor:
+        # Superuser dürfen alle Übergänge
+        if is_superuser:
+            role = 'superuser'
+        elif is_tutor:
             role = 'tutor'
         elif is_creator:
             role = 'creator'

ticketsystem/views.py

@@ -90,12 +90,14 @@ class TicketDetailUpdateView(UpdateView):
         is_superuser = user.is_superuser
 
         # Bearbeitungsrechte abhängig vom Status
-        if self.ticket.status == 'resolved' and is_creator:
+        if is_superuser:
             self.can_edit = True
-        elif self.ticket.status == 'closed' and not is_superuser:
+        elif self.ticket.status == 'resolved' and is_creator:
+            self.can_edit = True
+        elif self.ticket.status == 'closed':
             self.can_edit = False
         else:
-            self.can_edit = is_assigned_tutor or is_superuser
+            self.can_edit = is_assigned_tutor
 
         # Zusätzliche Flags für Template
         self.is_creator = is_creator