feat: added allowed transitions based on role

ticketsystem/forms.py

@@ -17,10 +17,18 @@ class CommentForm(forms.ModelForm):
 class TicketForm(forms.ModelForm):
     # Zentrale Definition der Status-Übergänge
     STATUS_TRANSITIONS = {
-        'new': ['in_progress'],
-        'in_progress': ['resolved', 'closed'],
-        'resolved': ['closed'],
-        'closed': [],  # Keine weiteren Übergänge
+        'tutor': {
+            'new': ['in_progress'],
+            'in_progress': ['resolved', 'new'],
+            'resolved': ['closed'],
+            'closed': [],
+        },
+        'creator': {
+            'new': [],
+            'in_progress': [],
+            'resolved': ['closed', 'new'],
+            'closed': [],
+        }
     }
 
     # Zentrale Definition welche Felder wann required sind
@@ -61,13 +69,13 @@ class TicketForm(forms.ModelForm):
     def _set_field_permissions(self, is_tutor, is_creator, is_superuser):
         """Setzt welche Felder bearbeitet werden dürfen"""
         if is_tutor and not is_superuser:
-            # Tutor darf nur Status und Answer ändern
-            readonly_fields = ['title', 'description']
+            # Tutor darf ändern:
+            readonly_fields = ['title', 'description', 'material']
             for field_name in readonly_fields:
                 if field_name in self.fields:
                     self.fields[field_name].disabled = True
-        elif is_creator and not is_superuser:
-            # Ersteller darf gar nichts ändern
+        elif is_creator and not is_superuser and self.ticket.status != 'resolved':
+            # Creator darf ändern bei resolved
             for field_name in self.fields:
                 self.fields[field_name].disabled = True
 
@@ -76,9 +84,16 @@ class TicketForm(forms.ModelForm):
         current_status = self.ticket.status
 
         if is_tutor:
-            allowed_statuses = self._get_allowed_transitions(current_status)
+            role = 'tutor'
+        elif is_creator:
+            role = 'creator'
         else:
-            # Nicht-Tutoren sehen nur aktuellen Status
+            role = None
+
+        if role:
+            allowed_statuses = self._get_allowed_transitions(current_status, role)
+        else:
+            # Andere User sehen nur aktuellen Status
             allowed_statuses = [current_status]
 
         # Status-Choices filtern
@@ -88,18 +103,19 @@ class TicketForm(forms.ModelForm):
             if choice[0] in allowed_statuses
         ]
 
-    def _get_allowed_transitions(self, from_status):
-        """Gibt erlaubte Status-Übergänge zurück"""
-        return [from_status] + self.STATUS_TRANSITIONS.get(from_status, [])
+    def _get_allowed_transitions(self, from_status, role):
+        """Gibt erlaubte Status-Übergänge zurück (zentrale Logik)"""
+        transitions = self.STATUS_TRANSITIONS.get(role, {}).get(from_status, [])
+        return [from_status] + transitions
 
-    def _is_transition_allowed(self, from_status, to_status):
+    def _is_transition_allowed(self, from_status, to_status, role):
         """Prüft ob ein Status-Übergang erlaubt ist"""
         if from_status == to_status:
             return True
-        return to_status in self.STATUS_TRANSITIONS.get(from_status, [])
+        return to_status in self.STATUS_TRANSITIONS.get(role, {}).get(from_status, [])
 
     def _get_required_fields_for_status(self, status):
-        """Gibt zurück welche Felder für einen Status required sind"""
+        """Gibt zurück, welche Felder für einen Status required sind"""
         return self.REQUIRED_FIELDS_BY_STATUS.get(status, [])
 
     def clean(self):
@@ -112,8 +128,16 @@ class TicketForm(forms.ModelForm):
         # Prüfe Status-Übergang
         old_status = self.ticket.status
         is_tutor = self.user == self.ticket.assigned_to
+        is_creator = self.user == self.ticket.created_by
 
-        if is_tutor and not self._is_transition_allowed(old_status, status):
+        if is_tutor:
+            role = 'tutor'
+        elif is_creator:
+            role = 'creator'
+        else:
+            role = None
+
+        if role and not self._is_transition_allowed(old_status, status, role):
             raise ValidationError({
                 'status': f'Übergang von "{self.ticket.get_status_display()}" zu "{dict(self.fields["status"].choices)[status]}" ist nicht erlaubt.'
             })

ticketsystem/views.py

@@ -85,8 +85,10 @@ class TicketDetailUpdateView(UpdateView):
         is_assigned_tutor = user == self.ticket.assigned_to
         is_superuser = user.is_superuser
 
-        # Nur Autor und Admin kann Tickets bearbeiten
-        if self.ticket.status == "closed" and not is_superuser:
+        # Bearbeitungsrechte abhängig vom Status
+        if self.ticket.status == 'resolved' and is_creator:
+            self.can_edit = True
+        elif self.ticket.status == 'closed' and not is_superuser:
             self.can_edit = False
         else:
             self.can_edit = is_assigned_tutor or is_superuser