uvdesk · Abhi12-gupta · Jun 9, 2023 · Jun 15, 2023 · Jun 27, 2023
diff --git a/API/Threads.php b/API/Threads.php
@@ -15,6 +15,7 @@
 use Webkul\UVDesk\CoreFrameworkBundle\Entity\Ticket;
 use Webkul\UVDesk\CoreFrameworkBundle\Entity\TicketStatus;
 use Webkul\UVDesk\CoreFrameworkBundle\Entity\User;
+use Webkul\UVDesk\CoreFrameworkBundle\Entity\UserInstance;
 use Webkul\UVDesk\CoreFrameworkBundle\Entity\Attachment;
 
 use Webkul\UVDesk\CoreFrameworkBundle\Workflow\Events as CoreWorkflowEvents;
@@ -117,9 +118,17 @@ public function saveThread(Request $request, $ticketid, ContainerInterface $cont
         // Create Thread
         $thread = $container->get('ticket.service')->createThread($ticket, $threadDetails);
 
+        $customer = $this->getDoctrine()->getRepository(UserInstance::class)->findOneBy(array('user' => $user->getId(), 'supportRole' => 4 ));
+
         // Check for thread types
         switch ($thread->getThreadType()) {
             case 'note':
+
+                if ($customer) {
+                    $json['success'] = "success', Can't add note user account.";
+                    return new JsonResponse($json, Response::HTTP_BAD_REQUEST);
+                }
+
                 $event = new CoreWorkflowEvents\Ticket\Note();
                 $event
                     ->setTicket($ticket)
@@ -145,6 +154,11 @@ public function saveThread(Request $request, $ticketid, ContainerInterface $cont
                 break;
             case 'forward':
                 // Prepare headers
+                if ($customer) {
+                    $json['success'] = "success', Can't forward ticket to user account.";
+                    return new JsonResponse($json, Response::HTTP_BAD_REQUEST);
+                }
+
                 $headers = ['References' => $ticket->getReferenceIds()];
 
                 if (null != $ticket->currentThread->getMessageId()) {

diff --git a/Security/Guards/APIGuard.php b/Security/Guards/APIGuard.php
@@ -151,6 +151,24 @@ public function onAuthenticationFailure(Request $request, AuthenticationExceptio
                     'error_code' => self::INVALID_CREDNETIALS,
                 ];
 
+                break;
+            case 'An authentication exception occurred.':
+                if ($request->attributes->get('_route') == 'uvdesk_api_bundle_sessions_api_v1.0_logout_session'){
+                    $data = [
+                        'status' => false,
+                        'message' => 'This Session token has been already expired successfully.',
+                        'error_code' => self::INVALID_CREDNETIALS,
+                    ];
+
+                    return new JsonResponse($data, Response::HTTP_FORBIDDEN);
+                }
+
+                $data = [
+                    'status' => false,
+                    'message' => 'This api is disabled from admin end, please check once again.',
+                    'error_code' => self::INVALID_CREDNETIALS,
+                ];
+
                 break;
             default:
                 $data = [