Ticket Mutation UI
OP-066a makes the existing internal ticketing runtime interactive from the console. Operators and admins can now use the Tickets page to create tickets, change status/priority/assignee, add comments, and link related records through real API calls.
What Changed
- Added same-origin frontend API handlers that proxy ticket mutations to the implemented FastAPI ticket endpoints.
- Added a create-ticket form to the ticket queue.
- Added ticket detail actions for status/priority/assignee updates, comments, and related-record links.
- Updated local ticket state from backend-shaped mutation responses.
- Hid all mutation controls for auditor sessions.
- Added frontend tests for operator mutation calls and auditor read-only rendering.
Guardrails
- This UI does not add fake mutation controls.
- External Jira, ServiceNow, Freshdesk, Zendesk, and HaloPSA mirroring remains future adapter work.
- Auditor roles can inspect ticket context but cannot see create, update, comment, or link controls.
- Backend ticket APIs remain the enforcement point for role checks, audit, tenant isolation, idempotency, comments, and link validation.
Validation
npm --prefix frontend test -- --run
Acceptance
| Requirement | Evidence |
|---|---|
| Operator can create a ticket from the console | Tickets page create form posts to /console-api/oneprotect/tickets |
| Operator can update status/assignment | Ticket detail form patches /console-api/oneprotect/tickets/{ticket_id} |
| Operator can add comments | Ticket detail form posts to /comments |
| Operator can link related records | Ticket detail form posts to /links |
| Auditor sees no mutation controls | Frontend test covers auditor read-only rendering |