diff --git a/application/controllers/receivings.php b/application/controllers/receivings.php
index 435f4a449..e917790d3 100644
--- a/application/controllers/receivings.php
+++ b/application/controllers/receivings.php
@@ -236,7 +236,7 @@ class Receivings extends Secure_area
$data['show_stock_locations']=$show_stock_locations;
$data['total']=$this->receiving_lib->get_total();
- $data['items_module_allowed']=$this->Employee->has_permission('items',$person_info->person_id);
+ $data['items_module_allowed']=$this->Employee->has_grant('items',$person_info->person_id);
$data['comment']=$this->receiving_lib->get_comment();
$data['payment_options']=array(
$this->lang->line('sales_cash') => $this->lang->line('sales_cash'),
diff --git a/application/controllers/sales.php b/application/controllers/sales.php
index 88fd59733..c5eb5df22 100644
--- a/application/controllers/sales.php
+++ b/application/controllers/sales.php
@@ -367,7 +367,7 @@ class Sales extends Secure_area
$data['subtotal']=$this->sale_lib->get_subtotal();
$data['taxes']=$this->sale_lib->get_taxes();
$data['total']=$this->sale_lib->get_total();
- $data['items_module_allowed']=$this->Employee->has_permission('items', $person_info->person_id);
+ $data['items_module_allowed']=$this->Employee->has_grant('items', $person_info->person_id);
$data['comment']=$this->sale_lib->get_comment();
$data['email_receipt']=$this->sale_lib->get_email_receipt();
$data['payments_total']=$this->sale_lib->get_payments_total();
diff --git a/application/controllers/secure_area.php b/application/controllers/secure_area.php
index 77049d234..0d995247a 100644
--- a/application/controllers/secure_area.php
+++ b/application/controllers/secure_area.php
@@ -14,8 +14,8 @@ class Secure_area extends CI_Controller
redirect('login');
}
$employee_id=$this->Employee->get_logged_in_employee_info()->person_id;
- if(!$this->Employee->has_module_permission($module_id,$employee_id) ||
- (isset($submodule_id) && !$this->Employee->has_module_permission($submodule_id,$employee_id)))
+ if(!$this->Employee->has_module_grant($module_id,$employee_id) ||
+ (isset($submodule_id) && !$this->Employee->has_module_grant($submodule_id,$employee_id)))
{
redirect('no_access/'.$module_id);
}
diff --git a/application/helpers/report_helper.php b/application/helpers/report_helper.php
index 2617642b1..28bd800d8 100644
--- a/application/helpers/report_helper.php
+++ b/application/helpers/report_helper.php
@@ -86,18 +86,25 @@ function random_color()
return $c;
}
-function show_report_if_allowed($grant, $report_prefix, $report_name='')
+function show_report_if_allowed($report_prefix, $report_name, $person_id, $permission_id='')
{
$CI =& get_instance();
- $report_name = empty($report_name) ? $grant['permission_id'] : $report_name;
- $lang_line = 'reports_' .$report_name;
- $report_label = $CI->lang->line($lang_line);
+ if ($CI->Employee->has_grant($permission_id, $person_id))
+ {
+ show_report($report_prefix, $report_name, $permission_id);
+ }
+}
+
+function show_report($report_prefix, $report_name, $lang_key='')
+{
+ $CI =& get_instance();
+ $report_label = $CI->lang->line(empty($lang_key) ? $report_name : $lang_key);
$report_prefix = empty($report_prefix) ? '' : $report_prefix . '_';
// no summary nor detailed reports for receivings
- if (!empty($report_label) && !(preg_match('/.*summary_?$/', $report_prefix) && $report_name === "receivings"))
+ if (!empty($report_label))
{
?>
-
+
db->from('grants');
- $this->db->where('permission_id like "' . $submodule_id . '%"');
+ $this->db->like('permission_id', $permission_id, 'after');
$this->db->where('person_id',$person_id);
$result = $this->db->get();
$result_count = $result->num_rows();
@@ -317,13 +317,13 @@ class Employee extends Person
{
return $result_count != 0;
}
- return $this->has_submodules($submodule_id);
+ return $this->has_subpermissions($permission_id);
}
- function has_submodules($submodule_id)
+ function has_subpermissions($permission_id)
{
$this->db->from('permissions');
- $this->db->where('permission_id like "' . $submodule_id . '_%"');
+ $this->db->like('permission_id', $permission_id.'_', 'after');
$result = $this->db->get();
return $result->num_rows() == 0;
}
@@ -331,7 +331,7 @@ class Employee extends Person
/*
Determines whether the employee specified employee has access the specific module.
*/
- function has_permission($permission_id,$person_id)
+ function has_grant($permission_id,$person_id)
{
//if no module_id is null, allow access
if($permission_id==null)
@@ -347,24 +347,8 @@ class Employee extends Person
{
$this->db->from('grants');
$this->db->where('person_id',$person_id);
- $results = $this->db->get()->result_array();
- return $this->add_sales_categories($results, $person_id);
+ return $this->db->get()->result_array();
}
- function add_sales_categories($results, $person_id)
- {
- foreach($results as $result)
- {
- if ($result['permission_id'] == 'reports_sales')
- {
- foreach(array('categories', 'taxes', 'discounts', 'payments') as $sales_category)
- {
- $results[] = array('permission_id' => 'reports_'.$sales_category, 'person_id' => $person_id);
- }
- }
- }
- return $results;
- }
-
}
?>
diff --git a/application/views/employees/form.php b/application/views/employees/form.php
index 465d46488..7f38f6b62 100644
--- a/application/views/employees/form.php
+++ b/application/views/employees/form.php
@@ -56,7 +56,7 @@ foreach($all_modules->result() as $module)
{
?>
-module_id,$this->Employee->has_permission($module->module_id,$person_info->person_id)); ?>
+module_id,$this->Employee->has_grant($module->module_id,$person_info->person_id)); ?>
lang->line('module_'.$module->module_id);?>:
lang->line('module_'.$module->module_id.'_desc');?>
result() as $module)
?>
-
- permission_id,$this->Employee->has_permission($permission->permission_id,$person_info->person_id)); ?>
+ permission_id,$this->Employee->has_grant($permission->permission_id,$person_info->person_id)); ?>
diff --git a/application/views/reports/listing.php b/application/views/reports/listing.php
index dc49fa9e8..a1376123a 100644
--- a/application/views/reports/listing.php
+++ b/application/views/reports/listing.php
@@ -7,7 +7,10 @@
@@ -18,7 +21,10 @@
@@ -27,23 +33,24 @@
lang->line('reports_detailed_reports'); ?>
session->userdata('person_id');
+ show_report_if_allowed('detailed', 'sales', $person_id);
+ show_report_if_allowed('detailed', 'receivings', $person_id);
+ show_report_if_allowed('specific', 'customer', $person_id, 'reports_customers');
+ show_report_if_allowed('specific', 'discount', $person_id, 'reports_discounts');
+ show_report_if_allowed('specific', 'employee', $person_id, 'reports_employees');
?>
Employee->has_permission('reports_inventory', $this->session->userdata('person_id')))
+ if ($this->Employee->has_grant('reports_inventory', $this->session->userdata('person_id')))
{
?>
lang->line('reports_inventory_reports'); ?>