From ac667a23dcf229c384027a7faab5a5bde97e9c20 Mon Sep 17 00:00:00 2001
From: jekkos-t520 <jeroen.peelaerts@gmail.com>
Date: Sun, 12 Oct 2014 02:54:54 +0200
Subject: [PATCH] Refactor report listing (again) All reports have proper
 permissions now (categories, taxes, discounts,..) Minor refactoring and code
 cleanup

---
 application/controllers/receivings.php  |  2 +-
 application/controllers/sales.php       |  2 +-
 application/controllers/secure_area.php |  4 ++--
 application/helpers/report_helper.php   | 19 +++++++++++-----
 application/models/employee.php         | 30 ++++++-------------------
 application/views/employees/form.php    |  4 ++--
 application/views/reports/listing.php   | 27 +++++++++++++---------
 7 files changed, 43 insertions(+), 45 deletions(-)

diff --git a/application/controllers/receivings.php b/application/controllers/receivings.php
index 435f4a449..e917790d3 100644
--- a/application/controllers/receivings.php
+++ b/application/controllers/receivings.php
@@ -236,7 +236,7 @@ class Receivings extends Secure_area
         $data['show_stock_locations']=$show_stock_locations;
         
 		$data['total']=$this->receiving_lib->get_total();
-		$data['items_module_allowed']=$this->Employee->has_permission('items',$person_info->person_id);
+		$data['items_module_allowed']=$this->Employee->has_grant('items',$person_info->person_id);
 		$data['comment']=$this->receiving_lib->get_comment();
 		$data['payment_options']=array(
 			$this->lang->line('sales_cash') => $this->lang->line('sales_cash'),
diff --git a/application/controllers/sales.php b/application/controllers/sales.php
index 88fd59733..c5eb5df22 100644
--- a/application/controllers/sales.php
+++ b/application/controllers/sales.php
@@ -367,7 +367,7 @@ class Sales extends Secure_area
 		$data['subtotal']=$this->sale_lib->get_subtotal();
 		$data['taxes']=$this->sale_lib->get_taxes();
 		$data['total']=$this->sale_lib->get_total();
-		$data['items_module_allowed']=$this->Employee->has_permission('items', $person_info->person_id);
+		$data['items_module_allowed']=$this->Employee->has_grant('items', $person_info->person_id);
 		$data['comment']=$this->sale_lib->get_comment();
 		$data['email_receipt']=$this->sale_lib->get_email_receipt();
 		$data['payments_total']=$this->sale_lib->get_payments_total();
diff --git a/application/controllers/secure_area.php b/application/controllers/secure_area.php
index 77049d234..0d995247a 100644
--- a/application/controllers/secure_area.php
+++ b/application/controllers/secure_area.php
@@ -14,8 +14,8 @@ class Secure_area extends CI_Controller
 			redirect('login');
 		}
 		$employee_id=$this->Employee->get_logged_in_employee_info()->person_id;
-		if(!$this->Employee->has_module_permission($module_id,$employee_id) || 
-			(isset($submodule_id) && !$this->Employee->has_module_permission($submodule_id,$employee_id)))
+		if(!$this->Employee->has_module_grant($module_id,$employee_id) || 
+			(isset($submodule_id) && !$this->Employee->has_module_grant($submodule_id,$employee_id)))
 		{
 			redirect('no_access/'.$module_id);
 		}
diff --git a/application/helpers/report_helper.php b/application/helpers/report_helper.php
index 2617642b1..28bd800d8 100644
--- a/application/helpers/report_helper.php
+++ b/application/helpers/report_helper.php
@@ -86,18 +86,25 @@ function random_color()
     return $c;
 }
 
-function show_report_if_allowed($grant, $report_prefix, $report_name='')
+function show_report_if_allowed($report_prefix, $report_name, $person_id, $permission_id='')
 {
 	$CI =& get_instance();
-	$report_name = empty($report_name) ? $grant['permission_id'] : $report_name;
-	$lang_line = 'reports_' .$report_name;
-	$report_label = $CI->lang->line($lang_line);
+	if ($CI->Employee->has_grant($permission_id, $person_id))
+	{
+		show_report($report_prefix, $report_name, $permission_id);
+	}
+}
+
+function show_report($report_prefix, $report_name, $lang_key='')
+{
+	$CI =& get_instance();
+	$report_label = $CI->lang->line(empty($lang_key) ? $report_name : $lang_key);
 	$report_prefix = empty($report_prefix) ? '' : $report_prefix . '_';
 	// no summary nor detailed reports for receivings
-	if (!empty($report_label) && !(preg_match('/.*summary_?$/', $report_prefix) && $report_name === "receivings"))
+	if (!empty($report_label))
 	{
 		?>
-			<li><a href="<?php echo site_url('reports/' . $report_prefix . $report_name);?>"><?php echo $report_label; ?></a></li>
+			<li><a href="<?php echo site_url('reports/' . $report_prefix . preg_replace('/reports_(.*)/', '$1', $report_name));?>"><?php echo $report_label; ?></a></li>
 		<?php 
 	}
 }
\ No newline at end of file
diff --git a/application/models/employee.php b/application/models/employee.php
index ab04ef32c..e67f303f5 100644
--- a/application/models/employee.php
+++ b/application/models/employee.php
@@ -306,10 +306,10 @@ class Employee extends Person
 	/*
 	 * Determines whether the employee has access to at least one submodule
 	 */
-	function has_module_permission($submodule_id,$person_id)
+	function has_module_grant($permission_id,$person_id)
 	{
 		$this->db->from('grants');
-		$this->db->where('permission_id like "' . $submodule_id . '%"');
+		$this->db->like('permission_id', $permission_id, 'after');
 		$this->db->where('person_id',$person_id);
 		$result = $this->db->get();
 		$result_count = $result->num_rows();
@@ -317,13 +317,13 @@ class Employee extends Person
 		{
 			return $result_count != 0;
 		}
-		return $this->has_submodules($submodule_id);
+		return $this->has_subpermissions($permission_id);
 	}
 	
-	function has_submodules($submodule_id)
+	function has_subpermissions($permission_id)
 	{
 		$this->db->from('permissions');
-		$this->db->where('permission_id like "' . $submodule_id . '_%"');
+		$this->db->like('permission_id', $permission_id.'_', 'after');
 		$result = $this->db->get();
 		return $result->num_rows() == 0;
 	}
@@ -331,7 +331,7 @@ class Employee extends Person
 	/*
 	Determines whether the employee specified employee has access the specific module.
 	*/
-	function has_permission($permission_id,$person_id)
+	function has_grant($permission_id,$person_id)
 	{
 		//if no module_id is null, allow access
 		if($permission_id==null)
@@ -347,24 +347,8 @@ class Employee extends Person
 	{
 		$this->db->from('grants');
 		$this->db->where('person_id',$person_id);
-		$results = $this->db->get()->result_array();
-		return $this->add_sales_categories($results, $person_id);
+		return $this->db->get()->result_array();
 	}
 	
-	function add_sales_categories($results, $person_id)
-	{
-		foreach($results as $result)
-		{
-			if ($result['permission_id'] == 'reports_sales')
-			{
-				foreach(array('categories', 'taxes', 'discounts', 'payments') as $sales_category)
-				{
-					$results[] = array('permission_id' => 'reports_'.$sales_category, 'person_id' => $person_id);
-				}
-			}
-		}
-		return $results;
-	}
-
 }
 ?>
diff --git a/application/views/employees/form.php b/application/views/employees/form.php
index 465d46488..7f38f6b62 100644
--- a/application/views/employees/form.php
+++ b/application/views/employees/form.php
@@ -56,7 +56,7 @@ foreach($all_modules->result() as $module)
 {
 ?>
 <li>	
-<?php echo form_checkbox("grants[]",$module->module_id,$this->Employee->has_permission($module->module_id,$person_info->person_id)); ?>
+<?php echo form_checkbox("grants[]",$module->module_id,$this->Employee->has_grant($module->module_id,$person_info->person_id)); ?>
 <span class="medium"><?php echo $this->lang->line('module_'.$module->module_id);?>:</span>
 <span class="small"><?php echo $this->lang->line('module_'.$module->module_id.'_desc');?></span>
 <?php
@@ -70,7 +70,7 @@ foreach($all_modules->result() as $module)
 			?>
 		<ul>
 			<li>
-			<?php echo form_checkbox("grants[]",$permission->permission_id,$this->Employee->has_permission($permission->permission_id,$person_info->person_id)); ?>
+			<?php echo form_checkbox("grants[]",$permission->permission_id,$this->Employee->has_grant($permission->permission_id,$person_info->person_id)); ?>
 			<span class="medium"><?php echo $lang_line ?></span>
 			</li>
 		</ul>
diff --git a/application/views/reports/listing.php b/application/views/reports/listing.php
index dc49fa9e8..a1376123a 100644
--- a/application/views/reports/listing.php
+++ b/application/views/reports/listing.php
@@ -7,7 +7,10 @@
 			<?php
 			foreach($grants as $grant) 
 			{
-				show_report_if_allowed($grant, 'graphical_summary');
+				if (!preg_match('/reports_(inventory|receivings)/', $grant['permission_id']))
+				{
+					show_report('graphical_summary',$grant['permission_id']);
+				}
 			}
 			?>
 		</ul>
@@ -18,7 +21,10 @@
 			<?php 
 			foreach($grants as $grant) 
 			{
-				show_report_if_allowed($grant, 'summary');
+				if (!preg_match('/reports_(inventory|receivings)/', $grant['permission_id']))
+				{
+					show_report('summary',$grant['permission_id']);
+				}
 			}
 			?>
 		</ul>
@@ -27,23 +33,24 @@
 	<li><h3><?php echo $this->lang->line('reports_detailed_reports'); ?></h3>
 		<ul>
 		<?php 			
-			show_report_if_allowed($grants, 'detailed', 'sales');
-			show_report_if_allowed($grants, 'detailed', 'receivings');
-			show_report_if_allowed($grants, 'specific', 'customer', 'customers');
-			show_report_if_allowed($grants, 'specific', 'discount', 'sales');
-			show_report_if_allowed($grants, 'specific', 'employee', 'employees');
+			$person_id = $this->session->userdata('person_id');
+			show_report_if_allowed('detailed', 'sales', $person_id);
+			show_report_if_allowed('detailed', 'receivings', $person_id);
+			show_report_if_allowed('specific', 'customer', $person_id, 'reports_customers');
+			show_report_if_allowed('specific', 'discount', $person_id, 'reports_discounts');
+			show_report_if_allowed('specific', 'employee', $person_id, 'reports_employees');
 		?>
 		</ul>
 	</li>
 	<?php 
-	if ($this->Employee->has_permission('reports_inventory', $this->session->userdata('person_id')))
+	if ($this->Employee->has_grant('reports_inventory', $this->session->userdata('person_id')))
 	{
 	?>
 	<li><h3><?php echo $this->lang->line('reports_inventory_reports'); ?></h3>
 		<ul>
 		<?php 
-			show_report_if_allowed($grants, '', 'inventory_low', 'inventory');	
-			show_report_if_allowed($grants, '', 'inventory_summary', 'inventory');
+			show_report('', 'reports_inventory_low');	
+			show_report('', 'reports_inventory_summary');
 		?>
 		</ul>
 	</li>