diff --git a/application/controllers/employees.php b/application/controllers/employees.php
index e719cb0cd..f06181efb 100644
--- a/application/controllers/employees.php
+++ b/application/controllers/employees.php
@@ -47,6 +47,8 @@ class Employees extends Person_controller
{
$data['person_info']=$this->Employee->get_info($employee_id);
$data['all_modules']=$this->Module->get_all_modules();
+ $data['all_subpermissions']=$this->Module->get_all_subpermissions();
+ var_dump($this->db->last_query());
$this->load->view("employees/form",$data);
}
@@ -68,7 +70,7 @@ class Employees extends Person_controller
'country'=>$this->input->post('country'),
'comments'=>$this->input->post('comments')
);
- $permission_data = $this->input->post("permissions")!=false ? $this->input->post("permissions"):array();
+ $grants_data = $this->input->post("grants")!=false ? $this->input->post("grants"):array();
//Password has been changed OR first time password set
if($this->input->post('password')!='')
@@ -83,7 +85,7 @@ class Employees extends Person_controller
$employee_data=array('username'=>$this->input->post('username'));
}
- if($this->Employee->save($person_data,$employee_data,$permission_data,$employee_id))
+ if($this->Employee->save($person_data,$employee_data,$grants_data,$employee_id))
{
//New employee
if($employee_id==-1)
diff --git a/application/controllers/reports.php b/application/controllers/reports.php
index 54f91d465..368bd43a7 100644
--- a/application/controllers/reports.php
+++ b/application/controllers/reports.php
@@ -15,10 +15,10 @@ class Reports extends Secure_area
$submodule_id = preg_match("/([^_.]*)(?:_graph)?$/", $method_name, $matches);
$employee_id=$this->Employee->get_logged_in_employee_info()->person_id;
// check access to report submodule
- /* if (sizeof($exploder) > 1 && !$this->Employee->has_permission('reports_'.$matches[1],$employee_id))
+ if (sizeof($exploder) > 1 && !$this->Employee->has_permission('reports_'.$matches[1],$employee_id))
{
redirect('no_access/'.$submodule_id);
- } */
+ }
$this->load->helper('report');
}
diff --git a/application/controllers/secure_area.php b/application/controllers/secure_area.php
index dbdd750bc..088eb6a27 100644
--- a/application/controllers/secure_area.php
+++ b/application/controllers/secure_area.php
@@ -15,7 +15,7 @@ class Secure_area extends CI_Controller
}
$submodule_id = empty($submodule_id) ? $module_id : $submodule_id;
$employee_id=$this->Employee->get_logged_in_employee_info()->person_id;
- if(!$this->Employee->has_permission($module_id,$employee_id) || !$this->Employee->has_subpermission($submodule_id,$employee_id))
+ if(!$this->Employee->has_module_permission($module_id,$employee_id))
{
redirect('no_access/'.$module_id);
}
@@ -23,6 +23,7 @@ class Secure_area extends CI_Controller
//load up global data
$logged_in_employee_info=$this->Employee->get_logged_in_employee_info();
$data['allowed_modules']=$this->Module->get_allowed_modules($logged_in_employee_info->person_id);
+ $data['grants']=$this->Module->get_employee_grants($logged_in_employee_info->person_id);
$data['user_info']=$logged_in_employee_info;
$this->load->vars($data);
}
diff --git a/application/helpers/report_helper.php b/application/helpers/report_helper.php
index 8367f2785..cf76f78fa 100644
--- a/application/helpers/report_helper.php
+++ b/application/helpers/report_helper.php
@@ -86,7 +86,7 @@ function random_color()
return $c;
}
-function show_report_if_allowed($allowed_modules, $report_prefix, $report_name, $permission='')
+function show_report_if_allowed($grants, $report_prefix, $report_name, $permission='')
{
$CI =& get_instance();
$lang_line = 'reports_' .$report_name;
@@ -96,9 +96,9 @@ function show_report_if_allowed($allowed_modules, $report_prefix, $report_name,
// no summary nor detailed reports for receivings
if (!empty($report_label) && !(preg_match('/.*summary_?$/', $report_prefix) && $report_name === "receivings"))
{
- foreach($allowed_modules->result() as $module)
+ foreach($grants->result() as $grant)
{
- if ($module->module_id == 'reports_'. $permission)
+ if ($grant->permission_id == 'reports_'. $permission)
{
?>
diff --git a/application/models/employee.php b/application/models/employee.php
index 45d469214..068c14c16 100644
--- a/application/models/employee.php
+++ b/application/models/employee.php
@@ -82,7 +82,7 @@ class Employee extends Person
/*
Inserts or updates an employee
*/
- function save(&$person_data, &$employee_data,&$permission_data,$employee_id=false)
+ function save(&$person_data, &$employee_data,&$grants_data,$employee_id=false)
{
$success=false;
@@ -105,17 +105,17 @@ class Employee extends Person
//We have either inserted or updated a new employee, now lets set permissions.
if($success)
{
- //First lets clear out any permissions the employee currently has.
- $success=$this->db->delete('permissions', array('person_id' => $employee_id));
+ //First lets clear out any grants the employee currently has.
+ $success=$this->db->delete('grants', array('person_id' => $employee_id));
- //Now insert the new permissions
+ //Now insert the new grants
if($success)
{
- foreach($permission_data as $allowed_module)
+ foreach($grants_data as $permission_id)
{
- $success = $this->db->insert('permissions',
+ $success = $this->db->insert('grants',
array(
- 'module_id'=>$allowed_module,
+ 'permission_id'=>$permission_id,
'person_id'=>$employee_id));
}
}
@@ -142,7 +142,7 @@ class Employee extends Person
$this->db->trans_start();
//Delete permissions
- if($this->db->delete('permissions', array('person_id' => $employee_id)))
+ if($this->db->delete('grants', array('person_id' => $employee_id)))
{
$this->db->where('person_id', $employee_id);
$success = $this->db->update('employees', array('deleted' => 1));
@@ -167,7 +167,7 @@ class Employee extends Person
$this->db->where_in('person_id',$employee_ids);
//Delete permissions
- if ($this->db->delete('permissions'))
+ if ($this->db->delete('grants'))
{
//delete from employee table
$this->db->where_in('person_id',$employee_ids);
@@ -306,35 +306,40 @@ class Employee extends Person
/*
* Determines whether the employee has access to at least one submodule
*/
- function has_subpermission($submodule_id,$person_id)
+ function has_module_permission($submodule_id,$person_id)
{
- $this->db->from('modules');
- $this->db->where('module_id like "' . $submodule_id . '_%"');
- // has no submodules
+ $this->db->from('grants');
+ $this->db->where('permission_id like "' . $submodule_id . '%"');
+ $this->db->where('person_id',$person_id);
$result = $this->db->get();
- if ($result->num_rows() > 0)
+ $result_count = $result->num_rows();
+ if ($result_count != 1)
{
- $this->db->from('permissions');
- $this->db->where('permissions.module_id like "' . $submodule_id . '_%"');
- $this->db->where("permissions.person_id",$person_id);
- $result = $this->db->get();
- return $result->num_rows() > 0;
+ return $result_count != 0;
}
- return true;
+ return $this->has_submodules($submodule_id);
+ }
+
+ function has_submodules($submodule_id)
+ {
+ $this->db->from('permissions');
+ $this->db->where('permission_id like "' . $submodule_id . '_%"');
+ $result = $this->db->get();
+ return $result->num_rows() == 0;
}
/*
- Determins whether the employee specified employee has access the specific module.
+ Determines whether the employee specified employee has access the specific module.
*/
- function has_permission($module_id,$person_id)
+ function has_permission($permission_id,$person_id)
{
//if no module_id is null, allow access
- if($module_id==null)
+ if($permission_id==null)
{
return true;
}
- $query = $this->db->get_where('permissions', array('person_id' => $person_id,'module_id'=>$module_id), 1);
+ $query = $this->db->get_where('grants', array('person_id'=>$person_id,'permission_id'=>$permission_id), 1);
return ($query->num_rows() == 1);
}
diff --git a/application/models/item_quantities.php b/application/models/item_quantities.php
index 48059e535..1ec21a184 100644
--- a/application/models/item_quantities.php
+++ b/application/models/item_quantities.php
@@ -13,7 +13,7 @@ class Item_quantities extends CI_Model
function save($location_detail, $item_id, $location_id)
{
- if (!($item_id && $location_id) or !$this->exists($item_id,$location_id))
+ if (!$this->exists($item_id,$location_id))
{
if($this->db->insert('item_quantities',$location_detail))
{
diff --git a/application/models/module.php b/application/models/module.php
index 4f5ff99c8..4715f4772 100644
--- a/application/models/module.php
+++ b/application/models/module.php
@@ -31,6 +31,21 @@ class Module extends CI_Model
return $this->lang->line('error_unknown');
}
+ function get_all_permissions()
+ {
+ $this->db->from('permissions');
+ return $this->db->get();
+ }
+
+ function get_all_subpermissions()
+ {
+ $this->db->from('permissions');
+ $this->db->join('modules', 'modules.module_id=permissions.module_id');
+ // can't quote the parameters correctly when using different operators..
+ $this->db->where($this->db->dbprefix('modules').'.module_id!=', 'permission_id', FALSE);
+ return $this->db->get();
+ }
+
function get_all_modules()
{
$this->db->from('modules');
@@ -41,11 +56,19 @@ class Module extends CI_Model
function get_allowed_modules($person_id)
{
$this->db->from('modules');
- $this->db->join('permissions','permissions.module_id=modules.module_id');
- $this->db->where("permissions.person_id",$person_id);
+ $this->db->join('permissions','permissions.permission_id=modules.module_id');
+ $this->db->join('grants','permissions.permission_id=grants.permission_id');
+ $this->db->where("person_id",$person_id);
$this->db->order_by("sort", "asc");
return $this->db->get();
}
+ function get_employee_grants($person_id)
+ {
+ $this->db->from('grants');
+ $this->db->where('person_id',$person_id);
+ return $this->db->get();
+ }
+
}
?>
diff --git a/application/models/stock_locations.php b/application/models/stock_locations.php
index 15d9ad273..172293d0b 100644
--- a/application/models/stock_locations.php
+++ b/application/models/stock_locations.php
@@ -13,9 +13,7 @@ class Stock_locations extends CI_Model
function get_all($limit=10000, $offset=0)
{
$this->db->from('stock_locations');
- $this->db->join('modules', 'modules.module_id=concat(\'items_stock\', location_id)');
- $this->db->join('permissions', 'permissions.module_id=modules.module_id');
- $this->db->where('person_id', $this->session->userdata('person_id'));
+ $this->db->where('deleted', 0);
$this->db->limit($limit);
$this->db->offset($offset);
return $this->db->get();
@@ -25,8 +23,8 @@ class Stock_locations extends CI_Model
{
$this->db->select('location_name');
$this->db->from('stock_locations');
- $this->db->join('modules', 'modules.module_id=concat(\'items_stock\', location_id)');
- $this->db->join('permissions', 'permissions.module_id=modules.module_id');
+ $this->db->join('permissions','permissions.location_id=stock_locations.location_id');
+ $this->db->join('grants','grants.permission_id=permissions.permission_id');;
$this->db->where('person_id', $this->session->userdata('person_id'));
$this->db->where('deleted', 0);
return $this->db->get();
@@ -43,8 +41,8 @@ class Stock_locations extends CI_Model
function get_undeleted_all()
{
$this->db->from('stock_locations');
- $this->db->join('modules', 'modules.module_id=concat(\'items_stock\', location_id)');
- $this->db->join('permissions', 'permissions.module_id=modules.module_id');
+ $this->db->join('permissions','permissions.location_id=stock_locations.location_id');
+ $this->db->join('grants','grants.permission_id=permissions.permission_id');
$this->db->where('person_id', $this->session->userdata('person_id'));
$this->db->where('deleted',0);
return $this->db->get();
@@ -64,9 +62,8 @@ class Stock_locations extends CI_Model
function get_default_location_id()
{
$this->db->from('stock_locations');
- // TODO replace with extra join on ospos_grants
- $this->db->join('modules', 'modules.module_id=concat(\'items_stock\', location_id)');
- $this->db->join('permissions', 'permissions.module_id=modules.module_id');
+ $this->db->join('permissions','permissions.location_id=stock_locations.location_id');
+ $this->db->join('grants','grants.permission_id=permissions.permission_id');
$this->db->where('person_id', $this->session->userdata('person_id'));
$this->db->where('deleted',0);
$this->db->limit(1);
@@ -123,19 +120,21 @@ class Stock_locations extends CI_Model
{
$location_data = array('location_name'=>$location,'deleted'=>0);
$this->db->insert('stock_locations',$location_data);
- // insert new module for stock location
$location_id = $this->db->insert_id();
- $module_id = 'items_stock'.$location_id;
- $module_name = 'module_'.$module_id;
- $module_data = array('name_lang_key' => $module_name, 'desc_lang_key' => $module_name.'_desc', 'module_id' => $module_id);
- $this->db->insert('modules', $module_data);
- // insert permissions for stock location
+
+ // insert new permission for stock location
+ $permission_id = 'items_'.$location;
+ $permission_data = array('permission_id'=>$permission_id,'module_id'=>'items','location_id' => $location_id);
+ $this->db->insert('permissions', $permission_data);
+
+ // insert grants for new permission
$employees = $this->Employee->get_all();
foreach ($employees->result_array() as $employee)
{
- $permission_data = array('module_id' => $module_id, 'person_id' => $employee['person_id']);
- $this->db->insert('permissions', $permission_data);
+ $grants_data = array('permission_id' => $permission_id, 'person_id' => $employee['person_id']);
+ $this->db->insert('grants', $grants_data);
}
+
// insert quantities for existing items
$items = $this->Item->get_all();
foreach ($items->result_array() as $item)
diff --git a/application/views/employees/form.php b/application/views/employees/form.php
index 03d928f69..50bebf2a8 100644
--- a/application/views/employees/form.php
+++ b/application/views/employees/form.php
@@ -54,30 +54,27 @@ $password_label_attributes = $person_info->person_id == "" ? array('class'=>'req
result() as $module)
{
- if (sizeof(explode('_', $module->module_id)) == 1)
- {
?>
-module_id,$this->Employee->has_permission($module->module_id,$person_info->person_id)); ?>
+module_id,$this->Employee->has_permission($module->module_id,$person_info->person_id)); ?>
lang->line('module_'.$module->module_id);?>:
lang->line('module_'.$module->module_id.'_desc');?>
result() as $submodule)
+ foreach($all_subpermissions->result() as $permission)
+ {
+ $exploded_permission = explode('_', $permission->permission_id);
+ if ($permission->module_id == $module->module_id)
{
- $exploded_submodule_id = explode('_', $submodule->module_id);
- if (sizeof($exploded_submodule_id) > 1 && $exploded_submodule_id[0] == $module->module_id)
- {
- $lang_line = $this->lang->line('reports_'.$exploded_submodule_id[1]);
- $lang_line = empty($lang_line) ? $this->Stock_locations->get_location_name(substr($exploded_submodule_id[1], -1)) : $lang_line;
- ?>
-
- -
- module_id,$this->Employee->has_permission($submodule->module_id,$person_info->person_id)); ?>
-
-
-
- lang->line('reports_'.$exploded_permission[1]);
+ $lang_line = empty($lang_line) ? $exploded_permission[1] : $lang_line;
+ ?>
+
+ -
+ permission_id,$this->Employee->has_permission($permission->permission_id,$person_info->person_id)); ?>
+
+
+
+ result() as $module)
{
- if (sizeof(explode('_', $module->module_id)) == 1)
- {
- ?>
+ ?>
-
diff --git a/application/views/reports/listing.php b/application/views/reports/listing.php
index a3383c751..6c1bce3d5 100644
--- a/application/views/reports/listing.php
+++ b/application/views/reports/listing.php
@@ -6,13 +6,13 @@
lang->line('reports_graphical_reports'); ?>
result() as $module)
+ foreach($grants->result() as $grant)
{
- show_report_if_allowed($allowed_modules, 'graphical_summary', $module->module_id);
+ show_report_if_allowed($grants, 'graphical_summary', $grant->permission_id);
}
foreach(array('categories', 'taxes', 'discounts', 'payments') as $sales_category)
{
- show_report_if_allowed($allowed_modules, 'graphical_summary', $sales_category, 'sales');
+ show_report_if_allowed($grants, 'graphical_summary', $sales_category, 'sales');
}
?>
@@ -21,13 +21,13 @@
lang->line('reports_summary_reports'); ?>
result() as $module)
+ foreach($grants->result() as $grant)
{
- show_report_if_allowed($allowed_modules, 'summary', $module->module_id);
+ show_report_if_allowed($grants, 'summary', $grant->permission_id);
}
foreach(array('categories', 'taxes', 'discounts', 'payments') as $sales_category)
{
- show_report_if_allowed($allowed_modules, 'summary', $sales_category, 'sales');
+ show_report_if_allowed($grants, 'summary', $sales_category, 'sales');
}
?>
@@ -36,11 +36,11 @@
lang->line('reports_detailed_reports'); ?>
@@ -51,8 +51,8 @@
lang->line('reports_inventory_reports'); ?>
diff --git a/database/database.sql b/database/database.sql
index 28452abb6..d01cd0f01 100644
--- a/database/database.sql
+++ b/database/database.sql
@@ -37,6 +37,7 @@ INSERT INTO `ospos_app_config` (`key`, `value`) VALUES
('return_policy', 'Test'),
('timezone', 'America/New_York'),
('website', ''),
+('recv_invoice_format', ''),
('tax_included', '0');
-- --------------------------------------------------------
@@ -262,17 +263,9 @@ INSERT INTO `ospos_modules` (`name_lang_key`, `desc_lang_key`, `sort`, `module_i
('module_employees', 'module_employees_desc', 80, 'employees'),
('module_giftcards', 'module_giftcards_desc', 90, 'giftcards'),
('module_items', 'module_items_desc', 20, 'items'),
-('module_items_stock0', 'module_items_stock0_desc', 20, 'items_stock0'),
('module_item_kits', 'module_item_kits_desc', 30, 'item_kits'),
('module_receivings', 'module_receivings_desc', 60, 'receivings'),
('module_reports', 'module_reports_desc', 50, 'reports'),
-('module_reports_sales', 'module_reports_sales_desc', 51, 'reports_sales'),
-('module_reports_receivings', 'module_reports_receivings_desc', 52, 'reports_receivings'),
-('module_reports_items', 'module_reports_items_desc', 54, 'reports_items'),
-('module_reports_inventory', 'module_reports_inventory_desc', 55, 'reports_inventory'),
-('module_reports_customers', 'module_reports_customers_desc', 56, 'reports_customers'),
-('module_reports_employees', 'module_reports_employees_desc', 57, 'reports_employees'),
-('module_reports_suppliers', 'module_reports_suppliers_desc', 57, 'reports_suppliers'),
('module_sales', 'module_sales_desc', 70, 'sales'),
('module_suppliers', 'module_suppliers_desc', 40, 'suppliers');
@@ -296,7 +289,7 @@ CREATE TABLE `ospos_people` (
`comments` text NOT NULL,
`person_id` int(10) NOT NULL AUTO_INCREMENT,
PRIMARY KEY (`person_id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ;
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
--
-- Dumping data for table `ospos_people`
@@ -312,25 +305,64 @@ INSERT INTO `ospos_people` (`first_name`, `last_name`, `phone_number`, `email`,
--
CREATE TABLE `ospos_permissions` (
+ `permission_id` varchar(255) NOT NULL,
`module_id` varchar(255) NOT NULL,
- `person_id` int(10) NOT NULL,
- PRIMARY KEY (`module_id`,`person_id`),
- KEY `person_id` (`person_id`)
+ `location_id` int(10) DEFAULT NULL,
+ PRIMARY KEY (`permission_id`),
+ KEY `module_id` (`module_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Dumping data for table `ospos_permissions`
--
-INSERT INTO `ospos_permissions` (`module_id`, `person_id`) VALUES
+INSERT INTO `ospos_permissions` (`permission_id`, `module_id`) VALUES
+('reports_customers', 'reports'),
+('reports_receivings', 'reports'),
+('reports_items', 'reports'),
+('reports_inventory', 'reports'),
+('reports_employees', 'reports'),
+('reports_suppliers', 'reports'),
+('reports_sales', 'reports'),
+('customers', 'customers'),
+('employees', 'employees'),
+('giftcards', 'giftcards'),
+('items', 'items'),
+('item_kits', 'item_kits'),
+('receivings', 'receivings'),
+('reports', 'reports'),
+('sales', 'sales'),
+('suppliers', 'suppliers');
+
+INSERT INTO `ospos_permissions` (`permission_id`, `module_id`, `location_id`) VALUES
+('items_stock', 'items', 1);
+
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `ospos_grants`
+--
+
+CREATE TABLE `ospos_grants` (
+ `permission_id` varchar(255) NOT NULL,
+ `person_id` int(10) NOT NULL,
+ PRIMARY KEY (`permission_id`,`person_id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Dumping data for table `ospos_grants`
+--
+-- --------------------------------------------------------
+
+INSERT INTO `ospos_grants` (`permission_id`, `person_id`) VALUES
('reports_customers', 1),
-('reports_receivings', 1),
+('reports_receivings', 1),
('reports_items', 1),
('reports_inventory', 1),
('reports_employees', 1),
('reports_suppliers', 1),
-('reports_sales', 1),
-('items_stock0', 1),
+('reports_sales', 1),
('customers', 1),
('employees', 1),
('giftcards', 1),
@@ -341,8 +373,6 @@ INSERT INTO `ospos_permissions` (`module_id`, `person_id`) VALUES
('sales', 1),
('suppliers', 1);
--- --------------------------------------------------------
-
--
-- Table structure for table `ospos_receivings`
--
@@ -677,8 +707,15 @@ ALTER TABLE `ospos_item_kit_items`
-- Constraints for table `ospos_permissions`
--
ALTER TABLE `ospos_permissions`
- ADD CONSTRAINT `ospos_permissions_ibfk_1` FOREIGN KEY (`person_id`) REFERENCES `ospos_employees` (`person_id`) ON DELETE CASCADE,
- ADD CONSTRAINT `ospos_permissions_ibfk_2` FOREIGN KEY (`module_id`) REFERENCES `ospos_modules` (`module_id`) ON DELETE CASCADE;
+ ADD CONSTRAINT `ospos_permissions_ibfk_1` FOREIGN KEY (`module_id`) REFERENCES `ospos_modules` (`module_id`) ON DELETE CASCADE,
+ ADD CONSTRAINT `ospos_permissions_ibfk_2` FOREIGN KEY (`location_id`) REFERENCES `ospos_stock_locations` (`location_id`) ON DELETE CASCADE;
+
+--
+-- Constraints for table `ospos_grants`
+--
+ALTER TABLE `ospos_grants`
+ ADD CONSTRAINT `ospos_grants_ibfk_1` foreign key (`permission_id`) references `ospos_permissions` (`permission_id`),
+ ADD CONSTRAINT `ospos_grants_ibfk_2` foreign key (`person_id`) references `ospos_employees` (`person_id`);
--
-- Constraints for table `ospos_receivings`
.'images/menubar/'.$module->module_id.'.png';?>)