From aee5f3d27eb776ba49237867a66a2e2b93fe2dd7 Mon Sep 17 00:00:00 2001 From: jekkos-t520 Date: Tue, 7 Oct 2014 00:47:30 +0200 Subject: [PATCH 1/4] Add ospos_grants table Refactor permission and module system --- application/controllers/employees.php | 6 +- application/controllers/reports.php | 4 +- application/controllers/secure_area.php | 3 +- application/helpers/report_helper.php | 6 +- application/models/employee.php | 53 +++++++++-------- application/models/item_quantities.php | 2 +- application/models/module.php | 27 ++++++++- application/models/stock_locations.php | 35 ++++++----- application/views/employees/form.php | 33 +++++------ application/views/partial/header.php | 7 +-- application/views/reports/listing.php | 26 ++++----- database/database.sql | 77 ++++++++++++++++++------- 12 files changed, 170 insertions(+), 109 deletions(-) diff --git a/application/controllers/employees.php b/application/controllers/employees.php index e719cb0cd..f06181efb 100644 --- a/application/controllers/employees.php +++ b/application/controllers/employees.php @@ -47,6 +47,8 @@ class Employees extends Person_controller { $data['person_info']=$this->Employee->get_info($employee_id); $data['all_modules']=$this->Module->get_all_modules(); + $data['all_subpermissions']=$this->Module->get_all_subpermissions(); + var_dump($this->db->last_query()); $this->load->view("employees/form",$data); } @@ -68,7 +70,7 @@ class Employees extends Person_controller 'country'=>$this->input->post('country'), 'comments'=>$this->input->post('comments') ); - $permission_data = $this->input->post("permissions")!=false ? $this->input->post("permissions"):array(); + $grants_data = $this->input->post("grants")!=false ? $this->input->post("grants"):array(); //Password has been changed OR first time password set if($this->input->post('password')!='') @@ -83,7 +85,7 @@ class Employees extends Person_controller $employee_data=array('username'=>$this->input->post('username')); } - if($this->Employee->save($person_data,$employee_data,$permission_data,$employee_id)) + if($this->Employee->save($person_data,$employee_data,$grants_data,$employee_id)) { //New employee if($employee_id==-1) diff --git a/application/controllers/reports.php b/application/controllers/reports.php index 54f91d465..368bd43a7 100644 --- a/application/controllers/reports.php +++ b/application/controllers/reports.php @@ -15,10 +15,10 @@ class Reports extends Secure_area $submodule_id = preg_match("/([^_.]*)(?:_graph)?$/", $method_name, $matches); $employee_id=$this->Employee->get_logged_in_employee_info()->person_id; // check access to report submodule - /* if (sizeof($exploder) > 1 && !$this->Employee->has_permission('reports_'.$matches[1],$employee_id)) + if (sizeof($exploder) > 1 && !$this->Employee->has_permission('reports_'.$matches[1],$employee_id)) { redirect('no_access/'.$submodule_id); - } */ + } $this->load->helper('report'); } diff --git a/application/controllers/secure_area.php b/application/controllers/secure_area.php index dbdd750bc..088eb6a27 100644 --- a/application/controllers/secure_area.php +++ b/application/controllers/secure_area.php @@ -15,7 +15,7 @@ class Secure_area extends CI_Controller } $submodule_id = empty($submodule_id) ? $module_id : $submodule_id; $employee_id=$this->Employee->get_logged_in_employee_info()->person_id; - if(!$this->Employee->has_permission($module_id,$employee_id) || !$this->Employee->has_subpermission($submodule_id,$employee_id)) + if(!$this->Employee->has_module_permission($module_id,$employee_id)) { redirect('no_access/'.$module_id); } @@ -23,6 +23,7 @@ class Secure_area extends CI_Controller //load up global data $logged_in_employee_info=$this->Employee->get_logged_in_employee_info(); $data['allowed_modules']=$this->Module->get_allowed_modules($logged_in_employee_info->person_id); + $data['grants']=$this->Module->get_employee_grants($logged_in_employee_info->person_id); $data['user_info']=$logged_in_employee_info; $this->load->vars($data); } diff --git a/application/helpers/report_helper.php b/application/helpers/report_helper.php index 8367f2785..cf76f78fa 100644 --- a/application/helpers/report_helper.php +++ b/application/helpers/report_helper.php @@ -86,7 +86,7 @@ function random_color() return $c; } -function show_report_if_allowed($allowed_modules, $report_prefix, $report_name, $permission='') +function show_report_if_allowed($grants, $report_prefix, $report_name, $permission='') { $CI =& get_instance(); $lang_line = 'reports_' .$report_name; @@ -96,9 +96,9 @@ function show_report_if_allowed($allowed_modules, $report_prefix, $report_name, // no summary nor detailed reports for receivings if (!empty($report_label) && !(preg_match('/.*summary_?$/', $report_prefix) && $report_name === "receivings")) { - foreach($allowed_modules->result() as $module) + foreach($grants->result() as $grant) { - if ($module->module_id == 'reports_'. $permission) + if ($grant->permission_id == 'reports_'. $permission) { ?>
    • diff --git a/application/models/employee.php b/application/models/employee.php index 45d469214..068c14c16 100644 --- a/application/models/employee.php +++ b/application/models/employee.php @@ -82,7 +82,7 @@ class Employee extends Person /* Inserts or updates an employee */ - function save(&$person_data, &$employee_data,&$permission_data,$employee_id=false) + function save(&$person_data, &$employee_data,&$grants_data,$employee_id=false) { $success=false; @@ -105,17 +105,17 @@ class Employee extends Person //We have either inserted or updated a new employee, now lets set permissions. if($success) { - //First lets clear out any permissions the employee currently has. - $success=$this->db->delete('permissions', array('person_id' => $employee_id)); + //First lets clear out any grants the employee currently has. + $success=$this->db->delete('grants', array('person_id' => $employee_id)); - //Now insert the new permissions + //Now insert the new grants if($success) { - foreach($permission_data as $allowed_module) + foreach($grants_data as $permission_id) { - $success = $this->db->insert('permissions', + $success = $this->db->insert('grants', array( - 'module_id'=>$allowed_module, + 'permission_id'=>$permission_id, 'person_id'=>$employee_id)); } } @@ -142,7 +142,7 @@ class Employee extends Person $this->db->trans_start(); //Delete permissions - if($this->db->delete('permissions', array('person_id' => $employee_id))) + if($this->db->delete('grants', array('person_id' => $employee_id))) { $this->db->where('person_id', $employee_id); $success = $this->db->update('employees', array('deleted' => 1)); @@ -167,7 +167,7 @@ class Employee extends Person $this->db->where_in('person_id',$employee_ids); //Delete permissions - if ($this->db->delete('permissions')) + if ($this->db->delete('grants')) { //delete from employee table $this->db->where_in('person_id',$employee_ids); @@ -306,35 +306,40 @@ class Employee extends Person /* * Determines whether the employee has access to at least one submodule */ - function has_subpermission($submodule_id,$person_id) + function has_module_permission($submodule_id,$person_id) { - $this->db->from('modules'); - $this->db->where('module_id like "' . $submodule_id . '_%"'); - // has no submodules + $this->db->from('grants'); + $this->db->where('permission_id like "' . $submodule_id . '%"'); + $this->db->where('person_id',$person_id); $result = $this->db->get(); - if ($result->num_rows() > 0) + $result_count = $result->num_rows(); + if ($result_count != 1) { - $this->db->from('permissions'); - $this->db->where('permissions.module_id like "' . $submodule_id . '_%"'); - $this->db->where("permissions.person_id",$person_id); - $result = $this->db->get(); - return $result->num_rows() > 0; + return $result_count != 0; } - return true; + return $this->has_submodules($submodule_id); + } + + function has_submodules($submodule_id) + { + $this->db->from('permissions'); + $this->db->where('permission_id like "' . $submodule_id . '_%"'); + $result = $this->db->get(); + return $result->num_rows() == 0; } /* - Determins whether the employee specified employee has access the specific module. + Determines whether the employee specified employee has access the specific module. */ - function has_permission($module_id,$person_id) + function has_permission($permission_id,$person_id) { //if no module_id is null, allow access - if($module_id==null) + if($permission_id==null) { return true; } - $query = $this->db->get_where('permissions', array('person_id' => $person_id,'module_id'=>$module_id), 1); + $query = $this->db->get_where('grants', array('person_id'=>$person_id,'permission_id'=>$permission_id), 1); return ($query->num_rows() == 1); } diff --git a/application/models/item_quantities.php b/application/models/item_quantities.php index 48059e535..1ec21a184 100644 --- a/application/models/item_quantities.php +++ b/application/models/item_quantities.php @@ -13,7 +13,7 @@ class Item_quantities extends CI_Model function save($location_detail, $item_id, $location_id) { - if (!($item_id && $location_id) or !$this->exists($item_id,$location_id)) + if (!$this->exists($item_id,$location_id)) { if($this->db->insert('item_quantities',$location_detail)) { diff --git a/application/models/module.php b/application/models/module.php index 4f5ff99c8..4715f4772 100644 --- a/application/models/module.php +++ b/application/models/module.php @@ -31,6 +31,21 @@ class Module extends CI_Model return $this->lang->line('error_unknown'); } + function get_all_permissions() + { + $this->db->from('permissions'); + return $this->db->get(); + } + + function get_all_subpermissions() + { + $this->db->from('permissions'); + $this->db->join('modules', 'modules.module_id=permissions.module_id'); + // can't quote the parameters correctly when using different operators.. + $this->db->where($this->db->dbprefix('modules').'.module_id!=', 'permission_id', FALSE); + return $this->db->get(); + } + function get_all_modules() { $this->db->from('modules'); @@ -41,11 +56,19 @@ class Module extends CI_Model function get_allowed_modules($person_id) { $this->db->from('modules'); - $this->db->join('permissions','permissions.module_id=modules.module_id'); - $this->db->where("permissions.person_id",$person_id); + $this->db->join('permissions','permissions.permission_id=modules.module_id'); + $this->db->join('grants','permissions.permission_id=grants.permission_id'); + $this->db->where("person_id",$person_id); $this->db->order_by("sort", "asc"); return $this->db->get(); } + function get_employee_grants($person_id) + { + $this->db->from('grants'); + $this->db->where('person_id',$person_id); + return $this->db->get(); + } + } ?> diff --git a/application/models/stock_locations.php b/application/models/stock_locations.php index 15d9ad273..172293d0b 100644 --- a/application/models/stock_locations.php +++ b/application/models/stock_locations.php @@ -13,9 +13,7 @@ class Stock_locations extends CI_Model function get_all($limit=10000, $offset=0) { $this->db->from('stock_locations'); - $this->db->join('modules', 'modules.module_id=concat(\'items_stock\', location_id)'); - $this->db->join('permissions', 'permissions.module_id=modules.module_id'); - $this->db->where('person_id', $this->session->userdata('person_id')); + $this->db->where('deleted', 0); $this->db->limit($limit); $this->db->offset($offset); return $this->db->get(); @@ -25,8 +23,8 @@ class Stock_locations extends CI_Model { $this->db->select('location_name'); $this->db->from('stock_locations'); - $this->db->join('modules', 'modules.module_id=concat(\'items_stock\', location_id)'); - $this->db->join('permissions', 'permissions.module_id=modules.module_id'); + $this->db->join('permissions','permissions.location_id=stock_locations.location_id'); + $this->db->join('grants','grants.permission_id=permissions.permission_id');; $this->db->where('person_id', $this->session->userdata('person_id')); $this->db->where('deleted', 0); return $this->db->get(); @@ -43,8 +41,8 @@ class Stock_locations extends CI_Model function get_undeleted_all() { $this->db->from('stock_locations'); - $this->db->join('modules', 'modules.module_id=concat(\'items_stock\', location_id)'); - $this->db->join('permissions', 'permissions.module_id=modules.module_id'); + $this->db->join('permissions','permissions.location_id=stock_locations.location_id'); + $this->db->join('grants','grants.permission_id=permissions.permission_id'); $this->db->where('person_id', $this->session->userdata('person_id')); $this->db->where('deleted',0); return $this->db->get(); @@ -64,9 +62,8 @@ class Stock_locations extends CI_Model function get_default_location_id() { $this->db->from('stock_locations'); - // TODO replace with extra join on ospos_grants - $this->db->join('modules', 'modules.module_id=concat(\'items_stock\', location_id)'); - $this->db->join('permissions', 'permissions.module_id=modules.module_id'); + $this->db->join('permissions','permissions.location_id=stock_locations.location_id'); + $this->db->join('grants','grants.permission_id=permissions.permission_id'); $this->db->where('person_id', $this->session->userdata('person_id')); $this->db->where('deleted',0); $this->db->limit(1); @@ -123,19 +120,21 @@ class Stock_locations extends CI_Model { $location_data = array('location_name'=>$location,'deleted'=>0); $this->db->insert('stock_locations',$location_data); - // insert new module for stock location $location_id = $this->db->insert_id(); - $module_id = 'items_stock'.$location_id; - $module_name = 'module_'.$module_id; - $module_data = array('name_lang_key' => $module_name, 'desc_lang_key' => $module_name.'_desc', 'module_id' => $module_id); - $this->db->insert('modules', $module_data); - // insert permissions for stock location + + // insert new permission for stock location + $permission_id = 'items_'.$location; + $permission_data = array('permission_id'=>$permission_id,'module_id'=>'items','location_id' => $location_id); + $this->db->insert('permissions', $permission_data); + + // insert grants for new permission $employees = $this->Employee->get_all(); foreach ($employees->result_array() as $employee) { - $permission_data = array('module_id' => $module_id, 'person_id' => $employee['person_id']); - $this->db->insert('permissions', $permission_data); + $grants_data = array('permission_id' => $permission_id, 'person_id' => $employee['person_id']); + $this->db->insert('grants', $grants_data); } + // insert quantities for existing items $items = $this->Item->get_all(); foreach ($items->result_array() as $item) diff --git a/application/views/employees/form.php b/application/views/employees/form.php index 03d928f69..50bebf2a8 100644 --- a/application/views/employees/form.php +++ b/application/views/employees/form.php @@ -54,30 +54,27 @@ $password_label_attributes = $person_info->person_id == "" ? array('class'=>'req result() as $module) { - if (sizeof(explode('_', $module->module_id)) == 1) - { ?>
  • -module_id,$this->Employee->has_permission($module->module_id,$person_info->person_id)); ?> +module_id,$this->Employee->has_permission($module->module_id,$person_info->person_id)); ?> lang->line('module_'.$module->module_id);?>: lang->line('module_'.$module->module_id.'_desc');?> result() as $submodule) + foreach($all_subpermissions->result() as $permission) + { + $exploded_permission = explode('_', $permission->permission_id); + if ($permission->module_id == $module->module_id) { - $exploded_submodule_id = explode('_', $submodule->module_id); - if (sizeof($exploded_submodule_id) > 1 && $exploded_submodule_id[0] == $module->module_id) - { - $lang_line = $this->lang->line('reports_'.$exploded_submodule_id[1]); - $lang_line = empty($lang_line) ? $this->Stock_locations->get_location_name(substr($exploded_submodule_id[1], -1)) : $lang_line; - ?> - - lang->line('reports_'.$exploded_permission[1]); + $lang_line = empty($lang_line) ? $exploded_permission[1] : $lang_line; + ?> + + result() as $module) { - if (sizeof(explode('_', $module->module_id)) == 1) - { - ?> + ?>
    module_id");?>"> Menubar Image
    module_id");?>">lang->line("module_".$module->module_id) ?>
    - diff --git a/application/views/reports/listing.php b/application/views/reports/listing.php index a3383c751..6c1bce3d5 100644 --- a/application/views/reports/listing.php +++ b/application/views/reports/listing.php @@ -6,13 +6,13 @@

  • lang->line('reports_graphical_reports'); ?>

    @@ -21,13 +21,13 @@

  • lang->line('reports_summary_reports'); ?>

    @@ -36,11 +36,11 @@

  • lang->line('reports_detailed_reports'); ?>

    • @@ -51,8 +51,8 @@

  • lang->line('reports_inventory_reports'); ?>

    • diff --git a/database/database.sql b/database/database.sql index 28452abb6..d01cd0f01 100644 --- a/database/database.sql +++ b/database/database.sql @@ -37,6 +37,7 @@ INSERT INTO `ospos_app_config` (`key`, `value`) VALUES ('return_policy', 'Test'), ('timezone', 'America/New_York'), ('website', ''), +('recv_invoice_format', ''), ('tax_included', '0'); -- -------------------------------------------------------- @@ -262,17 +263,9 @@ INSERT INTO `ospos_modules` (`name_lang_key`, `desc_lang_key`, `sort`, `module_i ('module_employees', 'module_employees_desc', 80, 'employees'), ('module_giftcards', 'module_giftcards_desc', 90, 'giftcards'), ('module_items', 'module_items_desc', 20, 'items'), -('module_items_stock0', 'module_items_stock0_desc', 20, 'items_stock0'), ('module_item_kits', 'module_item_kits_desc', 30, 'item_kits'), ('module_receivings', 'module_receivings_desc', 60, 'receivings'), ('module_reports', 'module_reports_desc', 50, 'reports'), -('module_reports_sales', 'module_reports_sales_desc', 51, 'reports_sales'), -('module_reports_receivings', 'module_reports_receivings_desc', 52, 'reports_receivings'), -('module_reports_items', 'module_reports_items_desc', 54, 'reports_items'), -('module_reports_inventory', 'module_reports_inventory_desc', 55, 'reports_inventory'), -('module_reports_customers', 'module_reports_customers_desc', 56, 'reports_customers'), -('module_reports_employees', 'module_reports_employees_desc', 57, 'reports_employees'), -('module_reports_suppliers', 'module_reports_suppliers_desc', 57, 'reports_suppliers'), ('module_sales', 'module_sales_desc', 70, 'sales'), ('module_suppliers', 'module_suppliers_desc', 40, 'suppliers'); @@ -296,7 +289,7 @@ CREATE TABLE `ospos_people` ( `comments` text NOT NULL, `person_id` int(10) NOT NULL AUTO_INCREMENT, PRIMARY KEY (`person_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ; +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; -- -- Dumping data for table `ospos_people` @@ -312,25 +305,64 @@ INSERT INTO `ospos_people` (`first_name`, `last_name`, `phone_number`, `email`, -- CREATE TABLE `ospos_permissions` ( + `permission_id` varchar(255) NOT NULL, `module_id` varchar(255) NOT NULL, - `person_id` int(10) NOT NULL, - PRIMARY KEY (`module_id`,`person_id`), - KEY `person_id` (`person_id`) + `location_id` int(10) DEFAULT NULL, + PRIMARY KEY (`permission_id`), + KEY `module_id` (`module_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; -- -- Dumping data for table `ospos_permissions` -- -INSERT INTO `ospos_permissions` (`module_id`, `person_id`) VALUES +INSERT INTO `ospos_permissions` (`permission_id`, `module_id`) VALUES +('reports_customers', 'reports'), +('reports_receivings', 'reports'), +('reports_items', 'reports'), +('reports_inventory', 'reports'), +('reports_employees', 'reports'), +('reports_suppliers', 'reports'), +('reports_sales', 'reports'), +('customers', 'customers'), +('employees', 'employees'), +('giftcards', 'giftcards'), +('items', 'items'), +('item_kits', 'item_kits'), +('receivings', 'receivings'), +('reports', 'reports'), +('sales', 'sales'), +('suppliers', 'suppliers'); + +INSERT INTO `ospos_permissions` (`permission_id`, `module_id`, `location_id`) VALUES +('items_stock', 'items', 1); + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `ospos_grants` +-- + +CREATE TABLE `ospos_grants` ( + `permission_id` varchar(255) NOT NULL, + `person_id` int(10) NOT NULL, + PRIMARY KEY (`permission_id`,`person_id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + +-- +-- Dumping data for table `ospos_grants` +-- +-- -------------------------------------------------------- + +INSERT INTO `ospos_grants` (`permission_id`, `person_id`) VALUES ('reports_customers', 1), -('reports_receivings', 1), +('reports_receivings', 1), ('reports_items', 1), ('reports_inventory', 1), ('reports_employees', 1), ('reports_suppliers', 1), -('reports_sales', 1), -('items_stock0', 1), +('reports_sales', 1), ('customers', 1), ('employees', 1), ('giftcards', 1), @@ -341,8 +373,6 @@ INSERT INTO `ospos_permissions` (`module_id`, `person_id`) VALUES ('sales', 1), ('suppliers', 1); --- -------------------------------------------------------- - -- -- Table structure for table `ospos_receivings` -- @@ -677,8 +707,15 @@ ALTER TABLE `ospos_item_kit_items` -- Constraints for table `ospos_permissions` -- ALTER TABLE `ospos_permissions` - ADD CONSTRAINT `ospos_permissions_ibfk_1` FOREIGN KEY (`person_id`) REFERENCES `ospos_employees` (`person_id`) ON DELETE CASCADE, - ADD CONSTRAINT `ospos_permissions_ibfk_2` FOREIGN KEY (`module_id`) REFERENCES `ospos_modules` (`module_id`) ON DELETE CASCADE; + ADD CONSTRAINT `ospos_permissions_ibfk_1` FOREIGN KEY (`module_id`) REFERENCES `ospos_modules` (`module_id`) ON DELETE CASCADE, + ADD CONSTRAINT `ospos_permissions_ibfk_2` FOREIGN KEY (`location_id`) REFERENCES `ospos_stock_locations` (`location_id`) ON DELETE CASCADE; + +-- +-- Constraints for table `ospos_grants` +-- +ALTER TABLE `ospos_grants` + ADD CONSTRAINT `ospos_grants_ibfk_1` foreign key (`permission_id`) references `ospos_permissions` (`permission_id`), + ADD CONSTRAINT `ospos_grants_ibfk_2` foreign key (`person_id`) references `ospos_employees` (`person_id`); -- -- Constraints for table `ospos_receivings` From bb9ab9bd9c5fe68eb236e0c4a74e44803fdcc5a2 Mon Sep 17 00:00:00 2001 From: jekkos-t520 Date: Tue, 7 Oct 2014 21:47:07 +0200 Subject: [PATCH 2/4] Finish stock location refactoring Modules are inaccessible if permissions not configured correctly --- application/controllers/employees.php | 1 - application/controllers/items.php | 1 - application/controllers/reports.php | 3 ++- application/controllers/secure_area.php | 5 ++--- application/models/employee.php | 7 +++++++ application/models/module.php | 7 ------- application/models/stock_locations.php | 4 ---- application/views/employees/form.php | 6 +++--- application/views/reports/listing.php | 1 - 9 files changed, 14 insertions(+), 21 deletions(-) diff --git a/application/controllers/employees.php b/application/controllers/employees.php index f06181efb..698d132d7 100644 --- a/application/controllers/employees.php +++ b/application/controllers/employees.php @@ -48,7 +48,6 @@ class Employees extends Person_controller $data['person_info']=$this->Employee->get_info($employee_id); $data['all_modules']=$this->Module->get_all_modules(); $data['all_subpermissions']=$this->Module->get_all_subpermissions(); - var_dump($this->db->last_query()); $this->load->view("employees/form",$data); } diff --git a/application/controllers/items.php b/application/controllers/items.php index b1e7211e5..be0c60aaa 100644 --- a/application/controllers/items.php +++ b/application/controllers/items.php @@ -21,7 +21,6 @@ class Items extends Secure_area implements iData_controller $stock_locations=$this->Stock_locations->get_allowed_locations(); $data['stock_location']=$stock_location; $data['stock_locations']=$stock_locations; - var_dump($stock_location); $data['controller_name']=strtolower(get_class()); $data['form_width']=$this->get_form_width(); $data['manage_table']=get_items_manage_table( $this->Item->get_all( $stock_location, $config['per_page'], $this->uri->segment( $config['uri_segment'] ) ), $this ); diff --git a/application/controllers/reports.php b/application/controllers/reports.php index 368bd43a7..d2a8304e6 100644 --- a/application/controllers/reports.php +++ b/application/controllers/reports.php @@ -25,7 +25,8 @@ class Reports extends Secure_area //Initial report listing screen function index() { - $this->load->view("reports/listing",array()); + $data['grants']=$this->Employee->get_employee_grants($this->session->userdata('person_id')); + $this->load->view("reports/listing",$data); } function _get_common_report_data() diff --git a/application/controllers/secure_area.php b/application/controllers/secure_area.php index 088eb6a27..77049d234 100644 --- a/application/controllers/secure_area.php +++ b/application/controllers/secure_area.php @@ -13,9 +13,9 @@ class Secure_area extends CI_Controller { redirect('login'); } - $submodule_id = empty($submodule_id) ? $module_id : $submodule_id; $employee_id=$this->Employee->get_logged_in_employee_info()->person_id; - if(!$this->Employee->has_module_permission($module_id,$employee_id)) + if(!$this->Employee->has_module_permission($module_id,$employee_id) || + (isset($submodule_id) && !$this->Employee->has_module_permission($submodule_id,$employee_id))) { redirect('no_access/'.$module_id); } @@ -23,7 +23,6 @@ class Secure_area extends CI_Controller //load up global data $logged_in_employee_info=$this->Employee->get_logged_in_employee_info(); $data['allowed_modules']=$this->Module->get_allowed_modules($logged_in_employee_info->person_id); - $data['grants']=$this->Module->get_employee_grants($logged_in_employee_info->person_id); $data['user_info']=$logged_in_employee_info; $this->load->vars($data); } diff --git a/application/models/employee.php b/application/models/employee.php index 068c14c16..231146125 100644 --- a/application/models/employee.php +++ b/application/models/employee.php @@ -342,6 +342,13 @@ class Employee extends Person $query = $this->db->get_where('grants', array('person_id'=>$person_id,'permission_id'=>$permission_id), 1); return ($query->num_rows() == 1); } + + function get_employee_grants($person_id) + { + $this->db->from('grants'); + $this->db->where('person_id',$person_id); + return $this->db->get(); + } } ?> diff --git a/application/models/module.php b/application/models/module.php index 4715f4772..32d5365d1 100644 --- a/application/models/module.php +++ b/application/models/module.php @@ -63,12 +63,5 @@ class Module extends CI_Model return $this->db->get(); } - function get_employee_grants($person_id) - { - $this->db->from('grants'); - $this->db->where('person_id',$person_id); - return $this->db->get(); - } - } ?> diff --git a/application/models/stock_locations.php b/application/models/stock_locations.php index 172293d0b..658dcbbab 100644 --- a/application/models/stock_locations.php +++ b/application/models/stock_locations.php @@ -13,7 +13,6 @@ class Stock_locations extends CI_Model function get_all($limit=10000, $offset=0) { $this->db->from('stock_locations'); - $this->db->where('deleted', 0); $this->db->limit($limit); $this->db->offset($offset); return $this->db->get(); @@ -23,9 +22,6 @@ class Stock_locations extends CI_Model { $this->db->select('location_name'); $this->db->from('stock_locations'); - $this->db->join('permissions','permissions.location_id=stock_locations.location_id'); - $this->db->join('grants','grants.permission_id=permissions.permission_id');; - $this->db->where('person_id', $this->session->userdata('person_id')); $this->db->where('deleted', 0); return $this->db->get(); } diff --git a/application/views/employees/form.php b/application/views/employees/form.php index 50bebf2a8..465d46488 100644 --- a/application/views/employees/form.php +++ b/application/views/employees/form.php @@ -99,7 +99,7 @@ echo form_close(); //validation and submit handling $(document).ready(function() { - $("ul#permission_list > li > input[name='permissions[]']").each(function() + $("ul#permission_list > li > input[name='grants[]']").each(function() { var $this = $(this); $("ul > li > input", $this.parent()).each(function() @@ -161,7 +161,7 @@ $(document).ready(function() { equalTo: "#password" }, - email: "email", "permissions[]" : { + email: "email", "grants[]" : { required : function(element) { var checked = false; $("ul#permission_list > li > input:checkbox").each(function() @@ -213,7 +213,7 @@ $(document).ready(function() equalTo: "lang->line('employees_password_must_match'); ?>" }, email: "lang->line('common_email_invalid_format'); ?>", - "permissions[]": "fill in correctly!!" + "grants[]": "fill in correctly!!" } }); }); diff --git a/application/views/reports/listing.php b/application/views/reports/listing.php index 6c1bce3d5..d451966e9 100644 --- a/application/views/reports/listing.php +++ b/application/views/reports/listing.php @@ -1,4 +1,3 @@ - load->view("partial/header"); ?>
    lang->line('reports_reports'); ?>
    lang->line('reports_welcome_message'); ?> From 77222c1989fcfaf44f51bfabec4fd035b0740f1f Mon Sep 17 00:00:00 2001 From: jekkos-t520 Date: Wed, 8 Oct 2014 19:27:07 +0200 Subject: [PATCH 3/4] Fix supplier selection --- application/config/config.php | 2 +- application/controllers/receivings.php | 5 ++++- application/controllers/reports.php | 11 +---------- database/database.sql | 10 +++++++++- 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/application/config/config.php b/application/config/config.php index 1d098dd89..6225b1cc8 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -265,7 +265,7 @@ $config['sess_use_database'] = TRUE; $config['sess_table_name'] = 'ospos_sessions'; $config['sess_match_ip'] = FALSE; $config['sess_match_useragent'] = FAlSE; -$config['sess_time_to_update'] = 86400; +$config['sess_time_to_update'] = 0; /* |-------------------------------------------------------------------------- diff --git a/application/controllers/receivings.php b/application/controllers/receivings.php index 252726bd0..435f4a449 100644 --- a/application/controllers/receivings.php +++ b/application/controllers/receivings.php @@ -120,6 +120,7 @@ class Receivings extends Secure_area function delete_supplier() { + $this->receiving_lib->clear_invoice_number(); $this->receiving_lib->delete_supplier(); $this->_reload(); } @@ -246,7 +247,7 @@ class Receivings extends Secure_area $invoice_number=$this->receiving_lib->get_invoice_number(); if (empty($invoice_number)) - { + { $invoice_number=$this->config->config['recv_invoice_format']; } $invoice_count=$this->Receiving->get_invoice_count(); @@ -266,8 +267,10 @@ class Receivings extends Secure_area } $invoice_number=str_replace('$SI',$acronym,$invoice_number); } + $this->receiving_lib->set_invoice_number($invoice_number); $data['invoice_number']=$invoice_number; + $this->load->view("receivings/receiving",$data); $this->_remove_duplicate_cookies(); } diff --git a/application/controllers/reports.php b/application/controllers/reports.php index d2a8304e6..d649f7dba 100644 --- a/application/controllers/reports.php +++ b/application/controllers/reports.php @@ -6,19 +6,10 @@ define("FORM_WIDTH", "400"); class Reports extends Secure_area { - + function __construct() { parent::__construct('reports'); - $method_name = $this->uri->segment(2); - $exploder = explode('_', $method_name); - $submodule_id = preg_match("/([^_.]*)(?:_graph)?$/", $method_name, $matches); - $employee_id=$this->Employee->get_logged_in_employee_info()->person_id; - // check access to report submodule - if (sizeof($exploder) > 1 && !$this->Employee->has_permission('reports_'.$matches[1],$employee_id)) - { - redirect('no_access/'.$submodule_id); - } $this->load->helper('report'); } diff --git a/database/database.sql b/database/database.sql index d01cd0f01..ebd5c9737 100644 --- a/database/database.sql +++ b/database/database.sql @@ -324,6 +324,10 @@ INSERT INTO `ospos_permissions` (`permission_id`, `module_id`) VALUES ('reports_employees', 'reports'), ('reports_suppliers', 'reports'), ('reports_sales', 'reports'), +('reports_discounts', 'reports'), +('reports_taxes', 'reports'), +('reports_inventory', 'reports'), +('reports_categories', 'reports'), ('customers', 'customers'), ('employees', 'employees'), ('giftcards', 'giftcards'), @@ -362,7 +366,11 @@ INSERT INTO `ospos_grants` (`permission_id`, `person_id`) VALUES ('reports_inventory', 1), ('reports_employees', 1), ('reports_suppliers', 1), -('reports_sales', 1), +('reports_sales', 1), +('reports_discounts', 1), +('reports_taxes', 1), +('reports_inventory', 1), +('reports_categories', 1), ('customers', 1), ('employees', 1), ('giftcards', 1), From 802a0e6a594093725bf47a276579ef43a9f208f0 Mon Sep 17 00:00:00 2001 From: jekkos-t520 Date: Thu, 9 Oct 2014 17:56:24 +0200 Subject: [PATCH 4/4] Refactor report listing (move sales specific grants to employee model) --- application/helpers/report_helper.php | 16 +++++----------- application/models/employee.php | 18 +++++++++++++++++- application/views/reports/listing.php | 18 +++++------------- 3 files changed, 27 insertions(+), 25 deletions(-) diff --git a/application/helpers/report_helper.php b/application/helpers/report_helper.php index cf76f78fa..2617642b1 100644 --- a/application/helpers/report_helper.php +++ b/application/helpers/report_helper.php @@ -86,24 +86,18 @@ function random_color() return $c; } -function show_report_if_allowed($grants, $report_prefix, $report_name, $permission='') +function show_report_if_allowed($grant, $report_prefix, $report_name='') { $CI =& get_instance(); + $report_name = empty($report_name) ? $grant['permission_id'] : $report_name; $lang_line = 'reports_' .$report_name; $report_label = $CI->lang->line($lang_line); - $permission = empty($permission) ? $report_name : $permission; $report_prefix = empty($report_prefix) ? '' : $report_prefix . '_'; // no summary nor detailed reports for receivings if (!empty($report_label) && !(preg_match('/.*summary_?$/', $report_prefix) && $report_name === "receivings")) { - foreach($grants->result() as $grant) - { - if ($grant->permission_id == 'reports_'. $permission) - { - ?> -
    • - +
    • + db->from('grants'); $this->db->where('person_id',$person_id); - return $this->db->get(); + $results = $this->db->get()->result_array(); + return $this->add_sales_categories($results, $person_id); + } + + function add_sales_categories($results, $person_id) + { + foreach($results as $result) + { + if ($result['permission_id'] == 'reports_sales') + { + foreach(array('categories', 'taxes', 'discounts', 'payments') as $sales_category) + { + $results[] = array('permission_id' => 'reports_'.$sales_category, 'person_id' => $person_id); + } + } + } + return $results; } } diff --git a/application/views/reports/listing.php b/application/views/reports/listing.php index d451966e9..dc49fa9e8 100644 --- a/application/views/reports/listing.php +++ b/application/views/reports/listing.php @@ -4,14 +4,10 @@

    • lang->line('reports_graphical_reports'); ?>

        - result() as $grant) + permission_id); - } - foreach(array('categories', 'taxes', 'discounts', 'payments') as $sales_category) - { - show_report_if_allowed($grants, 'graphical_summary', $sales_category, 'sales'); + show_report_if_allowed($grant, 'graphical_summary'); } ?>
      @@ -20,13 +16,9 @@

    • lang->line('reports_summary_reports'); ?>

        result() as $grant) + foreach($grants as $grant) { - show_report_if_allowed($grants, 'summary', $grant->permission_id); - } - foreach(array('categories', 'taxes', 'discounts', 'payments') as $sales_category) - { - show_report_if_allowed($grants, 'summary', $sales_category, 'sales'); + show_report_if_allowed($grant, 'summary'); } ?>