mirror of
https://git.imnavajas.es/jjimenez/safekat.git
synced 2025-07-25 22:52:08 +00:00
Merge branch 'feat/delete_permission' into 'main'
Implementado control de permiso de borrado See merge request jjimenez/safekat!887
This commit is contained in:
Ignacio Martinez Navajas
@ -77,6 +77,14 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
|||||||
*/
|
*/
|
||||||
public $alertStyle = 'alerts';
|
public $alertStyle = 'alerts';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Permiso requerido para borrar. Si es false/null, no se valida.
|
||||||
|
* Si es un string (nombre del permiso), se valida.
|
||||||
|
*
|
||||||
|
* @var string|false|null
|
||||||
|
*/
|
||||||
|
protected $deletePermission = false;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* An array of helpers to be loaded automatically upon
|
* An array of helpers to be loaded automatically upon
|
||||||
@ -222,6 +230,13 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
|||||||
*/
|
*/
|
||||||
public function delete($id = null)
|
public function delete($id = null)
|
||||||
{
|
{
|
||||||
|
|
||||||
|
// 🔒 Verificar permiso solo si está definido como string
|
||||||
|
if (is_string($this->deletePermission) && !auth()->user()->can($this->deletePermission)) {
|
||||||
|
$message = lang('Basic.global.permissionDenied'); // O el mensaje que uses
|
||||||
|
return $this->failWithNewToken($message, 403); // Estilo coherente con tu clase
|
||||||
|
}
|
||||||
|
|
||||||
if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) {
|
if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) {
|
||||||
$objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc) . '.' . static::$singularObjectNameCc));
|
$objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc) . '.' . static::$singularObjectNameCc));
|
||||||
} else {
|
} else {
|
||||||
@ -236,8 +251,10 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
|||||||
} else {
|
} else {
|
||||||
$datetime = (new \CodeIgniter\I18n\Time("now"));
|
$datetime = (new \CodeIgniter\I18n\Time("now"));
|
||||||
$rawResult = $this->model->where('id', $id)
|
$rawResult = $this->model->where('id', $id)
|
||||||
->set(['deleted_at' => $datetime->format('Y-m-d H:i:s'),
|
->set([
|
||||||
'is_deleted' => $this->delete_flag])
|
'deleted_at' => $datetime->format('Y-m-d H:i:s'),
|
||||||
|
'is_deleted' => $this->delete_flag
|
||||||
|
])
|
||||||
->update();
|
->update();
|
||||||
if (!$rawResult) {
|
if (!$rawResult) {
|
||||||
return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
|
return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
|
||||||
@ -270,7 +287,8 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ($customValidationMessages == null) {
|
if ($customValidationMessages == null) {
|
||||||
$validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;;
|
$validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;
|
||||||
|
;
|
||||||
} else {
|
} else {
|
||||||
$validationErrorMessages = $customValidationMessages;
|
$validationErrorMessages = $customValidationMessages;
|
||||||
}
|
}
|
||||||
@ -366,12 +384,12 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
|||||||
$queryStr = !is_null($query) ? $query->getQuery() : '';
|
$queryStr = !is_null($query) ? $query->getQuery() : '';
|
||||||
$dbError = $this->model->db->error();
|
$dbError = $this->model->db->error();
|
||||||
$userFriendlyErrMsg = lang('Basic.global.persistErr1', [static::$singularObjectNameCc]);
|
$userFriendlyErrMsg = lang('Basic.global.persistErr1', [static::$singularObjectNameCc]);
|
||||||
if (isset($dbError['code']) && $dbError['code'] == 1062) :
|
if (isset($dbError['code']) && $dbError['code'] == 1062):
|
||||||
$userFriendlyErrMsg .= PHP_EOL . lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]);
|
$userFriendlyErrMsg .= PHP_EOL . lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]);
|
||||||
endif;
|
endif;
|
||||||
// $userFriendlyErrMsg = str_replace("'", "\'", $userFriendlyErrMsg); // Uncomment if experiencing unescaped single quote errors
|
// $userFriendlyErrMsg = str_replace("'", "\'", $userFriendlyErrMsg); // Uncomment if experiencing unescaped single quote errors
|
||||||
log_message('error', $userFriendlyErrMsg . PHP_EOL . $e->getMessage() . PHP_EOL . $queryStr);
|
log_message('error', $userFriendlyErrMsg . PHP_EOL . $e->getMessage() . PHP_EOL . $queryStr);
|
||||||
if (isset($dbError['message']) && !empty($dbError['message'])) :
|
if (isset($dbError['message']) && !empty($dbError['message'])):
|
||||||
log_message('error', $dbError['code'] . ' : ' . $dbError['message']);
|
log_message('error', $dbError['code'] . ' : ' . $dbError['message']);
|
||||||
endif;
|
endif;
|
||||||
$this->viewData['errorMessage'] = $userFriendlyErrMsg;
|
$this->viewData['errorMessage'] = $userFriendlyErrMsg;
|
||||||
|
|||||||
@ -25,6 +25,7 @@ class Proveedores extends \App\Controllers\BaseResourceController {
|
|||||||
|
|
||||||
protected $indexRoute = 'proveedorList';
|
protected $indexRoute = 'proveedorList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'proveedores.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger) {
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger) {
|
||||||
|
|||||||
@ -26,6 +26,8 @@ class FormasPago extends \App\Controllers\BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'formaDePagoList';
|
protected $indexRoute = 'formaDePagoList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'formas-pago.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -21,6 +21,8 @@ class Group extends \App\Controllers\GoBaseController
|
|||||||
|
|
||||||
protected $indexRoute = 'userGroupList';
|
protected $indexRoute = 'userGroupList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'roles-permisos.delete';
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
self::$viewPath = getenv('theme.path') . 'form/group/';
|
self::$viewPath = getenv('theme.path') . 'form/group/';
|
||||||
|
|||||||
@ -28,6 +28,7 @@ class Maquinas extends \App\Controllers\BaseResourceController
|
|||||||
protected static $viewPath = 'themes/vuexy/form/configuracion/maquinas/';
|
protected static $viewPath = 'themes/vuexy/form/configuracion/maquinas/';
|
||||||
|
|
||||||
protected $indexRoute = 'maquinaList';
|
protected $indexRoute = 'maquinaList';
|
||||||
|
|
||||||
protected MaquinaService $maquinaService;
|
protected MaquinaService $maquinaService;
|
||||||
protected Validation $validation;
|
protected Validation $validation;
|
||||||
|
|
||||||
|
|||||||
@ -28,6 +28,8 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'maquinaPorDefectoList';
|
protected $indexRoute = 'maquinaPorDefectoList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'maquinas-defecto.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -29,6 +29,7 @@ class Paises extends \App\Controllers\BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'paisList';
|
protected $indexRoute = 'paisList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'paises.delete';
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -28,6 +28,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'papelGenericoList';
|
protected $indexRoute = 'papelGenericoList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'papel-generico.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
|
|||||||
@ -52,6 +52,9 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
|
|||||||
protected static $viewPath = 'themes/vuexy/form/configuracion/papel/';
|
protected static $viewPath = 'themes/vuexy/form/configuracion/papel/';
|
||||||
|
|
||||||
protected $indexRoute = 'papelImpresionList';
|
protected $indexRoute = 'papelImpresionList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'papel-impresion.delete';
|
||||||
|
|
||||||
protected Validation $validation;
|
protected Validation $validation;
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
|
|||||||
@ -22,6 +22,8 @@ class SeriesFacturas extends BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'seriesFacturasList';
|
protected $indexRoute = 'seriesFacturasList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'series-facturas.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -22,6 +22,8 @@ class Ubicaciones extends BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'ubicacionesList';
|
protected $indexRoute = 'ubicacionesList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'ubicaciones.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -36,6 +36,8 @@ class Buscador extends \App\Controllers\BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'buscadorPresupuestosList';
|
protected $indexRoute = 'buscadorPresupuestosList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'presupuesto.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -25,6 +25,8 @@ class ServiciosAcabado extends BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'serviciosAcabadoList';
|
protected $indexRoute = 'serviciosAcabadoList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'tarifa-acabado.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -28,6 +28,8 @@ class TarifaAcabados extends BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'tarifaAcabadoList';
|
protected $indexRoute = 'tarifaAcabadoList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'tarifa-acabado.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -19,6 +19,8 @@ class Tarifaextra extends \App\Controllers\GoBaseController
|
|||||||
|
|
||||||
protected $indexRoute = 'tarifaextraList';
|
protected $indexRoute = 'tarifaextraList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'tarifa-extra.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -19,6 +19,8 @@ class Tarifapreimpresion extends \App\Controllers\GoBaseController
|
|||||||
|
|
||||||
protected $indexRoute = 'tarifapreimpresionList';
|
protected $indexRoute = 'tarifapreimpresionList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'tarifa-preimpresion.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -32,6 +32,8 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'tarifaEncuadernacionList';
|
protected $indexRoute = 'tarifaEncuadernacionList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'tarifa-encuadernacion.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -28,6 +28,8 @@ class Tarifasmanipulado extends \App\Controllers\BaseResourceController
|
|||||||
|
|
||||||
protected $indexRoute = 'tarifaManipuladoList';
|
protected $indexRoute = 'tarifaManipuladoList';
|
||||||
|
|
||||||
|
protected $deletePermission = 'tarifa-manipulado.delete';
|
||||||
|
|
||||||
|
|
||||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -123,7 +123,7 @@ if (!function_exists('checkPermission')) {
|
|||||||
$response = \Config\Services::response();
|
$response = \Config\Services::response();
|
||||||
|
|
||||||
if (!auth()->user()->can($sectionPermission)) {
|
if (!auth()->user()->can($sectionPermission)) {
|
||||||
$session->setFlashdata('errorMessage', "No tiene permisos de acceso");
|
$session->setFlashdata('errorMessage', lang('Basic.global.permissionDenied'));
|
||||||
|
|
||||||
$route = $redirectRoute ?? 'home';
|
$route = $redirectRoute ?? 'home';
|
||||||
return $response->redirect(route_to($route));
|
return $response->redirect(route_to($route));
|
||||||
|
|||||||
@ -90,6 +90,7 @@ return [
|
|||||||
'wait' => 'Wait',
|
'wait' => 'Wait',
|
||||||
'yes' => 'Yes',
|
'yes' => 'Yes',
|
||||||
'back' => 'Back',
|
'back' => 'Back',
|
||||||
|
'permissionDenied' => 'You do not have permission for this action'
|
||||||
],
|
],
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -94,6 +94,7 @@ return [
|
|||||||
'yes' => 'Si',
|
'yes' => 'Si',
|
||||||
'no' => 'No',
|
'no' => 'No',
|
||||||
'back' => 'Volver',
|
'back' => 'Volver',
|
||||||
|
'permissionDenied' => 'No tiene permisos de acceso'
|
||||||
|
|
||||||
],
|
],
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user