mirror of
https://git.imnavajas.es/jjimenez/safekat.git
synced 2025-07-25 22:52:08 +00:00
Actualizacion automatica: 2024-07-02 01:01:40
This commit is contained in:
imnavajas
@ -21,10 +21,6 @@ const SK_PERMISSION_MATRIX = [
|
||||
"presupuesto-cliente.edit",
|
||||
"presupuesto-cliente.delete",
|
||||
"presupuesto-cliente.menu",
|
||||
"tarifa-preimpresion.create",
|
||||
"tarifa-preimpresion.edit",
|
||||
"tarifa-preimpresion.delete",
|
||||
"tarifa-preimpresion.menu",
|
||||
"tarifa-manipulado.create",
|
||||
"tarifa-manipulado.edit",
|
||||
"tarifa-manipulado.delete",
|
||||
|
||||
22
ci4/app/Config/RBAC/roles.json
Normal file
22
ci4/app/Config/RBAC/roles.json
Normal file
@ -0,0 +1,22 @@
|
||||
{
|
||||
"superadmin": {
|
||||
"title": "Super Admin",
|
||||
"description": "Complete control of the site."
|
||||
},
|
||||
"admin": {
|
||||
"title": "Admin",
|
||||
"description": "Day to day administrators of the site."
|
||||
},
|
||||
"developer": {
|
||||
"title": "Developer",
|
||||
"description": "Site programmers."
|
||||
},
|
||||
"user": {
|
||||
"title": "User",
|
||||
"description": "General users of the site. Often customers."
|
||||
},
|
||||
"beta": {
|
||||
"title": "Beta User",
|
||||
"description": "Has access to beta-level features."
|
||||
}
|
||||
}
|
||||
@ -43,23 +43,23 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
*/
|
||||
protected static $pluralObjectName;
|
||||
|
||||
/**
|
||||
/**
|
||||
* Path for the views directory for the extending view controller
|
||||
*
|
||||
* @var string
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected static $viewPath;
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* JJO: Variable para indicar si el controlador hace soft_delete o no
|
||||
*
|
||||
*
|
||||
* @var bool
|
||||
*/
|
||||
public $soft_delete = false;
|
||||
/**
|
||||
* JJO: Variable quién puede ver los registros borrados
|
||||
*
|
||||
*
|
||||
* 0 -> Not Deleted
|
||||
* 1 -> Soft Deleted, shows up in lists of deleted items for management users
|
||||
* 2 -> Soft Deleted, does not show up for any user except admin users
|
||||
@ -123,13 +123,36 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
$this->viewData['usingSweetAlert'] = true;
|
||||
|
||||
$this->viewData['viewPath'] = static::$viewPath;
|
||||
|
||||
|
||||
$this->viewData['currentLocale'] = $this->request->getLocale();
|
||||
|
||||
/* IMN */
|
||||
$this->viewData['alertStyle'] = $this->alertStyle;
|
||||
}
|
||||
|
||||
protected function checkPermission($sectionPermission, $redirectRoute = NULL)
|
||||
{
|
||||
// TODO ojo, con no redirigir al indexRoute, que se crea bucle!!!
|
||||
if (!auth()->user()->can($sectionPermission)) {
|
||||
$this->session->setFlashdata('errorMessage', "No tiene permisos de acceso");
|
||||
if (is_null($redirectRoute)) {
|
||||
return $this->response->redirect(route_to('home'));
|
||||
} else {
|
||||
return $this->response->redirect(route_to($redirectRoute));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
protected function checkPermissionAJAX($sectionPermission)
|
||||
{
|
||||
|
||||
if (!auth()->user()->can($sectionPermission)) {
|
||||
return $this->fail('Error');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Convenience method to display the form of a module
|
||||
* @param $forMethod
|
||||
@ -159,7 +182,7 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
}
|
||||
|
||||
if (!isset($this->viewData['formAction'])) {
|
||||
$this->viewData['formAction'] = base_url(strtolower($this->viewData['currentModule']) . '/' . $formActionSuffix . '/' . $action );
|
||||
$this->viewData['formAction'] = base_url(strtolower($this->viewData['currentModule']) . '/' . $formActionSuffix . '/' . $action);
|
||||
}
|
||||
|
||||
if ((!isset($this->viewData['boxTitle']) || empty($this->viewData['boxTitle'])) && isset(static::$singularObjectName) && !empty(static::$singularObjectName)) {
|
||||
@ -223,29 +246,28 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
public function delete($id = null)
|
||||
{
|
||||
if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) {
|
||||
$objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc).'.'.static::$singularObjectNameCc));
|
||||
$objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc) . '.' . static::$singularObjectNameCc));
|
||||
} else {
|
||||
$objName = lang('Basic.global.record');
|
||||
}
|
||||
|
||||
if (!$this->soft_delete){
|
||||
|
||||
if (!$this->soft_delete) {
|
||||
|
||||
if (!$this->model->delete($id)) {
|
||||
return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
|
||||
}
|
||||
}
|
||||
else{
|
||||
} else {
|
||||
$datetime = (new \CodeIgniter\I18n\Time("now"));
|
||||
$rawResult = $this->model->where('id',$id)
|
||||
->set(['deleted_at' => $datetime->format('Y-m-d H:i:s'),
|
||||
'is_deleted' => $this->delete_flag])
|
||||
$rawResult = $this->model->where('id', $id)
|
||||
->set(['deleted_at' => $datetime->format('Y-m-d H:i:s'),
|
||||
'is_deleted' => $this->delete_flag])
|
||||
->update();
|
||||
if (!$rawResult) {
|
||||
return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
// $message = lang('Basic.global.deleteSuccess', [$objName]); IMN commented
|
||||
$message = lang('Basic.global.deleteSuccess', [lang('Basic.global.record')]);
|
||||
$response = $this->respondDeleted(['id' => $id, 'msg' => $message]);
|
||||
@ -261,20 +283,18 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
protected function canValidate($customValidationRules = null, $customValidationMessages = null)
|
||||
{
|
||||
|
||||
if($customValidationRules == null){
|
||||
if ($customValidationRules == null) {
|
||||
$validationRules = $this->model->validationRules ?? $this->formValidationRules ?? null;
|
||||
}
|
||||
else{
|
||||
} else {
|
||||
$validationRules = $customValidationRules;
|
||||
}
|
||||
if ($validationRules == null) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if($customValidationMessages == null){
|
||||
$validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;;
|
||||
}
|
||||
else{
|
||||
if ($customValidationMessages == null) {
|
||||
$validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;;
|
||||
} else {
|
||||
$validationErrorMessages = $customValidationMessages;
|
||||
}
|
||||
|
||||
@ -283,7 +303,7 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
} else {
|
||||
$valid = $this->validate($validationRules);
|
||||
}
|
||||
|
||||
|
||||
$this->validationErrors = $valid ? '' : $this->validator->getErrors();
|
||||
|
||||
/*
|
||||
@ -303,7 +323,8 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
* @param array|null $postData
|
||||
* @return array
|
||||
*/
|
||||
protected function sanitized(array $postData = null, bool $nullIfEmpty = false) {
|
||||
protected function sanitized(array $postData = null, bool $nullIfEmpty = false)
|
||||
{
|
||||
if ($postData == null) {
|
||||
$postData = $this->request->getPost();
|
||||
}
|
||||
@ -317,7 +338,7 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
}
|
||||
return $sanitizedData;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Custom fail method needed when CSRF token regeneration is on in security settings
|
||||
* @param string|array $messages
|
||||
@ -326,15 +347,15 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
* @param string $customMessage
|
||||
* @return mixed
|
||||
*/
|
||||
protected function failWithNewToken($messages, int $status = 400, string $code = null, string $customMessage = '') {
|
||||
protected function failWithNewToken($messages, int $status = 400, string $code = null, string $customMessage = '')
|
||||
{
|
||||
|
||||
if (! is_array($messages))
|
||||
{
|
||||
if (!is_array($messages)) {
|
||||
$messages = ['error' => $messages];
|
||||
}
|
||||
$response = [
|
||||
'status' => $status,
|
||||
'error' => $status,
|
||||
'status' => $status,
|
||||
'error' => $status,
|
||||
'messages' => $messages,
|
||||
csrf_token() => csrf_hash()
|
||||
];
|
||||
@ -360,7 +381,8 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
* Convenience method for common exception handling
|
||||
* @param \Exception $e
|
||||
*/
|
||||
protected function dealWithException(\Exception $e) {
|
||||
protected function dealWithException(\Exception $e)
|
||||
{
|
||||
// using another try / catch block to prevent to avoid CodeIgniter bug throwing trivial exceptions for querying DB errors
|
||||
try {
|
||||
$query = $this->model->db->getLastQuery();
|
||||
@ -368,16 +390,16 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
$dbError = $this->model->db->error();
|
||||
$userFriendlyErrMsg = lang('Basic.global.persistErr1', [static::$singularObjectNameCc]);
|
||||
if (isset($dbError['code']) && $dbError['code'] == 1062) :
|
||||
$userFriendlyErrMsg .= PHP_EOL.lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]);
|
||||
$userFriendlyErrMsg .= PHP_EOL . lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]);
|
||||
endif;
|
||||
// $userFriendlyErrMsg = str_replace("'", "\'", $userFriendlyErrMsg); // Uncomment if experiencing unescaped single quote errors
|
||||
log_message('error', $userFriendlyErrMsg.PHP_EOL.$e->getMessage().PHP_EOL.$queryStr);
|
||||
log_message('error', $userFriendlyErrMsg . PHP_EOL . $e->getMessage() . PHP_EOL . $queryStr);
|
||||
if (isset($dbError['message']) && !empty($dbError['message'])) :
|
||||
log_message('error', $dbError['code'].' : '.$dbError['message']);
|
||||
log_message('error', $dbError['code'] . ' : ' . $dbError['message']);
|
||||
endif;
|
||||
$this->viewData['errorMessage'] = $userFriendlyErrMsg;
|
||||
} catch (\Exception $e2) {
|
||||
log_message('debug', 'You can probably safely ignore this: In attempt to check DB errors, CodeIgniter threw: '.PHP_EOL.$e2->getMessage());
|
||||
log_message('debug', 'You can probably safely ignore this: In attempt to check DB errors, CodeIgniter threw: ' . PHP_EOL . $e2->getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,35 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\Controllers\Tarifas;
|
||||
use App\Controllers\BaseController;
|
||||
|
||||
|
||||
class Tarifaimpresion extends BaseController
|
||||
{
|
||||
function __construct()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
public function index()
|
||||
{
|
||||
echo 'Tarifa impresion';
|
||||
}
|
||||
|
||||
public function delete()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
public function add()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
public function edit()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -55,6 +55,8 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function index()
|
||||
{
|
||||
// Check if the user is allowed to list items
|
||||
parent::checkPermission('tarifa-encuadernacion.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
@ -73,8 +75,7 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
|
||||
public function add()
|
||||
{
|
||||
|
||||
|
||||
|
||||
parent::checkPermission('tarifa-encuadernacion.create', $this->indexRoute);
|
||||
|
||||
if ($this->request->getPost()) :
|
||||
|
||||
@ -157,6 +158,7 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
|
||||
public function edit($requestedId = null)
|
||||
{
|
||||
|
||||
parent::checkPermission('tarifa-encuadernacion.create', $this->indexRoute);
|
||||
|
||||
if ($requestedId == null) :
|
||||
return $this->redirect2listView();
|
||||
@ -248,6 +250,12 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
|
||||
return $this->displayForm(__METHOD__, $id);
|
||||
} // end function edit(...)
|
||||
|
||||
/*public function delete($id =null){
|
||||
if (!auth()->user()->can('tarifa-encuadernacion.delete')) {
|
||||
return $this->fail('No tiene permisos');
|
||||
}
|
||||
parent::delete($id);
|
||||
}*/
|
||||
|
||||
public function datatable()
|
||||
{
|
||||
|
||||
@ -55,7 +55,10 @@ class Tarifasenvios extends \App\Controllers\BaseResourceController {
|
||||
|
||||
|
||||
public function index() {
|
||||
|
||||
|
||||
// Check if the user is allowed to list items
|
||||
parent::checkPermission('tarifa-envio.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
'pageSubTitle' => lang('Basic.global.ManageAllRecords', [lang('TarifasEnvios.tarifaEnvio')]),
|
||||
@ -71,9 +74,8 @@ class Tarifasenvios extends \App\Controllers\BaseResourceController {
|
||||
|
||||
|
||||
public function add() {
|
||||
|
||||
|
||||
|
||||
parent::checkPermission('tarifa-envio.create', $this->indexRoute);
|
||||
|
||||
if ($this->request->getPost()) :
|
||||
|
||||
@ -142,6 +144,8 @@ class Tarifasenvios extends \App\Controllers\BaseResourceController {
|
||||
|
||||
public function edit($requestedId = null) {
|
||||
|
||||
parent::checkPermission('tarifa-envio.edit', $this->indexRoute);
|
||||
|
||||
|
||||
if ($requestedId == null) :
|
||||
return $this->redirect2listView();
|
||||
@ -227,6 +231,10 @@ class Tarifasenvios extends \App\Controllers\BaseResourceController {
|
||||
// JJO
|
||||
public function delete($id = null)
|
||||
{
|
||||
if (!auth()->user()->can('tarifa-envio.delete')) {
|
||||
return $this->fail('Error');
|
||||
}
|
||||
|
||||
if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) {
|
||||
$objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc).'.'.static::$singularObjectNameCc));
|
||||
} else {
|
||||
@ -242,7 +250,6 @@ class Tarifasenvios extends \App\Controllers\BaseResourceController {
|
||||
else{
|
||||
$datetime = (new \CodeIgniter\I18n\Time("now"));
|
||||
|
||||
|
||||
$zonaModel = new TarifaEnvioZonaModel();
|
||||
$zonaResult = $zonaModel->removeAllZonasLineas($id, $datetime, $this->delete_flag);
|
||||
|
||||
|
||||
@ -51,6 +51,8 @@ class Tarifasmanipulado extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function index()
|
||||
{
|
||||
// Check if the user is allowed to list items
|
||||
parent::checkPermission('tarifa-manipulado.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
|
||||
Reference in New Issue
Block a user