Actualizacion automatica: 2024-07-02 01:01:40

2025-07-25 22:52:08 +00:00 · 2024-07-02 01:01:42 +02:00
parent 2d0732c218
commit 108899c796
7 changed files with 104 additions and 82 deletions
--- a/ci4/app/Controllers/BaseResourceController.php
+++ b/ci4/app/Controllers/BaseResourceController.php
@ -43,23 +43,23 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
     */
    protected static $pluralObjectName;

-     /**
+    /**
     * Path for the views directory for the extending view controller
-     * 
-     * @var string 
+     *
+     * @var string
     */
    protected static $viewPath;

-    
+
    /**
     * JJO: Variable para indicar si el controlador hace soft_delete o no
-     * 
+     *
     * @var bool
     */
    public $soft_delete = false;
    /**
     * JJO: Variable quién puede ver los registros borrados
-     * 
+     *
     *  0 -> Not Deleted
     *  1 -> Soft Deleted, shows up in lists of deleted items for management users
     *  2 -> Soft Deleted, does not show up for any user except admin users
@ -123,13 +123,36 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
        $this->viewData['usingSweetAlert'] = true;

        $this->viewData['viewPath'] = static::$viewPath;
-        
+
        $this->viewData['currentLocale'] = $this->request->getLocale();

        /* IMN */
        $this->viewData['alertStyle'] = $this->alertStyle;
    }

+    protected function checkPermission($sectionPermission, $redirectRoute = NULL)
+    {
+        // TODO ojo, con no redirigir al indexRoute, que se crea bucle!!!
+        if (!auth()->user()->can($sectionPermission)) {
+            $this->session->setFlashdata('errorMessage', "No tiene permisos de acceso");
+            if (is_null($redirectRoute)) {
+                return $this->response->redirect(route_to('home'));
+            } else {
+                return $this->response->redirect(route_to($redirectRoute));
+            }
+        }
+    }
+
+    protected function checkPermissionAJAX($sectionPermission)
+    {
+
+        if (!auth()->user()->can($sectionPermission)) {
+            return $this->fail('Error');
+        }
+
+    }
+
+
    /**
     * Convenience method to display the form of a module
     * @param $forMethod
@ -159,7 +182,7 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
        }

        if (!isset($this->viewData['formAction'])) {
-            $this->viewData['formAction'] = base_url(strtolower($this->viewData['currentModule']) . '/' . $formActionSuffix . '/' . $action );
+            $this->viewData['formAction'] = base_url(strtolower($this->viewData['currentModule']) . '/' . $formActionSuffix . '/' . $action);
        }

        if ((!isset($this->viewData['boxTitle']) || empty($this->viewData['boxTitle'])) && isset(static::$singularObjectName) && !empty(static::$singularObjectName)) {
@ -223,29 +246,28 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
    public function delete($id = null)
    {
        if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) {
-            $objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc).'.'.static::$singularObjectNameCc));
+            $objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc) . '.' . static::$singularObjectNameCc));
        } else {
            $objName = lang('Basic.global.record');
        }
-        
-        if (!$this->soft_delete){
+
+        if (!$this->soft_delete) {

            if (!$this->model->delete($id)) {
                return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
            }
-        }
-        else{
+        } else {
            $datetime = (new \CodeIgniter\I18n\Time("now"));
-            $rawResult = $this->model->where('id',$id)
-                ->set(['deleted_at' =>  $datetime->format('Y-m-d H:i:s'),
-                        'is_deleted' => $this->delete_flag])
+            $rawResult = $this->model->where('id', $id)
+                ->set(['deleted_at' => $datetime->format('Y-m-d H:i:s'),
+                    'is_deleted' => $this->delete_flag])
                ->update();
            if (!$rawResult) {
                return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
            }

        }
-        
+
        // $message = lang('Basic.global.deleteSuccess', [$objName]); IMN commented
        $message = lang('Basic.global.deleteSuccess', [lang('Basic.global.record')]);
        $response = $this->respondDeleted(['id' => $id, 'msg' => $message]);
@ -261,20 +283,18 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
    protected function canValidate($customValidationRules = null, $customValidationMessages = null)
    {

-        if($customValidationRules == null){
+        if ($customValidationRules == null) {
            $validationRules = $this->model->validationRules ?? $this->formValidationRules ?? null;
-        }
-        else{
+        } else {
            $validationRules = $customValidationRules;
        }
        if ($validationRules == null) {
            return true;
        }

-        if($customValidationMessages == null){
-            $validationErrorMessages = $this->model->validationMessages ??  $this->formValidationErrorMessagess ?? null;;
-        }
-        else{
+        if ($customValidationMessages == null) {
+            $validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;;
+        } else {
            $validationErrorMessages = $customValidationMessages;
        }

@ -283,7 +303,7 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
        } else {
            $valid = $this->validate($validationRules);
        }
-        
+
        $this->validationErrors = $valid ? '' : $this->validator->getErrors();

        /*
@ -303,7 +323,8 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
     * @param array|null $postData
     * @return array
     */
-    protected function sanitized(array $postData = null, bool $nullIfEmpty = false) {
+    protected function sanitized(array $postData = null, bool $nullIfEmpty = false)
+    {
        if ($postData == null) {
            $postData = $this->request->getPost();
        }
@ -317,7 +338,7 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
        }
        return $sanitizedData;
    }
-    
+
    /**
     * Custom fail method needed when CSRF token regeneration is on in security settings
     * @param string|array $messages
@ -326,15 +347,15 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
     * @param string $customMessage
     * @return mixed
     */
-    protected function failWithNewToken($messages, int $status = 400, string $code = null, string $customMessage = '') {
+    protected function failWithNewToken($messages, int $status = 400, string $code = null, string $customMessage = '')
+    {

-        if (! is_array($messages))
-        {
+        if (!is_array($messages)) {
            $messages = ['error' => $messages];
        }
        $response = [
-            'status'   => $status,
-            'error'    => $status,
+            'status' => $status,
+            'error' => $status,
            'messages' => $messages,
            csrf_token() => csrf_hash()
        ];
@ -360,7 +381,8 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
     * Convenience method for common exception handling
     * @param \Exception $e
     */
-    protected function dealWithException(\Exception $e) {
+    protected function dealWithException(\Exception $e)
+    {
        // using another try / catch block to prevent to avoid CodeIgniter bug throwing trivial exceptions for querying DB errors
        try {
            $query = $this->model->db->getLastQuery();
@ -368,16 +390,16 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
            $dbError = $this->model->db->error();
            $userFriendlyErrMsg = lang('Basic.global.persistErr1', [static::$singularObjectNameCc]);
            if (isset($dbError['code']) && $dbError['code'] == 1062) :
-                $userFriendlyErrMsg .= PHP_EOL.lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]);
+                $userFriendlyErrMsg .= PHP_EOL . lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]);
            endif;
            // $userFriendlyErrMsg = str_replace("'", "\'", $userFriendlyErrMsg); // Uncomment if experiencing unescaped single quote errors
-            log_message('error', $userFriendlyErrMsg.PHP_EOL.$e->getMessage().PHP_EOL.$queryStr);
+            log_message('error', $userFriendlyErrMsg . PHP_EOL . $e->getMessage() . PHP_EOL . $queryStr);
            if (isset($dbError['message']) && !empty($dbError['message'])) :
-                log_message('error', $dbError['code'].' : '.$dbError['message']);
+                log_message('error', $dbError['code'] . ' : ' . $dbError['message']);
            endif;
            $this->viewData['errorMessage'] = $userFriendlyErrMsg;
        } catch (\Exception $e2) {
-            log_message('debug', 'You can probably safely ignore this: In attempt to check DB errors, CodeIgniter threw: '.PHP_EOL.$e2->getMessage());
+            log_message('debug', 'You can probably safely ignore this: In attempt to check DB errors, CodeIgniter threw: ' . PHP_EOL . $e2->getMessage());
        }
    }
 }