jjimenez/safekat
1
0
Fork 0
mirror of https://git.imnavajas.es/jjimenez/safekat.git synced 2025-07-25 22:52:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Actualizacion automatica: 2024-07-02 01:01:40

Browse Source
This commit is contained in:
imnavajas
2024-07-02 01:01:42 +02:00
parent 2d0732c218
commit 108899c796
7 changed files with 104 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ci4/app/Config/RBAC/permissionMatrix.php
View File

@ -21,10 +21,6 @@ const SK_PERMISSION_MATRIX = [
"presupuesto-cliente.edit", "presupuesto-cliente.edit",
"presupuesto-cliente.delete", "presupuesto-cliente.delete",
"presupuesto-cliente.menu", "presupuesto-cliente.menu",
"tarifa-preimpresion.create",
"tarifa-preimpresion.edit",
"tarifa-preimpresion.delete",
"tarifa-preimpresion.menu",
"tarifa-manipulado.create", "tarifa-manipulado.create",
"tarifa-manipulado.edit", "tarifa-manipulado.edit",
"tarifa-manipulado.delete", "tarifa-manipulado.delete",

22
ci4/app/Config/RBAC/roles.json Normal file
View File

@ -0,0 +1,22 @@
{
"superadmin": {
"title": "Super Admin",
"description": "Complete control of the site."
},
"admin": {
"title": "Admin",
"description": "Day to day administrators of the site."
},
"developer": {
"title": "Developer",
"description": "Site programmers."
},
"user": {
"title": "User",
"description": "General users of the site. Often customers."
},
"beta": {
"title": "Beta User",
"description": "Has access to beta-level features."
}
}

76
ci4/app/Controllers/BaseResourceController.php
View File

@ -43,7 +43,7 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
*/ */
protected static $pluralObjectName; protected static $pluralObjectName;
/** /**
* Path for the views directory for the extending view controller * Path for the views directory for the extending view controller
* *
* @var string * @var string
@ -130,6 +130,29 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
$this->viewData['alertStyle'] = $this->alertStyle; $this->viewData['alertStyle'] = $this->alertStyle;
} }
protected function checkPermission($sectionPermission, $redirectRoute = NULL)
{
// TODO ojo, con no redirigir al indexRoute, que se crea bucle!!!
if (!auth()->user()->can($sectionPermission)) {
$this->session->setFlashdata('errorMessage', "No tiene permisos de acceso");
if (is_null($redirectRoute)) {
return $this->response->redirect(route_to('home'));
} else {
return $this->response->redirect(route_to($redirectRoute));
}
}
}
protected function checkPermissionAJAX($sectionPermission)
{
if (!auth()->user()->can($sectionPermission)) {
return $this->fail('Error');
}
}
/** /**
* Convenience method to display the form of a module * Convenience method to display the form of a module
* @param $forMethod * @param $forMethod
@ -159,7 +182,7 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
} }
if (!isset($this->viewData['formAction'])) { if (!isset($this->viewData['formAction'])) {
$this->viewData['formAction'] = base_url(strtolower($this->viewData['currentModule']) . '/' . $formActionSuffix . '/' . $action ); $this->viewData['formAction'] = base_url(strtolower($this->viewData['currentModule']) . '/' . $formActionSuffix . '/' . $action);
} }
if ((!isset($this->viewData['boxTitle']) || empty($this->viewData['boxTitle'])) && isset(static::$singularObjectName) && !empty(static::$singularObjectName)) { if ((!isset($this->viewData['boxTitle']) || empty($this->viewData['boxTitle'])) && isset(static::$singularObjectName) && !empty(static::$singularObjectName)) {
@ -223,22 +246,21 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
public function delete($id = null) public function delete($id = null)
{ {
if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) { if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) {
$objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc).'.'.static::$singularObjectNameCc)); $objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc) . '.' . static::$singularObjectNameCc));
} else { } else {
$objName = lang('Basic.global.record'); $objName = lang('Basic.global.record');
} }
if (!$this->soft_delete){ if (!$this->soft_delete) {
if (!$this->model->delete($id)) { if (!$this->model->delete($id)) {
return $this->failNotFound(lang('Basic.global.deleteError', [$objName])); return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
} }
} } else {
else{
$datetime = (new \CodeIgniter\I18n\Time("now")); $datetime = (new \CodeIgniter\I18n\Time("now"));
$rawResult = $this->model->where('id',$id) $rawResult = $this->model->where('id', $id)
->set(['deleted_at' => $datetime->format('Y-m-d H:i:s'), ->set(['deleted_at' => $datetime->format('Y-m-d H:i:s'),
'is_deleted' => $this->delete_flag]) 'is_deleted' => $this->delete_flag])
->update(); ->update();
if (!$rawResult) { if (!$rawResult) {
return $this->failNotFound(lang('Basic.global.deleteError', [$objName])); return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
@ -261,20 +283,18 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
protected function canValidate($customValidationRules = null, $customValidationMessages = null) protected function canValidate($customValidationRules = null, $customValidationMessages = null)
{ {
if($customValidationRules == null){ if ($customValidationRules == null) {
$validationRules = $this->model->validationRules ?? $this->formValidationRules ?? null; $validationRules = $this->model->validationRules ?? $this->formValidationRules ?? null;
} } else {
else{
$validationRules = $customValidationRules; $validationRules = $customValidationRules;
} }
if ($validationRules == null) { if ($validationRules == null) {
return true; return true;
} }
if($customValidationMessages == null){ if ($customValidationMessages == null) {
$validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;; $validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;;
} } else {
else{
$validationErrorMessages = $customValidationMessages; $validationErrorMessages = $customValidationMessages;
} }
@ -303,7 +323,8 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
* @param array|null $postData * @param array|null $postData
* @return array * @return array
*/ */
protected function sanitized(array $postData = null, bool $nullIfEmpty = false) { protected function sanitized(array $postData = null, bool $nullIfEmpty = false)
{
if ($postData == null) { if ($postData == null) {
$postData = $this->request->getPost(); $postData = $this->request->getPost();
} }
@ -326,15 +347,15 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
* @param string $customMessage * @param string $customMessage
* @return mixed * @return mixed
*/ */
protected function failWithNewToken($messages, int $status = 400, string $code = null, string $customMessage = '') { protected function failWithNewToken($messages, int $status = 400, string $code = null, string $customMessage = '')
{
if (! is_array($messages)) if (!is_array($messages)) {
{
$messages = ['error' => $messages]; $messages = ['error' => $messages];
} }
$response = [ $response = [
'status' => $status, 'status' => $status,
'error' => $status, 'error' => $status,
'messages' => $messages, 'messages' => $messages,
csrf_token() => csrf_hash() csrf_token() => csrf_hash()
]; ];
@ -360,7 +381,8 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
* Convenience method for common exception handling * Convenience method for common exception handling
* @param \Exception $e * @param \Exception $e
*/ */
protected function dealWithException(\Exception $e) { protected function dealWithException(\Exception $e)
{
// using another try / catch block to prevent to avoid CodeIgniter bug throwing trivial exceptions for querying DB errors // using another try / catch block to prevent to avoid CodeIgniter bug throwing trivial exceptions for querying DB errors
try { try {
$query = $this->model->db->getLastQuery(); $query = $this->model->db->getLastQuery();
@ -368,16 +390,16 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
$dbError = $this->model->db->error(); $dbError = $this->model->db->error();
$userFriendlyErrMsg = lang('Basic.global.persistErr1', [static::$singularObjectNameCc]); $userFriendlyErrMsg = lang('Basic.global.persistErr1', [static::$singularObjectNameCc]);
if (isset($dbError['code']) && $dbError['code'] == 1062) : if (isset($dbError['code']) && $dbError['code'] == 1062) :
$userFriendlyErrMsg .= PHP_EOL.lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]); $userFriendlyErrMsg .= PHP_EOL . lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]);
endif; endif;
// $userFriendlyErrMsg = str_replace("'", "\'", $userFriendlyErrMsg); // Uncomment if experiencing unescaped single quote errors // $userFriendlyErrMsg = str_replace("'", "\'", $userFriendlyErrMsg); // Uncomment if experiencing unescaped single quote errors
log_message('error', $userFriendlyErrMsg.PHP_EOL.$e->getMessage().PHP_EOL.$queryStr); log_message('error', $userFriendlyErrMsg . PHP_EOL . $e->getMessage() . PHP_EOL . $queryStr);
if (isset($dbError['message']) && !empty($dbError['message'])) : if (isset($dbError['message']) && !empty($dbError['message'])) :
log_message('error', $dbError['code'].' : '.$dbError['message']); log_message('error', $dbError['code'] . ' : ' . $dbError['message']);
endif; endif;
$this->viewData['errorMessage'] = $userFriendlyErrMsg; $this->viewData['errorMessage'] = $userFriendlyErrMsg;
} catch (\Exception $e2) { } catch (\Exception $e2) {
log_message('debug', 'You can probably safely ignore this: In attempt to check DB errors, CodeIgniter threw: '.PHP_EOL.$e2->getMessage()); log_message('debug', 'You can probably safely ignore this: In attempt to check DB errors, CodeIgniter threw: ' . PHP_EOL . $e2->getMessage());
} }
} }
} }

35
ci4/app/Controllers/Tarifas/Tarifaimpresion.php
View File

@ -1,35 +0,0 @@
<?php
namespace App\Controllers\Tarifas;
use App\Controllers\BaseController;
class Tarifaimpresion extends BaseController
{
function __construct()
{
}
public function index()
{
echo 'Tarifa impresion';
}
public function delete()
{
}
public function add()
{
}
public function edit()
{
}
}

12
ci4/app/Controllers/Tarifas/Tarifasencuadernacion.php
View File

@ -55,6 +55,8 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
public function index() public function index()
{ {
// Check if the user is allowed to list items
parent::checkPermission('tarifa-encuadernacion.menu');
$viewData = [ $viewData = [
'currentModule' => static::$controllerSlug, 'currentModule' => static::$controllerSlug,
@ -73,8 +75,7 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
public function add() public function add()
{ {
parent::checkPermission('tarifa-encuadernacion.create', $this->indexRoute);
if ($this->request->getPost()) : if ($this->request->getPost()) :
@ -157,6 +158,7 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
public function edit($requestedId = null) public function edit($requestedId = null)
{ {
parent::checkPermission('tarifa-encuadernacion.create', $this->indexRoute);
if ($requestedId == null) : if ($requestedId == null) :
return $this->redirect2listView(); return $this->redirect2listView();
@ -248,6 +250,12 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
return $this->displayForm(__METHOD__, $id); return $this->displayForm(__METHOD__, $id);
} // end function edit(...) } // end function edit(...)
/*public function delete($id =null){
if (!auth()->user()->can('tarifa-encuadernacion.delete')) {
return $this->fail('No tiene permisos');
}
parent::delete($id);
}*/
public function datatable() public function datatable()
{ {

13
ci4/app/Controllers/Tarifas/Tarifasenvios.php
View File

@ -56,6 +56,9 @@ class Tarifasenvios extends \App\Controllers\BaseResourceController {
public function index() { public function index() {
// Check if the user is allowed to list items
parent::checkPermission('tarifa-envio.menu');
$viewData = [ $viewData = [
'currentModule' => static::$controllerSlug, 'currentModule' => static::$controllerSlug,
'pageSubTitle' => lang('Basic.global.ManageAllRecords', [lang('TarifasEnvios.tarifaEnvio')]), 'pageSubTitle' => lang('Basic.global.ManageAllRecords', [lang('TarifasEnvios.tarifaEnvio')]),
@ -72,8 +75,7 @@ class Tarifasenvios extends \App\Controllers\BaseResourceController {
public function add() { public function add() {
parent::checkPermission('tarifa-envio.create', $this->indexRoute);
if ($this->request->getPost()) : if ($this->request->getPost()) :
@ -142,6 +144,8 @@ class Tarifasenvios extends \App\Controllers\BaseResourceController {
public function edit($requestedId = null) { public function edit($requestedId = null) {
parent::checkPermission('tarifa-envio.edit', $this->indexRoute);
if ($requestedId == null) : if ($requestedId == null) :
return $this->redirect2listView(); return $this->redirect2listView();
@ -227,6 +231,10 @@ class Tarifasenvios extends \App\Controllers\BaseResourceController {
// JJO // JJO
public function delete($id = null) public function delete($id = null)
{ {
if (!auth()->user()->can('tarifa-envio.delete')) {
return $this->fail('Error');
}
if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) { if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) {
$objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc).'.'.static::$singularObjectNameCc)); $objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc).'.'.static::$singularObjectNameCc));
} else { } else {
@ -242,7 +250,6 @@ class Tarifasenvios extends \App\Controllers\BaseResourceController {
else{ else{
$datetime = (new \CodeIgniter\I18n\Time("now")); $datetime = (new \CodeIgniter\I18n\Time("now"));
$zonaModel = new TarifaEnvioZonaModel(); $zonaModel = new TarifaEnvioZonaModel();
$zonaResult = $zonaModel->removeAllZonasLineas($id, $datetime, $this->delete_flag); $zonaResult = $zonaModel->removeAllZonasLineas($id, $datetime, $this->delete_flag);

2
ci4/app/Controllers/Tarifas/Tarifasmanipulado.php
View File

@ -51,6 +51,8 @@ class Tarifasmanipulado extends \App\Controllers\BaseResourceController
public function index() public function index()
{ {
// Check if the user is allowed to list items
parent::checkPermission('tarifa-manipulado.menu');
$viewData = [ $viewData = [
'currentModule' => static::$controllerSlug, 'currentModule' => static::$controllerSlug,