diff --git a/ci4/app/Controllers/Configuracion/FormasPago.php b/ci4/app/Controllers/Configuracion/FormasPago.php
index 9186a2af..6fa53297 100755
--- a/ci4/app/Controllers/Configuracion/FormasPago.php
+++ b/ci4/app/Controllers/Configuracion/FormasPago.php
@@ -44,6 +44,7 @@ class FormasPago extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('formas-pago.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -61,6 +62,7 @@ class FormasPago extends \App\Controllers\BaseResourceController
public function add()
{
+ checkPermission('formas-pago.create');
if ($this->request->getPost()) :
@@ -115,6 +117,7 @@ class FormasPago extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('formas-pago.edit');
if ($requestedId == null) :
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Group.php b/ci4/app/Controllers/Configuracion/Group.php
index 68b6d694..dc6e4925 100755
--- a/ci4/app/Controllers/Configuracion/Group.php
+++ b/ci4/app/Controllers/Configuracion/Group.php
@@ -37,6 +37,8 @@ class Group extends \App\Controllers\GoBaseController
public function index()
{
+ checkPermission('roles-permisos.menu');
+
$this->viewData['usingClientSideDataTable'] = true;
$this->viewData['pageSubTitle'] = lang('Basic.global.ManageAllRecords', [lang('Groups.group')]);
// IMN
@@ -48,11 +50,12 @@ class Group extends \App\Controllers\GoBaseController
public function add()
{
+ checkPermission('roles-permisos.create');
+
if ($this->request->getPost()) :
$postData = $this->request->getPost();
- $temp_data['id'] = $groupEntity->id;
$temp_data['title'] = $postData['title'];
$temp_data['description'] = $postData['description'];
@@ -124,6 +127,7 @@ class Group extends \App\Controllers\GoBaseController
public function edit($requestedId = null)
{
+ checkPermission('roles-permisos.edit');
helper('general');
@@ -243,30 +247,4 @@ class Group extends \App\Controllers\GoBaseController
}
}
- public function menuItems()
- {
- if ($this->request->isAJAX()) {
- $searchStr = goSanitize($this->request->getPost('searchTerm'))[0];
- $reqId = goSanitize($this->request->getPost('id'))[0];
- $reqText = goSanitize($this->request->getPost('text'))[0];
- $onlyActiveOnes = false;
- $columns2select = [$reqId ?? 'id', $reqText ?? 'nombre'];
- $onlyActiveOnes = false;
- $menu = $this->model->getSelect2MenuItems($columns2select, $columns2select[1], $onlyActiveOnes, $searchStr);
- $nonItem = new \stdClass;
- $nonItem->id = '';
- $nonItem->text = '- ' . lang('Basic.global.None') . ' -';
- array_unshift($menu, $nonItem);
-
- $newTokenHash = csrf_hash();
- $csrfTokenName = csrf_token();
- $data = [
- 'menu' => $menu,
- $csrfTokenName => $newTokenHash
- ];
- return $this->respond($data);
- } else {
- return $this->failUnauthorized('Invalid request', 403);
- }
- }
}
diff --git a/ci4/app/Controllers/Configuracion/Maquinas.php b/ci4/app/Controllers/Configuracion/Maquinas.php
index 3ee7c046..5661f339 100755
--- a/ci4/app/Controllers/Configuracion/Maquinas.php
+++ b/ci4/app/Controllers/Configuracion/Maquinas.php
@@ -55,6 +55,7 @@ class Maquinas extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('maquinas.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -112,6 +113,8 @@ class Maquinas extends \App\Controllers\BaseResourceController
public function add()
{
+ checkPermission('maquinas.create');
+
if ($this->request->getPost()):
$nullIfEmpty = true; // !(phpversion() >= '8.1');
@@ -176,7 +179,7 @@ class Maquinas extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
-
+ checkPermission('maquinas.edit');
if ($requestedId == null):
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Maquinasdefecto.php b/ci4/app/Controllers/Configuracion/Maquinasdefecto.php
index c4831b5c..68dcabb7 100755
--- a/ci4/app/Controllers/Configuracion/Maquinasdefecto.php
+++ b/ci4/app/Controllers/Configuracion/Maquinasdefecto.php
@@ -45,6 +45,7 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('maquinas-defecto.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -63,7 +64,7 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
public function add()
{
-
+ checkPermission('maquinas-defecto.create');
if ($this->request->getPost()) :
@@ -138,6 +139,7 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('maquinas-defecto.edit');
if ($requestedId == null) :
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Paises.php b/ci4/app/Controllers/Configuracion/Paises.php
index 20668475..e684a033 100755
--- a/ci4/app/Controllers/Configuracion/Paises.php
+++ b/ci4/app/Controllers/Configuracion/Paises.php
@@ -47,6 +47,7 @@ class Paises extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('paises.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -65,6 +66,8 @@ class Paises extends \App\Controllers\BaseResourceController
public function add()
{
+ checkPermission('paises.create');
+
if ($this->request->getPost()):
$postData = $this->request->getPost();
@@ -119,6 +122,7 @@ class Paises extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('paises.edit');
if ($requestedId == null):
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Papelesgenericos.php b/ci4/app/Controllers/Configuracion/Papelesgenericos.php
index dd90c8be..c011489f 100755
--- a/ci4/app/Controllers/Configuracion/Papelesgenericos.php
+++ b/ci4/app/Controllers/Configuracion/Papelesgenericos.php
@@ -54,6 +54,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('papel-generico.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -71,6 +72,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
public function add()
{
+ checkPermission('papel-generico.create');
if ($this->request->getPost()):
@@ -132,6 +134,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('papel-generico.edit');
if ($requestedId == null):
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Papelesimpresion.php b/ci4/app/Controllers/Configuracion/Papelesimpresion.php
index c18c1e05..5c478162 100755
--- a/ci4/app/Controllers/Configuracion/Papelesimpresion.php
+++ b/ci4/app/Controllers/Configuracion/Papelesimpresion.php
@@ -81,6 +81,7 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('papel-impresion.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -98,7 +99,7 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
public function add()
{
-
+ checkPermission('papel-impresion.create');
if ($this->request->getPost()) :
@@ -161,6 +162,7 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('papel-impresion.edit');
if ($requestedId == null) :
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/SeriesFacturas.php b/ci4/app/Controllers/Configuracion/SeriesFacturas.php
index f7618629..5920b7ff 100755
--- a/ci4/app/Controllers/Configuracion/SeriesFacturas.php
+++ b/ci4/app/Controllers/Configuracion/SeriesFacturas.php
@@ -40,6 +40,7 @@ class SeriesFacturas extends BaseResourceController
public function index()
{
+ checkPermission('series-facturas.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -57,6 +58,8 @@ class SeriesFacturas extends BaseResourceController
public function add()
{
+ checkPermission('series-facturas.create');
+
if ($this->request->getPost()) :
$postData = $this->request->getPost();
@@ -110,6 +113,8 @@ class SeriesFacturas extends BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('series-facturas.edit');
+
if ($requestedId == null) :
return $this->redirect2listView();
endif;
diff --git a/ci4/app/Controllers/Configuracion/Ubicaciones.php b/ci4/app/Controllers/Configuracion/Ubicaciones.php
index 1e22b95a..26597ae1 100755
--- a/ci4/app/Controllers/Configuracion/Ubicaciones.php
+++ b/ci4/app/Controllers/Configuracion/Ubicaciones.php
@@ -40,6 +40,7 @@ class Ubicaciones extends BaseResourceController
public function index()
{
+ checkPermission('ubicaciones.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -57,6 +58,8 @@ class Ubicaciones extends BaseResourceController
public function add()
{
+ checkPermission('ubicaciones.create');
+
if ($this->request->getPost()) :
$postData = $this->request->getPost();
@@ -111,6 +114,7 @@ class Ubicaciones extends BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('ubicaciones.edit');
if ($requestedId == null) :
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Users.php b/ci4/app/Controllers/Configuracion/Users.php
index 923f0007..9cd72311 100755
--- a/ci4/app/Controllers/Configuracion/Users.php
+++ b/ci4/app/Controllers/Configuracion/Users.php
@@ -69,7 +69,7 @@ class Users extends \App\Controllers\GoBaseController
public function add()
{
- if ($this->request->getPost()) :
+ if ($this->request->getPost()):
$postData = $this->request->getPost();
@@ -94,8 +94,8 @@ class Users extends \App\Controllers\GoBaseController
// Obtener proveedor de usuarios
$users = auth()->getProvider();
- if ($successfulResult = $this->canValidate()) :
- if ($this->canValidate()) :
+ if ($successfulResult = $this->canValidate()):
+ if ($this->canValidate()):
try {
// The Email is unique
@@ -134,17 +134,12 @@ class Users extends \App\Controllers\GoBaseController
$thenRedirect = true; // Change this to false if you want your user to stay on the form after submission
endif;
- if ($noException && $successfulResult) :
+ if ($noException && $successfulResult):
$id = $users->getInsertID();
- $this->group_user_model->where('user_id', $id)->delete();
- foreach ($currentGroups as $group) {
- $group_user_data = [
- 'user_id' => $id,
- 'group' => $group
- ];
- $this->group_user_model->insert($group_user_data);
- }
+ // Asignar los grupos de usuarios a los que pertenece el usuario editado
+ $this->saveUserGroupsSafely($id, $currentGroups);
+
$this->chat_department_user_model->where("user_id", $id)->delete();
foreach ($chatDepartments as $chatDepartment) {
$this->chat_department_user_model->insert([
@@ -156,8 +151,8 @@ class Users extends \App\Controllers\GoBaseController
$message = lang('Basic.global.saveSuccess', [mb_strtolower(lang('Users.user'))]) . '.';
$message = ucfirst(str_replace("'", "\'", $message));
- if ($thenRedirect) :
- if (!empty($this->indexRoute)) :
+ if ($thenRedirect):
+ if (!empty($this->indexRoute)):
return redirect()->to(route_to($this->indexRoute))->with('successMessage', $message);
else:
return $this->redirect2listView('successMessage', $message);
@@ -173,7 +168,7 @@ class Users extends \App\Controllers\GoBaseController
$this->viewData['user'] = isset($sanitizedData) ? new UserEntity($sanitizedData) : new UserEntity();
$this->viewData['clienteList'] = $this->getClienteListItems();
$this->viewData['formAction'] = route_to('createUser');
- $this->viewData['groups'] = $this->group_model->select('keyword, title')->findAll();
+ $this->viewData['groups'] = $this->group_model->select('keyword, title')->where('id >', 0)->findAll();
$this->viewData['chatDepartments'] = $this->chat_department_model->findAll();
$this->viewData['boxTitle'] = lang('Basic.global.addNew') . ' ' . lang('Users.user') . ' ' . lang('Basic.global.addNewSuffix');
@@ -191,12 +186,12 @@ class Users extends \App\Controllers\GoBaseController
$users = auth()->getProvider();
$user = $users->findById($id);
- if ($user == false) :
+ if ($user == false):
$message = lang('Basic.global.notFoundWithIdErr', [mb_strtolower(lang('Users.user')), $id]);
return $this->redirect2listView('errorMessage', $message);
endif;
- if ($this->request->getPost()) :
+ if ($this->request->getPost()):
$postData = $this->request->getPost();
@@ -218,9 +213,9 @@ class Users extends \App\Controllers\GoBaseController
}
$noException = true;
- if ($successfulResult = $this->canValidate()) :
+ if ($successfulResult = $this->canValidate()):
- if ($this->canValidate()) :
+ if ($this->canValidate()):
try {
if (in_array('cliente-editor', $currentGroups) || in_array('cliente-administrador', $currentGroups)) {
@@ -249,16 +244,11 @@ class Users extends \App\Controllers\GoBaseController
$thenRedirect = false;
endif;
- if ($noException && $successfulResult) :
+ if ($noException && $successfulResult):
+
+ // Asignar los grupos de usuarios a los que pertenece el usuario editado
+ $this->saveUserGroupsSafely($user->id, $currentGroups);
- $this->group_user_model->where('user_id', $user->id)->delete();
- foreach ($currentGroups as $group) {
- $group_user_data = [
- 'user_id' => $user->id,
- 'group' => $group
- ];
- $this->group_user_model->insert($group_user_data);
- }
$this->chat_department_user_model->where("user_id", $id)->delete();
foreach ($chatDepartments as $chatDepartment) {
$this->chat_department_user_model->insert([
@@ -270,8 +260,8 @@ class Users extends \App\Controllers\GoBaseController
$message = lang('Basic.global.updateSuccess', [mb_strtolower(lang('Users.user'))]) . '.';
$message = ucfirst(str_replace("'", "\'", $message));
- if ($thenRedirect) :
- if (!empty($this->indexRoute)) :
+ if ($thenRedirect):
+ if (!empty($this->indexRoute)):
return redirect()->to(route_to($this->indexRoute))->with('successMessage', $message);
else:
return $this->redirect2listView('successMessage', $message);
@@ -287,7 +277,7 @@ class Users extends \App\Controllers\GoBaseController
$this->viewData['clienteList'] = $this->getClienteListItems($user->cliente_id);
$this->viewData['formAction'] = route_to('updateUser', $id);
$this->viewData['selectedGroups'] = $this->group_model->getUsersRoles($requestedId);
- $this->viewData['groups'] = $this->group_model->select('keyword, title')->findAll();
+ $this->viewData['groups'] = $this->group_model->select('keyword, title')->where('id >', 0)->findAll();
$this->viewData['chatDepartments'] = $this->chat_department_model->select(["display", "name", "id as chatDepartmentId"])->findAll();
$this->viewData['chatDepartmentUser'] = $this->chat_department_user_model->getChatDepartmentUser($user->id);
$this->viewData['boxTitle'] = lang('Basic.global.edit2') . ' ' . lang('Users.user') . ' ' . lang('Basic.global.edit3');
@@ -299,18 +289,22 @@ class Users extends \App\Controllers\GoBaseController
public function delete($requestedId = null, bool $deletePermanently = true)
{
- if ($requestedId == null) :
+ if ($requestedId == null):
return $this->redirect2listView();
endif;
$id = filter_var($requestedId, FILTER_SANITIZE_URL);
$user = $this->model->find($id);
- if ($user == false) :
+ if ($user == false):
$message = lang('Basic.global.notFoundWithIdErr', [mb_strtolower(lang('Users.user')), $id]);
return $this->redirect2listView('errorMessage', $message);
endif;
+ // Elimina todos los grupos actuales
+ $this->group_user_model->where('user_id', $id)->delete();
+
+ // Elimina todos los grupos de chat actuales
$this->chat_department_user_model->where("user_id", $id)->delete();
$users = auth()->getProvider();
@@ -433,11 +427,11 @@ class Users extends \App\Controllers\GoBaseController
protected function getClienteListItems($selId = null)
{
$data = ['' => ""];
- if (!empty($selId)) :
+ if (!empty($selId)):
$clienteModel = model('App\Models\Clientes\ClienteModel');
$selOption = $clienteModel->where('id', $selId)->findColumn('nombre');
- if (!empty($selOption)) :
+ if (!empty($selOption)):
$data[$selId] = $selOption[0];
endif;
endif;
@@ -450,7 +444,7 @@ class Users extends \App\Controllers\GoBaseController
['title' => lang("App.menu_change_session"), 'route' => route_to('maquinistaUserChangeList'), 'active' => true]
];
$maquinistas = [];
- $users = auth()->getProvider()->whereNotIn('id',[auth()->user()->id])->findAll();
+ $users = auth()->getProvider()->whereNotIn('id', [auth()->user()->id])->findAll();
foreach ($users as $key => $user) {
if ($user->inGroup('maquina') && !$user->inGroup('admin', 'comercial', 'cliente-editor', 'cliente-admin')) {
$maquinistas[] = $user;
@@ -467,4 +461,50 @@ class Users extends \App\Controllers\GoBaseController
auth()->login($user);
return redirect("home");
}
+
+ /**
+ * Asigna grupos a un usuario, asegurando que no se pueda inyectar el grupo 'root',
+ * pero manteniéndolo si ya lo tenía previamente.
+ *
+ * @param int $userId ID del usuario al que se le asignarán los grupos
+ * @param array $requestedGroups Grupos solicitados desde el formulario
+ * @return void
+ */
+ private function saveUserGroupsSafely(int $userId, array $requestedGroups): void
+ {
+ // Verifica si el usuario ya tenía el grupo 'root'
+ $existingGroups = $this->group_user_model
+ ->where('user_id', $userId)
+ ->findColumn('group') ?? [];
+
+ $hasRoot = in_array('root', $existingGroups);
+
+ // Elimina todos los grupos actuales
+ $this->group_user_model->where('user_id', $userId)->delete();
+
+ // Inserta solo los grupos válidos (sin 'root')
+ foreach ($requestedGroups as $group) {
+ if (!empty($group) && $group !== 'root') {
+ $this->group_user_model->insert([
+ 'user_id' => $userId,
+ 'group' => $group,
+ 'created_at' => date('Y-m-d H:i:s'),
+ ]);
+ } elseif ($group === 'root') {
+ log_message('alert', "Intento de asignar grupo 'root' al usuario ID $userId");
+ }
+ }
+
+ // Reasigna 'root' solo si el usuario ya lo tenía
+ if ($hasRoot) {
+ $this->group_user_model->insert([
+ 'user_id' => $userId,
+ 'group' => 'root',
+ 'created_at' => date('Y-m-d H:i:s'),
+ ]);
+ }
+ }
+
+
+
}
diff --git a/ci4/app/Views/themes/vuexy/main/menus/configuracion_menu.php b/ci4/app/Views/themes/vuexy/main/menus/configuracion_menu.php
index fbb9a7b6..c6dfd9a0 100755
--- a/ci4/app/Views/themes/vuexy/main/menus/configuracion_menu.php
+++ b/ci4/app/Views/themes/vuexy/main/menus/configuracion_menu.php
@@ -11,7 +11,10 @@ if (
auth()->user()->can('maquinas.menu') ||
auth()->user()->can('maquinas-defecto.menu') ||
auth()->user()->can('usuarios.menu') ||
- auth()->user()->can('roles-permisos.menu')
+ auth()->user()->can('roles-permisos.menu') ||
+ auth()->user()->can('proveedores.menu') ||
+ auth()->user()->can('ubicaciones.menu') ||
+ auth()->user()->can('series-facturas.menu')
) {
?>
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>
-
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>