mirror of
https://git.imnavajas.es/jjimenez/safekat.git
synced 2025-07-25 22:52:08 +00:00
Merge branch 'main' into feat/tipo_papel_presup_cliente
This commit is contained in:
@ -77,6 +77,14 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
*/
|
||||
public $alertStyle = 'alerts';
|
||||
|
||||
/**
|
||||
* Permiso requerido para borrar. Si es false/null, no se valida.
|
||||
* Si es un string (nombre del permiso), se valida.
|
||||
*
|
||||
* @var string|false|null
|
||||
*/
|
||||
protected $deletePermission = false;
|
||||
|
||||
|
||||
/**
|
||||
* An array of helpers to be loaded automatically upon
|
||||
@ -222,6 +230,13 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
*/
|
||||
public function delete($id = null)
|
||||
{
|
||||
|
||||
// 🔒 Verificar permiso solo si está definido como string
|
||||
if (is_string($this->deletePermission) && !auth()->user()->can($this->deletePermission)) {
|
||||
$message = lang('Basic.global.permissionDenied'); // O el mensaje que uses
|
||||
return $this->failWithNewToken($message, 403); // Estilo coherente con tu clase
|
||||
}
|
||||
|
||||
if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) {
|
||||
$objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc) . '.' . static::$singularObjectNameCc));
|
||||
} else {
|
||||
@ -236,8 +251,10 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
} else {
|
||||
$datetime = (new \CodeIgniter\I18n\Time("now"));
|
||||
$rawResult = $this->model->where('id', $id)
|
||||
->set(['deleted_at' => $datetime->format('Y-m-d H:i:s'),
|
||||
'is_deleted' => $this->delete_flag])
|
||||
->set([
|
||||
'deleted_at' => $datetime->format('Y-m-d H:i:s'),
|
||||
'is_deleted' => $this->delete_flag
|
||||
])
|
||||
->update();
|
||||
if (!$rawResult) {
|
||||
return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
|
||||
@ -270,7 +287,8 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
}
|
||||
|
||||
if ($customValidationMessages == null) {
|
||||
$validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;;
|
||||
$validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;
|
||||
;
|
||||
} else {
|
||||
$validationErrorMessages = $customValidationMessages;
|
||||
}
|
||||
@ -366,12 +384,12 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
|
||||
$queryStr = !is_null($query) ? $query->getQuery() : '';
|
||||
$dbError = $this->model->db->error();
|
||||
$userFriendlyErrMsg = lang('Basic.global.persistErr1', [static::$singularObjectNameCc]);
|
||||
if (isset($dbError['code']) && $dbError['code'] == 1062) :
|
||||
if (isset($dbError['code']) && $dbError['code'] == 1062):
|
||||
$userFriendlyErrMsg .= PHP_EOL . lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]);
|
||||
endif;
|
||||
// $userFriendlyErrMsg = str_replace("'", "\'", $userFriendlyErrMsg); // Uncomment if experiencing unescaped single quote errors
|
||||
log_message('error', $userFriendlyErrMsg . PHP_EOL . $e->getMessage() . PHP_EOL . $queryStr);
|
||||
if (isset($dbError['message']) && !empty($dbError['message'])) :
|
||||
if (isset($dbError['message']) && !empty($dbError['message'])):
|
||||
log_message('error', $dbError['code'] . ' : ' . $dbError['message']);
|
||||
endif;
|
||||
$this->viewData['errorMessage'] = $userFriendlyErrMsg;
|
||||
|
||||
@ -25,6 +25,7 @@ class Proveedores extends \App\Controllers\BaseResourceController {
|
||||
|
||||
protected $indexRoute = 'proveedorList';
|
||||
|
||||
protected $deletePermission = 'proveedores.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger) {
|
||||
|
||||
@ -26,6 +26,8 @@ class FormasPago extends \App\Controllers\BaseResourceController
|
||||
|
||||
protected $indexRoute = 'formaDePagoList';
|
||||
|
||||
protected $deletePermission = 'formas-pago.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
@ -44,6 +46,7 @@ class FormasPago extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function index()
|
||||
{
|
||||
checkPermission('formas-pago.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
@ -61,6 +64,7 @@ class FormasPago extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function add()
|
||||
{
|
||||
checkPermission('formas-pago.create');
|
||||
|
||||
if ($this->request->getPost()) :
|
||||
|
||||
@ -115,6 +119,7 @@ class FormasPago extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function edit($requestedId = null)
|
||||
{
|
||||
checkPermission('formas-pago.edit');
|
||||
|
||||
if ($requestedId == null) :
|
||||
return $this->redirect2listView();
|
||||
|
||||
@ -21,6 +21,8 @@ class Group extends \App\Controllers\GoBaseController
|
||||
|
||||
protected $indexRoute = 'userGroupList';
|
||||
|
||||
protected $deletePermission = 'roles-permisos.delete';
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
self::$viewPath = getenv('theme.path') . 'form/group/';
|
||||
@ -37,6 +39,8 @@ class Group extends \App\Controllers\GoBaseController
|
||||
|
||||
public function index()
|
||||
{
|
||||
checkPermission('roles-permisos.menu');
|
||||
|
||||
$this->viewData['usingClientSideDataTable'] = true;
|
||||
$this->viewData['pageSubTitle'] = lang('Basic.global.ManageAllRecords', [lang('Groups.group')]);
|
||||
// IMN
|
||||
@ -48,11 +52,12 @@ class Group extends \App\Controllers\GoBaseController
|
||||
public function add()
|
||||
{
|
||||
|
||||
checkPermission('roles-permisos.create');
|
||||
|
||||
if ($this->request->getPost()) :
|
||||
|
||||
$postData = $this->request->getPost();
|
||||
|
||||
$temp_data['id'] = $groupEntity->id;
|
||||
$temp_data['title'] = $postData['title'];
|
||||
$temp_data['description'] = $postData['description'];
|
||||
|
||||
@ -124,6 +129,7 @@ class Group extends \App\Controllers\GoBaseController
|
||||
|
||||
public function edit($requestedId = null)
|
||||
{
|
||||
checkPermission('roles-permisos.edit');
|
||||
|
||||
helper('general');
|
||||
|
||||
@ -243,30 +249,4 @@ class Group extends \App\Controllers\GoBaseController
|
||||
}
|
||||
}
|
||||
|
||||
public function menuItems()
|
||||
{
|
||||
if ($this->request->isAJAX()) {
|
||||
$searchStr = goSanitize($this->request->getPost('searchTerm'))[0];
|
||||
$reqId = goSanitize($this->request->getPost('id'))[0];
|
||||
$reqText = goSanitize($this->request->getPost('text'))[0];
|
||||
$onlyActiveOnes = false;
|
||||
$columns2select = [$reqId ?? 'id', $reqText ?? 'nombre'];
|
||||
$onlyActiveOnes = false;
|
||||
$menu = $this->model->getSelect2MenuItems($columns2select, $columns2select[1], $onlyActiveOnes, $searchStr);
|
||||
$nonItem = new \stdClass;
|
||||
$nonItem->id = '';
|
||||
$nonItem->text = '- ' . lang('Basic.global.None') . ' -';
|
||||
array_unshift($menu, $nonItem);
|
||||
|
||||
$newTokenHash = csrf_hash();
|
||||
$csrfTokenName = csrf_token();
|
||||
$data = [
|
||||
'menu' => $menu,
|
||||
$csrfTokenName => $newTokenHash
|
||||
];
|
||||
return $this->respond($data);
|
||||
} else {
|
||||
return $this->failUnauthorized('Invalid request', 403);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -28,6 +28,7 @@ class Maquinas extends \App\Controllers\BaseResourceController
|
||||
protected static $viewPath = 'themes/vuexy/form/configuracion/maquinas/';
|
||||
|
||||
protected $indexRoute = 'maquinaList';
|
||||
|
||||
protected MaquinaService $maquinaService;
|
||||
protected Validation $validation;
|
||||
|
||||
@ -55,6 +56,7 @@ class Maquinas extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function index()
|
||||
{
|
||||
checkPermission('maquinas.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
@ -112,6 +114,8 @@ class Maquinas extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function add()
|
||||
{
|
||||
checkPermission('maquinas.create');
|
||||
|
||||
if ($this->request->getPost()):
|
||||
|
||||
$nullIfEmpty = true; // !(phpversion() >= '8.1');
|
||||
@ -176,7 +180,7 @@ class Maquinas extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function edit($requestedId = null)
|
||||
{
|
||||
|
||||
checkPermission('maquinas.edit');
|
||||
|
||||
if ($requestedId == null):
|
||||
return $this->redirect2listView();
|
||||
|
||||
@ -28,6 +28,8 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
|
||||
|
||||
protected $indexRoute = 'maquinaPorDefectoList';
|
||||
|
||||
protected $deletePermission = 'maquinas-defecto.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
@ -45,6 +47,7 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function index()
|
||||
{
|
||||
checkPermission('maquinas-defecto.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
@ -63,7 +66,7 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
|
||||
public function add()
|
||||
{
|
||||
|
||||
|
||||
checkPermission('maquinas-defecto.create');
|
||||
|
||||
|
||||
if ($this->request->getPost()) :
|
||||
@ -138,6 +141,7 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
|
||||
public function edit($requestedId = null)
|
||||
{
|
||||
|
||||
checkPermission('maquinas-defecto.edit');
|
||||
|
||||
if ($requestedId == null) :
|
||||
return $this->redirect2listView();
|
||||
|
||||
@ -29,6 +29,7 @@ class Paises extends \App\Controllers\BaseResourceController
|
||||
|
||||
protected $indexRoute = 'paisList';
|
||||
|
||||
protected $deletePermission = 'paises.delete';
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
@ -47,6 +48,7 @@ class Paises extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function index()
|
||||
{
|
||||
checkPermission('paises.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
@ -65,6 +67,8 @@ class Paises extends \App\Controllers\BaseResourceController
|
||||
public function add()
|
||||
{
|
||||
|
||||
checkPermission('paises.create');
|
||||
|
||||
if ($this->request->getPost()):
|
||||
|
||||
$postData = $this->request->getPost();
|
||||
@ -119,6 +123,7 @@ class Paises extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function edit($requestedId = null)
|
||||
{
|
||||
checkPermission('paises.edit');
|
||||
|
||||
if ($requestedId == null):
|
||||
return $this->redirect2listView();
|
||||
|
||||
@ -28,6 +28,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
|
||||
|
||||
protected $indexRoute = 'papelGenericoList';
|
||||
|
||||
protected $deletePermission = 'papel-generico.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
@ -54,6 +55,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function index()
|
||||
{
|
||||
checkPermission('papel-generico.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
@ -71,6 +73,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function add()
|
||||
{
|
||||
checkPermission('papel-generico.create');
|
||||
|
||||
if ($this->request->getPost()):
|
||||
|
||||
@ -132,6 +135,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function edit($requestedId = null)
|
||||
{
|
||||
checkPermission('papel-generico.edit');
|
||||
|
||||
if ($requestedId == null):
|
||||
return $this->redirect2listView();
|
||||
|
||||
@ -52,6 +52,9 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
|
||||
protected static $viewPath = 'themes/vuexy/form/configuracion/papel/';
|
||||
|
||||
protected $indexRoute = 'papelImpresionList';
|
||||
|
||||
protected $deletePermission = 'papel-impresion.delete';
|
||||
|
||||
protected Validation $validation;
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
@ -81,6 +84,7 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function index()
|
||||
{
|
||||
checkPermission('papel-impresion.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
@ -98,7 +102,7 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function add()
|
||||
{
|
||||
|
||||
checkPermission('papel-impresion.create');
|
||||
|
||||
if ($this->request->getPost()) :
|
||||
|
||||
@ -161,6 +165,7 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
|
||||
|
||||
public function edit($requestedId = null)
|
||||
{
|
||||
checkPermission('papel-impresion.edit');
|
||||
|
||||
if ($requestedId == null) :
|
||||
return $this->redirect2listView();
|
||||
|
||||
@ -22,6 +22,8 @@ class SeriesFacturas extends BaseResourceController
|
||||
|
||||
protected $indexRoute = 'seriesFacturasList';
|
||||
|
||||
protected $deletePermission = 'series-facturas.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
@ -40,6 +42,7 @@ class SeriesFacturas extends BaseResourceController
|
||||
|
||||
public function index()
|
||||
{
|
||||
checkPermission('series-facturas.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
@ -57,6 +60,8 @@ class SeriesFacturas extends BaseResourceController
|
||||
|
||||
public function add()
|
||||
{
|
||||
checkPermission('series-facturas.create');
|
||||
|
||||
if ($this->request->getPost()) :
|
||||
|
||||
$postData = $this->request->getPost();
|
||||
@ -110,6 +115,8 @@ class SeriesFacturas extends BaseResourceController
|
||||
public function edit($requestedId = null)
|
||||
{
|
||||
|
||||
checkPermission('series-facturas.edit');
|
||||
|
||||
if ($requestedId == null) :
|
||||
return $this->redirect2listView();
|
||||
endif;
|
||||
|
||||
@ -22,6 +22,8 @@ class Ubicaciones extends BaseResourceController
|
||||
|
||||
protected $indexRoute = 'ubicacionesList';
|
||||
|
||||
protected $deletePermission = 'ubicaciones.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
@ -40,6 +42,7 @@ class Ubicaciones extends BaseResourceController
|
||||
|
||||
public function index()
|
||||
{
|
||||
checkPermission('ubicaciones.menu');
|
||||
|
||||
$viewData = [
|
||||
'currentModule' => static::$controllerSlug,
|
||||
@ -57,6 +60,8 @@ class Ubicaciones extends BaseResourceController
|
||||
|
||||
public function add()
|
||||
{
|
||||
checkPermission('ubicaciones.create');
|
||||
|
||||
if ($this->request->getPost()) :
|
||||
|
||||
$postData = $this->request->getPost();
|
||||
@ -111,6 +116,7 @@ class Ubicaciones extends BaseResourceController
|
||||
|
||||
public function edit($requestedId = null)
|
||||
{
|
||||
checkPermission('ubicaciones.edit');
|
||||
|
||||
if ($requestedId == null) :
|
||||
return $this->redirect2listView();
|
||||
|
||||
@ -69,7 +69,7 @@ class Users extends \App\Controllers\GoBaseController
|
||||
public function add()
|
||||
{
|
||||
|
||||
if ($this->request->getPost()) :
|
||||
if ($this->request->getPost()):
|
||||
|
||||
$postData = $this->request->getPost();
|
||||
|
||||
@ -94,8 +94,8 @@ class Users extends \App\Controllers\GoBaseController
|
||||
// Obtener proveedor de usuarios
|
||||
$users = auth()->getProvider();
|
||||
|
||||
if ($successfulResult = $this->canValidate()) :
|
||||
if ($this->canValidate()) :
|
||||
if ($successfulResult = $this->canValidate()):
|
||||
if ($this->canValidate()):
|
||||
try {
|
||||
|
||||
// The Email is unique
|
||||
@ -134,17 +134,12 @@ class Users extends \App\Controllers\GoBaseController
|
||||
$thenRedirect = true; // Change this to false if you want your user to stay on the form after submission
|
||||
endif;
|
||||
|
||||
if ($noException && $successfulResult) :
|
||||
if ($noException && $successfulResult):
|
||||
|
||||
$id = $users->getInsertID();
|
||||
$this->group_user_model->where('user_id', $id)->delete();
|
||||
foreach ($currentGroups as $group) {
|
||||
$group_user_data = [
|
||||
'user_id' => $id,
|
||||
'group' => $group
|
||||
];
|
||||
$this->group_user_model->insert($group_user_data);
|
||||
}
|
||||
// Asignar los grupos de usuarios a los que pertenece el usuario editado
|
||||
$this->saveUserGroupsSafely($id, $currentGroups);
|
||||
|
||||
$this->chat_department_user_model->where("user_id", $id)->delete();
|
||||
foreach ($chatDepartments as $chatDepartment) {
|
||||
$this->chat_department_user_model->insert([
|
||||
@ -156,8 +151,8 @@ class Users extends \App\Controllers\GoBaseController
|
||||
$message = lang('Basic.global.saveSuccess', [mb_strtolower(lang('Users.user'))]) . '.';
|
||||
$message = ucfirst(str_replace("'", "\'", $message));
|
||||
|
||||
if ($thenRedirect) :
|
||||
if (!empty($this->indexRoute)) :
|
||||
if ($thenRedirect):
|
||||
if (!empty($this->indexRoute)):
|
||||
return redirect()->to(route_to($this->indexRoute))->with('successMessage', $message);
|
||||
else:
|
||||
return $this->redirect2listView('successMessage', $message);
|
||||
@ -173,7 +168,7 @@ class Users extends \App\Controllers\GoBaseController
|
||||
$this->viewData['user'] = isset($sanitizedData) ? new UserEntity($sanitizedData) : new UserEntity();
|
||||
$this->viewData['clienteList'] = $this->getClienteListItems();
|
||||
$this->viewData['formAction'] = route_to('createUser');
|
||||
$this->viewData['groups'] = $this->group_model->select('keyword, title')->findAll();
|
||||
$this->viewData['groups'] = $this->group_model->select('keyword, title')->where('id >', 0)->findAll();
|
||||
$this->viewData['chatDepartments'] = $this->chat_department_model->findAll();
|
||||
$this->viewData['boxTitle'] = lang('Basic.global.addNew') . ' ' . lang('Users.user') . ' ' . lang('Basic.global.addNewSuffix');
|
||||
|
||||
@ -191,12 +186,12 @@ class Users extends \App\Controllers\GoBaseController
|
||||
$users = auth()->getProvider();
|
||||
$user = $users->findById($id);
|
||||
|
||||
if ($user == false) :
|
||||
if ($user == false):
|
||||
$message = lang('Basic.global.notFoundWithIdErr', [mb_strtolower(lang('Users.user')), $id]);
|
||||
return $this->redirect2listView('errorMessage', $message);
|
||||
endif;
|
||||
|
||||
if ($this->request->getPost()) :
|
||||
if ($this->request->getPost()):
|
||||
|
||||
$postData = $this->request->getPost();
|
||||
|
||||
@ -218,9 +213,9 @@ class Users extends \App\Controllers\GoBaseController
|
||||
}
|
||||
|
||||
$noException = true;
|
||||
if ($successfulResult = $this->canValidate()) :
|
||||
if ($successfulResult = $this->canValidate()):
|
||||
|
||||
if ($this->canValidate()) :
|
||||
if ($this->canValidate()):
|
||||
try {
|
||||
|
||||
if (in_array('cliente-editor', $currentGroups) || in_array('cliente-administrador', $currentGroups)) {
|
||||
@ -249,16 +244,11 @@ class Users extends \App\Controllers\GoBaseController
|
||||
$thenRedirect = false;
|
||||
|
||||
endif;
|
||||
if ($noException && $successfulResult) :
|
||||
if ($noException && $successfulResult):
|
||||
|
||||
// Asignar los grupos de usuarios a los que pertenece el usuario editado
|
||||
$this->saveUserGroupsSafely($user->id, $currentGroups);
|
||||
|
||||
$this->group_user_model->where('user_id', $user->id)->delete();
|
||||
foreach ($currentGroups as $group) {
|
||||
$group_user_data = [
|
||||
'user_id' => $user->id,
|
||||
'group' => $group
|
||||
];
|
||||
$this->group_user_model->insert($group_user_data);
|
||||
}
|
||||
$this->chat_department_user_model->where("user_id", $id)->delete();
|
||||
foreach ($chatDepartments as $chatDepartment) {
|
||||
$this->chat_department_user_model->insert([
|
||||
@ -270,8 +260,8 @@ class Users extends \App\Controllers\GoBaseController
|
||||
$message = lang('Basic.global.updateSuccess', [mb_strtolower(lang('Users.user'))]) . '.';
|
||||
$message = ucfirst(str_replace("'", "\'", $message));
|
||||
|
||||
if ($thenRedirect) :
|
||||
if (!empty($this->indexRoute)) :
|
||||
if ($thenRedirect):
|
||||
if (!empty($this->indexRoute)):
|
||||
return redirect()->to(route_to($this->indexRoute))->with('successMessage', $message);
|
||||
else:
|
||||
return $this->redirect2listView('successMessage', $message);
|
||||
@ -287,7 +277,7 @@ class Users extends \App\Controllers\GoBaseController
|
||||
$this->viewData['clienteList'] = $this->getClienteListItems($user->cliente_id);
|
||||
$this->viewData['formAction'] = route_to('updateUser', $id);
|
||||
$this->viewData['selectedGroups'] = $this->group_model->getUsersRoles($requestedId);
|
||||
$this->viewData['groups'] = $this->group_model->select('keyword, title')->findAll();
|
||||
$this->viewData['groups'] = $this->group_model->select('keyword, title')->where('id >', 0)->findAll();
|
||||
$this->viewData['chatDepartments'] = $this->chat_department_model->select(["display", "name", "id as chatDepartmentId"])->findAll();
|
||||
$this->viewData['chatDepartmentUser'] = $this->chat_department_user_model->getChatDepartmentUser($user->id);
|
||||
$this->viewData['boxTitle'] = lang('Basic.global.edit2') . ' ' . lang('Users.user') . ' ' . lang('Basic.global.edit3');
|
||||
@ -299,18 +289,22 @@ class Users extends \App\Controllers\GoBaseController
|
||||
public function delete($requestedId = null, bool $deletePermanently = true)
|
||||
{
|
||||
|
||||
if ($requestedId == null) :
|
||||
if ($requestedId == null):
|
||||
return $this->redirect2listView();
|
||||
endif;
|
||||
|
||||
$id = filter_var($requestedId, FILTER_SANITIZE_URL);
|
||||
$user = $this->model->find($id);
|
||||
|
||||
if ($user == false) :
|
||||
if ($user == false):
|
||||
$message = lang('Basic.global.notFoundWithIdErr', [mb_strtolower(lang('Users.user')), $id]);
|
||||
return $this->redirect2listView('errorMessage', $message);
|
||||
endif;
|
||||
|
||||
// Elimina todos los grupos actuales
|
||||
$this->group_user_model->where('user_id', $id)->delete();
|
||||
|
||||
// Elimina todos los grupos de chat actuales
|
||||
$this->chat_department_user_model->where("user_id", $id)->delete();
|
||||
|
||||
$users = auth()->getProvider();
|
||||
@ -433,11 +427,11 @@ class Users extends \App\Controllers\GoBaseController
|
||||
protected function getClienteListItems($selId = null)
|
||||
{
|
||||
$data = ['' => ""];
|
||||
if (!empty($selId)) :
|
||||
if (!empty($selId)):
|
||||
$clienteModel = model('App\Models\Clientes\ClienteModel');
|
||||
|
||||
$selOption = $clienteModel->where('id', $selId)->findColumn('nombre');
|
||||
if (!empty($selOption)) :
|
||||
if (!empty($selOption)):
|
||||
$data[$selId] = $selOption[0];
|
||||
endif;
|
||||
endif;
|
||||
@ -450,7 +444,7 @@ class Users extends \App\Controllers\GoBaseController
|
||||
['title' => lang("App.menu_change_session"), 'route' => route_to('maquinistaUserChangeList'), 'active' => true]
|
||||
];
|
||||
$maquinistas = [];
|
||||
$users = auth()->getProvider()->whereNotIn('id',[auth()->user()->id])->findAll();
|
||||
$users = auth()->getProvider()->whereNotIn('id', [auth()->user()->id])->findAll();
|
||||
foreach ($users as $key => $user) {
|
||||
if ($user->inGroup('maquina') && !$user->inGroup('admin', 'comercial', 'cliente-editor', 'cliente-admin')) {
|
||||
$maquinistas[] = $user;
|
||||
@ -467,4 +461,50 @@ class Users extends \App\Controllers\GoBaseController
|
||||
auth()->login($user);
|
||||
return redirect("home");
|
||||
}
|
||||
|
||||
/**
|
||||
* Asigna grupos a un usuario, asegurando que no se pueda inyectar el grupo 'root',
|
||||
* pero manteniéndolo si ya lo tenía previamente.
|
||||
*
|
||||
* @param int $userId ID del usuario al que se le asignarán los grupos
|
||||
* @param array $requestedGroups Grupos solicitados desde el formulario
|
||||
* @return void
|
||||
*/
|
||||
private function saveUserGroupsSafely(int $userId, array $requestedGroups): void
|
||||
{
|
||||
// Verifica si el usuario ya tenía el grupo 'root'
|
||||
$existingGroups = $this->group_user_model
|
||||
->where('user_id', $userId)
|
||||
->findColumn('group') ?? [];
|
||||
|
||||
$hasRoot = in_array('root', $existingGroups);
|
||||
|
||||
// Elimina todos los grupos actuales
|
||||
$this->group_user_model->where('user_id', $userId)->delete();
|
||||
|
||||
// Inserta solo los grupos válidos (sin 'root')
|
||||
foreach ($requestedGroups as $group) {
|
||||
if (!empty($group) && $group !== 'root') {
|
||||
$this->group_user_model->insert([
|
||||
'user_id' => $userId,
|
||||
'group' => $group,
|
||||
'created_at' => date('Y-m-d H:i:s'),
|
||||
]);
|
||||
} elseif ($group === 'root') {
|
||||
log_message('alert', "Intento de asignar grupo 'root' al usuario ID $userId");
|
||||
}
|
||||
}
|
||||
|
||||
// Reasigna 'root' solo si el usuario ya lo tenía
|
||||
if ($hasRoot) {
|
||||
$this->group_user_model->insert([
|
||||
'user_id' => $userId,
|
||||
'group' => 'root',
|
||||
'created_at' => date('Y-m-d H:i:s'),
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -36,6 +36,8 @@ class Buscador extends \App\Controllers\BaseResourceController
|
||||
|
||||
protected $indexRoute = 'buscadorPresupuestosList';
|
||||
|
||||
protected $deletePermission = 'presupuesto.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
|
||||
@ -25,6 +25,8 @@ class ServiciosAcabado extends BaseResourceController
|
||||
|
||||
protected $indexRoute = 'serviciosAcabadoList';
|
||||
|
||||
protected $deletePermission = 'tarifa-acabado.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
|
||||
@ -28,6 +28,8 @@ class TarifaAcabados extends BaseResourceController
|
||||
|
||||
protected $indexRoute = 'tarifaAcabadoList';
|
||||
|
||||
protected $deletePermission = 'tarifa-acabado.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
|
||||
@ -19,6 +19,8 @@ class Tarifaextra extends \App\Controllers\GoBaseController
|
||||
|
||||
protected $indexRoute = 'tarifaextraList';
|
||||
|
||||
protected $deletePermission = 'tarifa-extra.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
|
||||
@ -19,6 +19,8 @@ class Tarifapreimpresion extends \App\Controllers\GoBaseController
|
||||
|
||||
protected $indexRoute = 'tarifapreimpresionList';
|
||||
|
||||
protected $deletePermission = 'tarifa-preimpresion.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
|
||||
@ -32,6 +32,8 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
|
||||
|
||||
protected $indexRoute = 'tarifaEncuadernacionList';
|
||||
|
||||
protected $deletePermission = 'tarifa-encuadernacion.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
|
||||
@ -28,6 +28,8 @@ class Tarifasmanipulado extends \App\Controllers\BaseResourceController
|
||||
|
||||
protected $indexRoute = 'tarifaManipuladoList';
|
||||
|
||||
protected $deletePermission = 'tarifa-manipulado.delete';
|
||||
|
||||
|
||||
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
|
||||
{
|
||||
|
||||
@ -123,7 +123,7 @@ if (!function_exists('checkPermission')) {
|
||||
$response = \Config\Services::response();
|
||||
|
||||
if (!auth()->user()->can($sectionPermission)) {
|
||||
$session->setFlashdata('errorMessage', "No tiene permisos de acceso");
|
||||
$session->setFlashdata('errorMessage', lang('Basic.global.permissionDenied'));
|
||||
|
||||
$route = $redirectRoute ?? 'home';
|
||||
return $response->redirect(route_to($route));
|
||||
|
||||
@ -90,6 +90,7 @@ return [
|
||||
'wait' => 'Wait',
|
||||
'yes' => 'Yes',
|
||||
'back' => 'Back',
|
||||
'permissionDenied' => 'You do not have permission for this action'
|
||||
],
|
||||
|
||||
|
||||
|
||||
@ -94,6 +94,7 @@ return [
|
||||
'yes' => 'Si',
|
||||
'no' => 'No',
|
||||
'back' => 'Volver',
|
||||
'permissionDenied' => 'No tiene permisos de acceso'
|
||||
|
||||
],
|
||||
|
||||
|
||||
@ -11,7 +11,10 @@ if (
|
||||
auth()->user()->can('maquinas.menu') ||
|
||||
auth()->user()->can('maquinas-defecto.menu') ||
|
||||
auth()->user()->can('usuarios.menu') ||
|
||||
auth()->user()->can('roles-permisos.menu')
|
||||
auth()->user()->can('roles-permisos.menu') ||
|
||||
auth()->user()->can('proveedores.menu') ||
|
||||
auth()->user()->can('ubicaciones.menu') ||
|
||||
auth()->user()->can('series-facturas.menu')
|
||||
) {
|
||||
?>
|
||||
<li class="menu-item">
|
||||
@ -63,14 +66,14 @@ if (
|
||||
</a>
|
||||
</li>
|
||||
<?php } ?>
|
||||
<?php if (auth()->user()->inGroup('admin')) { ?>
|
||||
<?php if (auth()->user()->inGroup('root')) { ?>
|
||||
<li class="menu-item">
|
||||
<a href="<?= route_to("maquinaTareaList") ?>" class="menu-link">
|
||||
<div> <?= lang("App.menu_maquina_tareas") ?></div>
|
||||
</a>
|
||||
</li>
|
||||
<?php } ?>
|
||||
<?php if (auth()->user()->inGroup('admin')) { ?>
|
||||
<?php if (auth()->user()->inGroup('root')) { ?>
|
||||
<li class="menu-item">
|
||||
<a href="<?= route_to("imposicionList") ?>" class="menu-link">
|
||||
<div> <?= lang("App.menu_imposiciones") ?></div>
|
||||
@ -112,29 +115,28 @@ if (
|
||||
</a>
|
||||
</li>
|
||||
<?php } ?>
|
||||
|
||||
<?php if (auth()->user()->inGroup('admin')) { ?>
|
||||
<?php if (auth()->user()->inGroup('root')) { ?>
|
||||
<li class="menu-item">
|
||||
<a href="<?= route_to('erroresPresupuestoIndex') ?>" class="menu-link">
|
||||
<div> <?= lang("App.menu_error_presupuesto") ?></div>
|
||||
</a>
|
||||
</li>
|
||||
<?php } ?>
|
||||
<?php if (auth()->user()->inGroup('admin')) { ?>
|
||||
<?php if (auth()->user()->inGroup('root')) { ?>
|
||||
<li class="menu-item">
|
||||
<a href="<?= route_to('variablesIndex') ?>" class="menu-link">
|
||||
<div> <?= lang("App.menu_variables") ?></div>
|
||||
</a>
|
||||
</li>
|
||||
<?php } ?>
|
||||
<?php if (auth()->user()->inGroup('admin')) { ?>
|
||||
<?php if (auth()->user()->inGroup('root')) { ?>
|
||||
<li class="menu-item">
|
||||
<a href="<?= route_to('configMessagesIndex') ?>" class="menu-link">
|
||||
<div> <?= lang("App.menu_config_messages") ?></div>
|
||||
</a>
|
||||
</li>
|
||||
<?php } ?>
|
||||
<?php if (auth()->user()->inGroup('admin')) { ?>
|
||||
<?php if (auth()->user()->inGroup('root')) { ?>
|
||||
<li class="menu-item">
|
||||
<a href="<?= route_to('festivosList') ?>" class="menu-link">
|
||||
<div> <?= lang("App.menu_config_holidays") ?></div>
|
||||
|
||||
Reference in New Issue
Block a user