diff --git a/ci4/app/Controllers/BaseResourceController.php b/ci4/app/Controllers/BaseResourceController.php
index 2da29e8b..ada6006f 100755
--- a/ci4/app/Controllers/BaseResourceController.php
+++ b/ci4/app/Controllers/BaseResourceController.php
@@ -77,6 +77,14 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
*/
public $alertStyle = 'alerts';
+ /**
+ * Permiso requerido para borrar. Si es false/null, no se valida.
+ * Si es un string (nombre del permiso), se valida.
+ *
+ * @var string|false|null
+ */
+ protected $deletePermission = false;
+
/**
* An array of helpers to be loaded automatically upon
@@ -222,6 +230,13 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
*/
public function delete($id = null)
{
+
+ // 🔒 Verificar permiso solo si está definido como string
+ if (is_string($this->deletePermission) && !auth()->user()->can($this->deletePermission)) {
+ $message = lang('Basic.global.permissionDenied'); // O el mensaje que uses
+ return $this->failWithNewToken($message, 403); // Estilo coherente con tu clase
+ }
+
if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) {
$objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc) . '.' . static::$singularObjectNameCc));
} else {
@@ -236,8 +251,10 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
} else {
$datetime = (new \CodeIgniter\I18n\Time("now"));
$rawResult = $this->model->where('id', $id)
- ->set(['deleted_at' => $datetime->format('Y-m-d H:i:s'),
- 'is_deleted' => $this->delete_flag])
+ ->set([
+ 'deleted_at' => $datetime->format('Y-m-d H:i:s'),
+ 'is_deleted' => $this->delete_flag
+ ])
->update();
if (!$rawResult) {
return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
@@ -270,7 +287,8 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
}
if ($customValidationMessages == null) {
- $validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;;
+ $validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;
+ ;
} else {
$validationErrorMessages = $customValidationMessages;
}
@@ -366,12 +384,12 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
$queryStr = !is_null($query) ? $query->getQuery() : '';
$dbError = $this->model->db->error();
$userFriendlyErrMsg = lang('Basic.global.persistErr1', [static::$singularObjectNameCc]);
- if (isset($dbError['code']) && $dbError['code'] == 1062) :
+ if (isset($dbError['code']) && $dbError['code'] == 1062):
$userFriendlyErrMsg .= PHP_EOL . lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]);
endif;
// $userFriendlyErrMsg = str_replace("'", "\'", $userFriendlyErrMsg); // Uncomment if experiencing unescaped single quote errors
log_message('error', $userFriendlyErrMsg . PHP_EOL . $e->getMessage() . PHP_EOL . $queryStr);
- if (isset($dbError['message']) && !empty($dbError['message'])) :
+ if (isset($dbError['message']) && !empty($dbError['message'])):
log_message('error', $dbError['code'] . ' : ' . $dbError['message']);
endif;
$this->viewData['errorMessage'] = $userFriendlyErrMsg;
diff --git a/ci4/app/Controllers/Compras/Proveedores.php b/ci4/app/Controllers/Compras/Proveedores.php
index 61161a78..bb1dfbff 100755
--- a/ci4/app/Controllers/Compras/Proveedores.php
+++ b/ci4/app/Controllers/Compras/Proveedores.php
@@ -25,6 +25,7 @@ class Proveedores extends \App\Controllers\BaseResourceController {
protected $indexRoute = 'proveedorList';
+ protected $deletePermission = 'proveedores.delete';
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger) {
diff --git a/ci4/app/Controllers/Configuracion/FormasPago.php b/ci4/app/Controllers/Configuracion/FormasPago.php
index 9186a2af..4eecd298 100755
--- a/ci4/app/Controllers/Configuracion/FormasPago.php
+++ b/ci4/app/Controllers/Configuracion/FormasPago.php
@@ -26,6 +26,8 @@ class FormasPago extends \App\Controllers\BaseResourceController
protected $indexRoute = 'formaDePagoList';
+ protected $deletePermission = 'formas-pago.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
@@ -44,6 +46,7 @@ class FormasPago extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('formas-pago.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -61,6 +64,7 @@ class FormasPago extends \App\Controllers\BaseResourceController
public function add()
{
+ checkPermission('formas-pago.create');
if ($this->request->getPost()) :
@@ -115,6 +119,7 @@ class FormasPago extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('formas-pago.edit');
if ($requestedId == null) :
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Group.php b/ci4/app/Controllers/Configuracion/Group.php
index 68b6d694..84b47b9b 100755
--- a/ci4/app/Controllers/Configuracion/Group.php
+++ b/ci4/app/Controllers/Configuracion/Group.php
@@ -21,6 +21,8 @@ class Group extends \App\Controllers\GoBaseController
protected $indexRoute = 'userGroupList';
+ protected $deletePermission = 'roles-permisos.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
self::$viewPath = getenv('theme.path') . 'form/group/';
@@ -37,6 +39,8 @@ class Group extends \App\Controllers\GoBaseController
public function index()
{
+ checkPermission('roles-permisos.menu');
+
$this->viewData['usingClientSideDataTable'] = true;
$this->viewData['pageSubTitle'] = lang('Basic.global.ManageAllRecords', [lang('Groups.group')]);
// IMN
@@ -48,11 +52,12 @@ class Group extends \App\Controllers\GoBaseController
public function add()
{
+ checkPermission('roles-permisos.create');
+
if ($this->request->getPost()) :
$postData = $this->request->getPost();
- $temp_data['id'] = $groupEntity->id;
$temp_data['title'] = $postData['title'];
$temp_data['description'] = $postData['description'];
@@ -124,6 +129,7 @@ class Group extends \App\Controllers\GoBaseController
public function edit($requestedId = null)
{
+ checkPermission('roles-permisos.edit');
helper('general');
@@ -243,30 +249,4 @@ class Group extends \App\Controllers\GoBaseController
}
}
- public function menuItems()
- {
- if ($this->request->isAJAX()) {
- $searchStr = goSanitize($this->request->getPost('searchTerm'))[0];
- $reqId = goSanitize($this->request->getPost('id'))[0];
- $reqText = goSanitize($this->request->getPost('text'))[0];
- $onlyActiveOnes = false;
- $columns2select = [$reqId ?? 'id', $reqText ?? 'nombre'];
- $onlyActiveOnes = false;
- $menu = $this->model->getSelect2MenuItems($columns2select, $columns2select[1], $onlyActiveOnes, $searchStr);
- $nonItem = new \stdClass;
- $nonItem->id = '';
- $nonItem->text = '- ' . lang('Basic.global.None') . ' -';
- array_unshift($menu, $nonItem);
-
- $newTokenHash = csrf_hash();
- $csrfTokenName = csrf_token();
- $data = [
- 'menu' => $menu,
- $csrfTokenName => $newTokenHash
- ];
- return $this->respond($data);
- } else {
- return $this->failUnauthorized('Invalid request', 403);
- }
- }
}
diff --git a/ci4/app/Controllers/Configuracion/Maquinas.php b/ci4/app/Controllers/Configuracion/Maquinas.php
index 3ee7c046..a5b2cbd0 100755
--- a/ci4/app/Controllers/Configuracion/Maquinas.php
+++ b/ci4/app/Controllers/Configuracion/Maquinas.php
@@ -28,6 +28,7 @@ class Maquinas extends \App\Controllers\BaseResourceController
protected static $viewPath = 'themes/vuexy/form/configuracion/maquinas/';
protected $indexRoute = 'maquinaList';
+
protected MaquinaService $maquinaService;
protected Validation $validation;
@@ -55,6 +56,7 @@ class Maquinas extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('maquinas.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -112,6 +114,8 @@ class Maquinas extends \App\Controllers\BaseResourceController
public function add()
{
+ checkPermission('maquinas.create');
+
if ($this->request->getPost()):
$nullIfEmpty = true; // !(phpversion() >= '8.1');
@@ -176,7 +180,7 @@ class Maquinas extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
-
+ checkPermission('maquinas.edit');
if ($requestedId == null):
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Maquinasdefecto.php b/ci4/app/Controllers/Configuracion/Maquinasdefecto.php
index c4831b5c..edd6ff13 100755
--- a/ci4/app/Controllers/Configuracion/Maquinasdefecto.php
+++ b/ci4/app/Controllers/Configuracion/Maquinasdefecto.php
@@ -28,6 +28,8 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
protected $indexRoute = 'maquinaPorDefectoList';
+ protected $deletePermission = 'maquinas-defecto.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
@@ -45,6 +47,7 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('maquinas-defecto.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -63,7 +66,7 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
public function add()
{
-
+ checkPermission('maquinas-defecto.create');
if ($this->request->getPost()) :
@@ -138,6 +141,7 @@ class Maquinasdefecto extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('maquinas-defecto.edit');
if ($requestedId == null) :
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Paises.php b/ci4/app/Controllers/Configuracion/Paises.php
index 20668475..7444acee 100755
--- a/ci4/app/Controllers/Configuracion/Paises.php
+++ b/ci4/app/Controllers/Configuracion/Paises.php
@@ -29,6 +29,7 @@ class Paises extends \App\Controllers\BaseResourceController
protected $indexRoute = 'paisList';
+ protected $deletePermission = 'paises.delete';
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
@@ -47,6 +48,7 @@ class Paises extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('paises.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -65,6 +67,8 @@ class Paises extends \App\Controllers\BaseResourceController
public function add()
{
+ checkPermission('paises.create');
+
if ($this->request->getPost()):
$postData = $this->request->getPost();
@@ -119,6 +123,7 @@ class Paises extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('paises.edit');
if ($requestedId == null):
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Papelesgenericos.php b/ci4/app/Controllers/Configuracion/Papelesgenericos.php
index e26a9eeb..6f3d0361 100755
--- a/ci4/app/Controllers/Configuracion/Papelesgenericos.php
+++ b/ci4/app/Controllers/Configuracion/Papelesgenericos.php
@@ -28,6 +28,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
protected $indexRoute = 'papelGenericoList';
+ protected $deletePermission = 'papel-generico.delete';
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
@@ -54,6 +55,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('papel-generico.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -71,6 +73,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
public function add()
{
+ checkPermission('papel-generico.create');
if ($this->request->getPost()):
@@ -132,6 +135,7 @@ class Papelesgenericos extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('papel-generico.edit');
if ($requestedId == null):
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Papelesimpresion.php b/ci4/app/Controllers/Configuracion/Papelesimpresion.php
index c18c1e05..10522f37 100755
--- a/ci4/app/Controllers/Configuracion/Papelesimpresion.php
+++ b/ci4/app/Controllers/Configuracion/Papelesimpresion.php
@@ -52,6 +52,9 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
protected static $viewPath = 'themes/vuexy/form/configuracion/papel/';
protected $indexRoute = 'papelImpresionList';
+
+ protected $deletePermission = 'papel-impresion.delete';
+
protected Validation $validation;
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
@@ -81,6 +84,7 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
public function index()
{
+ checkPermission('papel-impresion.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -98,7 +102,7 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
public function add()
{
-
+ checkPermission('papel-impresion.create');
if ($this->request->getPost()) :
@@ -161,6 +165,7 @@ class Papelesimpresion extends \App\Controllers\BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('papel-impresion.edit');
if ($requestedId == null) :
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/SeriesFacturas.php b/ci4/app/Controllers/Configuracion/SeriesFacturas.php
index f7618629..9155c1f7 100755
--- a/ci4/app/Controllers/Configuracion/SeriesFacturas.php
+++ b/ci4/app/Controllers/Configuracion/SeriesFacturas.php
@@ -22,6 +22,8 @@ class SeriesFacturas extends BaseResourceController
protected $indexRoute = 'seriesFacturasList';
+ protected $deletePermission = 'series-facturas.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
@@ -40,6 +42,7 @@ class SeriesFacturas extends BaseResourceController
public function index()
{
+ checkPermission('series-facturas.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -57,6 +60,8 @@ class SeriesFacturas extends BaseResourceController
public function add()
{
+ checkPermission('series-facturas.create');
+
if ($this->request->getPost()) :
$postData = $this->request->getPost();
@@ -110,6 +115,8 @@ class SeriesFacturas extends BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('series-facturas.edit');
+
if ($requestedId == null) :
return $this->redirect2listView();
endif;
diff --git a/ci4/app/Controllers/Configuracion/Ubicaciones.php b/ci4/app/Controllers/Configuracion/Ubicaciones.php
index 1e22b95a..1ea8575f 100755
--- a/ci4/app/Controllers/Configuracion/Ubicaciones.php
+++ b/ci4/app/Controllers/Configuracion/Ubicaciones.php
@@ -22,6 +22,8 @@ class Ubicaciones extends BaseResourceController
protected $indexRoute = 'ubicacionesList';
+ protected $deletePermission = 'ubicaciones.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
@@ -40,6 +42,7 @@ class Ubicaciones extends BaseResourceController
public function index()
{
+ checkPermission('ubicaciones.menu');
$viewData = [
'currentModule' => static::$controllerSlug,
@@ -57,6 +60,8 @@ class Ubicaciones extends BaseResourceController
public function add()
{
+ checkPermission('ubicaciones.create');
+
if ($this->request->getPost()) :
$postData = $this->request->getPost();
@@ -111,6 +116,7 @@ class Ubicaciones extends BaseResourceController
public function edit($requestedId = null)
{
+ checkPermission('ubicaciones.edit');
if ($requestedId == null) :
return $this->redirect2listView();
diff --git a/ci4/app/Controllers/Configuracion/Users.php b/ci4/app/Controllers/Configuracion/Users.php
index 923f0007..9cd72311 100755
--- a/ci4/app/Controllers/Configuracion/Users.php
+++ b/ci4/app/Controllers/Configuracion/Users.php
@@ -69,7 +69,7 @@ class Users extends \App\Controllers\GoBaseController
public function add()
{
- if ($this->request->getPost()) :
+ if ($this->request->getPost()):
$postData = $this->request->getPost();
@@ -94,8 +94,8 @@ class Users extends \App\Controllers\GoBaseController
// Obtener proveedor de usuarios
$users = auth()->getProvider();
- if ($successfulResult = $this->canValidate()) :
- if ($this->canValidate()) :
+ if ($successfulResult = $this->canValidate()):
+ if ($this->canValidate()):
try {
// The Email is unique
@@ -134,17 +134,12 @@ class Users extends \App\Controllers\GoBaseController
$thenRedirect = true; // Change this to false if you want your user to stay on the form after submission
endif;
- if ($noException && $successfulResult) :
+ if ($noException && $successfulResult):
$id = $users->getInsertID();
- $this->group_user_model->where('user_id', $id)->delete();
- foreach ($currentGroups as $group) {
- $group_user_data = [
- 'user_id' => $id,
- 'group' => $group
- ];
- $this->group_user_model->insert($group_user_data);
- }
+ // Asignar los grupos de usuarios a los que pertenece el usuario editado
+ $this->saveUserGroupsSafely($id, $currentGroups);
+
$this->chat_department_user_model->where("user_id", $id)->delete();
foreach ($chatDepartments as $chatDepartment) {
$this->chat_department_user_model->insert([
@@ -156,8 +151,8 @@ class Users extends \App\Controllers\GoBaseController
$message = lang('Basic.global.saveSuccess', [mb_strtolower(lang('Users.user'))]) . '.';
$message = ucfirst(str_replace("'", "\'", $message));
- if ($thenRedirect) :
- if (!empty($this->indexRoute)) :
+ if ($thenRedirect):
+ if (!empty($this->indexRoute)):
return redirect()->to(route_to($this->indexRoute))->with('successMessage', $message);
else:
return $this->redirect2listView('successMessage', $message);
@@ -173,7 +168,7 @@ class Users extends \App\Controllers\GoBaseController
$this->viewData['user'] = isset($sanitizedData) ? new UserEntity($sanitizedData) : new UserEntity();
$this->viewData['clienteList'] = $this->getClienteListItems();
$this->viewData['formAction'] = route_to('createUser');
- $this->viewData['groups'] = $this->group_model->select('keyword, title')->findAll();
+ $this->viewData['groups'] = $this->group_model->select('keyword, title')->where('id >', 0)->findAll();
$this->viewData['chatDepartments'] = $this->chat_department_model->findAll();
$this->viewData['boxTitle'] = lang('Basic.global.addNew') . ' ' . lang('Users.user') . ' ' . lang('Basic.global.addNewSuffix');
@@ -191,12 +186,12 @@ class Users extends \App\Controllers\GoBaseController
$users = auth()->getProvider();
$user = $users->findById($id);
- if ($user == false) :
+ if ($user == false):
$message = lang('Basic.global.notFoundWithIdErr', [mb_strtolower(lang('Users.user')), $id]);
return $this->redirect2listView('errorMessage', $message);
endif;
- if ($this->request->getPost()) :
+ if ($this->request->getPost()):
$postData = $this->request->getPost();
@@ -218,9 +213,9 @@ class Users extends \App\Controllers\GoBaseController
}
$noException = true;
- if ($successfulResult = $this->canValidate()) :
+ if ($successfulResult = $this->canValidate()):
- if ($this->canValidate()) :
+ if ($this->canValidate()):
try {
if (in_array('cliente-editor', $currentGroups) || in_array('cliente-administrador', $currentGroups)) {
@@ -249,16 +244,11 @@ class Users extends \App\Controllers\GoBaseController
$thenRedirect = false;
endif;
- if ($noException && $successfulResult) :
+ if ($noException && $successfulResult):
+
+ // Asignar los grupos de usuarios a los que pertenece el usuario editado
+ $this->saveUserGroupsSafely($user->id, $currentGroups);
- $this->group_user_model->where('user_id', $user->id)->delete();
- foreach ($currentGroups as $group) {
- $group_user_data = [
- 'user_id' => $user->id,
- 'group' => $group
- ];
- $this->group_user_model->insert($group_user_data);
- }
$this->chat_department_user_model->where("user_id", $id)->delete();
foreach ($chatDepartments as $chatDepartment) {
$this->chat_department_user_model->insert([
@@ -270,8 +260,8 @@ class Users extends \App\Controllers\GoBaseController
$message = lang('Basic.global.updateSuccess', [mb_strtolower(lang('Users.user'))]) . '.';
$message = ucfirst(str_replace("'", "\'", $message));
- if ($thenRedirect) :
- if (!empty($this->indexRoute)) :
+ if ($thenRedirect):
+ if (!empty($this->indexRoute)):
return redirect()->to(route_to($this->indexRoute))->with('successMessage', $message);
else:
return $this->redirect2listView('successMessage', $message);
@@ -287,7 +277,7 @@ class Users extends \App\Controllers\GoBaseController
$this->viewData['clienteList'] = $this->getClienteListItems($user->cliente_id);
$this->viewData['formAction'] = route_to('updateUser', $id);
$this->viewData['selectedGroups'] = $this->group_model->getUsersRoles($requestedId);
- $this->viewData['groups'] = $this->group_model->select('keyword, title')->findAll();
+ $this->viewData['groups'] = $this->group_model->select('keyword, title')->where('id >', 0)->findAll();
$this->viewData['chatDepartments'] = $this->chat_department_model->select(["display", "name", "id as chatDepartmentId"])->findAll();
$this->viewData['chatDepartmentUser'] = $this->chat_department_user_model->getChatDepartmentUser($user->id);
$this->viewData['boxTitle'] = lang('Basic.global.edit2') . ' ' . lang('Users.user') . ' ' . lang('Basic.global.edit3');
@@ -299,18 +289,22 @@ class Users extends \App\Controllers\GoBaseController
public function delete($requestedId = null, bool $deletePermanently = true)
{
- if ($requestedId == null) :
+ if ($requestedId == null):
return $this->redirect2listView();
endif;
$id = filter_var($requestedId, FILTER_SANITIZE_URL);
$user = $this->model->find($id);
- if ($user == false) :
+ if ($user == false):
$message = lang('Basic.global.notFoundWithIdErr', [mb_strtolower(lang('Users.user')), $id]);
return $this->redirect2listView('errorMessage', $message);
endif;
+ // Elimina todos los grupos actuales
+ $this->group_user_model->where('user_id', $id)->delete();
+
+ // Elimina todos los grupos de chat actuales
$this->chat_department_user_model->where("user_id", $id)->delete();
$users = auth()->getProvider();
@@ -433,11 +427,11 @@ class Users extends \App\Controllers\GoBaseController
protected function getClienteListItems($selId = null)
{
$data = ['' => ""];
- if (!empty($selId)) :
+ if (!empty($selId)):
$clienteModel = model('App\Models\Clientes\ClienteModel');
$selOption = $clienteModel->where('id', $selId)->findColumn('nombre');
- if (!empty($selOption)) :
+ if (!empty($selOption)):
$data[$selId] = $selOption[0];
endif;
endif;
@@ -450,7 +444,7 @@ class Users extends \App\Controllers\GoBaseController
['title' => lang("App.menu_change_session"), 'route' => route_to('maquinistaUserChangeList'), 'active' => true]
];
$maquinistas = [];
- $users = auth()->getProvider()->whereNotIn('id',[auth()->user()->id])->findAll();
+ $users = auth()->getProvider()->whereNotIn('id', [auth()->user()->id])->findAll();
foreach ($users as $key => $user) {
if ($user->inGroup('maquina') && !$user->inGroup('admin', 'comercial', 'cliente-editor', 'cliente-admin')) {
$maquinistas[] = $user;
@@ -467,4 +461,50 @@ class Users extends \App\Controllers\GoBaseController
auth()->login($user);
return redirect("home");
}
+
+ /**
+ * Asigna grupos a un usuario, asegurando que no se pueda inyectar el grupo 'root',
+ * pero manteniéndolo si ya lo tenÃa previamente.
+ *
+ * @param int $userId ID del usuario al que se le asignarán los grupos
+ * @param array $requestedGroups Grupos solicitados desde el formulario
+ * @return void
+ */
+ private function saveUserGroupsSafely(int $userId, array $requestedGroups): void
+ {
+ // Verifica si el usuario ya tenÃa el grupo 'root'
+ $existingGroups = $this->group_user_model
+ ->where('user_id', $userId)
+ ->findColumn('group') ?? [];
+
+ $hasRoot = in_array('root', $existingGroups);
+
+ // Elimina todos los grupos actuales
+ $this->group_user_model->where('user_id', $userId)->delete();
+
+ // Inserta solo los grupos válidos (sin 'root')
+ foreach ($requestedGroups as $group) {
+ if (!empty($group) && $group !== 'root') {
+ $this->group_user_model->insert([
+ 'user_id' => $userId,
+ 'group' => $group,
+ 'created_at' => date('Y-m-d H:i:s'),
+ ]);
+ } elseif ($group === 'root') {
+ log_message('alert', "Intento de asignar grupo 'root' al usuario ID $userId");
+ }
+ }
+
+ // Reasigna 'root' solo si el usuario ya lo tenÃa
+ if ($hasRoot) {
+ $this->group_user_model->insert([
+ 'user_id' => $userId,
+ 'group' => 'root',
+ 'created_at' => date('Y-m-d H:i:s'),
+ ]);
+ }
+ }
+
+
+
}
diff --git a/ci4/app/Controllers/Presupuestos/Buscador.php b/ci4/app/Controllers/Presupuestos/Buscador.php
index 8fbf545b..6cfe1a13 100755
--- a/ci4/app/Controllers/Presupuestos/Buscador.php
+++ b/ci4/app/Controllers/Presupuestos/Buscador.php
@@ -36,6 +36,8 @@ class Buscador extends \App\Controllers\BaseResourceController
protected $indexRoute = 'buscadorPresupuestosList';
+ protected $deletePermission = 'presupuesto.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
diff --git a/ci4/app/Controllers/Tarifas/Acabados/ServiciosAcabado.php b/ci4/app/Controllers/Tarifas/Acabados/ServiciosAcabado.php
index 340d9793..68fe53d0 100755
--- a/ci4/app/Controllers/Tarifas/Acabados/ServiciosAcabado.php
+++ b/ci4/app/Controllers/Tarifas/Acabados/ServiciosAcabado.php
@@ -25,6 +25,8 @@ class ServiciosAcabado extends BaseResourceController
protected $indexRoute = 'serviciosAcabadoList';
+ protected $deletePermission = 'tarifa-acabado.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
diff --git a/ci4/app/Controllers/Tarifas/Acabados/TarifaAcabados.php b/ci4/app/Controllers/Tarifas/Acabados/TarifaAcabados.php
index a6e66616..5a90f6d7 100755
--- a/ci4/app/Controllers/Tarifas/Acabados/TarifaAcabados.php
+++ b/ci4/app/Controllers/Tarifas/Acabados/TarifaAcabados.php
@@ -28,6 +28,8 @@ class TarifaAcabados extends BaseResourceController
protected $indexRoute = 'tarifaAcabadoList';
+ protected $deletePermission = 'tarifa-acabado.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
diff --git a/ci4/app/Controllers/Tarifas/Tarifaextra.php b/ci4/app/Controllers/Tarifas/Tarifaextra.php
index 049c07d6..317512c2 100755
--- a/ci4/app/Controllers/Tarifas/Tarifaextra.php
+++ b/ci4/app/Controllers/Tarifas/Tarifaextra.php
@@ -19,6 +19,8 @@ class Tarifaextra extends \App\Controllers\GoBaseController
protected $indexRoute = 'tarifaextraList';
+ protected $deletePermission = 'tarifa-extra.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
diff --git a/ci4/app/Controllers/Tarifas/Tarifapreimpresion.php b/ci4/app/Controllers/Tarifas/Tarifapreimpresion.php
index 474d60f1..0d9a329d 100755
--- a/ci4/app/Controllers/Tarifas/Tarifapreimpresion.php
+++ b/ci4/app/Controllers/Tarifas/Tarifapreimpresion.php
@@ -19,6 +19,8 @@ class Tarifapreimpresion extends \App\Controllers\GoBaseController
protected $indexRoute = 'tarifapreimpresionList';
+ protected $deletePermission = 'tarifa-preimpresion.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
diff --git a/ci4/app/Controllers/Tarifas/Tarifasencuadernacion.php b/ci4/app/Controllers/Tarifas/Tarifasencuadernacion.php
index 11d8b273..adf67cd7 100755
--- a/ci4/app/Controllers/Tarifas/Tarifasencuadernacion.php
+++ b/ci4/app/Controllers/Tarifas/Tarifasencuadernacion.php
@@ -32,6 +32,8 @@ class Tarifasencuadernacion extends \App\Controllers\BaseResourceController
protected $indexRoute = 'tarifaEncuadernacionList';
+ protected $deletePermission = 'tarifa-encuadernacion.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
diff --git a/ci4/app/Controllers/Tarifas/Tarifasmanipulado.php b/ci4/app/Controllers/Tarifas/Tarifasmanipulado.php
index a55c900b..706ee32a 100755
--- a/ci4/app/Controllers/Tarifas/Tarifasmanipulado.php
+++ b/ci4/app/Controllers/Tarifas/Tarifasmanipulado.php
@@ -28,6 +28,8 @@ class Tarifasmanipulado extends \App\Controllers\BaseResourceController
protected $indexRoute = 'tarifaManipuladoList';
+ protected $deletePermission = 'tarifa-manipulado.delete';
+
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{
diff --git a/ci4/app/Helpers/rbac_helper.php b/ci4/app/Helpers/rbac_helper.php
index 5ab2808b..b14a32d0 100755
--- a/ci4/app/Helpers/rbac_helper.php
+++ b/ci4/app/Helpers/rbac_helper.php
@@ -123,7 +123,7 @@ if (!function_exists('checkPermission')) {
$response = \Config\Services::response();
if (!auth()->user()->can($sectionPermission)) {
- $session->setFlashdata('errorMessage', "No tiene permisos de acceso");
+ $session->setFlashdata('errorMessage', lang('Basic.global.permissionDenied'));
$route = $redirectRoute ?? 'home';
return $response->redirect(route_to($route));
diff --git a/ci4/app/Language/en/Basic.php b/ci4/app/Language/en/Basic.php
index 4863c32d..c86c256a 100755
--- a/ci4/app/Language/en/Basic.php
+++ b/ci4/app/Language/en/Basic.php
@@ -90,6 +90,7 @@ return [
'wait' => 'Wait',
'yes' => 'Yes',
'back' => 'Back',
+ 'permissionDenied' => 'You do not have permission for this action'
],
diff --git a/ci4/app/Language/es/Basic.php b/ci4/app/Language/es/Basic.php
index 3f1c5bf5..b32ec3fd 100755
--- a/ci4/app/Language/es/Basic.php
+++ b/ci4/app/Language/es/Basic.php
@@ -94,6 +94,7 @@ return [
'yes' => 'Si',
'no' => 'No',
'back' => 'Volver',
+ 'permissionDenied' => 'No tiene permisos de acceso'
],
diff --git a/ci4/app/Views/themes/vuexy/main/menus/configuracion_menu.php b/ci4/app/Views/themes/vuexy/main/menus/configuracion_menu.php
index fbb9a7b6..c6dfd9a0 100755
--- a/ci4/app/Views/themes/vuexy/main/menus/configuracion_menu.php
+++ b/ci4/app/Views/themes/vuexy/main/menus/configuracion_menu.php
@@ -11,7 +11,10 @@ if (
auth()->user()->can('maquinas.menu') ||
auth()->user()->can('maquinas-defecto.menu') ||
auth()->user()->can('usuarios.menu') ||
- auth()->user()->can('roles-permisos.menu')
+ auth()->user()->can('roles-permisos.menu') ||
+ auth()->user()->can('proveedores.menu') ||
+ auth()->user()->can('ubicaciones.menu') ||
+ auth()->user()->can('series-facturas.menu')
) {
?>
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>
-
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>
- user()->inGroup('admin')) { ?>
+ user()->inGroup('root')) { ?>