Luca/thetool
1
0
Fork 0
Code Issues 5 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

Added permissions to Order

Browse Source
This commit is contained in:
Frank Schubert
2021-08-06 16:35:38 +02:00
parent 2a4d5ac7d2
commit 4d51eb23f3
7 changed files with 231 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
application/Order/OrderController.php
View File

@@ -16,18 +16,87 @@ class OrderController extends mfBaseController {
protected function indexAction() {
$this->layout()->setTemplate("Order/Index");
$this->layout()->set("orders", OrderModel::getAll());
//$this->layout()->set("orders", OrderModel::getAll());
if($this->me->is("Admin")) {
$this->layout()->set("orders", OrderModel::getAll());
} else {
$orders = [];
//var_dump($this->me->my_networks);exit;
foreach($this->me->my_networks as $network) {
foreach(OrderModel::byNetwork($network->id) as $order) {
if(!array_key_exists($order->id, $orders)) {
$orders[$order->id] = $order;
}
}
}
foreach(OrderModel::search(['create_by' => $this->me->id]) as $order) {
if(!array_key_exists($order->id, $orders)) {
$order[$order->id] = $order;
}
}
$this->layout()->set("orders", $orders);
}
}
protected function addAction() {
// TODO: filter by network permissions
$this->layout()->setTemplate("Order/Form");
$this->layout()->set("addresses", AddressModel::search(['parents_only' => 1]));
$this->layout()->set("products", ProductModel::getAll());
$this->layout()->set("terminations", TerminationModel::getAll());
if($this->me->is("Admin")) {
$this->layout()->set("addresses", AddressModel::search(['parents_only' => 1]));
$this->layout()->set("products", ProductModel::getAll());
$this->layout()->set("terminations", TerminationModel::getAll());
} else {
// get all addresses of my networks
$network_ids = [];
$addresses = [];
foreach($this->me->my_networks as $network) {
$network_ids[] = $network->id;
foreach(AddressModel::byNetwork($network->id, "salespartner") as $address) {
if(!array_key_exists($address->id, $addresses)) {
$addresses[] = $address;
}
}
}
$users = [];
$user_ids = [];
foreach($addresses as $address) {
$address_id = $address->id;
if($address->parent_id) {
$address_id = $address->parent_id;
}
foreach(UserModel::search(['address_id' => $address_id]) as $user) {
if(!array_key_exists($user, $users)) {
$users[$user->id] = $user;
$user_ids[] = $user->id;
}
}
}
$addresses = AddressModel::search(['create_by' => $user_ids]);
$this->layout()->set("addresses", $addresses);
// get terminations in my networks
$terms = TerminationModel::search(["network_id" => $network_ids]);
$this->layout()->set("terminations", $nets);
// get products assigned to my networks
$products = [];
foreach(ProductNetworkModel::search(["network_id" => $network_ids]) as $pn) {
if(!array_key_exists($pn->product_id, $products))
$products[$pn->product_id] = $pn->product;
}
$this->layout()->set("products", $products);
}
//var_dump(AddressModel::search(['parents_only' => 1]));exit;
}
protected function editAction() {
@@ -343,4 +412,5 @@ class OrderController extends mfBaseController {
}
}

74
application/Order/OrderModel.php
View File

@@ -91,17 +91,61 @@ class OrderModel {
return null;
}
public static function byNetwork($network_id) {
if(!is_numeric($network_id) || !$network_id) {
return false;
}
$db = FronkDB::singleton();
$orders = [];
$sql = "SELECT `Order`.* FROM `Order`
LEFT JOIN OrderProduct ON (OrderProduct.order_id = `Order`.id)
LEFT JOIN Termination ON (Termination.id = OrderProduct.termination_id)
LEFT JOIN Building ON (Building.id = Termination.building_id)
WHERE OrderProduct.termination_id IS NOT NULL
AND Building.network_id = $network_id
";
$res = $db->query($sql);
if($db->num_rows($res)) {
while($data = $db->fetch_object($res)) {
$orders[] = new Order($data);
}
}
return $orders;
}
public static function search($filter) {
$items = [];
$db = FronkDB::singleton();
$where = self::getSqlFilter($filter);
$res = $db->select("Order", "*", "$where ORDER BY id");
$have = [];
$sql = "SELECT `Order`.* FROM `Order`, OrderProduct
WHERE OrderProduct.order_id = `Order`.id
AND $where
GROUP BY OrderProduct.order_id
ORDER BY id
";
$res = $db->query($sql);
if($db->num_rows($res)) {
while($data = $db->fetch_object($res)) {
$items[] = new Order($data);
$have[] = $data->id;
}
}
$res = $db->select("Order", "*", "$where AND id NOT IN (".implode(",", $have).") ORDER BY id");
if($db->num_rows($res)) {
while($data = $db->fetch_object()) {
$items[] = new Order($data);
}
}
return $items;
}
@@ -109,26 +153,28 @@ class OrderModel {
$where = "1=1 ";
//var_dump($filter);exit;
if(array_key_exists("owner_id", $filter)) {
$ownerid= $filter['owner_id'];
if(is_numeric($ownerid)) {
$where .= " AND Order.owner_id=$ownerid";
}
}
if(array_key_exists("create_by", $filter)) {
$create_by = $filter['create_by'];
if(is_numeric($create_by)) {
$where .= " AND Order.create_by=$create_by";
}
}
if(array_key_exists("name", $filter)) {
$name = FronkDB::singleton()->escape($filter['name']);
if($name) {
$where .= " AND name='$name'";
$where .= " AND Order.name='$name'";
}
}
if(array_key_exists("filename", $filter)) {
$filename = FronkDB::singleton()->escape($filter['filename']);
if($filename) {
$where .= " AND filename='$filename'";
}
}
if(array_key_exists("subfolder", $filter)) {
$subfolder = FronkDB::singleton()->escape($filter['subfolder']);
if($subfolder) {
$where .= " AND subfolder='$subfolder'";
}
}
//var_dump($filter, $where);exit;
return $where;