Luca/thetool
1
0
Fork 0
Code Issues 5 Pull Requests 5 Actions Packages Projects Releases Wiki Activity
Files
892d1384f88c9d4c385ff815bf57601dd2fdc1b9
thetool/application/Order/OrderController.php
Frank Schubert 892d1384f8 Fixed permission checks in ProductController
2021-08-09 11:46:51 +02:00

415 lines
13 KiB
PHP
Raw Blame History

<?php
class OrderController extends mfBaseController {
protected function init() {
$this->needlogin=true;
$me = new User();
$me->loadMe();
$this->me = $me;
$this->layout()->set("me",$me);
if(!$me->is(["Admin", "salespartner"])) {
$this->redirect("Dashboard");
}
}
protected function indexAction() {
$this->layout()->setTemplate("Order/Index");
//$this->layout()->set("orders", OrderModel::getAll());
if($this->me->is("Admin")) {
$this->layout()->set("orders", OrderModel::getAll());
} else {
$orders = [];
//var_dump($this->me->my_networks);exit;
foreach($this->me->my_networks as $network) {
foreach(OrderModel::byNetwork($network->id) as $order) {
if(!array_key_exists($order->id, $orders)) {
$orders[$order->id] = $order;
}
}
}
foreach(OrderModel::search(['create_by' => $this->me->id]) as $order) {
if(!array_key_exists($order->id, $orders)) {
$order[$order->id] = $order;
}
}
$this->layout()->set("orders", $orders);
}
}
protected function addAction() {
// TODO: filter by network permissions
$this->layout()->setTemplate("Order/Form");
if($this->me->is("Admin")) {
$this->layout()->set("addresses", AddressModel::search(['parents_only' => 1]));
$this->layout()->set("products", ProductModel::getAll());
$this->layout()->set("terminations", TerminationModel::getAll());
} else {
// get all addresses of my networks
$network_ids = [];
$addresses = [];
foreach($this->me->my_networks as $network) {
$network_ids[] = $network->id;
foreach(AddressModel::byNetwork($network->id, "salespartner") as $address) {
if(!array_key_exists($address->id, $addresses)) {
$addresses[] = $address;
}
}
}
$users = [];
$user_ids = [];
foreach($addresses as $address) {
$address_id = $address->id;
if($address->parent_id) {
$address_id = $address->parent_id;
}
foreach(UserModel::search(['address_id' => $address_id]) as $user) {
if(!array_key_exists($user, $users)) {
$users[$user->id] = $user;
$user_ids[] = $user->id;
}
}
}
$addresses = AddressModel::search(['create_by' => $user_ids]);
$this->layout()->set("addresses", $addresses);
// get terminations in my networks
$terms = TerminationModel::search(["network_id" => $network_ids]);
$this->layout()->set("terminations", $nets);
// get products assigned to my networks
$products = [];
foreach(ProductNetworkModel::search(["network_id" => $network_ids]) as $pn) {
if(!array_key_exists($pn->product_id, $products))
$products[$pn->product_id] = $pn->product;
}
$this->layout()->set("products", $products);
}
}
protected function editAction() {
$order_id = $this->request->id;
$order = new Order($order_id);
if(!$order->id) {
$this->layout()->setFlash("Bestellung nicht gefunden.", "error");
$this->redirect("Order");
}
$this->layout()->set("order", $order);
return $this->addAction();
}
protected function saveAction() {
$r = $this->request;
//var_dump($r->products);
//var_dump($r);
//exit;
$id = $r->id;
if(is_numeric($id) && $id > 0) {
$mode = "edit";
$order = new Order($id);
if(!$order->id) {
$this->layout()->setFlash("Bestellung nicht gefunden", "error");
$this->redirect("Order");
}
} else {
$id = false;
$mode = "add";
}
// validate owner
$owner = false;
if(!$r->owner_id) {
$this->layout()->setFlash("Bitte Vertragsinhaber auswählen oder eintragen.", "error");
$this->layout()->set("order", $r);
return $this->add();
}
if(is_numeric($r->owner_id)) {
$owner = new Address($r->owner_id);
if(!$owner->id) {
$this->layout()->setFlash("Ungültiger Vertragsinhaber.", "error");
$this->layout()->set("order", $r);
return $this->add();
}
} elseif($r->owner_id == "new") {
if(!$r->owner_company && !($r->owner_firstname && $r->owner_lastname)) {
$this->layout()->setFlash("Fehler in Vertragsinhaber: Firmenname oder Vor- und Nachname benötigt.");
$this->layout()->set("order", $r);
return $this->add();
}
foreach(["street", "zip", "city", "phone", "email"] as $required) {
if(!$r->{"owner_$required"}) {
$this->layout()->setFlash("Fehler in Vertragsinhaber: Bitte alle benötigten Felder ausfüllen.");
$this->layout()->set("order", $r);
return $this->add();
}
}
} else {
$this->layout()->setFlash("Ungültiger Vertragsinhaber.");
$this->layout()->set("order", $r);
return $this->add();
}
// validate billindaddress
$billingaddress = false;
if($r->billingaddress_id) {
// billingaddress can be empty
if(is_numeric($r->billingaddress_id)) {
$billingaddress = new Address($r->billingaddress_id);
if(!$billingaddress->id) {
$this->layout()->setFlash("Ungültiger Rechnungsempfänger.", "error");
$this->layout()->set("order", $r);
return $this->add();
}
} elseif($r->billingaddress_id == "new") {
if(!$r->billing_company && !($r->billingr_firstname && $r->billing_lastname)) {
$this->layout()->setFlash("Fehler in Rechnungsqmpfänger: Firmenname oder Vor- und Nachname benötigt.");
$this->layout()->set("order", $r);
return $this->add();
}
foreach(["street", "zip", "city", "phone", "email"] as $required) {
if(!$r->{"owner_$required"}) {
$this->layout()->setFlash("Fehler in Rechnungsempfänger: Bitte alle benötigten Felder ausfüllen.");
$this->layout()->set("order", $r);
return $this->add();
}
}
} else {
$this->layout()->setFlash("Ungültiger Rechnungsempfänger.");
$this->layout()->set("order", $r);
return $this->add();
}
}
// validate sepa
if(!$r->billing_type) {
$this->layout()->setFlash("Ungültige Verrechnungsart.");
$this->layout()->set("order", $r);
return $this->add();
}
if($r->billing_type == "sepa") {
foreach(['bank', 'owner', 'iban', 'bic'] as $required) {
if(!$r->{"bank_account_$required"}) {
$this->layout()->setFlash("Bitte Bankdaten für SEPA ausfüllen.");
$this->layout()->set("order", $r);
return $this->add();
}
}
}
// create objects for saving (if new) but don't save yet
$owner_data = [];
$billing_data = [];
$request = $r->get();
foreach($request as $field => $value) {
$m = [];
if(preg_match('/([a-z0-9]+)_(.+)/i', $field, $m)) {
if($m[1] == "owner" && !$owner) {
$owner_data[$m[2]] = $value;
}
if($m[1] == "billing" && !$billingaddress) {
$billing_data[$m[2]] = $value;
}
}
}
if(!$owner) {
$owner = AddressModel::create($owner_data);
}
if(!$billingaddress) {
$billingaddress = AddressModel::create($billing_data);
}
// create or save Order object
$order_data = [];
if(is_numeric($r->owner_id)) {
$order_data['owner_id'] = $r->owner_id;
}
if(is_numeric($r->billingaddress_id)) {
$order_data['billingaddress_id'] = $r->billingaddress_id;
}
$order_data['billing_type'] = $r->billing_type;
$order_data['bank_account_bank'] = $r->bank_account_bank;
$order_data['bank_account_owner'] = $r->bank_account_owner;
$order_data['bank_account_iban'] = $r->bank_account_iban;
$order_data['bank_account_bic'] = $r->bank_account_bic;
$order_data['allow_contact'] = ($r->allow_contact) ? 1 : 0;
$order_data['allow_spin'] = ($r->allow_spin) ? 1 : 0;
$order_data['note'] = $r->note;
$order_data['order_date'] = Layout::dateToInt($r->order_date);
if($r->finish_after) {
$order_data['finish_after'] = Layout::dateToInt($r->finish_after);
if(!$r->finish_after_comment) {
$this->layout()->setFlash("Bitte Verzögerungsgrund angeben.", "warn");
$this->layout()->set("order", $r);
return $this->add();
}
$order_data['finish_after_comment'] = $r->finish_after_comment;
}
$order_data['edit_by'] = $this->me->id;
if($mode == "add") {
$order = OrderModel::create($order_data);
} else {
$order->update($order_data);
}
/*
var_dump($order);
var_dump($owner);
var_dump($billingaddress);
exit;*/
if(!$owner || !$billingaddress) {
$this->layout()->setFlash("Fehler beim Speichern", "error");
$this->layout()->set("order", $order);
return $this->add();
}
$new_id = $order->save();
if(!$new_id) {
$this->layout()->setFlash("Fehler beim Speichern", "error");
$this->layout()->set("order", $order);
return $this->add();
}
// save owner and billingaddress if new
if($r->owner_id == "new") {
$owner_id = $owner->save();
if(!$owner_id) {
$this->layout()->setFlash("Fehler beim Speichern des Inhabers", "error");
$this->redirect("Order", "edit", ['id' => $new_id]);
}
$order->owner_id = $owner_id;
$order->save();
}
if($r->billingaddress_id == "new") {
$billingaddress_id = $billingaddress->save();
if(!$billingaddress_id) {
$this->layout()->setFlash("Fehler beim Speichern des Rechnungsempfängers", "error");
$this->redirect("Order", "edit", ['id' => $new_id]);
}
$owner->billingaddress_id = $billingaddress_id;
$order->save();
}
//var_dump($r->products);exit;
// validate and add products
if(is_array($r->products) && count($r->products)) {
foreach($r->products as $product_id => $p) {
//var_dump($p);
if(!$product_id || !$p["product_id"]) {
continue;
}
$prod = new Product($p['product_id']);
if(!$prod->id) {
$this->log->warn(__CLASS__."::save() Invalid product: ".$p['product_id']);
}
$product_data = [];
$product_data["order_id"] = $new_id;
$product_data["product_id"] = $p["product_id"];
$product_data['amount'] = (!empty($p['amount'])) ? $p['amount'] : 1;
$product_data["pos"] = ($p["pos"]) ? $p['pos'] : $order->getNewPos();
$product_data["description"] = $p["description"];
$product_data["price"] = Layout::commaToDot($p["price"]);
$product_data["price_setup"] = Layout::commaToDot($p["price_setup"]);
$product_data["billing_delay"] = ($p["billing_delay"]) ? $p["billing_delay"] : 0;
$product_data["billing_period"] = $p["billing_period"];
$require_term = false;
if(array_key_exists(TT_ATTRIB_TERMINATION_REQUIRED_NAME, $prod->attributes) && $prod->attributes[TT_ATTRIB_TERMINATION_REQUIRED_NAME] == 1) {
$require_term = true;
if(!$p['termination_id']) {
$this->layout()->setFlash("Ein oder mehrere Produkte erfordern Anschluss.", "warn");
continue;
}
$product_data['termination_id'] = $p['termination_id'];
} else {
$product_data['termination_id'] = null;
}
if($product_id == "new") {
$product = OrderProductModel::create($product_data);
} else {
$product = new OrderProduct($product_id);
$product->update($product_data);
}
if(!$product->save()) {
$this->log->warn("Unable to save OrderProduct:".print_r($product, true));
}
}
}
//var_dump($_FILES['OrderFileUpload']);exit;
// handle file upload
if(array_key_exists("OrderFileUpload", $_FILES) && !$_FILES['OrderFileUpload']['error']) {
//var_dump($_FILES);exit;
$upload = new mfUpload("OrderFileUpload");
$upload->setSavepath(MFUPLOAD_FILE_SAVE_PATH."/documents");
$upload->save();
$file_data = [];
$file_data['name'] = ($r->file_name) ? $r->file_name : $upload->getOriginalFilename();
$file_data['filename'] = ($r->file_filename) ? $r->file_filename : $upload->getOriginalFilename();
$file_data['store_filename'] = $upload->getFilename();
$file_data['orig_filename'] = $upload->getOriginalFilename();
$file = FileModel::create($file_data);
$file_id = $file->save();
if(!$file_id) {
$this->layout()->setFlash("Dateiupload fehlgeschlagen", "warn");
unlink($upload->getSavepath()."/".$upload->getFilename());
} else {
$of = [];
$of['order_id'] = $new_id;
$of['file_id'] = $file_id;
$of['name'] = $file->name;
$of['description'] = $file->description;
$orderfile = OrderFileModel::create($of);
if(!$orderfile->save()) {
$file->delete();
unlink($upload->getSavepath()."/".$upload->getFilename());
$this->layout()->setFlash("Dateiupload fehlgeschlagen", "warn");
}
}
}
$this->layout()->setFlash("Bestellung erfolgreich gespeichert.", "success");
$this->redirect("Order", "edit", ["id" => $new_id]);
}
}
Reference in New Issue View Git Blame Copy Permalink