forked from mirrors/easyappointments
Create the Permissions library with the "has_customer_access" method
This commit is contained in:
parent
2e21b05545
commit
df0105c65a
2 changed files with 93 additions and 0 deletions
|
@ -61,6 +61,7 @@
|
||||||
* @property Ics_file $ics_file
|
* @property Ics_file $ics_file
|
||||||
* @property Instance $instance
|
* @property Instance $instance
|
||||||
* @property Notifications $notifications
|
* @property Notifications $notifications
|
||||||
|
* @property Permissions $permissions
|
||||||
* @property Synchronization $synchronization
|
* @property Synchronization $synchronization
|
||||||
* @property Timezones $timezones
|
* @property Timezones $timezones
|
||||||
*/
|
*/
|
||||||
|
|
92
application/libraries/Permissions.php
Normal file
92
application/libraries/Permissions.php
Normal file
|
@ -0,0 +1,92 @@
|
||||||
|
<?php defined('BASEPATH') or exit('No direct script access allowed');
|
||||||
|
|
||||||
|
/* ----------------------------------------------------------------------------
|
||||||
|
* Easy!Appointments - Online Appointment Scheduler
|
||||||
|
*
|
||||||
|
* @package EasyAppointments
|
||||||
|
* @author A.Tselegidis <alextselegidis@gmail.com>
|
||||||
|
* @copyright Copyright (c) Alex Tselegidis
|
||||||
|
* @license https://opensource.org/licenses/GPL-3.0 - GPLv3
|
||||||
|
* @link https://easyappointments.org
|
||||||
|
* @since v1.5.0
|
||||||
|
* ---------------------------------------------------------------------------- */
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Permissions library.
|
||||||
|
*
|
||||||
|
* Handles permission related functionality.
|
||||||
|
*
|
||||||
|
* @package Libraries
|
||||||
|
*/
|
||||||
|
class Permissions {
|
||||||
|
/**
|
||||||
|
* @var EA_Controller
|
||||||
|
*/
|
||||||
|
protected $CI;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Permissions constructor.
|
||||||
|
*/
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
$this->CI =& get_instance();
|
||||||
|
|
||||||
|
$this->CI->load->model('appointments_model');
|
||||||
|
$this->CI->load->model('roles_model');
|
||||||
|
$this->CI->load->model('secretaries_model');
|
||||||
|
$this->CI->load->model('users_model');
|
||||||
|
|
||||||
|
$this->CI->load->library('timezones');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if a user is allowed to manage the provided customer.
|
||||||
|
*
|
||||||
|
* The "limit_customer_access" setting changes the access permissions to customer entries. In order for a provider
|
||||||
|
* or a secretary to be able to make changes to a customer, they will first need to at least have a single
|
||||||
|
* appointment with them.
|
||||||
|
*
|
||||||
|
* @param int $user_id
|
||||||
|
* @param int $customer_id
|
||||||
|
*
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function has_customer_access(int $user_id, int $customer_id): bool
|
||||||
|
{
|
||||||
|
$role_id = $this->CI->users_model->value($user_id, 'id_roles');
|
||||||
|
|
||||||
|
$role_slug = $this->CI->roles_model->value($role_id, 'slug');
|
||||||
|
|
||||||
|
$limit_customer_access = setting('limit_customer_access');
|
||||||
|
|
||||||
|
if ($role_slug === DB_SLUG_ADMIN)
|
||||||
|
{
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($role_slug === DB_SLUG_PROVIDER && $limit_customer_access)
|
||||||
|
{
|
||||||
|
return $this->CI->appointments_model->query()->where(['id_users_provider' => $user_id, 'id_users_customer' => $customer_id])->get()->num_rows() > 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($role_slug === DB_SLUG_SECRETARY && $limit_customer_access)
|
||||||
|
{
|
||||||
|
$secretary = $this->CI->secretaries_model->find($user_id);
|
||||||
|
|
||||||
|
foreach ($secretary['providers'] as $secretary_provider_id)
|
||||||
|
{
|
||||||
|
$has_appointments_with_customer = $this->CI->appointments_model->query()->where(['id_users_provider' => $secretary_provider_id, 'id_users_customer' => $customer_id])->get()->num_rows() > 0;
|
||||||
|
|
||||||
|
if ($has_appointments_with_customer)
|
||||||
|
{
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue