* The user can now see the reason when a validation fails (during an add() procedure).
* Fixed service - provider connection in backend/calendar appointment modal. * Backend notification messages on top are now disappearing after a few seconds (excluding cases where there are action items - the user must close the notification) * The user will be able to select an existing customer from the backend/calendar appointment modal when creating a new appointment record. * Started work on user privileges and on how the system performs according to that.
This commit is contained in:
parent
148258385c
commit
a9f3a5cbdb
27 changed files with 827 additions and 321 deletions
|
@ -64,12 +64,12 @@ define('PRIV_ADD', 2);
|
|||
define('PRIV_EDIT', 4);
|
||||
define('PRIV_DELETE', 8);
|
||||
|
||||
define('PAGE_APPOINTMENTS', 'appointments');
|
||||
define('PAGE_CUSTOMERS', 'customers');
|
||||
define('PAGE_SERVICES', 'services');
|
||||
define('PAGE_USERS', 'users');
|
||||
define('PAGE_SYSTEM_SETTINGS', 'system_settings');
|
||||
define('PAGE_USER_SETTINGS', 'user_settings');
|
||||
define('PRIV_APPOINTMENTS', 'appointments');
|
||||
define('PRIV_CUSTOMERS', 'customers');
|
||||
define('PRIV_SERVICES', 'services');
|
||||
define('PRIV_USERS', 'users');
|
||||
define('PRIV_SYSTEM_SETTINGS', 'system_settings');
|
||||
define('PRIV_USER_SETTINGS', 'user_settings');
|
||||
|
||||
define('MIN_PASSWORD_LENGTH', 7);
|
||||
/* End of file constants.php */
|
||||
|
|
|
@ -19,19 +19,22 @@ class Backend extends CI_Controller {
|
|||
*/
|
||||
public function index($appointment_hash = '') {
|
||||
$this->session->set_userdata('dest_url', $this->config->item('base_url') . 'backend');
|
||||
if (!$this->hasPrivileges(PAGE_APPOINTMENTS)) return;
|
||||
if (!$this->hasPrivileges(PRIV_APPOINTMENTS)) return;
|
||||
|
||||
$this->load->model('appointments_model');
|
||||
$this->load->model('providers_model');
|
||||
$this->load->model('services_model');
|
||||
$this->load->model('customers_model');
|
||||
$this->load->model('settings_model');
|
||||
$this->load->model('roles_model');
|
||||
|
||||
$view['base_url'] = $this->config->item('base_url');
|
||||
$view['book_advance_timeout'] = $this->settings_model->get_setting('book_advance_timeout');
|
||||
$view['company_name'] = $this->settings_model->get_setting('company_name');
|
||||
$view['available_providers'] = $this->providers_model->get_available_providers();
|
||||
$view['available_services'] = $this->services_model->get_available_services();
|
||||
$view['customers'] = $this->customers_model->get_batch();
|
||||
$this->setUserData($view);
|
||||
|
||||
if ($appointment_hash != '') {
|
||||
$results = $this->appointments_model->get_batch(array('hash' => $appointment_hash));
|
||||
|
@ -54,7 +57,7 @@ class Backend extends CI_Controller {
|
|||
*/
|
||||
public function customers() {
|
||||
$this->session->set_userdata('dest_url', $this->config->item('base_url') . 'backend/customers');
|
||||
if (!$this->hasPrivileges(PAGE_CUSTOMERS)) return;
|
||||
if (!$this->hasPrivileges(PRIV_CUSTOMERS)) return;
|
||||
|
||||
$this->load->model('providers_model');
|
||||
$this->load->model('customers_model');
|
||||
|
@ -66,6 +69,7 @@ class Backend extends CI_Controller {
|
|||
$view['customers'] = $this->customers_model->get_batch();
|
||||
$view['available_providers'] = $this->providers_model->get_available_providers();
|
||||
$view['available_services'] = $this->services_model->get_available_services();
|
||||
$this->setUserData($view);
|
||||
|
||||
$this->load->view('backend/header', $view);
|
||||
$this->load->view('backend/customers', $view);
|
||||
|
@ -83,7 +87,7 @@ class Backend extends CI_Controller {
|
|||
*/
|
||||
public function services() {
|
||||
$this->session->set_userdata('dest_url', $this->config->item('base_url') . 'backend/services');
|
||||
if (!$this->hasPrivileges(PAGE_SERVICES)) return;
|
||||
if (!$this->hasPrivileges(PRIV_SERVICES)) return;
|
||||
|
||||
$this->load->model('customers_model');
|
||||
$this->load->model('services_model');
|
||||
|
@ -93,6 +97,7 @@ class Backend extends CI_Controller {
|
|||
$view['company_name'] = $this->settings_model->get_setting('company_name');
|
||||
$view['services'] = $this->services_model->get_batch();
|
||||
$view['categories'] = $this->services_model->get_all_categories();
|
||||
$this->setUserData($view);
|
||||
|
||||
$this->load->view('backend/header', $view);
|
||||
$this->load->view('backend/services', $view);
|
||||
|
@ -108,7 +113,7 @@ class Backend extends CI_Controller {
|
|||
*/
|
||||
public function users() {
|
||||
$this->session->set_userdata('dest_url', $this->config->item('base_url') . 'backend/users');
|
||||
if (!$this->hasPrivileges(PAGE_USERS)) return;
|
||||
if (!$this->hasPrivileges(PRIV_USERS)) return;
|
||||
|
||||
$this->load->model('providers_model');
|
||||
$this->load->model('secretaries_model');
|
||||
|
@ -123,6 +128,7 @@ class Backend extends CI_Controller {
|
|||
$view['secretaries'] = $this->secretaries_model->get_batch();
|
||||
$view['services'] = $this->services_model->get_batch();
|
||||
$view['working_plan'] = $this->settings_model->get_setting('company_working_plan');
|
||||
$this->setUserData($view);
|
||||
|
||||
$this->load->view('backend/header', $view);
|
||||
$this->load->view('backend/users', $view);
|
||||
|
@ -138,8 +144,8 @@ class Backend extends CI_Controller {
|
|||
*/
|
||||
public function settings() {
|
||||
$this->session->set_userdata('dest_url', $this->config->item('base_url') . 'backend/settings');
|
||||
if (!$this->hasPrivileges(PAGE_SYSTEM_SETTINGS)
|
||||
&& !$this->hasPrivileges(PAGE_USER_SETTINGS)) return;
|
||||
if (!$this->hasPrivileges(PRIV_SYSTEM_SETTINGS, FALSE)
|
||||
&& !$this->hasPrivileges(PRIV_USER_SETTINGS)) return;
|
||||
|
||||
$this->load->model('settings_model');
|
||||
$this->load->model('user_model');
|
||||
|
@ -152,6 +158,7 @@ class Backend extends CI_Controller {
|
|||
$view['role_slug'] = $this->session->userdata('role_slug');
|
||||
$view['system_settings'] = $this->settings_model->get_settings();
|
||||
$view['user_settings'] = $this->user_model->get_settings($user_id);
|
||||
$this->setUserData($view);
|
||||
|
||||
$this->load->view('backend/header', $view);
|
||||
$this->load->view('backend/settings', $view);
|
||||
|
@ -199,6 +206,21 @@ class Backend extends CI_Controller {
|
|||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the user data in order to be available at the view and js code.
|
||||
*
|
||||
* @param array $view Contains the view data.
|
||||
*/
|
||||
public function setUserData(&$view) {
|
||||
$this->load->model('roles_model');
|
||||
|
||||
// Get privileges
|
||||
$view['user_id'] = $this->session->userdata('user_id');
|
||||
$view['user_email'] = $this->session->userdata('user_email');
|
||||
$view['role_slug'] = $this->session->userdata('role_slug');
|
||||
$view['privileges'] = $this->roles_model->get_privileges($this->session->userdata('role_slug'));
|
||||
}
|
||||
}
|
||||
|
||||
/* End of file backend.php */
|
||||
|
|
|
@ -4,6 +4,17 @@
|
|||
* Contains all the backend ajax calls.
|
||||
*/
|
||||
class Backend_api extends CI_Controller {
|
||||
private $privileges;
|
||||
|
||||
public function __construct() {
|
||||
parent::__construct();
|
||||
|
||||
$this->load->library('session');
|
||||
$this->load->model('roles_model');
|
||||
$this->privileges = $this->roles_model->get_privileges($this->session->userdata('role_slug'));
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* [AJAX] Get the registered appointments for the given date period and record.
|
||||
*
|
||||
|
@ -16,12 +27,16 @@ class Backend_api extends CI_Controller {
|
|||
* @param {string} $_POST['end_date'] The user selected end date.
|
||||
*/
|
||||
public function ajax_get_calendar_appointments() {
|
||||
$this->load->model('appointments_model');
|
||||
$this->load->model('providers_model');
|
||||
$this->load->model('services_model');
|
||||
$this->load->model('customers_model');
|
||||
|
||||
try {
|
||||
if ($this->privileges[PRIV_APPOINTMENTS]['view'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('appointments_model');
|
||||
$this->load->model('providers_model');
|
||||
$this->load->model('services_model');
|
||||
$this->load->model('customers_model');
|
||||
|
||||
if ($_POST['filter_type'] == FILTER_TYPE_PROVIDER) {
|
||||
$where_id = 'id_users_provider';
|
||||
} else {
|
||||
|
@ -85,12 +100,28 @@ class Backend_api extends CI_Controller {
|
|||
// :: SAVE CUSTOMER CHANGES TO DATABASE
|
||||
if (isset($_POST['customer_data'])) {
|
||||
$customer = json_decode(stripcslashes($_POST['customer_data']), true);
|
||||
|
||||
$REQUIRED_PRIV = (!isset($customer['id']))
|
||||
? $this->privileges[PRIV_CUSTOMERS]['add']
|
||||
: $this->privileges[PRIV_CUSTOMERS]['edit'];
|
||||
if ($REQUIRED_PRIV == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$customer['id'] = $this->customers_model->add($customer);
|
||||
}
|
||||
|
||||
// :: SAVE APPOINTMENT CHANGES TO DATABASE
|
||||
if (isset($_POST['appointment_data'])) {
|
||||
$appointment = json_decode(stripcslashes($_POST['appointment_data']), true);
|
||||
|
||||
$REQUIRED_PRIV = (!isset($appointment['id']))
|
||||
? $this->privileges[PRIV_APPOINTMENTS]['add']
|
||||
: $this->privileges[PRIV_APPOINTMENTS]['edit'];
|
||||
if ($REQUIRED_PRIV == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$manage_mode = isset($appointment['id']);
|
||||
// If the appointment does not contain the customer record id, then it
|
||||
// means that is is going to be inserted. Get the customer's record id.
|
||||
|
@ -210,6 +241,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_delete_appointment() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_APPOINTMENTS]['delete'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
if (!isset($_POST['appointment_id'])) {
|
||||
throw new Exception('No appointment id provided.');
|
||||
}
|
||||
|
@ -298,6 +333,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_disable_provider_sync() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_USERS]['edit'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
if (!isset($_POST['provider_id'])) {
|
||||
throw new Exception('Provider id not specified.');
|
||||
}
|
||||
|
@ -323,6 +362,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_filter_customers() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_CUSTOMERS]['view'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('appointments_model');
|
||||
$this->load->model('services_model');
|
||||
$this->load->model('providers_model');
|
||||
|
@ -355,8 +398,6 @@ class Backend_api extends CI_Controller {
|
|||
$customer['appointments'] = $appointments;
|
||||
}
|
||||
|
||||
|
||||
|
||||
echo json_encode($customers);
|
||||
|
||||
} catch(Exception $exc) {
|
||||
|
@ -374,13 +415,22 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_save_unavailable() {
|
||||
try {
|
||||
// Check privileges
|
||||
$unavailable = json_decode($_POST['unavailable'], true);
|
||||
|
||||
$REQUIRED_PRIV = (!isset($unavailable['id']))
|
||||
? $this->privileges[PRIV_APPOINTMENTS]['add']
|
||||
: $this->privileges[PRIV_APPOINTMENTS]['edit'];
|
||||
if ($REQUIRED_PRIV == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('appointments_model');
|
||||
$this->load->model('providers_model');
|
||||
|
||||
// Add appointment
|
||||
$unavailable = json_decode($_POST['unavailable'], true);
|
||||
$unavailable['id'] = $this->appointments_model->add_unavailable($unavailable);
|
||||
$unavailable = $this->appointments_model->get_row($unavailable['id']);
|
||||
$unavailable = $this->appointments_model->get_row($unavailable['id']); // fetch all inserted data
|
||||
|
||||
// Google Sync
|
||||
try {
|
||||
|
@ -428,6 +478,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_delete_unavailable() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_APPOINTMENTS]['delete'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('appointments_model');
|
||||
$this->load->model('providers_model');
|
||||
|
||||
|
@ -474,6 +528,14 @@ class Backend_api extends CI_Controller {
|
|||
try {
|
||||
$this->load->model('customers_model');
|
||||
$customer = json_decode($_POST['customer'], true);
|
||||
|
||||
$REQUIRED_PRIV = (!isset($customer['id']))
|
||||
? $this->privileges[PRIV_CUSTOMERS]['add']
|
||||
: $this->privileges[PRIV_CUSTOMERS]['edit'];
|
||||
if ($REQUIRED_PRIV == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$customer_id = $this->customers_model->add($customer);
|
||||
echo json_encode(array(
|
||||
'status' => AJAX_SUCCESS,
|
||||
|
@ -493,6 +555,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_delete_customer() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_CUSTOMERS]['delete'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('customers_model');
|
||||
$this->customers_model->delete($_POST['customer_id']);
|
||||
echo json_encode(AJAX_SUCCESS);
|
||||
|
@ -512,6 +578,14 @@ class Backend_api extends CI_Controller {
|
|||
try {
|
||||
$this->load->model('services_model');
|
||||
$service = json_decode($_POST['service'], true);
|
||||
|
||||
$REQUIRED_PRIV = (!isset($service['id']))
|
||||
? $this->privileges[PRIV_SERVICES]['add']
|
||||
: $this->privileges[PRIV_SERVICES]['edit'];
|
||||
if ($REQUIRED_PRIV == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$service_id =$this->services_model->add($service);
|
||||
echo json_encode(array(
|
||||
'status' => AJAX_SUCCESS,
|
||||
|
@ -531,6 +605,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_delete_service() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_SERVICES]['delete'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('services_model');
|
||||
$result = $this->services_model->delete($_POST['service_id']);
|
||||
echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
|
||||
|
@ -549,6 +627,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_filter_services() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_SERVICES]['view'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('services_model');
|
||||
$key = mysql_real_escape_string($_POST['key']);
|
||||
$where =
|
||||
|
@ -574,6 +656,14 @@ class Backend_api extends CI_Controller {
|
|||
try {
|
||||
$this->load->model('services_model');
|
||||
$category = json_decode($_POST['category'], true);
|
||||
|
||||
$REQUIRED_PRIV = (!isset($category['id']))
|
||||
? $this->privileges[PRIV_SERVICES]['add']
|
||||
: $this->privileges[PRIV_SERVICES]['edit'];
|
||||
if ($REQUIRED_PRIV == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$category_id = $this->services_model->add_category($category);
|
||||
echo json_encode(array(
|
||||
'status' => AJAX_SUCCESS,
|
||||
|
@ -593,6 +683,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_delete_service_category() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_SERVICES]['delete'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('services_model');
|
||||
$result = $this->services_model->delete_category($_POST['category_id']);
|
||||
echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
|
||||
|
@ -611,6 +705,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_filter_service_categories() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_SERVICES]['view'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('services_model');
|
||||
$key = mysql_real_escape_string($_POST['key']);
|
||||
$where = '(name LIKE "%' . $key . '%" OR description LIKE "%' . $key . '%")';
|
||||
|
@ -631,6 +729,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_filter_admins() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_USERS]['view'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('admins_model');
|
||||
$key = mysql_real_escape_string($_POST['key']);
|
||||
$where =
|
||||
|
@ -660,6 +762,14 @@ class Backend_api extends CI_Controller {
|
|||
try {
|
||||
$this->load->model('admins_model');
|
||||
$admin = json_decode($_POST['admin'], true);
|
||||
|
||||
$REQUIRED_PRIV = (!isset($admin['id']))
|
||||
? $this->privileges[PRIV_USERS]['add']
|
||||
: $this->privileges[PRIV_USERS]['edit'];
|
||||
if ($REQUIRED_PRIV == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$admin_id = $this->admins_model->add($admin);
|
||||
|
||||
$response = array(
|
||||
|
@ -683,6 +793,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_delete_admin() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_USERS]['delete'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('admins_model');
|
||||
$result = $this->admins_model->delete($_POST['admin_id']);
|
||||
echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
|
||||
|
@ -701,6 +815,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_filter_providers() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_USERS]['view'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('providers_model');
|
||||
$key = mysql_real_escape_string($_POST['key']);
|
||||
$where =
|
||||
|
@ -731,6 +849,13 @@ class Backend_api extends CI_Controller {
|
|||
$this->load->model('providers_model');
|
||||
$provider = json_decode($_POST['provider'], true);
|
||||
|
||||
$REQUIRED_PRIV = (!isset($provider['id']))
|
||||
? $this->privileges[PRIV_USERS]['add']
|
||||
: $this->privileges[PRIV_USERS]['edit'];
|
||||
if ($REQUIRED_PRIV == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
if (!isset($provider['settings']['working_plan'])) {
|
||||
$this->load->model('settings_model');
|
||||
$provider['settings']['working_plan'] = $this->settings_model
|
||||
|
@ -759,6 +884,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_delete_provider() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_USERS]['delete'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('providers_model');
|
||||
$result = $this->providers_model->delete($_POST['provider_id']);
|
||||
echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
|
||||
|
@ -777,6 +906,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_filter_secretaries() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_USERS]['view'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('secretaries_model');
|
||||
$key = mysql_real_escape_string($_POST['key']);
|
||||
$where =
|
||||
|
@ -806,6 +939,14 @@ class Backend_api extends CI_Controller {
|
|||
try {
|
||||
$this->load->model('secretaries_model');
|
||||
$secretary = json_decode($_POST['secretary'], true);
|
||||
|
||||
$REQUIRED_PRIV = (!isset($secretary['id']))
|
||||
? $this->privileges[PRIV_USERS]['add']
|
||||
: $this->privileges[PRIV_USERS]['edit'];
|
||||
if ($REQUIRED_PRIV == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$secretary_id = $this->secretaries_model->add($secretary);
|
||||
|
||||
echo json_encode(array(
|
||||
|
@ -827,6 +968,10 @@ class Backend_api extends CI_Controller {
|
|||
*/
|
||||
public function ajax_delete_secretary() {
|
||||
try {
|
||||
if ($this->privileges[PRIV_USERS]['delete'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
|
||||
$this->load->model('secretaries_model');
|
||||
$result = $this->secretaries_model->delete($_POST['secretary_id']);
|
||||
echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
|
||||
|
@ -850,10 +995,16 @@ class Backend_api extends CI_Controller {
|
|||
public function ajax_save_settings() {
|
||||
try {
|
||||
if ($_POST['type'] == SETTINGS_SYSTEM) {
|
||||
if ($this->privileges[PRIV_SYSTEM_SETTINGS]['edit'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
$this->load->model('settings_model');
|
||||
$settings = json_decode($_POST['settings'], true);
|
||||
$this->settings_model->save_settings($settings);
|
||||
} else if ($_POST['type'] == SETTINGS_USER) {
|
||||
if ($this->privileges[PRIV_USER_SETTINGS]['edit'] == FALSE) {
|
||||
throw new Exception('You do not have the required privileges for this task.');
|
||||
}
|
||||
$this->load->model('user_model');
|
||||
$this->user_model->save_settings(json_decode($_POST['settings'], true));
|
||||
}
|
||||
|
|
|
@ -38,11 +38,18 @@ class User extends CI_Controller {
|
|||
}
|
||||
|
||||
public function no_privileges() {
|
||||
// can't view the requested page.
|
||||
$view['base_url'] = $this->config->item('base_url');
|
||||
$this->load->view('user/no_privileges', $view);
|
||||
}
|
||||
|
||||
/**
|
||||
* [AJAX] Check whether the user has entered the correct login credentials.
|
||||
*
|
||||
* The session data of a logged in user are the following:
|
||||
* 'user_id'
|
||||
* 'user_email'
|
||||
* 'role_slug'
|
||||
* 'dest_url'
|
||||
*/
|
||||
public function ajax_check_login() {
|
||||
try {
|
||||
|
|
|
@ -35,9 +35,7 @@ class Admins_Model extends CI_Model {
|
|||
* @throws Exception When the admin data are invalid (see validate() method).
|
||||
*/
|
||||
public function add($admin) {
|
||||
if (!$this->validate($admin)) {
|
||||
throw new Exception('Admin data are invalid: ' . print_r($admin, TRUE));
|
||||
}
|
||||
$this->validate($admin);
|
||||
|
||||
if ($this->exists($admin) && !isset($admin['id'])) {
|
||||
$admin['id'] = $this->find_record_id($admin);
|
||||
|
@ -178,44 +176,42 @@ class Admins_Model extends CI_Model {
|
|||
*
|
||||
* @param array $admin Contains the admin user data.
|
||||
* @return bool Returns the validation result.
|
||||
*
|
||||
* @throws Exception When data are invalid.
|
||||
*/
|
||||
public function validate($admin) {
|
||||
$this->load->helper('data_validation');
|
||||
|
||||
try {
|
||||
// If a record id is provided then check whether the record exists in the database.
|
||||
if (isset($admin['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_users', array('id' => $admin['id']))
|
||||
->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Given admin id does not exist in database: ' . $admin['id']);
|
||||
}
|
||||
// If a record id is provided then check whether the record exists in the database.
|
||||
if (isset($admin['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_users', array('id' => $admin['id']))
|
||||
->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Given admin id does not exist in database: ' . $admin['id']);
|
||||
}
|
||||
|
||||
// Validate required fields integrity.
|
||||
if (!isset($admin['last_name'])
|
||||
|| !isset($admin['email'])
|
||||
|| !isset($admin['phone_number'])) {
|
||||
throw new Exception('Not all required fields are provided : ' . print_r($admin, TRUE));
|
||||
}
|
||||
|
||||
// Validate admin email address.
|
||||
if (!filter_var($admin['email'], FILTER_VALIDATE_EMAIL)) {
|
||||
throw new Exception('Invalid email address provided : ' . $admin['email']);
|
||||
}
|
||||
|
||||
// Validate admin password
|
||||
if (isset($admin['settings']['password'])) {
|
||||
if (strlen($admin['settings']['password']) < MIN_PASSWORD_LENGTH) {
|
||||
throw new Exception('The user password must be at least '
|
||||
. MIN_PASSWORD_LENGTH . ' characters long.');
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
} catch (Exception $exc) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
// Validate required fields integrity.
|
||||
if (!isset($admin['last_name'])
|
||||
|| !isset($admin['email'])
|
||||
|| !isset($admin['phone_number'])) {
|
||||
throw new Exception('Not all required fields are provided : ' . print_r($admin, TRUE));
|
||||
}
|
||||
|
||||
// Validate admin email address.
|
||||
if (!filter_var($admin['email'], FILTER_VALIDATE_EMAIL)) {
|
||||
throw new Exception('Invalid email address provided : ' . $admin['email']);
|
||||
}
|
||||
|
||||
// Validate admin password
|
||||
if (isset($admin['settings']['password'])) {
|
||||
if (strlen($admin['settings']['password']) < MIN_PASSWORD_LENGTH) {
|
||||
throw new Exception('The user password must be at least '
|
||||
. MIN_PASSWORD_LENGTH . ' characters long.');
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE; // Operation completed successfully.
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -21,9 +21,7 @@ class Appointments_Model extends CI_Model {
|
|||
*/
|
||||
public function add($appointment) {
|
||||
// Validate the appointment data before doing anything.
|
||||
if (!$this->validate($appointment)) {
|
||||
throw new Exception('Appointment data are invalid.');
|
||||
}
|
||||
$this->validate($appointment);
|
||||
|
||||
// Perform insert() or update() operation.
|
||||
if (!isset($appointment['id'])) {
|
||||
|
@ -148,64 +146,60 @@ class Appointments_Model extends CI_Model {
|
|||
public function validate($appointment) {
|
||||
$this->load->helper('data_validation');
|
||||
|
||||
try {
|
||||
// If a appointment id is given, check wether the record exists
|
||||
// in the database.
|
||||
if (isset($appointment['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_appointments',
|
||||
array('id' => $appointment['id']))->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Provided appointment id does not '
|
||||
. 'exist in the database.');
|
||||
}
|
||||
// If a appointment id is given, check wether the record exists
|
||||
// in the database.
|
||||
if (isset($appointment['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_appointments',
|
||||
array('id' => $appointment['id']))->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Provided appointment id does not '
|
||||
. 'exist in the database.');
|
||||
}
|
||||
}
|
||||
|
||||
// Check if appointment dates are valid.
|
||||
if (!validate_mysql_datetime($appointment['start_datetime'])) {
|
||||
throw new Exception('Appointment start datetime is invalid.');
|
||||
}
|
||||
// Check if appointment dates are valid.
|
||||
if (!validate_mysql_datetime($appointment['start_datetime'])) {
|
||||
throw new Exception('Appointment start datetime is invalid.');
|
||||
}
|
||||
|
||||
if (!validate_mysql_datetime($appointment['end_datetime'])) {
|
||||
throw new Exception('Appointment end datetime is invalid.');
|
||||
}
|
||||
if (!validate_mysql_datetime($appointment['end_datetime'])) {
|
||||
throw new Exception('Appointment end datetime is invalid.');
|
||||
}
|
||||
|
||||
// Check if the provider's id is valid.
|
||||
// Check if the provider's id is valid.
|
||||
$num_rows = $this->db
|
||||
->select('*')
|
||||
->from('ea_users')
|
||||
->join('ea_roles', 'ea_roles.id = ea_users.id_roles', 'inner')
|
||||
->where('ea_users.id', $appointment['id_users_provider'])
|
||||
->where('ea_roles.slug', DB_SLUG_PROVIDER)
|
||||
->get()->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Appointment provider id is invalid.');
|
||||
}
|
||||
|
||||
if ($appointment['is_unavailable'] == FALSE) {
|
||||
// Check if the customer's id is valid.
|
||||
$num_rows = $this->db
|
||||
->select('*')
|
||||
->from('ea_users')
|
||||
->join('ea_roles', 'ea_roles.id = ea_users.id_roles', 'inner')
|
||||
->where('ea_users.id', $appointment['id_users_provider'])
|
||||
->where('ea_roles.slug', DB_SLUG_PROVIDER)
|
||||
->where('ea_users.id', $appointment['id_users_customer'])
|
||||
->where('ea_roles.slug', DB_SLUG_CUSTOMER)
|
||||
->get()->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Appointment provider id is invalid.');
|
||||
throw new Exception('Appointment customer id is invalid.');
|
||||
}
|
||||
|
||||
if ($appointment['is_unavailable'] == FALSE) {
|
||||
// Check if the customer's id is valid.
|
||||
$num_rows = $this->db
|
||||
->select('*')
|
||||
->from('ea_users')
|
||||
->join('ea_roles', 'ea_roles.id = ea_users.id_roles', 'inner')
|
||||
->where('ea_users.id', $appointment['id_users_customer'])
|
||||
->where('ea_roles.slug', DB_SLUG_CUSTOMER)
|
||||
->get()->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Appointment customer id is invalid.');
|
||||
}
|
||||
|
||||
// Check if the service id is valid.
|
||||
$num_rows = $this->db->get_where('ea_services',
|
||||
array('id' => $appointment['id_services']))->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Appointment customer id is invalid.');
|
||||
}
|
||||
// Check if the service id is valid.
|
||||
$num_rows = $this->db->get_where('ea_services',
|
||||
array('id' => $appointment['id_services']))->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Appointment customer id is invalid.');
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
} catch (Exception $exc) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -21,9 +21,7 @@ class Customers_Model extends CI_Model {
|
|||
*/
|
||||
public function add($customer) {
|
||||
// Validate the customer data before doing anything.
|
||||
if (!$this->validate($customer)) {
|
||||
throw new Exception('Customer data are not valid.');
|
||||
}
|
||||
!$this->validate($customer);
|
||||
|
||||
// :: CHECK IF CUSTOMER ALREADY EXIST (FROM EMAIL).
|
||||
if ($this->exists($customer) && !isset($customer['id'])) {
|
||||
|
@ -158,35 +156,32 @@ class Customers_Model extends CI_Model {
|
|||
public function validate($customer) {
|
||||
$this->load->helper('data_validation');
|
||||
|
||||
try {
|
||||
// If a customer id is provided, check whether the record
|
||||
// exist in the database.
|
||||
if (isset($customer['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_users',
|
||||
array('id' => $customer['id']))->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Provided customer id does not '
|
||||
. 'exist in the database.');
|
||||
}
|
||||
}
|
||||
// Validate required fields
|
||||
if (!isset($customer['last_name'])
|
||||
|| !isset($customer['email'])
|
||||
|| !isset($customer['phone_number'])) {
|
||||
throw new Exception('Not all required fields are provided : '
|
||||
. print_r($customer, TRUE));
|
||||
}
|
||||
|
||||
// Validate email address
|
||||
if (!filter_var($customer['email'], FILTER_VALIDATE_EMAIL)) {
|
||||
throw new Exception('Invalid email address provided : '
|
||||
. $customer['email']);
|
||||
// If a customer id is provided, check whether the record
|
||||
// exist in the database.
|
||||
if (isset($customer['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_users',
|
||||
array('id' => $customer['id']))->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Provided customer id does not '
|
||||
. 'exist in the database.');
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
} catch (Exception $exc) {
|
||||
return FALSE;
|
||||
}
|
||||
// Validate required fields
|
||||
if (!isset($customer['last_name'])
|
||||
|| !isset($customer['email'])
|
||||
|| !isset($customer['phone_number'])) {
|
||||
throw new Exception('Not all required fields are provided : '
|
||||
. print_r($customer, TRUE));
|
||||
}
|
||||
|
||||
// Validate email address
|
||||
if (!filter_var($customer['email'], FILTER_VALIDATE_EMAIL)) {
|
||||
throw new Exception('Invalid email address provided : '
|
||||
. $customer['email']);
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -48,9 +48,7 @@ class Providers_Model extends CI_Model {
|
|||
* @throws Exception When the record data validation fails.
|
||||
*/
|
||||
public function add($provider) {
|
||||
if (!$this->validate($provider)) {
|
||||
throw new Exception('Provider data are not valid :' . print_r($provider, TRUE));
|
||||
}
|
||||
$this->validate($provider);
|
||||
|
||||
if ($this->exists($provider) && !isset($provider['id'])) {
|
||||
$provider['id'] = $this->find_record_id($provider);
|
||||
|
@ -196,58 +194,54 @@ class Providers_Model extends CI_Model {
|
|||
public function validate($provider) {
|
||||
$this->load->helper('data_validation');
|
||||
|
||||
try {
|
||||
// If a provider id is present, check whether the record exist in the database.
|
||||
if (isset($provider['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_users',
|
||||
array('id' => $provider['id']))->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Provided record id does not exist in the database.');
|
||||
}
|
||||
// If a provider id is present, check whether the record exist in the database.
|
||||
if (isset($provider['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_users',
|
||||
array('id' => $provider['id']))->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Provided record id does not exist in the database.');
|
||||
}
|
||||
|
||||
// Validate required fields.
|
||||
if (!isset($provider['last_name'])
|
||||
|| !isset($provider['email'])
|
||||
|| !isset($provider['phone_number'])) {
|
||||
throw new Exception('Not all required fields are provided : ' . print_r($provider, TRUE));
|
||||
}
|
||||
|
||||
// Validate provider email address.
|
||||
if (!filter_var($provider['email'], FILTER_VALIDATE_EMAIL)) {
|
||||
throw new Exception('Invalid email address provided : ' . $provider['email']);
|
||||
}
|
||||
|
||||
// Validate provider services.
|
||||
if (!isset($provider['services']) || !is_array($provider['services'])) {
|
||||
throw new Exception('Invalid provider services given: ' . print_r($provider, TRUE));
|
||||
} else { // Check if services are valid numeric values.
|
||||
foreach($provider['services'] as $service_id) {
|
||||
if (!is_numeric($service_id)) {
|
||||
throw new Exception('A provider service with invalid id was found: '
|
||||
. print_r($provider, TRUE));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Validate provider settings.
|
||||
if (!isset($provider['settings']) || count($provider['settings']) == 0
|
||||
|| !is_array($provider['settings'])) {
|
||||
throw new Exception('Invalid provider settings given: ' . print_r($provider, TRUE));
|
||||
}
|
||||
|
||||
// Validate admin password
|
||||
if (isset($provider['settings']['password'])) {
|
||||
if (strlen($provider['settings']['password']) < MIN_PASSWORD_LENGTH) {
|
||||
throw new Exception('The user password must be at least '
|
||||
. MIN_PASSWORD_LENGTH . ' characters long.');
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
} catch (Exception $exc) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
// Validate required fields.
|
||||
if (!isset($provider['last_name'])
|
||||
|| !isset($provider['email'])
|
||||
|| !isset($provider['phone_number'])) {
|
||||
throw new Exception('Not all required fields are provided : ' . print_r($provider, TRUE));
|
||||
}
|
||||
|
||||
// Validate provider email address.
|
||||
if (!filter_var($provider['email'], FILTER_VALIDATE_EMAIL)) {
|
||||
throw new Exception('Invalid email address provided : ' . $provider['email']);
|
||||
}
|
||||
|
||||
// Validate provider services.
|
||||
if (!isset($provider['services']) || !is_array($provider['services'])) {
|
||||
throw new Exception('Invalid provider services given: ' . print_r($provider, TRUE));
|
||||
} else { // Check if services are valid numeric values.
|
||||
foreach($provider['services'] as $service_id) {
|
||||
if (!is_numeric($service_id)) {
|
||||
throw new Exception('A provider service with invalid id was found: '
|
||||
. print_r($provider, TRUE));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Validate provider settings.
|
||||
if (!isset($provider['settings']) || count($provider['settings']) == 0
|
||||
|| !is_array($provider['settings'])) {
|
||||
throw new Exception('Invalid provider settings given: ' . print_r($provider, TRUE));
|
||||
}
|
||||
|
||||
// Validate admin password
|
||||
if (isset($provider['settings']['password'])) {
|
||||
if (strlen($provider['settings']['password']) < MIN_PASSWORD_LENGTH) {
|
||||
throw new Exception('The user password must be at least '
|
||||
. MIN_PASSWORD_LENGTH . ' characters long.');
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -18,6 +18,55 @@ class Roles_Model extends CI_Model {
|
|||
public function get_role_id($role_slug) {
|
||||
return $this->db->get_where('ea_roles', array('slug' => $role_slug))->row()->id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns all the privileges (bool values) of a role slug.
|
||||
*
|
||||
* The privilege numbers are converted into bool values of the four main actions (view,
|
||||
* add, edit, delete). By checking each value you can know if the user is able to perform
|
||||
* this action.
|
||||
*
|
||||
* @param string $slug The role slug.
|
||||
* @return array Returns the privilege value.
|
||||
*/
|
||||
public function get_privileges($slug) {
|
||||
$privileges = $this->db->get_where('ea_roles', array('slug' => $slug))->row_array();
|
||||
unset($privileges['id'], $privileges['name'], $privileges['slug'], $privileges['is_admin']);
|
||||
|
||||
// Convert the numeric values to bool so that is easier to check whether a
|
||||
// user has the required privileges for a specific action.
|
||||
foreach($privileges as &$value) {
|
||||
$privileges_number = $value;
|
||||
|
||||
$value = array(
|
||||
'view' => false,
|
||||
'add' => false,
|
||||
'edit' => false,
|
||||
'delete' => false
|
||||
);
|
||||
|
||||
if ($privileges_number > 0) {
|
||||
if (intval($privileges_number / PRIV_DELETE) == 1) {
|
||||
$value['delete'] = TRUE;
|
||||
$privileges_number -= PRIV_DELETE;
|
||||
}
|
||||
|
||||
if (intval($privileges_number / PRIV_EDIT) == 1) {
|
||||
$value['edit'] = TRUE;
|
||||
$privileges_number -= PRIV_EDIT;
|
||||
}
|
||||
|
||||
if (intval($privileges_number / PRIV_ADD) == 1) {
|
||||
$value['add'] = TRUE;
|
||||
$privileges_number -= PRIV_ADD;
|
||||
}
|
||||
|
||||
$value['view'] = TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
return $privileges;
|
||||
}
|
||||
}
|
||||
|
||||
/* End of file roles_model.php */
|
||||
|
|
|
@ -36,9 +36,7 @@ class Secretaries_Model extends CI_Model {
|
|||
* @throws Exception When the secretary data are invalid (see validate() method).
|
||||
*/
|
||||
public function add($secretary) {
|
||||
if (!$this->validate($secretary)) {
|
||||
throw new Exception('Secretary data are invalid: ' . print_r($secretary, TRUE));
|
||||
}
|
||||
$this->validate($secretary);
|
||||
|
||||
if ($this->exists($secretary) && !isset($secretary['id'])) {
|
||||
$secretary['id'] = $this->find_record_id($secretary);
|
||||
|
@ -177,45 +175,41 @@ class Secretaries_Model extends CI_Model {
|
|||
public function validate($secretary) {
|
||||
$this->load->helper('data_validation');
|
||||
|
||||
try {
|
||||
// If a record id is provided then check whether the record exists in the database.
|
||||
if (isset($secretary['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_users', array('id' => $secretary['id']))
|
||||
->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Given secretary id does not exist in database: ' . $secretary['id']);
|
||||
}
|
||||
// If a record id is provided then check whether the record exists in the database.
|
||||
if (isset($secretary['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_users', array('id' => $secretary['id']))
|
||||
->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Given secretary id does not exist in database: ' . $secretary['id']);
|
||||
}
|
||||
|
||||
// Validate 'providers' value datatype (must be array)
|
||||
if (isset($secretary['providers']) && !is_array($secretary['providers'])) {
|
||||
throw new Exception('Secretary providers value is not an array.');
|
||||
}
|
||||
|
||||
// Validate required fields integrity.
|
||||
if (!isset($secretary['last_name'])
|
||||
|| !isset($secretary['email'])
|
||||
|| !isset($secretary['phone_number'])) {
|
||||
throw new Exception('Not all required fields are provided : ' . print_r($secretary, TRUE));
|
||||
}
|
||||
|
||||
// Validate secretary email address.
|
||||
if (!filter_var($secretary['email'], FILTER_VALIDATE_EMAIL)) {
|
||||
throw new Exception('Invalid email address provided : ' . $secretary['email']);
|
||||
}
|
||||
|
||||
// Validate admin password
|
||||
if (isset($secretary['settings']['password'])) {
|
||||
if (strlen($secretary['settings']['password']) < MIN_PASSWORD_LENGTH) {
|
||||
throw new Exception('The user password must be at least '
|
||||
. MIN_PASSWORD_LENGTH . ' characters long.');
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
} catch (Exception $exc) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
// Validate 'providers' value datatype (must be array)
|
||||
if (isset($secretary['providers']) && !is_array($secretary['providers'])) {
|
||||
throw new Exception('Secretary providers value is not an array.');
|
||||
}
|
||||
|
||||
// Validate required fields integrity.
|
||||
if (!isset($secretary['last_name'])
|
||||
|| !isset($secretary['email'])
|
||||
|| !isset($secretary['phone_number'])) {
|
||||
throw new Exception('Not all required fields are provided : ' . print_r($secretary, TRUE));
|
||||
}
|
||||
|
||||
// Validate secretary email address.
|
||||
if (!filter_var($secretary['email'], FILTER_VALIDATE_EMAIL)) {
|
||||
throw new Exception('Invalid email address provided : ' . $secretary['email']);
|
||||
}
|
||||
|
||||
// Validate admin password
|
||||
if (isset($secretary['settings']['password'])) {
|
||||
if (strlen($secretary['settings']['password']) < MIN_PASSWORD_LENGTH) {
|
||||
throw new Exception('The user password must be at least '
|
||||
. MIN_PASSWORD_LENGTH . ' characters long.');
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -15,9 +15,7 @@ class Services_Model extends CI_Model {
|
|||
* @return numeric Returns the record id.
|
||||
*/
|
||||
public function add($service) {
|
||||
if (!$this->validate($service)) {
|
||||
throw new Exception('Service data are invalid.');
|
||||
}
|
||||
$this->validate($service);
|
||||
|
||||
if (!isset($service['id'])) {
|
||||
$service['id'] = $this->insert($service);
|
||||
|
@ -86,49 +84,45 @@ class Services_Model extends CI_Model {
|
|||
public function validate($service) {
|
||||
$this->load->helper('data_validation');
|
||||
|
||||
try {
|
||||
// If record id is provided we need to check whether the record exists
|
||||
// in the database.
|
||||
if (isset($service['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_services', array('id' => $service['id']))
|
||||
->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Provided service id does not exist in the database.');
|
||||
}
|
||||
// If record id is provided we need to check whether the record exists
|
||||
// in the database.
|
||||
if (isset($service['id'])) {
|
||||
$num_rows = $this->db->get_where('ea_services', array('id' => $service['id']))
|
||||
->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Provided service id does not exist in the database.');
|
||||
}
|
||||
|
||||
// Check if service category id is valid (only when present)
|
||||
if ($service['id_service_categories'] != NULL) {
|
||||
$num_rows = $this->db->get_where('ea_service_categories',
|
||||
array('id' => $service['id_service_categories']))->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Provided service category id does not exist in database.');
|
||||
}
|
||||
}
|
||||
|
||||
// Check for required fields
|
||||
if ($service['name'] == '') {
|
||||
throw new Exception('Not all required service fields where provided: '
|
||||
. print_r($service, TRUE));
|
||||
}
|
||||
|
||||
// Duration must be numeric
|
||||
if ($service['duration'] !== NULL) {
|
||||
if (!is_numeric($service['duration'])) {
|
||||
throw new Exception('Service duration is not numeric.');
|
||||
}
|
||||
}
|
||||
|
||||
if ($service['price'] !== NULL) {
|
||||
if (!is_numeric($service['price'])) {
|
||||
throw new Exception('Service price is not numeric.');
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
} catch(Exception $exc) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
// Check if service category id is valid (only when present)
|
||||
if ($service['id_service_categories'] != NULL) {
|
||||
$num_rows = $this->db->get_where('ea_service_categories',
|
||||
array('id' => $service['id_service_categories']))->num_rows();
|
||||
if ($num_rows == 0) {
|
||||
throw new Exception('Provided service category id does not exist in database.');
|
||||
}
|
||||
}
|
||||
|
||||
// Check for required fields
|
||||
if ($service['name'] == '') {
|
||||
throw new Exception('Not all required service fields where provided: '
|
||||
. print_r($service, TRUE));
|
||||
}
|
||||
|
||||
// Duration must be numeric
|
||||
if ($service['duration'] !== NULL) {
|
||||
if (!is_numeric($service['duration'])) {
|
||||
throw new Exception('Service duration is not numeric.');
|
||||
}
|
||||
}
|
||||
|
||||
if ($service['price'] !== NULL) {
|
||||
if (!is_numeric($service['price'])) {
|
||||
throw new Exception('Service price is not numeric.');
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -16,7 +16,14 @@
|
|||
'availableServices' : <?php echo json_encode($available_services); ?>,
|
||||
'baseUrl' : <?php echo '"' . $base_url . '"'; ?>,
|
||||
'bookAdvanceTimeout' : <?php echo $book_advance_timeout; ?>,
|
||||
'editAppointment' : <?php echo json_encode($edit_appointment); ?>
|
||||
'editAppointment' : <?php echo json_encode($edit_appointment); ?>,
|
||||
'customers' : <?php echo json_encode($customers); ?>,
|
||||
'user' : {
|
||||
'id' : <?php echo $user_id; ?>,
|
||||
'email' : <?php echo '"' . $user_email . '"'; ?>,
|
||||
'role_slug' : <?php echo '"' . $role_slug . '"'; ?>,
|
||||
'privileges': <?php echo json_encode($privileges); ?>
|
||||
}
|
||||
};
|
||||
|
||||
$(document).ready(function() {
|
||||
|
@ -33,6 +40,7 @@
|
|||
|
||||
<div id="calendar-actions">
|
||||
<div class="btn-group">
|
||||
<?php if ($privileges[PRIV_USERS]['edit'] == TRUE) { ?>
|
||||
<button id="google-sync" class="btn btn-primary"
|
||||
title="Trigger the Google Calendar synchronization process.">
|
||||
<i class="icon-refresh icon-white"></i>
|
||||
|
@ -44,6 +52,7 @@
|
|||
<i class="icon-calendar"></i>
|
||||
<span>Enable Sync</span>
|
||||
</button>
|
||||
<?php } ?>
|
||||
|
||||
<button id="reload-appointments" class="btn" title="Reload calendar appointments.">
|
||||
<i class="icon-repeat"></i>
|
||||
|
@ -51,19 +60,21 @@
|
|||
</button>
|
||||
</div>
|
||||
|
||||
<?php if ($privileges[PRIV_APPOINTMENTS]['add'] == TRUE) { ?>
|
||||
<div class="btn-group">
|
||||
<button id="insert-appointment" class="btn"
|
||||
<button id="insert-appointment" class="btn btn-info"
|
||||
title="Create a new appointment and store it into the database.">
|
||||
<i class="icon-plus"></i>
|
||||
<i class="icon-plus icon-white"></i>
|
||||
<span>Appointment</span>
|
||||
</button>
|
||||
|
||||
<button id="insert-unavailable" class="btn"
|
||||
title="During unavailable periods the provider won't accept new appointments.">
|
||||
<i class="icon-ban-circle"></i>
|
||||
<i class="icon-plus"></i>
|
||||
<span>Unavailable</span>
|
||||
</button>
|
||||
</div>
|
||||
<?php } ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
@ -75,9 +86,10 @@
|
|||
<button type="button" class="close" data-dismiss="modal"
|
||||
aria-hidden="true">×</button>
|
||||
<h3>Edit Appointment</h3>
|
||||
<div id="modal-message" class="alert" style="display: none;"></div>
|
||||
</div>
|
||||
|
||||
<div class="modal-message alert" style="display: none;"></div>
|
||||
|
||||
<div class="modal-body">
|
||||
<form class="form-horizontal">
|
||||
<fieldset>
|
||||
|
@ -115,7 +127,14 @@
|
|||
</fieldset>
|
||||
|
||||
<fieldset class="row-fluid">
|
||||
<legend>Customer Details</legend>
|
||||
<legend>
|
||||
Customer Details
|
||||
<button id="select-customer" class="btn btn-primary btn-mini"
|
||||
title="Pick an existing customer." type="button">Select Existing Customer</button>
|
||||
<input type="text" id="filter-existing-customers" placeholder="Type to filter customers."
|
||||
style="display: none;" class="input-medium"/>
|
||||
<div id="existing-customers-list" style="display: none;"></div>
|
||||
</legend>
|
||||
|
||||
<input id="customer-id" type="hidden" />
|
||||
|
||||
|
@ -192,9 +211,11 @@
|
|||
<button type="button" class="close" data-dismiss="modal"
|
||||
aria-hidden="true">×</button>
|
||||
<h3>Add Unavailable Period</h3>
|
||||
<div class="modal-message" class="alert" style="display: none;"></div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="modal-message alert" style="display: none;"></div>
|
||||
|
||||
<div class="modal-body">
|
||||
<form class="form-horizontal">
|
||||
<fieldset>
|
||||
|
|
|
@ -9,7 +9,13 @@
|
|||
'availableProviders': <?php echo json_encode($available_providers); ?>,
|
||||
'availableServices': <?php echo json_encode($available_services); ?>,
|
||||
'baseUrl': <?php echo '"' . $base_url . '"'; ?>,
|
||||
'customers': <?php echo json_encode($customers); ?>
|
||||
'customers': <?php echo json_encode($customers); ?>,
|
||||
'user' : {
|
||||
'id' : <?php echo $user_id; ?>,
|
||||
'email' : <?php echo '"' . $user_email . '"'; ?>,
|
||||
'role_slug' : <?php echo '"' . $role_slug . '"'; ?>,
|
||||
'privileges': <?php echo json_encode($privileges); ?>
|
||||
}
|
||||
};
|
||||
|
||||
$(document).ready(function() {
|
||||
|
@ -38,15 +44,23 @@
|
|||
<div id="details" class="span7 row-fluid">
|
||||
<div class="btn-toolbar">
|
||||
<div id="add-edit-delete-group" class="btn-group">
|
||||
<?php if ($privileges[PRIV_CUSTOMERS]['add'] == TRUE) { ?>
|
||||
<button id="add-customer" class="btn">
|
||||
<i class="icon-plus"></i>
|
||||
Add</button>
|
||||
<?php } ?>
|
||||
|
||||
<?php if ($privileges[PRIV_CUSTOMERS]['edit'] == TRUE) { ?>
|
||||
<button id="edit-customer" class="btn" disabled="disabled">
|
||||
<i class="icon-pencil"></i>
|
||||
Edit</button>
|
||||
<?php }?>
|
||||
|
||||
<?php if ($privileges[PRIV_CUSTOMERS]['delete'] == TRUE) { ?>
|
||||
<button id="delete-customer" class="btn" disabled="disabled">
|
||||
<i class="icon-remove"></i>
|
||||
Delete</button>
|
||||
<?php } ?>
|
||||
</div>
|
||||
|
||||
<div id="save-cancel-group" class="btn-group" style="display:none;">
|
||||
|
|
|
@ -73,31 +73,37 @@
|
|||
<div id="header-menu">
|
||||
<?php // CALENDAR MENU ITEM
|
||||
// ------------------------------------------------------ ?>
|
||||
<a href="<?php echo $base_url; ?>backend" class="menu-item">
|
||||
<?php $hidden = ($privileges[PRIV_APPOINTMENTS]['view'] == TRUE) ? '' : 'hidden'; ?>
|
||||
<a href="<?php echo $base_url; ?>backend" class="menu-item <?php echo $hidden; ?>">
|
||||
Calendar
|
||||
</a>
|
||||
|
||||
<?php // CUSTOMERS MENU ITEM
|
||||
// ------------------------------------------------------ ?>
|
||||
<a href="<?php echo $base_url; ?>backend/customers" class="menu-item">
|
||||
<?php $hidden = ($privileges[PRIV_CUSTOMERS]['view'] == TRUE) ? '' : 'hidden'; ?>
|
||||
<a href="<?php echo $base_url; ?>backend/customers" class="menu-item <?php echo $hidden; ?>">
|
||||
Customers
|
||||
</a>
|
||||
|
||||
<?php // SERVICES MENU ITEM
|
||||
// ------------------------------------------------------ ?>
|
||||
<a href="<?php echo $base_url; ?>backend/services" class="menu-item">
|
||||
<?php $hidden = ($privileges[PRIV_SERVICES]['view'] == TRUE) ? '' : 'hidden'; ?>
|
||||
<a href="<?php echo $base_url; ?>backend/services" class="menu-item <?php echo $hidden; ?>">
|
||||
Services
|
||||
</a>
|
||||
|
||||
<?php // PROVIDERS MENU ITEM
|
||||
<?php // USERS MENU ITEM
|
||||
// ------------------------------------------------------ ?>
|
||||
<a href="<?php echo $base_url; ?>backend/users" class="menu-item">
|
||||
<?php $hidden = ($privileges[PRIV_USERS]['view'] == TRUE) ? '' : 'hidden'; ?>
|
||||
<a href="<?php echo $base_url; ?>backend/users" class="menu-item <?php echo $hidden; ?>">
|
||||
Users
|
||||
</a>
|
||||
|
||||
<?php // SETTINGS MENU ITEM
|
||||
// ------------------------------------------------------ ?>
|
||||
<a href="<?php echo $base_url; ?>backend/settings" class="menu-item">
|
||||
<?php $hidden = ($privileges[PRIV_SYSTEM_SETTINGS]['view'] == TRUE
|
||||
|| $privileges[PRIV_USER_SETTINGS]['view'] == TRUE) ? '' : 'hidden'; ?>
|
||||
<a href="<?php echo $base_url; ?>backend/settings" class="menu-item <?php echo $hidden; ?>">
|
||||
Settings
|
||||
</a>
|
||||
|
||||
|
|
|
@ -5,7 +5,13 @@
|
|||
var GlobalVariables = {
|
||||
'baseUrl': <?php echo '"' . $base_url . '"'; ?>,
|
||||
'services': <?php echo json_encode($services); ?>,
|
||||
'categories': <?php echo json_encode($categories); ?>
|
||||
'categories': <?php echo json_encode($categories); ?>,
|
||||
'user' : {
|
||||
'id' : <?php echo $user_id; ?>,
|
||||
'email' : <?php echo '"' . $user_email . '"'; ?>,
|
||||
'role_slug' : <?php echo '"' . $role_slug . '"'; ?>,
|
||||
'privileges': <?php echo json_encode($privileges); ?>
|
||||
}
|
||||
};
|
||||
|
||||
$(document).ready(function() {
|
||||
|
|
|
@ -14,6 +14,12 @@
|
|||
'settings': {
|
||||
'system': <?php echo json_encode($system_settings); ?>,
|
||||
'user': <?php echo json_encode($user_settings); ?>
|
||||
},
|
||||
'user' : {
|
||||
'id' : <?php echo $user_id; ?>,
|
||||
'email' : <?php echo '"' . $user_email . '"'; ?>,
|
||||
'role_slug' : <?php echo '"' . $role_slug . '"'; ?>,
|
||||
'privileges': <?php echo json_encode($privileges); ?>
|
||||
}
|
||||
};
|
||||
|
||||
|
@ -24,9 +30,17 @@
|
|||
|
||||
<div id="settings-page" class="row-fluid">
|
||||
<ul class="nav nav-tabs">
|
||||
<li class="general-tab tab active"><a>General</a></li>
|
||||
<?php if ($privileges[PRIV_SYSTEM_SETTINGS]['view'] == TRUE) { ?>
|
||||
<li class="general-tab tab"><a>General</a></li>
|
||||
<?php } ?>
|
||||
|
||||
<?php if ($privileges[PRIV_SYSTEM_SETTINGS]['view'] == TRUE) { ?>
|
||||
<li class="business-logic-tab tab"><a>Business Logic</a></li>
|
||||
<?php } ?>
|
||||
|
||||
<?php if ($privileges[PRIV_USER_SETTINGS]['view'] == TRUE) { ?>
|
||||
<li class="user-tab tab"><a>User</a></li>
|
||||
<?php } ?>
|
||||
</ul>
|
||||
|
||||
<?php
|
||||
|
@ -36,12 +50,15 @@
|
|||
//
|
||||
// --------------------------------------------------------------
|
||||
?>
|
||||
<div id="general" class="tab-content">
|
||||
<?php $hidden = ($privileges[PRIV_SYSTEM_SETTINGS]['view'] == TRUE) ? '' : 'hidden'; ?>
|
||||
<div id="general" class="tab-content <?php echo $hidden; ?>">
|
||||
<form>
|
||||
<fieldset>
|
||||
<legend>
|
||||
General Settings
|
||||
<?php if ($privileges[PRIV_SYSTEM_SETTINGS]['edit'] == TRUE) { ?>
|
||||
<button type="button" class="save-settings btn btn-primary btn-mini">Save</button>
|
||||
<?php } ?>
|
||||
</legend>
|
||||
|
||||
<label for="company-name">Company Name *</label>
|
||||
|
@ -80,12 +97,15 @@
|
|||
//
|
||||
// --------------------------------------------------------------
|
||||
?>
|
||||
<div id="business-logic" class="tab-content" style="display: none;">
|
||||
<?php $hidden = ($privileges[PRIV_SYSTEM_SETTINGS]['view'] == TRUE) ? '' : 'hidden'; ?>
|
||||
<div id="business-logic" class="tab-content <?php echo $hidden; ?>">
|
||||
<form>
|
||||
<fieldset>
|
||||
<legend>
|
||||
Business Logic
|
||||
<?php if ($privileges[PRIV_SYSTEM_SETTINGS]['edit'] == TRUE) { ?>
|
||||
<button type="button" class="save-settings btn btn-primary btn-mini">Save</button>
|
||||
<?php } ?>
|
||||
</legend>
|
||||
|
||||
<div class="row-fluid">
|
||||
|
@ -201,12 +221,15 @@
|
|||
//
|
||||
// --------------------------------------------------------------
|
||||
?>
|
||||
<div id="user" class="tab-content" style="display: none;">
|
||||
<?php $hidden = ($privileges[PRIV_USER_SETTINGS]['view'] == TRUE) ? '' : 'hidden'; ?>
|
||||
<div id="user" class="tab-content <?php echo $hidden; ?>">
|
||||
<form class="row-fluid">
|
||||
<fieldset class="span5">
|
||||
<legend>
|
||||
Personal Info
|
||||
<?php if ($privileges[PRIV_USER_SETTINGS]['edit'] == TRUE) { ?>
|
||||
<button type="button" class="save-settings btn btn-primary btn-mini">Save</button>
|
||||
<?php } ?>
|
||||
</legend>
|
||||
|
||||
<input type="hidden" id="user-id" />
|
||||
|
|
|
@ -23,7 +23,13 @@
|
|||
'providers': <?php echo json_encode($providers); ?>,
|
||||
'secretaries': <?php echo json_encode($secretaries); ?>,
|
||||
'services': <?php echo json_encode($services); ?>,
|
||||
'workingPlan': $.parseJSON(<?php echo json_encode($working_plan); ?>)
|
||||
'workingPlan': $.parseJSON(<?php echo json_encode($working_plan); ?>),
|
||||
'user' : {
|
||||
'id' : <?php echo $user_id; ?>,
|
||||
'email' : <?php echo '"' . $user_email . '"'; ?>,
|
||||
'role_slug' : <?php echo '"' . $role_slug . '"'; ?>,
|
||||
'privileges': <?php echo json_encode($privileges); ?>
|
||||
}
|
||||
};
|
||||
|
||||
$(document).ready(function() {
|
||||
|
|
|
@ -1,7 +1,73 @@
|
|||
<?php
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
|
||||
|
||||
/*
|
||||
* To change this template, choose Tools | Templates
|
||||
* and open the template in the editor.
|
||||
*/
|
||||
?>
|
||||
<?php // INCLUDE JS FILES ?>
|
||||
<script
|
||||
type="text/javascript"
|
||||
src="<?php echo $this->config->base_url(); ?>assets/js/libs/jquery/jquery.min.js"></script>
|
||||
<script
|
||||
type="text/javascript"
|
||||
src="<?php echo $this->config->base_url(); ?>assets/js/libs/bootstrap/bootstrap.min.js"></script>
|
||||
|
||||
<?php // INCLUDE CSS FILES ?>
|
||||
<link
|
||||
rel="stylesheet"
|
||||
type="text/css"
|
||||
href="<?php echo $this->config->base_url(); ?>assets/css/libs/bootstrap/bootstrap.css">
|
||||
<link
|
||||
rel="stylesheet"
|
||||
type="text/css"
|
||||
href="<?php echo $this->config->base_url(); ?>assets/css/libs/bootstrap/bootstrap-responsive.css">
|
||||
|
||||
<?php // SET FAVICON FOR PAGE ?>
|
||||
<link
|
||||
rel="icon"
|
||||
type="image/x-icon"
|
||||
href="<?php echo $this->config->base_url(); ?>assets/images/favicon.ico">
|
||||
|
||||
<style>
|
||||
body {
|
||||
background-color: #CAEDF3;
|
||||
}
|
||||
|
||||
#no-priv-frame {
|
||||
width: 630px;
|
||||
margin: 150px auto 0 auto;
|
||||
background: #FFF;
|
||||
border: 1px solid #DDDADA;
|
||||
padding: 70px;
|
||||
}
|
||||
|
||||
#login-icon {
|
||||
float: right;
|
||||
margin-top: 17px;
|
||||
}
|
||||
|
||||
label {
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
.btn {
|
||||
margin-right: 10px;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div id="no-priv-frame" class="frame-container">
|
||||
<h3>No Privileges</h3>
|
||||
<p>
|
||||
You do not have the required privileges to view this page. Please navigate to a
|
||||
different section.
|
||||
</p>
|
||||
|
||||
<br>
|
||||
|
||||
<a href="<?php echo $this->config->base_url(); ?>backend" class="btn btn-danger btn-large">
|
||||
<i class="icon-wrench icon-white"></i>
|
||||
Backend Calendar
|
||||
</a>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
|
@ -90,7 +90,7 @@ root {
|
|||
}
|
||||
|
||||
#modal-message {
|
||||
margin: 10px 0px;
|
||||
margin: 10px;
|
||||
}
|
||||
|
||||
body .modal-header {
|
||||
|
@ -160,7 +160,7 @@ body .modal-header h3 {
|
|||
}
|
||||
|
||||
#calendar .fc-header-title h2 {
|
||||
font-size: 20px;
|
||||
font-size: 18px;
|
||||
margin: 0px;
|
||||
line-height: 32px;
|
||||
}
|
||||
|
@ -192,6 +192,34 @@ body .modal-header h3 {
|
|||
margin-left: -430px;
|
||||
}
|
||||
|
||||
#existing-customers-list {
|
||||
height: 110px;
|
||||
overflow-y: auto;
|
||||
margin-bottom: 8px;
|
||||
font-size: 12px;
|
||||
line-height: 22px;
|
||||
}
|
||||
|
||||
#existing-customers-list div {
|
||||
display: inline-block;
|
||||
width: 250px;
|
||||
margin: 0 5px 5px 0;
|
||||
padding: 3px 5px;
|
||||
border-radius: 3px;
|
||||
}
|
||||
|
||||
#existing-customers-list div:hover {
|
||||
background: #B8F0C1;
|
||||
font-weight: bold;
|
||||
cursor: pointer;
|
||||
}
|
||||
|
||||
#filter-existing-customers {
|
||||
display: inline-block;
|
||||
height: 14px;
|
||||
font-size: 12px;
|
||||
}
|
||||
|
||||
/* BACKEND CUSTOMERS PAGE
|
||||
-------------------------------------------------------------------- */
|
||||
#customers-page #filter-customers {
|
||||
|
|
|
@ -30,6 +30,11 @@ var Backend = {
|
|||
DB_SLUG_SECRETARY: 'secretary',
|
||||
DB_SLUG_CUSTOMER: 'customer',
|
||||
|
||||
PRIV_VIEW: 1,
|
||||
PRIV_ADD: 2,
|
||||
PRIV_EDIT: 4,
|
||||
PRIV_DELETE: 8,
|
||||
|
||||
/**
|
||||
* Place the backend footer always on the bottom of the page.
|
||||
*/
|
||||
|
@ -62,12 +67,15 @@ var Backend = {
|
|||
* 'function' key values.
|
||||
*/
|
||||
displayNotification: function(message, actions) {
|
||||
if (message === undefined) {
|
||||
if (message == undefined) {
|
||||
message = 'NO MESSAGE PROVIDED FOR THIS NOTIFICATION';
|
||||
}
|
||||
|
||||
if (actions === undefined) {
|
||||
if (actions == undefined) {
|
||||
actions = [];
|
||||
setTimeout(function() {
|
||||
$('#notification').slideUp('slow');
|
||||
}, 7000);
|
||||
}
|
||||
|
||||
var notificationHtml =
|
||||
|
|
|
@ -671,6 +671,98 @@ var BackendCalendar = {
|
|||
$dialog.find('.modal-header h3').text('New Unavailable Period');
|
||||
$dialog.modal('show');
|
||||
});
|
||||
|
||||
/**
|
||||
* Event: Pick Existing Customer Button "Click"
|
||||
*/
|
||||
$('#select-customer').click(function() {
|
||||
var $list = $('#existing-customers-list');
|
||||
|
||||
if (!$list.is(':visible')) {
|
||||
$(this).text('Hide List');
|
||||
$list.empty();
|
||||
$list.slideDown('slow');
|
||||
$('#filter-existing-customers').fadeIn('slow');
|
||||
$('#filter-existing-customers').val('');
|
||||
$.each(GlobalVariables.customers, function(index, c) {
|
||||
$list.append('<div data-id="' + c.id + '">'
|
||||
+ c.first_name + ' ' + c.last_name + '</div>');
|
||||
});
|
||||
} else {
|
||||
$list.slideUp('slow');
|
||||
$('#filter-existing-customers').fadeOut('slow');
|
||||
$(this).text('Select Existing Customer');
|
||||
}
|
||||
});
|
||||
|
||||
/**
|
||||
* Event: Select Existing Customer From List "Click"
|
||||
*/
|
||||
$(document).on('click', '#existing-customers-list div', function() {
|
||||
var id = $(this).attr('data-id');
|
||||
|
||||
$.each(GlobalVariables.customers, function(index, c) {
|
||||
if (c.id == id) {
|
||||
$('#customer-id').val(c.id);
|
||||
$('#first-name').val(c.first_name);
|
||||
$('#last-name').val(c.last_name);
|
||||
$('#email').val(c.email);
|
||||
$('#phone-number').val(c.phone_number);
|
||||
$('#address').val(c.address);
|
||||
$('#city').val(c.city);
|
||||
$('#zip-code').val(c.zip_code);
|
||||
return false;
|
||||
}
|
||||
});
|
||||
|
||||
$('#select-customer').trigger('click'); // hide list
|
||||
});
|
||||
|
||||
/**
|
||||
* Event: Filter Existing Customers "Change"
|
||||
*/
|
||||
$('#filter-existing-customers').keyup(function() {
|
||||
var key = $(this).val();
|
||||
var $list = $('#existing-customers-list');
|
||||
$list.empty();
|
||||
$.each(GlobalVariables.customers, function(index, c) {
|
||||
if (c.first_name.indexOf(key) != -1
|
||||
|| c.last_name.indexOf(key) != -1
|
||||
|| c.email.indexOf(key) != -1
|
||||
|| c.phone_number.indexOf(key) != -1
|
||||
|| c.address.indexOf(key) != -1
|
||||
|| c.city.indexOf(key) != -1
|
||||
|| c.zip_code.indexOf(key) != -1) {
|
||||
$list.append('<div data-id="' + c.id + '">'
|
||||
+ c.first_name + ' ' + c.last_name + '</div>');
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
/**
|
||||
* Event: Selected Service "Change"
|
||||
*
|
||||
* When the user clicks on a service, its available providers should
|
||||
* become visible.
|
||||
*/
|
||||
$('#select-service').change(function() {
|
||||
var sid = $('#select-service').val();
|
||||
$('#select-provider').empty();
|
||||
|
||||
$.each(GlobalVariables.availableProviders, function(indexProvider, provider) {
|
||||
$.each(provider.services, function(indexService, serviceId) {
|
||||
// If the current provider is able to provide the selected service,
|
||||
// add him to the listbox.
|
||||
if (serviceId == sid) {
|
||||
var optionHtml = '<option value="' + provider['id'] + '">'
|
||||
+ provider['last_name'] + ' ' + provider['first_name']
|
||||
+ '</option>';
|
||||
$('#select-provider').append(optionHtml);
|
||||
}
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
},
|
||||
|
||||
/**
|
||||
|
@ -1011,6 +1103,13 @@ var BackendCalendar = {
|
|||
*/
|
||||
calendarEventResize: function(event, dayDelta, minuteDelta, revertFunc,
|
||||
jsEvent, ui, view) {
|
||||
if (GlobalVariables.user.privileges.appointments.edit == false) {
|
||||
revertFunc();
|
||||
Backend.displayNotification('You do not have the required privileges to '
|
||||
+ 'edit appointments.');
|
||||
return;
|
||||
}
|
||||
|
||||
if ($('#notification').is(':visible')) {
|
||||
$('#notification').hide('bind');
|
||||
}
|
||||
|
@ -1164,7 +1263,7 @@ var BackendCalendar = {
|
|||
calendarEventClick: function(event, jsEvent, view) {
|
||||
$('.popover').remove(); // Close all open popovers.
|
||||
|
||||
var html; // Popover's html code
|
||||
var html, displayEdit, displayDelete;
|
||||
|
||||
// Depending where the user clicked the event (title or empty space) we
|
||||
// need to use different selectors to reach the parent element.
|
||||
|
@ -1172,9 +1271,11 @@ var BackendCalendar = {
|
|||
var $altParent = $(jsEvent.target).parents().eq(1);
|
||||
|
||||
if ($parent.hasClass('fc-unavailable') || $altParent.hasClass('fc-unavailable')) {
|
||||
var displayEdit = ($parent.hasClass('fc-custom') || $altParent.hasClass('fc-custom'))
|
||||
displayEdit = (($parent.hasClass('fc-custom') || $altParent.hasClass('fc-custom'))
|
||||
&& GlobalVariables.user.privileges.appointments.edit == true)
|
||||
? '' : 'hide';
|
||||
var displayDelete = displayEdit; // Same value at the time.
|
||||
displayDelete = (GlobalVariables.user.privileges.appointments.delete == true)
|
||||
? '' : 'hide'; // Same value at the time.
|
||||
|
||||
var notes = '';
|
||||
if (event.data) { // Only custom unavailable periods have notes.
|
||||
|
@ -1200,6 +1301,11 @@ var BackendCalendar = {
|
|||
'<button class="close-popover btn" data-po=' + jsEvent.target + '>Close</button>' +
|
||||
'</center>';
|
||||
} else {
|
||||
displayEdit = (GlobalVariables.user.privileges.appointments.edit == true)
|
||||
? '' : 'hide';
|
||||
displayDelete = (GlobalVariables.user.privileges.appointments.delete == true)
|
||||
? '' : 'hide';
|
||||
|
||||
html =
|
||||
'<style type="text/css">'
|
||||
+ '.popover-content strong {min-width: 80px; display:inline-block;}'
|
||||
|
@ -1223,8 +1329,8 @@ var BackendCalendar = {
|
|||
+ event.data['customer']['last_name']
|
||||
+ '<hr>' +
|
||||
'<center>' +
|
||||
'<button class="edit-popover btn btn-primary">Edit</button>' +
|
||||
'<button class="delete-popover btn btn-danger">Delete</button>' +
|
||||
'<button class="edit-popover btn btn-primary ' + displayEdit + '">Edit</button>' +
|
||||
'<button class="delete-popover btn btn-danger ' + displayDelete + '">Delete</button>' +
|
||||
'<button class="close-popover btn" data-po=' + jsEvent.target + '>Close</button>' +
|
||||
'</center>';
|
||||
}
|
||||
|
@ -1254,6 +1360,13 @@ var BackendCalendar = {
|
|||
*/
|
||||
calendarEventDrop : function(event, dayDelta, minuteDelta, allDay,
|
||||
revertFunc, jsEvent, ui, view) {
|
||||
if (GlobalVariables.user.privileges.appointments.edit == false) {
|
||||
revertFunc();
|
||||
Backend.displayNotification('You do not have the required privileges to '
|
||||
+ 'edit appointments.');
|
||||
return;
|
||||
}
|
||||
|
||||
if ($('#notification').is(':visible')) {
|
||||
$('#notification').hide('bind');
|
||||
}
|
||||
|
@ -1458,7 +1571,7 @@ var BackendCalendar = {
|
|||
|
||||
// :: EMPTY FORM FIELDS
|
||||
$dialog.find('input, textarea').val('');
|
||||
$dialog.find('#modal-message').hide();
|
||||
$dialog.find('.modal-message').hide();
|
||||
$dialog.find('#select-service, #select-provider').empty();
|
||||
|
||||
// :: PREPARE SERVICE AND PROVIDER LISTBOXES
|
||||
|
@ -1526,7 +1639,7 @@ var BackendCalendar = {
|
|||
|
||||
// Reset previous validation css formating.
|
||||
$dialog.find('.control-group').removeClass('error');
|
||||
$dialog.find('#modal-message').hide();
|
||||
$dialog.find('.modal-message').hide();
|
||||
|
||||
try {
|
||||
// :: CHECK REQUIRED FIELDS
|
||||
|
@ -1549,7 +1662,7 @@ var BackendCalendar = {
|
|||
|
||||
return true;
|
||||
} catch(exc) {
|
||||
$dialog.find('#modal-message').addClass('alert-error').text(exc).show('fade');
|
||||
$dialog.find('.modal-message').addClass('alert-error').text(exc).show('fade');
|
||||
return false;
|
||||
}
|
||||
},
|
||||
|
|
|
@ -294,12 +294,17 @@ CustomersHelper.prototype.validate = function(customer) {
|
|||
*/
|
||||
CustomersHelper.prototype.resetForm = function() {
|
||||
$('#details').find('input, textarea').val('');
|
||||
$('#details').find('input, textarea').prop('readonly', true);
|
||||
|
||||
$('#customer-appointments').html('');
|
||||
$('#appointment-details').html('');
|
||||
$('#edit-customer, #delete-customer').prop('disabled', true);
|
||||
$('#add-edit-delete-group').show();
|
||||
$('#save-cancel-group').hide();
|
||||
|
||||
$('#details .required').css('border', '');
|
||||
$('#details #form-message').hide();
|
||||
|
||||
$('#filter-customers button').prop('disabled', false);
|
||||
$('#filter-customers .selected-row').removeClass('selected-row');
|
||||
$('#filter-customers .results').css('color', '');
|
||||
|
|
|
@ -292,7 +292,7 @@ ServicesHelper.prototype.delete = function(id) {
|
|||
|
||||
BackendServices.helper.resetForm();
|
||||
BackendServices.helper.filter($('#filter-services .key').val());
|
||||
});
|
||||
}, 'json');
|
||||
};
|
||||
|
||||
/**
|
||||
|
@ -641,7 +641,7 @@ CategoriesHelper.prototype.save = function(category) {
|
|||
$('#filter-categories .key').val('');
|
||||
BackendServices.helper.filter('', response.id, true);
|
||||
BackendServices.updateAvailableCategories();
|
||||
});
|
||||
}, 'json');
|
||||
};
|
||||
|
||||
/**
|
||||
|
@ -665,7 +665,7 @@ CategoriesHelper.prototype.delete = function(id) {
|
|||
BackendServices.helper.resetForm();
|
||||
BackendServices.helper.filter($('#filter-categories .key').val());
|
||||
BackendServices.updateAvailableCategories();
|
||||
});
|
||||
}, 'json');
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
|
@ -81,7 +81,21 @@ var BackendSettings = {
|
|||
|
||||
if (bindEventHandlers) {
|
||||
BackendSettings.bindEventHandlers();
|
||||
$('#settings-page .nav li').first().addClass('active');
|
||||
$('#settings-page .nav li').first().find('a').trigger('click');
|
||||
}
|
||||
|
||||
// Apply Privileges
|
||||
if (GlobalVariables.user.privileges.system_settings.edit == false) {
|
||||
$('#general, #business-logic').find('select, input, textarea').prop('readonly', true);
|
||||
$('#general, #business-logic').find('button').prop('disabled', true);
|
||||
}
|
||||
|
||||
if (GlobalVariables.user.privileges.user_settings.edit == false) {
|
||||
$('#user').find('select, input, textarea').prop('readonly', true);
|
||||
$('#user').find('button').prop('disabled', true);
|
||||
}
|
||||
|
||||
},
|
||||
|
||||
/**
|
||||
|
|
|
@ -201,7 +201,7 @@ AdminsHelper.prototype.delete = function(id) {
|
|||
Backend.displayNotification('Admin deleted successfully!');
|
||||
BackendUsers.helper.resetForm();
|
||||
BackendUsers.helper.filter($('#filter-admins .key').val());
|
||||
});
|
||||
}, 'json');
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
|
@ -242,7 +242,7 @@ ProvidersHelper.prototype.delete = function(id) {
|
|||
Backend.displayNotification('Provider deleted successfully!');
|
||||
BackendUsers.helper.resetForm();
|
||||
BackendUsers.helper.filter($('#filter-providers .key').val());
|
||||
});
|
||||
}, 'json');
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
|
@ -212,7 +212,7 @@ SecretariesHelper.prototype.delete = function(id) {
|
|||
Backend.displayNotification('Secretary deleted successfully!');
|
||||
BackendUsers.helper.resetForm();
|
||||
BackendUsers.helper.filter($('#filter-secretaries .key').val());
|
||||
});
|
||||
}, 'json');
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in a new issue