From df0105c65a03e2797ccfc30c0df8c398c42097f6 Mon Sep 17 00:00:00 2001 From: Alex Tselegidis Date: Fri, 27 May 2022 09:24:01 +0200 Subject: [PATCH] Create the Permissions library with the "has_customer_access" method --- application/core/EA_Controller.php | 1 + application/libraries/Permissions.php | 92 +++++++++++++++++++++++++++ 2 files changed, 93 insertions(+) create mode 100644 application/libraries/Permissions.php diff --git a/application/core/EA_Controller.php b/application/core/EA_Controller.php index de414230..e061094b 100644 --- a/application/core/EA_Controller.php +++ b/application/core/EA_Controller.php @@ -61,6 +61,7 @@ * @property Ics_file $ics_file * @property Instance $instance * @property Notifications $notifications + * @property Permissions $permissions * @property Synchronization $synchronization * @property Timezones $timezones */ diff --git a/application/libraries/Permissions.php b/application/libraries/Permissions.php new file mode 100644 index 00000000..462a974b --- /dev/null +++ b/application/libraries/Permissions.php @@ -0,0 +1,92 @@ + + * @copyright Copyright (c) Alex Tselegidis + * @license https://opensource.org/licenses/GPL-3.0 - GPLv3 + * @link https://easyappointments.org + * @since v1.5.0 + * ---------------------------------------------------------------------------- */ + + +/** + * Permissions library. + * + * Handles permission related functionality. + * + * @package Libraries + */ +class Permissions { + /** + * @var EA_Controller + */ + protected $CI; + + /** + * Permissions constructor. + */ + public function __construct() + { + $this->CI =& get_instance(); + + $this->CI->load->model('appointments_model'); + $this->CI->load->model('roles_model'); + $this->CI->load->model('secretaries_model'); + $this->CI->load->model('users_model'); + + $this->CI->load->library('timezones'); + } + + /** + * Check if a user is allowed to manage the provided customer. + * + * The "limit_customer_access" setting changes the access permissions to customer entries. In order for a provider + * or a secretary to be able to make changes to a customer, they will first need to at least have a single + * appointment with them. + * + * @param int $user_id + * @param int $customer_id + * + * @return bool + */ + public function has_customer_access(int $user_id, int $customer_id): bool + { + $role_id = $this->CI->users_model->value($user_id, 'id_roles'); + + $role_slug = $this->CI->roles_model->value($role_id, 'slug'); + + $limit_customer_access = setting('limit_customer_access'); + + if ($role_slug === DB_SLUG_ADMIN) + { + return TRUE; + } + + if ($role_slug === DB_SLUG_PROVIDER && $limit_customer_access) + { + return $this->CI->appointments_model->query()->where(['id_users_provider' => $user_id, 'id_users_customer' => $customer_id])->get()->num_rows() > 0; + } + + if ($role_slug === DB_SLUG_SECRETARY && $limit_customer_access) + { + $secretary = $this->CI->secretaries_model->find($user_id); + + foreach ($secretary['providers'] as $secretary_provider_id) + { + $has_appointments_with_customer = $this->CI->appointments_model->query()->where(['id_users_provider' => $secretary_provider_id, 'id_users_customer' => $customer_id])->get()->num_rows() > 0; + + if ($has_appointments_with_customer) + { + return TRUE; + } + } + + return FALSE; + } + + return FALSE; + } +}