diff --git a/application/controllers/Appointments.php b/application/controllers/Appointments.php index 0a50ea3d..0630e6f9 100644 --- a/application/controllers/Appointments.php +++ b/application/controllers/Appointments.php @@ -85,13 +85,13 @@ class Appointments extends EA_Controller { { try { - $appointment = json_decode(request('appointment'), TRUE); - if (cannot('add', PRIV_APPOINTMENTS)) { abort(403, 'Forbidden'); } - + + $appointment = json_decode(request('appointment'), TRUE); + $this->appointments_model->only($appointment, [ 'start_datetime', 'end_datetime', @@ -124,13 +124,13 @@ class Appointments extends EA_Controller { { try { - $appointment = json_decode(request('appointment'), TRUE); - if (cannot('edit', PRIV_APPOINTMENTS)) { abort(403, 'Forbidden'); } + $appointment = json_decode(request('appointment'), TRUE); + $this->appointments_model->only($appointment, [ 'id', 'start_datetime', diff --git a/application/controllers/Customers.php b/application/controllers/Customers.php index a8e275a3..67ced057 100644 --- a/application/controllers/Customers.php +++ b/application/controllers/Customers.php @@ -159,13 +159,13 @@ class Customers extends EA_Controller { { try { - $customer = request('customer'); - if (cannot('add', PRIV_USERS)) { abort(403, 'Forbidden'); } + $customer = request('customer'); + $customer_id = $this->customers_model->save($customer); json_response([ @@ -186,13 +186,13 @@ class Customers extends EA_Controller { { try { - $customer = request('customer'); - if (cannot('edit', PRIV_USERS)) { abort(403, 'Forbidden'); } + $customer = request('customer'); + $customer_id = $this->customers_model->save($customer); json_response([ diff --git a/application/controllers/Providers.php b/application/controllers/Providers.php index 27c543d0..a3c67507 100644 --- a/application/controllers/Providers.php +++ b/application/controllers/Providers.php @@ -128,13 +128,13 @@ class Providers extends EA_Controller { { try { - $provider = request('provider'); - if (cannot('add', PRIV_USERS)) { abort(403, 'Forbidden'); } + $provider = request('provider'); + $provider_id = $this->providers_model->save($provider); json_response([ @@ -155,13 +155,13 @@ class Providers extends EA_Controller { { try { - $provider = request('provider'); - if (cannot('edit', PRIV_USERS)) { abort(403, 'Forbidden'); } + $provider = request('provider'); + $provider_id = $this->providers_model->save($provider); json_response([ diff --git a/application/controllers/Secretaries.php b/application/controllers/Secretaries.php index 2943e2d4..6cac5729 100644 --- a/application/controllers/Secretaries.php +++ b/application/controllers/Secretaries.php @@ -128,13 +128,13 @@ class Secretaries extends EA_Controller { { try { - $secretary = request('secretary'); - if (cannot('add', PRIV_USERS)) { abort(403, 'Forbidden'); } + $secretary = request('secretary'); + $secretary_id = $this->secretaries_model->save($secretary); json_response([ @@ -155,13 +155,13 @@ class Secretaries extends EA_Controller { { try { - $secretary = request('secretary'); - if (cannot('edit', PRIV_USERS)) { abort(403, 'Forbidden'); } + $secretary = request('secretary'); + $secretary_id = $this->secretaries_model->save($secretary); json_response([ diff --git a/application/controllers/Services.php b/application/controllers/Services.php index 2468bff3..0abacf07 100644 --- a/application/controllers/Services.php +++ b/application/controllers/Services.php @@ -113,15 +113,15 @@ class Services extends EA_Controller { { try { - $service = request('service'); - - $service['id_categories'] = $service['id_categories'] ?: null; - if (cannot('add', PRIV_SERVICES)) { abort(403, 'Forbidden'); } + $service = request('service'); + + $service['id_categories'] = $service['id_categories'] ?: null; + $service_id = $this->services_model->save($service); json_response([ @@ -142,15 +142,15 @@ class Services extends EA_Controller { { try { - $service = request('service'); - - $service['id_categories'] = $service['id_categories'] ?: null; - if (cannot('edit', PRIV_SERVICES)) { abort(403, 'Forbidden'); } - + + $service = request('service'); + + $service['id_categories'] = $service['id_categories'] ?: null; + $service_id = $this->services_model->save($service); json_response([ diff --git a/application/controllers/Unavailabilities.php b/application/controllers/Unavailabilities.php index aa6673f9..078c415b 100644 --- a/application/controllers/Unavailabilities.php +++ b/application/controllers/Unavailabilities.php @@ -70,13 +70,13 @@ class Unavailabilities extends EA_Controller { { try { - $unavailability = json_decode(request('unavailability'), TRUE); - if (cannot('add', PRIV_APPOINTMENTS)) { abort(403, 'Forbidden'); } + $unavailability = json_decode(request('unavailability'), TRUE); + $unavailability_id = $this->unavailabilities_model->save($unavailability); json_response([ @@ -97,13 +97,13 @@ class Unavailabilities extends EA_Controller { { try { - $unavailability = json_decode(request('unavailability'), TRUE); - if (cannot('edit', PRIV_APPOINTMENTS)) { abort(403, 'Forbidden'); } + $unavailability = json_decode(request('unavailability'), TRUE); + $unavailability_id = $this->unavailabilities_model->save($unavailability); json_response([