/**
* routes api calls and returns the result, allows for multiple API calls at once
* @param $action
* @param $data
* @param $result
* @return array|mixed
*/
function routeApiCall($action, $data, $result)
{
global $auth;
$notinprev = false;
// Check for action in unprotected area (does not require permission)
switch ($action) {
// POS Specific
case "config/get":
$setup = new WposPosSetup($data);
$result = $setup->getDeviceRecord($result);
break;
case "items/get":
$jsondata = new WposPosData();
$result = $jsondata->getItems($result);
break;
case "sales/get":
$jsondata = new WposPosData($data);
$result = $jsondata->getSales($result);
break;
case "tax/get":
$jsondata = new WposPosData();
$result = $jsondata->getTaxes($result);
break;
case "customers/get":
$jsondata = new WposPosData();
$result = $jsondata->getCustomers($result);
break;
case "devices/get":
$jsondata = new WposPosData();
$result = $jsondata->getPosDevices($result);
break;
case "locations/get":
$jsondata = new WposPosData();
$result = $jsondata->getPosLocations($result);
break;
case "orders/set":
$sale = new WposPosSale($data);
$result = $sale->setOrder($result);
break;
case "orders/remove":
$sale = new WposPosSale($data);
$result = $sale->removeOrder($result);
break;
case "sales/add":
$sale = new WposPosSale($data);
$result = $sale->insertTransaction($result);
break;
case "sales/void":
// also used for sale refunds
$sale = new WposPosSale($data, false);
$result = $sale->insertVoid($result);
break;
case "sales/search":
$sale = new WposPosData();
if (isset($data)) {
$result = $sale->searchSales($data, $result);
}
break;
case "sales/updatenotes":
$sale = new WposPosSale($data, false);
$result = $sale->updateTransationNotes($result);
break;
case "transactions/get":
$trans = new WposTransactions($data);
$result = $trans->getTransaction($result);
break;
default:
$notinprev = true;
}
if ($notinprev == false) {
// an action has been executed: return the data
return $result;
}
// Check if user is allowed to use this API request
if ($auth->isUserAllowed($action) === false) {
$result['errorCode'] = "priv";
$result['error'] = "You do not have permission to perform this action.";
return $result;
}
// Check in permission protected API calls
switch ($action) {
// admin only
// device setup
case "devices/setup":
$setup = new WposPosSetup($data);
$result = $setup->setupDevice($result);
break;
// stored items
// stored items
case "adminconfig/get":
$setupMdl = new WposPosSetup();
$result = $setupMdl->getAdminConfig($result);
break;
case "items/add":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->addStoredItem($result);
break;
case "items/edit":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->updateStoredItem($result);
break;
case "items/delete":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->deleteStoredItem($result);
break;
// suppliers
// suppliers
case "suppliers/get":
$jsondata = new WposPosData();
$result = $jsondata->getSuppliers($result);
break;
case "suppliers/add":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->addSupplier($result);
break;
case "suppliers/edit":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->updateSupplier($result);
break;
case "suppliers/delete":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->deleteSupplier($result);
break;
// suppliers
// suppliers
case "stock/get":
$jsondata = new WposPosData();
$result = $jsondata->getStock($result);
break;
case "stock/add":
$stockMdl = new WposAdminStock($data);
$result = $stockMdl->addStock($result);
break;
case "stock/set":
$stockMdl = new WposAdminStock($data);
$result = $stockMdl->setStockLevel($result);
break;
case "stock/transfer":
$stockMdl = new WposAdminStock($data);
$result = $stockMdl->transferStock($result);
break;
case "stock/history":
$stockMdl = new WposAdminStock($data);
$result = $stockMdl->getStockHistory($result);
break;
// customers
// customers
case "customers/add":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->addCustomer($result);
break;
case "customers/edit":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->updateCustomer($result);
break;
case "customers/delete":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->deleteCustomer($result);
break;
case "customers/contacts/add":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->addContact($result);
break;
case "customers/contacts/edit":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->updateContact($result);
break;
case "customers/contacts/delete":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->deleteContact($result);
break;
// TODO: Add to permissions
// TODO: Add to permissions
case "customers/setaccess":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->setAccess($result);
break;
case "customers/setpassword":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->setPassword($result);
break;
case "customers/sendreset":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->sendResetEmail($result);
break;
// End to-do
// USERS
// End to-do
// USERS
case "users/get":
$data = new WposPosData();
$result = $data->getUsers($result);
break;
case "users/add":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->addUser($result);
break;
case "users/edit":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->updateUser($result);
break;
case "users/delete":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->deleteUser($result);
break;
case "users/disable":
$setup = new WposAdminItems($data);
$result = $setup->setUserDisabled($result);
break;
// DEVICES
// DEVICES
case "devices/add":
$setup = new WposPosSetup($data);
$result = $setup->addDevice($result);
break;
case "devices/edit":
$setup = new WposPosSetup($data);
$result = $setup->updateDevice($result);
break;
case "devices/delete":
$setup = new WposPosSetup($data);
$result = $setup->deleteDevice($result);
break;
case "devices/disable":
$setup = new WposPosSetup($data);
$result = $setup->setDeviceDisabled($result);
break;
// LOCATIONS
// LOCATIONS
case "locations/add":
$setup = new WposPosSetup($data);
$result = $setup->addLocation($result);
break;
case "locations/edit":
$setup = new WposPosSetup($data);
$result = $setup->updateLocationName($result);
break;
case "locations/delete":
$setup = new WposPosSetup($data);
$result = $setup->deleteLocation($result);
break;
case "locations/disable":
$setup = new WposPosSetup($data);
$result = $setup->setLocationDisabled($result);
break;
// SALES (All transactions)
// SALES (All transactions)
case "sales/delete":
$aSaleMdl = new WposTransactions($data);
$result = $aSaleMdl->deleteSale($result);
break;
case "sales/deletevoid":
$aSaleMdl = new WposTransactions($data);
$result = $aSaleMdl->removeVoidRecord($result);
break;
case "sales/adminvoid":
// the admin add void method, only requires sale id and reason
$aSaleMdl = new WposTransactions($data);
$result = $aSaleMdl->voidSale($result);
break;
// INVOICES
// INVOICES
case "invoices/get":
$invMdl = new WposInvoices($data);
$result = $invMdl->getInvoices($result);
break;
case "invoices/add":
$invMdl = new WposInvoices($data);
$result = $invMdl->createInvoice($result);
break;
case "invoices/edit":
$invMdl = new WposInvoices($data);
$result = $invMdl->updateInvoice($result);
break;
case "invoices/delete":
$invMdl = new WposInvoices($data);
$result = $invMdl->removeInvoice($result);
break;
case "invoices/items/add":
$invMdl = new WposInvoices($data);
$result = $invMdl->addItem($result);
break;
case "invoices/items/edit":
$invMdl = new WposInvoices($data);
$result = $invMdl->updateItem($result);
break;
case "invoices/items/delete":
$invMdl = new WposInvoices($data);
$result = $invMdl->removeItem($result);
break;
case "invoices/payments/add":
$invMdl = new WposInvoices($data);
$result = $invMdl->addPayment($result);
break;
case "invoices/payments/edit":
$invMdl = new WposInvoices($data);
$result = $invMdl->updatePayment($result);
break;
case "invoices/payments/delete":
$invMdl = new WposInvoices($data);
$result = $invMdl->removePayment($result);
break;
case "invoices/history/get":
$invMdl = new WposTransactions($data);
$result = $invMdl->getTransactionHistory($result);
break;
case "invoices/generate":
$invMdl = new WposTransactions(null, $_REQUEST['id'], false);
$invMdl->generateInvoice();
break;
case "invoices/email":
$invMdl = new WposTransactions($data);
$result = $invMdl->emailInvoice($result);
break;
// STATS
// STATS
case "stats/general":
// general overview stats
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getOverviewStats($result);
break;
case "stats/takings":
// account takings stats, categorized by payment method
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getCountTakingsStats($result);
break;
case "stats/itemselling":
// whats selling, grouped by stored items
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getWhatsSellingStats($result);
break;
case "stats/supplyselling":
// whats selling, grouped by suppliers
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getWhatsSellingStats($result, true);
break;
case "stats/stock":
// current stock levels
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getStockLevels($result);
break;
case "stats/devices":
// whats selling, grouped by stored items
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getDeviceBreakdownStats($result);
break;
case "stats/locations":
// whats selling, grouped by stored items
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getDeviceBreakdownStats($result, 'location');
break;
case "stats/users":
// whats selling, grouped by stored items
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getDeviceBreakdownStats($result, 'user');
break;
case "stats/tax":
// whats selling, grouped by stored items
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getTaxStats($result);
break;
// GRAPH
// GRAPH
case "graph/general":
// like the general stats, but in graph form/time.
$graphMdl = new WposAdminGraph($data);
$result = $graphMdl->getOverviewGraph($result);
break;
case "graph/takings":
// like the general stats, but in graph form/time.
$graphMdl = new WposAdminGraph($data);
$result = $graphMdl->getMethodGraph($result);
break;
case "graph/devices":
// like the general stats, but in graph form/time.
$graphMdl = new WposAdminGraph($data);
$result = $graphMdl->getDeviceGraph($result);
break;
case "graph/locations":
// like the general stats, but in graph form/time.
$graphMdl = new WposAdminGraph($data);
$result = $graphMdl->getLocationGraph($result);
break;
// Admin/Global Config
// Admin/Global Config
case "settings/get":
$configMdl = new WposAdminSettings();
$configMdl->setName($data->name);
$result = $configMdl->getSettings($result);
break;
case "settings/general/get":
$configMdl = new WposAdminSettings();
$configMdl->setName("general");
$result = $configMdl->getSettings($result);
break;
case "settings/pos/get":
$configMdl = new WposAdminSettings();
$configMdl->setName("pos");
$result = $configMdl->getSettings($result);
break;
case "settings/invoice/get":
$configMdl = new WposAdminSettings();
$configMdl->setName("invoice");
$result = $configMdl->getSettings($result);
break;
case "settings/set":
$configMdl = new WposAdminSettings($data);
$result = $configMdl->saveSettings($result);
break;
case "settings/general/set":
$configMdl = new WposAdminSettings($data);
$configMdl->setName("general");
$result = $configMdl->saveSettings($result);
break;
case "settings/pos/set":
$configMdl = new WposAdminSettings($data);
$configMdl->setName("pos");
$result = $configMdl->saveSettings($result);
break;
case "settings/invoice/set":
$configMdl = new WposAdminSettings($data);
$configMdl->setName("invoice");
$result = $configMdl->saveSettings($result);
break;
case "settings/google/authinit":
GoogleIntegration::initGoogleAuth();
break;
case "settings/google/authremove":
GoogleIntegration::removeGoogleAuth();
break;
case "settings/xero/oauthinit":
XeroIntegration::initXeroAuth();
break;
case "settings/xero/oauthcallback":
XeroIntegration::processCallbackAuthCode();
break;
case "settings/xero/oauthremove":
XeroIntegration::removeXeroAuth();
break;
case "settings/xero/configvalues":
$result = XeroIntegration::getXeroConfigValues($result);
break;
case "settings/xero/export":
$result = XeroIntegration::exportXeroSales($data->stime, $data->etime);
break;
case "node/status":
$Sserver = new WposSocketControl();
$result = $Sserver->isServerRunning($result);
break;
case "node/start":
$Sserver = new WposSocketControl();
$result = $Sserver->startSocketServer($result);
break;
case "node/stop":
$Sserver = new WposSocketControl();
$result = $Sserver->stopSocketServer($result);
break;
case "node/restart":
$Sserver = new WposSocketControl();
$result = $Sserver->restartSocketServer($result);
break;
case "db/backup":
$util = new WposAdminUtilities();
$util->backUpDatabase();
break;
case "logs/list":
$result['data'] = Logger::ls();
break;
case "logs/read":
$result['data'] = Logger::read($data->filename);
break;
case "file/upload":
if (isset($_FILES['file'])) {
$uploaddir = 'docs';
$newpath = $uploaddir . DIRECTORY_SEPARATOR . basename($_FILES['file']['name']);
if (move_uploaded_file($_FILES['file']['tmp_name'], $_SERVER['DOCUMENT_ROOT'] . $_SERVER['APP_ROOT'] . $newpath) !== false) {
$result['data'] = ["path" => "/" . $newpath];
} else {
$result['error'] = "There was an error uploading the file " . $newpath;
}
} else {
$result['error'] = "No file selected";
}
break;
// device message
// device message
case "message/send":
$socket = new WposSocketIO();
if ($data->device === null) {
if (($error = $socket->sendBroadcastMessage($data->message)) !== true) {
$result['error'] = $error;
}
} else {
$devid = intval($data->device);
$devices = new stdClass();
$devices->{$devid} = $devid;
if (($error = $socket->sendMessageToDevices($devices, $data->message)) !== true) {
$result['error'] = $error;
}
}
break;
// device reset
// device reset
case "device/reset":
$socket = new WposSocketIO();
if ($data->device === null) {
if (($error = $socket->sendResetCommand()) !== true) {
$result['error'] = $error;
}
} else {
$devid = intval($data->device);
$devices = new stdClass();
$devices->{$devid} = $devid;
if (($error = $socket->sendResetCommand($devices)) !== true) {
$result['error'] = $error;
}
}
break;
default:
$result["error"] = "Action not defined: " . $action;
break;
}
return $result;
}
/**
* Update and save the current configuration
* @param $result
* @return mixed
*/
public function saveSettings($result)
{
if (!isset($this->name)) {
$result['error'] = "A config-set name must be supplied";
return $result;
}
$this->configMdl = new ConfigModel();
$config = $this->configMdl->get($this->name);
if ($config !== false) {
if (sizeof($config) > 0) {
$this->curconfig = json_decode($config[0]['data']);
// get the json object
$configbk = $this->curconfig;
if (isset($this->data->gcontactcode) && $this->data->gcontactcode != '') {
// Get google access token
$tokens = GoogleIntegration::processGoogleAuthCode($this->data->gcontactcode);
if ($tokens) {
$tokens = json_decode($tokens);
$this->data->gcontacttoken = $tokens;
$this->data->gcontact = 1;
}
unset($this->data->gcontactcode);
}
// generate new qr code
if ($this->name == "pos") {
if ($this->data->recqrcode !== $configbk->recqrcode && $this->data->recqrcode != "") {
$this->generateQRCode();
}
}
foreach ($this->curconfig as $key => $value) {
if (isset($this->data->{$key})) {
// update the config value if specified in the data
$this->curconfig->{$key} = $this->data->{$key};
}
}
if ($this->configMdl->edit($this->name, json_encode($this->curconfig)) === false) {
$result['error'] = "Could not update config record: " . $this->configMdl->errorInfo;
} else {
$conf = $this->curconfig;
if ($this->name == "general") {
unset($conf->gcontacttoken);
$conf->timezone = $this->data->timezone;
if ($conf->timezone != getenv("WPOS_TIMEZONE")) {
$this->updateConfigFileValue('timezone', $conf->timezone);
}
} else {
if ($this->name == "accounting") {
unset($conf->xerotoken);
}
}
// send config update to POS terminals
$socket = new WposSocketIO();
$socket->sendConfigUpdate($conf, $this->name);
// Success; log data
Logger::write("System configuration updated:" . $this->name, "CONFIG", json_encode($conf));
}
} else {
// if current settings are null, create a new record with the specified name
if ($this->configMdl->create($this->name, json_encode($this->data)) === false) {
$result['error'] = "Could not insert new config record: " . $this->configMdl->errorInfo;
}
}
} else {
$result['error'] = "Could not retrieve the selected config record: " . $this->configMdl->errorInfo;
}
return $result;
}
/**
* Statically update customer data
* @param $data
* @return bool|string
*/
public static function updateCustomerData($data)
{
$settings = WposAdminSettings::getSettingsObject('general');
$custMdl = new CustomerModel();
$gid = null;
if ($settings->gcontact == 1) {
// get google id
$gid = $custMdl->get($data->id)[0]['googleid'];
if ($gid) {
// edit google
$gres = GoogleIntegration::setGoogleContact($settings, $data, $gid);
} else {
// add google
$gres = GoogleIntegration::setGoogleContact($settings, $data);
}
if ($gres[0] == true) {
$gid = $gres[1];
}
}
$qresult = $custMdl->edit($data->id, $data->email, $data->name, $data->phone, $data->mobile, $data->address, $data->suburb, $data->postcode, $data->state, $data->country, $data->notes, $gid);
if ($qresult === false) {
return "Could not edit the customer: " . $custMdl->errorInfo;
} else {
// get full customer record
$data = self::getCustomerData($qresult);
// broadcast to devices
$WposSocketIO = new WposSocketIO();
$WposSocketIO->sendCustomerUpdate($data);
// log data
Logger::write("Customer updated with id:" . $data->id, "CUSTOMER", json_encode($data));
return $data;
}
}
