/**
* @param FormBuilderInterface $builder
* @param array $options
*/
public function buildForm(FormBuilderInterface $builder, array $options)
{
$ut = new RoleController();
$em = $this->getDoctrine()->getManager();
$role = $ut->allRoleAction($em);
$roles = array();
foreach ($role as $value) {
$arr = (array) $value;
$roleId = array_shift($arr);
$roleName = array_shift($arr);
$roles += [$roleId => $roleName];
}
$builder->add("UsersType", new UsersType());
$builder->add('role', 'choice', array('label' => 'Выберите роль', 'multiple' => false, 'choices' => $roles, 'mapped' => false))->add('roles')->add('email')->add('Phone')->add('description');
}
public function init()
{
RoleController::$dataTableUrl = adminAppUrl('system/role/dataTable');
RoleController::$addUrl = adminAppUrl('system/role/add');
RoleController::$modUrl = adminAppUrl('system/role/mod?id=');
RoleController::$delUrl = adminAppUrl('system/role/del?id=');
}
/**
* Display the tabs of the users page
*/
public function index()
{
$tabs = array('users' => $this->listUsers(), 'roles' => RoleController::getInstance()->listRoles(), 'questions' => QuestionController::getInstance()->listQuestions());
$this->addCss(Plugin::current()->getCssUrl('users.less'));
$this->addJavaScript(Plugin::current()->getJsUrl('users.js'));
$page = View::make(Plugin::current()->getViewsDir() . 'users.tpl', array('tabs' => $tabs));
return NoSidebarTab::make(array('page' => $page, 'icon' => 'users', 'title' => 'Utilisateurs'));
}
static function addRoutes($app, $authenticateForRole)
{
//* /role/ routes - admin users only
$app->group('/role', $authenticateForRole('admin'), function () use($app) {
/*
* id
*/
$app->map("/get/:roleId/", function ($roleId) use($app) {
RoleController::getRole($app, $roleId);
})->via('GET', 'POST');
/*
* role, desc
*/
$app->post("/insert/", function () use($app) {
RoleController::addRole($app);
});
/*
* id, role, desc
*/
$app->post("/update/:roleId/", function ($roleId) use($app) {
RoleController::saveRole($app, $roleId);
});
/*
* id
*/
$app->map("/delete/:roleId/", function ($roleId) use($app) {
RoleController::deleteRole($app, $roleId);
})->via('DELETE', 'POST');
/*
* roleId, fieldId
*/
$app->post("/unassign-field/", function () use($app) {
RoleController::unassignField($app);
});
/*
* roleId, fieldId
*/
$app->post("/assign-field/", function () use($app) {
RoleController::assignField($app);
});
/*
* roleId, groupId
*/
$app->post("/unassign-group/", function () use($app) {
RoleController::unassignGroup($app);
});
/*
* roleId, groupId
*/
$app->post("/assign-group/", function () use($app) {
RoleController::assignGroup($app);
});
});
}
public static function createFormEdit($user)
{
require_once "../../../controller/RoleController.php";
$roles = RoleController::GetAll();
$str = "";
$str .= ' <form id="form" action="..." method="post">';
$str .= ' <fieldset id="personal"> ';
$str .= ' <legend> ';
$str .= ' EDIT USER ';
$str .= ' </legend>';
$str .= ' <label for="email">Email : </label>';
$str .= ' <input name="email" id="emailEdit" type="text" tabindex="1" value="' . $user["Email"] . '"/>';
$str .= ' <br />';
$str .= ' <label for="phone">Phone : </label>';
$str .= ' <input name="phone" id="phoneEdit" type="text" value="' . $user["Phone"] . '"';
$str .= ' tabindex="2" />';
$str .= ' <br />';
$str .= ' <label for="role">Role : </label>';
$str .= ' <select name="role" id="role">';
for ($i = 0; $i < count($roles); $i++) {
if ($user["Role"] == $roles[$i]["ID"]) {
//select first option
$str .= "<option selected='selected' value='" . $roles[$i]["ID"] . "'>" . $roles[$i]["Name"] . "</option>";
} else {
$str .= "<option value='" . $roles[$i]["ID"] . "'>" . $roles[$i]["Name"] . "</option>";
}
}
$str .= ' </select>';
$str .= ' <br />
<p>
Send auto generated password
<input name="generatepass" id="yes" type="checkbox"
value="yes" tabindex="35" />
</p>
<label for="pass">Password : </label>
<input name="pass" id="passEdit" type="password"
tabindex="2" />
<br />
<label for="pass-2">Password Re: </label>
<input name="pass-2" id="pass-2" type="password"
tabindex="2" />
<br />
</fieldset>
<div align="center">
<input id="button1" type="button" value="Save" onclick="updateUser(' . $user["ID"] . ');"/>
<input type="button" id="close-panel" value="Close" onclick="closePopupEdit();"/>
</div>
</form>';
return $str;
}
public static function admin($params)
{
$format = Utils::getFormat($params['args'], 0, 2);
$app_url = Settings::getProtected('app_url');
$db = Settings::getProtected('db');
$user = User::getAuthenticatedUser();
// Make sure the user is at least creator or admin
RoleController::forceClearance(array('system.creator', 'system.admin'), $user);
// Get latest work for the user's projects
$latestWorkList = $db->getAdminProjectsLatestWork($user->username, 5);
$latestWork = array();
foreach ($latestWorkList as $work) {
$qn = $work['queue_name'];
$type = substr($qn, strpos($qn, '.') + 1, strpos($qn, ':') - strpos($qn, '.') - 1);
$username = substr($qn, strpos($qn, ':') + 1);
$item = new Item($work['item_id'], $work['project_slug']);
$project = new Project($work['project_slug']);
if ($item->project_type == 'system') {
$transcriptURL = "{$app_url}/projects/" . $item->project_slug . "/items/" . $item->item_id . "/{$type}/{$username}";
$editURL = "{$app_url}/projects/" . $item->project_slug . "/items/" . $item->item_id . "/edit";
} else {
$transcriptURL = "{$app_url}/" . $item->project_owner . "/projects/" . $item->project_slug . "/items/" . $item->item_id . "/{$type}/{$username}";
$editURL = "{$app_url}/" . $item->project_owner . "/projects/" . $item->project_slug . "/items/" . $item->item_id . "/edit";
}
array_push($latestWork, array('item' => $item->getResponse(), 'project' => $project->getResponse(), 'type' => $type, 'username' => $username, 'date_completed' => $work['date_completed'], 'transcript_url' => $transcriptURL, 'edit_url' => $editURL));
}
$newestMembers = $db->getNewestProjectMembers($user->username, 5);
// Only get list of users if they're a site admin
$users = array();
if ($user->role == 'admin') {
$usernameList = $db->getUsers();
foreach ($usernameList as $username) {
$tempUser = new User($username['username']);
$tempUserArray = $tempUser->getResponse();
// Get list of projects they're working on
$projects = $db->getUserProjectsWithStats($username['username']);
$tempUserArray['projects'] = $projects;
array_push($users, $tempUserArray);
}
}
$response = array('page_title' => 'Admin Dashboard', 'user' => $user->getResponse(), 'latest_work' => $latestWork, 'newest_members' => $newestMembers, 'users' => $users);
switch ($format) {
case 'json':
echo json_encode($response);
break;
case 'html':
Template::render('admin_dashboard', $response);
break;
}
}
public function deleteUser($userid)
{
$loggedInUser = CxSessionHandler::getItem('userid');
// check if user has permission to delete users
if (!RoleController::hasRole($loggedInUser, ADMINISTRATOR)) {
$response_array = array(JsonResponse::P_STATUS => JsonResponse::STATUS_ERROR, JsonResponse::P_MESSAGE => 'You are not authorized to delete users!');
return $response_array;
}
$user_deleted = $this->user->deleteUser($userid);
if ($user_deleted) {
// log user out from database level, once delete is succesful
$authenticator = new AuthenticationController();
$authenticator->flagUserOffline($userid);
}
return $user_deleted;
}
public function addPatient($patient, $doctor)
{
$arrival = new ArrivalModel();
$response = array();
$is_doctor = RoleController::hasRole($doctor, DOCTOR);
$is_general_queue = $doctor == GENERAL_QUEUE;
if (!$is_doctor && !$is_general_queue) {
$response[P_STATUS] = STATUS_ERROR;
$response[P_MESSAGE] = "Error!!! Invalid doctor!";
return $response;
}
//CHECK IF PATIENT IS NOT ALREADY ON A QUEUE
if ($arrival->patientOnQueue($patient)) {
$response[P_STATUS] = STATUS_ERROR;
$response[P_MESSAGE] = "Error!!! Patient already on queue";
return $response;
}
$arrival_data = array();
$arrival_data[PatientQueueTable::patient_id] = $patient;
$arrival_data[PatientQueueTable::doctor_id] = $doctor;
$feedback = $arrival->add($arrival_data);
return $feedback;
}
static function addRoutes($app, $authenticateForRole)
{
//* /role/ routes - admin users only
$app->group('/store/admin', $authenticateForRole('admin'), function () use($app) {
/*
* id
$app->map("/get/:roleId/", function ($roleId) use ($app) {
RoleController::getRole($app, $roleId);
})->via('GET', 'POST');
*/
});
$app->group('/store/category', $authenticateForRole('admin'), function () use($app) {
/*
* id
*/
$app->map("/:categoryId/", function ($roleId) use($app) {
RoleController::getRole($app, $roleId);
})->via('GET', 'POST');
});
$app->group('/store/tag', $authenticateForRole('admin'), function () use($app) {
/*
* id
*/
$app->map("/:tagId/", function ($roleId) use($app) {
RoleController::getRole($app, $roleId);
})->via('GET', 'POST');
});
$app->group('/store/product', $authenticateForRole('admin'), function () use($app) {
/*
* id
*/
$app->map("/:productId/", function ($roleId) use($app) {
RoleController::getRole($app, $roleId);
})->via('GET', 'POST');
});
}
<legend>
ADD NEW
</legend>
<label for="name">Name : </label>
<input name="name" id="name" type="text" tabindex="1" />
<br />
<label for="email">Email : </label>
<input name="email" id="email" type="text" tabindex="1" />
<br />
<label for="phone">Phone : </label>
<input name="phone" id="phone" type="text"
tabindex="2" />
<br />
<?php
require_once "../../controller/RoleController.php";
$roles = RoleController::GetAll();
?>
<label for="role">Role : </label>
<select name="role" id="role">
<?php
for ($i = 0; $i < count($roles); $i++) {
if ($i == 0) {
//select first option
echo "<option selected='selected' value='" . $roles[$i]["ID"] . "'>" . $roles[$i]["Name"] . "</option>";
} else {
echo "<option value='" . $roles[$i]["ID"] . "'>" . $roles[$i]["Name"] . "</option>";
}
}
?>
</select>
<!--
<?php
require_once '../_core/global/_require.php';
Crave::requireAll(GLOBAL_VAR);
Crave::requireAll(UTIL);
Crave::requireFiles(MODEL, array('BaseModel', 'AdmissionModel', 'RoleModel'));
Crave::requireFiles(CONTROLLER, array('AdmissionController', 'RoleController'));
if (isset($_REQUEST['intent'])) {
$intent = $_REQUEST['intent'];
} else {
echo JsonResponse::error('Intent not set!');
exit;
}
if ($intent == 'requestAdmission') {
$userid = CxSessionHandler::getItem(UserAuthTable::userid);
if (!RoleController::hasRole($userid, DOCTOR)) {
echo JsonResponse::error("User does not have privilege to request admission.");
exit;
}
if (isset($_REQUEST[TreatmentTable::treatment_id])) {
$response = AdmissionController::requestAdmission($_REQUEST[TreatmentTable::treatment_id]);
if ($response) {
echo JsonResponse::message(STATUS_OK, "Admission request successful!");
exit;
} else {
echo JsonResponse::error("Unable to request admission!");
exit;
}
} else {
echo JsonResponse::error("Incomplete request parameters!");
exit;
<?php
require_once '../_core/global/_require.php';
Crave::requireAll(GLOBAL_VAR);
Crave::requireAll(UTIL);
Crave::requireFiles(MODEL, array('BaseModel', 'RoleModel', 'PatientModel', 'PharmacistModel'));
Crave::requireFiles(CONTROLLER, array('RoleController', 'PharmacistController'));
$pharm_id = CxSessionHandler::getItem('userid');
if (RoleController::hasRole($pharm_id, PHARMACIST)) {
}
if (isset($_REQUEST['intent'])) {
$intent = $_REQUEST['intent'];
} else {
echo JsonResponse::error('Intent not set!');
exit;
}
if ($intent == 'getPatientQueue') {
// Retrieve Out Patient Queue
$queue = (new PharmacistController())->getPatientQueue();
if (is_array($queue) && !empty($queue)) {
echo JsonResponse::success($queue);
exit;
} else {
echo JsonResponse::error("No patient on queue");
exit;
}
} elseif ($intent == 'getPrescription') {
$treatmentId = isset($_REQUEST['treatmentId']) ? $_REQUEST['treatmentId'] : null;
$encounterId = isset($_REQUEST['encounterId']) ? $_REQUEST['encounter_id'] : 0;
if ($treatmentId) {
// Retrieve Patient Prescription
echo JsonResponse::error("Could not add the lab details");
exit;
}
} else {
echo JsonResponse::accessDenied();
exit;
}
} else {
echo JsonResponse::error("No lab type or data to add");
exit;
}
} elseif ($intent == 'updateLabDetails') {
if (isset($_REQUEST['labType']) && $data) {
$labType = $_REQUEST['labType'];
$role = isset($labType_Role[$labType]) ? $labType_Role[$labType] : null;
if ($role && RoleController::hasPermission($lab_attendant_id, $role, READ_WRITE)) {
$lab = new LaboratoryController();
$response = $lab->updateLabDetails($labType, $data);
/*echo JsonResponse::success($data);
exit();*/
if ($response['status']) {
echo JsonResponse::success("Successfully updated");
exit;
} else {
echo JsonResponse::error($response['message']);
exit;
}
} else {
echo JsonResponse::accessDenied();
exit;
}
public function __construct()
{
parent::__construct();
}
if (isset($_REQUEST['permission_role_id'])) {
$conductor = new RoleController();
$response = $conductor->dismissRole($_REQUEST['permission_role_id']);
if ($response[P_STATUS] == STATUS_OK) {
echo JsonResponse::message(STATUS_OK, 'Role assignment removed successfully!');
exit;
} else {
//die(var_dump($response));
echo JsonResponse::error($response[P_MESSAGE]);
exit;
}
} else {
echo JsonResponse::error('Incomplete request parameters!');
exit;
}
} elseif ($intent == "updatePermission") {
if (isset($_REQUEST['permission_role_id'], $_REQUEST['staff_permission_id'])) {
$conductor = new RoleController();
$response = $conductor->updatePermission($_REQUEST['permission_role_id'], $_REQUEST['staff_permission_id']);
if ($response[P_STATUS] == STATUS_OK) {
echo JsonResponse::message(STATUS_OK, 'Permission update successful!');
exit;
} else {
echo JsonResponse::error($response[P_MESSAGE]);
exit;
}
} else {
echo JsonResponse::error('Incomplete request parameters!');
exit;
}
}
exit;
}
} elseif ($intent == 'loadGenQueue') {
//Load general queue
$usher = new ArrivalController();
$queue = $usher->getGenQueue();
if (is_array($queue)) {
echo JsonResponse::success($queue);
exit;
} else {
echo JsonResponse::error("Queue is empty!");
exit;
}
} elseif ($intent == 'loadDoctorQueue') {
$doctor_id = CxSessionHandler::getItem(UserAuthTable::userid);
$is_doctor = RoleController::hasRole($doctor_id, DOCTOR);
if ($is_doctor) {
$usher = new ArrivalController();
$response = $usher->getDoctorQueue($doctor_id);
if (is_array($response)) {
echo JsonResponse::success($response);
exit;
} else {
echo JsonResponse::error("Doctorr queue is empty!");
exit;
}
} else {
echo JsonResponse::error("Logged in user is not a doctor!");
exit;
}
} elseif ($intent == 'addToQueue') {
public static function deleteItem($params)
{
$format = Utils::getFormat($params['args'], 2, 4);
$projectType = Utils::getProjectType($params['args']);
$projectSlugIndex = $projectType == 'system' ? 0 : 2;
$projectSlug = $params['args'][$projectSlugIndex];
$project = new Project($projectSlug);
$itemIndex = $projectType == 'system' ? 1 : 3;
$itemId = $params['args'][$itemIndex];
$user = User::getAuthenticatedUser();
switch ($params['method']) {
// POST: Delete an item
case 'POST':
$status = 'success';
$message = '';
// Make sure the user is project admin or site admin
RoleController::forceClearance(array('project.admin', 'project.owner', 'system.admin'), $user, array('project' => $project));
// Load item to make sure it exists
$item = new Item($itemId, $projectSlug);
// Delete the file
Media::removeFileForItem($item);
// Delete from project proof queue
$queue = new Queue("project.proof:{$project->slug}", false);
$queue->remove($item);
$queue->save();
// Delete from project review queue (if it's there)
$queue = new Queue("project.review:{$project->slug}", false);
$queue->remove($item);
$queue->save();
// Delete from database
if (!$item->deleteFromDatabase()) {
$status = 'error';
$message = 'errors.deleting_item';
}
echo json_encode(array('status' => $status, 'message' => $message));
break;
}
}
public static function import($params)
{
$appUrl = Settings::getProtected('app_url');
$themeRoot = Settings::getProtected('theme_root');
$format = Utils::getFormat($params['args'], 1, 3);
$projectType = Utils::getProjectType($params['args']);
$projectSlug = $projectType == 'system' ? $params['args'][0] : $params['args'][2];
$user = User::getAuthenticatedUser();
// Load the project
$project = new Project($projectSlug);
RoleController::forceClearance(array('project.admin', 'project.owner', 'system.admin'), $user, array('project' => $project));
if ($project->title == '') {
Utils::redirectToDashboard('', 'Error loading project.');
}
if ($project->type == 'system') {
$projectUrl = "projects/" . $project->slug;
} else {
if ($project->type == 'user') {
$projectUrl = "users/" . $project->owner . "/projects/" . $project->slug;
}
}
$project->getItems();
$projectArray = $project->getResponse();
$projectArray['items'] = $project->items;
$projectArray['url'] = "{$appUrl}/{$projectUrl}";
switch ($params['method']) {
// GET: Get transcript import page
case 'GET':
$response = array('page_title' => 'Import Transcript', 'user' => $user->getResponse(), 'project' => $projectArray);
switch ($format) {
case 'json':
echo json_encode(array('status' => 'success', 'response' => $response));
break;
case 'html':
Template::render('import', $response);
break;
}
break;
// POST: Update transcripts for items
// POST: Update transcripts for items
case 'POST':
$template = Utils::POST('template');
$transcript = Utils::POST('transcript');
$items = Utils::POST('items');
$projectSlug = Utils::POST('projectSlug');
$status = 'success';
// Split the transcript
$splitTranscripts = TranscriptController::splitTranscript($transcript, $template);
// Make sure the number of items still matches, otherwise return error
if (count($splitTranscripts) != count($items)) {
$status = 'error';
}
// Update each item's transcript
for ($i = 0; $i < count($items); $i++) {
$item = new Item($items[$i], $projectSlug);
$item->transcript = $splitTranscripts[$i];
if (!$item->save()) {
$status = 'error';
break;
}
}
echo json_encode(array('status' => $status));
break;
}
}
