/** * surveypermission::set() * Function responsible to set permissions to a user/usergroup. * @param mixed $surveyid * @return void */ function set($surveyid) { $aData['surveyid'] = $surveyid = sanitize_int($surveyid); $aViewUrls = array(); $action = $_POST['action']; $clang = Yii::app()->lang; $imageurl = Yii::app()->getConfig('adminimageurl'); $postuserid = !empty($_POST['uid']) ? $_POST['uid'] : null; $postusergroupid = !empty($_POST['ugid']) ? $_POST['ugid'] : null; if ($action == "setsurveysecurity" || $action == "setusergroupsurveysecurity") { $where = 'sid = :surveyid AND owner_id = :owner_id '; $params = array(':surveyid' => $surveyid, ':owner_id' => Yii::app()->session['loginID']); if ($action == "setsurveysecurity") { $where .= "AND owner_id != :postuserid"; $params[':postuserid'] = $postuserid; } $result = Survey::model()->count($where, $params); if ($result > 0 || Yii::app()->session['USER_RIGHT_SUPERADMIN'] == 1) { //$js_admin_includes[]='../scripts/jquery/jquery.tablesorter.min.js'; //$js_admin_includes[]='scripts/surveysecurity.js'; $this->getController()->_js_admin_includes(Yii::app()->getConfig('generalscripts') . 'jquery/jquery.tablesorter.min.js'); $this->getController()->_js_admin_includes(Yii::app()->getConfig('adminscripts') . 'surveysecurity.js'); if ($action == "setsurveysecurity") { $query = "select users_name from {{users}} where uid=:uid"; $resrow = Yii::app()->db->createCommand($query)->bindParam(":uid", $postuserid, PDO::PARAM_INT)->queryRow(); $sUsername = $resrow['users_name']; $usersummary = "<div class='header ui-widget-header'>" . sprintf($clang->gT("Edit survey permissions for user %s"), "<span style='font-style:italic'>" . $sUsername . "</span>") . "</div>"; } else { $resrow = User_groups::model()->find('ugid = :ugid', array(':ugid' => $postusergroupid)); $sUsergroupName = $resrow['name']; $usersummary = "<div class='header ui-widget-header'>" . sprintf($clang->gT("Edit survey permissions for group %s"), "<span style='font-style:italic'>" . $sUsergroupName . "</span>") . "</div>"; } $usersummary .= "<br />" . CHtml::form(array("admin/surveypermission/sa/surveyright/surveyid/{$surveyid}"), 'post') . "<table style='margin:0 auto;' class='usersurveypermissions'><thead>\n"; $usersummary .= "" . "<tr><th></th><th>" . $clang->gT("Permission") . "</th>\n" . "<th><input type='button' id='btnToggleAdvanced' value='<<' /></th>\n" . "<th class='extended'>" . $clang->gT("Create") . "</th>\n" . "<th class='extended'>" . $clang->gT("View/read") . "</th>\n" . "<th class='extended'>" . $clang->gT("Update") . "</th>\n" . "<th class='extended'>" . $clang->gT("Delete") . "</th>\n" . "<th class='extended'>" . $clang->gT("Import") . "</th>\n" . "<th class='extended'>" . $clang->gT("Export") . "</th>\n" . "</tr></thead>\n"; //content $aBasePermissions = Survey_permissions::model()->getBasePermissions(); $oddcolumn = false; foreach ($aBasePermissions as $sPermissionKey => $aCRUDPermissions) { $oddcolumn = !$oddcolumn; $usersummary .= "<tr><td><img src='{$imageurl}{$aCRUDPermissions['img']}_30.png' alt='{$aCRUDPermissions['description']}'/></td>"; $usersummary .= "<td>{$aCRUDPermissions['title']}</td>"; $usersummary .= "<td ><input type=\"checkbox\" class=\"markrow\" name='all_{$sPermissionKey}' /></td>"; foreach ($aCRUDPermissions as $sCRUDKey => $CRUDValue) { if (!in_array($sCRUDKey, array('create', 'read', 'update', 'delete', 'import', 'export'))) { continue; } $usersummary .= "<td class='extended'>"; if ($CRUDValue) { if (!($sPermissionKey == 'survey' && $sCRUDKey == 'read')) { $usersummary .= "<input type=\"checkbox\" class=\"checkboxbtn\" name='perm_{$sPermissionKey}_{$sCRUDKey}' "; if ($action == 'setsurveysecurity' && hasSurveyPermission($surveyid, $sPermissionKey, $sCRUDKey, $postuserid)) { $usersummary .= ' checked="checked" '; } $usersummary .= " />"; } } $usersummary .= "</td>"; } $usersummary .= "</tr>"; } $usersummary .= "\n</table>" . "<p><input type='submit' value='" . $clang->gT("Save Now") . "' />" . "<input type='hidden' name='perm_survey_read' value='1' />" . "<input type='hidden' name='action' value='surveyrights' />"; if ($action == 'setsurveysecurity') { $usersummary .= "<input type='hidden' name='uid' value='{$postuserid}' />"; } else { $usersummary .= "<input type='hidden' name='ugid' value='{$postusergroupid}' />"; } $usersummary .= "</form>\n"; $aViewUrls['output'] = $usersummary; } else { include "accessDenied.php"; } } $this->_renderWrappedTemplate('authentication', $aViewUrls, $aData); }
public function printReport($from, $to) { @$this->load->database(); @($user_groups = User_groups::getAllGroups()); foreach ($user_groups as $user_group) { @($identifier = $user_group["Identifier"]); @($population = 0); @($opening_balance = 0); @($closing_balance = 0); @($sql_consumption = ""); @($store = ""); @($vaccines = Vaccines::getAll_Minified()); if ($identifier == 'provincial_officer') { @($provinces = Provinces::getAllProvinces()); foreach ($provinces as $province) { @($data_buffer = "\n\t\t\t <style>\n\t\t\ttable.data-table {\n\t\t\ttable-layout: fixed;\n\t\t\twidth: 700px;\n\t\t\tborder-collapse:collapse;\n\t\t\tborder:1px solid black;\n\t\t\t}\n\t\t\ttable.data-table td, th {\n\t\t\twidth: 100px;\n\t\t\tborder: 1px solid black;\n\t\t\t}\n\t\t\t.leftie{\n\t\t\t\ttext-align: left !important;\n\t\t\t}\n\t\t\t.right{\n\t\t\t\ttext-align: right !important;\n\t\t\t}\n\t\t\t.center{\n\t\t\t\ttext-align: center !important;\n\t\t\t}\n\t\t\t</style>\n\t\t\t "); @($start_date = $from); @($end_date = $to); @($data_buffer .= "<table class='data-table'>"); @($data_buffer .= $this->echoTitles()); foreach ($vaccines as $vaccine) { @($district_or_region = $province["id"]); @($region_object = Regions::getRegion($district_or_region)); @($store = $region_object->name); @($population = Regional_Populations::getRegionalPopulation($district_or_region, date('Y'))); @($opening_balance = Disbursements::getRegionalPeriodBalance($district_or_region, $vaccine->id, strtotime($start_date))); @($closing_balance = Disbursements::getRegionalPeriodBalance($district_or_region, $vaccine->id, strtotime($end_date))); @($owner = "R" . $district_or_region); @($sql_consumption = "select (SELECT max(str_to_date(Date_Issued,'%m/%d/%Y')) FROM `disbursements` where Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "' and total_stock_balance>0)as last_stock_count,(SELECT sum(Quantity)FROM `disbursements` where Issued_By_Region = '" . $district_or_region . "' and Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_issued,(SELECT sum(Quantity) FROM `disbursements` where Issued_To_Region = '" . $district_or_region . "' and Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_received"); @($query = $this->db->query($sql_consumption)); @($vaccine_data = $query->row()); @($monthly_requirement = ceil($vaccine->Doses_Required * $population * $vaccine->Wastage_Factor / 12)); @($data_buffer .= "<tr><td>" . $vaccine->Name . "</td><td>" . number_format($opening_balance + 0) . "</td><td>" . number_format($vaccine_data->total_received + 0) . "</td><td>" . number_format($vaccine_data->total_issued + 0) . "</td><td>" . number_format($closing_balance - ($opening_balance + $vaccine_data->total_received - $vaccine_data->total_issued) + 0) . "</td><td>" . number_format($closing_balance + 0) . "</td><td>" . number_format($closing_balance / $monthly_requirement, 1) . "</td><td>" . $vaccine_data->last_stock_count . "</td></tr>"); } //end of foreach vaccines @($vals = 1); @($data_buffer .= "</table>"); @$this->generatePDF($data_buffer, $start_date, $end_date, $store, $district_or_region, $vals, $store); @($data_buffer = ""); } } if ($identifier == 'district_officer') { @($districts = Districts::getAllDistricts()); foreach ($districts as $district) { @($data_buffer = "\n\t\t\t <style>\n\t\t\ttable.data-table {\n\t\t\ttable-layout: fixed;\n\t\t\twidth: 700px;\n\t\t\tborder-collapse:collapse;\n\t\t\tborder:1px solid black;\n\t\t\t}\n\t\t\ttable.data-table td, th {\n\t\t\twidth: 100px;\n\t\t\tborder: 1px solid black;\n\t\t\t}\n\t\t\t.leftie{\n\t\t\t\ttext-align: left !important;\n\t\t\t}\n\t\t\t.right{\n\t\t\t\ttext-align: right !important;\n\t\t\t}\n\t\t\t.center{\n\t\t\t\ttext-align: center !important;\n\t\t\t}\n\t\t\t</style>\n\t\t\t "); @($start_date = $from); @($end_date = $to); @($data_buffer .= "<table class='data-table'>"); @($data_buffer .= $this->echoTitles()); foreach ($vaccines as $vaccine) { @($district_or_region = $district["id"]); @($district_object = Districts::getDistrict($district_or_region)); @($store = $district_object->name); @($population = District_Populations::getDistrictPopulation($district_or_region, date('Y'))); @($opening_balance = Disbursements::getDistrictPeriodBalance($district_or_region, $vaccine->id, strtotime($start_date))); @($closing_balance = Disbursements::getDistrictPeriodBalance($district_or_region, $vaccine->id, strtotime($end_date))); @($owner = "D" . $district_or_region); @($sql_consumption = "select (SELECT max(str_to_date(Date_Issued,'%m/%d/%Y')) FROM `disbursements` where Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "' and total_stock_balance>0)as last_stock_count,(SELECT sum(Quantity)FROM `disbursements` where Issued_By_District = '" . $district_or_region . "' and Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_issued,(SELECT sum(Quantity) FROM `disbursements` where Issued_To_District = '" . $district_or_region . "' and Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_received"); @($query = $this->db->query($sql_consumption)); @($vaccine_data = $query->row()); @($monthly_requirement = ceil($vaccine->Doses_Required * $population * $vaccine->Wastage_Factor / 12)); @($data_buffer .= "<tr><td>" . $vaccine->Name . "</td><td>" . number_format($opening_balance + 0) . "</td><td>" . number_format($vaccine_data->total_received + 0) . "</td><td>" . number_format($vaccine_data->total_issued + 0) . "</td><td>" . number_format($closing_balance - ($opening_balance + $vaccine_data->total_received - $vaccine_data->total_issued) + 0) . "</td><td>" . number_format($closing_balance + 0) . "</td><td>" . number_format($closing_balance / $monthly_requirement, 1) . "</td><td>" . $vaccine_data->last_stock_count . "</td></tr>"); } //end of foreach vaccines @($vals = 2); @($data_buffer .= "</table>"); @$this->generatePDF($data_buffer, $start_date, $end_date, $store, $district_or_region, $vals, $store); @($data_buffer = ""); } } if ($identifier == 'national_officer') { @($data_buffer = "\n\t\t\t <style>\n\t\t\ttable.data-table {\n\t\t\ttable-layout: fixed;\n\t\t\twidth: 700px;\n\t\t\tborder-collapse:collapse;\n\t\t\tborder:1px solid black;\n\t\t\t}\n\t\t\ttable.data-table td, th {\n\t\t\twidth: 100px;\n\t\t\tborder: 1px solid black;\n\t\t\t}\n\t\t\t.leftie{\n\t\t\t\ttext-align: left !important;\n\t\t\t}\n\t\t\t.right{\n\t\t\t\ttext-align: right !important;\n\t\t\t}\n\t\t\t.center{\n\t\t\t\ttext-align: center !important;\n\t\t\t}\n\t\t\t</style>\n\t\t\t "); @($start_date = $from); @($end_date = $to); @($data_buffer .= "<table class='data-table'>"); @($data_buffer .= $this->echoTitles()); @($store = "Central Vaccines Store"); foreach ($vaccines as $vaccine) { @($population = Regional_Populations::getNationalPopulation(date('Y'))); @($opening_balance = Disbursements::getNationalPeriodBalance($vaccine->id, strtotime($start_date))); @($closing_balance = Disbursements::getNationalPeriodBalance($vaccine->id, strtotime($end_date))); @($sql_consumption = "select (SELECT max(str_to_date(Date_Issued,'%m/%d/%Y')) FROM `disbursements` where Owner = 'N0' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "' and total_stock_balance>0)as last_stock_count,(SELECT sum(Quantity)FROM `disbursements` where Issued_By_National = '0' and Owner = 'N0' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_issued,(SELECT sum(Quantity) FROM `disbursements` where Issued_To_National = '0' and Owner = 'N0' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_received"); @($query = $this->db->query($sql_consumption)); @($vaccine_data = $query->row()); @($monthly_requirement = ceil($vaccine->Doses_Required * $population * $vaccine->Wastage_Factor / 12)); @($data_buffer .= "<tr><td>" . $vaccine->Name . "</td><td>" . number_format($opening_balance + 0) . "</td><td>" . number_format($vaccine_data->total_received + 0) . "</td><td>" . number_format($vaccine_data->total_issued + 0) . "</td><td>" . number_format($closing_balance - ($opening_balance + $vaccine_data->total_received - $vaccine_data->total_issued) + 0) . "</td><td>" . number_format($closing_balance + 0) . "</td><td>" . number_format($closing_balance / $monthly_requirement, 1) . "</td><td>" . $vaccine_data->last_stock_count . "</td></tr>"); } //end of foreach vaccines @($vals = 3); @($data_buffer .= "</table>"); @($district_or_region = ""); @$this->generatePDF($data_buffer, $start_date, $end_date, $store, $district_or_region, $vals, $store); @($data_buffer = ""); } } //end of foreach user_group }
function user($ugid, $action = 'add') { if (Yii::app()->session['USER_RIGHT_SUPERADMIN'] != true || !in_array($action, array('add', 'remove'))) { die('access denied'); } $clang = Yii::app()->lang; $uid = (int) Yii::app()->request->getPost('uid'); $group = User_groups::model()->findByAttributes(array('ugid' => $ugid, 'owner_id' => Yii::app()->session['loginID'])); if (empty($group)) { list($aViewUrls, $aData) = $this->index(0, array('type' => 'warning', 'message' => $clang->gT('Failed.') . '<br />' . $clang->gT('Group not found.'))); } else { if ($uid > 0 && User::model()->findByPk($uid)) { if ($group->owner_id == $uid) { list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed.') . '<br />' . $clang->gT('You can not add or remove the group owner from the group.'))); } $user_in_group = User_in_groups::model()->findByPk(array('ugid' => $ugid, 'uid' => $uid)); switch ($action) { case 'add': if (empty($user_in_group) && User_in_groups::model()->insertRecords(array('ugid' => $ugid, 'uid' => $uid))) { list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'success', 'message' => $clang->gT('User added.'))); } else { list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed to add user.') . '<br />' . $clang->gT('User already exists in the group.'))); } break; case 'remove': if (!empty($user_in_group) && User_in_groups::model()->deleteByPk(array('ugid' => $ugid, 'uid' => $uid))) { list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'success', 'message' => $clang->gT('User removed.'))); } else { list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed to remove user.') . '<br />' . $clang->gT('User does not exist in the group.'))); } break; } } else { list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed.') . '<br />' . $clang->gT('User not found.'))); } } $this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData); }
function deleteGroup($ugid, $ownerid) { $aParams = array(); $aParams[':ugid'] = $ugid; $sCondition = "ugid = :ugid"; if (!Yii::app()->session['USER_RIGHT_SUPERADMIN']) { $sCondition .= " AND owner_id=:ownerid"; $aParams[':ownerid'] = $ownerid; } $group = User_groups::model()->find($sCondition, $aParams); $group->delete(); if ($group->getErrors()) { return false; } else { return true; } }
function deleteGroup($ugid, $ownerid) { $group = User_groups::model()->find("owner_id = :ownerid AND ugid = :ugid", array(":ownerid" => $ownerid, ":ugid" => $ugid)); $group->delete(); if ($group->getErrors()) { return false; } else { return true; } }