/**
* surveypermission::set()
* Function responsible to set permissions to a user/usergroup.
* @param mixed $surveyid
* @return void
*/
function set($surveyid)
{
$aData['surveyid'] = $surveyid = sanitize_int($surveyid);
$aViewUrls = array();
$action = $_POST['action'];
$clang = Yii::app()->lang;
$imageurl = Yii::app()->getConfig('adminimageurl');
$postuserid = !empty($_POST['uid']) ? $_POST['uid'] : null;
$postusergroupid = !empty($_POST['ugid']) ? $_POST['ugid'] : null;
if ($action == "setsurveysecurity" || $action == "setusergroupsurveysecurity") {
$where = 'sid = :surveyid AND owner_id = :owner_id ';
$params = array(':surveyid' => $surveyid, ':owner_id' => Yii::app()->session['loginID']);
if ($action == "setsurveysecurity") {
$where .= "AND owner_id != :postuserid";
$params[':postuserid'] = $postuserid;
}
$result = Survey::model()->count($where, $params);
if ($result > 0 || Yii::app()->session['USER_RIGHT_SUPERADMIN'] == 1) {
//$js_admin_includes[]='../scripts/jquery/jquery.tablesorter.min.js';
//$js_admin_includes[]='scripts/surveysecurity.js';
$this->getController()->_js_admin_includes(Yii::app()->getConfig('generalscripts') . 'jquery/jquery.tablesorter.min.js');
$this->getController()->_js_admin_includes(Yii::app()->getConfig('adminscripts') . 'surveysecurity.js');
if ($action == "setsurveysecurity") {
$query = "select users_name from {{users}} where uid=:uid";
$resrow = Yii::app()->db->createCommand($query)->bindParam(":uid", $postuserid, PDO::PARAM_INT)->queryRow();
$sUsername = $resrow['users_name'];
$usersummary = "<div class='header ui-widget-header'>" . sprintf($clang->gT("Edit survey permissions for user %s"), "<span style='font-style:italic'>" . $sUsername . "</span>") . "</div>";
} else {
$resrow = User_groups::model()->find('ugid = :ugid', array(':ugid' => $postusergroupid));
$sUsergroupName = $resrow['name'];
$usersummary = "<div class='header ui-widget-header'>" . sprintf($clang->gT("Edit survey permissions for group %s"), "<span style='font-style:italic'>" . $sUsergroupName . "</span>") . "</div>";
}
$usersummary .= "<br />" . CHtml::form(array("admin/surveypermission/sa/surveyright/surveyid/{$surveyid}"), 'post') . "<table style='margin:0 auto;' class='usersurveypermissions'><thead>\n";
$usersummary .= "" . "<tr><th></th><th>" . $clang->gT("Permission") . "</th>\n" . "<th><input type='button' id='btnToggleAdvanced' value='<<' /></th>\n" . "<th class='extended'>" . $clang->gT("Create") . "</th>\n" . "<th class='extended'>" . $clang->gT("View/read") . "</th>\n" . "<th class='extended'>" . $clang->gT("Update") . "</th>\n" . "<th class='extended'>" . $clang->gT("Delete") . "</th>\n" . "<th class='extended'>" . $clang->gT("Import") . "</th>\n" . "<th class='extended'>" . $clang->gT("Export") . "</th>\n" . "</tr></thead>\n";
//content
$aBasePermissions = Survey_permissions::model()->getBasePermissions();
$oddcolumn = false;
foreach ($aBasePermissions as $sPermissionKey => $aCRUDPermissions) {
$oddcolumn = !$oddcolumn;
$usersummary .= "<tr><td><img src='{$imageurl}{$aCRUDPermissions['img']}_30.png' alt='{$aCRUDPermissions['description']}'/></td>";
$usersummary .= "<td>{$aCRUDPermissions['title']}</td>";
$usersummary .= "<td ><input type=\"checkbox\" class=\"markrow\" name='all_{$sPermissionKey}' /></td>";
foreach ($aCRUDPermissions as $sCRUDKey => $CRUDValue) {
if (!in_array($sCRUDKey, array('create', 'read', 'update', 'delete', 'import', 'export'))) {
continue;
}
$usersummary .= "<td class='extended'>";
if ($CRUDValue) {
if (!($sPermissionKey == 'survey' && $sCRUDKey == 'read')) {
$usersummary .= "<input type=\"checkbox\" class=\"checkboxbtn\" name='perm_{$sPermissionKey}_{$sCRUDKey}' ";
if ($action == 'setsurveysecurity' && hasSurveyPermission($surveyid, $sPermissionKey, $sCRUDKey, $postuserid)) {
$usersummary .= ' checked="checked" ';
}
$usersummary .= " />";
}
}
$usersummary .= "</td>";
}
$usersummary .= "</tr>";
}
$usersummary .= "\n</table>" . "<p><input type='submit' value='" . $clang->gT("Save Now") . "' />" . "<input type='hidden' name='perm_survey_read' value='1' />" . "<input type='hidden' name='action' value='surveyrights' />";
if ($action == 'setsurveysecurity') {
$usersummary .= "<input type='hidden' name='uid' value='{$postuserid}' />";
} else {
$usersummary .= "<input type='hidden' name='ugid' value='{$postusergroupid}' />";
}
$usersummary .= "</form>\n";
$aViewUrls['output'] = $usersummary;
} else {
include "accessDenied.php";
}
}
$this->_renderWrappedTemplate('authentication', $aViewUrls, $aData);
}
public function printReport($from, $to)
{
@$this->load->database();
@($user_groups = User_groups::getAllGroups());
foreach ($user_groups as $user_group) {
@($identifier = $user_group["Identifier"]);
@($population = 0);
@($opening_balance = 0);
@($closing_balance = 0);
@($sql_consumption = "");
@($store = "");
@($vaccines = Vaccines::getAll_Minified());
if ($identifier == 'provincial_officer') {
@($provinces = Provinces::getAllProvinces());
foreach ($provinces as $province) {
@($data_buffer = "\n\t\t\t <style>\n\t\t\ttable.data-table {\n\t\t\ttable-layout: fixed;\n\t\t\twidth: 700px;\n\t\t\tborder-collapse:collapse;\n\t\t\tborder:1px solid black;\n\t\t\t}\n\t\t\ttable.data-table td, th {\n\t\t\twidth: 100px;\n\t\t\tborder: 1px solid black;\n\t\t\t}\n\t\t\t.leftie{\n\t\t\t\ttext-align: left !important;\n\t\t\t}\n\t\t\t.right{\n\t\t\t\ttext-align: right !important;\n\t\t\t}\n\t\t\t.center{\n\t\t\t\ttext-align: center !important;\n\t\t\t}\n\t\t\t</style>\n\t\t\t ");
@($start_date = $from);
@($end_date = $to);
@($data_buffer .= "<table class='data-table'>");
@($data_buffer .= $this->echoTitles());
foreach ($vaccines as $vaccine) {
@($district_or_region = $province["id"]);
@($region_object = Regions::getRegion($district_or_region));
@($store = $region_object->name);
@($population = Regional_Populations::getRegionalPopulation($district_or_region, date('Y')));
@($opening_balance = Disbursements::getRegionalPeriodBalance($district_or_region, $vaccine->id, strtotime($start_date)));
@($closing_balance = Disbursements::getRegionalPeriodBalance($district_or_region, $vaccine->id, strtotime($end_date)));
@($owner = "R" . $district_or_region);
@($sql_consumption = "select (SELECT max(str_to_date(Date_Issued,'%m/%d/%Y')) FROM `disbursements` where Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "' and total_stock_balance>0)as last_stock_count,(SELECT sum(Quantity)FROM `disbursements` where Issued_By_Region = '" . $district_or_region . "' and Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_issued,(SELECT sum(Quantity) FROM `disbursements` where Issued_To_Region = '" . $district_or_region . "' and Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_received");
@($query = $this->db->query($sql_consumption));
@($vaccine_data = $query->row());
@($monthly_requirement = ceil($vaccine->Doses_Required * $population * $vaccine->Wastage_Factor / 12));
@($data_buffer .= "<tr><td>" . $vaccine->Name . "</td><td>" . number_format($opening_balance + 0) . "</td><td>" . number_format($vaccine_data->total_received + 0) . "</td><td>" . number_format($vaccine_data->total_issued + 0) . "</td><td>" . number_format($closing_balance - ($opening_balance + $vaccine_data->total_received - $vaccine_data->total_issued) + 0) . "</td><td>" . number_format($closing_balance + 0) . "</td><td>" . number_format($closing_balance / $monthly_requirement, 1) . "</td><td>" . $vaccine_data->last_stock_count . "</td></tr>");
}
//end of foreach vaccines
@($vals = 1);
@($data_buffer .= "</table>");
@$this->generatePDF($data_buffer, $start_date, $end_date, $store, $district_or_region, $vals, $store);
@($data_buffer = "");
}
}
if ($identifier == 'district_officer') {
@($districts = Districts::getAllDistricts());
foreach ($districts as $district) {
@($data_buffer = "\n\t\t\t <style>\n\t\t\ttable.data-table {\n\t\t\ttable-layout: fixed;\n\t\t\twidth: 700px;\n\t\t\tborder-collapse:collapse;\n\t\t\tborder:1px solid black;\n\t\t\t}\n\t\t\ttable.data-table td, th {\n\t\t\twidth: 100px;\n\t\t\tborder: 1px solid black;\n\t\t\t}\n\t\t\t.leftie{\n\t\t\t\ttext-align: left !important;\n\t\t\t}\n\t\t\t.right{\n\t\t\t\ttext-align: right !important;\n\t\t\t}\n\t\t\t.center{\n\t\t\t\ttext-align: center !important;\n\t\t\t}\n\t\t\t</style>\n\t\t\t ");
@($start_date = $from);
@($end_date = $to);
@($data_buffer .= "<table class='data-table'>");
@($data_buffer .= $this->echoTitles());
foreach ($vaccines as $vaccine) {
@($district_or_region = $district["id"]);
@($district_object = Districts::getDistrict($district_or_region));
@($store = $district_object->name);
@($population = District_Populations::getDistrictPopulation($district_or_region, date('Y')));
@($opening_balance = Disbursements::getDistrictPeriodBalance($district_or_region, $vaccine->id, strtotime($start_date)));
@($closing_balance = Disbursements::getDistrictPeriodBalance($district_or_region, $vaccine->id, strtotime($end_date)));
@($owner = "D" . $district_or_region);
@($sql_consumption = "select (SELECT max(str_to_date(Date_Issued,'%m/%d/%Y')) FROM `disbursements` where Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "' and total_stock_balance>0)as last_stock_count,(SELECT sum(Quantity)FROM `disbursements` where Issued_By_District = '" . $district_or_region . "' and Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_issued,(SELECT sum(Quantity) FROM `disbursements` where Issued_To_District = '" . $district_or_region . "' and Owner = '" . $owner . "' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_received");
@($query = $this->db->query($sql_consumption));
@($vaccine_data = $query->row());
@($monthly_requirement = ceil($vaccine->Doses_Required * $population * $vaccine->Wastage_Factor / 12));
@($data_buffer .= "<tr><td>" . $vaccine->Name . "</td><td>" . number_format($opening_balance + 0) . "</td><td>" . number_format($vaccine_data->total_received + 0) . "</td><td>" . number_format($vaccine_data->total_issued + 0) . "</td><td>" . number_format($closing_balance - ($opening_balance + $vaccine_data->total_received - $vaccine_data->total_issued) + 0) . "</td><td>" . number_format($closing_balance + 0) . "</td><td>" . number_format($closing_balance / $monthly_requirement, 1) . "</td><td>" . $vaccine_data->last_stock_count . "</td></tr>");
}
//end of foreach vaccines
@($vals = 2);
@($data_buffer .= "</table>");
@$this->generatePDF($data_buffer, $start_date, $end_date, $store, $district_or_region, $vals, $store);
@($data_buffer = "");
}
}
if ($identifier == 'national_officer') {
@($data_buffer = "\n\t\t\t <style>\n\t\t\ttable.data-table {\n\t\t\ttable-layout: fixed;\n\t\t\twidth: 700px;\n\t\t\tborder-collapse:collapse;\n\t\t\tborder:1px solid black;\n\t\t\t}\n\t\t\ttable.data-table td, th {\n\t\t\twidth: 100px;\n\t\t\tborder: 1px solid black;\n\t\t\t}\n\t\t\t.leftie{\n\t\t\t\ttext-align: left !important;\n\t\t\t}\n\t\t\t.right{\n\t\t\t\ttext-align: right !important;\n\t\t\t}\n\t\t\t.center{\n\t\t\t\ttext-align: center !important;\n\t\t\t}\n\t\t\t</style>\n\t\t\t ");
@($start_date = $from);
@($end_date = $to);
@($data_buffer .= "<table class='data-table'>");
@($data_buffer .= $this->echoTitles());
@($store = "Central Vaccines Store");
foreach ($vaccines as $vaccine) {
@($population = Regional_Populations::getNationalPopulation(date('Y')));
@($opening_balance = Disbursements::getNationalPeriodBalance($vaccine->id, strtotime($start_date)));
@($closing_balance = Disbursements::getNationalPeriodBalance($vaccine->id, strtotime($end_date)));
@($sql_consumption = "select (SELECT max(str_to_date(Date_Issued,'%m/%d/%Y')) FROM `disbursements` where Owner = 'N0' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "' and total_stock_balance>0)as last_stock_count,(SELECT sum(Quantity)FROM `disbursements` where Issued_By_National = '0' and Owner = 'N0' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_issued,(SELECT sum(Quantity) FROM `disbursements` where Issued_To_National = '0' and Owner = 'N0' and str_to_date(Date_Issued,'%m/%d/%Y') between str_to_date('" . $start_date . "','%m/%d/%Y') and\n str_to_date('" . $end_date . "','%m/%d/%Y') and Vaccine_Id = '" . $vaccine->id . "')as total_received");
@($query = $this->db->query($sql_consumption));
@($vaccine_data = $query->row());
@($monthly_requirement = ceil($vaccine->Doses_Required * $population * $vaccine->Wastage_Factor / 12));
@($data_buffer .= "<tr><td>" . $vaccine->Name . "</td><td>" . number_format($opening_balance + 0) . "</td><td>" . number_format($vaccine_data->total_received + 0) . "</td><td>" . number_format($vaccine_data->total_issued + 0) . "</td><td>" . number_format($closing_balance - ($opening_balance + $vaccine_data->total_received - $vaccine_data->total_issued) + 0) . "</td><td>" . number_format($closing_balance + 0) . "</td><td>" . number_format($closing_balance / $monthly_requirement, 1) . "</td><td>" . $vaccine_data->last_stock_count . "</td></tr>");
}
//end of foreach vaccines
@($vals = 3);
@($data_buffer .= "</table>");
@($district_or_region = "");
@$this->generatePDF($data_buffer, $start_date, $end_date, $store, $district_or_region, $vals, $store);
@($data_buffer = "");
}
}
//end of foreach user_group
}
function user($ugid, $action = 'add')
{
if (Yii::app()->session['USER_RIGHT_SUPERADMIN'] != true || !in_array($action, array('add', 'remove'))) {
die('access denied');
}
$clang = Yii::app()->lang;
$uid = (int) Yii::app()->request->getPost('uid');
$group = User_groups::model()->findByAttributes(array('ugid' => $ugid, 'owner_id' => Yii::app()->session['loginID']));
if (empty($group)) {
list($aViewUrls, $aData) = $this->index(0, array('type' => 'warning', 'message' => $clang->gT('Failed.') . '<br />' . $clang->gT('Group not found.')));
} else {
if ($uid > 0 && User::model()->findByPk($uid)) {
if ($group->owner_id == $uid) {
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed.') . '<br />' . $clang->gT('You can not add or remove the group owner from the group.')));
}
$user_in_group = User_in_groups::model()->findByPk(array('ugid' => $ugid, 'uid' => $uid));
switch ($action) {
case 'add':
if (empty($user_in_group) && User_in_groups::model()->insertRecords(array('ugid' => $ugid, 'uid' => $uid))) {
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'success', 'message' => $clang->gT('User added.')));
} else {
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed to add user.') . '<br />' . $clang->gT('User already exists in the group.')));
}
break;
case 'remove':
if (!empty($user_in_group) && User_in_groups::model()->deleteByPk(array('ugid' => $ugid, 'uid' => $uid))) {
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'success', 'message' => $clang->gT('User removed.')));
} else {
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed to remove user.') . '<br />' . $clang->gT('User does not exist in the group.')));
}
break;
}
} else {
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed.') . '<br />' . $clang->gT('User not found.')));
}
}
$this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData);
}
function deleteGroup($ugid, $ownerid)
{
$aParams = array();
$aParams[':ugid'] = $ugid;
$sCondition = "ugid = :ugid";
if (!Yii::app()->session['USER_RIGHT_SUPERADMIN']) {
$sCondition .= " AND owner_id=:ownerid";
$aParams[':ownerid'] = $ownerid;
}
$group = User_groups::model()->find($sCondition, $aParams);
$group->delete();
if ($group->getErrors()) {
return false;
} else {
return true;
}
}
function deleteGroup($ugid, $ownerid)
{
$group = User_groups::model()->find("owner_id = :ownerid AND ugid = :ugid", array(":ownerid" => $ownerid, ":ugid" => $ugid));
$group->delete();
if ($group->getErrors()) {
return false;
} else {
return true;
}
}
