public function get_permission($arrParam = null)
{
$module = empty($arrParam['module']) ? $this->_arrParam['module'] : $arrParam['module'];
$controller = empty($arrParam['controller']) ? $this->_arrParam['controller'] : $arrParam['controller'];
$action = empty($arrParam['action']) ? $this->_arrParam['action'] : $arrParam['action'];
return \Auth::has_access('module_' . $module . '.' . $controller . '.[' . $action . ']');
}
public function action_senior($center = null)
{
if (Auth::has_access('reports.all_centers')) {
$view_all = TRUE;
} else {
$view_all = FALSE;
}
$all_call_centers = Model_Call_Center::find('all');
$this->template->title = 'Senior Leaderboard';
$this->template->content = View::forge('leaderboard/senior', array('view_all' => $view_all, 'all_call_centers' => $all_call_centers, 'center' => $center, 'url' => !is_null($center) ? '/reports/get_senior_report/' . $center . '.json' : '/reports/get_senior_report.json'));
}
public function get_get_view()
{
if (Auth::has_access('user.view')) {
$users = Model_User::find('all');
$user_parse = array();
foreach ($users as $user) {
$user_parse[] = array('<img src="https://secure.gravatar.com/avatar/' . md5(strtolower(trim($user->email))) . '?d=mm" alt="Gravatar Image" height="40" width="40">', $user->name, $user->username, Auth_Group_SimpleGroup::instance()->get_name($user->group), $user->email, $user->call_center->title, strlen($user->last_login) > 2 ? date("M j, Y g:i A", (int) $user->last_login) : "No previous Login");
}
$this->response(array("aaData" => $user_parse, "aoColumnDefs" => array(array("iDataSort" => 6, "asSorting" => array("desc"), "aTargets" => array(0))), "aoColumns" => array(array("mDataProp" => "id", "bSortable" => false), array("mDataProp" => "name", "sTitle" => "Name", "sType" => "string"), array("mDataProp" => "username", "sTitle" => "Username", "sType" => "string"), array("mDataProp" => "group", "sTitle" => "Group", "sType" => "string"), array("mDataProp" => "email", "sTitle" => "E-mail", "sType" => "string"), array("mDataProp" => "call_center", "sTitle" => "Call Center", "sType" => "string"), array("mDataProp" => "last_login", "sTitle" => "Last Login", "sType" => "date"))));
} else {
$this->response(array("error" => "You are not authorised to view this content!"));
}
}
public function action_delete($id = null)
{
if (!Auth::has_access('news.delete')) {
Session::set_flash('warning', 'You don\'t have the right to delete a news');
Response::redirect('admin');
}
if ($news = Model_News::find($id)) {
$news->delete();
Session::set_flash('success', 'Deleted news #' . $id);
} else {
Session::set_flash('error', 'Could not delete news #' . $id);
}
Response::redirect('news');
}
public function action_delete($id = null)
{
if (Auth::has_access('country.delete') == false) {
Session::set_flash("error", "Only admins may delete countries!");
Response::redirect("country/") and die;
}
if ($country = Model_Country::find($id)) {
$country->delete();
Session::set_flash('success', 'Deleted country #' . $id);
} else {
Session::set_flash('error', 'Could not delete country #' . $id);
}
Response::redirect('country');
}
public function action_add()
{
if (Auth::has_access('ppi.admin')) {
if (Input::method() == "POST") {
\Crm\Creditor\Creditor_model::addCreditor(array('name' => \Input::post('name', ""), 'department_id' => \Input::post('department_id', ""), 'street_and_number' => \Input::post('street_and_number', ""), 'area' => \Input::post('area', ""), 'district' => \Input::post('district', ""), 'town' => \Input::post('town', ""), 'county' => \Input::post('county', ""), 'post_code' => \Input::post('post_code', ""), 'telephone' => \Input::post('telephone', ""), 'fax' => \Input::post('fax', ""), 'email' => \Input::post('email', ""), 'payee_name' => \Input::post('payee_name', ""), 'bacs_account_number' => \Input::post('bacs_account_number', ""), 'bacs_sortcode' => \Input::post('bacs_sortcode', ""), 'notes' => \Input::post('notes', "")));
\Session::set_flash('success', "Creditor named " . \Input::post('name', "") . " has been added!");
\Response::redirect('crm/creditor/add');
} else {
$this->template->title = "Add Creditor";
$this->template->content = View::forge(static::$_viewPath . '/add.php');
}
} else {
\Session::set_flash('fail', "You do not have access to this section. This has been logged!");
\Response::redirect('/');
}
}
public function before()
{
parent::before();
if (\Auth::check()) {
$access = Auth::has_access(\Request::active()->controller . "." . \Request::active()->action);
if ($access) {
$this->user_id = Auth::instance()->get_user_id();
$this->user_id = $this->user_id[1];
View::set_global('usuario', Auth::instance()->get_screen_name());
} else {
Response::redirect('welcome/404');
}
} else {
Response::redirect('user/login');
}
}
public function action_create()
{
//assumption: this will only be called using ajax
if (!Input::is_ajax()) {
return Response::forge("Access forbidden, only AJAX calls allowed", 403);
}
if (!Auth::has_access("location.create")) {
return Response::forge("Only admins allowed here", 403);
}
if (Input::post("location_title", null) != null) {
$loc = Model_Orm_Location::forge();
$loc->title = Input::post("location_title");
$loc->save();
$ret = array("id" => $loc->id);
return Response::forge(Format::forge()->to_json($ret), 200, array("Content-Type" => "application/json"));
}
}
public static function _init()
{
// static::$_properties = \Arr::merge(static::$_properties, array(
// 'default_id' => array(
// 'form' => array(
// 'options' => function($model) {
// $model->items;
// $model = $model->to_array();
// return \Arr::pluck($model['items'], 'name', 'id');
// }
// )
// ),
// ));
if (\Auth::has_access('enum.enum[all]')) {
\Arr::set(static::$_properties, 'read_only.form', array('type' => 'checkbox', 'template' => 'switch', 'options' => array(gettext('No'), gettext('Yes'))));
}
}
public function action_disposition()
{
$this->template->title = "PPI Disposition Report";
if (\Auth::has_access('reports.all_centers')) {
$center = \Input::post('center');
$view_all = TRUE;
} else {
$view_all = FALSE;
list($driver, $user_id) = \Auth::get_user_id();
$this_user = \Model_User::find($user_id);
$center = $this_user->call_center_id;
}
$all_call_centers = \Model_Call_Center::find('all');
$hourlyStatsReport = array('Referrals' => \Crm\Reports\Model_Ppi::perPeriod('referral', $center, \Input::post('startdate'), \Input::post('enddate')), 'Pack Outs' => \Crm\Reports\Model_Ppi::perPeriod('packOut', $center, \Input::post('startdate'), \Input::post('enddate')), 'Pack In' => \Crm\Reports\Model_Ppi::perPeriod('packIn', $center, \Input::post('startdate'), \Input::post('enddate')));
$quickView = array(array('No Contacts' => count(\Crm\Reports\Model_Ppi::simpleStats('noContact', $center, \Input::post('startdate'), \Input::post('enddate'))), 'Referrals' => count(\Crm\Reports\Model_Ppi::simpleStats('referral', $center, \Input::post('startdate'), \Input::post('enddate'))), 'Pack Outs' => count(\Crm\Reports\Model_Ppi::simpleStats('packOut', $center, \Input::post('startdate'), \Input::post('enddate'))), 'Pack Ins' => count(\Crm\Reports\Model_Ppi::packIns($center, \Input::post('startdate'), \Input::post('enddate')))));
$report = Report\Create::forge(array('hourlyStats' => array('reportResults' => $hourlyStatsReport, 'displayType' => 'chart'), 'noContacts' => array('reportResults' => \Crm\Reports\Model_Ppi::simpleStats('noContact', $center, \Input::post('startdate'), \Input::post('enddate')), 'options' => array('class' => 'zebra-striped datatable')), 'referrals' => array('reportResults' => \Crm\Reports\Model_Ppi::simpleStats('referral', $center, \Input::post('startdate'), \Input::post('enddate')), 'options' => array('class' => 'zebra-striped datatable')), 'packOuts' => array('reportResults' => \Crm\Reports\Model_Ppi::simpleStats('packOut', $center, \Input::post('startdate'), \Input::post('enddate')), 'options' => array('class' => 'zebra-striped datatable')), 'packIns' => array('reportResults' => \Crm\Reports\Model_Ppi::packIns($center, \Input::post('startdate'), \Input::post('enddate')), 'options' => array('class' => 'zebra-striped datatable')), 'quickView' => array('reportResults' => $quickView, 'options' => array('direction' => 'vertical'))), 3600);
$this->template->content = View::forge(static::$_viewPath . 'ppi/disposition.php', array('reports' => $report->generate(), 'all_call_centers' => $all_call_centers, 'center' => $center, 'start_date' => \Input::post('startdate'), 'end_date' => \Input::post('enddate'), 'view_all' => $view_all));
}
/**
* Creation of new events.
* Works on both the first load, which is typically
* a GET request as on later requests, which are POST.
* When POST-ing, a validation is run on input data.
* Validation rules taken from "Event" model.
*/
public function action_create()
{
if (!Auth::has_access('event.create')) {
//if ($this->_user_id == 0){
Session::set_flash("error", __('ERR_CREATE_AUTH'));
Response::redirect("/") and die;
}
$data = array();
//to be passed into the view
if (Input::method() == "POST") {
$val = Model_Orm_Event::validate('create');
if ($val->run()) {
$newEvent = new Model_Orm_Event();
$newEvent->title = $val->validated("title");
$newEvent->start = $val->validated("start");
$newEvent->description = $val->validated("description");
$location = Model_Orm_Location::find(Input::post("location"));
$newEvent->location = $location;
//first, we save the item without attachments
$newEvent->save();
$errors = $this->try_get_attachments($newEvent);
Session::set_flash("success", __('ACTION_CREATE_CREATED') . $val->validated("title"));
Response::redirect("event/view/" . $newEvent->id);
} else {
//validation did not work.
//But still, there may be uploaded files!
$errors = $this->try_get_attachments();
Session::set_flash("error", array_merge($val->error(), $errors));
}
$this->template->title = __("ACTION_CREATE_TITLE");
$data["form_key"] = Input::post("form_key");
} else {
//the first GET request
$this->template->title = __("ACTION_CREATE_TITLE");
//we assign a random value to the form
$data["form_key"] = md5(mt_rand(1000, 10000));
}
$data["locations"] = Model_Orm_Location::get_locations();
$this->add_rich_form_scripts();
$this->template->page_content = View::forge("event/create", $data);
}
public function check_auth()
{
if (!Auth::has_access(array($this->request->controller, $this->request->action))) {
if (Auth::check()) {
$this->set_user();
Session::set_flash('error', 'Permission Denied.');
Response::redirect('');
} else {
Session::set_flash('error', "Not Logged in.");
$request_uri = urlencode($this->request->uri->uri);
if (preg_match('/Controller_Admin/', $this->request->controller)) {
Response::redirect('admin/login/?uri=' . $request_uri);
} else {
Response::redirect('users/login');
}
}
} else {
if (Auth::check()) {
$this->set_user();
}
}
}
public static function check_exists_accessible_uri($paths)
{
if (!is_array($paths)) {
if (!$paths) {
return true;
}
if ($paths == '/') {
return true;
}
return \Auth::has_access(\Site_Util::get_acl_path($paths) . '.GET');
}
foreach ($paths as $name => $path) {
if (is_array($path)) {
if (isset($path['href']) && isset($path['method']) && \Auth::has_access(\Site_Util::get_acl_path($path['href']) . '.' . $path['method'])) {
return true;
}
} else {
if (\Auth::has_access(\Site_Util::get_acl_path($path) . '.GET')) {
return true;
}
}
}
return false;
}
protected function check_acl($is_return_true_for_not_auth_action = true)
{
if ($is_return_true_for_not_auth_action && $this->check_not_auth_action()) {
return true;
}
return \Auth::has_access(sprintf('%s.%s', \Site_Util::get_action_path(), \Input::method()));
}
function anchor($href, $text, $is_admin = false, $attr = array(), $is_absolute_ext_uri = false, $acl_method = 'GET')
{
if (is_null($attr)) {
$attr = array();
}
if ($is_absolute_ext_uri || ($is_ext_url = Site_Util::check_ext_uri($href, $is_admin))) {
$attr['target'] = '_blank';
$text .= ' ' . icon('new-window');
}
if ($is_admin && !$is_ext_url) {
if (Auth::check() && !Auth::has_access(Site_Util::get_acl_path($href) . '.' . $acl_method)) {
$attr['class'] = empty($attr['class']) ? '' : $attr['class'] . ' ';
$attr['class'] .= 'disabled';
return html_tag('span', $attr, $text);
}
}
return Html::anchor($href, $text, $attr);
}
function check_acl($acl_path, $method = 'GET', $is_convert_acl_path = false)
{
if ($is_convert_acl_path) {
$acl_path = Site_Util::get_acl_path($acl_path);
}
return Auth::has_access($acl_path . '.' . $method);
}
?>
<div class="row">
<div class="col-xs-12">
<div class="alert alert-danger" style="display:none; text-align: center; font-size:20px;" id="ajaxResult"></div>
<!-- PAGE CONTENT BEGINS -->
<form class="form-horizontal" method="post" role="form">
<h4 class="header purple">
<i class="ace-icon fa fa-tachometer purple"></i>
公众号基础信息
<small>基本信息</small>
</h4>
<!-- #section:elements.form -->
<?php
if (Auth::has_access('admin.wxaccount[show_seller]')) {
?>
<div class="form-group">
<label class="col-sm-3 control-label no-padding-right" for="seller_id"> 所属商户 </label>
<div class="col-sm-9">
<input type="text" class="col-xs-10 col-sm-5 col-md-7" id="seller_id" name="seller_id" placeholder="商户ID" value="<?php
echo isset($item) && $item ? $item->seller_id : '';
?>
">
</div>
</div>
<?php
}
?>
<div class="form-group">
<label class="col-sm-3 control-label no-padding-right" for="nickname"> 公众号名称 </label>
<p>
<?php
echo implode('</p><p>', e((array) Session::get_flash('success')));
?>
</p>
</div>
<?php
}
?>
<?php
echo $content;
?>
<?php
if (Auth::has_access('user.view')) {
?>
<div>
<p style="color: silver; font-weight: bold; text-align: right;">Intranet: <?php
echo exec('git describe --tags --long');
?>
(<?php
echo exec('git rev-parse --abbrev-ref HEAD');
?>
) - Fuel: <?php
echo e(Fuel::VERSION);
?>
- Render Time: {exec_time}s - Memory Use: {mem_usage}mb</p>
</div>
<?php
}
?>
<?php
echo Form::input('username', $username, array('placeholder' => 'Username / Email', 'autofocus'));
?>
<?php
echo Form::password('password', $password, array('placeholder' => 'Password'));
?>
<?php
echo Form::submit('submit', 'Connect', array('class' => 'btn success'));
?>
<?php
echo Form::close();
?>
</div>
<?php
} elseif (Auth::has_access('admin.read')) {
echo 'admin panel';
?>
<br />
<div id='news'>
List of news
<ul>
<?php
foreach ($news as $new) {
?>
<?php
echo '<li>' . Html::anchor('news/view/' . $new->id, $new->title) . '</li>';
?>
<?php
}
?>
">
<?php
echo __('LINK_SHOW_AGENDA');
?>
</div>
<!--ul>
<?php
foreach ($event->agendas as $agenda) {
?>
<li><?php
echo $agenda->title;
?>
</li>
<?php
}
//foreach agenda item
?>
</ul-->
<?php
}
//foreach event
if (Auth::has_access("event.create")) {
?>
<p>
<?php
echo Html::anchor("/event/create/", __("ADD_EVENT_LINK"), array("class" => "btn btn-primary"));
?>
</p>
<?php
}
<div style="text-align: left; margin-bottom: 30px;">
<a href="/crm/view_client/<?php
echo $clientID;
?>
">Return to Client View</a>
</div>
<?php
// -- Only PPI Admin can view this page
// ------------------------------------
if (!Auth::has_access('ppi.admin')) {
?>
<div class="notification error">
<a href="#" class="close-notification" title="Hide Notification" rel="tooltip">x</a>
<p><strong>Error notification</strong> You do not have permission to view this page. If you feel that you should, then please contact your manager.</p>
</div>
<?php
return;
}
?>
<article class="full-block clearfix">
<section>
<article class="half-block">
<header>
<h2>Claim Information</h2>
<nav>
<a href="#" class="button" id="editClaim" rel="">Edit Claim</a>
</nav>
</header>
echo Html::anchor('news/view/' . $new->id, 'View', array("class" => "btn primary"));
?>
<?php
}
?>
<?php
if (Auth::has_access('news.update')) {
?>
<?php
echo Html::anchor('news/edit/' . $new->id, 'Edit', array("class" => "btn success"));
?>
<?php
}
?>
<?php
if (Auth::has_access('news.delete')) {
?>
<?php
echo Html::anchor('news/delete/' . $new->id, 'Delete', array('onclick' => "return confirm('Are you sure?')", 'class' => 'btn danger'));
?>
<?php
}
?>
</td>
</tr>
<?php
}
?>
public function get_dispositions()
{
if (strtotime($this->param('enddate')) - strtotime($this->param('startdate')) < -2678400) {
$this->response(array('status' => 'FAIL', 'message' => 'Sorry, you cannot get a disposition report for a larger period than one month!'));
} else {
$this->response(Controller_Reports::generate_disposition_report($this->param('center'), Auth::has_access('reports.disposition'), Auth::has_access('reports.all_centers'), $this->param('startdate'), $this->param('enddate')));
}
}
public function router($method, $args)
{
if (in_array(\Uri::string(), static::$ignore_login)) {
return call_user_func_array(array($this, 'action_' . $method), $args);
}
$right = $this->app . '.[' . str_replace(array('edit', 'view'), array('update', 'read'), $method) . ']';
if (\Auth::has_access($right)) {
return call_user_func_array(array($this, 'action_' . $method), $args);
}
\Session::delete('redirect_url');
\Response::redirect($this->app . '/not_allow');
}
<!-- End -->
<?php
}
?>
</section>
</article>
<article class="full-block clearfix">
<section>
<article class="half-block">
<section>
<?php
if ($isActive === true && $packCompleted == 'no' || Auth::has_access('ppi.admin')) {
?>
<button id="cancelPPIClient" class="btn btn-alt btn-large btn-primary" type="submit" rel="<?php
echo $clientDetails['clientID'];
?>
" title="Cancel Client's PPI Account">Cancel Client</button>
<?php
}
?>
</section>
</article>
</section>
</article>
<!--- Create Claims -->
echo Html::anchor('country/delete/' . $country->id, 'Delete', array('onclick' => "return confirm('Are you sure?')"));
?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
<?php
} else {
?>
<p>No Countries.</p>
<?php
}
?>
<?php
if (Auth::has_access("country.create")) {
?>
<p>
<?php
echo Html::anchor('country/create', 'Add new Country', array('class' => 'btn btn-success'));
?>
</p>
<?php
}