Cost-Benefit-Projection/site/controllers/company.php

588 lines
17 KiB
PHP
Raw Permalink Normal View History

2015-12-01 05:06:34 +00:00
<?php
2022-03-03 02:58:38 +00:00
/*----------------------------------------------------------------------------------| www.giz.de |----/
Deutsche Gesellschaft für International Zusammenarbeit (GIZ) Gmb
/-------------------------------------------------------------------------------------------------------/
2022-05-27 05:41:44 +00:00
@version 3.5.x
@build 27th May, 2022
2022-03-03 02:58:38 +00:00
@created 15th June, 2012
@package Cost Benefit Projection
@subpackage company.php
@author Llewellyn van der Merwe <http://www.vdm.io>
@owner Deutsche Gesellschaft für International Zusammenarbeit (GIZ) Gmb
@copyright Copyright (C) 2015. All Rights Reserved
@license GNU/GPL Version 2 or later - http://www.gnu.org/licenses/gpl-2.0.html
/-------------------------------------------------------------------------------------------------------/
Cost Benefit Projection Tool.
/------------------------------------------------------------------------------------------------------*/
// No direct access to this file
defined('_JEXEC') or die('Restricted access');
2022-05-27 05:41:44 +00:00
use Joomla\CMS\MVC\Controller\FormController;
2022-03-03 02:58:38 +00:00
use Joomla\Utilities\ArrayHelper;
/**
2022-05-27 05:41:44 +00:00
* Company Form Controller
2022-03-03 02:58:38 +00:00
*/
2022-05-27 05:41:44 +00:00
class CostbenefitprojectionControllerCompany extends FormController
2022-03-03 02:58:38 +00:00
{
/**
* Current or most recently performed task.
*
* @var string
* @since 12.2
* @note Replaces _task.
*/
protected $task;
/**
* Class constructor.
*
* @param array $config A named array of configuration variables.
*
* @since 1.6
*/
public function __construct($config = array())
{
$this->view_list = 'cpanel'; // safeguard for setting the return view listing to the default site view.
parent::__construct($config);
}
/**
* Method override to check if you can add a new record.
*
* @param array $data An array of input data.
*
* @return boolean
*
* @since 1.6
*/
protected function allowAdd($data = array())
2015-12-01 05:06:34 +00:00
{
2019-04-04 11:51:37 +00:00
// Get user object.
$user = JFactory::getUser();
// Access check.
2019-04-04 11:51:37 +00:00
$access = $user->authorise('company.access', 'com_costbenefitprojection');
2015-12-01 05:06:34 +00:00
if (!$access)
{
return false;
}
2019-04-04 11:51:37 +00:00
// In the absense of better information, revert to the component permissions.
2022-03-03 02:58:38 +00:00
return $user->authorise('company.create', $this->option);
}
/**
* Method override to check if you can edit an existing record.
*
* @param array $data An array of input data.
* @param string $key The name of the key for the primary key.
*
* @return boolean
*
* @since 1.6
*/
protected function allowEdit($data = array(), $key = 'id')
2015-12-01 05:06:34 +00:00
{
// get user object.
2019-04-04 11:51:37 +00:00
$user = JFactory::getUser();
// get record id.
2019-04-04 11:51:37 +00:00
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
2015-12-01 05:06:34 +00:00
if (!$user->authorise('core.options', 'com_costbenefitprojection'))
{
// make absolutely sure that this company can be edited
$companies = CostbenefitprojectionHelper::hisCompanies($user->id);
if (!CostbenefitprojectionHelper::checkArray($companies) || !in_array($recordId,$companies))
{
return false;
}
}
// ensure lockdown
$userIs = CostbenefitprojectionHelper::userIs($user->id);
if (1 != $userIs && ! CostbenefitprojectionHelper::accessCompany($recordId))
{
// this company is locked
return false;
}
// Access check.
2015-12-01 05:06:34 +00:00
$access = ($user->authorise('company.access', 'com_costbenefitprojection.company.' . (int) $recordId) && $user->authorise('company.access', 'com_costbenefitprojection'));
if (!$access)
{
return false;
}
if ($recordId)
{
// The record has been set. Check the record permissions.
2015-12-01 05:06:34 +00:00
$permission = $user->authorise('company.edit', 'com_costbenefitprojection.company.' . (int) $recordId);
if (!$permission)
2015-12-01 05:06:34 +00:00
{
if ($user->authorise('company.edit.own', 'com_costbenefitprojection.company.' . $recordId))
{
// Now test the owner is the user.
2015-12-01 05:06:34 +00:00
$ownerId = (int) isset($data['created_by']) ? $data['created_by'] : 0;
if (empty($ownerId))
{
// Need to do a lookup from the model.
2015-12-01 05:06:34 +00:00
$record = $this->getModel()->getItem($recordId);
if (empty($record))
{
return false;
}
$ownerId = $record->created_by;
}
// If the owner matches 'me' then allow.
2015-12-01 05:06:34 +00:00
if ($ownerId == $user->id)
{
if ($user->authorise('company.edit.own', 'com_costbenefitprojection'))
{
return true;
}
}
}
return false;
}
}
// Since there is no permission, revert to the component permissions.
2022-03-03 02:58:38 +00:00
return $user->authorise('company.edit', $this->option);
}
/**
* Gets the URL arguments to append to an item redirect.
*
* @param integer $recordId The primary key id for the item.
* @param string $urlVar The name of the URL variable for the id.
*
* @return string The arguments to append to the redirect URL.
*
* @since 1.6
*/
protected function getRedirectToItemAppend($recordId = null, $urlVar = 'id')
{
// get the referral options (old method use return instead see parent)
$ref = $this->input->get('ref', 0, 'string');
$refid = $this->input->get('refid', 0, 'int');
// get redirect info.
$append = parent::getRedirectToItemAppend($recordId, $urlVar);
// set the referral options
if ($refid && $ref)
{
$append = '&ref=' . (string)$ref . '&refid='. (int)$refid . $append;
}
elseif ($ref)
{
$append = '&ref='. (string)$ref . $append;
}
return $append;
}
/**
* Method to run batch operations.
*
* @param object $model The model.
*
* @return boolean True if successful, false otherwise and internal error is set.
*
* @since 2.5
*/
public function batch($model = null)
{
JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN'));
// Set the model
$model = $this->getModel('Company', '', array());
// Preset the redirect
$this->setRedirect(JRoute::_('index.php?option=com_costbenefitprojection&view=companies' . $this->getRedirectToListAppend(), false));
return parent::batch($model);
}
/**
* Method to cancel an edit.
*
* @param string $key The name of the primary key of the URL variable.
*
* @return boolean True if access level checks pass, false otherwise.
*
* @since 12.2
*/
public function cancel($key = null)
{
// get the referral options
$this->ref = $this->input->get('ref', 0, 'word');
$this->refid = $this->input->get('refid', 0, 'int');
// Check if there is a return value
$return = $this->input->get('return', null, 'base64');
$cancel = parent::cancel($key);
if (!is_null($return) && JUri::isInternal(base64_decode($return)))
{
$redirect = base64_decode($return);
// Redirect to the return value.
$this->setRedirect(
JRoute::_(
$redirect, false
)
);
}
elseif ($this->refid && $this->ref)
{
$redirect = '&view=' . (string)$this->ref . '&layout=edit&id=' . (int)$this->refid;
// Redirect to the item screen.
$this->setRedirect(
JRoute::_(
'index.php?option=' . $this->option . $redirect, false
)
);
}
elseif ($this->ref)
{
$redirect = '&view=' . (string)$this->ref;
// Redirect to the list screen.
$this->setRedirect(
JRoute::_(
'index.php?option=' . $this->option . $redirect, false
)
);
}
return $cancel;
}
/**
* Method to save a record.
*
* @param string $key The name of the primary key of the URL variable.
* @param string $urlVar The name of the URL variable if different from the primary key (sometimes required to avoid router collisions).
*
* @return boolean True if successful, false otherwise.
*
* @since 12.2
*/
public function save($key = null, $urlVar = null)
{
// get the referral options
$this->ref = $this->input->get('ref', 0, 'word');
$this->refid = $this->input->get('refid', 0, 'int');
// Check if there is a return value
$return = $this->input->get('return', null, 'base64');
$canReturn = (!is_null($return) && JUri::isInternal(base64_decode($return)));
if ($this->ref || $this->refid || $canReturn)
{
// to make sure the item is checkedin on redirect
$this->task = 'save';
}
$saved = parent::save($key, $urlVar);
// This is not needed since parent save already does this
// Due to the ref and refid implementation we need to add this
if ($canReturn)
{
$redirect = base64_decode($return);
// Redirect to the return value.
$this->setRedirect(
JRoute::_(
$redirect, false
)
);
}
elseif ($this->refid && $this->ref)
{
$redirect = '&view=' . (string)$this->ref . '&layout=edit&id=' . (int)$this->refid;
// Redirect to the item screen.
$this->setRedirect(
JRoute::_(
'index.php?option=' . $this->option . $redirect, false
)
);
}
elseif ($this->ref)
{
$redirect = '&view=' . (string)$this->ref;
// Redirect to the list screen.
$this->setRedirect(
JRoute::_(
'index.php?option=' . $this->option . $redirect, false
)
);
}
return $saved;
}
/**
* Function that allows child controller access to model data
* after the data has been saved.
*
* @param JModel &$model The data model object.
* @param array $validData The validated data.
*
* @return void
*
* @since 11.1
*/
protected function postSaveHook(JModelLegacy $model, $validData = array())
2015-12-01 05:06:34 +00:00
{
if ($validData['id'] >= 0)
{
// get user object
$user = JFactory::getUser();
// if id is 0 get id
if (0 >= (int) $validData['id'])
{
// Get the created by id
$created_by = (isset($validData['created_by']) && $validData['created_by'] > 0) ? $validData['created_by'] : $user->id;
// Get a db connection.
$db = JFactory::getDbo();
// Create a new query object.
$query = $db->getQuery(true);
// Select id of this company
$query->select($db->quoteName(array('id')));
$query->from($db->quoteName('#__costbenefitprojection_company'));
$query->where($db->quoteName('name') . ' = '. $db->quote($validData['name']));
$query->where($db->quoteName('email') . ' = '. $db->quote($validData['email']));
$query->where($db->quoteName('country') . ' = '. (int) $validData['country']);
$query->where($db->quoteName('service_provider') . ' = '. (int) $validData['service_provider']);
$query->where($db->quoteName('created_by') . ' = '. (int) $created_by);
if (isset($validData['created']))
{
$query->where($db->quoteName('created') . ' = '. $db->quote($validData['created']));
}
$db->setQuery($query);
$db->execute();
if ($db->getNumRows())
{
$validData['id'] = $db->loadResult();
}
else
{
return;
}
}
2015-12-01 05:06:34 +00:00
// user setup if not set
if (0 >= (int) $validData['user'] && (int) $validData['id'] > 0)
2015-12-01 05:06:34 +00:00
{
$userIs = CostbenefitprojectionHelper::userIs($user->id);
if (1 == $userIs)
{
// this is a company so just use its id
$userId = $user->id;
// add this user id to this company
$validData['user'] = $userId;
$model->save($validData);
}
else
{
// setup config array
$newUser = array('name' => $validData['name'], 'email' => $validData['email']);
$userId = CostbenefitprojectionHelper::createUser($newUser);
if (!is_int($userId))
{
$this->setMessage($userId, 'error');
}
else
{
// add this user id to this company
$validData['user'] = $userId;
$model->save($validData);
}
}
}
// only continue if we have a company id
if ((int) $validData['id'] > 0)
2015-12-01 05:06:34 +00:00
{
// get params
$params = JComponentHelper::getParams('com_costbenefitprojection');
// get all this users companies
$hisCompanies = CostbenefitprojectionHelper::hisCompanies($validData['user']);
if (CostbenefitprojectionHelper::checkArray($hisCompanies))
2015-12-01 05:06:34 +00:00
{
// set the user group based on the overall status of its companies
$departments = CostbenefitprojectionHelper::getVars('company', $hisCompanies, 'id', 'department');
if (in_array(2, $departments))
{
$memberGroups = $params->get('advancedmembergroup');
}
else
{
$memberGroups = $params->get('memberbasicgroup');
}
2015-12-01 05:06:34 +00:00
}
else
{
// first company so act simply on this company department status
if (2 == $validData['department'])
{
$memberGroups = $params->get('advancedmembergroup');
}
else
{
$memberGroups = $params->get('memberbasicgroup');
}
2015-12-01 05:06:34 +00:00
}
// update the user groups
JUserHelper::setUserGroups((int)$validData['user'],(array)$memberGroups);
// Get a db connection.
$db = JFactory::getDbo();
// Create a new query object.
$query = $db->getQuery(true);
// Select all records in scaling factors the belong to this company
$query->select($db->quoteName(array('id','causerisk','published')));
$query->from($db->quoteName('#__costbenefitprojection_scaling_factor'));
$query->where($db->quoteName('company') . ' = '. (int) $validData['id']);
$db->setQuery($query);
$db->execute();
if ($db->getNumRows())
2015-12-01 05:06:34 +00:00
{
// load the scaling factors already set
$already = $db->loadObjectList();
$publish = array();
$archive = array();
$bucket = array();
foreach ($already as $scale)
2015-12-01 05:06:34 +00:00
{
if (CostbenefitprojectionHelper::checkArray($validData['causesrisks']))
2015-12-01 05:06:34 +00:00
{
if (in_array($scale->causerisk, $validData['causesrisks']) && $scale->published != 1)
{
// publish the scaling factor (update)
$publish[$scale->id] = $scale->id;
}
elseif (!in_array($scale->causerisk, $validData['causesrisks']))
{
// archive the scaling factor (update)
$archive[$scale->id] = $scale->id;
}
$bucket[] = $scale->causerisk;
2015-12-01 05:06:34 +00:00
}
else
2015-12-01 05:06:34 +00:00
{
// archive the scaling factor (update)
$archive[$scale->id] = $scale->id;
}
}
// update the needed records
$types = array('publish' => 1,'archive' => 2);
foreach ($types as $type => $int)
2015-12-01 05:06:34 +00:00
{
if (CostbenefitprojectionHelper::checkArray(${$type}))
2015-12-01 05:06:34 +00:00
{
foreach (${$type} as $id)
{
$query = $db->getQuery(true);
// Fields to update.
$fields = array(
$db->quoteName('published') . ' = ' . (int) $int
);
// Conditions for which records should be updated.
$conditions = array(
$db->quoteName('id') . ' = ' . (int) $id
);
$query->update($db->quoteName('#__costbenefitprojection_scaling_factor'))->set($fields)->where($conditions);
$db->setQuery($query);
$db->execute();
}
2015-12-01 05:06:34 +00:00
}
}
}
if (CostbenefitprojectionHelper::checkArray($validData['causesrisks']))
2015-12-01 05:06:34 +00:00
{
// remove those already set from the saved list of causesrisks
if (CostbenefitprojectionHelper::checkArray($bucket))
2015-12-01 05:06:34 +00:00
{
$insert = array();
foreach ($validData['causesrisks'] as $causerisk)
2015-12-01 05:06:34 +00:00
{
if (!in_array($causerisk,$bucket))
{
$insert[] = $causerisk;
}
2015-12-01 05:06:34 +00:00
}
}
else
{
$insert = $validData['causesrisks'];
}
2015-12-01 05:06:34 +00:00
}
// insert the new records
if (CostbenefitprojectionHelper::checkArray($insert))
{
$created = $db->quote(JFactory::getDate()->toSql());
$created_by = JFactory::getUser()->get('id');
$company = $validData['id'];
// Create a new query object.
$query = $db->getQuery(true);
// Insert columns.
$columns = array(
'causerisk', 'company', 'mortality_scaling_factor_females',
'mortality_scaling_factor_males', 'presenteeism_scaling_factor_females',
'presenteeism_scaling_factor_males', 'yld_scaling_factor_females',
'yld_scaling_factor_males', 'published',
'created_by', 'created');
// setup the values
$values = array();
foreach ($insert as $new)
{
$array = array($new,$company,1,1,1,1,1,1,1,$created_by,$created);
$values[] = implode(',',$array);
}
// Prepare the insert query.
$query
->insert($db->quoteName('#__costbenefitprojection_scaling_factor'))
->columns($db->quoteName($columns))
->values(implode('), (', $values));
// Set the query using our newly populated query object and execute it.
$db->setQuery($query);
$done = $db->execute();
if ($done)
{
// we must set the assets
foreach ($insert as $causerisk)
{
// get all the ids. Create a new query object.
$query = $db->getQuery(true);
$query->select($db->quoteName(array('id')));
$query->from($db->quoteName('#__costbenefitprojection_scaling_factor'));
$query->where($db->quoteName('causerisk') . ' = '. (int) $causerisk);
$query->where($db->quoteName('company') . ' = '. (int) $company);
$db->setQuery($query);
$db->execute();
if ($db->getNumRows())
{
$aId = $db->loadResult();
// make sure the access of asset is set
CostbenefitprojectionHelper::setAsset($aId,'scaling_factor');
}
}
}
}
2015-12-01 05:06:34 +00:00
}
}
2022-03-03 02:58:38 +00:00
return;
}
}