2018-04-29 22:31:51 +09:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
|
|
|
|
use Illuminate\Support\Facades\DB;
|
|
|
|
use Illuminate\Http\Request;
|
|
|
|
use Illuminate\Support\Facades\Log;
|
|
|
|
|
2018-04-30 00:26:13 +09:00
|
|
|
use App\Http\Controllers\AuthController;
|
|
|
|
use App\Http\Controllers\UserController;
|
|
|
|
use App\Http\Controllers\PermissionController; // Remove permission controller soon.
|
2018-04-29 22:31:51 +09:00
|
|
|
|
2018-04-30 00:26:13 +09:00
|
|
|
class InvoiceController extends Controller {
|
|
|
|
private $objAuth;
|
|
|
|
private $objUser;
|
|
|
|
private $objPermission;
|
2018-04-29 22:31:51 +09:00
|
|
|
|
2018-04-30 00:26:13 +09:00
|
|
|
// Constructor
|
|
|
|
public function __construct() {
|
|
|
|
$this->objAuth = new AuthController();
|
|
|
|
$this->objUser = new UserController();
|
|
|
|
$this->objPermission = new PermissionController();
|
2018-04-29 22:31:51 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
// Company
|
2018-04-30 02:56:03 +09:00
|
|
|
public function getCompanies(Request $request) { // /api/rpc/invoice/company/getcompanies
|
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) {
|
|
|
|
return DB::table('inv_company')
|
|
|
|
->select(
|
2018-05-01 05:02:03 +09:00
|
|
|
'id',
|
2018-04-30 02:56:03 +09:00
|
|
|
'name',
|
|
|
|
'compreg',
|
|
|
|
'taxnr',
|
|
|
|
'bank_number',
|
|
|
|
'bank_name',
|
|
|
|
'bank_recipient',
|
|
|
|
'logo',
|
|
|
|
'payterm'
|
|
|
|
)
|
|
|
|
->get();
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getCompany($id, Request $request) { // /api/rpc/invoice/company/getcompany/id
|
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_mancompany'] == 1) {
|
2018-05-01 21:01:03 +09:00
|
|
|
if ($valid['inv_manuser'] == 0) {
|
|
|
|
if ($id == $check) {
|
|
|
|
return DB::table('inv_company')
|
|
|
|
->select(
|
|
|
|
'name',
|
|
|
|
'compreg',
|
|
|
|
'taxnr',
|
|
|
|
'bank_number',
|
|
|
|
'bank_name',
|
|
|
|
'bank_recipient',
|
|
|
|
'logo',
|
|
|
|
'payterm'
|
|
|
|
)
|
|
|
|
->where('id', $id)
|
|
|
|
->get();
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if ($valid['inv_manuser'] == 1) {
|
2018-04-30 02:56:03 +09:00
|
|
|
return DB::table('inv_company')
|
|
|
|
->select(
|
2018-05-01 21:01:03 +09:00
|
|
|
'cu_id',
|
2018-04-30 02:56:03 +09:00
|
|
|
'name',
|
|
|
|
'compreg',
|
|
|
|
'taxnr',
|
|
|
|
'bank_number',
|
|
|
|
'bank_name',
|
|
|
|
'bank_recipient',
|
|
|
|
'logo',
|
|
|
|
'payterm'
|
|
|
|
)
|
2018-05-01 21:01:03 +09:00
|
|
|
->where('id', $id)
|
2018-04-30 02:56:03 +09:00
|
|
|
->get();
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function newCompany(Request $request) { // /api/rpc/invoice/company/new
|
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
2018-05-01 05:02:03 +09:00
|
|
|
if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) {
|
|
|
|
$user = DB::table('inv_company_users')
|
|
|
|
->insertGetId([
|
|
|
|
'user_id' => $request->user,
|
|
|
|
'company_id' => 0
|
|
|
|
]);
|
|
|
|
|
2018-05-01 03:46:09 +09:00
|
|
|
$add = DB::table('inv_company')
|
2018-04-30 02:56:03 +09:00
|
|
|
->insertGetId([
|
2018-05-01 05:02:03 +09:00
|
|
|
'cu_id' => $user,
|
2018-04-30 02:56:03 +09:00
|
|
|
'name' => $request->name,
|
2018-05-01 05:02:03 +09:00
|
|
|
'compreg' => ($request->compreg ? $request->compreg : ''),
|
|
|
|
'taxnr' => ($request->taxnr ? $request->taxnr : ''),
|
2018-04-30 02:56:03 +09:00
|
|
|
'bank_number' => $request->bank_number,
|
|
|
|
'bank_name' => $request->bank_name,
|
|
|
|
'bank_recipient' => $request->bank_recipient,
|
2018-05-01 05:02:03 +09:00
|
|
|
'logo' => ($request->logo ? $request->logo : ''),
|
2018-04-30 02:56:03 +09:00
|
|
|
'payterm' => $request->payterm
|
|
|
|
]);
|
|
|
|
|
2018-05-01 05:02:03 +09:00
|
|
|
DB::table('inv_company_users')
|
|
|
|
->where('user_id', $request->user)
|
|
|
|
->update(['company_id' => $add]);
|
2018-04-30 02:56:03 +09:00
|
|
|
|
2018-05-01 03:46:09 +09:00
|
|
|
return $add;
|
2018-04-30 02:56:03 +09:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
2018-04-29 22:31:51 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
public function editCompany(Request $request) { // /api/rpc/invoice/company/edit
|
2018-04-30 00:26:13 +09:00
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_mancompany'] == 1) {
|
2018-05-01 21:01:03 +09:00
|
|
|
if ($valid['inv_manuser'] == 0) {
|
|
|
|
$companyId = DB::table('inv_company_users')
|
|
|
|
->select('company_id')
|
|
|
|
->where('user_id', $check)
|
|
|
|
->limit(1)
|
|
|
|
->first();
|
|
|
|
|
|
|
|
if ($companyId != 0) {
|
|
|
|
DB::table('inv_company')
|
|
|
|
->where('id', $request->id)
|
|
|
|
->update([
|
|
|
|
'name' => $request->name,
|
|
|
|
'compreg' => ($request->compreg ? $request->compreg : ''),
|
|
|
|
'taxnr' => ($request->taxnr ? $request->taxnr : ''),
|
|
|
|
'bank_number' => $request->bank_number,
|
|
|
|
'bank_name' => $request->bank_name,
|
|
|
|
'bank_recipient' => $request->bank_recipient,
|
|
|
|
'logo' => ($request->logo ? $request->logo : ''),
|
|
|
|
'payterm' => $request->payterm
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if ($valid['inv_manuser'] == 1) {
|
|
|
|
DB::table('inv_company_users')
|
|
|
|
->where('company_id', $request->id)
|
|
|
|
->update([
|
|
|
|
'user_id' => $request->cu_id
|
|
|
|
]);
|
2018-04-30 02:56:03 +09:00
|
|
|
|
|
|
|
DB::table('inv_company')
|
2018-05-01 21:01:03 +09:00
|
|
|
->where('id', $request->id)
|
2018-04-30 02:56:03 +09:00
|
|
|
->update([
|
2018-05-01 21:01:03 +09:00
|
|
|
'cu_id' => $request->cu_id,
|
2018-04-30 02:56:03 +09:00
|
|
|
'name' => $request->name,
|
2018-05-01 21:01:03 +09:00
|
|
|
'compreg' => ($request->compreg ? $request->compreg : ''),
|
|
|
|
'taxnr' => ($request->taxnr ? $request->taxnr : ''),
|
2018-04-30 02:56:03 +09:00
|
|
|
'bank_number' => $request->bank_number,
|
|
|
|
'bank_name' => $request->bank_name,
|
|
|
|
'bank_recipient' => $request->bank_recipient,
|
2018-05-01 21:01:03 +09:00
|
|
|
'logo' => ($request->logo ? $request->logo : ''),
|
2018-04-30 02:56:03 +09:00
|
|
|
'payterm' => $request->payterm
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function deleteCompany(Request $request) { // /api/rpc/invoice/company/delete
|
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
2018-05-01 21:01:03 +09:00
|
|
|
if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) {
|
2018-04-30 02:56:03 +09:00
|
|
|
DB::table('inv_company')->where('id', $request->id)->delete();
|
|
|
|
DB::table('inv_company_users')->where('company_id', $request->id)->delete();
|
|
|
|
|
|
|
|
return 'Done.';
|
2018-04-30 00:26:13 +09:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
2018-04-29 22:31:51 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
// Contacts
|
2018-04-30 00:31:03 +09:00
|
|
|
public function getContacts(Request $request) { // /api/rpc/invoice/contacts/getcontacts
|
2018-04-30 00:26:13 +09:00
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_mancontact'] == 1) {
|
|
|
|
return DB::table('inv_contacts')
|
|
|
|
->select('*')
|
|
|
|
->get();
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-05-01 21:01:03 +09:00
|
|
|
public function getContact($id, Request $request) { // /api/rpc/invoice/contacts/getcontact/id
|
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_mancontact'] == 1) {
|
|
|
|
$get = DB::table('inv_contacts')
|
|
|
|
->select('*')
|
|
|
|
->where('id', $id)
|
|
|
|
->get();
|
|
|
|
|
|
|
|
$emp = DB::table('inv_employers')
|
|
|
|
->select('id')
|
|
|
|
->where('contact_id', $id)
|
|
|
|
->get();
|
|
|
|
|
|
|
|
$cus = DB::table('inv_clients')
|
|
|
|
->select('id')
|
|
|
|
->where('contact_id', $id)
|
|
|
|
->get();
|
|
|
|
|
|
|
|
$res = array();
|
|
|
|
|
|
|
|
foreach($get as $g) {
|
|
|
|
$res[] = array(
|
|
|
|
'id' => $g->id,
|
|
|
|
'name' => $g->name,
|
|
|
|
'address' => $g->address,
|
|
|
|
'postcode' => $g->postcode,
|
|
|
|
'town' => $g->town,
|
|
|
|
'country' => $g->country,
|
|
|
|
'phone' => $g->phone,
|
|
|
|
'email' => $g->email,
|
|
|
|
'isEmployer' => ($emp->count() ? true : false),
|
|
|
|
'isCustomer' => ($cus->count() ? true : false)
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
return $res;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
2018-04-29 22:31:51 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
public function newContact(Request $request) { // /api/rpc/invoice/contacts/new
|
2018-04-30 00:26:13 +09:00
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_mancontact'] == 1) {
|
|
|
|
$add = DB::table('inv_contacts')
|
|
|
|
->insertGetId([
|
|
|
|
'name' => $request->name,
|
|
|
|
'address' => $request->address,
|
|
|
|
'postcode' => $request->postcode,
|
|
|
|
'town' => $request->town,
|
|
|
|
'country' => $request->country,
|
|
|
|
'phone' => $request->phone,
|
|
|
|
'email' => $request->email
|
|
|
|
]);
|
|
|
|
|
2018-05-01 03:46:09 +09:00
|
|
|
if ($request->isCustomer) {
|
2018-04-30 00:26:13 +09:00
|
|
|
DB::table('inv_clients')
|
|
|
|
->insert([
|
|
|
|
'contact_id' => $add
|
2018-04-30 00:31:03 +09:00
|
|
|
]);
|
2018-04-30 00:26:13 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
if ($request->isEmployer) {
|
|
|
|
DB::table('inv_employers')
|
|
|
|
->insert([
|
|
|
|
'contact_id' => $add
|
2018-04-30 00:31:03 +09:00
|
|
|
]);
|
2018-04-30 00:26:13 +09:00
|
|
|
}
|
|
|
|
|
2018-05-01 03:46:09 +09:00
|
|
|
return $add;
|
2018-04-30 00:26:13 +09:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
2018-04-29 22:31:51 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
public function editContact(Request $request) { // /api/rpc/invoice/contacts/edit
|
2018-05-01 04:05:40 +09:00
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_mancontact'] == 1) {
|
2018-05-01 21:01:03 +09:00
|
|
|
DB::table('inv_contacts')
|
|
|
|
->where('id', $request->id)
|
|
|
|
->update([
|
|
|
|
'name' => $request->name,
|
|
|
|
'address' => $request->address,
|
|
|
|
'postcode' => $request->postcode,
|
|
|
|
'town' => $request->town,
|
|
|
|
'country' => $request->country,
|
|
|
|
'phone' => $request->phone,
|
|
|
|
'email' => $request->email
|
|
|
|
]);
|
2018-05-01 04:05:40 +09:00
|
|
|
|
2018-05-01 21:01:03 +09:00
|
|
|
$emp = DB::table('inv_employers')
|
|
|
|
->select('id')
|
|
|
|
->where('contact_id', $request->id)
|
|
|
|
->get();
|
|
|
|
|
|
|
|
$cus = DB::table('inv_clients')
|
|
|
|
->select('id')
|
|
|
|
->where('contact_id', $request->id)
|
|
|
|
->get();
|
|
|
|
|
|
|
|
if ($emp->count()) {
|
|
|
|
if (!$request->isEmployer) {
|
|
|
|
DB::table('inv_employers')->where('contact_id', $request->id)->delete();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
if ($request->isEmployer) {
|
|
|
|
DB::table('inv_employers')
|
|
|
|
->where('id', $request->id)
|
|
|
|
->insert([
|
|
|
|
'contact_id' => $request->id
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($cus->count()) {
|
|
|
|
if (!$request->isCustomer) {
|
|
|
|
DB::table('inv_clients')->where('contact_id', $request->id)->delete();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
if ($request->isCustomer) {
|
|
|
|
DB::table('inv_clients')
|
|
|
|
->where('id', $request->id)
|
|
|
|
->insert([
|
|
|
|
'contact_id' => $request->id
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return 'Success!';
|
2018-05-01 04:05:40 +09:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2018-04-29 22:31:51 +09:00
|
|
|
|
2018-05-01 21:01:03 +09:00
|
|
|
public function deleteContact(Request $request) { // /api/rpc/invoice/contacts/delete
|
2018-04-30 00:26:13 +09:00
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_mancontact'] == 1) {
|
2018-05-01 21:01:03 +09:00
|
|
|
DB::table('inv_contacts')->where('id', $request->id)->delete();
|
|
|
|
DB::table('inv_employers')->where('contact_id', $request->id)->delete();
|
|
|
|
DB::table('inv_clients')->where('contact_id', $request->id)->delete();
|
|
|
|
|
|
|
|
return 'Done.';
|
2018-04-30 00:26:13 +09:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
2018-04-29 22:31:51 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
// Invoices
|
|
|
|
public function getInvoices() { // /api/rpc/invoice/invoices/getinvoices
|
|
|
|
return DB::table('inv_invoices')
|
|
|
|
->select('*')
|
|
|
|
->get();
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getInvoice($id) { // /api/rpc/invoice/invoices/getinvoice/id
|
|
|
|
return DB::table('inv_invoices')
|
|
|
|
->select('*')
|
|
|
|
->where('id', $id)
|
|
|
|
->get();
|
|
|
|
}
|
|
|
|
|
|
|
|
public function newInvoice(Request $request) { // /api/rpc/invoice/invoices/new
|
|
|
|
return '';
|
|
|
|
}
|
|
|
|
|
|
|
|
public function editInvoice(Request $request) { // /api/rpc/invoice/invoices/edit
|
|
|
|
return '';
|
|
|
|
}
|
|
|
|
|
|
|
|
public function deleteInvoice(Request $request) { // /api/rpc/invoice/invoices/delete
|
2018-05-01 04:05:40 +09:00
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_makeinvoice'] == 1) {
|
|
|
|
DB::table('inv_invoices')->where('id', $request->id)->delete();
|
|
|
|
|
|
|
|
return 'Done.';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2018-04-29 22:31:51 +09:00
|
|
|
|
|
|
|
// Services
|
|
|
|
public function getServices() { // /api/rpc/invoice/service/getservices
|
|
|
|
return DB::table('inv_services')
|
|
|
|
->select('*')
|
|
|
|
->get();
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getService($id) { // /api/rpc/invoice/services/getservice/id
|
|
|
|
return DB::table('inv_services')
|
|
|
|
->select('*')
|
|
|
|
->where('id', $id)
|
|
|
|
->get();
|
|
|
|
}
|
|
|
|
|
|
|
|
public function newService(Request $request) { // /api/rpc/invoice/services/new
|
2018-05-01 04:05:40 +09:00
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_makeinvoice'] == 1) {
|
|
|
|
$add = DB::table('inv_services')
|
|
|
|
->insertGetId([
|
|
|
|
'name' => $request->name,
|
|
|
|
'rate' => $request->rate
|
|
|
|
]);
|
|
|
|
|
|
|
|
return $add;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
2018-04-29 22:31:51 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
public function editService(Request $request) { // /api/rpc/invoice/services/edit
|
2018-05-01 05:02:03 +09:00
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($valid['inv_makeinvoice'] == 1) {
|
|
|
|
DB::table('inv_services')
|
|
|
|
->where('id', $request->id)
|
|
|
|
->update([
|
|
|
|
'name' => $request->name,
|
|
|
|
'rate' => $request->rate
|
|
|
|
]);
|
|
|
|
|
|
|
|
return 'Success!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
2018-04-29 22:31:51 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
public function deleteService(Request $request) { // /api/rpc/invoice/services/delete
|
2018-05-01 04:05:40 +09:00
|
|
|
$check = $this->objAuth->checkLegit($request->username, $request->password);
|
|
|
|
|
|
|
|
if ($check == 0) {
|
|
|
|
return 'Err!';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$valid = $this->objAuth->getPermissions($request->username, $request->password);
|
2018-04-29 22:31:51 +09:00
|
|
|
|
2018-05-01 04:05:40 +09:00
|
|
|
if ($valid['inv_makeinvoice'] == 1) {
|
|
|
|
DB::table('inv_services')->where('id', $request->id)->delete();
|
|
|
|
|
|
|
|
return 'Done.';
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return 'Permission denied.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2018-04-29 22:31:51 +09:00
|
|
|
}
|