Companies.

2018-04-30 02:56:03 +09:00 · 2018-04-30 02:56:03 +09:00 · a2982db059
--- a/app/Http/Controllers/InvoiceController.php
+++ b/app/Http/Controllers/InvoiceController.php
@ -54,20 +54,127 @@ class InvoiceController extends Controller {
    }

    // Company
-    public function getCompany() {
-        return DB::table('inv_company')
-            ->select(
-                'contact_id as cid',
-                'name',
-                'compreg',
-                'taxnr',
-                'bank_number',
-                'bank_name',
-                'bank_recipient',
-                'logo',
-                'payterm'
-            )
-            ->get();
+    public function getCompanies(Request $request) { // /api/rpc/invoice/company/getcompanies
+        $check = $this->objAuth->checkLegit($request->username, $request->password);
+
+        if ($check == 0) {
+            return 'Err!';
+        }
+        else {
+            $valid = $this->objAuth->getPermissions($request->username, $request->password);
+
+            if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) {
+                return DB::table('inv_company')
+                    ->select(
+                        'name',
+                        'compreg',
+                        'taxnr',
+                        'bank_number',
+                        'bank_name',
+                        'bank_recipient',
+                        'logo',
+                        'payterm'
+                    )
+                    ->get();
+            }
+            else {
+                return 'Permission denied.';
+            }
+        }
+    }
+
+    public function getCompany($id, Request $request) { // /api/rpc/invoice/company/getcompany/id
+        $check = $this->objAuth->checkLegit($request->username, $request->password);
+
+        if ($check == 0) {
+            return 'Err!';
+        }
+        else {
+            $valid = $this->objAuth->getPermissions($request->username, $request->password);
+
+            if ($valid['inv_mancompany'] == 1) {
+                $companyId = DB::table('inv_company_users')
+                    ->select('company_id')
+                    ->where('user_id', $check)
+                    ->limit(1)
+                    ->first();
+
+                if ($companyId != 0) {
+                    return DB::table('inv_company')
+                        ->select(
+                            'name',
+                            'compreg',
+                            'taxnr',
+                            'bank_number',
+                            'bank_name',
+                            'bank_recipient',
+                            'logo',
+                            'payterm'
+                        )
+                        ->where('cu_id', $companyId)
+                        ->get();
+                }
+                else {
+                    return 'Permission denied.';
+                }
+            }
+            else if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) {
+                return DB::table('inv_company')
+                    ->select(
+                        'name',
+                        'compreg',
+                        'taxnr',
+                        'bank_number',
+                        'bank_name',
+                        'bank_recipient',
+                        'logo',
+                        'payterm'
+                    )
+                    ->where('cu_id', $request->id)
+                    ->get();
+            }
+            else {
+                return 'Permission denied.';
+            }
+        }
+    }
+
+    public function newCompany(Request $request) { // /api/rpc/invoice/company/new
+        $check = $this->objAuth->checkLegit($request->username, $request->password);
+
+        if ($check == 0) {
+            return 'Err!';
+        }
+        else {
+            $valid = $this->objAuth->getPermissions($request->username, $request->password);
+
+            if ($valid['inv_mancompany'] == 1 && $calid['inv_manuser'] == 1) {
+                $add = DB::table('inv_contacts')
+                    ->insertGetId([
+                        'name' => $request->name,
+                        'compreg' => $request->compreg,
+                        'taxnr' => $request->taxnr,
+                        'bank_number' => $request->bank_number,
+                        'bank_name' => $request->bank_name,
+                        'bank_recipient' => $request->bank_recipient,
+                        'logo' => $request->logo,
+                        'payterm' => $request->payterm
+                    ]);
+
+                if ($request->user != 0) {
+                    DB::table('inv_company_users')
+                        ->insert([
+                            'user_id' => $request->user,
+                            'company_id' => $add
+                        ]);
+                }
+
+                return 'Success!';
+            }
+            else {
+                return 'Permission denied.';
+            }
+        }
    }

    public function editCompany(Request $request) { // /api/rpc/invoice/company/edit
@ -80,7 +187,64 @@ class InvoiceController extends Controller {
            $valid = $this->objAuth->getPermissions($request->username, $request->password);

            if ($valid['inv_mancompany'] == 1) {
-                return '';
+                $companyId = DB::table('inv_company_users')
+                    ->select('company_id')
+                    ->where('user_id', $check)
+                    ->limit(1)
+                    ->first();
+
+                if ($companyId != 0) {
+                    DB::table('inv_company')
+                        ->where('cu_id', $companyId)
+                        ->update([
+                            'name' => $request->name,
+                            'compreg' => $request->compreg,
+                            'taxnr' => $request->taxnr,
+                            'bank_number' => $request->bank_number,
+                            'bank_name' => $request->bank_name,
+                            'bank_recipient' => $request->bank_recipient,
+                            'logo' => $request->logo,
+                            'payterm' => $request->payterm
+                        ]);
+                }
+                else {
+                    return 'Permission denied.';
+                }
+            }
+            else if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) {
+                DB::table('inv_company')
+                    ->where('cu_id', $request->id)
+                    ->update([
+                        'name' => $request->name,
+                        'compreg' => $request->compreg,
+                        'taxnr' => $request->taxnr,
+                        'bank_number' => $request->bank_number,
+                        'bank_name' => $request->bank_name,
+                        'bank_recipient' => $request->bank_recipient,
+                        'logo' => $request->logo,
+                        'payterm' => $request->payterm
+                    ]);
+            }
+            else {
+                return 'Permission denied.';
+            }
+        }
+    }
+
+    public function deleteCompany(Request $request) { // /api/rpc/invoice/company/delete
+        $check = $this->objAuth->checkLegit($request->username, $request->password);
+
+        if ($check == 0) {
+            return 'Err!';
+        }
+        else {
+            $valid = $this->objAuth->getPermissions($request->username, $request->password);
+
+            if ($valid['inv_mancompany'] == 1 && $valid['manuser'] == 1) {
+                DB::table('inv_company')->where('id', $request->id)->delete();
+                DB::table('inv_company_users')->where('company_id', $request->id)->delete();
+
+                return 'Done.';
            }
            else {
                return 'Permission denied.';
--- a/routes/class/invoice.php
+++ b/routes/class/invoice.php
@ -10,7 +10,12 @@
 */

 // Management
+Route::get('/api/rpc/invoice/company/getcompanies', 'InvoiceController@getCompanies');
+Route::get('/api/rpc/invoice/company/getcompany', 'InvoiceController@getCompany');
+
+Route::post('/api/rpc/invoice/company/new', 'InvoiceController@newCompany');
 Route::post('/api/rpc/invoice/company/edit', 'InvoiceController@editCompany');
+Route::post('/api/rpc/invoice/company/delete', 'InvoiceController@deleteCompany');

 // Relations
 Route::get('/api/rpc/invoice/clients/getclients', 'InvoiceController@getClients');