diff --git a/app/Http/Controllers/InvoiceController.php b/app/Http/Controllers/InvoiceController.php index ba68458..a73ebbb 100644 --- a/app/Http/Controllers/InvoiceController.php +++ b/app/Http/Controllers/InvoiceController.php @@ -54,20 +54,127 @@ class InvoiceController extends Controller { } // Company - public function getCompany() { - return DB::table('inv_company') - ->select( - 'contact_id as cid', - 'name', - 'compreg', - 'taxnr', - 'bank_number', - 'bank_name', - 'bank_recipient', - 'logo', - 'payterm' - ) - ->get(); + public function getCompanies(Request $request) { // /api/rpc/invoice/company/getcompanies + $check = $this->objAuth->checkLegit($request->username, $request->password); + + if ($check == 0) { + return 'Err!'; + } + else { + $valid = $this->objAuth->getPermissions($request->username, $request->password); + + if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { + return DB::table('inv_company') + ->select( + 'name', + 'compreg', + 'taxnr', + 'bank_number', + 'bank_name', + 'bank_recipient', + 'logo', + 'payterm' + ) + ->get(); + } + else { + return 'Permission denied.'; + } + } + } + + public function getCompany($id, Request $request) { // /api/rpc/invoice/company/getcompany/id + $check = $this->objAuth->checkLegit($request->username, $request->password); + + if ($check == 0) { + return 'Err!'; + } + else { + $valid = $this->objAuth->getPermissions($request->username, $request->password); + + if ($valid['inv_mancompany'] == 1) { + $companyId = DB::table('inv_company_users') + ->select('company_id') + ->where('user_id', $check) + ->limit(1) + ->first(); + + if ($companyId != 0) { + return DB::table('inv_company') + ->select( + 'name', + 'compreg', + 'taxnr', + 'bank_number', + 'bank_name', + 'bank_recipient', + 'logo', + 'payterm' + ) + ->where('cu_id', $companyId) + ->get(); + } + else { + return 'Permission denied.'; + } + } + else if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { + return DB::table('inv_company') + ->select( + 'name', + 'compreg', + 'taxnr', + 'bank_number', + 'bank_name', + 'bank_recipient', + 'logo', + 'payterm' + ) + ->where('cu_id', $request->id) + ->get(); + } + else { + return 'Permission denied.'; + } + } + } + + public function newCompany(Request $request) { // /api/rpc/invoice/company/new + $check = $this->objAuth->checkLegit($request->username, $request->password); + + if ($check == 0) { + return 'Err!'; + } + else { + $valid = $this->objAuth->getPermissions($request->username, $request->password); + + if ($valid['inv_mancompany'] == 1 && $calid['inv_manuser'] == 1) { + $add = DB::table('inv_contacts') + ->insertGetId([ + 'name' => $request->name, + 'compreg' => $request->compreg, + 'taxnr' => $request->taxnr, + 'bank_number' => $request->bank_number, + 'bank_name' => $request->bank_name, + 'bank_recipient' => $request->bank_recipient, + 'logo' => $request->logo, + 'payterm' => $request->payterm + ]); + + if ($request->user != 0) { + DB::table('inv_company_users') + ->insert([ + 'user_id' => $request->user, + 'company_id' => $add + ]); + } + + return 'Success!'; + } + else { + return 'Permission denied.'; + } + } } public function editCompany(Request $request) { // /api/rpc/invoice/company/edit @@ -80,7 +187,64 @@ class InvoiceController extends Controller { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1) { - return ''; + $companyId = DB::table('inv_company_users') + ->select('company_id') + ->where('user_id', $check) + ->limit(1) + ->first(); + + if ($companyId != 0) { + DB::table('inv_company') + ->where('cu_id', $companyId) + ->update([ + 'name' => $request->name, + 'compreg' => $request->compreg, + 'taxnr' => $request->taxnr, + 'bank_number' => $request->bank_number, + 'bank_name' => $request->bank_name, + 'bank_recipient' => $request->bank_recipient, + 'logo' => $request->logo, + 'payterm' => $request->payterm + ]); + } + else { + return 'Permission denied.'; + } + } + else if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { + DB::table('inv_company') + ->where('cu_id', $request->id) + ->update([ + 'name' => $request->name, + 'compreg' => $request->compreg, + 'taxnr' => $request->taxnr, + 'bank_number' => $request->bank_number, + 'bank_name' => $request->bank_name, + 'bank_recipient' => $request->bank_recipient, + 'logo' => $request->logo, + 'payterm' => $request->payterm + ]); + } + else { + return 'Permission denied.'; + } + } + } + + public function deleteCompany(Request $request) { // /api/rpc/invoice/company/delete + $check = $this->objAuth->checkLegit($request->username, $request->password); + + if ($check == 0) { + return 'Err!'; + } + else { + $valid = $this->objAuth->getPermissions($request->username, $request->password); + + if ($valid['inv_mancompany'] == 1 && $valid['manuser'] == 1) { + DB::table('inv_company')->where('id', $request->id)->delete(); + DB::table('inv_company_users')->where('company_id', $request->id)->delete(); + + return 'Done.'; } else { return 'Permission denied.'; diff --git a/routes/class/invoice.php b/routes/class/invoice.php index 26886ab..58ff518 100644 --- a/routes/class/invoice.php +++ b/routes/class/invoice.php @@ -10,7 +10,12 @@ */ // Management +Route::get('/api/rpc/invoice/company/getcompanies', 'InvoiceController@getCompanies'); +Route::get('/api/rpc/invoice/company/getcompany', 'InvoiceController@getCompany'); + +Route::post('/api/rpc/invoice/company/new', 'InvoiceController@newCompany'); Route::post('/api/rpc/invoice/company/edit', 'InvoiceController@editCompany'); +Route::post('/api/rpc/invoice/company/delete', 'InvoiceController@deleteCompany'); // Relations Route::get('/api/rpc/invoice/clients/getclients', 'InvoiceController@getClients');