objAuth = new AuthController(); $this->objUser = new UserController(); $this->objPermission = new PermissionController(); } // Company public function getCompanies(Request $request) { // /api/rpc/invoice/company/getcompanies $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { return DB::table('inv_company') ->select( 'id', 'name', 'compreg', 'taxnr', 'bank_number', 'bank_name', 'bank_recipient', 'logo', 'payterm' ) ->get(); } else { return 'Permission denied.'; } } } public function getCompany($id, Request $request) { // /api/rpc/invoice/company/getcompany/id $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1) { if ($valid['inv_manuser'] == 0) { if ($id == $check) { return DB::table('inv_company') ->select( 'name', 'compreg', 'taxnr', 'bank_number', 'bank_name', 'bank_recipient', 'logo', 'payterm' ) ->where('id', $id) ->get(); } else { return 'Permission denied.'; } } else if ($valid['inv_manuser'] == 1) { return DB::table('inv_company') ->select( 'cu_id', 'name', 'compreg', 'taxnr', 'bank_number', 'bank_name', 'bank_recipient', 'logo', 'payterm' ) ->where('id', $id) ->get(); } else { return 'Permission denied.'; } } else { return 'Permission denied.'; } } } public function newCompany(Request $request) { // /api/rpc/invoice/company/new $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { $user = DB::table('inv_company_users') ->insertGetId([ 'user_id' => $request->user, 'company_id' => 0 ]); $add = DB::table('inv_company') ->insertGetId([ 'cu_id' => $user, 'name' => $request->name, 'compreg' => ($request->compreg ? $request->compreg : ''), 'taxnr' => ($request->taxnr ? $request->taxnr : ''), 'bank_number' => $request->bank_number, 'bank_name' => $request->bank_name, 'bank_recipient' => $request->bank_recipient, 'logo' => ($request->logo ? $request->logo : ''), 'payterm' => $request->payterm ]); DB::table('inv_company_users') ->where('user_id', $request->user) ->update(['company_id' => $add]); return $add; } else { return 'Permission denied.'; } } } public function editCompany(Request $request) { // /api/rpc/invoice/company/edit $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1) { if ($valid['inv_manuser'] == 0) { $companyId = DB::table('inv_company_users') ->select('company_id') ->where('user_id', $check) ->limit(1) ->first(); if ($companyId != 0) { DB::table('inv_company') ->where('id', $request->id) ->update([ 'name' => $request->name, 'compreg' => ($request->compreg ? $request->compreg : ''), 'taxnr' => ($request->taxnr ? $request->taxnr : ''), 'bank_number' => $request->bank_number, 'bank_name' => $request->bank_name, 'bank_recipient' => $request->bank_recipient, 'logo' => ($request->logo ? $request->logo : ''), 'payterm' => $request->payterm ]); } else { return 'Permission denied.'; } } else if ($valid['inv_manuser'] == 1) { DB::table('inv_company_users') ->where('company_id', $request->id) ->update([ 'user_id' => $request->cu_id ]); DB::table('inv_company') ->where('id', $request->id) ->update([ 'cu_id' => $request->cu_id, 'name' => $request->name, 'compreg' => ($request->compreg ? $request->compreg : ''), 'taxnr' => ($request->taxnr ? $request->taxnr : ''), 'bank_number' => $request->bank_number, 'bank_name' => $request->bank_name, 'bank_recipient' => $request->bank_recipient, 'logo' => ($request->logo ? $request->logo : ''), 'payterm' => $request->payterm ]); } } else { return 'Permission denied.'; } } } public function deleteCompany(Request $request) { // /api/rpc/invoice/company/delete $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { DB::table('inv_company')->where('id', $request->id)->delete(); DB::table('inv_company_users')->where('company_id', $request->id)->delete(); return 'Done.'; } else { return 'Permission denied.'; } } } // Contacts public function getContacts(Request $request) { // /api/rpc/invoice/contacts/getcontacts $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancontact'] == 1) { return DB::table('inv_contacts') ->select('*') ->get(); } else { return 'Permission denied.'; } } } public function getContact($id, Request $request) { // /api/rpc/invoice/contacts/getcontact/id $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancontact'] == 1) { $get = DB::table('inv_contacts') ->select('*') ->where('id', $id) ->get(); $emp = DB::table('inv_employers') ->select('id') ->where('contact_id', $id) ->get(); $cus = DB::table('inv_clients') ->select('id') ->where('contact_id', $id) ->get(); $res = array(); foreach($get as $g) { $res[] = array( 'id' => $g->id, 'name' => $g->name, 'address' => $g->address, 'postcode' => $g->postcode, 'town' => $g->town, 'country' => $g->country, 'phone' => $g->phone, 'email' => $g->email, 'isEmployer' => ($emp->count() ? true : false), 'isCustomer' => ($cus->count() ? true : false) ); } return $res; } else { return 'Permission denied.'; } } } public function newContact(Request $request) { // /api/rpc/invoice/contacts/new $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancontact'] == 1) { $add = DB::table('inv_contacts') ->insertGetId([ 'name' => $request->name, 'address' => $request->address, 'postcode' => $request->postcode, 'town' => $request->town, 'country' => $request->country, 'phone' => $request->phone, 'email' => $request->email ]); if ($request->isCustomer) { DB::table('inv_clients') ->insert([ 'contact_id' => $add ]); } if ($request->isEmployer) { DB::table('inv_employers') ->insert([ 'contact_id' => $add ]); } return $add; } else { return 'Permission denied.'; } } } public function editContact(Request $request) { // /api/rpc/invoice/contacts/edit $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancontact'] == 1) { DB::table('inv_contacts') ->where('id', $request->id) ->update([ 'name' => $request->name, 'address' => $request->address, 'postcode' => $request->postcode, 'town' => $request->town, 'country' => $request->country, 'phone' => $request->phone, 'email' => $request->email ]); $emp = DB::table('inv_employers') ->select('id') ->where('contact_id', $request->id) ->get(); $cus = DB::table('inv_clients') ->select('id') ->where('contact_id', $request->id) ->get(); if ($emp->count()) { if (!$request->isEmployer) { DB::table('inv_employers')->where('contact_id', $request->id)->delete(); } } else { if ($request->isEmployer) { DB::table('inv_employers') ->where('id', $request->id) ->insert([ 'contact_id' => $request->id ]); } } if ($cus->count()) { if (!$request->isCustomer) { DB::table('inv_clients')->where('contact_id', $request->id)->delete(); } } else { if ($request->isCustomer) { DB::table('inv_clients') ->where('id', $request->id) ->insert([ 'contact_id' => $request->id ]); } } return 'Success!'; } else { return 'Permission denied.'; } } } public function deleteContact(Request $request) { // /api/rpc/invoice/contacts/delete $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancontact'] == 1) { DB::table('inv_contacts')->where('id', $request->id)->delete(); DB::table('inv_employers')->where('contact_id', $request->id)->delete(); DB::table('inv_clients')->where('contact_id', $request->id)->delete(); return 'Done.'; } else { return 'Permission denied.'; } } } // Invoices public function getInvoices() { // /api/rpc/invoice/invoices/getinvoices return DB::table('inv_invoices') ->select('*') ->get(); } public function getInvoice($id) { // /api/rpc/invoice/invoices/getinvoice/id return DB::table('inv_invoices') ->select('*') ->where('id', $id) ->get(); } public function newInvoice(Request $request) { // /api/rpc/invoice/invoices/new return ''; } public function editInvoice(Request $request) { // /api/rpc/invoice/invoices/edit return ''; } public function deleteInvoice(Request $request) { // /api/rpc/invoice/invoices/delete $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { DB::table('inv_invoices')->where('id', $request->id)->delete(); return 'Done.'; } else { return 'Permission denied.'; } } } // Services public function getServices() { // /api/rpc/invoice/service/getservices return DB::table('inv_services') ->select('*') ->get(); } public function getService($id) { // /api/rpc/invoice/services/getservice/id return DB::table('inv_services') ->select('*') ->where('id', $id) ->get(); } public function newService(Request $request) { // /api/rpc/invoice/services/new $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { $add = DB::table('inv_services') ->insertGetId([ 'name' => $request->name, 'rate' => $request->rate ]); return $add; } else { return 'Permission denied.'; } } } public function editService(Request $request) { // /api/rpc/invoice/services/edit $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { DB::table('inv_services') ->where('id', $request->id) ->update([ 'name' => $request->name, 'rate' => $request->rate ]); return 'Success!'; } else { return 'Permission denied.'; } } } public function deleteService(Request $request) { // /api/rpc/invoice/services/delete $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { DB::table('inv_services')->where('id', $request->id)->delete(); return 'Done.'; } else { return 'Permission denied.'; } } } }