kevinowino869/mitrobill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

set Permission

Browse Source
This commit is contained in:
Ibnu Maksum 2024-02-16 14:52:49 +07:00
parent d17c434c7b
commit 98fb853591
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
7 changed files with 68 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
install/phpnuxbill.sql
View File

@ -193,6 +193,7 @@ ALTER TABLE `tbl_users` ADD `root` INT NOT NULL DEFAULT '0' COMMENT 'for sub acc
ALTER TABLE `tbl_users` CHANGE `user_type` `user_type` ENUM('SuperAdmin','Admin','Report','Agent','Sales') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;
ALTER TABLE `tbl_users` CHANGE `password` `password` VARCHAR(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;
ALTER TABLE `tbl_users` ADD `phone` VARCHAR(32) NOT NULL DEFAULT '' AFTER `password`, ADD `email` VARCHAR(128) NOT NULL DEFAULT '' AFTER `phone`, ADD `city` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kota' AFTER `email`, ADD `subdistrict` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kecamatan' AFTER `city`, ADD `ward` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kelurahan' AFTER `subdistrict`;
ALTER TABLE `tbl_customers` ADD `created_by` INT NOT NULL DEFAULT '0' AFTER `auto_renewal`;
ALTER TABLE `tbl_appconfig`
ADD PRIMARY KEY (`id`);

14
system/controllers/customers.php
View File

@ -14,10 +14,6 @@ $admin = Admin::_info();
$ui->assign('_admin', $admin);
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
switch ($action) {
case 'list':
$search = _post('search');
@ -49,6 +45,9 @@ switch ($action) {
break;
case 'csv':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$cs = ORM::for_table('tbl_customers')
->select('tbl_customers.id', 'id')
->select('tbl_customers.username', 'username')
@ -100,6 +99,9 @@ switch ($action) {
}
r2(U . 'customers/view/' . $id_customer, 'e', 'Cannot find active plan');
case 'deactivate':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$id_customer = $routes['2'];
$b = ORM::for_table('tbl_user_recharges')->where('customer_id', $id_customer)->find_one();
if ($b) {
@ -209,6 +211,9 @@ switch ($action) {
break;
case 'delete':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$id = $routes['2'];
run_hook('delete_customer'); #HOOK
$d = ORM::for_table('tbl_customers')->find_one($id);
@ -290,6 +295,7 @@ switch ($action) {
$d->email = $email;
$d->fullname = $fullname;
$d->address = $address;
$d->created_by = $admin['id'];
$d->phonenumber = Lang::phoneFormat($phonenumber);
$d->service_type = $service_type;
$d->save();

22
system/controllers/prepaid.php
View File

@ -13,10 +13,6 @@ $action = $routes['1'];
$admin = Admin::_info();
$ui->assign('_admin', $admin);
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Sales'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$select2_customer = <<<EOT
<script>
document.addEventListener("DOMContentLoaded", function(event) {
@ -38,6 +34,9 @@ EOT;
switch ($action) {
case 'sync':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
set_time_limit(-1);
$plans = ORM::for_table('tbl_user_recharges')->where('status', 'on')->find_many();
$log = '';
@ -167,6 +166,9 @@ switch ($action) {
break;
case 'edit':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$id = $routes['2'];
$d = ORM::for_table('tbl_user_recharges')->find_one($id);
if ($d) {
@ -182,6 +184,9 @@ switch ($action) {
break;
case 'delete':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$id = $routes['2'];
$d = ORM::for_table('tbl_user_recharges')->find_one($id);
if ($d) {
@ -208,6 +213,9 @@ switch ($action) {
break;
case 'edit-post':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$username = _post('username');
$id_plan = _post('id_plan');
$recharged_on = _post('recharged_on');
@ -295,6 +303,9 @@ switch ($action) {
break;
case 'remove-voucher':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$d = ORM::for_table('tbl_voucher')->where_equal('status', '1')->findMany();
if ($d) {
$jml = 0;
@ -463,6 +474,9 @@ switch ($action) {
break;
case 'voucher-delete':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$id = $routes['2'];
run_hook('delete_voucher'); #HOOK
$d = ORM::for_table('tbl_voucher')->find_one($id);

4
system/controllers/reports.php
View File

@ -13,10 +13,6 @@ $action = $routes['1'];
$admin = Admin::_info();
$ui->assign('_admin', $admin);
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Sales'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$mdate = date('Y-m-d');
$mtime = date('H:i:s');
$tdate = date('Y-m-d', strtotime('today - 30 days'));

6
system/lan/english.json
View File

@ -404,5 +404,9 @@
"Add User": "Add User",
"Username should be between 3 to 45 characters": "Username should be between 3 to 45 characters",
"Password should be minimum 6 characters": "Password should be minimum 6 characters",
"Login": "Login"
"Login": "Login",
"SuperAdmin": "SuperAdmin",
"Admin": "Admin",
"Report": "Report",
"Agent": "Agent"
}

21
system/updates.json
View File

@ -11,35 +11,35 @@
"ALTER TABLE `tbl_transactions` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;",
"ALTER TABLE `tbl_customers` ADD `auto_renewal` tinyint(1) NOT NULL DEFAULT 1 COMMENT 'Auto renewall using balance' AFTER `balance`;"
],
"2023.8.23" : [
"2023.8.23": [
"ALTER TABLE `tbl_customers` CHANGE `pppoe_password` `pppoe_password` VARCHAR(45) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '0' COMMENT 'For PPPOE Login';"
],
"2023.8.28" : [
"2023.8.28": [
"ALTER TABLE `tbl_user_recharges` ADD `recharged_time` time NOT NULL DEFAULT '00:00:00' AFTER `recharged_on`;",
"ALTER TABLE `tbl_transactions` ADD `recharged_time` time NOT NULL DEFAULT '00:00:00' AFTER `recharged_on`;"
],
"2023.9.5" : [
"2023.9.5": [
"DROP TABLE `tbl_language`;",
"ALTER TABLE `tbl_plans` ADD `pool_expired` varchar(40) NOT NULL DEFAULT '' AFTER `pool`;"
],
"2023.9.27" : [
"2023.9.27": [
"ALTER TABLE `tbl_plans` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance','Radius') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;",
"ALTER TABLE `tbl_transactions` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance','Radius') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;"
],
"2023.9.28" : [
"2023.9.28": [
"ALTER TABLE `tbl_plans` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;",
"ALTER TABLE `tbl_transactions` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;"
],
"2023.10.1" : [
"2023.10.1": [
"ALTER TABLE `tbl_plans` ADD `is_radius` TINYINT(1) NOT NULL DEFAULT '0' COMMENT '1 is radius' AFTER `routers`; "
],
"2023.10.24" : [
"2023.10.24": [
"ALTER TABLE `nas` ADD `routers` VARCHAR(32) NOT NULL DEFAULT '' AFTER `description`;"
],
"2023.12.15": [
"ALTER TABLE `tbl_customers` ADD `service_type` ENUM('Hotspot','PPPoE','Others') DEFAULT 'Others' COMMENT 'For selecting user type' AFTER `balance`;"
],
"2024.1.11": [
"2024.1.11": [
"ALTER TABLE `tbl_plans` ADD `allow_purchase` ENUM('yes','no') DEFAULT 'yes' COMMENT 'allow to show package in buy package page' AFTER `enabled`;"
],
"2024.2.7": [
@ -49,8 +49,11 @@
"2024.2.12": [
"ALTER TABLE `tbl_users` CHANGE `user_type` `user_type` ENUM('SuperAdmin','Admin','Report','Agent','Sales') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;"
],
"2024.2.15":[
"2024.2.15": [
"ALTER TABLE `tbl_users` CHANGE `password` `password` VARCHAR(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;",
"ALTER TABLE `tbl_users` ADD `phone` VARCHAR(32) NOT NULL DEFAULT '' AFTER `password`, ADD `email` VARCHAR(128) NOT NULL DEFAULT '' AFTER `phone`, ADD `city` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kota' AFTER `email`, ADD `subdistrict` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kecamatan' AFTER `city`, ADD `ward` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kelurahan' AFTER `subdistrict`;"
],
"2024.2.16": [
"ALTER TABLE `tbl_customers` ADD `created_by` INT NOT NULL DEFAULT '0' AFTER `auto_renewal`;"
]
}

47
ui/ui/sections/header.tpl
View File

@ -67,7 +67,6 @@
<span class="sr-only">Toggle navigation</span>
</a>
<div class="navbar-custom-menu">
<ul class="nav navbar-nav">
<li class="dropdown user user-menu">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
@ -81,12 +80,9 @@
<img src="https://robohash.org/{$_admin['id']}?set=set3&size=100x100&bgset=bg1"
onerror="this.src='system/uploads/admin.default.png'" class="img-circle"
alt="Avatar">
<p>
{$_admin['fullname']}
<small>{if $_admin['user_type'] eq 'SuperAdmin'} {Lang::T('Administrator')}
{else}
{Lang::T('Sales')} {/if}</small>
<small>{Lang::T($_admin['user_type'])}</small>
</p>
</li>
<li class="user-body">
@ -113,7 +109,6 @@
</div>
</nav>
</header>
<aside class="main-sidebar">
<section class="sidebar">
<ul class="sidebar-menu" data-widget="tree">
@ -124,7 +119,7 @@
</a>
</li>
{$_MENU_AFTER_DASHBOARD}
{if in_array($_admin['user_type'],['SuperAdmin','Admin'])}
{if !in_array($_admin['user_type'],['Report'])}
<li class="{if $_system_menu eq 'customers'}active{/if} treeview">
<a href="#">
<i class="ion ion-android-contacts"></i> <span>{Lang::T('Customer')}</span>
@ -164,6 +159,8 @@
{$_MENU_PREPAID}
</ul>
</li>
{/if}
{if in_array($_admin['user_type'],['SuperAdmin','Admin'])}
{$_MENU_AFTER_PREPAID}
<li class="{if $_system_menu eq 'services'}active{/if} treeview">
<a href="#">
@ -185,25 +182,25 @@
</ul>
</li>
{$_MENU_AFTER_SERVICES}
<li class="{if $_system_menu eq 'reports'}active{/if} treeview">
<a href="#">
<i class="ion ion-clipboard"></i> <span>{Lang::T('Reports')}</span>
<span class="pull-right-container">
<i class="fa fa-angle-left pull-right"></i>
</span>
</a>
<ul class="treeview-menu">
<li {if $_routes[1] eq 'daily-report'}class="active" {/if}><a
href="{$_url}reports/daily-report">{Lang::T('Daily Reports')}</a></li>
<li {if $_routes[1] eq 'by-period'}class="active" {/if}><a
href="{$_url}reports/by-period">{Lang::T('Period Reports')}</a></li>
<li {if $_routes[1] eq 'activation'}class="active" {/if}><a
href="{$_url}reports/activation">{Lang::T('Activation History')}</a></li>
{$_MENU_REPORTS}
</ul>
</li>
{$_MENU_AFTER_REPORTS}
{/if}
<li class="{if $_system_menu eq 'reports'}active{/if} treeview">
<a href="#">
<i class="ion ion-clipboard"></i> <span>{Lang::T('Reports')}</span>
<span class="pull-right-container">
<i class="fa fa-angle-left pull-right"></i>
</span>
</a>
<ul class="treeview-menu">
<li {if $_routes[1] eq 'daily-report'}class="active" {/if}><a
href="{$_url}reports/daily-report">{Lang::T('Daily Reports')}</a></li>
<li {if $_routes[1] eq 'by-period'}class="active" {/if}><a
href="{$_url}reports/by-period">{Lang::T('Period Reports')}</a></li>
<li {if $_routes[1] eq 'activation'}class="active" {/if}><a
href="{$_url}reports/activation">{Lang::T('Activation History')}</a></li>
{$_MENU_REPORTS}
</ul>
</li>
{$_MENU_AFTER_REPORTS}
{if in_array($_admin['user_type'],['SuperAdmin','Admin'])}
<li class="{if $_system_menu eq 'network'}active{/if} treeview">
<a href="#">