kevinowino869/mitrobill
1
0
Fork 1
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

set Permission

Browse Source
This commit is contained in:
Ibnu Maksum 2024-02-16 14:52:49 +07:00
parent d17c434c7b
commit 98fb853591
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
7 changed files with 68 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
install/phpnuxbill.sql
View File

@ -193,6 +193,7 @@ ALTER TABLE `tbl_users` ADD `root` INT NOT NULL DEFAULT '0' COMMENT 'for sub acc
ALTER TABLE `tbl_users` CHANGE `user_type` `user_type` ENUM('SuperAdmin','Admin','Report','Agent','Sales') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL; ALTER TABLE `tbl_users` CHANGE `user_type` `user_type` ENUM('SuperAdmin','Admin','Report','Agent','Sales') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;
ALTER TABLE `tbl_users` CHANGE `password` `password` VARCHAR(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL; ALTER TABLE `tbl_users` CHANGE `password` `password` VARCHAR(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;
ALTER TABLE `tbl_users` ADD `phone` VARCHAR(32) NOT NULL DEFAULT '' AFTER `password`, ADD `email` VARCHAR(128) NOT NULL DEFAULT '' AFTER `phone`, ADD `city` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kota' AFTER `email`, ADD `subdistrict` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kecamatan' AFTER `city`, ADD `ward` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kelurahan' AFTER `subdistrict`; ALTER TABLE `tbl_users` ADD `phone` VARCHAR(32) NOT NULL DEFAULT '' AFTER `password`, ADD `email` VARCHAR(128) NOT NULL DEFAULT '' AFTER `phone`, ADD `city` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kota' AFTER `email`, ADD `subdistrict` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kecamatan' AFTER `city`, ADD `ward` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kelurahan' AFTER `subdistrict`;
ALTER TABLE `tbl_customers` ADD `created_by` INT NOT NULL DEFAULT '0' AFTER `auto_renewal`;
ALTER TABLE `tbl_appconfig` ALTER TABLE `tbl_appconfig`
ADD PRIMARY KEY (`id`); ADD PRIMARY KEY (`id`);

14
system/controllers/customers.php
View File

@ -14,10 +14,6 @@ $admin = Admin::_info();
$ui->assign('_admin', $admin); $ui->assign('_admin', $admin);
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
switch ($action) { switch ($action) {
case 'list': case 'list':
$search = _post('search'); $search = _post('search');
@ -49,6 +45,9 @@ switch ($action) {
break; break;
case 'csv': case 'csv':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$cs = ORM::for_table('tbl_customers') $cs = ORM::for_table('tbl_customers')
->select('tbl_customers.id', 'id') ->select('tbl_customers.id', 'id')
->select('tbl_customers.username', 'username') ->select('tbl_customers.username', 'username')
@ -100,6 +99,9 @@ switch ($action) {
} }
r2(U . 'customers/view/' . $id_customer, 'e', 'Cannot find active plan'); r2(U . 'customers/view/' . $id_customer, 'e', 'Cannot find active plan');
case 'deactivate': case 'deactivate':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$id_customer = $routes['2']; $id_customer = $routes['2'];
$b = ORM::for_table('tbl_user_recharges')->where('customer_id', $id_customer)->find_one(); $b = ORM::for_table('tbl_user_recharges')->where('customer_id', $id_customer)->find_one();
if ($b) { if ($b) {
@ -209,6 +211,9 @@ switch ($action) {
break; break;
case 'delete': case 'delete':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$id = $routes['2']; $id = $routes['2'];
run_hook('delete_customer'); #HOOK run_hook('delete_customer'); #HOOK
$d = ORM::for_table('tbl_customers')->find_one($id); $d = ORM::for_table('tbl_customers')->find_one($id);
@ -290,6 +295,7 @@ switch ($action) {
$d->email = $email; $d->email = $email;
$d->fullname = $fullname; $d->fullname = $fullname;
$d->address = $address; $d->address = $address;
$d->created_by = $admin['id'];
$d->phonenumber = Lang::phoneFormat($phonenumber); $d->phonenumber = Lang::phoneFormat($phonenumber);
$d->service_type = $service_type; $d->service_type = $service_type;
$d->save(); $d->save();

22
system/controllers/prepaid.php
View File

@ -13,10 +13,6 @@ $action = $routes['1'];
$admin = Admin::_info(); $admin = Admin::_info();
$ui->assign('_admin', $admin); $ui->assign('_admin', $admin);
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Sales'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$select2_customer = <<<EOT $select2_customer = <<<EOT
<script> <script>
document.addEventListener("DOMContentLoaded", function(event) { document.addEventListener("DOMContentLoaded", function(event) {
@ -38,6 +34,9 @@ EOT;
switch ($action) { switch ($action) {
case 'sync': case 'sync':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
set_time_limit(-1); set_time_limit(-1);
$plans = ORM::for_table('tbl_user_recharges')->where('status', 'on')->find_many(); $plans = ORM::for_table('tbl_user_recharges')->where('status', 'on')->find_many();
$log = ''; $log = '';
@ -167,6 +166,9 @@ switch ($action) {
break; break;
case 'edit': case 'edit':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$id = $routes['2']; $id = $routes['2'];
$d = ORM::for_table('tbl_user_recharges')->find_one($id); $d = ORM::for_table('tbl_user_recharges')->find_one($id);
if ($d) { if ($d) {
@ -182,6 +184,9 @@ switch ($action) {
break; break;
case 'delete': case 'delete':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$id = $routes['2']; $id = $routes['2'];
$d = ORM::for_table('tbl_user_recharges')->find_one($id); $d = ORM::for_table('tbl_user_recharges')->find_one($id);
if ($d) { if ($d) {
@ -208,6 +213,9 @@ switch ($action) {
break; break;
case 'edit-post': case 'edit-post':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$username = _post('username'); $username = _post('username');
$id_plan = _post('id_plan'); $id_plan = _post('id_plan');
$recharged_on = _post('recharged_on'); $recharged_on = _post('recharged_on');
@ -295,6 +303,9 @@ switch ($action) {
break; break;
case 'remove-voucher': case 'remove-voucher':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$d = ORM::for_table('tbl_voucher')->where_equal('status', '1')->findMany(); $d = ORM::for_table('tbl_voucher')->where_equal('status', '1')->findMany();
if ($d) { if ($d) {
$jml = 0; $jml = 0;
@ -463,6 +474,9 @@ switch ($action) {
break; break;
case 'voucher-delete': case 'voucher-delete':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$id = $routes['2']; $id = $routes['2'];
run_hook('delete_voucher'); #HOOK run_hook('delete_voucher'); #HOOK
$d = ORM::for_table('tbl_voucher')->find_one($id); $d = ORM::for_table('tbl_voucher')->find_one($id);

4
system/controllers/reports.php
View File

@ -13,10 +13,6 @@ $action = $routes['1'];
$admin = Admin::_info(); $admin = Admin::_info();
$ui->assign('_admin', $admin); $ui->assign('_admin', $admin);
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Sales'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
}
$mdate = date('Y-m-d'); $mdate = date('Y-m-d');
$mtime = date('H:i:s'); $mtime = date('H:i:s');
$tdate = date('Y-m-d', strtotime('today - 30 days')); $tdate = date('Y-m-d', strtotime('today - 30 days'));

6
system/lan/english.json
View File

@ -404,5 +404,9 @@
"Add User": "Add User", "Add User": "Add User",
"Username should be between 3 to 45 characters": "Username should be between 3 to 45 characters", "Username should be between 3 to 45 characters": "Username should be between 3 to 45 characters",
"Password should be minimum 6 characters": "Password should be minimum 6 characters", "Password should be minimum 6 characters": "Password should be minimum 6 characters",
"Login": "Login" "Login": "Login",
"SuperAdmin": "SuperAdmin",
"Admin": "Admin",
"Report": "Report",
"Agent": "Agent"
} }

19
system/updates.json
View File

@ -11,29 +11,29 @@
"ALTER TABLE `tbl_transactions` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;", "ALTER TABLE `tbl_transactions` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;",
"ALTER TABLE `tbl_customers` ADD `auto_renewal` tinyint(1) NOT NULL DEFAULT 1 COMMENT 'Auto renewall using balance' AFTER `balance`;" "ALTER TABLE `tbl_customers` ADD `auto_renewal` tinyint(1) NOT NULL DEFAULT 1 COMMENT 'Auto renewall using balance' AFTER `balance`;"
], ],
"2023.8.23" : [ "2023.8.23": [
"ALTER TABLE `tbl_customers` CHANGE `pppoe_password` `pppoe_password` VARCHAR(45) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '0' COMMENT 'For PPPOE Login';" "ALTER TABLE `tbl_customers` CHANGE `pppoe_password` `pppoe_password` VARCHAR(45) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '0' COMMENT 'For PPPOE Login';"
], ],
"2023.8.28" : [ "2023.8.28": [
"ALTER TABLE `tbl_user_recharges` ADD `recharged_time` time NOT NULL DEFAULT '00:00:00' AFTER `recharged_on`;", "ALTER TABLE `tbl_user_recharges` ADD `recharged_time` time NOT NULL DEFAULT '00:00:00' AFTER `recharged_on`;",
"ALTER TABLE `tbl_transactions` ADD `recharged_time` time NOT NULL DEFAULT '00:00:00' AFTER `recharged_on`;" "ALTER TABLE `tbl_transactions` ADD `recharged_time` time NOT NULL DEFAULT '00:00:00' AFTER `recharged_on`;"
], ],
"2023.9.5" : [ "2023.9.5": [
"DROP TABLE `tbl_language`;", "DROP TABLE `tbl_language`;",
"ALTER TABLE `tbl_plans` ADD `pool_expired` varchar(40) NOT NULL DEFAULT '' AFTER `pool`;" "ALTER TABLE `tbl_plans` ADD `pool_expired` varchar(40) NOT NULL DEFAULT '' AFTER `pool`;"
], ],
"2023.9.27" : [ "2023.9.27": [
"ALTER TABLE `tbl_plans` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance','Radius') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;", "ALTER TABLE `tbl_plans` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance','Radius') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;",
"ALTER TABLE `tbl_transactions` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance','Radius') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;" "ALTER TABLE `tbl_transactions` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance','Radius') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;"
], ],
"2023.9.28" : [ "2023.9.28": [
"ALTER TABLE `tbl_plans` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;", "ALTER TABLE `tbl_plans` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;",
"ALTER TABLE `tbl_transactions` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;" "ALTER TABLE `tbl_transactions` CHANGE `type` `type` ENUM('Hotspot','PPPOE','Balance') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;"
], ],
"2023.10.1" : [ "2023.10.1": [
"ALTER TABLE `tbl_plans` ADD `is_radius` TINYINT(1) NOT NULL DEFAULT '0' COMMENT '1 is radius' AFTER `routers`; " "ALTER TABLE `tbl_plans` ADD `is_radius` TINYINT(1) NOT NULL DEFAULT '0' COMMENT '1 is radius' AFTER `routers`; "
], ],
"2023.10.24" : [ "2023.10.24": [
"ALTER TABLE `nas` ADD `routers` VARCHAR(32) NOT NULL DEFAULT '' AFTER `description`;" "ALTER TABLE `nas` ADD `routers` VARCHAR(32) NOT NULL DEFAULT '' AFTER `description`;"
], ],
"2023.12.15": [ "2023.12.15": [
@ -49,8 +49,11 @@
"2024.2.12": [ "2024.2.12": [
"ALTER TABLE `tbl_users` CHANGE `user_type` `user_type` ENUM('SuperAdmin','Admin','Report','Agent','Sales') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;" "ALTER TABLE `tbl_users` CHANGE `user_type` `user_type` ENUM('SuperAdmin','Admin','Report','Agent','Sales') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;"
], ],
"2024.2.15":[ "2024.2.15": [
"ALTER TABLE `tbl_users` CHANGE `password` `password` VARCHAR(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;", "ALTER TABLE `tbl_users` CHANGE `password` `password` VARCHAR(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;",
"ALTER TABLE `tbl_users` ADD `phone` VARCHAR(32) NOT NULL DEFAULT '' AFTER `password`, ADD `email` VARCHAR(128) NOT NULL DEFAULT '' AFTER `phone`, ADD `city` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kota' AFTER `email`, ADD `subdistrict` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kecamatan' AFTER `city`, ADD `ward` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kelurahan' AFTER `subdistrict`;" "ALTER TABLE `tbl_users` ADD `phone` VARCHAR(32) NOT NULL DEFAULT '' AFTER `password`, ADD `email` VARCHAR(128) NOT NULL DEFAULT '' AFTER `phone`, ADD `city` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kota' AFTER `email`, ADD `subdistrict` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kecamatan' AFTER `city`, ADD `ward` VARCHAR(64) NOT NULL DEFAULT '' COMMENT 'kelurahan' AFTER `subdistrict`;"
],
"2024.2.16": [
"ALTER TABLE `tbl_customers` ADD `created_by` INT NOT NULL DEFAULT '0' AFTER `auto_renewal`;"
] ]
} }

13
ui/ui/sections/header.tpl
View File

@ -67,7 +67,6 @@
<span class="sr-only">Toggle navigation</span> <span class="sr-only">Toggle navigation</span>
</a> </a>
<div class="navbar-custom-menu"> <div class="navbar-custom-menu">
<ul class="nav navbar-nav"> <ul class="nav navbar-nav">
<li class="dropdown user user-menu"> <li class="dropdown user user-menu">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown">
@ -81,12 +80,9 @@
<img src="https://robohash.org/{$_admin['id']}?set=set3&size=100x100&bgset=bg1" <img src="https://robohash.org/{$_admin['id']}?set=set3&size=100x100&bgset=bg1"
onerror="this.src='system/uploads/admin.default.png'" class="img-circle" onerror="this.src='system/uploads/admin.default.png'" class="img-circle"
alt="Avatar"> alt="Avatar">
<p> <p>
{$_admin['fullname']} {$_admin['fullname']}
<small>{if $_admin['user_type'] eq 'SuperAdmin'} {Lang::T('Administrator')} <small>{Lang::T($_admin['user_type'])}</small>
{else}
{Lang::T('Sales')} {/if}</small>
</p> </p>
</li> </li>
<li class="user-body"> <li class="user-body">
@ -113,7 +109,6 @@
</div> </div>
</nav> </nav>
</header> </header>
<aside class="main-sidebar"> <aside class="main-sidebar">
<section class="sidebar"> <section class="sidebar">
<ul class="sidebar-menu" data-widget="tree"> <ul class="sidebar-menu" data-widget="tree">
@ -124,7 +119,7 @@
</a> </a>
</li> </li>
{$_MENU_AFTER_DASHBOARD} {$_MENU_AFTER_DASHBOARD}
{if in_array($_admin['user_type'],['SuperAdmin','Admin'])} {if !in_array($_admin['user_type'],['Report'])}
<li class="{if $_system_menu eq 'customers'}active{/if} treeview"> <li class="{if $_system_menu eq 'customers'}active{/if} treeview">
<a href="#"> <a href="#">
<i class="ion ion-android-contacts"></i> <span>{Lang::T('Customer')}</span> <i class="ion ion-android-contacts"></i> <span>{Lang::T('Customer')}</span>
@ -164,6 +159,8 @@
{$_MENU_PREPAID} {$_MENU_PREPAID}
</ul> </ul>
</li> </li>
{/if}
{if in_array($_admin['user_type'],['SuperAdmin','Admin'])}
{$_MENU_AFTER_PREPAID} {$_MENU_AFTER_PREPAID}
<li class="{if $_system_menu eq 'services'}active{/if} treeview"> <li class="{if $_system_menu eq 'services'}active{/if} treeview">
<a href="#"> <a href="#">
@ -185,6 +182,7 @@
</ul> </ul>
</li> </li>
{$_MENU_AFTER_SERVICES} {$_MENU_AFTER_SERVICES}
{/if}
<li class="{if $_system_menu eq 'reports'}active{/if} treeview"> <li class="{if $_system_menu eq 'reports'}active{/if} treeview">
<a href="#"> <a href="#">
<i class="ion ion-clipboard"></i> <span>{Lang::T('Reports')}</span> <i class="ion ion-clipboard"></i> <span>{Lang::T('Reports')}</span>
@ -203,7 +201,6 @@
</ul> </ul>
</li> </li>
{$_MENU_AFTER_REPORTS} {$_MENU_AFTER_REPORTS}
{/if}
{if in_array($_admin['user_type'],['SuperAdmin','Admin'])} {if in_array($_admin['user_type'],['SuperAdmin','Admin'])}
<li class="{if $_system_menu eq 'network'}active{/if} treeview"> <li class="{if $_system_menu eq 'network'}active{/if} treeview">
<a href="#"> <a href="#">