forked from Business/AccountHub
		
	Make widgets disappear if the user doesn't have permission to use them
This commit is contained in:
		
							parent
							
								
									14f401f355
								
							
						
					
					
						commit
						be892b007d
					
				| @ -12,4 +12,9 @@ $APPS["inventory_link"]["icon"] = "cubes"; | |||||||
| $APPS["inventory_link"]["type"] = "teal"; | $APPS["inventory_link"]["type"] = "teal"; | ||||||
| $content = "<p class='mobile-app-hide'>" . lang("open inventory system", false) . '</p><a href="' . INVENTORY_HOME . '" class="btn btn-primary btn-block mobile-app-hide">' . lang("open app", false) . '  <i class="fa fa-external-link-square"></i></a>'; | $content = "<p class='mobile-app-hide'>" . lang("open inventory system", false) . '</p><a href="' . INVENTORY_HOME . '" class="btn btn-primary btn-block mobile-app-hide">' . lang("open app", false) . '  <i class="fa fa-external-link-square"></i></a>'; | ||||||
| $APPS["inventory_link"]["content"] = $content; | $APPS["inventory_link"]["content"] = $content; | ||||||
|  | 
 | ||||||
|  | require_once __DIR__ . "/../lib/login.php"; | ||||||
|  | if (account_has_permission($_SESSION['username'], "INV_VIEW") !== true) { | ||||||
|  |     unset($APPS['inventory_link']); | ||||||
|  | } | ||||||
| ?>
 | ?>
 | ||||||
| @ -1,10 +1,12 @@ | |||||||
| <?php | <?php | ||||||
| 
 | 
 | ||||||
| dieifnotloggedin(); | dieifnotloggedin(); | ||||||
|  | require_once __DIR__ . "/../lib/login.php"; | ||||||
| addMultiLangStrings(["en_us" => [ | addMultiLangStrings(["en_us" => [ | ||||||
|         "qwikclock" => "QwikClock", |         "qwikclock" => "QwikClock", | ||||||
|         "punch in" => "Punch in", |         "punch in" => "Punch in", | ||||||
|         "punch out" => "Punch out" |         "punch out" => "Punch out", | ||||||
|  |         "permission denied" => "You do not have permission to do that." | ||||||
|     ] |     ] | ||||||
| ]); | ]); | ||||||
| $APPS["qwikclock_inout"]["i18n"] = TRUE; | $APPS["qwikclock_inout"]["i18n"] = TRUE; | ||||||
| @ -12,6 +14,9 @@ $APPS["qwikclock_inout"]["title"] = "qwikclock"; | |||||||
| $APPS["qwikclock_inout"]["icon"] = "clock-o"; | $APPS["qwikclock_inout"]["icon"] = "clock-o"; | ||||||
| $APPS["qwikclock_inout"]["type"] = "blue"; | $APPS["qwikclock_inout"]["type"] = "blue"; | ||||||
| $content = ""; | $content = ""; | ||||||
|  | 
 | ||||||
|  | use GuzzleHttp\Exception\ClientException; | ||||||
|  | 
 | ||||||
| if (!is_empty($_GET['qwikclock']) && ($_GET['qwikclock'] === "punchin" || $_GET['qwikclock'] === "punchout")) { | if (!is_empty($_GET['qwikclock']) && ($_GET['qwikclock'] === "punchin" || $_GET['qwikclock'] === "punchout")) { | ||||||
|     try { |     try { | ||||||
|         $client = new GuzzleHttp\Client(); |         $client = new GuzzleHttp\Client(); | ||||||
| @ -28,6 +33,10 @@ if (!is_empty($_GET['qwikclock']) && ($_GET['qwikclock'] === "punchin" || $_GET[ | |||||||
|         } else { |         } else { | ||||||
|             $content = "<div class=\"alert alert-danger alert-dismissable\"><button type=\"button\" class=\"close\">×</button>" . $resp['msg'] . "</div>"; |             $content = "<div class=\"alert alert-danger alert-dismissable\"><button type=\"button\" class=\"close\">×</button>" . $resp['msg'] . "</div>"; | ||||||
|         } |         } | ||||||
|  |     } catch (ClientException $e) { | ||||||
|  |         if ($e->getResponse()->getStatusCode() == 403) { | ||||||
|  |             $content = "<div class=\"alert alert-danger alert-dismissable\"><button type=\"button\" class=\"close\">×</button>" . lang("permission denied", false) . "</div>"; | ||||||
|  |         } | ||||||
|     } catch (Exception $e) { |     } catch (Exception $e) { | ||||||
|         $content = "<div class=\"alert alert-danger alert-dismissable\"><button type=\"button\" class=\"close\">×</button>" . lang("error loading widget", false) . "  " . $e->getMessage() . "</div>"; |         $content = "<div class=\"alert alert-danger alert-dismissable\"><button type=\"button\" class=\"close\">×</button>" . lang("error loading widget", false) . "  " . $e->getMessage() . "</div>"; | ||||||
|     } |     } | ||||||
| @ -40,4 +49,9 @@ $content .= <<<END | |||||||
| END; | END; | ||||||
| $content .= '<br /><a href="' . QWIKCLOCK_HOME . '" class="btn btn-primary btn-block mobile-app-hide">' . lang("open app", false) . '  <i class="fa fa-external-link-square"></i></a>'; | $content .= '<br /><a href="' . QWIKCLOCK_HOME . '" class="btn btn-primary btn-block mobile-app-hide">' . lang("open app", false) . '  <i class="fa fa-external-link-square"></i></a>'; | ||||||
| $APPS["qwikclock_inout"]["content"] = $content; | $APPS["qwikclock_inout"]["content"] = $content; | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | if (account_has_permission($_SESSION['username'], "QWIKCLOCK") !== true) { | ||||||
|  |     unset($APPS['qwikclock_inout']); | ||||||
|  | } | ||||||
| ?>
 | ?>
 | ||||||
| @ -4,64 +4,65 @@ dieifnotloggedin(); | |||||||
| 
 | 
 | ||||||
| use Endroid\QrCode\QrCode; | use Endroid\QrCode\QrCode; | ||||||
| 
 | 
 | ||||||
| addMultiLangStrings(["en_us" => [ | if (MOBILE_ENABLED) { | ||||||
|         "sync mobile" => "Sync Mobile App", |     addMultiLangStrings(["en_us" => [ | ||||||
|         "scan sync qrcode" => "Scan this code with the mobile app or enter the code manually.", |             "sync mobile" => "Sync Mobile App", | ||||||
|         "sync explained" => "Access your account and apps on the go.  Use a sync code to securely connect your phone or tablet to Portal with the Netsyms Business mobile app.", |             "scan sync qrcode" => "Scan this code with the mobile app or enter the code manually.", | ||||||
|         "generate sync" => "Create new sync code", |             "sync explained" => "Access your account and apps on the go.  Use a sync code to securely connect your phone or tablet to Portal with the Netsyms Business mobile app.", | ||||||
|         "active sync codes" => "Active codes", |             "generate sync" => "Create new sync code", | ||||||
|         "no active codes" => "No active codes.", |             "active sync codes" => "Active codes", | ||||||
|         "done adding sync code" => "Done adding code" |             "no active codes" => "No active codes.", | ||||||
|     ] |             "done adding sync code" => "Done adding code" | ||||||
| ]); |         ] | ||||||
|  |     ]); | ||||||
| 
 | 
 | ||||||
| $APPS["sync_mobile"]["title"] = lang("sync mobile", false); |     $APPS["sync_mobile"]["title"] = lang("sync mobile", false); | ||||||
| $APPS["sync_mobile"]["icon"] = "mobile"; |     $APPS["sync_mobile"]["icon"] = "mobile"; | ||||||
| 
 | 
 | ||||||
| if (!is_empty($_GET['delsynccode'])) { |     if (!is_empty($_GET['delsynccode'])) { | ||||||
|     if ($database->has("mobile_codes", ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['delsynccode']]])) { |         if ($database->has("mobile_codes", ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['delsynccode']]])) { | ||||||
|         $database->delete("mobile_codes", ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['delsynccode']]]); |             $database->delete("mobile_codes", ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['delsynccode']]]); | ||||||
|  |         } | ||||||
|     } |     } | ||||||
| } |  | ||||||
| 
 | 
 | ||||||
| if ($_GET['mobilecode'] == "generate") { |     if ($_GET['mobilecode'] == "generate") { | ||||||
|     if (!is_empty($_GET['showsynccode']) && $database->has("mobile_codes", ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['showsynccode']]])) { |         if (!is_empty($_GET['showsynccode']) && $database->has("mobile_codes", ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['showsynccode']]])) { | ||||||
|         $code = $database->get("mobile_codes", 'code', ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['showsynccode']]]); |             $code = $database->get("mobile_codes", 'code', ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['showsynccode']]]); | ||||||
|     } else { |         } else { | ||||||
|         $code = strtoupper(substr(md5(mt_rand() . uniqid("", true)), 0, 20)); |             $code = strtoupper(substr(md5(mt_rand() . uniqid("", true)), 0, 20)); | ||||||
|         $database->insert('mobile_codes', ['uid' => $_SESSION['uid'], 'code' => $code]); |             $database->insert('mobile_codes', ['uid' => $_SESSION['uid'], 'code' => $code]); | ||||||
|     } |         } | ||||||
|     $url = URL . "mobile/index.php"; |         $url = URL . "mobile/index.php"; | ||||||
|     $encodedurl = str_replace("/", "\\", $url); |         $encodedurl = str_replace("/", "\\", $url); | ||||||
|     $codeuri = "bizsync://" . $encodedurl . "/" . $_SESSION['username'] . "/" . $code; |         $codeuri = "bizsync://" . $encodedurl . "/" . $_SESSION['username'] . "/" . $code; | ||||||
|     $qrCode = new QrCode($codeuri); |         $qrCode = new QrCode($codeuri); | ||||||
|     $qrCode->setSize(200); |         $qrCode->setSize(200); | ||||||
|     $qrCode->setErrorCorrection("H"); |         $qrCode->setErrorCorrection("H"); | ||||||
|     $qrcode = $qrCode->getDataUri(); |         $qrcode = $qrCode->getDataUri(); | ||||||
|     $chunk_code = trim(chunk_split($code, 5, ' ')); |         $chunk_code = trim(chunk_split($code, 5, ' ')); | ||||||
|     $lang_done = lang("done adding sync code", false); |         $lang_done = lang("done adding sync code", false); | ||||||
|     $APPS["sync_mobile"]["content"] = '<div class="alert alert-info"><i class="fa fa-info-circle"></i> ' . lang("scan sync qrcode", false) . '</div>' . <<<END |         $APPS["sync_mobile"]["content"] = '<div class="alert alert-info"><i class="fa fa-info-circle"></i> ' . lang("scan sync qrcode", false) . '</div>' . <<<END | ||||||
| <img src="$qrcode" class="img-responsive qrcode" /> | <img src="$qrcode" class="img-responsive qrcode" /> | ||||||
| <div class="well well-sm" style="text-align: center; font-size: 110%; font-family: monospace;">$chunk_code</div> | <div class="well well-sm" style="text-align: center; font-size: 110%; font-family: monospace;">$chunk_code</div> | ||||||
| <div class="well well-sm" style="text-align: center; font-size: 110%; font-family: monospace;">$url</div> | <div class="well well-sm" style="text-align: center; font-size: 110%; font-family: monospace;">$url</div> | ||||||
| <a class="btn btn-success btn-sm btn-block" href="home.php?page=security">$lang_done</a> | <a class="btn btn-success btn-sm btn-block" href="home.php?page=security">$lang_done</a> | ||||||
| END; | END; | ||||||
| } else { |  | ||||||
|     $activecodes = $database->select("mobile_codes", ["codeid", "code"], ["uid" => $_SESSION['uid']]); |  | ||||||
|     $content = '<div class="alert alert-info"><i class="fa fa-info-circle"></i> ' . lang("sync explained", false) . '</div>' |  | ||||||
|             . '<a class="btn btn-success btn-sm btn-block" href="home.php?page=security&mobilecode=generate">' |  | ||||||
|             . lang("generate sync", false) . '</a>'; |  | ||||||
|     $content .= "<br /><b>" . lang("active sync codes", false) . ":</b><br />"; |  | ||||||
|     $content .= "<div class='list-group'>"; |  | ||||||
|     if (count($activecodes) > 0) { |  | ||||||
|         foreach ($activecodes as $c) { |  | ||||||
|             $content .= "<div class='list-group-item mobilekey'><span style='font-family: Ubuntu Mono,monospace; flex-shrink: 0'>" . trim(chunk_split($c['code'], 5, ' ')) . "</span> <span class='tinybuttons'><a class='btn btn-primary btn-sm' href='home.php?page=security&mobilecode=generate&showsynccode=" . $c['codeid'] . "'><i class='fa fa-qrcode'></i></a> <a class='btn btn-danger btn-sm' href='home.php?page=security&delsynccode=" . $c['codeid'] . "'><i class='fa fa-trash'></i></a></span></div>"; |  | ||||||
|         } |  | ||||||
|     } else { |     } else { | ||||||
|         $content .= "<div class='list-group-item'>" . lang("no active codes", false) . "</div>"; |         $activecodes = $database->select("mobile_codes", ["codeid", "code"], ["uid" => $_SESSION['uid']]); | ||||||
|     } |         $content = '<div class="alert alert-info"><i class="fa fa-info-circle"></i> ' . lang("sync explained", false) . '</div>' | ||||||
|     $content .= "</div>"; |                 . '<a class="btn btn-success btn-sm btn-block" href="home.php?page=security&mobilecode=generate">' | ||||||
|     $content .= <<<END |                 . lang("generate sync", false) . '</a>'; | ||||||
|  |         $content .= "<br /><b>" . lang("active sync codes", false) . ":</b><br />"; | ||||||
|  |         $content .= "<div class='list-group'>"; | ||||||
|  |         if (count($activecodes) > 0) { | ||||||
|  |             foreach ($activecodes as $c) { | ||||||
|  |                 $content .= "<div class='list-group-item mobilekey'><span style='font-family: Ubuntu Mono,monospace; flex-shrink: 0'>" . trim(chunk_split($c['code'], 5, ' ')) . "</span> <span class='tinybuttons'><a class='btn btn-primary btn-sm' href='home.php?page=security&mobilecode=generate&showsynccode=" . $c['codeid'] . "'><i class='fa fa-qrcode'></i></a> <a class='btn btn-danger btn-sm' href='home.php?page=security&delsynccode=" . $c['codeid'] . "'><i class='fa fa-trash'></i></a></span></div>"; | ||||||
|  |             } | ||||||
|  |         } else { | ||||||
|  |             $content .= "<div class='list-group-item'>" . lang("no active codes", false) . "</div>"; | ||||||
|  |         } | ||||||
|  |         $content .= "</div>"; | ||||||
|  |         $content .= <<<END | ||||||
|             <style> |             <style> | ||||||
|                 .mobilekey { |                 .mobilekey { | ||||||
|                     display: flex; |                     display: flex; | ||||||
| @ -70,5 +71,6 @@ END; | |||||||
|                 } |                 } | ||||||
|             </style> |             </style> | ||||||
| END; | END; | ||||||
|     $APPS["sync_mobile"]["content"] = $content; |         $APPS["sync_mobile"]["content"] = $content; | ||||||
|  |     } | ||||||
| } | } | ||||||
| @ -10,6 +10,9 @@ $APPS["taskfloor_messages"]["i18n"] = TRUE; | |||||||
| $APPS["taskfloor_messages"]["title"] = "messages"; | $APPS["taskfloor_messages"]["title"] = "messages"; | ||||||
| $APPS["taskfloor_messages"]["icon"] = "comments"; | $APPS["taskfloor_messages"]["icon"] = "comments"; | ||||||
| $APPS["taskfloor_messages"]["type"] = "deep-purple"; | $APPS["taskfloor_messages"]["type"] = "deep-purple"; | ||||||
|  | 
 | ||||||
|  | use GuzzleHttp\Exception\ClientException; | ||||||
|  | 
 | ||||||
| try { | try { | ||||||
|     $client = new GuzzleHttp\Client(); |     $client = new GuzzleHttp\Client(); | ||||||
| 
 | 
 | ||||||
| @ -46,9 +49,15 @@ END; | |||||||
|             $content = "<div class=\"alert alert-info\">" . lang("no messages", false) . "</div>"; |             $content = "<div class=\"alert alert-info\">" . lang("no messages", false) . "</div>"; | ||||||
|         } |         } | ||||||
|     } |     } | ||||||
|  |     $content .= '<a href="' . TASKFLOOR_HOME . '" class="btn btn-primary btn-block mobile-app-hide">' . lang("open app", false) . '  <i class="fa fa-external-link-square"></i></a>'; | ||||||
|  |     $APPS["taskfloor_messages"]["content"] = $content; | ||||||
|  | } catch (ClientException $e) { | ||||||
|  |     if ($e->getResponse()->getStatusCode() == 403) { | ||||||
|  |         unset($APPS['taskfloor_messages']); | ||||||
|  |     } | ||||||
| } catch (Exception $e) { | } catch (Exception $e) { | ||||||
|     $content = "<div class=\"alert alert-danger\">" . lang("error loading widget", false) . "  " . $e->getMessage() . "</div>"; |     $content = "<div class=\"alert alert-danger\">" . lang("error loading widget", false) . "  " . $e->getMessage() . "</div>"; | ||||||
|  |     $content .= '<a href="' . TASKFLOOR_HOME . '" class="btn btn-primary btn-block mobile-app-hide">' . lang("open app", false) . '  <i class="fa fa-external-link-square"></i></a>'; | ||||||
|  |     $APPS["taskfloor_messages"]["content"] = $content; | ||||||
| } | } | ||||||
| $content .= '<a href="' . TASKFLOOR_HOME . '" class="btn btn-primary btn-block mobile-app-hide">' . lang("open app", false) . '  <i class="fa fa-external-link-square"></i></a>'; |  | ||||||
| $APPS["taskfloor_messages"]["content"] = $content; |  | ||||||
| ?>
 | ?>
 | ||||||
| @ -10,6 +10,9 @@ $APPS["taskfloor_tasks"]["i18n"] = TRUE; | |||||||
| $APPS["taskfloor_tasks"]["title"] = "tasks"; | $APPS["taskfloor_tasks"]["title"] = "tasks"; | ||||||
| $APPS["taskfloor_tasks"]["icon"] = "tasks"; | $APPS["taskfloor_tasks"]["icon"] = "tasks"; | ||||||
| $APPS["taskfloor_tasks"]["type"] = "blue-grey"; | $APPS["taskfloor_tasks"]["type"] = "blue-grey"; | ||||||
|  | 
 | ||||||
|  | use GuzzleHttp\Exception\ClientException; | ||||||
|  | 
 | ||||||
| try { | try { | ||||||
|     $client = new GuzzleHttp\Client(); |     $client = new GuzzleHttp\Client(); | ||||||
| 
 | 
 | ||||||
| @ -34,9 +37,15 @@ try { | |||||||
|             $content = "<div class=\"alert alert-success\">" . lang("no tasks found", false) . "</div>"; |             $content = "<div class=\"alert alert-success\">" . lang("no tasks found", false) . "</div>"; | ||||||
|         } |         } | ||||||
|     } |     } | ||||||
|  |     $content .= '<a href="' . TASKFLOOR_HOME . '" class="btn btn-primary btn-block mobile-app-hide">' . lang("open app", false) . '  <i class="fa fa-external-link-square"></i></a>'; | ||||||
|  |     $APPS["taskfloor_tasks"]["content"] = $content; | ||||||
|  | } catch (ClientException $e) { | ||||||
|  |     if ($e->getResponse()->getStatusCode() == 403) { | ||||||
|  |         unset($APPS['taskfloor_tasks']); | ||||||
|  |     } | ||||||
| } catch (Exception $e) { | } catch (Exception $e) { | ||||||
|     $content = "<div class=\"alert alert-danger\">" . lang("error loading widget", false) . "  " . $e->getMessage() . "</div>"; |     $content = "<div class=\"alert alert-danger\">" . lang("error loading widget", false) . "  " . $e->getMessage() . "</div>"; | ||||||
|  |     $content .= '<a href="' . TASKFLOOR_HOME . '" class="btn btn-primary btn-block mobile-app-hide">' . lang("open app", false) . '  <i class="fa fa-external-link-square"></i></a>'; | ||||||
|  |     $APPS["taskfloor_tasks"]["content"] = $content; | ||||||
| } | } | ||||||
| $content .= '<a href="' . TASKFLOOR_HOME . '" class="btn btn-primary btn-block mobile-app-hide">' . lang("open app", false) . '  <i class="fa fa-external-link-square"></i></a>'; |  | ||||||
| $APPS["taskfloor_tasks"]["content"] = $content; |  | ||||||
| ?>
 | ?>
 | ||||||
							
								
								
									
										13
									
								
								home.php
									
									
									
									
									
								
							
							
						
						
									
										13
									
								
								home.php
									
									
									
									
									
								
							| @ -156,7 +156,15 @@ END; | |||||||
|             <div class="row widget-box"> |             <div class="row widget-box"> | ||||||
|                 <?php |                 <?php | ||||||
|                 // Center the widgets horizontally on the screen
 |                 // Center the widgets horizontally on the screen
 | ||||||
|                 $appcount = count(APPS[$pageid]); |                 $appcount = 0; | ||||||
|  |                 foreach (APPS[$pageid] as $app) { | ||||||
|  |                     if (file_exists(__DIR__ . "/apps/" . $app . ".php")) { | ||||||
|  |                         include_once __DIR__ . "/apps/" . $app . ".php"; | ||||||
|  |                         if (isset($APPS[$app])) { | ||||||
|  |                             $appcount++; | ||||||
|  |                         } | ||||||
|  |                     } | ||||||
|  |                 } | ||||||
|                 if ($appcount == 1) { |                 if ($appcount == 1) { | ||||||
|                     ?>
 |                     ?>
 | ||||||
|                     <div class="hidden-xs col-sm-3 col-md-4 col-lg-4"> |                     <div class="hidden-xs col-sm-3 col-md-4 col-lg-4"> | ||||||
| @ -175,6 +183,9 @@ END; | |||||||
|                 foreach (APPS[$pageid] as $app) { |                 foreach (APPS[$pageid] as $app) { | ||||||
|                     if (file_exists(__DIR__ . "/apps/" . $app . ".php")) { |                     if (file_exists(__DIR__ . "/apps/" . $app . ".php")) { | ||||||
|                         include_once __DIR__ . "/apps/" . $app . ".php"; |                         include_once __DIR__ . "/apps/" . $app . ".php"; | ||||||
|  |                         if (!isset($APPS[$app])) { | ||||||
|  |                             continue; | ||||||
|  |                         } | ||||||
|                         $apptitle = ($APPS[$app]['i18n'] === TRUE ? lang($APPS[$app]['title'], false) : $APPS[$app]['title']); |                         $apptitle = ($APPS[$app]['i18n'] === TRUE ? lang($APPS[$app]['title'], false) : $APPS[$app]['title']); | ||||||
|                         $appicon = (is_empty($APPS[$app]['icon']) ? "" : "fa fa-fw fa-" . $APPS[$app]['icon']); |                         $appicon = (is_empty($APPS[$app]['icon']) ? "" : "fa fa-fw fa-" . $APPS[$app]['icon']); | ||||||
|                         $apptype = (is_empty($APPS[$app]['type']) ? "default" : $APPS[$app]['type']); |                         $apptype = (is_empty($APPS[$app]['type']) ? "default" : $APPS[$app]['type']); | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user