Merge branch 'ChurchCRM:master' into 5986-use-default-country-as-stan…

…dard
ChurchCRM · May 8, 2024 · e090877 · e090877
2 parents 577b171 + 75082a2
commit e090877
Show file tree

Hide file tree

Showing 8 changed files with 153 additions and 12 deletions.
diff --git a/cypress/e2e/ui/events/standard.events.spec.js b/cypress/e2e/ui/events/standard.events.spec.js
@@ -15,7 +15,6 @@ context("Standard User Session", () => {
         cy.contains("Berry, Miss Brianna");
     });
 
-
     it("View Event via URL", () => {
         cy.loginStandard("EditEventAttendees.php?eventId=3");
         cy.contains("Attendees for Event : Summer Camp");
@@ -26,13 +25,11 @@ context("Standard User Session", () => {
         cy.contains("Listing All Church Events");
     });
 
-
     it("View Event via invalid URL id", () => {
         cy.loginStandard("EditEventAttendees.php?eventId=99999", false);
         cy.contains("Listing All Church Events");
     });
 
-
     it("CheckIn People", () => {
         cy.loginStandard("Checkin.php");
         cy.contains("Event Checkin");

diff --git a/cypress/e2e/ui/people/standard.family.spec.js b/cypress/e2e/ui/people/standard.family.spec.js
@@ -62,10 +62,12 @@ context("Standard Family", () => {
         cy.get('input[name="Longitude"]').clear();
 
         // Fill in Other Info section
-        const weddingYear = '2024';
-        const weddingMonth = '04';
-        const weddingDay = '03';
-        cy.get('#WeddingDate').type(`${weddingYear}-${weddingMonth}-${weddingDay}`);
+        const weddingYear = "2024";
+        const weddingMonth = "04";
+        const weddingDay = "03";
+        cy.get("#WeddingDate").type(
+            `${weddingYear}-${weddingMonth}-${weddingDay}`,
+        );
 
         // Fill in Family Members
         cy.get('input[name="FirstName1"]').type("Mike");

diff --git a/cypress/e2e/ui/people/standard.people.filterbyclassification.spec.js b/cypress/e2e/ui/people/standard.people.filterbyclassification.spec.js
@@ -0,0 +1,85 @@
+describe("template spec", () => {
+    it("filter-by-classification", () => {
+        cy.loginAdmin("OptionManager.php?mode=classes");
+        cy.get("#inactive4").uncheck();
+        cy.get("#inactive5").uncheck();
+
+        cy.reload();
+
+        cy.get("#inactive1").should("not.be.checked");
+        cy.get("#inactive2").should("not.be.checked");
+        cy.get("#inactive3").should("not.be.checked");
+        cy.get("#inactive4").should("not.be.checked");
+        cy.get("#inactive5").should("not.be.checked");
+
+        cy.visit("v2/people?familyActiveStatus=inactive");
+        cy.get("#members_filter input").type("[email protected]");
+        cy.contains("No matching records found");
+
+        cy.visit("v2/people?familyActiveStatus=all");
+        cy.get("#members_filter input").type("[email protected]");
+        cy.contains("(564)-714-4633");
+
+        cy.visit("v2/people");
+        cy.get("#members_filter input").type("[email protected]");
+        cy.contains("(564)-714-4633");
+
+        cy.visit("OptionManager.php?mode=classes");
+        cy.get("#inactive4").check();
+
+        cy.reload();
+
+        cy.get("#inactive1").should("not.be.checked");
+        cy.get("#inactive2").should("not.be.checked");
+        cy.get("#inactive3").should("not.be.checked");
+        cy.get("#inactive4").should("be.checked");
+        cy.get("#inactive5").should("not.be.checked");
+
+        cy.visit("v2/people?familyActiveStatus=inactive");
+        cy.get("#members_filter input").type("[email protected]");
+        cy.contains("No matching records found");
+
+        cy.visit("v2/people?familyActiveStatus=all");
+        cy.get("#members_filter input").type("[email protected]");
+        cy.contains("(564)-714-4633");
+
+        cy.visit("v2/people");
+        cy.get("#members_filter input").type("[email protected]");
+        cy.contains("(564)-714-4633");
+
+        cy.visit("OptionManager.php?mode=classes");
+        cy.get("#inactive5").check();
+
+        cy.reload();
+
+        cy.get("#inactive1").should("not.be.checked");
+        cy.get("#inactive2").should("not.be.checked");
+        cy.get("#inactive3").should("not.be.checked");
+        cy.get("#inactive4").should("be.checked");
+        cy.get("#inactive5").should("be.checked");
+
+        cy.visit("v2/people?familyActiveStatus=inactive");
+        cy.get("#members_filter input").type("[email protected]");
+        cy.contains("(564)-714-4633");
+
+        cy.visit("v2/people?familyActiveStatus=all");
+        cy.get("#members_filter input").type("[email protected]");
+        cy.contains("(564)-714-4633");
+
+        cy.visit("v2/people");
+        cy.get("#members_filter input").type("[email protected]");
+        cy.contains("No matching records found");
+
+        cy.visit("OptionManager.php?mode=classes");
+        cy.get("#inactive4").uncheck();
+        cy.get("#inactive5").uncheck();
+
+        cy.reload();
+
+        cy.get("#inactive1").should("not.be.checked");
+        cy.get("#inactive2").should("not.be.checked");
+        cy.get("#inactive3").should("not.be.checked");
+        cy.get("#inactive4").should("not.be.checked");
+        cy.get("#inactive5").should("not.be.checked");
+    });
+});
diff --git a/src/ChurchCRM/data/Countries.php b/src/ChurchCRM/data/Countries.php
@@ -277,7 +277,7 @@ public static function getNames(): array
     {
         self::initializeCountries();
 
-        return array_map(['static', 'getSingleName'], self::$countries);
+        return array_map([__CLASS__, 'getSingleName'], self::$countries);
     }
 
     public static function getAll(): array
@@ -303,7 +303,7 @@ public static function getCountryByName(string $CountryName): ?Country
         self::initializeCountries();
         $result = array_filter(self::$countries, fn ($e): bool => $e->getCountryName() === $CountryName);
         if (count($result) === 1) {
-            // Note that array_values() is needed because array_filter does not return  continuous array
+            // Note that array_values() is needed because array_filter does not return a continuous array
             return array_values($result)[0];
         }
 

diff --git a/src/ChurchCRM/dto/SystemConfig.php b/src/ChurchCRM/dto/SystemConfig.php
@@ -265,6 +265,7 @@ private static function buildConfigs(): array
             's2FAApplicationName'                  => new ConfigItem(2070, 's2FAApplicationName', 'text', gettext('ChurchCRM'), gettext('Specify the application name to be displayed in authenticator app')),
             'bSendUserDeletedEmail'                => new ConfigItem(2071, 'bSendUserDeletedEmail', 'boolean', '0', gettext('Send an email notifying users when their account has been deleted')),
             'sGoogleMapsRenderKey'                 => new ConfigItem(2072, 'sGoogleMapsRenderKey', 'text', '', gettext('Google Maps API Key used for rendering maps in browser'), 'https://developers.google.com/maps/documentation/javascript/get-api-key'),
+            'sInactiveClassification'              => new ConfigItem(2073, 'sInactiveClassification', 'text', '', gettext('Comma separated list of classifications that should appear as inactive')),
             'sDefaultZip'                          => new ConfigItem(2074, 'sDefaultZip', 'text', '', gettext('Default Zip')),
         ];
     }
@@ -275,7 +276,7 @@ private static function buildCategories(): array
             gettext('Church Information') => ['sChurchName', 'sChurchAddress', 'sChurchCity', 'sChurchState', 'sChurchZip', 'sChurchCountry', 'sChurchPhone', 'sChurchEmail', 'sHomeAreaCode', 'sTimeZone', 'iChurchLatitude', 'iChurchLongitude', 'sChurchWebSite', 'sChurchFB', 'sChurchTwitter'],
             gettext('User Setup')         => ['iMinPasswordLength', 'iMinPasswordChange', 'iMaxFailedLogins', 'iSessionTimeout', 'aDisallowedPasswords', 'bEnableLostPassword', 'bEnable2FA', 'bRequire2FA', 's2FAApplicationName', 'bSendUserDeletedEmail'],
             gettext('Email Setup')        => ['sSMTPHost', 'bSMTPAuth', 'sSMTPUser', 'sSMTPPass', 'iSMTPTimeout', 'sToEmailAddress', 'bPHPMailerAutoTLS', 'sPHPMailerSMTPSecure'],
-            gettext('People Setup')       => ['sDirClassifications', 'sDirRoleHead', 'sDirRoleSpouse', 'sDirRoleChild', 'sDefaultCity', 'sDefaultState', 'sDefaultZip', 'sDefaultCountry', 'bShowFamilyData', 'bHidePersonAddress', 'bHideFriendDate', 'bHideFamilyNewsletter', 'bHideWeddingDate', 'bHideLatLon', 'bForceUppercaseZip', 'bEnableSelfRegistration', 'bAllowEmptyLastName', 'iPersonNameStyle', 'iProfilePictureListSize', 'sNewPersonNotificationRecipientIDs', 'IncludeDataInNewPersonNotifications', 'sGreeterCustomMsg1', 'sGreeterCustomMsg2'],
+            gettext('People Setup')       => ['sDirClassifications', 'sDirRoleHead', 'sDirRoleSpouse', 'sDirRoleChild', 'sDefaultCity', 'sDefaultState', 'sDefaultZip', 'sDefaultCountry', 'bShowFamilyData', 'bHidePersonAddress', 'bHideFriendDate', 'bHideFamilyNewsletter', 'bHideWeddingDate', 'bHideLatLon', 'bForceUppercaseZip', 'bEnableSelfRegistration', 'bAllowEmptyLastName', 'iPersonNameStyle', 'iProfilePictureListSize', 'sNewPersonNotificationRecipientIDs', 'IncludeDataInNewPersonNotifications', 'sGreeterCustomMsg1', 'sGreeterCustomMsg2', 'sInactiveClassification'],
             gettext('Enabled Features')   => ['bEnabledFinance', 'bEnabledSundaySchool', 'bEnabledEvents', 'bEnabledCalendar', 'bEnabledFundraiser', 'bEnabledEmail', 'bEnabledMenuLinks'],
             gettext('Map Settings')       => ['sGeoCoderProvider', 'sGoogleMapsGeocodeKey', 'sGoogleMapsRenderKey', 'sBingMapKey', 'sGMapIcons', 'iMapZoom'],
             gettext('Report Settings')    => ['sQBDTSettings', 'leftX', 'incrementY', 'sTaxReport1', 'sTaxReport2', 'sTaxReport3', 'sTaxSigner', 'sReminder1', 'sReminderSigner', 'sReminderNoPledge', 'sReminderNoPayments', 'sConfirm1', 'sConfirm2', 'sConfirm3', 'sConfirm4', 'sConfirm5', 'sConfirm6', 'sDear', 'sConfirmSincerely', 'sConfirmSigner', 'sPledgeSummary1', 'sPledgeSummary2', 'sDirectoryDisclaimer1', 'sDirectoryDisclaimer2', 'bDirLetterHead', 'sZeroGivers', 'sZeroGivers2', 'sZeroGivers3', 'iPDFOutputType'],

diff --git a/src/OptionManager.php b/src/OptionManager.php
@@ -17,8 +17,10 @@
 require 'Include/Functions.php';
 
 use ChurchCRM\Authentication\AuthenticationManager;
+use ChurchCRM\dto\SystemConfig;
 use ChurchCRM\model\ChurchCRM\ListOption;
 use ChurchCRM\Utils\InputUtils;
+use ChurchCRM\Utils\LoggerUtils;
 use ChurchCRM\Utils\RedirectUtils;
 
 $mode = trim($_GET['mode']);
@@ -313,6 +315,13 @@
 <table cellpadding="3" width="30%" align="center">
 
 <?php
+    $aInactiveClassificationIds = explode(',', SystemConfig::getValue('sInactiveClassification'));
+    $aInactiveClasses = array_filter($aInactiveClassificationIds, fn ($k) => is_numeric($k));
+
+    if (count($aInactiveClassificationIds) !== count($aInactiveClasses))  {
+        LoggerUtils::getAppLogger()->warning('Encountered invalid configuration(s) for sInactiveClassification, please fix this');
+    }
+
 for ($row = 1; $row <= $numRows; $row++) {
     ?>
     <tr align="center">
@@ -338,6 +347,7 @@
             if ($numRows > 0) {
                 echo "<a href=\"OptionManagerRowOps.php?mode=$mode&Order=$aSeqs[$row]&ListID=$listID&ID=" . $aIDs[$row] . '&Action=delete"><i class="fa fa-times"></i></a>';
             } ?>
+
         </td>
         <td class="TextColumn">
             <span class="SmallText">
@@ -354,6 +364,13 @@
         <?php
         if ($mode == 'grproles') {
             echo '<td class="TextColumn"><input class="form-control input-small" type="button" class="btn btn-default" value="' . gettext('Make Default') . "\" Name=\"default\" onclick=\"javascript:document.location='OptionManagerRowOps.php?mode=" . $mode . '&ListID=' . $listID . '&ID=' . $aIDs[$row] . "&Action=makedefault';\" ></td>";
+        }
+        if ($mode === 'classes') {
+            echo "<td>";
+            $check = in_array($aIDs[$row], $aInactiveClasses) ? "checked" : "";
+            echo "<input id='inactive$aIDs[$row]' type=\"checkbox\" onclick=\"$.get('OptionManagerRowOps.php?mode=$mode&Order=$aSeqs[$row]&ListID=$listID&ID=" . $aIDs[$row] . "&Action=Inactive')\" $check >";
+            echo gettext("Inactive");
+            echo "</td>";
         } ?>
 
     </tr>

diff --git a/src/OptionManagerRowOps.php b/src/OptionManagerRowOps.php
@@ -14,7 +14,9 @@
 require 'Include/Functions.php';
 
 use ChurchCRM\Authentication\AuthenticationManager;
+use ChurchCRM\dto\SystemConfig;
 use ChurchCRM\Utils\InputUtils;
+use ChurchCRM\Utils\LoggerUtils;
 use ChurchCRM\Utils\RedirectUtils;
 
 // Get the Order, ID, Mode, and Action from the querystring
@@ -149,6 +151,24 @@
         RunQuery($sSQL);
         break;
 
+    case 'Inactive':
+        $aInactiveClassificationIds = explode(',', SystemConfig::getValue('sInactiveClassification'));
+        $aInactiveClasses = array_filter($aInactiveClassificationIds, fn ($k) => is_numeric($k));
+
+        if (count($aInactiveClassificationIds) !== count($aInactiveClasses)) {
+            LoggerUtils::getAppLogger()->warning('Encountered invalid configuration(s) for sInactiveClassification, please fix this');
+        }
+
+        if (in_array($iID, $aInactiveClasses)) {
+            unset($aInactiveClasses[array_search($iID, $aInactiveClasses)]);
+        } else {
+            $aInactiveClasses[] = $iID;
+        }
+
+        $sInactiveClasses = implode(',', $aInactiveClasses);
+        SystemConfig::setValue('sInactiveClassification', $sInactiveClasses);
+
+        break;
         // If no valid action was specified, abort
     default:
         RedirectUtils::redirect('v2/dashboard');

diff --git a/src/v2/routes/people.php b/src/v2/routes/people.php
@@ -1,9 +1,11 @@
 <?php
 
+use ChurchCRM\dto\SystemConfig;
 use ChurchCRM\dto\SystemURLs;
 use ChurchCRM\model\ChurchCRM\ListOptionQuery;
 use ChurchCRM\model\ChurchCRM\PersonQuery;
 use ChurchCRM\Utils\InputUtils;
+use ChurchCRM\Utils\LoggerUtils;
 use Psr\Http\Message\ResponseInterface as Response;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Slim\Routing\RouteCollectorProxy;
@@ -58,10 +60,27 @@ function listPeople(Request $request, Response $response, array $args): Response
         $familyActiveStatus = 'all';
     }
 
+    $sInactiveClassificationIds = SystemConfig::getValue('sInactiveClassification');
+
+    if ($sInactiveClassificationIds === '') {
+        //works the same if group doesn't exist and keeps queries tidier
+        $sInactiveClassificationIds = '-1';
+    }
+
+    //parsing the string and reconstruct it back should be enough to mitigate the sql injection vector in here.
+    $aInactiveClassificationIds = explode(',', $sInactiveClassificationIds);
+    $aInactiveClasses = array_filter($aInactiveClassificationIds, fn ($k) => is_numeric($k));
+
+    if (count($aInactiveClassificationIds) !== count($aInactiveClasses)) {
+        LoggerUtils::getAppLogger()->warning('Encountered invalid configuration(s) for sInactiveClassification, please fix this');
+    }
+
+    $sInactiveClasses = implode(',', $aInactiveClasses);
+
     if ($familyActiveStatus === 'active') {
-        $members->leftJoinFamily()->where('family_fam.fam_DateDeactivated is null');
+        $members->leftJoinFamily()->where('(family_fam.fam_DateDeactivated is null) and (per_cls_id not in (' . $sInactiveClasses . ') )');
     } elseif ($familyActiveStatus === 'inactive') {
-        $members->leftJoinFamily()->where('family_fam.fam_DateDeactivated is not null');
+        $members->leftJoinFamily()->where('(family_fam.fam_DateDeactivated is not null) or (per_cls_id in (' . $sInactiveClasses . ') )');
     }
 
     $members->find();