Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

0.2.0.0 functionalizing #910

Closed
wants to merge 40 commits into from
Closed
Show file tree
Hide file tree
Changes from 28 commits
Commits
Show all changes
40 commits
Select commit Hold shift + click to select a range
129fbd3
Credits
o-psi Feb 27, 2024
02ebe84
progress
o-psi Feb 27, 2024
e2e3601
Credits DB updates.
o-psi Feb 27, 2024
0f07759
Update DB
o-psi Mar 6, 2024
0987851
Inventory
o-psi Mar 7, 2024
fb100d6
Sonarcloud Security
o-psi Mar 7, 2024
3187611
Inventory final touches
o-psi Mar 7, 2024
6ae1892
Purchase orders db
o-psi Mar 8, 2024
d9ef80a
Merge branch '0.1.8.5' into credits
o-psi Mar 8, 2024
33fb79f
Merge pull request #8 from twetech/credits
o-psi Mar 8, 2024
905e9b3
Merge branch '0.1.8.5' into Inventory
o-psi Mar 8, 2024
edcbce3
Merge pull request #9 from twetech/Inventory
o-psi Mar 8, 2024
347128a
Fix late fees to use invoice Balance instead of invoice Amount
o-psi Mar 8, 2024
3675c7f
Fix ticket status colors
o-psi Mar 8, 2024
27ac964
Change Colors for ticket statuses
o-psi Mar 8, 2024
9e99704
Merge branch 'itflow-org:master' into 0.1.8.5
o-psi Mar 12, 2024
ce693c1
Fix ticket colors
o-psi Mar 12, 2024
0b30850
Fix for product in expenses
o-psi Mar 12, 2024
29ba039
Merge branch '0.1.8.5' of https://github.com/twetech/itflow into 0.1.8.5
o-psi Mar 12, 2024
477f636
Updates based on comments.
o-psi Mar 12, 2024
b797da8
Fixes mentioned in PR905
o-psi Mar 14, 2024
6490cf6
Add app notification for new ticket replies
o-psi Mar 15, 2024
a599362
Functionify the post handler.
o-psi Mar 17, 2024
1a80e5b
Functionify the post handler
o-psi Mar 17, 2024
1b74584
Sanitize
o-psi Mar 17, 2024
3a0a105
Testing API fixes
o-psi Mar 17, 2024
ce0d8a9
fix for bulk delete
o-psi Mar 17, 2024
669d54f
API key checking
o-psi Mar 17, 2024
4616fa8
Sanitizing
o-psi Mar 17, 2024
35b20b3
Add clients to API V2
o-psi Mar 17, 2024
0928ab4
API V2 Documentation
o-psi Mar 17, 2024
bae20eb
Fix Sonar Bug (Unrelated in cron email parser)
o-psi Mar 17, 2024
2b4ac87
Another sonar bug in email ticket parser
o-psi Mar 17, 2024
5f10b06
Adjust error handling
o-psi Mar 17, 2024
8b0c5c2
Error checking
o-psi Mar 18, 2024
6c84751
Added Invoices and Tickets to API
o-psi Mar 18, 2024
ba5bdfc
Additional API, Fix get setting value
o-psi Mar 19, 2024
19f62ee
Fix Database name
o-psi Mar 19, 2024
8bd6531
Merge pull request #11 from twetech:0.1.8.6
o-psi Mar 19, 2024
53b192d
Merge branch 'master' into 0.2.0.0-functionalizing
o-psi Mar 20, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
108 changes: 108 additions & 0 deletions admin_inventory_locations.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
<?php

// Default Column Sortby Filter
$sort = "inventory_locations_zip";
$order = "ASC";

require_once "inc_all_admin.php";


//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);

$sql = mysqli_query(
$mysqli,
"SELECT * FROM inventory_locations
WHERE inventory_locations_archived_at IS NULL
ORDER BY $sort $order"
);

$num_rows = mysqli_num_rows($sql);

?>

<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fas fa-fw fa-map-marker-alt mr-2"></i>Inventory Locations</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addLocationModal"><i class="fas fa-plus mr-2"></i>New Location</button>
</div>
</div>
<div class="card-body">
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=inventory_locations_name&order=<?php echo $disp; ?>">Name</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=inventory_locations_description&order=<?php echo $disp; ?>">Description</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=inventory_locations_user_id&order=<?php echo $disp; ?>">User Assigned</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=inventory_locations_city&order=<?php echo $disp; ?>">City</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php

while ($row = mysqli_fetch_array($sql)) {
$inventory_locations_id = intval($row['inventory_locations_id']);
$inventory_locations_name = nullable_htmlentities($row['inventory_locations_name']);
$inventory_locations_description = nullable_htmlentities($row['inventory_locations_description']);
$inventory_locations_user_id = intval($row['inventory_locations_user_id']);
$inventory_locations_city = nullable_htmlentities($row['inventory_locations_city']);


//get username for display
$inventory_locations_sql_user = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $inventory_locations_user_id");
$inventory_locations_user = mysqli_fetch_array($inventory_locations_sql_user);
if ($inventory_locations_user) {
$inventory_locations_user_name = nullable_htmlentities($inventory_locations_user['user_name']);
} else {
$inventory_locations_user_name = "Unassigned";
}
?>

<tr>
<td><a class="text-dark text-bold" href="#" data-toggle="modal" data-target="#editTaxModal<?php echo $inventory_locations_id; ?>"><?php echo $inventory_locations_name; ?></a></td>
<td><?php echo $inventory_locations_description; ?></td>
<td><?php echo $inventory_locations_user_name; ?></td>
<td><?php echo $inventory_locations_city; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editLocationModal<?php echo $inventory_locations_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<a class="dropdown-item" href="post.php?archive_inventory_location=<?php echo $inventory_locations_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
</div>
</div>
</td>

<?php

require "admin_inventory_locations_edit_modal.php";

}

if ($num_rows == 0) {
echo "<h3 class='text-secondary mt-3' style='text-align: center'>No Records Here</h3>";
}

?>

</tbody>
</table>

</div>
</div>
</div>

<?php
require_once "admin_inventory_locations_add_modal.php";

require_once "footer.php";

74 changes: 74 additions & 0 deletions admin_inventory_locations_add_modal.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
<div class="modal" id="addLocationModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header text-white">
<h5 class="modal-title"><i class="fas fa-fw fa-map-marker-alt mr-2"></i>New Location</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span aria-hidden="true">&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">

<div class="modal-body bg-white">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<input type="text" class="form-control" name="name" placeholder="Location name" required autofocus>
</div>

<div class="form-group">
<label>Description <strong class="text-danger">*</strong></label>
<input type="text" class="form-control" name="description" placeholder="Description" required>
</div>

<div class="form-group">
<label>Address</label>
<input type="text" class="form-control" name="address" placeholder="Address (Optional)">
</div>

<div class="form-group">
<label>City</label>
<input type="text" class="form-control" name="city" placeholder="City (Optional)">
</div>

<div class="form-group">
<label>State</label>
<input type="text" class="form-control" name="state" placeholder="State (Optional)">
</div>

<div class="form-group">
<label>Zip</label>
<input type="text" class="form-control" name="zip" placeholder="Zip (Optional)">
</div>

<div class="form-group">
<label>Country</label>
<input type="text" class="form-control" name="country" placeholder="Country (Optional)">
</div>

<div class="form-group">
<label>User Assigned<strong class="text-danger">*</strong></label>
<select class="form-control select2" name="user_id" required>
<option value="" selected disabled>Select a user</option>
<?php
$users = mysqli_query($mysqli, "SELECT users.* FROM users
LEFT JOIN inventory_locations ON users.user_id = inventory_locations.inventory_locations_user_id
WHERE user_status = 1 AND user_archived_at IS NULL AND inventory_locations.inventory_locations_user_id IS NULL AND users.user_id != '$inventory_locations_user_id'");
while ($user = mysqli_fetch_array($users)) {
echo "<option value=\"$user[user_id]\">$user[user_name]</option>";
}
if (!mysqli_num_rows($users)) {
echo "<option value=\"\" disabled>No users available</option>";
}
?>
</select>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="add_inventory_locations" class="btn btn-primary text-bold"><i class="fa fa-check mr- 2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>
76 changes: 76 additions & 0 deletions admin_inventory_locations_edit_modal.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
<div class="modal" id="editLocationModal<?php echo $inventory_locations_id;?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header text-white">
<h5 class="modal-title"><i class="fas fa-fw fa-map-marker-alt mr-2"></i>Edit Location</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span aria-hidden="true">&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="inventory_location_id" value="<?php echo $inventory_locations_id; ?>">

<div class="modal-body bg-white">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<input type="text" class="form-control" name="name" value="<?php echo $inventory_locations_name; ?>" placeholder="Location name" required autofocus>
</div>

<div class="form-group">
<label>Description <strong class="text-danger">*</strong></label>
<input type="text" class="form-control" name="description" value="<?php echo $inventory_locations_description; ?>" placeholder="Description" required>
</div>

<div class="form-group">
<label>Address</label>
<input type="text" class="form-control" name="address" value="<?php echo $inventory_locations_address; ?>" placeholder="Address (Optional)">
</div>

<div class="form-group">
<label>City</label>
<input type="text" class="form-control" name="city" value="<?php echo $inventory_locations_city; ?>" placeholder="City (Optional)">
</div>

<div class="form-group">
<label>State</label>
<input type="text" class="form-control" name="state" value="<?php echo $inventory_locations_state; ?>" placeholder="State (Optional)">
</div>

<div class="form-group">
<label>Zip</label>
<input type="text" class="form-control" name="zip" value="<?php echo $inventory_locations_zip; ?>" placeholder="Zip (Optional)">
</div>

<div class="form-group">
<label>Country</label>
<input type="text" class="form-control" name="country" value="<?php echo $inventory_locations_country; ?>" placeholder="Country (Optional)">
</div>

<div class="form-group">
<label>User Assigned<strong class="text-danger">*</strong></label>
<select class="form-control select2" name="user_id" required>
<option value="" selected disabled>Select a user</option>
<?php
$users = mysqli_query($mysqli, "SELECT users.* FROM users
LEFT JOIN inventory_locations ON users.user_id = inventory_locations.inventory_locations_user_id
WHERE user_status = 1 AND user_archived_at IS NULL AND inventory_locations.inventory_locations_user_id IS NULL AND users.user_id != '$inventory_locations_user_id'");
while ($user = mysqli_fetch_array($users)) {
$user_name = nullable_htmlentities($user['user_name']);
$user_id = intval($user['user_id']);
echo "<option value=\"$user[user_id]\">$user[user_name]</option>";
}
// Add the selected attribute to the user that is currently assigned to the location
echo "<option value=\"$inventory_locations_user_id\" selected disabled>$inventory_locations_user_name</option>";
?>
</select>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="edit_inventory_locations" class="btn btn-primary text-bold"><i class="fa fa-check mr- 2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>
9 changes: 9 additions & 0 deletions admin_side_nav.php
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,15 @@
</a>
</li>

<li class="nav-item">
<a href="admin_inventory_locations.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "admin_inventory_locations.php") {
echo "active";
} ?>">
<i class="nav-icon fas fa-map-marker-alt"></i>
<p>Inventory Locations</p>
</a>
</li>

<li class="nav-header mt-3">TEMPLATES</li>

<li class="nav-item">
Expand Down
118 changes: 118 additions & 0 deletions api/v2/api.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
<?php

// api/v2/api.php

/* This file is the entry point for the API.

It receives requests from the client, validates them, and then calls the appropriate function to handle the request.
It then returns the result to the client.

example usage:

GET /api/v2/api.php
{
"object": "asset",
"parameters": {
"asset_id": "all"
},
}

example response:
{

}
*/

require '/var/www/develop.twe.tech/config.php';
require '/var/www/develop.twe.tech/functions.php';
require '/var/www/develop.twe.tech/api/v2/objects.php';

// Check the request method and get the object, parameters, and action from the request
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$object = strtolower(sanitizeInput($_POST['object']));
$parameters = $_POST['parameters'];
$api_key = $_POST['api_key'];
if (!isset($_POST['action'])) {
// Default to create if no action is specified
$action = 'create';
} else {
// Sanitize the action
$action = strtolower(sanitizeInput($_POST['action']));
}
} elseif ($_SERVER['REQUEST_METHOD'] == 'GET') {
$object = strtolower(sanitizeInput($_GET['object']));
$parameters = $_GET['parameters'];
$api_key = $_GET['api_key'];
if (!isset($_GET['action'])) {
// Default to read if no action is specified
$action = 'read';
} else {
// Sanitize the action
$action = strtolower(sanitizeInput($_GET['action']));
}
} else {
// Invalid request method
echo json_encode(['error' => 'Invalid request method']);
exit;
}

// Check if the API key is valid
$api_key_data = tryAPIKey($api_key);
if (isset($api_key_data['api_key_client_id'])) {
$api_client_id = $api_key_data['api_key_client_id'];
}

// Check if action is CRUD
if (!in_array($action, ['create', 'read', 'update', 'delete'])) {
echo json_encode(['error' => 'Invalid action in request']);
exit;
}

// Check the parameters
if (is_string($parameters)) {
$parameters = json_decode($parameters, true);
if (json_last_error() !== JSON_ERROR_NONE) {
// Handle JSON decode error (e.g., invalid JSON format)
echo json_encode(['error' => 'Invalid JSON format in parameters']);
exit;
}
}

// Sanitize the parameters
$sanitized_parameters = [];
foreach ($parameters as $key => $value) {
$sanitized_parameters[sanitizeInput($key)] = sanitizeInput($value);
}
// Replace the parameters with the sanitized parameters
$parameters = $sanitized_parameters;

if (!isset($parameters['api_key_client_id'])) {
$parameters['api_key_client_id'] = $api_client_id;
}
// Check if the object is valid
if (!in_array($object, $valid_objects)) {
echo json_encode(['error' => 'Invalid object in request']);
exit;
}
//Uppercase every first letter of the object
$object = ucwords($object);

// Remove spaces in object
$object = str_replace(' ', '', $object);

// Create function
$function = $action . $object;

if (!function_exists($function)) {
echo json_encode(['error' => 'Invalid function in request']);
exit;
}
if ($action == 'read') {
// Call the function and return the result
echo json_encode($function($parameters));
exit;
} else {
// Call the function and return the result
echo json_encode($function($parameters)['status']);
exit;
}
Loading