bug fixes

Author: akhileshdarjee

app/Http/Controllers/FormController.php

@@ -43,9 +43,14 @@ public function showForm($module, $user_role)
             $perms = ['create' => true, 'update' => true, 'delete' => true];
         } else {
             $perms = [];
-            $perms['create'] = $this->roleWiseModules($user_role, "Create", $module['name']);
-            $perms['update'] = $this->roleWiseModules($user_role, "Update", $module['name']);
-            $perms['delete'] = $this->roleWiseModules($user_role, "Delete", $module['name']);
+
+            if ($module['link_field_value']) {
+                $perms['create'] = $this->roleWiseModules($user_role, "Create", $module['name']);
+            } else {
+                $perms['create'] = $this->roleWiseModules($user_role, "Create", $module['name']);
+                $perms['update'] = $this->roleWiseModules($user_role, "Update", $module['name']);
+                $perms['delete'] = $this->roleWiseModules($user_role, "Delete", $module['name']);
+            }
         }
 
         // Shows an existing record
@@ -178,6 +183,53 @@ public function showForm($module, $user_role)
                         }
                     }
                 }
+
+                $update_perms = $this->moduleWisePermissions($user_role, "Update", $module['name']);
+                $delete_perms = $this->moduleWisePermissions($user_role, "Delete", $module['name']);
+
+                if ($update_perms) {
+                    $can_update = true;
+
+                    foreach ($update_perms as $column_name => $column_value) {
+                        if (is_array($column_value)) {
+                            if (!in_array($data[$module['table_name']]->{$column_name}, $column_value)) {
+                                $can_update = false;
+                                break;
+                            }
+                        } else {
+                            if ($data[$module['table_name']]->{$column_name} != $column_value) {
+                                $can_update = false;
+                                break;
+                            }
+                        }
+                    }
+
+                    $perms['update'] = $can_update;
+                } else {
+                    $perms['update'] = false;
+                }
+
+                if ($delete_perms) {
+                    $can_delete = true;
+
+                    foreach ($delete_perms as $column_name => $column_value) {
+                        if (is_array($column_value)) {
+                            if (!in_array($data[$module['table_name']]->{$column_name}, $column_value)) {
+                                $can_delete = false;
+                                break;
+                            }
+                        } else {
+                            if ($data[$module['table_name']]->{$column_name} != $column_value) {
+                                $can_delete = false;
+                                break;
+                            }
+                        }
+                    }
+
+                    $perms['delete'] = $can_delete;
+                } else {
+                    $perms['delete'] = false;
+                }
             } else {
                 session()->flash('success', false);
                 return $this->sendResponse(401, __('You are not authorized to view this record'));
@@ -372,8 +424,8 @@ public function saveDataInDb($form_data, $module, $action)
 
         // save parent data and child table data if found
         foreach ($form_data as $form_table => $form_table_data) {
+            // this is parent table
             if ($form_table == $module['table_name']) {
-                // this is parent table
                 if ($action == "create") {
                     $can_create = true;
 
@@ -483,10 +535,7 @@ public function saveDataInDb($form_data, $module, $action)
                         unset($child_record['action']);
 
                         if (count($child_record)) {
-                            if (!isset($child_record[$module['child_foreign_key']])) {
-                                $child_record[$module['child_foreign_key']] = $module['link_field_value'];
-                            }
-
+                            $child_record[$module['child_foreign_key']] = $module['link_field_value'];
                             $result = DB::table($form_table)->insertGetId($child_record);
                             $form_data[$form_table][$idx]['id'] = $result;
                         }

app/Http/Controllers/ReportController.php

@@ -23,7 +23,13 @@ public function show()
             $app_reports = config('reports');
 
             foreach ($app_reports as $report_name => $report) {
-                if (isset($report['allowed_roles']) && $report['allowed_roles'] && !in_array(auth()->user()->role, $report['allowed_roles'])) {
+                $allowed_roles = ['Administrator', 'System Administrator'];
+
+                if (isset($report['allowed_roles']) && $report['allowed_roles']) {
+                    $allowed_roles = array_merge($allowed_roles, $report['allowed_roles']);
+                }
+
+                if (!in_array(auth()->user()->role, $allowed_roles)) {
                     unset($app_reports[$report_name]);
                 }
             }
@@ -46,7 +52,13 @@ public function showReport(Request $request, $report_name)
                 return redirect()->route('home')->with('msg', __('No such report found'));
             }
 
-            if (isset($report_config['allowed_roles']) && !in_array($user_role, $report_config['allowed_roles'])) {
+            $allowed_roles = ['Administrator', 'System Administrator'];
+
+            if (isset($report_config['allowed_roles']) && $report_config['allowed_roles']) {
+                $allowed_roles = array_merge($allowed_roles, $report_config['allowed_roles']);
+            }
+
+            if (!in_array($user_role, $allowed_roles)) {
                 return redirect()->route('home')->with('msg', __('You are not authorized to view') . ' "' . __(awesome_case($report_name)) . '"');
             }
 

app/Http/Controllers/UserController.php

@@ -39,14 +39,14 @@ public function beforeSave($request)
     {
         // set full name
         if ($request->filled('first_name')) {
-            $full_name = $request->get('first_name');
+            $full_name = trim($request->get('first_name'));
 
             if ($request->filled('title')) {
-                $full_name = $request->get('title') . ' ' . $full_name;
+                $full_name = trim($request->get('title')) . ' ' . $full_name;
             }
 
             if ($request->filled('last_name')) {
-                $full_name = $full_name . ' ' . $request->get('last_name');
+                $full_name = $full_name . ' ' . trim($request->get('last_name'));
             }
 
             $request->offsetSet('full_name', $full_name);
@@ -83,25 +83,27 @@ public function afterSave($data)
     // check if username is already registered
     public function validateUsername($request)
     {
-        if ($request->get('username')) {
+        if ($request->filled('username')) {
+            $username = trim($request->get('username'));
+            $email = $request->filled('email') ? trim($request->get('email')) : null;
             $user_details = User::select('username', 'email');
 
-            if ($request->id) {
-                $user_details = $user_details->where('id', '!=', $request->get('id'));
+            if ($request->filled('id')) {
+                $user_details = $user_details->where('id', '!=', trim($request->get('id')));
             }
 
-            $user_details = $user_details->where(function($query) use ($request) {
-                    $query->where('username', $request->get('username'))
-                        ->orWhere('email', $request->get('email'));
+            $user_details = $user_details->where(function($query) use ($username, $email) {
+                    $query->where('username', $username)
+                        ->orWhere('email', $email);
                 })
                 ->first();
 
             if ($user_details) {
                 session()->flash('success', false);
 
-                if ($user_details->username == $request->get('username')) {
+                if ($user_details->username == $username) {
                     $msg = __('Username') . ': "' . $user_details->username . '" ' . __('is already registered') . '.';
-                } elseif ($user_details->email == $request->get('email')) {
+                } elseif ($user_details->email == $email) {
                     $msg = __('Email') . ': "' . $user_details->email . '" ' . __('is already registered') . '.';
                 }
 

public/js/origin/form.js

@@ -8,7 +8,7 @@ $(document).ready(function() {
 
     $('body').on('change', '[name="name"]', function() {
         var module_name = $(this).val().replace(/\s/g, "");
-        var slug = module_name.slugify();
+        var slug = module_name.replace(/(?:^|\.?)([A-Z])/g, function (x,y){return "_" + y.toLowerCase()}).replace(/^_/, "");
 
         if (!$.trim($('body').find('[name="display_name"]').val())) {
             $('body').find('[name="display_name"]').val(module_name).trigger('change');

public/js/origin/module.js

@@ -4,7 +4,7 @@
     "/js/origin/activity.js": "/js/origin/activity.js?id=dc15b37e29b43478f020",
     "/js/origin/backups.js": "/js/origin/backups.js?id=1a6e72395cc52b9c6f46",
     "/js/origin/list_view.js": "/js/origin/list_view.js?id=6d41e6050c514b218b55",
-    "/js/origin/form.js": "/js/origin/form.js?id=05ec79f6dbb474c1e12c",
+    "/js/origin/form.js": "/js/origin/form.js?id=65803faf33225e619058",
     "/css/origin/report_view.css": "/css/origin/report_view.css?id=81a0f9e22b611185cb5b",
     "/js/origin/report_view.js": "/js/origin/report_view.js?id=5574089dce9259ad7747"
 }

public/mix-manifest.json

@@ -179,6 +179,7 @@ function makeFieldsReadable() {
 
     $.each($form_elements, function(index, element) {
         var ele_type = $(element).attr("type");
+        var ele_name = $(element).attr("name");
         var is_input_group = false;
 
         if (!["hidden", "file"].contains(ele_type)) {
@@ -212,10 +213,10 @@ function makeFieldsReadable() {
                         ele_val = $.trim($(input_group).find('.input-group-text').html()) + '<span class="ml-2">' + ele_val + '</span>';
                     }
 
-                    new_control = '<p class="form-control-static origin-static">' + ele_val + '</p>';
+                    new_control = '<p class="form-control-static origin-static" data-name="' + ele_name + '">' + ele_val + '</p>';
                 }
                 else {
-                    new_control = '<p class="form-control-static origin-static">' + ele_val + '</p>';
+                    new_control = '<p class="form-control-static origin-static" data-name="' + ele_name + '">' + ele_val + '</p>';
                 }
             }
 

resources/js/origin/form.js

@@ -48,7 +48,7 @@
                                     <label class="custom-control-label remember-me" for="remember-me"> {{ __('Remember Me') }}</label>
                                 </div>
                             </div>
-                            <div class="col-5">
+                            <div class="col-5 text-right">
                                 <a href="{{ route('password.request') }}" class="text-sm">
                                     {{ __('Forgot password') }}?
                                 </a>