zamzam/pos-gis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
pos-gis/app/Http/Controllers/UserController.php

592 lines
20 KiB
PHP
Raw Permalink Normal View History

init
2024-10-07 06:13:42 +00:00
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\User;
use Response;
use DB;
use Auth, Session;
use Yajra\DataTables\DataTables;
use Illuminate\Support\Facades\Hash;
use Request as Req;
use App\Events\StatusLiked;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Contracts\Encryption\DecryptException;
class UserController extends Controller
{
public function list(Request $request, $type)
{
$checkRole = $this->checkRoleAccess($type);
if ($checkRole == false) {
return view('errors.404');
}
switch ($type) {
case 'user_management':
$view = 'content.user_management.user';
$dataPage['title'] = 'List User Bank';
$dataPage['tableHead'] =
array(
["Role","all","role_name"],
["Username","all","username"],
["E-Mail","all","email"],
["Nama Lengkap","all","full_name"],
["Status","all","status_user"],
["Act","all","action"]
);
break;
}
//REF
$dataPage['ref_role'] = DB::table('groups_admin')->where('is_active','t')->get();
foreach($dataPage['tableHead'] as $v){
$arrHead[] = $v[2];
}
$dataPage['head'] = implode(",",$arrHead);
$dataPage['type'] = $type;
$dataPage['table'] = route('user.data_table',$type);
return $this->bsGetView('content.user.index',$dataPage);
}
public function data_table(Request $request, $type)
{
$checkRole = $this->checkRoleAccess($type);
if ($checkRole == false) {
return view('errors.404');
}
$SessionUser = Session::get('user');
switch ($type) {
case 'user_management':
$data = \DB::select("SELECT users_admin.*,full_name, users_admin.id as admin_id,rsu.description as role_name
FROM users_admin join groups_admin rsu on rsu.id = users_admin.role order by users_admin.id desc");
break;
}
return DataTables::of($data)
->addColumn('action', function ($data) {
$actBlock = '';
$id = Crypt::encryptString($data->admin_id);
if (Auth::user()->role == 1) {
// if ($data->role != 1) {
if ($data->status_user == 'f') {
$actBlock = '<li class="navi-item">
<a onclick="aktifUser(`'.$id.'`)" class="navi-link">
<span class="navi-icon"><i class="la la-check-circle"></i> </span>
<span class="navi-text">Aktifkan User</span>
</a>
</li>';
}else{
$actBlock = '<li class="navi-item">
<a onclick="blockUser(`'.$id.'`)" class="navi-link">
<span class="navi-icon"><i class="la la-ban"></i> </span>
<span class="navi-text">Block User</span>
</a>
</li>';
}
// }
}
return '
<div class="dropdown dropdown-inline">
<a href="javascript:;" class="btn btn-sm btn-clean btn-icon mr-2" data-toggle="dropdown">
<span class="svg-icon svg-icon-md">
<svg width="24px" height="24px" viewBox="0 0 24 24" version="1.1">
<g stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
<rect x="0" y="0" width="24" height="24"/>
<path d="M5,8.6862915 L5,5 L8.6862915,5 L11.5857864,2.10050506 L14.4852814,5 L19,5 L19,9.51471863 L21.4852814,12 L19,14.4852814 L19,19 L14.4852814,19 L11.5857864,21.8994949 L8.6862915,19 L5,19 L5,15.3137085 L1.6862915,12 L5,8.6862915 Z M12,15 C13.6568542,15 15,13.6568542 15,12 C15,10.3431458 13.6568542,9 12,9 C10.3431458,9 9,10.3431458 9,12 C9,13.6568542 10.3431458,15 12,15 Z" fill="#000000"/>
</g>
</svg>
</span>
</a>
<div class="dropdown-menu dropdown-menu-sm dropdown-menu-right">
<ul class="navi flex-column navi-hover py-2">
<li class="navi-header font-weight-bolder text-uppercase font-size-xs text-primary pb-2">
Choose an action:
</li>
<li class="navi-item">
<a onclick="edit(`'.$id.'`)" class="navi-link">
<span class="navi-icon"><i class="la la-edit"></i></span>
<span class="navi-text"> Edit</span>
</a>
</li>
<li class="navi-item">
<a onclick="del(`'.$id.'`)" class="navi-link">
<span class="navi-icon"><i class="la la-trash"></i> </span>
<span class="navi-text">Hapus</span>
</a>
</li>
<li class="navi-item">
<a onclick="resetPassword(`'.$id.'`)" class="navi-link">
<span class="navi-icon"><i class="la la-key"></i> </span>
<span class="navi-text">Reset Password</span>
</a>
</li>
'.$actBlock.'
</ul>
</div>
</div>
';
})
->editColumn('status_user',function($data) {
return ($data->status_user == 't') ? '<span class="label label-success label-inline mr-2">Active</span>':'<span class="label label-danger label-inline mr-2">Blocked</span>';
})
->rawColumns(['status_user','action'])
->make(true);
}
public function act_any(Request $request, $type)
{
$bypassRole = ['changePassword','get_user_detail','store_logout','check_expired_password'];
if (!in_array($type, $bypassRole)) {
if (Auth::guard('admin')->user()->role != 1) {
return view('errors.404');
}
}
// USER
switch ($type) {
case 'user_store':
return $this->act_user_store($request);
break;
case 'user_delete':
return $this->act_user_delete(Crypt::decryptString($request->input('id')));
break;
case 'user_reset_password':
return $this->act_user_reset_password(Crypt::decryptString($request->input('id')));
break;
case 'get_user_detail':
return $this->act_get_user_detail(Crypt::decryptString($request->input('id')));
break;
case 'changePassword':
return $this->act_changePassword($request);
break;
case 'get_notif':
return $this->act_get_notif($request);
break;
case 'read_notif':
return $this->act_read_notif($request);
break;
case 'store_logout':
return $this->act_store_logout($request);
break;
case 'generate_key':
return $this->act_generate_key($request);
break;
case 'user_block':
return $this->act_user_block(Crypt::decryptString($request->input('id')));
break;
case 'user_aktif':
return $this->act_user_aktif(Crypt::decryptString($request->input('id')));
break;
case 'check_expired_password':
return $this->check_expired_password($request);
break;
}
}
public function act_user_store(Request $request)
{
$get = collect(\DB::select("SELECT max(id) as max_id FROM users_admin"))->first();
$id = $request->input('get_id');
if ($id) {
$id = Crypt::decryptString($id);
}
DB::beginTransaction();
try{
// VALIDATE
if ($id == '') {
$checkCode = DB::table('users_admin')->where('username', $request->username)->count();
$checkEmail = DB::table('users_admin')->where('email', $request->email)->count();
if ($checkCode > 0) {
return response()->json([
'rc' => 99,
'rm' => "Username ".$request->username." Sudah Terdaftar"
]);
}
if ($checkEmail > 0) {
return response()->json([
'rc' => 99,
'rm' => "email ".$request->email." Sudah Terdaftar"
]);
}
}else{
$dataCheck = DB::table('users_admin')->where('id',$id)->first();
if ($request->username == $dataCheck->username) {
}else{
$checkCode = DB::table('users_admin')->where('username',$request->username)->count();
$validNMID = ($checkCode > 0) ? false : true;
if ($validNMID == false) {
return response()->json([
'rc' => 99,
'rm' => "Username ".$request->username." Sudah Terdaftar"
]);
}
}
if ($request->email == $dataCheck->email) {
}else{
$checkEmail = DB::table('users_admin')->where('email',$request->email)->count();
$validName = ($checkEmail > 0) ? false : true;
if ($validName == false) {
return response()->json([
'rc' => 99,
'rm' => "email ".$request->email." Sudah Terdaftar"
]);
}
}
}
$oldData = null;
if ($id == "") {
$event = "Tambah User ".$request->input('username');
$data = new User();
$data->id = $get->max_id+1;
$data->status_user = 't';
$data->date_password = date('Y-m-d', strtotime("-62 days"));
$data->password = $this->hashPassword('Admin123');
}else{
$oldData = \DB::table('users_admin')->where('id',$id)->first();
$event = "Ubah User ".$request->input('username');
$data = User::find($id);
$rolename = DB::table('groups_admin')->where('id',$data->role)->first();
$rolename_new = DB::table('groups_admin')->where('id',$request->role)->first();
if ($data->role !== $request->post('role') ) {
$event = 'Change Privilege from '.$rolename->name.' to '.$rolename_new->name;
if ($request->post('role') != 1 && $data->role == 1) {
$this->auditTrailValue($event,"Downgrade Privilege",'users_admin',json_encode($data),json_encode($oldData));
}else{
$this->auditTrailValue($event,"elevation of privilege",'users_admin',json_encode($data),json_encode($oldData));
}
}
}
$data->role = $request->input('role');
$data->phone = $request->input('phone');
$data->email = $this->cleanString($request->input('email'));
$data->full_name = $this->cleanString($request->input('full_name'));
$data->username = $this->cleanString($request->input('username'));
$data->address = $request->input('address');
$data->mid = $request->input('mid');
$data->id_kota = $request->input('id_kota');
$data->save();
$this->auditTrailValue($event,"User Bank",'users_admin',json_encode($data),json_encode($oldData));
DB::commit();
return response()->json([
'rc' => 0,
'rm' => "sukses"
]);
}
catch (QueryException $e){
if($e->getCode() == '23505'){
$response = "Terjadi Duplikasi Data, Data Gagal Disimpan !";
}else{
$response = "Terjadi Kesalahan, Data Tidak Sesuai !";
}
DB::rollback();
return response()->json([
'rc' => 99,
'rm' => $response,
// // 'msg' => $e->getMessage()
]);
}
}
public function act_get_user_detail($id)
{
$data = collect(\DB::select("SELECT * FROM users_admin where id = ?",[$id]))->first();
$data->id = Crypt::encryptString($data->id);
return response()->json([
'rc' => 0,
'data' => $data
]);
}
public function act_user_delete($id)
{
$user = $this->getUserAdmin($id);
$event = "Hapus User ".$user[0]->username;
// $this->auditTrail($event,"User Admin");
$this->auditTrailValue($event,"User Bank",'users_admin',json_encode($user),'');
if ($id == 1) {
return response()->json([
'rc' => 99,
'rm' => "Super Admin Tidak Dapat Dihapus !"
]);
}else {
User::destroy($id);
return response()->json([
'rc' => 0,
'rm' => "Berhasil Dihapus !"
]);
}
}
public function act_user_reset_password($id)
{
$user = $this->getUserAdmin($id);
$event = "Reset Password User ".$user[0]->username;
$this->auditTrail($event,"User Admin");
$data = User::find($id);
$data->password = $this->hashPassword('Admin123');
$data->save();
return response()->json([
'rc' => 0,
'rm' => $user[0]->username." Berhasil di reset password !"
]);
}
public function act_user_block($id)
{
$user = $this->getUserAdmin($id);
$event = "Block User ".$user[0]->username;
$this->auditTrail($event,"User Bank");
$data = User::find($id);
$data->status_user = 'f';
$data->save();
return response()->json([
'rc' => 0,
'rm' => $user[0]->username." Berhasil di Block !"
]);
}
public function act_user_aktif($id)
{
$user = $this->getUserAdmin($id);
$event = "Aktif User ".$user[0]->username;
$this->auditTrail($event,"User Bank");
$data = User::find($id);
$data->status_user = 't';
$data->wrong_password = 0;
$data->save();
return response()->json([
'rc' => 0,
'rm' => $user[0]->username." Berhasil di Aktif !"
]);
}
function act_changePassword(Request $request)
{
$user = $this->getUserAdmin(Auth::guard('admin')->user()->id);
$data = User::find(Auth::guard('admin')->user()->id);
$checkPassword = $this->hashPasswordCheck($request->input('oldPassword'),$data->password);
if ($checkPassword == $data->password) {
if (!preg_match('/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9]).{8,}$/',$request->input('newPassword')))
{
return response()->json([
'rc' => 99,
'rm' => 'Aturan Password Tidak Sesuai !'
]);
}
$getLimit = DB::table('config_map')->where('config_map_id','pass_max_history')->first();
$checkHistoryPassword = DB::table('password_history')
->where('user_admin',Auth::guard('admin')->user()->id)
->limit($getLimit->config_map_val)
->orderByDesc('crtdt')
->get();
foreach ($checkHistoryPassword as $k => $v) {
$checkPasswordOld = $this->hashPasswordCheck($request->input('newPassword'),$v->password);
if ($checkPasswordOld == $v->password) {
return response()->json([
'rc' => 99,
'rm' => 'Password sudah pernah digunakan, gunakan passsword lain.'
]);
}
}
$checkSame = $this->hashPasswordCheck($request->input('newPassword'),$data->password);
if ($checkSame == $data->password) {
return response()->json([
'rc' => 99,
'rm' => 'Password harus berbeda dengan password sebelumnya.'
]);
}
$data->password = $this->hashPassword($request->input('newPassword'));
$data->date_password = date('Y-m-d');
$data->save();
DB::table('password_history')->insert([
'password' => $this->hashPassword($request->input('oldPassword')),
'crtdt' => date('Y-m-d'),
'user_admin' => Auth::guard('admin')->user()->id
]);
$event = "Ubah Password User ".$user[0]->username;
$this->auditTrail($event,"User Admin");
return response()->json([
'rc' => 0,
'rm' => 'Berhasil Merubah Password !'
]);
}
else{
return response()->json([
'rc' => 99,
'rm' => 'Password Lama Tidak Sesuai !'
]);
}
}
public function act_generate_key(Request $request)
{
$data = User::find(Auth::guard('admin')->user()->id);
$data->key = $request->key;
$data->save();
return response()->json([
'rc' => 0,
'rm' => 'Berhasil Generate Key Baru !',
'data' => $request->key
]);
}
function act_get_notif(Request $request)
{
return response()->json([
'rc' => 0
]);
}
public function act_read_notif(Request $request)
{
DB::table('mst_notif')
->where('is_admin', 't')
->update(['is_read' => 1]);
$c_notif = collect(\DB::select("SELECT count(cust_id) as j FROM mst_notif where is_read is null and is_admin = 't' GROUP BY cust_id"))->first();
$numNotif = 0;
if ($c_notif) {
$numNotif = $c_notif->j;
}
return response()->json([
'rc' => 0,
'jumlah' => $numNotif
]);
}
public function act_store_logout(Request $request)
{
$user = DB::table('users_admin')->where('id',Auth::guard('admin')->user()->id)->first();
$event = "Logout User ID:".Auth::guard('admin')->user()->id;
$this->auditTrailLog($event,"Logout Log WEBMIN_BANK",'',json_encode($user),'');
Session::flush();
Auth::guard('admin')->logout();
return response()->json([
'rc' => 0,
'rm' => 'success'
]);
}
public function check_expired_password(Request $request)
{
$check = DB::selectOne('SELECT CURRENT_DATE - date_password + 1 AS days
FROM users_admin
where id = ?',[Auth::guard('admin')->user()->id]);
if ($check->days > 60) {
return response()->json([
'rc' => 99,
'rm' => 'Change Password'
]);
}else{
}
return response()->json([
'rc' => 0,
'rm' => 'success'
]);
}
}
Reference in New Issue Copy Permalink