From 2feb0e29926034e0694d67efb668a2f29d820fdf Mon Sep 17 00:00:00 2001
From: Daniel Camargo <pererinha@gmail.com>
Date: Wed, 30 Oct 2013 15:54:04 -0200
Subject: [PATCH] partial #1964 - option to create admin users

---
 .../default/cockpit/giftcards/index.php       |   1 +
 .../default/cockpit/permissions/index.php     |  11 +
 .../default/cockpit/permissions/users.php     |  64 ++++++
 .../crunchbutton/api/permissions/users.php    |  68 ++++++
 include/library/Crunchbutton/Admin.php        |  53 +++++
 include/library/Crunchbutton/Admin/Group.php  |  11 +
 include/library/Crunchbutton/Group.php        |  11 +
 .../cockpit/giftcards/groups/index.phtml      |   1 +
 .../views/default/cockpit/layout/core.phtml   |   2 +-
 .../default/cockpit/permissions/index.phtml   |  12 +
 .../cockpit/permissions/users/content.phtml   |  33 +++
 .../cockpit/permissions/users/form.phtml      | 210 ++++++++++++++++++
 .../cockpit/permissions/users/index.phtml     |  68 ++++++
 www/assets/js/admin.js                        |  31 +++
 14 files changed, 575 insertions(+), 1 deletion(-)
 create mode 100644 include/controllers/default/cockpit/permissions/index.php
 create mode 100644 include/controllers/default/cockpit/permissions/users.php
 create mode 100644 include/controllers/default/crunchbutton/api/permissions/users.php
 create mode 100644 include/library/Crunchbutton/Admin/Group.php
 create mode 100644 include/library/Crunchbutton/Group.php
 create mode 100644 include/views/default/cockpit/permissions/index.phtml
 create mode 100644 include/views/default/cockpit/permissions/users/content.phtml
 create mode 100644 include/views/default/cockpit/permissions/users/form.phtml
 create mode 100644 include/views/default/cockpit/permissions/users/index.phtml

diff --git a/include/controllers/default/cockpit/giftcards/index.php b/include/controllers/default/cockpit/giftcards/index.php
index 4866bc8bd..b4e84438a 100644
--- a/include/controllers/default/cockpit/giftcards/index.php
+++ b/include/controllers/default/cockpit/giftcards/index.php
@@ -1,6 +1,7 @@
 <?php
 
 class Controller_giftcards extends Crunchbutton_Controller_Account {
+
 	public function init() {
 
 		if (!c::admin()->permission()->check(['global', 'gift-card-all', 'gift-card-list-page', 'gift-card-list-all'])) {
diff --git a/include/controllers/default/cockpit/permissions/index.php b/include/controllers/default/cockpit/permissions/index.php
new file mode 100644
index 000000000..cd7ee843d
--- /dev/null
+++ b/include/controllers/default/cockpit/permissions/index.php
@@ -0,0 +1,11 @@
+<?php
+
+class Controller_Permissions extends Crunchbutton_Controller_Account {
+
+	public function init() {
+
+		c::view()->display('permissions/index');
+
+	}
+
+}
\ No newline at end of file
diff --git a/include/controllers/default/cockpit/permissions/users.php b/include/controllers/default/cockpit/permissions/users.php
new file mode 100644
index 000000000..7e6b83edc
--- /dev/null
+++ b/include/controllers/default/cockpit/permissions/users.php
@@ -0,0 +1,64 @@
+<?php
+
+class Controller_Permissions_Users extends Crunchbutton_Controller_Account {
+	
+	public function init() {
+		
+		if (!c::admin()->permission()->check(['global','permissions-all', 'permission-users'])) {
+			return ;
+		}
+
+		$action = c::getPagePiece(2);
+
+		switch ( $action ) {
+
+			case 'content':
+				$this->search();
+				break;
+
+			case 'new':
+				$this->form();
+				break;
+
+			case 'remove':
+				$id_admin = $_REQUEST[ 'id_admin' ];
+				$admin = Crunchbutton_Admin::o( $id_admin );
+				if( $admin->id_admin ){
+					$admin->delete();
+				}
+				echo 'ok';
+				break;
+
+			default:
+				if( is_numeric( $action ) ){
+					$this->form();
+					exit;
+				}
+				c::view()->page = 'permissions';
+				c::view()->display('permissions/users/index');
+				break;
+		}
+	
+	}
+
+	private function search(){
+		$search = [];
+		if ( $_REQUEST[ 'name' ] ) {
+			$search[ 'name' ] = $_REQUEST[ 'name' ];
+		}
+		c::view()->admins = Crunchbutton_Admin::find( $search );
+		c::view()->layout( 'layout/ajax' );
+		c::view()->display( 'permissions/users/content' );
+	}
+
+	private function form(){
+		$id_admin = c::getPagePiece(2);
+		if( $id_admin != 'new' ){
+			c::view()->admin = Crunchbutton_Admin::o( $id_admin );
+		} else {
+			c::view()->admin = new Crunchbutton_Admin();
+		}
+		c::view()->display( 'permissions/users/form' );
+	}
+
+}
\ No newline at end of file
diff --git a/include/controllers/default/crunchbutton/api/permissions/users.php b/include/controllers/default/crunchbutton/api/permissions/users.php
new file mode 100644
index 000000000..99d011e20
--- /dev/null
+++ b/include/controllers/default/crunchbutton/api/permissions/users.php
@@ -0,0 +1,68 @@
+<?php
+
+class Controller_api_Permissions_Users extends Crunchbutton_Controller_Rest {
+	
+	public function init() {
+
+		if (!c::admin()->permission()->check(['global','permissions-all', 'permission-users'])) {
+			return ;
+		}
+
+		switch ( $this->method() ) {
+
+			case 'post':
+
+				$id_admin = c::getPagePiece( 3 );
+
+				if( !$id_admin ){
+					if( Crunchbutton_Admin::loginExists( $_REQUEST[ 'login' ] ) ){
+						echo json_encode( [ 'error' => 'login' ] );
+						exit();
+					}
+				}
+
+				$name = $_REQUEST[ 'name' ];
+				$phone = $_REQUEST[ 'phone' ];
+				$txt = $_REQUEST[ 'txt' ];
+				$email = $_REQUEST[ 'email' ];
+				$testphone = $_REQUEST[ 'testphone' ];
+				$timezone = $_REQUEST[ 'timezone' ];
+				$login = $_REQUEST[ 'login' ];
+				$password = $_REQUEST[ 'password' ];
+				$ids_group = $_REQUEST[ 'id_group' ];
+				if( $id_admin ){
+					$admin = Crunchbutton_Admin::o( $id_admin );
+				} else {
+					$admin = new Crunchbutton_Admin();
+				}
+				$admin->name = $name;
+				$admin->phone = $phone;
+				$admin->txt = $txt;
+				$admin->email = $email;
+				$admin->testphone = $testphone;
+				$admin->timezone = $timezone;
+				$admin->login = $login;
+				if( $password != '' ){
+					$admin->password = $password;	
+				}
+				$admin->save();
+				$admin->removeGroups();
+				$ids_group = explode( ',' , $ids_group );
+				if( $ids_group ){
+					foreach ( $ids_group as $id_group ) {
+						$new = new Crunchbutton_Admin_Group();
+						$new->id_admin = $admin->id_admin;
+						$new->id_group = intval( $id_group );
+						$new->save();
+					}
+				}
+				echo json_encode( ['success' => $admin->id_admin ] );
+			break;
+			default:
+				echo json_encode( [ 'error' => 'invalid object' ] );
+			break;
+		}
+	}
+
+		
+}
\ No newline at end of file
diff --git a/include/library/Crunchbutton/Admin.php b/include/library/Crunchbutton/Admin.php
index af31896ca..08e532932 100644
--- a/include/library/Crunchbutton/Admin.php
+++ b/include/library/Crunchbutton/Admin.php
@@ -76,11 +76,64 @@ class Crunchbutton_Admin extends Cana_Table {
 
 		return $this->_communities;
 	}
+
+	public function loginExists( $login ){
+		if( trim( $login ) != '' ){
+			return Crunchbutton_Admin::login( $login );
+		}
+		return false;
+	}
+
+	public function groups(){
+		if( !$this->_groups ){
+			$this->_groups = Crunchbutton_Group::q( "SELECT g.* FROM `group` g INNER JOIN admin_group ag ON ag.id_group = g.id_group AND ag.id_admin = {$this->id_admin} ORDER BY name ASC" );
+		}
+		return $this->_groups;
+	}
+
+	public function removeGroups(){
+		Cana::db()->query( "DELETE FROM `admin_group` WHERE id_admin = {$this->id_admin}" );
+	}
+
+	public function hasGroup( $id_group ){
+		$groups = $this->groups();
+		foreach( $groups as $group ){
+			if( $id_group == $group->id_group ){
+				return true;
+			}
+		}
+		return false;
+	}
+
+	public function groups2str(){
+		$groups = $this->groups();
+		$str = '';
+		$commas = '';
+		foreach( $groups as $group ){
+			$str .= $commas . $group->name;
+			$commas = ', ';
+		}
+		return $str;
+	}
 	
 	public function makePass($pass) {
 		return sha1(c::crypt()->encrypt($pass));
 	}
 
+	public static function find($search = []) {
+
+		$query = 'SELECT `admin`.* FROM `admin` WHERE id_admin IS NOT NULL ';
+		
+		if ( $search[ 'name' ] ) {
+			$query .= " AND name LIKE '%{$search[ 'name' ]}%' ";
+		}
+
+		$query .= " ORDER BY name DESC";
+
+		$gifts = self::q($query);
+		return $gifts;
+	}
+
 	public function __construct($id = null) {
 		parent::__construct();
 		$this
diff --git a/include/library/Crunchbutton/Admin/Group.php b/include/library/Crunchbutton/Admin/Group.php
new file mode 100644
index 000000000..c40942059
--- /dev/null
+++ b/include/library/Crunchbutton/Admin/Group.php
@@ -0,0 +1,11 @@
+<?php
+
+class Crunchbutton_Admin_Group extends Cana_Table {
+	public function __construct($id = null) {
+		parent::__construct();
+		$this
+			->table('admin_group')
+			->idVar('id_admin_group')
+			->load($id);
+	}
+}
\ No newline at end of file
diff --git a/include/library/Crunchbutton/Group.php b/include/library/Crunchbutton/Group.php
new file mode 100644
index 000000000..65b5c4482
--- /dev/null
+++ b/include/library/Crunchbutton/Group.php
@@ -0,0 +1,11 @@
+<?php
+
+class Crunchbutton_Group extends Cana_Table {
+	public function __construct($id = null) {
+		parent::__construct();
+		$this
+			->table('group')
+			->idVar('id_group')
+			->load($id);
+	}
+}
\ No newline at end of file
diff --git a/include/views/default/cockpit/giftcards/groups/index.phtml b/include/views/default/cockpit/giftcards/groups/index.phtml
index 63f6759f1..19b8495c2 100644
--- a/include/views/default/cockpit/giftcards/groups/index.phtml
+++ b/include/views/default/cockpit/giftcards/groups/index.phtml
@@ -41,6 +41,7 @@
 	 </div>
 </div>
 <script>
+
 	$(function() {		
 
 		$(document).on('click', '.admin-giftcard-group-search', function() {
diff --git a/include/views/default/cockpit/layout/core.phtml b/include/views/default/cockpit/layout/core.phtml
index c3bc6926d..5cef16cf2 100644
--- a/include/views/default/cockpit/layout/core.phtml
+++ b/include/views/default/cockpit/layout/core.phtml
@@ -61,7 +61,7 @@
 							</li>
 
 							<li class="divider"></li>
-							<li><a href="#"><i class="icon-off"></i> <span>Logout</span></a></li>
+							<li><a href="http://log:out@<?=$_SERVER['HTTP_HOST']?>"><i class="icon-off"></i> <span>Logout</span></a></li>
 						</ul>
 					</li>
 				</ul>
diff --git a/include/views/default/cockpit/permissions/index.phtml b/include/views/default/cockpit/permissions/index.phtml
new file mode 100644
index 000000000..c7ce1eff9
--- /dev/null
+++ b/include/views/default/cockpit/permissions/index.phtml
@@ -0,0 +1,12 @@
+<?
+	$this->title = 'Permissions';
+	$this->titleicon = 'lock';
+?>
+<!-- content -->
+<div class="container-fluid padded">
+	<div class="row-fluid">
+		<div class="box">
+			
+		</div>
+	</div>
+</div>
\ No newline at end of file
diff --git a/include/views/default/cockpit/permissions/users/content.phtml b/include/views/default/cockpit/permissions/users/content.phtml
new file mode 100644
index 000000000..b6f23f54d
--- /dev/null
+++ b/include/views/default/cockpit/permissions/users/content.phtml
@@ -0,0 +1,33 @@
+<?php 
+$admins = $this->admins;
+?>
+<?php if (!$admins->count()) { ?>
+	No results found
+<?php } else { ?>
+	<table class="table table-normal">
+		<thead>
+			<td>Name</td>
+			<td>Login</td>
+			<td>Group(s)</td>
+			<td>Phone</td>
+			<td>Txt</td>
+			<td>Email</td>
+			<td></td>
+		</thead>
+		<?php foreach ( $admins as $admin ) { ?>
+			<tr>
+				<td><?php echo $admin->name;?> </td>
+				<td><?php echo $admin->login;?> </td>
+				<td><?php echo $admin->groups2str(); ?></td>
+				<td><?php echo $admin->phone; ?></td>
+				<td><?php echo $admin->txt; ?></td>
+				<td><?php echo $admin->email; ?></td>
+				<td style="width:150px;">
+					<a href="/permissions/users/<?php echo $admin->id_admin; ?>" class="btn btn-green"><i class="icon-edit"></i> Edit</a>
+					&nbsp;
+					<button data-id="<?php echo $admin->id_admin; ?>" class="btn admin-user-remove btn-red"><i class="icon-trash"></i> Remove</button>
+				</td>
+			</tr>
+		<?php } ?>
+	</table>
+<?php } ?>
\ No newline at end of file
diff --git a/include/views/default/cockpit/permissions/users/form.phtml b/include/views/default/cockpit/permissions/users/form.phtml
new file mode 100644
index 000000000..c70882ed4
--- /dev/null
+++ b/include/views/default/cockpit/permissions/users/form.phtml
@@ -0,0 +1,210 @@
+<?
+	$this->title = 'Permissions';
+	$this->titleicon = 'lock';
+	$this->titleLink = '/permissions';
+	
+	$this->title2 = 'Users';
+	$this->title2icon = 'user';
+
+	$admin = $this->admin;
+
+?>
+<div class="container-fluid padded">
+	<div class="row-fluid">
+		<div class="span6">
+			<div class="box">
+				<div class="box-header">
+					<span class="title">Admin user</span>
+				</div>
+				<div class="box-content ">
+					<ul class="box-list">
+						<li>
+							<span>Name</span>
+							<span class="pull-right">
+								<input type="text" name="name" maxlength="40" id="name" value="<?php echo $admin->name; ?>" />
+							</span>
+						</li>
+						<li>
+							<span>Phone</span>
+							<span class="pull-right">
+								<input type="text" name="phone" maxlength="12" id="phone" value="<?php echo $admin->phone; ?>" />
+							</span>
+						</li>
+						<li>
+							<span>Text (sms)</span>
+							<span class="pull-right">
+								<input type="text" name="txt" maxlength="12" id="txt" value="<?php echo $admin->txt; ?>" />
+							</span>
+						</li>
+						<li>
+							<span>Email</span>
+							<span class="pull-right">
+								<input type="text" name="email" maxlength="255" id="email" value="<?php echo $admin->email; ?>" />
+							</span>
+						</li>
+						<li>
+							<span>Test phone</span>
+							<span class="pull-right">
+								<input type="text" name="testphone" maxlength="12" id="testphone" value="<?php echo $admin->testphone; ?>" />
+							</span>
+						</li>
+						<li>
+							<span>Timezone</span>
+							<span class="pull-right">
+								<select id="timezone" name="timezone" class="uniform">
+									<option <?php if( $admin->timezone == 'America/New_York' ) { echo 'selected="selected"'; } ?> value="America/New_York">Eastern (America/New_York)</option>
+									<option <?php if( $admin->timezone == 'America/Chicago' ) { echo 'selected="selected"'; } ?> value="America/Chicago">Central (America/Chicago)</option>
+									<option <?php if( $admin->timezone == 'America/Denver' ) { echo 'selected="selected"'; } ?> value="America/Denver">Mountain (America/Denver)</option>
+									<option <?php if( $admin->timezone == 'America/Los_Angeles' ) { echo 'selected="selected"'; } ?> value="America/Los_Angeles">Pacific (America/Los_Angeles)</option>
+								</select>
+							</span>
+						</li>
+					</ul>
+				</div>
+			</div>
+
+			<div class="box">
+				<div class="box-header">
+					<span class="title">Save</span>
+				</div>
+				<div class="box-content ">
+					<ul class="box-list">
+						<li class="input">
+							<button type="submit" class="btn btn-blue admin-save"><i class="icon-save"></i> Save </button> 
+						</li>
+					</ul>
+				</div>
+			</div>
+
+	</div>
+
+	<div class="span6">
+		
+		<div class="box">
+			<div class="box-header">
+				<span class="title">Access</span>
+			</div>
+			<div class="box-content ">
+				<ul class="box-list">
+					<li>
+						<span>Login</span>
+						<span class="pull-right">
+							<input type="text" name="login" <?php if( $admin->id_admin ) { echo 'readonly="readonly"'; } ?> maxlength="40" id="login" value="<?php echo $admin->login; ?>" />
+						</span>
+					</li>
+					<li>
+						<span>Password</span>
+						<span class="pull-right">
+							<input type="text" name="password" maxlength="250" id="password" value="" />
+						</span>
+						<?php if( $admin->id_admin ){ ?>
+							<div class="note">Leave it blank if you don't want to change it!</div>
+						<?php } ?>
+					</li>
+					<li>
+						<label>Group(s)</label>
+						<span>
+							<select id="id_group" class="chzn-select" multiple name="id_group" data-placeholder="Choose a group" style="width:100%;">
+								<? foreach (Crunchbutton_Promo_Group::q('SELECT * FROM `group` ORDER BY name') as $group) { ?>
+									<option <?php if( $admin->id_admin && $admin->hasGroup( $group->id_group ) ){ echo 'selected="selected"'; } ?> value="<?=$group->id_group?>"><?=$group->name?></option>
+								<? } ?>
+							</select>
+						</span>
+					</li>
+				</ul>
+			</div>
+		</div>
+
+	</div>
+</div>
+<script>
+
+$(function() {
+	$(document).on('click', '.admin-save', function() {
+		sendForm();
+	} );
+});
+
+var processing = false;
+
+function sendForm(){
+
+	if( processing ){
+		return;
+	}
+
+	var name = $.trim( $( '#name' ).val() );
+	var phone = $.trim( $( '#phone' ).val() );
+	var txt = $.trim( $( '#txt' ).val() );
+	var email = $.trim( $( '#email' ).val() );
+	var testphone = $.trim( $( '#testphone' ).val() );
+	var timezone = $.trim( $( '#timezone' ).val() );
+	var login = $.trim( $( '#login' ).val() );
+	var password = $.trim( $( '#password' ).val() );
+	var id_group = $.trim( $( '#id_group' ).val() );
+	if( name == '' ){
+		alert( 'Please type a name!' );
+		$( '#name' ).focus();
+		return;
+	}
+	if( login == '' ){
+		alert( 'Please type a login!' );
+		$( '#login' ).focus();
+		return;
+	}
+
+	<?php if( !$admin->id_admin ) { ?>
+
+		if( login == '' ){
+			alert( 'Please type a password!' );
+			$( '#password' ).focus();
+			return;
+		}
+
+	<?php } ?>
+
+	var data = { 	'name' : name, 
+								'phone' : phone,
+								'txt' : txt,
+								'email' : email,
+								'testphone' : testphone,
+								'timezone' : timezone,
+								'login' : login,
+								'password' : password,
+								'id_group' : id_group
+							};
+	
+	processing = true;
+	
+	$( '.admin-save' ).html( '<i class="icon-spinner icon-spin"></i> Please wait' );
+
+	var url = App.service + 'permissions/users/<?php echo $admin->id_admin; ?>';
+	$.ajax({
+		type: "POST",
+		dataType: 'json',
+		data: data,
+		url: url,
+		success: function( json ) {
+			processing = false;
+			if( json.error ){
+				if( json.error == 'login' ){
+					alert( 'This login is already in use!' );
+					$( '#login' ).focus();
+					$( '.admin-save' ).html( '<i class="icon-save"></i> Save ' );
+				} else {
+					alert( 'Error at saving the user!' );
+					$( '.admin-save' ).html( '<i class="icon-save"></i> Save ' );
+				}
+			} else {
+				alert( 'User saved!' );
+				location.href = '/permissions/users/';
+			}
+		},
+		error: function( ){
+			processing = false;
+			alert( 'Error at saving the user!' );
+			$( '.admin-save' ).html( '<i class="icon-save"></i> Save ' );
+		}
+	});
+}
+</script>
\ No newline at end of file
diff --git a/include/views/default/cockpit/permissions/users/index.phtml b/include/views/default/cockpit/permissions/users/index.phtml
new file mode 100644
index 000000000..ab3b1dc20
--- /dev/null
+++ b/include/views/default/cockpit/permissions/users/index.phtml
@@ -0,0 +1,68 @@
+<?
+	$this->title = 'Permissions';
+	$this->titleicon = 'lock';
+	$this->titleLink = '/permissions';
+	
+	$this->title2 = 'Users';
+	$this->title2icon = 'user';
+
+?>
+<!-- content -->
+<div class="container-fluid padded">
+	 <div class="row-fluid">
+			<div class="box">
+				 <div class="box-content">
+						<div class="row-fluid">
+							<div class="span6 separate-sections">
+								 <ul class="padded separate-sections">
+										<li class="input">
+											 <input class="span12" name="name" type="text" value="<?=strip_tags($_REQUEST['name'])?>" placeholder="Name">
+										</li>
+								 </ul>
+							</div>
+							<div class="span6 separate-sections">
+								 <ul class="padded separate-sections">
+										<li><button class="btn btn-blue admin-user-search"><i class="icon-search"></i>&nbsp;&nbsp;&nbsp; Search </button> 
+											 <a href="/permissions/users/new" class="btn btn-green admin-user-new"><i class="icon-user"></i>&nbsp;&nbsp;&nbsp; New User </a> 
+										</li>
+								 </ul>
+							</div>
+						</div>
+				 </div>
+			</div>
+			<div class="box">
+				 <div class="box-header"><span class="title">Results</span></div>
+				 <div class="box-content">
+						<div class="permissions-loader">
+							 <center><i class="icon-spinner icon-spin" style="font-size: 50px;"></i></center>
+						</div>
+						<div class="permissions-content"></div>
+				 </div>
+			</div>
+	 </div>
+</div>
+<script>
+	$(function() {		
+
+		$(document).on('click', '.admin-user-search', function() {
+			App.permissions.admin.load();
+		} );
+
+		$(document).on('keyup', '[name="name"]', function( e ) {
+			if (e.which == 13) {
+				App.permissions.admin.load();
+			}
+		} );
+
+		App.permissions.admin.load();
+
+		$(document).on('click', '.admin-user-remove', function() {
+			var button = $( this );
+			if( confirm( 'Confirm? This action will not remove the user!' ) ){
+				var id_admin = button.attr( 'data-id' );
+				App.permissions.admin.remove( id_admin );
+			} 
+		} );
+
+	});
+</script>
\ No newline at end of file
diff --git a/www/assets/js/admin.js b/www/assets/js/admin.js
index 37766dfa6..4e050795b 100644
--- a/www/assets/js/admin.js
+++ b/www/assets/js/admin.js
@@ -1809,3 +1809,34 @@ App.giftcardsGroup = {
 }
 
 
+App.permissions = {};
+App.permissions.admin = {
+	params: function() {
+		return {
+			name: $('input[name="name"]').val()
+		};
+	},
+	load: function() {
+		$('.permissions-loader').show();
+		$('.permissions-content').html('');
+		$.ajax({
+			url: '/permissions/users/content',
+			data: App.permissions.admin.params(),
+			complete: function(content) {
+				$('.permissions-content').html(content.responseText);
+				$('.permissions-loader').hide();
+			}
+		});
+	},
+	remove: function( id_admin ){
+		$.ajax({
+			url: '/permissions/users/remove',
+			type: "POST",
+			data: { 'id_admin': id_admin } ,
+			complete: function() {
+				App.permissions.admin.load();
+			}
+		});
+	},
+}
+