ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #595 from wrongecho/role-enf

Browse Source 
Role enforcement - Reporting
This commit is contained in:
Johnny
2023-02-02 04:19:24 +00:00
committed by GitHub
parent 124439e777 baf03d46ac
commit 00c3537f08
9 changed files with 938 additions and 920 deletions
Download Patch File Download Diff File Expand all files Collapse all files
functions.php
+2
View File
@@ -474,6 +474,7 @@ function validateAdminRole() {
} }
} }
// Validates a user is a tech (or admin). Stops page load and attempts to direct away from the page if not (i.e. user is an accountant)
function validateTechRole() { function validateTechRole() {
if (!isset($_SESSION['user_role']) || $_SESSION['user_role'] == 1) { if (!isset($_SESSION['user_role']) || $_SESSION['user_role'] == 1) {
$_SESSION['alert_type'] = "danger"; $_SESSION['alert_type'] = "danger";
@@ -483,6 +484,7 @@ function validateTechRole() {
} }
} }
// Validates a user is an accountant (or admin). Stops page load and attempts to direct away from the page if not (i.e. user is a tech)
function validateAccountantRole() { function validateAccountantRole() {
if (!isset($_SESSION['user_role']) || $_SESSION['user_role'] == 2) { if (!isset($_SESSION['user_role']) || $_SESSION['user_role'] == 2) {
$_SESSION['alert_type'] = "danger"; $_SESSION['alert_type'] = "danger";
report_expense_by_vendor.php
+8 -6
View File
@@ -1,15 +1,17 @@
<?php include("inc_all_reports.php"); ?>
<?php <?php
include("inc_all_reports.php");
validateAccountantRole();
if (isset($_GET['year'])) { if (isset($_GET['year'])) {
$year = intval($_GET['year']); $year = intval($_GET['year']);
}else{ } else {
$year = date('Y'); $year = date('Y');
} }
if (isset($_GET['year'])) { if (isset($_GET['year'])) {
$year = intval($_GET['year']); $year = intval($_GET['year']);
}else{ } else {
$year = date('Y'); $year = date('Y');
} }
@@ -19,7 +21,7 @@ $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE company_id = $s
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-building"></i> Expense By Vendor</h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-building"></i> Expense By Vendor</h3>
<div class="card-tools"> <div class="card-tools">
@@ -78,6 +80,6 @@ $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE company_id = $s
</table> </table>
</div> </div>
</div> </div>
</div> </div>
<?php include("footer.php"); ?> <?php require_once("footer.php"); ?>
report_expense_summary.php
+7 -4
View File
@@ -1,14 +1,17 @@
<?php include("inc_all_reports.php"); <?php
require_once("inc_all_reports.php");
validateAccountantRole();
if (isset($_GET['year'])) { if (isset($_GET['year'])) {
$year = intval($_GET['year']); $year = intval($_GET['year']);
}else{ } else {
$year = date('Y'); $year = date('Y');
} }
if (isset($_GET['year'])) { if (isset($_GET['year'])) {
$year = intval($_GET['year']); $year = intval($_GET['year']);
}else{ } else {
$year = date('Y'); $year = date('Y');
} }
@@ -130,7 +133,7 @@ $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_
</div> </div>
</div> </div>
<?php include("footer.php"); ?> <?php require_once("footer.php"); ?>
<script> <script>
// Set new default font family and font color to mimic Bootstrap's default styling // Set new default font family and font color to mimic Bootstrap's default styling
report_income_by_client.php
+6 -4
View File
@@ -1,15 +1,17 @@
<?php include("inc_all_reports.php"); ?>
<?php <?php
require_once("inc_all_reports.php");
validateAccountantRole();
if (isset($_GET['year'])) { if (isset($_GET['year'])) {
$year = intval($_GET['year']); $year = intval($_GET['year']);
}else{ } else {
$year = date('Y'); $year = date('Y');
} }
if (isset($_GET['year'])) { if (isset($_GET['year'])) {
$year = intval($_GET['year']); $year = intval($_GET['year']);
}else{ } else {
$year = date('Y'); $year = date('Y');
} }
@@ -80,4 +82,4 @@ $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $s
</div> </div>
</div> </div>
<?php include("footer.php"); ?> <?php require_once("footer.php"); ?>
report_income_summary.php
+4 -2
View File
@@ -1,6 +1,8 @@
<?php include("inc_all_reports.php"); ?>
<?php <?php
require_once("inc_all_reports.php");
validateAccountantRole();
if (isset($_GET['year'])) { if (isset($_GET['year'])) {
$year = intval($_GET['year']); $year = intval($_GET['year']);
} else { } else {
@@ -148,7 +150,7 @@ $sql_categories = mysqli_query($mysqli, "SELECT * FROM categories WHERE category
</div> </div>
</div> </div>
<?php include("footer.php"); ?> <?php require_once("footer.php"); ?>
<script> <script>
// Set new default font family and font color to mimic Bootstrap's default styling // Set new default font family and font color to mimic Bootstrap's default styling
report_profit_loss.php
+7 -6
View File
@@ -1,10 +1,11 @@
<?php include("inc_all_reports.php"); ?>
<?php <?php
require_once("inc_all_reports.php");
validateAccountantRole();
if (isset($_GET['year'])) { if (isset($_GET['year'])) {
$year = intval($_GET['year']); $year = intval($_GET['year']);
}else{ } else {
$year = date('Y'); $year = date('Y');
} }
@@ -18,7 +19,7 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-balance-scale"></i> Profit & Loss</h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-balance-scale"></i> Profit & Loss</h3>
<div class="card-tools"> <div class="card-tools">
@@ -425,6 +426,6 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
</table> </table>
</div> </div>
</div> </div>
</div> </div>
<?php include("footer.php"); <?php require_once("footer.php");
report_recurring_by_client.php
+5 -2
View File
@@ -1,4 +1,7 @@
<?php include("inc_all_reports.php"); <?php
require_once("inc_all_reports.php");
validateAccountantRole();
$sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id"); $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id");
@@ -64,4 +67,4 @@ $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $s
</div> </div>
</div> </div>
<?php include("footer.php"); ?> <?php require_once("footer.php"); ?>
report_tax_summary.php
+7 -6
View File
@@ -1,10 +1,11 @@
<?php include("inc_all_reports.php"); ?>
<?php <?php
require_once("inc_all_reports.php");
validateAccountantRole();
if (isset($_GET['year'])) { if (isset($_GET['year'])) {
$year = intval($_GET['year']); $year = intval($_GET['year']);
}else{ } else {
$year = date('Y'); $year = date('Y');
} }
@@ -15,7 +16,7 @@ $sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-balance-scale"></i> Collected Tax Summary</h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-balance-scale"></i> Collected Tax Summary</h3>
<div class="card-tools"> <div class="card-tools">
@@ -272,6 +273,6 @@ $sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session
</table> </table>
</div> </div>
</div> </div>
</div> </div>
<?php include("footer.php"); <?php require_once("footer.php");
reports_side_nav.php
+2
View File
@@ -16,6 +16,7 @@
</a> </a>
</li> </li>
<?php if ($session_user_role == 1 || $session_user_role == 3) { ?>
<li class="nav-header">FINANCIAL</li> <li class="nav-header">FINANCIAL</li>
<li class="nav-item"> <li class="nav-item">
@@ -60,6 +61,7 @@
<p>Profit & Loss</p> <p>Profit & Loss</p>
</a> </a>
</li> </li>
<?php } // End financial reports IF statement ?>
</ul> </ul>