BE_IBL/application/controllers/nat_report/Permissionmenu.php

<?php
class Permissionmenu extends MY_Controller
{
    var $db;
    public function index()
    {
        echo "AUTH API";
    }
    function corss()
    {
        global $_SERVER;
        if (isset($_SERVER["HTTP_ORIGIN"])) {
            header("Access-Control-Allow-Origin: " . $_SERVER["HTTP_ORIGIN"]);
        } else {
            header("Access-Control-Allow-Origin: */*");
        }
        header("Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS");
        header(
            "Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization"
        );
        if (
            isset($_SERVER["REQUEST_METHOD"]) &&
            $_SERVER["REQUEST_METHOD"] == "OPTIONS"
        ) {
            http_response_code(200);
            echo json_encode("OK");
            exit();
        }
    }
    public function __construct()
    {
        parent::__construct();
        // $this->db = $this->load->database("one_dash", true);
        $this->db->query("use one_dash");
    }
    function get_user()
    {
        $this->corss();
        try {
            if (!$this->isLogin) {
                $this->sys_error("Invalid Token");
                exit;
            }
            $param = $this->sys_input;
            // print_r($param);
            // exit;
            $name = "%%";
            if (isset($param['name'])) {
                $name = trim($param["name"]);

                $name = '%' . $param['name'] . '%';
            }
            $sql = "SELECT M_UserID as userID,
                    M_UserFullName as userName, 
                    M_UserIsAdmin as userIsAdmin,
                    M_UserIsLoggedIn as userIsLogIn
                    FROM m_user 
                    WHERE M_UserIsActive = 'Y'
                    AND M_UserFullName LIKE ?";
            $qry = $this->db->query($sql, [$name]);
            if (!$qry) {
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }
            $rst = $qry->result_array();
            $this->sys_ok(array("records" => $rst));
        } catch (Exception  $exc) {
            $message = $exc->getMessage();
            $this->sys_error($message);
        }
    }

    function get_menu()
    {
        try {
            if (!$this->isLogin) {
                $this->sys_error("Invalid Token");
                exit;
            }
            $sql = "SELECT M_MenuID as menuID, 
                    M_MenuName as menuName 
                    FROM m_menu WHERE 
                    M_MenuIsActive = 'Y'";

            $qry = $this->db->query($sql, []);
            if (!$qry) {
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }
            $rst = $qry->result_array();
            $this->sys_ok(array("records" => $rst));
        } catch (Exception  $exc) {
            $message = $exc->getMessage();
            $this->sys_error($message);
        }
    }

    function get_branch()
    {
        try {
            if (!$this->isLogin) {
                $this->sys_error("Invalid Token");
                exit;
            }
            $sql = "SELECT M_BranchID as branchID, M_BranchName as branchName
                    FROM m_branch WHERE M_BranchIsActive = 'Y'";

            $qry = $this->db->query($sql, []);
            if (!$qry) {
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }
            $rst = $qry->result_array();
            $this->sys_ok(array("records" => $rst));
        } catch (Exception  $exc) {
            $message = $exc->getMessage();
            $this->sys_error($message);
        }
    }
    function get_permission_by_user_id()
    {
        try {
            if (!$this->isLogin) {
                $this->sys_error("Invalid Token");
                exit;
            }
            $param = $this->sys_input;
            $id = "0";
            if (isset($param['id'])) {
                $id = $param["id"];
            }
            $sql = "SELECT M_UserPermissionM_UserID as permissionUserID,
                    M_UserPermissionIsNasional as permissionIsNasional,
                    M_UserPermissionRegionalJSON as permissionRegionalJSON,
                    M_UserPermissionM_MenuID as permissionMenuID
                    FROM m_user_permission WHERE M_UserPermissionIsActive = 'Y'
                    AND M_UserPermissionM_UserID = ?";

            $qry = $this->db->query($sql, [$id]);
            if (!$qry) {
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }
            $rst = $qry->result_array();
            $this->sys_ok(array("records" => $rst));
        } catch (Exception  $exc) {
            $message = $exc->getMessage();
            $this->sys_error($message);
        }
    }
    function add_permission_menu()
    {
        try {
            if (!$this->isLogin) {
                $this->sys_error("Invalid Token");
                exit;
            }
            $param = $this->sys_input;
            $user_id = "0";
            if (isset($param['user_id'])) {
                $user_id = $param["user_id"];
            }
            $menu_id = "0";
            if (isset($param['menu_id'])) {
                $menu_id = $param["menu_id"];
            }
            $value = "0";
            if (isset($param['value'])) {
                $value = $param["value"];
            }
            if ($user_id == "0" || $menu_id == "0" || $value == "0") {
                $this->sys_error("User ID, Menu ID & value are mandatory");
            }
            $active = "N";
            if ($value == "true") {
                $active = 'Y';
            }
            $sql_cek = "SELECT * FROM m_user_permission 
                        WHERE M_UserPermissionM_UserID = ?
                        AND M_UserPermissionM_MenuID = ?";
            $qry_cek = $this->db->query($sql_cek, [$user_id, $menu_id]);
            if (!$qry_cek) {
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }
            $rst_cek = $qry_cek->result_array();

            $sql_branch = "SELECT M_BranchID as branchID, M_BranchName as branchName
                    FROM m_branch WHERE M_BranchIsActive = 'Y'";

            $qry_branch = $this->db->query($sql_branch, []);
            if (!$qry_branch) {
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }
            $rst_branch = $qry_branch->result_array();
            $branchJSON = "[]";
            // {"branchID":"0","branchName":"Nasional","isActive":"false"}
            if ($menu_id == "1") {
                for ($i = 0; $i < count($rst_branch); $i++) {
                    $rst_branch[$i]["isActive"] = "true";
                }
                array_push($rst_branch, array("branchID" => "0", "branchName" => "Nasional", "isActive" => "true"));
                $branchJSON = json_encode($rst_branch);
            }
            $isNasional = "N";
            if ($menu_id == "1") {
                $isNasional = 'Y';
                $sql_update = "UPDATE m_user SET M_UserIsAdmin =?
                                WHERE M_UserID = ?";
                $qry_update = $this->db->query($sql_update, [$active, $user_id]);
                if (!$qry_update) {
                    $error = array(
                        "message" => $this->db->error()["message"],
                        "sql" => $this->db->last_query()
                    );
                    $this->sys_error_db($error);
                    exit;
                }
            }
            if (count($rst_cek) == 0) {
                //insert ke menu 
                $sql_insert = "INSERT INTO m_user_permission 
                                (M_UserPermissionIsNasional,
                                M_UserPermissionM_UserID,
                                M_UserPermissionRegionalJSON,
                                M_UserPermissionM_MenuID)
                                VALUES(?,?,?,?)";
                $qry_insert = $this->db->query($sql_insert, [$isNasional, $user_id, $branchJSON, $menu_id]);
                if (!$qry_insert) {
                    $error = array(
                        "message" => $this->db->error()["message"],
                        "sql" => $this->db->last_query()
                    );
                    $this->sys_error_db($error);
                    exit;
                }
            } else {
                $sql_update = "UPDATE m_user_permission 
                                    SET M_UserPermissionIsActive = ?,
                                    M_UserPermissionIsNasional = ?,
                                    M_UserPermissionRegionalJSON = ?
                                    WHERE M_UserPermissionM_UserID = ? 
                                    AND M_UserPermissionM_MenuID = ?";
                $qry_update = $this->db->query($sql_update, [$active, $isNasional, $branchJSON, $user_id, $menu_id]);
                if (!$qry_update) {
                    $error = array(
                        "message" => $this->db->error()["message"],
                        "sql" => $this->db->last_query()
                    );
                    $this->sys_error_db($error);
                    exit;
                }
            }

            $this->sys_ok("Success");
        } catch (Exception  $exc) {
            $message = $exc->getMessage();
            $this->sys_error($message);
        }
    }

    function add_permission_branch()
    {
        try {
            if (!$this->isLogin) {
                $this->sys_error("Invalid Token");
                exit;
            }
            $param = $this->sys_input;
            $user_id = "0";
            if (isset($param['user_id'])) {
                $user_id = $param["user_id"];
            }
            $menu_id = "0";
            if (isset($param['menu_id'])) {
                $menu_id = $param["menu_id"];
            }
            $json = "0";
            if (isset($param['json'])) {

                $json = $param["json"];
            }
            $isNasional = "N";
            if (isset($param['is_nasional'])) {
                $isNasional = $param["is_nasional"];
            }

            if ($user_id == "0" || $menu_id == "0" || $json == "0") {
                $this->sys_error("User ID, Menu ID & json are mandatory");
            }
            $sql_cek = "SELECT * FROM m_user_permission 
                        WHERE M_UserPermissionM_UserID = ?
                        AND M_UserPermissionM_MenuID = ?
                        AND M_UserPermissionIsActive = 'Y'";
            $qry_cek = $this->db->query($sql_cek, [$user_id, $menu_id]);
            if (!$qry_cek) {
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }
            $rst_cek = $qry_cek->result_array();
            if (count($rst_cek) > 0) {

                $sql_update = "UPDATE m_user_permission SET
                                M_UserPermissionIsNasional = ?
                                WHERE M_UserPermissionM_MenuID = ?
                                AND M_UserPermissionM_UserID = ?";
                $qry_update = $this->db->query($sql_update, [$isNasional, $menu_id, $user_id]);
                if (!$qry_update) {
                    $error = array(
                        "message" => $this->db->error()["message"],
                        "sql" => $this->db->last_query()
                    );
                    $this->sys_error_db($error);
                    exit;
                }

                $sql_update = "UPDATE m_user_permission SET
                            M_UserPermissionRegionalJSON= ?
                            WHERE M_UserPermissionM_MenuID = ?
                            AND M_UserPermissionM_UserID = ?";
                $qry_update = $this->db->query($sql_update, [$json, $menu_id, $user_id]);
                if (!$qry_update) {
                    $error = array(
                        "message" => $this->db->error()["message"],
                        "sql" => $this->db->last_query()
                    );
                    $this->sys_error_db($error);
                    exit;
                }
                $this->sys_ok("Success");
            } else {
                $this->sys_error("No data match");
            }
        } catch (Exception  $exc) {
            $message = $exc->getMessage();
            $this->sys_error($message);
        }
    }
    function get_permission_branch_by_id()
    {
        try {
            if (!$this->isLogin) {
                $this->sys_error("Invalid Token");
                exit;
            }
            $param = $this->sys_input;
            $user_id = "0";
            if (isset($param['user_id'])) {
                $user_id = $param["user_id"];
            }
            $menu_id = "0";
            if (isset($param['menu_id'])) {
                $menu_id = $param["menu_id"];
            }
            $sql = "SELECT 
                    M_UserPermissionRegionalJSON as permissionRegionalJSON
                    FROM m_user_permission WHERE M_UserPermissionIsActive = 'Y'
                    AND M_UserPermissionM_UserID = ? AND M_UserPermissionM_MenuID = ?";

            $qry = $this->db->query($sql, [$user_id, $menu_id]);
            if (!$qry) {
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }
            $rst = $qry->row_array();
            $result = json_decode($rst['permissionRegionalJSON']);
            // print_r(count($result));
            if (count($result) == 0) {
                $result = [];
            }
            $this->sys_ok(array("records" => $result));
        } catch (Exception  $exc) {
            $message = $exc->getMessage();
            $this->sys_error($message);
        }
    }
}