Initial commit
This commit is contained in:
Senad Uka
197
api-wiaas/server/components/v2/users/UsersHelper.php
Normal file
197
api-wiaas/server/components/v2/users/UsersHelper.php
Normal file
@@ -0,0 +1,197 @@
|
||||
<?php
|
||||
class UsersHelper {
|
||||
|
||||
public function checkRightsToEdit($idUser) {
|
||||
global $database, $user;
|
||||
$userType = $user->getUserType($idUser);
|
||||
|
||||
if($userType === USER_TYPES['BROKER']){
|
||||
return true;
|
||||
}
|
||||
|
||||
return $idUser === $user->getUserId();
|
||||
}
|
||||
|
||||
public function checkRightsToEditCompany($idCompany) {
|
||||
global $database, $user;
|
||||
$sql = "SELECT u.isCompanyAdmin
|
||||
FROM ".TABLES['users']." u
|
||||
WHERE u.id=".$user->getUserId()." AND u.idCompany=".$idCompany;
|
||||
$query = $database->query($sql);
|
||||
$row = $database->fetchArray($query);
|
||||
|
||||
return $row ? $row['isCompanyAdmin'] === '1' : $user->getUserType() === USER_TYPES['BROKER'];
|
||||
}
|
||||
|
||||
/**
|
||||
* validate user data from GUI
|
||||
* @param Array $info all information about the company to be inserted/updated
|
||||
* @return Array empty or error message
|
||||
*/
|
||||
public function validateCompanyData($info){
|
||||
global $database;
|
||||
$data = [];
|
||||
|
||||
foreach (get_object_vars($info) as $key => $value) {
|
||||
$info->{$key} = $database->escapeValue($value);
|
||||
}
|
||||
|
||||
if(!isset($info->idCompany) || empty($info->idCompany)) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'ADD_COMPANY'
|
||||
];
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
if(!isset($info->vatCode) || empty($info->vatCode)) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'ADD_VAT'
|
||||
];
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
$checkMessage = $database->invalidLength('vatCode', $info->vatCode, 20);
|
||||
if($checkMessage){
|
||||
$data['messages'][] = $checkMessage;
|
||||
}
|
||||
|
||||
if(!isset($info->companyName) || empty($info->companyName)) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'ADD_COPMANY_NAME'
|
||||
];
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
$checkMessage = $database->invalidLength('companyName', $info->companyName, 100);
|
||||
if($checkMessage){
|
||||
$data['messages'][] = $checkMessage;
|
||||
}
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
/**
|
||||
* validate user data from GUI
|
||||
* @param String $action add or edit action
|
||||
* @param Array $info all information about the user to be inserted/updated
|
||||
* @param Array $commercialLeads all the commercial leads linked to a customer
|
||||
* @return Array empty or error message
|
||||
*/
|
||||
public function validateUserData($action, $info, $commercialLeads = []) {
|
||||
global $database;
|
||||
$data = [];
|
||||
|
||||
foreach (get_object_vars($info) as $key => $value) {
|
||||
$info->{$key} = $database->escapeValue($value);
|
||||
}
|
||||
|
||||
if(!$info->idUserType) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'SELECT_USER_TYPE'
|
||||
];
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
if(!isset($info->name) || empty($info->name)) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'ADD_NAME'
|
||||
];
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
$checkMessage = $database->invalidLength('name', $info->name, 200);
|
||||
if($checkMessage){
|
||||
$data['messages'][] = $checkMessage;
|
||||
}
|
||||
|
||||
if(!isset($info->phone) || empty($info->phone)) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'INVALID_PHONE_NUMBER'
|
||||
];
|
||||
|
||||
return $data;
|
||||
}
|
||||
if(!preg_match('/^([0-9\(\)\/\+ \-]*)$/', $info->phone)){
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'INVALID_PHONE_NUMBER'
|
||||
];
|
||||
}
|
||||
|
||||
$checkMessage = $database->invalidLength('phone', $info->phone, 40);
|
||||
if($checkMessage){
|
||||
$data['messages'][] = $checkMessage;
|
||||
}
|
||||
|
||||
if($action === 'add'){
|
||||
if($info->idUserType === '2' && empty($commercialLeads)) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'NO_COMMERCIAL_LEAD_LINK'
|
||||
];
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
if(!isset($info->username) || empty($info->username)) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'ADD_USERNAME'
|
||||
];
|
||||
|
||||
return $data;
|
||||
}
|
||||
$checkMessage = $database->invalidLength('username', $info->username, 20);
|
||||
if($checkMessage){
|
||||
$data['messages'][] = $checkMessage;
|
||||
}
|
||||
|
||||
if(!preg_match('/^[a-zA-Z\d\.\-_]+$/',$info->username)) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'INVALID_USERNAME'
|
||||
];
|
||||
}
|
||||
|
||||
$sql = "SELECT username
|
||||
FROM ".TABLES['users']."
|
||||
WHERE username='".$info->username."'
|
||||
LIMIT 1";
|
||||
$result = $database->query($sql);
|
||||
if($database->numRows($result) > 0) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'USERNAME_EXISTS'
|
||||
];
|
||||
}
|
||||
|
||||
if(!isset($info->mail) || empty($info->mail)) {
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'ADD_MAIL'
|
||||
];
|
||||
|
||||
return $data;
|
||||
}
|
||||
if(!filter_var($info->mail, FILTER_VALIDATE_EMAIL)){
|
||||
$data['messages'][] = [
|
||||
'code' => 'error',
|
||||
'message' => 'INVALID_MAIL'
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
return $data;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user