galads/icehrm
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Attendance and Employee API

Browse Source
This commit is contained in:
gamonoid
2017-11-25 20:16:06 +01:00
parent 17f9d23e31
commit 732a2d7aa3
16 changed files with 560 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
src/Attendance/Admin/Api/AttendanceAdminManager.php
View File

@@ -2,6 +2,7 @@
namespace Attendance\Admin\Api;
use Attendance\Common\Model\Attendance;
use Attendance\Rest\AttendanceRestEndPoint;
use Classes\AbstractModuleManager;
use Classes\UIManager;
@@ -26,6 +27,49 @@ class AttendanceAdminManager extends AbstractModuleManager
$this->addModelClass('AttendanceStatus');
}
public function setupRestEndPoints()
{
\Classes\Macaw::get(REST_API_PATH.'attendance/(:num)', function ($pathParams) {
$restEndPoint = new AttendanceRestEndPoint();
$restEndPoint->process('get', $pathParams);
});
\Classes\Macaw::get(REST_API_PATH.'attendance', function ($pathParams) {
$restEndPoint = new AttendanceRestEndPoint();
$restEndPoint->process('list', $pathParams);
});
\Classes\Macaw::get(REST_API_PATH.'employee/(:num)/attendance', function ($pathParams) {
$restEndPoint = new AttendanceRestEndPoint();
$restEndPoint->process('listEmployeeAttendance', $pathParams);
});
\Classes\Macaw::post(REST_API_PATH.'attendance', function ($pathParams) {
$restEndPoint = new AttendanceRestEndPoint();
$restEndPoint->process('post', $pathParams);
});
\Classes\Macaw::delete(REST_API_PATH.'attendance/(:num)', function ($pathParams) {
$restEndPoint = new AttendanceRestEndPoint();
$restEndPoint->process('delete', $pathParams);
});
\Classes\Macaw::post(REST_API_PATH.'attendance/punch-in', function ($pathParams) {
$restEndPoint = new AttendanceRestEndPoint();
$restEndPoint->process('punchIn', $pathParams);
});
\Classes\Macaw::get(REST_API_PATH.'employee/(:num)/open-punch-in/(:any)', function ($employeeId, $date) {
$restEndPoint = new AttendanceRestEndPoint();
$restEndPoint->process('getOpenPunch', [$employeeId, $date]);
});
\Classes\Macaw::post(REST_API_PATH.'attendance/punch-out', function ($pathParams) {
$restEndPoint = new AttendanceRestEndPoint();
$restEndPoint->process('punchOut', $pathParams);
});
}
public function getDashboardItemData()
{
$data = array();

5
src/Attendance/User/Api/AttendanceActionManager.php
View File

@@ -32,8 +32,8 @@ class AttendanceActionManager extends SubActionManager
//Find any open punch
$attendance = new Attendance();
$attendance->Load(
"employee = ? and DATE_FORMAT( in_time, '%Y-%m-%d' ) = ?
and (out_time is NULL or out_time = '0000-00-00 00:00:00')",
"employee = ? and DATE_FORMAT( in_time, '%Y-%m-%d' ) = ? and (out_time is NULL
or out_time = '0000-00-00 00:00:00')",
array($employee->id,$date)
);
@@ -135,6 +135,7 @@ class AttendanceActionManager extends SubActionManager
$this->baseService->audit(IceConstants::AUDIT_ACTION, "Punch Out \ time:".$openPunch->out_time);
} else {
$openPunch->in_time = $dateTime;
//$openPunch->out_time = '0000-00-00 00:00:00';
$openPunch->note = $req->note;
$openPunch->image_in = $req->image;
$openPunch->employee = $employee->id;

39
src/Classes/BaseService.php
View File

@@ -72,6 +72,7 @@ class BaseService
public $customFieldManager = null;
public $migrationManager = null;
public $modelClassMap = array();
public $currentProfileId = false;
private static $me = null;
@@ -187,6 +188,14 @@ class BaseService
return $this->getFullQualifiedModelClassName($name);
}
/**
* @param boolean $currentProfileId
*/
public function setCurrentProfileId($currentProfileId)
{
$this->currentProfileId = $currentProfileId;
}
public function buildDefaultFilterQuery($filter)
{
$query = "";
@@ -755,9 +764,7 @@ class BaseService
}
return new IceResponse(IceResponse::ERROR, $this->findError($error));
}
LogManager::getInstance()->error("Element:".json_encode($ele));
LogManager::getInstance()->error("Obj:".json_encode($obj));
LogManager::getInstance()->error("Obj Keys:".json_encode($objectKeys));
$customFields = $ele->getCustomFields($obj);
LogManager::getInstance()->error("Custom:".json_encode($customFields));
foreach ($obj as $k => $v) {
@@ -792,6 +799,13 @@ class BaseService
$ele = new $nsTable();
$ele->Load('id = ?', array($id));
if (empty($ele->id) || $ele->id !== $id) {
return new IceResponse(
IceResponse::ERROR,
"Item not found"
);
}
$this->checkSecureAccess("delete", $ele);
@@ -800,7 +814,10 @@ class BaseService
if (!empty($nonDeletableTable)) {
foreach ($nonDeletableTable as $field => $value) {
if ($ele->$field == $value) {
return "This item can not be deleted";
return new IceResponse(
IceResponse::ERROR,
"This item can not be deleted"
);
}
}
}
@@ -818,7 +835,10 @@ class BaseService
if (!$ok) {
$error = $ele->ErrorMsg();
LogManager::getInstance()->info($error);
return $this->findError($error);
return new IceResponse(
IceResponse::ERROR,
$this->findError($error)
);
} else {
//Backup
if ($table == ucfirst(SIGN_IN_ELEMENT_MAPPING_FIELD_NAME)) {
@@ -845,7 +865,10 @@ class BaseService
$cf->Delete();
}
return null;
return new IceResponse(
IceResponse::SUCCESS,
null
);
}
/**
@@ -974,6 +997,9 @@ class BaseService
*/
public function getCurrentProfileId()
{
if ($this->currentProfileId) {
return $this->currentProfileId;
}
$adminEmpId = SessionUtils::getSessionObject('admin_current_profile');
$user = SessionUtils::getSessionObject('user');
if (empty($adminEmpId) && !empty($user)) {
@@ -1035,6 +1061,7 @@ class BaseService
public function cleanUpAdoDB($obj)
{
unset($obj->table);
unset($obj->_table);
unset($obj->_dbat);
unset($obj->_tableat);

4
src/Classes/CustomFieldManager.php
View File

@@ -14,6 +14,10 @@ class CustomFieldManager
{
public function addCustomField($type, $id, $name, $value)
{
if ($name[0] === '/') {
return;
}
$customFieldValue = new CustomFieldValue();
$customFieldValue->Load(
"type = ? and name = ? and object_id = ?",

24
src/Classes/IceResponse.php
View File

@@ -49,4 +49,28 @@ class IceResponse
{
return array("status"=>$this->status,"data"=>$this->data);
}
/**
* @param mixed $status
*/
public function setStatus($status)
{
$this->status = $status;
}
/**
* @param null $data
*/
public function setData($data)
{
$this->data = $data;
}
/**
* @param null $code
*/
public function setCode($code)
{
$this->code = $code;
}
}

6
src/Classes/RestApiManager.php
View File

@@ -85,8 +85,7 @@ class RestApiManager
LogManager::getInstance()->info("AT Hash Object:".json_encode($accessTokenObj));
if (!empty($accessTokenObj->id) && $accessTokenObj->hash == $hash) {
//No need to do user based validation for now
//return $this->validateAccessTokenInner($accessTokenObj->token);
return new IceResponse(IceResponse::SUCCESS, true);
return $this->validateAccessTokenInner($accessTokenObj->token);
}
return new IceResponse(IceResponse::ERROR, "Authorization bearer token not found or invalid", 401);
@@ -107,7 +106,8 @@ class RestApiManager
$data = json_decode($accessToken, true);
if ($data['userId'] == $user->id) {
return new IceResponse(IceResponse::SUCCESS, true);
unset($user->password);
return new IceResponse(IceResponse::SUCCESS, $user);
}
return new IceResponse(IceResponse::ERROR, false);

238
src/Classes/RestEndPoint.php
View File

@@ -1,24 +1,74 @@
<?php
/**
* Created by PhpStorm.
* User: Thilina
* Date: 8/20/17
* Time: 9:49 AM
*/
namespace Classes;
use Classes\Data\DataReader;
use Classes\Data\Query\DataQuery;
use Employees\Common\Model\Employee;
use Users\Common\Model\User;
use Utils\SessionUtils;
class RestEndPoint
{
const RESPONSE_ERR_ENTITY_NOT_FOUND = 'Entity not found';
const RESPONSE_ERR_PERMISSION_DENIED = 'Permission denied';
const RESPONSE_ERR_UNPROCESSABLE = 'Unprocessable Entity';
const RESPONSE_ERR_EMPLOYEE_NOT_FOUND = 'Employee not found';
public function process($type, $parameter = null)
const DEFAULT_LIMIT = 50;
const ELEMENT_NAME = '';
public function getModelObject($id)
{
return false;
}
public function checkBasicPermissions($user, $employeeId)
{
if (!isset($employeeId)) {
return new IceResponse(IceResponse::ERROR, self::RESPONSE_ERR_UNPROCESSABLE, 422);
}
$employee = new Employee();
$employee->Load("id = ?", array($employeeId));
if (empty($employee->id) || $employee->id !== $employeeId . '') {
return new IceResponse(IceResponse::ERROR, self::RESPONSE_ERR_EMPLOYEE_NOT_FOUND, 422);
}
if ($user->user_level !== 'Admin') {
if ($user->user_level === 'Manager') {
if (!PermissionManager::manipulationAllowed(
BaseService::getInstance()->getCurrentProfileId(),
$employee
)
) {
return new IceResponse(IceResponse::ERROR, self::RESPONSE_ERR_PERMISSION_DENIED, 403);
}
} elseif ($user->user_level === 'Employee'
&& $employeeId != BaseService::getInstance()->getCurrentProfileId()) {
return new IceResponse(IceResponse::ERROR, self::RESPONSE_ERR_PERMISSION_DENIED, 403);
} elseif ($user->user_level !== 'Employee' && $user->user_level !== 'Manager') {
return new IceResponse(IceResponse::ERROR, self::RESPONSE_ERR_PERMISSION_DENIED, 403);
}
return new IceResponse(IceResponse::ERROR, "Permission denied", 403);
}
return new IceResponse(IceResponse::SUCCESS);
}
public function process($type, $parameters = [])
{
if (!is_array($parameters)) {
$parameters = [$parameters];
}
$accessTokenValidation = $this->validateAccessToken();
if (!empty($accessTokenValidation) && $accessTokenValidation->getStatus() == IceResponse::ERROR) {
$resp = $accessTokenValidation;
} else {
$resp = $this->$type($parameter);
BaseService::getInstance()->setCurrentUser($accessTokenValidation->getData());
SessionUtils::saveSessionObject('user', $accessTokenValidation->getData());
array_unshift($parameters, $accessTokenValidation->getData());
$resp = call_user_func_array(array($this, $type), $parameters);
}
header('Content-Type: application/json');
@@ -39,33 +89,177 @@ class RestEndPoint
"code" => $resp->getCode(),
"message" => $resp->getObject()
);
$this->printResponse(array("error",[$messages]));
$this->printResponse(array("error" => [$messages]));
}
}
public function get($parameter)
protected function enrichElement($obj, $map)
{
if (!empty($map)) {
foreach ($map as $k => $v) {
if ($obj->$k !== null) {
$obj->$k = [
'type' => $v[0],
$v[1] => $obj->$k,
'display' => $obj->{$k . '_Name'}
];
} else {
unset($obj->$k);
}
unset($obj->{$k . '_Name'});
}
}
return $obj;
}
protected function cleanObject($obj)
{
$obj = BaseService::getInstance()->cleanUpAdoDB($obj);
unset($obj->keysToIgnore);
unset($obj->historyFieldsToTrack);
unset($obj->historyUpdateList);
unset($obj->oldObjOrig);
unset($obj->oldObj);
return $obj;
}
protected function removeNullFields($obj)
{
foreach ($obj as $k => $v) {
if ($obj->$k === null) {
unset($obj->$k);
}
}
return $obj;
}
public function list(User $user)
{
return new IceResponse(IceResponse::ERROR, "Method not Implemented", 404);
}
public function post($parameter)
protected function listByQuery(DataQuery $query)
{
$page = 1;
if (isset($_GET['page']) && intval($_GET['page']) > 0) {
$page = intval($_GET['page']);
}
$limit = static::DEFAULT_LIMIT;
if (isset($_GET['limit']) && intval($_GET['limit']) > 0) {
$limit = intval($_GET['limit']);
}
$query->setStartPage(($page - 1) * $limit);
$query->setLength($limit);
$data = DataReader::getData($query);
$output = array();
$columns = $query->getColumns();
foreach ($data as $item) {
if (!empty($columns)) {
$obj = new \stdClass();
foreach ($columns as $column) {
$obj->$column = $item->$column;
}
} else {
$obj = $this->cleanObject($item);
}
$output[] = $obj;
}
return new IceResponse(
IceResponse::SUCCESS,
[
'data' => $output,
'nextPage' => $page + 1,
]
);
}
protected function listData(
$object,
$limit,
$page = 1,
$fieldsToRemove = array(),
$customQuery = null,
$params = []
) {
if (!isset($limit) || $limit <= 0) {
$limit = self::DEFAULT_LIMIT;
}
if ($customQuery) {
$query = $customQuery.' order by id limit ?,?';
$params[] = ($page - 1) * $limit;
$params[] = $limit + 1;
} else {
$query = '1=1 order by id limit ?,?';
$params = array(($page - 1) * $limit, ($limit + 1));
}
$allObjects = $object->Find($query, $params);
$count = 0;
$hasMore = 0;
$newObjects = array();
foreach ($allObjects as $object) {
$object = $this->cleanObject($object);
$object = $this->removeNullFields($object);
if (!empty($fieldsToRemove)) {
foreach ($fieldsToRemove as $field) {
unset($object->$field);
}
}
$newObjects[] = $object;
$count++;
if ($count === $limit) {
$hasMore = true;
break;
}
}
return new IceResponse(
IceResponse::SUCCESS,
[
'data' => $newObjects,
'prevPage' => ($page > 1) ? $page - 1 : '',
'nextPage' => $hasMore ? $page + 1 : '',
'limit' => $limit,
]
);
}
public function get(User $user, $parameter)
{
return new IceResponse(IceResponse::ERROR, "Method not Implemented", 404);
}
public function put($parameter)
public function post(User $user)
{
return new IceResponse(IceResponse::ERROR, "Method not Implemented", 404);
}
public function delete($parameter)
public function put(User $user, $parameter)
{
return new IceResponse(IceResponse::ERROR, "Method not Implemented", 404);
}
public function clearObject($obj)
public function delete(User $user, $parameter)
{
return BaseService::getInstance()->cleanUpAdoDB($obj);
if ($user->user_level !== 'Admin') {
return new IceResponse(IceResponse::ERROR, "Permission denied", 403);
}
$response = BaseService::getInstance()->deleteElement(
static::ELEMENT_NAME,
$parameter
);
if ($response->getStatus() === IceResponse::SUCCESS) {
return new IceResponse(IceResponse::SUCCESS, ['id' => $parameter], 200);
}
return new IceResponse(IceResponse::ERROR, $response->getData(), 400);
}
public function validateAccessToken()
@@ -75,12 +269,6 @@ class RestEndPoint
return $accessTokenValidation;
}
public function cleanDBObject($obj)
{
unset($obj->keysToIgnore);
return $obj;
}
public function printResponse($response)
{
echo json_encode($response, JSON_PRETTY_PRINT);
@@ -129,4 +317,10 @@ class RestEndPoint
}
return null;
}
protected function getRequestBody()
{
$inputJSON = file_get_contents('php://input');
return json_decode($inputJSON, true);
}
}

27
src/Employees/Admin/Api/EmployeesAdminManager.php
View File

@@ -26,10 +26,35 @@ class EmployeesAdminManager extends AbstractModuleManager
public function setupRestEndPoints()
{
\Classes\Macaw::get(REST_API_PATH.'employee/(:any)', function ($pathParams) {
\Classes\Macaw::get(REST_API_PATH.'employees/me', function () {
$empRestEndPoint = new EmployeeRestEndPoint();
$empRestEndPoint->process('get', 'me');
});
\Classes\Macaw::get(REST_API_PATH.'employees/(:num)', function ($pathParams) {
$empRestEndPoint = new EmployeeRestEndPoint();
$empRestEndPoint->process('get', $pathParams);
});
\Classes\Macaw::get(REST_API_PATH.'employees', function () {
$empRestEndPoint = new EmployeeRestEndPoint();
$empRestEndPoint->process('list');
});
\Classes\Macaw::post(REST_API_PATH.'employees', function () {
$empRestEndPoint = new EmployeeRestEndPoint();
$empRestEndPoint->process('post');
});
\Classes\Macaw::put(REST_API_PATH.'employees/(:num)', function ($pathParams) {
$empRestEndPoint = new EmployeeRestEndPoint();
$empRestEndPoint->process('put', $pathParams);
});
\Classes\Macaw::delete(REST_API_PATH.'employees/(:num)', function ($pathParams) {
$empRestEndPoint = new EmployeeRestEndPoint();
$empRestEndPoint->process('delete', $pathParams);
});
}
public function initializeDatabaseErrorMappings()

157
src/Employees/Rest/EmployeeRestEndPoint.php
View File

@@ -1,51 +1,140 @@
<?php
/**
* Created by PhpStorm.
* User: Thilina
* Date: 8/19/17
* Time: 10:42 AM
*/
namespace Employees\Rest;
use Classes\BaseService;
use Classes\Data\Query\DataQuery;
use Classes\IceResponse;
use Classes\PermissionManager;
use Classes\RestEndPoint;
use Employees\Common\Model\Employee;
use Users\Common\Model\User;
class EmployeeRestEndPoint extends RestEndPoint
{
public function get($parameter)
{
const ELEMENT_NAME = 'Employee';
if (empty($parameter)) {
return new IceResponse(IceResponse::ERROR, "Employee ID not provided");
public function getModelObject($id)
{
$obj = new Employee();
$obj->Load("id = ?", array($id));
return $obj;
}
public function list(User $user)
{
$query = new DataQuery('Employee');
$limit = self::DEFAULT_LIMIT;
if (isset($_GET['limit']) && intval($_GET['limit']) > 0) {
$limit = intval($_GET['limit']);
}
$query->setLength($limit);
if ($user->user_level !== 'Admin') {
$query->setIsSubOrdinates(true);
}
if ($parameter === 'list') {
$emp = new Employee();
$emps = $emp->Find("1=1");
$newEmps = array();
foreach ($emps as $emp) {
$emp = BaseService::getInstance()->cleanUpAdoDB($emp);
$emp = Employee::cleanEmployeeData($emp);
$newEmps[] = $emp;
}
return new IceResponse(IceResponse::SUCCESS, $newEmps);
} else {
$mapping = '{"nationality":["Nationality","id","name"],"ethnicity":["Ethnicity","id","name"],'
.'"immigration_status":["ImmigrationStatus","id","name"],'
.'"employment_status":["EmploymentStatus","id","name"],'
.'"job_title":["JobTitle","id","name"],"pay_grade":["PayGrade","id","name"],'
.'"country":["Country","code","name"],"province":["Province","id","name"],'
.'"department":["CompanyStructure","id","title"],'
.'"supervisor":["Employee","id","first_name+last_name"]}';
$emp = BaseService::getInstance()->getElement('Employee', $parameter, $mapping, true);
if (!empty($emp)) {
$emp = Employee::cleanEmployeeData($emp);
return new IceResponse(IceResponse::SUCCESS, $emp);
}
return $this->listByQuery($query);
}
public function get(User $user, $parameter)
{
if (empty($parameter)) {
return new IceResponse(IceResponse::ERROR, "Employee not found", 404);
}
if ($parameter === 'me') {
$parameter = BaseService::getInstance()->getCurrentProfileId();
}
if ($user->user_level !== 'Admin' && !PermissionManager::manipulationAllowed(
BaseService::getInstance()->getCurrentProfileId(),
$this->getModelObject($parameter)
)
) {
return new IceResponse(IceResponse::ERROR, "Permission denied", 403);
}
$mapping = [
"nationality" => ["Nationality","id","name"],
"ethnicity" => ["Ethnicity","id","name"],
"immigration_status" => ["ImmigrationStatus","id","name"],
"employment_status" => ["EmploymentStatus","id","name"],
"job_title" => ["JobTitle","id","name"],
"pay_grade" => ["PayGrade","id","name"],
"country" => ["Country","code","name"],
"province" => ["Province","id","name"],
"department" => ["CompanyStructure","id","title"],
"supervisor" => [self::ELEMENT_NAME,"id","first_name+last_name"],
];
$emp = BaseService::getInstance()->getElement(
self::ELEMENT_NAME,
$parameter,
json_encode($mapping),
true
);
$emp = $this->enrichElement($emp, $mapping);
if (!empty($emp)) {
$emp = $this->cleanObject($emp);
$emp = $this->removeNullFields($emp);
return new IceResponse(IceResponse::SUCCESS, $emp);
}
return new IceResponse(IceResponse::ERROR, "Employee not found", 404);
}
public function post(User $user)
{
if ($user->user_level !== 'Admin') {
return new IceResponse(IceResponse::ERROR, "Permission denied", 403);
}
$body = $this->getRequestBody();
$response = BaseService::getInstance()->addElement(self::ELEMENT_NAME, $body);
if ($response->getStatus() === IceResponse::SUCCESS) {
$response = $this->get($user, $response->getData()->id);
$response->setCode(201);
return $response;
}
return new IceResponse(IceResponse::ERROR, $response->getData(), 400);
}
public function put(User $user, $parameter)
{
if ($user->user_level !== 'Admin' &&
!PermissionManager::manipulationAllowed(
BaseService::getInstance()->getCurrentProfileId(),
$this->getModelObject($parameter)
)
) {
return new IceResponse(IceResponse::ERROR, "Permission denied", 403);
}
$body = $this->getRequestBody();
$body['id'] = $parameter;
$response = BaseService::getInstance()->addElement(self::ELEMENT_NAME, $body);
if ($response->getStatus() === IceResponse::SUCCESS) {
return $this->get($user, $response->getData()->id);
}
return new IceResponse(IceResponse::ERROR, 'Error modifying employee', 400);
}
public function delete(User $user, $parameter)
{
if ($user->user_level !== 'Admin') {
return new IceResponse(IceResponse::ERROR, "Permission denied", 403);
}
$response = BaseService::getInstance()->deleteElement(
self::ELEMENT_NAME,
$parameter
);
if ($response->getStatus() === IceResponse::SUCCESS) {
return new IceResponse(IceResponse::SUCCESS, ['id' => $parameter], 200);
}
return new IceResponse(IceResponse::ERROR, $response->getData(), 400);
}
}