arifal/CKB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix load data dealer base on user with pivot or not

Browse Source
This commit is contained in:
arifal
2025-07-10 12:24:11 +07:00
parent e59841fd23
commit b632996052
5 changed files with 223 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
app/Http/Controllers/AdminController.php
View File

@@ -4,10 +4,12 @@ namespace App\Http\Controllers;
use App\Models\Dealer;
use App\Models\Menu;
use App\Models\Role;
use App\Models\Transaction;
use App\Models\User;
use App\Models\Work;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Gate;
@@ -37,7 +39,21 @@ class AdminController extends Controller
$month = $request->month;
$dealer = $request->dealer;
$year = $request->year;
$dealer_datas = Dealer::all();
// Get dealers based on user role
$user = Auth::user();
$role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$dealer_datas = Dealer::all();
} else if($role) {
$dealer_datas = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$dealer_datas = collect();
}
$ajax_url = route('dashboard_data').'?month='.$month.'&year='.$year.'&dealer='.$dealer;
// dd($ajax_url);
return view('dashboard', compact('month','year', 'ajax_url', 'dealer', 'dealer_datas'));
@@ -72,16 +88,47 @@ class AdminController extends Controller
$dealer_work_trx = DB::statement("SET @sql = NULL");
$sql = "SELECT IF(work_id IS NOT NULL, GROUP_CONCAT(DISTINCT CONCAT('SUM(IF(work_id = \"', work_id,'\", qty,\"\")) AS \"',CONCAT(w.name, '|',w.id),'\"')), 's.work_id') INTO @sql FROM transactions t JOIN works w ON w.id = t.work_id WHERE month(t.date) = '". $month ."' and year(t.date) = '". $year ."' and t.deleted_at is null";
if(isset($request->dealer) && $request->dealer != 'all') {
$sql .= " and t.dealer_id = '". $dealer ."'";
$dealer_work_trx = DB::statement($sql);
// Get dealers based on user role - only change this part
$user = Auth::user();
$role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$dealer_datas = Dealer::all();
} else if($role) {
$dealer_datas = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$dealer_datas = collect();
}
$dealer_work_trx = DB::statement($sql);
// Validate that the requested dealer is allowed for this user
if(isset($request->dealer) && $request->dealer != 'all') {
$dealer_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT d.name as DEALER, d.id as dealer_id, \", @sql, \"FROM transactions s JOIN dealers d ON d.id = s.dealer_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null and s.dealer_id = '". $dealer ."' GROUP BY s.dealer_id ORDER BY s.dealer_id ASC\"), CONCAT(\"SELECT d.name as DEALER \", \"FROM transactions s JOIN dealers d ON d.id = s.dealer_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null and s.dealer_id = '". $dealer ."' GROUP BY s.`dealer_id` ORDER BY s.`dealer_id` ASC\"))");
}else{
$dealer_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT d.name as DEALER, d.id as dealer_id, \", @sql, \"FROM transactions s JOIN dealers d ON d.id = s.dealer_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null GROUP BY s.dealer_id ORDER BY s.dealer_id ASC\"), CONCAT(\"SELECT d.name as DEALER, d.id as dealer_id \", \"FROM transactions s JOIN dealers d ON d.id = s.dealer_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null GROUP BY s.`dealer_id` ORDER BY s.`dealer_id` ASC\"))");
if($dealer_datas->count() > 0) {
$allowedDealerIds = $dealer_datas->pluck('id')->toArray();
if(!in_array($dealer, $allowedDealerIds)) {
// If dealer is not allowed, reset to 'all'
$dealer = 'all';
}
} else {
// If no dealers are allowed, reset to 'all'
$dealer = 'all';
}
}
// Build dealer filter based on user role
$dealerFilter = '';
if($dealer_datas->count() > 0) {
$dealerIds = $dealer_datas->pluck('id')->toArray();
$dealerFilter = " and s.dealer_id IN (" . implode(',', $dealerIds) . ")";
}
if(isset($request->dealer) && $request->dealer != 'all') {
$dealer_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT d.name as DEALER, d.id as dealer_id, \", @sql, \"FROM transactions s JOIN dealers d ON d.id = s.dealer_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null and s.dealer_id = '". $dealer ."'". $dealerFilter ." GROUP BY s.dealer_id ORDER BY s.dealer_id ASC\"), CONCAT(\"SELECT d.name as DEALER \", \"FROM transactions s JOIN dealers d ON d.id = s.dealer_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null and s.dealer_id = '". $dealer ."'". $dealerFilter ." GROUP BY s.`dealer_id` ORDER BY s.`dealer_id` ASC\"))");
} else {
$dealer_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT d.name as DEALER, d.id as dealer_id, \", @sql, \"FROM transactions s JOIN dealers d ON d.id = s.dealer_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null". $dealerFilter ." GROUP BY s.dealer_id ORDER BY s.dealer_id ASC\"), CONCAT(\"SELECT d.name as DEALER, d.id as dealer_id \", \"FROM transactions s JOIN dealers d ON d.id = s.dealer_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null". $dealerFilter ." GROUP BY s.`dealer_id` ORDER BY s.`dealer_id` ASC\"))");
}
$dealer_work_trx = DB::statement("PREPARE stmt FROM @sql");
@@ -143,6 +190,11 @@ class AdminController extends Controller
if(isset($request->dealer) && $request->dealer != 'all') {
$prev_month = $prev_month->where('dealer_id', $request->dealer);
$now_month = $now_month->where('dealer_id', $request->dealer);
} else if($dealer_datas->count() > 0) {
// Filter by allowed dealers based on user role
$dealerIds = $dealer_datas->pluck('id')->toArray();
$prev_month = $prev_month->whereIn('dealer_id', $dealerIds);
$now_month = $now_month->whereIn('dealer_id', $dealerIds);
}
$prev_month_trx[] = $prev_month->sum('qty');
@@ -160,6 +212,36 @@ class AdminController extends Controller
return view('dashboard_data', compact('theads', 'work_trx', 'month', 'year', 'dealer_names', 'dealer_trx', 'dealer', 'totals'));
}
/**
* Check if role is admin type
*/
private function isAdminRole($role)
{
if (!$role) {
return false;
}
// Define admin role names that should have access to all dealers
$adminRoleNames = [
'admin'
];
// Check if role name contains admin keywords (but not "area")
$roleName = strtolower(trim($role->name));
foreach ($adminRoleNames as $adminName) {
if (strpos($roleName, $adminName) !== false && strpos($roleName, 'area') === false) {
return true;
}
}
// Role with "area" in name should use pivot dealers, not all dealers
if (strpos($roleName, 'area') !== false) {
return false;
}
return false;
}
public function dealer_work_trx(Request $request) {
$dealer_work_trx = Work::select(DB::raw('works.name AS work_name'), DB::raw("IFNULL(SUM(t.qty), 0) AS qty"), 'works.id AS work_id')->whereHas('transactions', function($q) use($request) {
if(isset($request->month)) {