arifal/CKB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix report filter data base on user login role dealer

Browse Source
This commit is contained in:
arifal
2025-07-10 13:25:02 +07:00
parent b632996052
commit cec11d6385
2 changed files with 372 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
app/Http/Controllers/AdminController.php
View File

@@ -175,10 +175,12 @@ class AdminController extends Controller
$prev_mth_start = date('Y-m-d', strtotime(date($year.'-'. $request->month .'-1')." -1 month"));
$prev_mth = explode('-', $prev_mth_start);
if($request->month == date('m')) {
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('d');
if($request->month == date('m') && $year == date('Y')) {
// Jika bulan sekarang, ambil total bulan sebelumnya yang lengkap
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('t', strtotime($prev_mth_start));
}else{
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('t');
// Jika bulan lain, ambil total bulan sebelumnya yang lengkap
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('t', strtotime($prev_mth_start));
}
$prev_month_trx = [];
@@ -309,10 +311,12 @@ class AdminController extends Controller
foreach($works as $work1) {
$prev_mth_start = date('Y-m-d', strtotime(date('Y-'. $request->month .'-1')." -1 month"));
$prev_mth = explode('-', $prev_mth_start);
if($request->month == date('m')) {
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('d');
if($request->month == date('m') && date('Y') == date('Y')) {
// Jika bulan sekarang, ambil total bulan sebelumnya yang lengkap
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('t', strtotime($prev_mth_start));
}else{
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('t');
// Jika bulan lain, ambil total bulan sebelumnya yang lengkap
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('t', strtotime($prev_mth_start));
}
// dd($prev_mth_end);
@@ -430,10 +434,12 @@ class AdminController extends Controller
foreach($works as $work1) {
$prev_mth_start = date('Y-m-d', strtotime(date($request->year.'-'. $request->month .'-1')." -1 month"));
$prev_mth = explode('-', $prev_mth_start);
if($request->month == date('m')) {
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('d');
if($request->month == date('m') && $request->year == date('Y')) {
// Jika bulan sekarang, ambil total bulan sebelumnya yang lengkap
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('t', strtotime($prev_mth_start));
}else{
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('t');
// Jika bulan lain, ambil total bulan sebelumnya yang lengkap
$prev_mth_end = $prev_mth[0].'-'.$prev_mth[1].'-'.date('t', strtotime($prev_mth_start));
}
$yesterday_month_trx = Transaction::where('work_id', $work1->id)->where('dealer_id', $id)->whereDate('date', '>=', $prev_mth_start)->whereDate('date', '<=', $prev_mth_end)->sum('qty');

388
app/Http/Controllers/ReportController.php
View File

@@ -37,13 +37,41 @@ class ReportController extends Controller
$request['sa'] = 'all';
}
$works = Work::select('id', 'name')->whereHas('transactions', function($q) use($request) {
// Get dealers based on user role
$user = Auth::user();
$role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$allowedDealers = Dealer::all();
} else if($role) {
$allowedDealers = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$allowedDealers = collect();
}
$works = Work::select('id', 'name')->whereHas('transactions', function($q) use($request, $allowedDealers) {
if(isset($request->month)) {
$q = $q->whereMonth('date', '=', $request->month)->whereYear('date', date('Y'));
}
// Filter by allowed dealers based on user role
if($allowedDealers->count() > 0) {
$dealerIds = $allowedDealers->pluck('id')->toArray();
$q = $q->whereIn('dealer_id', $dealerIds);
}
if(isset($request->dealer) && $request->dealer != 'all') {
$q = $q->where('dealer_id', '=', $request->dealer);
// Validate that the requested dealer is allowed for this user
if($allowedDealers->count() > 0) {
$allowedDealerIds = $allowedDealers->pluck('id')->toArray();
if(in_array($request->dealer, $allowedDealerIds)) {
$q = $q->where('dealer_id', '=', $request->dealer);
}
} else {
$q = $q->where('dealer_id', '=', $request->dealer);
}
}
if(isset($request->sa) && $request->sa != 'all') {
@@ -53,8 +81,27 @@ class ReportController extends Controller
return $q;
})->orderBy('id', 'ASC')->get();
$dealer_datas = Dealer::orderBy('id', 'ASC')->get();
$sa_datas = User::select('id', 'name')->where('role_id', 4)->get();
// Get dealers based on user role
$user = Auth::user();
$role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$dealer_datas = Dealer::orderBy('id', 'ASC')->get();
} else if($role) {
$dealer_datas = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$dealer_datas = collect();
}
// Get SA users based on dealer access
if($dealer_datas->count() > 0) {
$dealerIds = $dealer_datas->pluck('id')->toArray();
$sa_datas = User::select('id', 'name')->where('role_id', 4)->whereIn('dealer_id', $dealerIds)->get();
} else {
$sa_datas = User::select('id', 'name')->where('role_id', 4)->get();
}
$sa = $request->sa;
$dealer = $request->dealer;
$month = $request->month;
@@ -83,8 +130,27 @@ class ReportController extends Controller
$request['sa'] = 'all';
}
$dealer_datas = Dealer::orderBy('id', 'ASC')->get();
$sa_datas = User::select('id', 'name')->where('role_id', 4)->get();
// Get dealers based on user role
$user = Auth::user();
$role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$dealer_datas = Dealer::orderBy('id', 'ASC')->get();
} else if($role) {
$dealer_datas = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$dealer_datas = collect();
}
// Get SA users based on dealer access
if($dealer_datas->count() > 0) {
$dealerIds = $dealer_datas->pluck('id')->toArray();
$sa_datas = User::select('id', 'name')->where('role_id', 4)->whereIn('dealer_id', $dealerIds)->get();
} else {
$sa_datas = User::select('id', 'name')->where('role_id', 4)->get();
}
$sa = $request->sa;
$dealer = $request->dealer;
@@ -127,11 +193,40 @@ class ReportController extends Controller
$sa = $request->sa;
$year = $request->year;
// Get dealers based on user role
$user = Auth::user();
$role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$allowedDealers = Dealer::all();
} else if($role) {
$allowedDealers = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$allowedDealers = collect();
}
$dealer_work_trx = DB::statement("SET @sql = NULL");
$sql = "SELECT IF(work_id IS NOT NULL, GROUP_CONCAT(DISTINCT CONCAT('SUM(IF(work_id = \"', work_id,'\", qty,\"\")) AS \"',CONCAT(w.name, '|',w.id),'\"')), 's.work_id') INTO @sql FROM transactions t JOIN works w ON w.id = t.work_id WHERE month(t.date) = '". $month ."' and year(t.date) = '". $year ."' and t.deleted_at is null";
// Filter by allowed dealers based on user role
if($allowedDealers->count() > 0) {
$dealerIds = $allowedDealers->pluck('id')->toArray();
$dealerIdsStr = implode(',', $dealerIds);
$sql .= " and t.dealer_id IN (". $dealerIdsStr .")";
}
if(isset($request->dealer) && $request->dealer != 'all') {
$sql .= " and t.dealer_id = '". $dealer ."'";
// Validate that the requested dealer is allowed for this user
if($allowedDealers->count() > 0) {
$allowedDealerIds = $allowedDealers->pluck('id')->toArray();
if(in_array($request->dealer, $allowedDealerIds)) {
$sql .= " and t.dealer_id = '". $dealer ."'";
}
} else {
$sql .= " and t.dealer_id = '". $dealer ."'";
}
}
if(isset($request->sa) && $request->sa != 'all') {
@@ -140,17 +235,35 @@ class ReportController extends Controller
$sa_work_trx = DB::statement($sql);
// Validate dealer access before building the main query
$dealerFilter = "";
if(isset($request->dealer) && $request->dealer != 'all') {
if($allowedDealers->count() > 0) {
$allowedDealerIds = $allowedDealers->pluck('id')->toArray();
if(in_array($request->dealer, $allowedDealerIds)) {
$dealerFilter = " and s.dealer_id = '". $dealer ."'";
}
} else {
$dealerFilter = " and s.dealer_id = '". $dealer ."'";
}
} else if($allowedDealers->count() > 0) {
// If no specific dealer requested, filter by allowed dealers
$dealerIds = $allowedDealers->pluck('id')->toArray();
$dealerIdsStr = implode(',', $dealerIds);
$dealerFilter = " and s.dealer_id IN (". $dealerIdsStr .")";
}
if(isset($request->dealer) && $request->dealer != 'all') {
if(isset($request->sa) && $request->sa != 'all') {
$sa_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT sa.name as SA, sa.id as sa_id, \", @sql, \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null and s.dealer_id = '". $dealer ."' and s.user_sa_id = '". $sa ."' GROUP BY s.user_sa_id ORDER BY s.user_sa_id ASC\"), CONCAT(\"SELECT sa.name as SA, sa.id as sa_id \", \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null and s.dealer_id = '". $dealer ."' and s.user_sa_id = '". $sa ."' GROUP BY s.`user_sa_id` ORDER BY s.`user_sa_id` ASC\"))");
$sa_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT sa.name as SA, sa.id as sa_id, \", @sql, \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null". $dealerFilter ." and s.user_sa_id = '". $sa ."' GROUP BY s.user_sa_id ORDER BY s.user_sa_id ASC\"), CONCAT(\"SELECT sa.name as SA, sa.id as sa_id \", \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null". $dealerFilter ." and s.user_sa_id = '". $sa ."' GROUP BY s.`user_sa_id` ORDER BY s.`user_sa_id` ASC\"))");
}else{
$sa_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT sa.name as SA, sa.id as sa_id, \", @sql, \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null and s.dealer_id = '". $dealer ."' GROUP BY s.user_sa_id ORDER BY s.user_sa_id ASC\"), CONCAT(\"SELECT sa.name as SA, sa.id as sa_id \", \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null and s.dealer_id = '". $dealer ."' GROUP BY s.`user_sa_id` ORDER BY s.`user_sa_id` ASC\"))");
$sa_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT sa.name as SA, sa.id as sa_id, \", @sql, \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null". $dealerFilter ." GROUP BY s.user_sa_id ORDER BY s.user_sa_id ASC\"), CONCAT(\"SELECT sa.name as SA, sa.id as sa_id \", \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null". $dealerFilter ." GROUP BY s.`user_sa_id` ORDER BY s.`user_sa_id` ASC\"))");
}
}else{
if(isset($request->sa) && $request->sa != 'all') {
$sa_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT sa.name as SA, sa.id as sa_id, \", @sql, \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null and s.user_sa_id = '". $sa ."' GROUP BY s.user_sa_id ORDER BY s.user_sa_id ASC\"), CONCAT(\"SELECT sa.name as SA, sa.id as user_sa_id \", \"FROM transactions s JOIN dealers d ON d.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null and s.user_sa_id = '". $sa ."' GROUP BY s.`user_sa_id` ORDER BY s.`user_sa_id` ASC\"))");
$sa_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT sa.name as SA, sa.id as sa_id, \", @sql, \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null". $dealerFilter ." and s.user_sa_id = '". $sa ."' GROUP BY s.user_sa_id ORDER BY s.user_sa_id ASC\"), CONCAT(\"SELECT sa.name as SA, sa.id as user_sa_id \", \"FROM transactions s JOIN dealers d ON d.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null". $dealerFilter ." and s.user_sa_id = '". $sa ."' GROUP BY s.`user_sa_id` ORDER BY s.`user_sa_id` ASC\"))");
}else{
$sa_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT sa.name as SA, sa.id as sa_id, \", @sql, \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null GROUP BY s.user_sa_id ORDER BY s.user_sa_id ASC\"), CONCAT(\"SELECT sa.name as SA, sa.id as user_sa_id \", \"FROM transactions s JOIN dealers d ON d.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null GROUP BY s.`user_sa_id` ORDER BY s.`user_sa_id` ASC\"))");
$sa_work_trx = DB::statement("SET @sql = IF(@sql != 's.work_id' ,CONCAT(\"SELECT sa.name as SA, sa.id as sa_id, \", @sql, \"FROM transactions s JOIN users sa ON sa.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null". $dealerFilter ." GROUP BY s.user_sa_id ORDER BY s.user_sa_id ASC\"), CONCAT(\"SELECT sa.name as SA, sa.id as user_sa_id \", \"FROM transactions s JOIN dealers d ON d.id = s.user_sa_id WHERE month(s.date) = '". $month ."' and year(s.date) = '". $year ."' and s.deleted_at is null". $dealerFilter ." GROUP BY s.`user_sa_id` ORDER BY s.`user_sa_id` ASC\"))");
}
}
@@ -219,13 +332,41 @@ class ReportController extends Controller
$request['month'] = date('m');
}
$works = Work::select('id', 'name')->whereHas('transactions', function($q) use($request) {
// Get dealers based on user role
$user = Auth::user();
$role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$allowedDealers = Dealer::all();
} else if($role) {
$allowedDealers = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$allowedDealers = collect();
}
$works = Work::select('id', 'name')->whereHas('transactions', function($q) use($request, $allowedDealers) {
if(isset($request->month)) {
$q->whereMonth('date', '=', $request->month);
}
// Filter by allowed dealers based on user role
if($allowedDealers->count() > 0) {
$dealerIds = $allowedDealers->pluck('id')->toArray();
$q->whereIn('dealer_id', $dealerIds);
}
if(isset($request->dealer) && $request->dealer != 'all') {
$q->where('dealer_id', '=', $request->dealer);
// Validate that the requested dealer is allowed for this user
if($allowedDealers->count() > 0) {
$allowedDealerIds = $allowedDealers->pluck('id')->toArray();
if(in_array($request->dealer, $allowedDealerIds)) {
$q->where('dealer_id', '=', $request->dealer);
}
} else {
$q->where('dealer_id', '=', $request->dealer);
}
}
if(isset($request->sa) && $request->sa != 'all') {
@@ -233,7 +374,27 @@ class ReportController extends Controller
}
})->get();
$sas = User::select('id', 'name')->where('role_id', 4)->get();
// Get dealers based on user role
$user = Auth::user();
$role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$dealer_datas = Dealer::all();
} else if($role) {
$dealer_datas = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$dealer_datas = collect();
}
// Get SA users based on dealer access
if($dealer_datas->count() > 0) {
$dealerIds = $dealer_datas->pluck('id')->toArray();
$sas = User::select('id', 'name')->where('role_id', 4)->whereIn('dealer_id', $dealerIds)->get();
} else {
$sas = User::select('id', 'name')->where('role_id', 4)->get();
}
$trxs = [];
foreach($sas as $key => $sa) {
@@ -245,8 +406,22 @@ class ReportController extends Controller
$d = $d->whereMonth('date', '=', $request->month);
}
// Filter by allowed dealers based on user role
if($allowedDealers->count() > 0) {
$dealerIds = $allowedDealers->pluck('id')->toArray();
$d = $d->whereIn('dealer_id', $dealerIds);
}
if(isset($request->dealer) && $request->dealer != 'all') {
$d = $d->where('dealer_id', '=', $request->dealer);
// Validate that the requested dealer is allowed for this user
if($allowedDealers->count() > 0) {
$allowedDealerIds = $allowedDealers->pluck('id')->toArray();
if(in_array($request->dealer, $allowedDealerIds)) {
$d = $d->where('dealer_id', '=', $request->dealer);
}
} else {
$d = $d->where('dealer_id', '=', $request->dealer);
}
}
if(isset($request->sa) && $request->sa != 'all') {
@@ -302,35 +477,76 @@ class ReportController extends Controller
$month = $request->month;
$dealer_id = $request->dealer;
$sa_id = $request->sa;
$dealers = Dealer::all();
$sas = User::where('role_id', 4)->get();
return view('back.report.transaction_sa', compact('sas', 'dealers', 'dealer_id', 'sa_id', 'month', 'trxs', 'works', 'work_count', 'sa_names', 'trx_data'));
return view('back.report.transaction_sa', compact('sas', 'dealer_datas', 'dealer_id', 'sa_id', 'month', 'trxs', 'works', 'work_count', 'sa_names', 'trx_data'));
}
public function sa_work_trx(Request $request) {
$sa_work_trx = Work::select(DB::raw('works.name AS work_name'), DB::raw("IFNULL(SUM(t.qty), 0) AS qty"), 'works.id AS work_id')->whereHas('transactions', function($q) use($request) {
// Get dealers based on user role
$user = Auth::user();
$role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$allowedDealers = Dealer::all();
} else if($role) {
$allowedDealers = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$allowedDealers = collect();
}
$sa_work_trx = Work::select(DB::raw('works.name AS work_name'), DB::raw("IFNULL(SUM(t.qty), 0) AS qty"), 'works.id AS work_id')->whereHas('transactions', function($q) use($request, $allowedDealers) {
if(isset($request->month)) {
$q = $q->whereMonth('date', '=', $request->month)->whereYear('date', date('Y'));
}
// Filter by allowed dealers based on user role
if($allowedDealers->count() > 0) {
$dealerIds = $allowedDealers->pluck('id')->toArray();
$q->whereIn('dealer_id', $dealerIds);
}
if(isset($request->dealer) && $request->dealer != 'all') {
$q = $q->where('dealer_id', '=', $request->dealer);
// Validate that the requested dealer is allowed for this user
if($allowedDealers->count() > 0) {
$allowedDealerIds = $allowedDealers->pluck('id')->toArray();
if(in_array($request->dealer, $allowedDealerIds)) {
$q->where('dealer_id', '=', $request->dealer);
}
} else {
$q->where('dealer_id', '=', $request->dealer);
}
}
if(isset($request->sa_filter) && $request->sa_filter != 'all') {
$q = $q->where('user_sa_id', '=', $request->sa_filter);
$q->where('user_sa_id', '=', $request->sa_filter);
}
return $q;
})->leftJoin('transactions AS t', function($q) use($request) {
})->leftJoin('transactions AS t', function($q) use($request, $allowedDealers) {
$q->on('t.work_id', '=', 'works.id');
$q->on(DB::raw('MONTH(t.date)'), '=', DB::raw($request->month));
$q->on(DB::raw('YEAR(t.date)'), '=', DB::raw(date('Y')));
$q->on('t.user_sa_id', '=', DB::raw($request->sa));
// Filter by allowed dealers based on user role
if($allowedDealers->count() > 0) {
$dealerIds = $allowedDealers->pluck('id')->toArray();
$q->whereIn('t.dealer_id', $dealerIds);
}
if(isset($request->dealer) && $request->dealer != 'all') {
$q->on('t.dealer_id', '=', DB::raw($request->dealer));
// Validate that the requested dealer is allowed for this user
if($allowedDealers->count() > 0) {
$allowedDealerIds = $allowedDealers->pluck('id')->toArray();
if(in_array($request->dealer, $allowedDealerIds)) {
$q->on('t.dealer_id', '=', DB::raw($request->dealer));
}
} else {
$q->on('t.dealer_id', '=', DB::raw($request->dealer));
}
}
if(isset($request->sa_filter) && $request->sa_filter != 'all') {
$q->on('t.user_sa_id', '=', DB::raw($request->sa_filter));
@@ -352,13 +568,41 @@ class ReportController extends Controller
$request['sa'] = 'all';
}
$sas = User::where('role_id', 4)->whereHas('sa_transactions', function($q) use($request) {
// Get dealers based on user role
$user = Auth::user();
$role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$allowedDealers = Dealer::all();
} else if($role) {
$allowedDealers = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$allowedDealers = collect();
}
$sas = User::where('role_id', 4)->whereHas('sa_transactions', function($q) use($request, $allowedDealers) {
if(isset($request->month)) {
$q = $q->whereMonth('date', '=', $request->month)->whereYear('date', date('Y'));
}
// Filter by allowed dealers based on user role
if($allowedDealers->count() > 0) {
$dealerIds = $allowedDealers->pluck('id')->toArray();
$q->whereIn('dealer_id', $dealerIds);
}
if(isset($request->dealer) && $request->dealer != 'all') {
$q->where('dealer_id', '=', $request->dealer);
// Validate that the requested dealer is allowed for this user
if($allowedDealers->count() > 0) {
$allowedDealerIds = $allowedDealers->pluck('id')->toArray();
if(in_array($request->dealer, $allowedDealerIds)) {
$q->where('dealer_id', '=', $request->dealer);
}
} else {
$q->where('dealer_id', '=', $request->dealer);
}
}
});
@@ -389,10 +633,12 @@ class ReportController extends Controller
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($user->role_id);
if(strtolower($role->name) === 'admin') {
if($role && $this->isAdminRole($role) && $role->dealers->count() == 0) {
$dealer_datas = Dealer::all();
}else{
} else if($role) {
$dealer_datas = $role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$dealer_datas = collect();
}
$year = $request->year;
@@ -407,9 +653,30 @@ class ReportController extends Controller
$menu = Menu::where('link', 'report.transaction')->first();
abort_if(Gate::denies('view', $menu), 403, 'Unauthorized User');
$sas = User::where('role_id', 4)->get();
$mechanics = User::where('role_id', 3)->get();
$dealers = Dealer::all();
$current_user = Auth::user();
$current_role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($current_user->role_id);
// Get dealers based on user role
if($current_role && $this->isAdminRole($current_role) && $current_role->dealers->count() == 0) {
$dealers = Dealer::all();
} else if($current_role) {
$dealers = $current_role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$dealers = collect();
}
// Get SA users based on dealer access
if($dealers->count() > 0) {
$dealerIds = $dealers->pluck('id')->toArray();
$sas = User::where('role_id', 4)->whereIn('dealer_id', $dealerIds)->get();
$mechanics = User::where('role_id', 3)->whereIn('dealer_id', $dealerIds)->get();
} else {
$sas = User::where('role_id', 4)->get();
$mechanics = User::where('role_id', 3)->get();
}
$works = Work::all();
return view('back.report.transaction', compact('sas', 'mechanics', 'dealers', 'works'));
@@ -421,6 +688,20 @@ class ReportController extends Controller
abort_if(Gate::denies('view', $menu), 403, 'Unauthorized User');
if ($request->ajax()) {
// Get dealers based on user role
$current_user = Auth::user();
$current_role = Role::with(['dealers' => function($query) {
$query->whereNull('dealers.deleted_at'); // Only active dealers
}])->find($current_user->role_id);
if($current_role && $this->isAdminRole($current_role) && $current_role->dealers->count() == 0) {
$allowedDealers = Dealer::all();
} else if($current_role) {
$allowedDealers = $current_role->dealers()->whereNull('dealers.deleted_at')->orderBy('name')->get();
} else {
$allowedDealers = collect();
}
$data = Transaction::leftJoin('users', 'users.id', '=', 'transactions.user_id')
->leftJoin('users as sa', 'sa.id', '=', 'transactions.user_sa_id')
->leftJoin('works as w', 'w.id', '=', 'transactions.work_id')
@@ -428,6 +709,13 @@ class ReportController extends Controller
->leftJoin('dealers as d', 'd.id', '=', 'transactions.dealer_id')
->select('transactions.id', 'transactions.status', 'transactions.user_id as user_id', 'transactions.user_sa_id as user_sa_id', 'users.name as username', 'sa.name as sa_name', 'cat.name as category_name', 'w.name as workname', 'transactions.qty as qty', 'transactions.date as date', 'transactions.police_number as police_number', 'transactions.warranty as warranty', 'transactions.spk as spk', 'transactions.dealer_id', 'd.name as dealer_name');
// Filter by allowed dealers based on user role
if($allowedDealers->count() > 0) {
$dealerIds = $allowedDealers->pluck('id')->toArray();
$data->whereIn('transactions.dealer_id', $dealerIds);
}
if(isset($request->date_start)) {
$data->where('transactions.date', '>=', $request->date_start);
}
@@ -445,7 +733,15 @@ class ReportController extends Controller
}
if(isset($request->dealer)) {
$data->where('transactions.dealer_id', $request->dealer);
// Validate that the requested dealer is allowed for this user
if($allowedDealers->count() > 0) {
$allowedDealerIds = $allowedDealers->pluck('id')->toArray();
if(in_array($request->dealer, $allowedDealerIds)) {
$data->where('transactions.dealer_id', $request->dealer);
}
} else {
$data->where('transactions.dealer_id', $request->dealer);
}
}
$data->orderBy('date', 'DESC');
@@ -576,4 +872,34 @@ class ReportController extends Controller
return response()->json($response);
}
/**
* Check if role is admin type
*/
private function isAdminRole($role)
{
if (!$role) {
return false;
}
// Define admin role names that should have access to all dealers
$adminRoleNames = [
'admin'
];
// Check if role name contains admin keywords (but not "area")
$roleName = strtolower(trim($role->name));
foreach ($adminRoleNames as $adminName) {
if (strpos($roleName, $adminName) !== false && strpos($roleName, 'area') === false) {
return true;
}
}
// Role with "area" in name should use pivot dealers, not all dealers
if (strpos($roleName, 'area') !== false) {
return false;
}
return false;
}
}