diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 956c90d0..aab3f86f 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -4,7 +4,7 @@ class ApplicationController < ActionController::Base protect_from_forgery with: :exception # lookup domain for db from provision - before_action :check_license, :lookup_domain, :set_locale + before_action :lookup_domain, :set_locale helper_method :current_company,:current_login_employee,:current_user # alias_method :current_user, :current_login_employee,:current_user diff --git a/app/controllers/install_controller.rb b/app/controllers/install_controller.rb index 1ffc0b2d..cf16adfe 100755 --- a/app/controllers/install_controller.rb +++ b/app/controllers/install_controller.rb @@ -1,8 +1,42 @@ class InstallController < BaseController + def index + end - def index + def create + restaurant = params[:restaurant_name] + license_key = params[:license_key] + admin_user = params[:admin_user] + admin_password = params[:admin_password] + end + + def lookup_domain + if request.subdomain.present? && request.subdomain != "www" + @license = current_license(ENV["SX_PROVISION_URL"], request.subdomain.downcase) + if (!@license.nil?) + # logger.info "Location - " + @license.name + ActiveRecord::Base.establish_connection(website_connection(@license)) + # logger.info "Connecting to - " + @license.subdomain + " - "+ @license.dbhost + "@" + @license.dbschema + else + # reconnect_default_db + logger.info 'License is nil' + # redirect_to root_url(:host => request.domain) + "store_error" + render :json => [{ status: false, message: 'Invalid Access!'}] + end + end end - def create + def current_license(url, key) + @license = License.new(url, key) + + ##creating md5 hash + md5_hostname = Digest::MD5.new + md5key = md5_hostname.update(request.host) + if (@license.detail_with_local_cache(key, md5key.to_s) == true) + #if (@license.detail == true) + + return @license + else + return nil + end end end diff --git a/app/controllers/settings/shops_controller.rb b/app/controllers/settings/shops_controller.rb new file mode 100644 index 00000000..25c8456d --- /dev/null +++ b/app/controllers/settings/shops_controller.rb @@ -0,0 +1,76 @@ +class Settings::ShopsController < ApplicationController + load_and_authorize_resource except: [:create] + before_action :set_shop, only: [:show, :edit, :update] + + # GET /settings/shops + # GET /settings/shops.json + def index + @settings_shops = Shop.all + end + + # GET /settings/shops/1 + # GET /settings/shops/1.json + def show + end + + # GET /settings/shops/new + def new + @settings_shop = Shop.new + end + + # GET /settings/shops/1/edit + def edit + end + + # POST /settings/shops + # POST /settings/shops.json + def create + @settings_shop = Shop.new(shop_params) + respond_to do |format| + if @settings_shop.save + format.html { redirect_to settings_shops_url, notice: 'Shop was successfully created.' } + format.json { render :index, status: :created, location: @settings_shop } + else + format.html { render :new } + format.json { render json: settings_shops_url.errors, status: :unprocessable_entity } + end + end + end + + # PATCH/PUT /settings/shops/1 + # PATCH/PUT /settings/shops/1.json + def update + respond_to do |format| + if @settings_shop.update(shop_params) + format.html { redirect_to settings_shops_url, notice: 'Shop was successfully updated.' } + format.json { render :index, status: :ok, location: @settings_shop } + else + format.html { render :edit } + format.json { render json: settings_shops_url.errors, status: :unprocessable_entity } + end + end + end + + # DELETE /settings/shops/1 + # DELETE /settings/shops/1.json + def destroy + @settings_shop.destroy + flash[:notice] = 'Shop was successfully destroyed.' + render :json => {:status=> "Success", :url => settings_shops_url }.to_json + # respond_to do |format| + # format.html { redirect_to settings_shops_url, notice: 'shop was successfully destroyed.' } + # format.json { head :no_content } + # end + end + + private + # Use callbacks to share common setup or constraints between actions. + def set_shop + @settings_shop = Shop.find(params[:id]) + end + + # Never trust parameters from the scary internet, only allow the white list through. + def shop_params + params.require(:shop).permit(:name,:address,:city,:township,:state,:country,:phone_no,:reservation_no,:license,:activated_at,:license_data,:base_currency,:cloud_token,:cloud_url,:owner_token,:id_prefix,:is_rounding_adj,:quick_sale_summary,:calc_tax_order) + end +end diff --git a/app/models/AESEncDec.rb b/app/models/AESEncDec.rb index 54afbe1a..ec84dcb7 100644 --- a/app/models/AESEncDec.rb +++ b/app/models/AESEncDec.rb @@ -5,11 +5,27 @@ require 'uri' class AESEncDec { cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc") - def encrypt + def export_key + ENV['aes_key'] = cipher.key = cipher.random_key # stores the key in key, and also sets the generated key on the cipher + ENV['aes_iv'] = cipher.iv = cipher.random_iv # stores the iv in iv, and also sets the generated iv on the cipher + end + + def encrypt(data) cipher.encrypt + cipher.key = ENV["aes_key"] + cipher.iv = ENV["aes_iv"] + encrypted = cipher.update(data) + cipher.final + encrypted = Base64.urlsafe_encode64(encrypted) + return encrypted end def decrypt + cipher.decrypt + cipher.key = ENV["aes_key"] + cipher.iv = ENV["aes_iv"] + # Start the decryption + decoded = Base64.urlsafe_decode64(encrypted) + decrypted = cipher.update(decoded) + cipher.final end } \ No newline at end of file diff --git a/app/models/license.rb b/app/models/license.rb index b7e2a9bb..d7c23fbf 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -50,7 +50,7 @@ class License if cache_license.nil? ##change the d/e key # @options = { query: {device: "SXlite", lookup: lookup, skey: @secret, token: SECRETS_CONFIG['provision_key']} } - @params = { query: { device: "SXlite", token: SECRETS_CONFIG['provision_key']} } + @params = { query: { device: "SXlite", token: SECRETS_CONFIG['license_key']} } response = self.class.get("/request_license", @params) @license = response.parsed_response diff --git a/app/models/shop.rb b/app/models/shop.rb index 24f4bc1e..9e8217df 100755 --- a/app/models/shop.rb +++ b/app/models/shop.rb @@ -1,4 +1,3 @@ class Shop < ApplicationRecord - end diff --git a/app/views/install/_form.html.erb b/app/views/install/_form.html.erb index e1b78851..288c431a 100755 --- a/app/views/install/_form.html.erb +++ b/app/views/install/_form.html.erb @@ -1,17 +1,36 @@ -
-
- - - Name of business this system is license to + +
+
+ + + Name of business this system is license to +
+
+ + + Add License Key from Email +
+
+ + + First Employee who will be assign as administrator +
+
+ + +
-
- - - First Employee who will be assign as administrator +
+
+ + +
+
+ + +
-
- - +
+
- diff --git a/app/views/install/index.html.erb b/app/views/install/index.html.erb index 80716f76..0233f878 100755 --- a/app/views/install/index.html.erb +++ b/app/views/install/index.html.erb @@ -1,8 +1,5 @@
-
-
-
- +

License Activation


@@ -11,7 +8,4 @@ <%= render "install/form" %>
-
-
-
diff --git a/app/views/layouts/installation.html.erb b/app/views/layouts/installation.html.erb index 14cf9820..35b99bd3 100755 --- a/app/views/layouts/installation.html.erb +++ b/app/views/layouts/installation.html.erb @@ -10,11 +10,26 @@ <%= csrf_meta_tags %> <%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track': 'reload' %> - <%= javascript_include_tag 'application', 'data-turbolinks-track': 'reload' %> + + - -
+ +
<%= yield %>
diff --git a/app/views/settings/shops/_form.html.erb b/app/views/settings/shops/_form.html.erb new file mode 100755 index 00000000..5f93ea50 --- /dev/null +++ b/app/views/settings/shops/_form.html.erb @@ -0,0 +1,67 @@ +
+
+ <%= simple_form_for([:settings,@settings_shop]) do |f| %> + <%= f.error_notification %> +
+ <%= f.input :name ,:input_html=>{:class=>"col-md-10"},:required=>true%> + + <%= f.input :address %> + <%= f.input :city %> + <%= f.input :township %> + <%= f.input :state %> + <%= f.input :phone_no %> + <%= f.input :reservation_no %> + <%= f.input :license %> + <%= f.input :license_data %> + <%= f.input :base_currency %> + <%= f.input :cloud_token %> + <%= f.input :cloud_url %> + <%= f.input :owner_token %> + <%= f.input :id_prefix %> + <%= f.input :is_rounding_adj %> + <%= f.input :quick_sale_summary %> + <%= f.input :calc_tax_order %> + + +
+
+ <%= f.submit "Submit",:class => 'btn btn-primary btn-lg waves-effect' %> +
+ <% end %> +
+
+
+
+
view_headline <%= t("views.right_panel.header.page_detail") %>
+

+ 1) address - to write shop's address
+ 2) city - to write city
+ 3) township - to write township
+ 4) state - to write state
+ 5) phone_no - to write shop's phone_no
+ 6) reservation_no - to write shop's reservation_no
+ 7) license - to write license
+ 8) license_data - to write license data
+ 9) base_currency - to write base currency
+ 10)cloud_token - to write cloud token
+ 11)cloud_url - to write cloud url
+ 12)owner_token - to write shop's owner token
+ 13)id_prefix - to write id prefix
+ 14)is_rounding_adj - to check for calculate rounding adj of shop
+ 15)quick_sale_summary - to check for view Quick Sale Summary
+ 16)calc_tax_order - to check for tax calculation of shop
+ +

+
list <%= t("views.right_panel.header.button_lists") %>
+

+ 1) <%= t("views.right_panel.button.submit") %> - <%= t("views.right_panel.detail.submit_btn_txt") %> <%= t("views.right_panel.detail.shop_txt") %>
+

+
list <%= t("views.right_panel.header.link_lists") %>
+

+ 1) <%= t("views.right_panel.button.home") %> - <%= t("views.right_panel.detail.home_txt") %>
+ 2) <%= t("views.right_panel.button.back") %> - <%= t("views.right_panel.detail.back_txt") %> <%= t("views.right_panel.detail.shop_txt") %>
+

+
+
+
+
diff --git a/app/views/settings/shops/_settings_account.json.jbuilder b/app/views/settings/shops/_settings_account.json.jbuilder new file mode 100755 index 00000000..1a0e4aa8 --- /dev/null +++ b/app/views/settings/shops/_settings_account.json.jbuilder @@ -0,0 +1,2 @@ +json.extract! settings_account, :id, :title, :account_type, :created_at, :updated_at +json.url settings_account_url(settings_account, format: :json) diff --git a/app/views/settings/shops/edit.html.erb b/app/views/settings/shops/edit.html.erb new file mode 100755 index 00000000..777ca129 --- /dev/null +++ b/app/views/settings/shops/edit.html.erb @@ -0,0 +1,12 @@ +
+
    +
  1. <%= t("views.right_panel.button.home") %>
    2. +
  2. <%= t("views.right_panel.detail.shop") %>
    3. +
  3. <%= t("views.btn.edit") %>
    4. + + <%= link_to t('.back', :default => t("views.btn.back")), settings_shops_path %> + +
+
+ + <%= render 'form', settings_shop: @settings_shop %> diff --git a/app/views/settings/shops/index.html.erb b/app/views/settings/shops/index.html.erb new file mode 100755 index 00000000..61005a34 --- /dev/null +++ b/app/views/settings/shops/index.html.erb @@ -0,0 +1,67 @@ +
+
    +
  1. <%= t("views.right_panel.button.home") %>
    2. +
  2. <%= t("views.right_panel.detail.shop") %>
    3. + + <%= link_to t('.back', :default => t("views.btn.back")), dashboard_path %> + +
+
+ +
+
+ +
+ + + + + + + + + + + + + + + <% @settings_shops.each do |shop| %> + + + + + + + + + + + <% end %> + +
Shop NamePhone NoReservation NoRouding AdjView Sale SummaryCalculate TaxActions
<%= shop.name %><%= shop.phone_no %><%= shop.reservation_no %><%= shop.is_rounding_adj %><%= shop.quick_sale_summary %><%= shop.calc_tax_order %> + <%= link_to t("views.btn.show"), settings_shop_path(shop),:class => 'btn btn-info btn-sm waves-effect' %> + <%= link_to t("views.btn.edit"), edit_settings_shop_path(shop),:class => 'btn btn-primary btn-sm waves-effect' %> +
+
+
+
+
+
+
list <%= t("views.right_panel.header.button_lists") %>
+

+ 1) <%= t("views.right_panel.button.show") %> - <%= t("views.right_panel.detail.show_btn_txt") %> <%= t("views.right_panel.detail.shop_txt") %>
+ 2) <%= t("views.right_panel.button.edit") %> - <%= t("views.right_panel.detail.edit_btn_txt") %> <%= t("views.right_panel.detail.shop_txt") %>
+

+
list <%= t("views.right_panel.header.link_lists") %>
+

+ 1) <%= t("views.right_panel.button.home") %> - <%= t("views.right_panel.detail.home_txt") %>
+ 2) <%= t("views.right_panel.button.back") %> - <%= t("views.right_panel.detail.back_txt") %> <%= t("views.right_panel.detail.dashboard_txt") %>
+

+
+
+
+
+ diff --git a/app/views/settings/shops/index.json.jbuilder b/app/views/settings/shops/index.json.jbuilder new file mode 100755 index 00000000..10158c29 --- /dev/null +++ b/app/views/settings/shops/index.json.jbuilder @@ -0,0 +1 @@ +json.array! @settings_accounts, partial: 'settings_accounts/settings_account', as: :settings_account diff --git a/app/views/settings/shops/show.html.erb b/app/views/settings/shops/show.html.erb new file mode 100755 index 00000000..8fd9c5f0 --- /dev/null +++ b/app/views/settings/shops/show.html.erb @@ -0,0 +1,126 @@ + +
+
    +
  1. <%= t("views.right_panel.button.home") %>
    2. +
  2. <%= t("views.right_panel.detail.shop") %>
    3. +
  3. <%= t :details %>
    4. + + <%= link_to t('.back', :default => t("views.btn.back")), settings_shops_path %> + +
+
+ +
+ +
+
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Name<%= @settings_shop.name %>
Address<%= @settings_shop.address %>
City<%= @settings_shop.city %>
Township<%= @settings_shop.township %>
State<%= @settings_shop.state %>
Country<%= @settings_shop.country %>
Phone No<%= @settings_shop.phone_no %>
Reservation No<%= @settings_shop.reservation_no %>
License<%= @settings_shop.license %>
Activated At<%= @settings_shop.activated_at %>
license Data<%= @settings_shop.license_data %>
Base Currency<%= @settings_shop.base_currency %>
Cloud Token<%= @settings_shop.cloud_token %>
Cloud URL<%= @settings_shop.cloud_url %>
Owner Token<%= @settings_shop.owner_token %>
id prefix<%= @settings_shop.id_prefix %>
Rounding adj<%= @settings_shop.is_rounding_adj %>
Viwe Sale Summary<%= @settings_shop.quick_sale_summary %>
Calculate Tax<%= @settings_shop.calc_tax_order %>
<%= link_to t("views.btn.edit"), edit_settings_shop_path(@settings_shop),:class => 'btn btn-primary btn-sm waves-effect' %> +
+
+
+
+ +
+
+
+
list <%= t("views.right_panel.header.button_lists") %>
+

+ 1) <%= t("views.right_panel.button.edit") %> - <%= t("views.right_panel.detail.edit_btn_txt") %> <%= t("views.right_panel.detail.shop_txt") %>
+

+
list <%= t("views.right_panel.header.link_lists") %>
+

+ 1) <%= t("views.right_panel.button.home") %> - <%= t("views.right_panel.detail.home_txt") %>
+ 2) <%= t("views.right_panel.button.back") %> - <%= t("views.right_panel.detail.back_txt") %> <%= t("views.right_panel.detail.dashboard_txt") %>
+

+
+
+
+
+ diff --git a/app/views/settings/shops/show.json.jbuilder b/app/views/settings/shops/show.json.jbuilder new file mode 100755 index 00000000..e9673454 --- /dev/null +++ b/app/views/settings/shops/show.json.jbuilder @@ -0,0 +1 @@ +json.partial! "settings_accounts/settings_account", settings_account: @settings_account diff --git a/config/initializers/secrets.rb b/config/initializers/secrets.rb deleted file mode 100755 index 6ad1f1eb..00000000 --- a/config/initializers/secrets.rb +++ /dev/null @@ -1,6 +0,0 @@ -# config = YAML.load_file(Rails.root.join("config/smartsales.yml")) -# config.fetch(Rails.env, {}).each do |key, value| -# ENV[key.upcase] = value.to_s -# end - -SECRETS_CONFIG = YAML.load_file("#{Rails.root}/config/secrets.yml")[Rails.env] diff --git a/config/initializers/sx.rb b/config/initializers/sx.rb deleted file mode 100755 index aa52f14c..00000000 --- a/config/initializers/sx.rb +++ /dev/null @@ -1,4 +0,0 @@ -config = YAML.load_file(Rails.root.join("config/sx.yml")) -config.fetch(Rails.env, {}).each do |key, value| - ENV[key.upcase] = value.to_s -end \ No newline at end of file diff --git a/config/routes.rb b/config/routes.rb index 021e1594..86556491 100755 --- a/config/routes.rb +++ b/config/routes.rb @@ -246,6 +246,7 @@ scope "(:locale)", locale: /en|mm/ do #--------- System Settings ------------# namespace :settings do + resources :shops #employees resources :employees #menu diff --git a/config/secrets.yml b/config/secrets.yml index f81a9056..794deddf 100755 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -11,8 +11,10 @@ # if you're sharing your code publicly. development: - secret_key_base: b61d85f8ed2a1a9e0eeece3443b3e8f838d002cc1d9f32115d8e93db920e2957adfedc57501d44741211538f3108b742cdeada87d5bfae796c53da1f90a3cd61 - provision_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk + secret_key_base: b61d85f8ed2a1a9e0eeece3443b3e8f838d002cc1d9f32115d8e93db920e2957adfedc57501d44741211538f3108b742cdeada87d5bfae796c53da1f90a3cd61 + sx_provision_url: secure.smartsales.asia/api + aes_key: <%= ENV['aes_key'] %> + aes_iv: <%= ENV['aes_iv'] %> test: secret_key_base: 5c92143fd4a844fdaf8b22aba0cda22ef1fc68f1b26dd3d40656866893718ae5e58625b4c3a5dc86b04c8be0a505ec0ebc0be3bf52249a3d1e0c1334ee591cf0 @@ -20,6 +22,8 @@ test: # Do not keep production secrets in the repository, # instead read values from the environment. production: - secret_key_base: c4bc81065013f9a3506d385bcbd49586c42e586488144b0de90c7da36867de9fa880f46b5c4f86f0ce9b7c783bb5a73bdb0e5605a47716567294390e726d3e22 - provision_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk + secret_key_base: c4bc81065013f9a3506d385bcbd49586c42e586488144b0de90c7da36867de9fa880f46b5c4f86f0ce9b7c783bb5a73bdb0e5605a47716567294390e726d3e22 + sx_provision_url: secure.smartsales.asia/api + aes_key: <%= ENV['aes_key'] %> + aes_iv: <%= ENV['aes_iv'] %> diff --git a/config/sx.yml b/config/sx.yml deleted file mode 100755 index 4dca50a2..00000000 --- a/config/sx.yml +++ /dev/null @@ -1,15 +0,0 @@ -development: - server_mode: local - sx_provision_url: http://192.168.1.162:3005/api - expired_date: 2017-11-09 05:02:33 - - -test: - sx_provision_url: secure.smartsales.asia/api - -# Do not keep production secrets in the repository, -# instead read values from the environment. -production: - server_mode: cloud - sx_provision_url: secure.smartsales.asia/api -