diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb index dcf31a36..0da2bbf5 100755 --- a/app/controllers/home_controller.rb +++ b/app/controllers/home_controller.rb @@ -100,7 +100,7 @@ class HomeController < ApplicationController @sales = Sale.receipt_date_between(@from, @to).completed if current_user.present? && !(current_user.role == 'administrator' || current_user.role == 'manager' || current_user.role == 'account' || current_user.role == 'supervisor') - if shift = ShiftSale.current_open_shift(current_user.id) + if shift = ShiftSale.current_open_shift(current_user) @orders = @orders.where(shift_sale_id: shift.id) @sales = @sales.where(shift_sale_id: shift.id) end diff --git a/app/controllers/origami/payments_controller.rb b/app/controllers/origami/payments_controller.rb index 6f1e0826..a5b38db2 100755 --- a/app/controllers/origami/payments_controller.rb +++ b/app/controllers/origami/payments_controller.rb @@ -192,7 +192,7 @@ class Origami::PaymentsController < BaseOrigamiController end #card_balance amount for Paymal payment - card_balance_amount, transaction_ref = SaleAudit.getCardBalanceAmount(sale_id) + card_balance_amount,transaction_ref = SaleAudit.getCardBalanceAmount(sale_id) # get printer info print_settings = PrintSetting.find_by_unique_code(unique_code) diff --git a/app/controllers/origami/shifts_controller.rb b/app/controllers/origami/shifts_controller.rb index 8b7bdf91..bbe2cf57 100755 --- a/app/controllers/origami/shifts_controller.rb +++ b/app/controllers/origami/shifts_controller.rb @@ -126,7 +126,7 @@ class Origami::ShiftsController < BaseOrigamiController if find_close_cashier_print[0][1].to_i > 0 - printer.print_close_cashier(print_settings,cashier_terminal,current_shop, @sale_items, @total_other_charges_info, current_shop,@sale_taxes,@other_payment,@total_amount_by_account,@total_discount_by_account,@total_member_discount,@total_dinein,@total_takeway,@total_other_charges,@total_waste,@total_spoile,@total_credit_payments) + printer.print_close_cashier(print_settings,cashier_terminal, @shift, @sale_items, @total_other_charges_info, current_shop,@sale_taxes,@other_payment,@total_amount_by_account,@total_discount_by_account,@total_member_discount,@total_dinein,@total_takeway,@total_other_charges,@total_waste,@total_spoile,@total_credit_payments) end end end diff --git a/app/controllers/settings/employees_controller.rb b/app/controllers/settings/employees_controller.rb index 448816f5..bcbec6ff 100755 --- a/app/controllers/settings/employees_controller.rb +++ b/app/controllers/settings/employees_controller.rb @@ -1,6 +1,6 @@ class Settings::EmployeesController < ApplicationController load_and_authorize_resource - before_action :set_employee, only: [:show, :edit, :update, :destroy] + before_action :set_employee, only: [:show, :edit, :update, :destroy, :change_auth_token] # GET /employees @@ -38,6 +38,13 @@ class Settings::EmployeesController < ApplicationController format.html { render :new } end end + end + + def change_app_token + @employee.app_token = @employee.generate_app_token #SecureRandom.hex(10) + @employee.save + flash[:notice] = 'Auth Token was successfully updated.' + redirect_to settings_employee_url(@employee) end # PATCH/PUT /employees/1 @@ -71,6 +78,6 @@ class Settings::EmployeesController < ApplicationController # Never trust parameters from the scary internet, only allow the white list through. def employee_params - params.require(:employee).permit(:name, :role, :is_active, :emp_id, :password,:order_queue_station_id, :image_path) + params.require(:employee).permit(:name, :role, :is_active, :emp_id, :password,:order_queue_station_id, :image_path, :app_id, :app_token) end end diff --git a/app/models/employee.rb b/app/models/employee.rb index 420491af..9d18c6c6 100755 --- a/app/models/employee.rb +++ b/app/models/employee.rb @@ -1,5 +1,6 @@ class Employee < ApplicationRecord has_secure_password + # has_secure_token :auth_token has_many :commissioners has_many :shit_sales has_one :current_shift, -> { where.not(shift_started_at: nil).where(shift_closed_at: nil) },class_name: "ShiftSale" @@ -11,6 +12,7 @@ class Employee < ApplicationRecord validates :emp_id, uniqueness: true, numericality: true, length: {in: 1..4}, allow_blank: true validates :password, numericality: true, length: {in: 3..9}, allow_blank: true + before_create :generate_app_id, :generate_app_token , if: Proc.new { self.role == "application" } # Employee Image Uploader mount_uploader :image_path, EmployeeImageUploader @@ -89,4 +91,18 @@ class Employee < ApplicationRecord return expiry_time end + + def generate_app_id + # return if self.role != 'application' + self.app_id = SecureRandom.urlsafe_base64(nil, false) + rescue ActiveRecord::RecordNotUnique + retry + end + + def generate_app_token + # return if self.role != 'application' + self.app_token = SecureRandom.hex(10) + rescue ActiveRecord::RecordNotUnique + retry + end end diff --git a/app/models/sale.rb b/app/models/sale.rb index da8db1a6..bf9fa2bd 100644 --- a/app/models/sale.rb +++ b/app/models/sale.rb @@ -1498,7 +1498,7 @@ end end if current_user.present? && !(current_user.role == 'administrator' || current_user.role == 'manager' || current_user.role == 'account' || current_user.role == 'supervisor') - if shift = ShiftSale.current_open_shift(current_user.id) + if shift = ShiftSale.current_open_shift(current_user) query = query.where("shift_sale_id='#{shift.id}'") end @@ -1525,7 +1525,7 @@ end end if current_user.present? && !(current_user.role == 'administrator' || current_user.role == 'manager' || current_user.role == 'account' || current_user.role == 'supervisor') - if shift = ShiftSale.current_open_shift(current_user.id) + if shift = ShiftSale.current_open_shift(current_user) query = query.where("shift_sale_id='#{shift.id}'") end end diff --git a/app/views/home/dashboard.html.erb b/app/views/home/dashboard.html.erb index 71f7398a..4cb3bde2 100755 --- a/app/views/home/dashboard.html.erb +++ b/app/views/home/dashboard.html.erb @@ -347,7 +347,7 @@ <% end %> <% end %> - <% if isMobile.include? "Mobile" %> + <% if isMobile.to_s.include? "Mobile" %>
diff --git a/app/views/layouts/_header.html.erb b/app/views/layouts/_header.html.erb index ab91b06f..e3bba515 100755 --- a/app/views/layouts/_header.html.erb +++ b/app/views/layouts/_header.html.erb @@ -19,8 +19,14 @@ <% if current_login_employee.role == "administrator" || current_login_employee.role == "manager" || current_login_employee.role == "account" %> - <% elsif current_login_employee.role == "supervisor" || current_login_employee.role == "cashier" || current_login_employee.role == "waiter" %> + <% elsif current_login_employee.role == "supervisor" %> + <% elsif current_login_employee.role == "cashier" || current_login_employee.role == "waiter"%> + <%if ShiftSale.current_open_shift(current_login_employee) %> + + <%else%> + + <%end%> <%else%> <% end %> diff --git a/app/views/settings/employees/show.html.erb b/app/views/settings/employees/show.html.erb index 87707b22..807dc54a 100755 --- a/app/views/settings/employees/show.html.erb +++ b/app/views/settings/employees/show.html.erb @@ -54,12 +54,24 @@ <%= t("views.right_panel.detail.employee_photo") %> <%= image_tag @employee.image_path, :size => '200x200'%> + <% if @employee.role == 'application' %> + + <%= t("views.right_panel.detail.employee_app_id") %> + <%= @employee.app_id %> + + + <%= t("views.right_panel.detail.employee_app_token") %> + <%= @employee.app_token %> + + <% end %> <%= link_to t("views.btn.edit"), edit_settings_employee_path(@employee),:class => 'btn btn-primary btn-lg waves-effect' %> + <% if @employee.role == 'application' %> + <%= link_to t("views.btn.change_app_token"), settings_change_app_token_url(id: @employee.id), class: 'btn btn-primary btn-lg waves-effect' %> + <% end %> <%if @employee.role != "administrator"%> - diff --git a/config/locales/en.yml b/config/locales/en.yml index 36cf661c..31781d4f 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -112,6 +112,7 @@ en: del: "DEL" clr: "CLR" assign: "ASSIGN" + change_app_token: "Change App Token" print_order_summary: "Print Order Summary" memeber_card: "Member Card" @@ -678,6 +679,8 @@ en: edit_btn_txt: "to edit " delete_btn_txt: "to delete " update_btn_txt: "to update " + employee_app_id: "App ID" + employee_app_token: "App Token" helpers: page_entries_info: diff --git a/config/routes.rb b/config/routes.rb index cdb0901d..b9f592d8 100755 --- a/config/routes.rb +++ b/config/routes.rb @@ -432,7 +432,9 @@ scope "(:locale)", locale: /en|mm/ do resources :display_images end #employees - resources :employees + resources :employees + get '/:id/change_app_token' => 'employees#change_app_token', as: 'change_app_token' + #menu resources :menus do collection do diff --git a/db/migrate/20200114053707_add_app_id_and_auth_token_to_employees.rb b/db/migrate/20200114053707_add_app_id_and_auth_token_to_employees.rb new file mode 100644 index 00000000..a76b895e --- /dev/null +++ b/db/migrate/20200114053707_add_app_id_and_auth_token_to_employees.rb @@ -0,0 +1,9 @@ +class AddAppIdAndAuthTokenToEmployees < ActiveRecord::Migration[5.1] + def change + add_column :employees, :app_id, :string, unique: true + add_column :employees, :auth_token, :string, unique: true + + add_index :employees, :app_id + add_index :employees, :auth_token + end +end diff --git a/db/migrate/20200114103715_change_column_auth_token_to_app_token.rb b/db/migrate/20200114103715_change_column_auth_token_to_app_token.rb new file mode 100644 index 00000000..92a20d72 --- /dev/null +++ b/db/migrate/20200114103715_change_column_auth_token_to_app_token.rb @@ -0,0 +1,5 @@ +class ChangeColumnAuthTokenToAppToken < ActiveRecord::Migration[5.1] + def change + rename_column :employees, :auth_token, :app_token + end +end