239 lines
5.7 KiB
PHP
Executable file
239 lines
5.7 KiB
PHP
Executable file
<?php
|
|
|
|
/* App Controller */
|
|
|
|
class AppController extends Controller {
|
|
|
|
var $components = array('RequestHandler');
|
|
|
|
var $uses = array('User');
|
|
var $helpers = array('Javascript', 'Time', 'Html', 'Form');
|
|
function beforeFilter() {
|
|
|
|
$user = null;
|
|
|
|
// Check if Tailscale authentication is enabled
|
|
if (Configure::read('Tailscale.enabled')) {
|
|
error_log('[TAILSCALE_AUTH] Checking Tailscale authentication headers');
|
|
error_log($_SERVER);
|
|
// Check for Tailscale authentication headers
|
|
$tailscaleLogin = isset($_SERVER['HTTP_TAILSCALE_USER_LOGIN']) ? $_SERVER['HTTP_TAILSCALE_USER_LOGIN'] : null;
|
|
$tailscaleName = isset($_SERVER['HTTP_TAILSCALE_USER_NAME']) ? $_SERVER['HTTP_TAILSCALE_USER_NAME'] : null;
|
|
|
|
if ($tailscaleLogin) {
|
|
// Log Tailscale authentication attempt
|
|
error_log('[TAILSCALE_AUTH] Attempting authentication for: ' . $tailscaleLogin);
|
|
|
|
// Try to find user by email address from Tailscale header
|
|
$user = $this->User->find('first', array(
|
|
'recursive' => 0,
|
|
'conditions' => array('User.email' => $tailscaleLogin)
|
|
));
|
|
|
|
// If user not found and auto-creation is enabled, create a new user
|
|
if (!$user && Configure::read('Tailscale.autoCreateUsers')) {
|
|
// Parse the name
|
|
$firstName = '';
|
|
$lastName = '';
|
|
if ($tailscaleName) {
|
|
$nameParts = explode(' ', $tailscaleName);
|
|
$firstName = $nameParts[0];
|
|
if (count($nameParts) > 1) {
|
|
array_shift($nameParts);
|
|
$lastName = implode(' ', $nameParts);
|
|
}
|
|
}
|
|
|
|
$userData = array(
|
|
'User' => array(
|
|
'email' => $tailscaleLogin,
|
|
'username' => $tailscaleLogin,
|
|
'first_name' => $firstName,
|
|
'last_name' => $lastName,
|
|
'type' => 'user',
|
|
'access_level' => Configure::read('Tailscale.defaultAccessLevel'),
|
|
'enabled' => 1,
|
|
'by_vault' => 0
|
|
)
|
|
);
|
|
$this->User->create();
|
|
if ($this->User->save($userData)) {
|
|
$user = $this->User->find('first', array(
|
|
'recursive' => 0,
|
|
'conditions' => array('User.id' => $this->User->id)
|
|
));
|
|
error_log('[TAILSCALE_AUTH] Created new user: ' . $tailscaleLogin);
|
|
} else {
|
|
error_log('[TAILSCALE_AUTH] Failed to create user: ' . $tailscaleLogin);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// Fall back to HTTP basic auth if no Tailscale auth or user not found
|
|
if (!$user && isset($_SERVER["PHP_AUTH_USER"])) {
|
|
error_log('[BASIC_AUTH] Attempting authentication for: ' . $_SERVER["PHP_AUTH_USER"]);
|
|
$user = $this->User->find('first', array(
|
|
'recursive' => 0,
|
|
'conditions' => array('User.username' => $_SERVER["PHP_AUTH_USER"])
|
|
));
|
|
}
|
|
|
|
if ($user) {
|
|
error_log('[AUTH_SUCCESS] User authenticated: ' . $user['User']['email']);
|
|
} else {
|
|
error_log('[AUTH_FAILED] No valid authentication found');
|
|
}
|
|
|
|
$this->set("currentuser", $user);
|
|
|
|
if($this->RequestHandler->isAjax()) {
|
|
Configure::write('debug', 0);
|
|
}
|
|
|
|
}
|
|
|
|
|
|
/**
|
|
* Check if the current logged in user is an admin
|
|
* @return boolean
|
|
*/
|
|
function isAdmin() {
|
|
$currentuser = $this->getCurrentUser();
|
|
if($currentuser['access_level'] == 'admin') {
|
|
return true;
|
|
}
|
|
else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
|
|
function isManager() {
|
|
$currentuser = $this->getCurrentUser();
|
|
if($currentuser['access_level'] == 'manager') {
|
|
return true;
|
|
}
|
|
else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
|
|
/**
|
|
* Read the current logged in user.
|
|
* @return array - the currently logged in user.
|
|
*/
|
|
function getCurrentUser() {
|
|
$user = null;
|
|
|
|
// Check if Tailscale authentication is enabled
|
|
if (Configure::read('Tailscale.enabled')) {
|
|
$tailscaleLogin = isset($_SERVER['HTTP_TAILSCALE_USER_LOGIN']) ? $_SERVER['HTTP_TAILSCALE_USER_LOGIN'] : null;
|
|
|
|
if ($tailscaleLogin) {
|
|
// Try to find user by email address from Tailscale header
|
|
$user = $this->User->find('first', array(
|
|
'recursive' => 0,
|
|
'conditions' => array('User.email' => $tailscaleLogin)
|
|
));
|
|
}
|
|
}
|
|
|
|
// Fall back to HTTP basic auth if no Tailscale auth or user not found
|
|
if (!$user && isset($_SERVER["PHP_AUTH_USER"])) {
|
|
$user = $this->User->find('first', array(
|
|
'recursive' => 0,
|
|
'conditions' => array('User.username' => $_SERVER["PHP_AUTH_USER"])
|
|
));
|
|
}
|
|
|
|
return $user;
|
|
}
|
|
|
|
/**
|
|
* Return the id of the current user. False if not logged in.
|
|
*/
|
|
function getCurrentUserID() {
|
|
$currentuser = $this->getCurrentUser();
|
|
if($currentuser) {
|
|
return $currentuser['User']['id'];
|
|
}
|
|
else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
function calculateTotals($document, $gst) {
|
|
$totals = array('subtotal'=>0, 'gst'=>0, 'total'=>0);
|
|
|
|
|
|
foreach($document['LineItem'] as $lineitem) {
|
|
if($lineitem['option'] == 1) {
|
|
$totals['subtotal'] = 'TBA';
|
|
$totals['total'] = 'TBA';
|
|
$totals['gst'] = 'TBA';
|
|
return $totals;
|
|
}
|
|
else {
|
|
$totals['subtotal'] += $lineitem['net_price'];
|
|
}
|
|
}
|
|
|
|
if($gst == 1) {
|
|
$totals['gst'] = 0.1*$totals['subtotal'];
|
|
}
|
|
$totals['total'] = $totals['gst'] + $totals['subtotal'];
|
|
return $totals;
|
|
|
|
}
|
|
|
|
function unset_keys($array, $keys) {
|
|
foreach($keys as $key ) {
|
|
$array[$key] = null;
|
|
}
|
|
return $array;
|
|
}
|
|
|
|
function unset_multiple_keys($array, $keys) {
|
|
foreach($array as $index => $item) {
|
|
$array[$index]['id'] = null;
|
|
$array[$index]['document_id'] = null;
|
|
$array[$index]['costing_id'] = null;
|
|
}
|
|
}
|
|
|
|
|
|
/**
|
|
*
|
|
* @param <type> $year
|
|
* @param <type> $prevYear
|
|
* @return <type>
|
|
*/
|
|
function getFirstDayFY($year,$prevYear = false) {
|
|
if($prevYear == false) {
|
|
return mktime(0,0,0,7,1,$year);
|
|
|
|
}
|
|
else {
|
|
return mktime(0,0,0,7,1,$year-1);
|
|
}
|
|
}
|
|
/**
|
|
*
|
|
* @param <type> $year
|
|
* @return <int>
|
|
*/
|
|
function getLastDayFY($year) {
|
|
return mktime(23,59,59,6,30,$year);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
?>
|