ONE PIECE HACKING

Ngiler SH3LL 360
: / home / tbf / membrubackend / app / Http / Controllers / Api /

Information Server
MySQL : OFF Perl : OFF CURL : ON WGET : OFF PKEXEC : OFF

Directive	Local Value
IP Address	89.40.16.97
System	Linux server.atelieruldeit.ro 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64
User	tbf
PHP Version	7.3.33
Software	Apache
Doc root	Writable

Edit File : KeyResultController.php \| Size : 10.74 KB
<?php namespace App\Http\Controllers\Api; use App\Http\Controllers\Controller; use Illuminate\Http\Request; use App\Models\Objective; use App\Models\KeyResult; use App\Models\Instance; use App\Models\NotificationLog; use App\Models\User; use App\Http\Resources\KeyResultCollection; use App\Http\Resources\KeyResultResource; use App\Http\Resources\EditKeyResultResource; use App\Http\Requests\KeyResultFormRequest; use Illuminate\Database\Eloquent\ModelNotFoundException; use Auth; class KeyResultController extends Controller { public function allFromUser(User $user) { $authUser = Auth::user(); // check if the auth user can see key results of private objectives if($authUser->isAdmin()){ $keyResults = $user->key_results()->where('status', KeyResult::STATUS_ACTIVE); }else{ $keyResults = $user->key_results()->where('status', KeyResult::STATUS_ACTIVE)->whereNotIn('objective_id', explode(',', $authUser->private_objective_ids)); } return new KeyResultCollection( $keyResults->orderBy('created_at', 'desc')->get() ); } public function index(Objective $objective) { $authUser = Auth::user(); // check if the auth user can see key results of private objectives if(!$authUser->isAdmin() && isPrivateObjective($objective->id, $authUser)){ return response()->json(['data' => []]); }else{ $keyResults = $objective->key_results; } return new KeyResultCollection( $keyResults->sortByDesc('created_at')->values() ); } public function store(KeyResultFormRequest $request) { $data = $request->validated(); $authUser = Auth::user(); $keyResult = KeyResult::create($data); $objective = $keyResult->objective; // remove for the responsible of this key result, the private objective id from private_objective_ids if($objective->is_private){ removePrivateObjectiveId($keyResult->user, $objective->id); } if($keyResult->user_id != $authUser->id){ assignedToKeyResultMail($keyResult->user, $keyResult); } if($objective->user_id != $authUser->id){ newKeyResultForYourObjectiveMail($keyResult); } NotificationLog::create([ 'username' => $authUser->getFullName(), 'entity_name' => $keyResult->name, 'avatar' => $keyResult->user->avatar, 'objective_slug' => $objective->slug, 'key_result_id' => $keyResult->id, 'type' => NotificationLog::KEY_RESULT_RESPONSIBLE, 'frontend_type' => NotificationLog::FE_KEY_RESULTS, 'responsible_id' => $keyResult->user_id, 'need_link' => 1, 'for_all' => $objective->is_private ? 0 : 1, 'for_auth_user' => $keyResult->user_id != $authUser->id ? 1 : 0, ]); // must be removed after we find the missing scenario updateUserPrivateObjectiveIds($keyResult->instance); return response()->json([ 'status' => 'success', ], 200); } public function show(KeyResult $keyResult) { $authUser = Auth::user(); if(!$authUser->isAdmin() && isPrivateObjective($keyResult->objective_id, $authUser)){ return response()->json(['data' => []]); } return new KeyResultResource( $keyResult ); } public function edit(KeyResult $keyResult) { $authUser = Auth::user(); if(!$authUser->isAdmin() && isPrivateObjective($keyResult->objective_id, $authUser)){ return response()->json(['data' => []]); } return new EditKeyResultResource( $keyResult ); } public function update(KeyResultFormRequest $request, KeyResult $keyResult) { $data = $request->validated(); $authUser = Auth::user(); $userChanged = $data['user_id'] != $keyResult->user_id; $data['status'] = setStatus($keyResult); $objective = Objective::findOrFail($data['objective_id']); // update users objective_private_ids if the objective is private and the user changed if($objective->is_private && $userChanged){ $objectiveId = $objective->id; // for old responsible user add this objective id to it`s objective_private_ids $oldRespUser = $keyResult->user; if($oldRespUser){ // check if the user still has assigned key results to this objective $hasKeyResults = $oldRespUser->key_results()->where([['objective_id', $objectiveId], ['id', '!=', $keyResult->id]])->count(); if(!$hasKeyResults && !checkManagerAccess($objective->master_goal_id, $oldRespUser)){ setPrivateObjectiveId($oldRespUser, $objectiveId); } } // for new responsible user remove this objective id from it`s objective_private_ids $newRespUser = User::findOrFail($data['user_id']); removePrivateObjectiveId($newRespUser, $objectiveId); } // recalculate key result precent if the target is changed $lastKeyResultLog = $keyResult->lastKeyResultLog(); if($lastKeyResultLog){ $data['percent'] = calculateKeyResultPercentage($lastKeyResultLog->value, $keyResult); } $keyResult->update($data); $modifiedColumns = modifiedColumns($keyResult); if($modifiedColumns){ NotificationLog::create([ 'username' => Auth::user()->getFullName(), 'entity_name' => $keyResult->name, 'avatar' => $keyResult->user->avatar, 'key_result_id' => $keyResult->id, 'objective_slug' => $objective->slug, 'type' => NotificationLog::KEY_RESULT_MODIFIED, 'frontend_type' => NotificationLog::FE_KEY_RESULTS, 'responsible_id' => $keyResult->user_id, 'need_link' => 1, 'modified_columns' => $modifiedColumns, 'for_all' => $objective->is_private ? 0 : 1, 'for_auth_user' => $keyResult->user_id != $authUser->id ? 1 : 0, ]); } if($userChanged){ if($keyResult->user_id != $authUser->id){ assignedToKeyResultMail($keyResult->user, $keyResult); } NotificationLog::create([ 'username' => Auth::user()->getFullName(), 'entity_name' => $keyResult->name, 'avatar' => $keyResult->user->avatar, 'key_result_id' => $keyResult->id, 'objective_slug' => $objective->slug, 'type' => NotificationLog::KEY_RESULT_NEW_RESPONSIBLE, 'frontend_type' => NotificationLog::FE_KEY_RESULTS, 'need_link' => 1, 'responsible_id' => $keyResult->user_id, 'for_all' => $objective->is_private ? 0 : 1, 'for_auth_user' => $keyResult->user_id != $authUser->id ? 1 : 0, ]); } // must be removed after we find the missing scenario updateUserPrivateObjectiveIds($keyResult->instance); return response()->json([ 'status' => 'success' ], 200); } public function destroy(KeyResult $keyResult) { $objective = $keyResult->objective; // delete users objective_private_ids $respUser = $keyResult->user; if($objective->is_private && $respUser){ // check if the user still has assigned key results to this objective $hasKeyResults = $respUser->key_results()->where([['objective_id', $objective->id], ['id', '!=', $keyResult->id]])->count(); if(!$hasKeyResults && !checkManagerAccess($objective->master_goal_id, $respUser)){ setPrivateObjectiveId($respUser, $objective->id); } } if($respUser){ NotificationLog::create([ 'username' => Auth::user()->getFullName(), 'entity_name' => $keyResult->name, 'avatar' => $keyResult->user->avatar, 'key_result_id' => $keyResult->id, 'objective_slug' => $objective->slug, 'type' => NotificationLog::KEY_RESULT_DELETED, 'frontend_type' => NotificationLog::FE_KEY_RESULTS, 'responsible_id' => $keyResult->user_id, 'for_all' => $objective->is_private ? 0 : 1, 'for_auth_user' => $keyResult->user_id != Auth::user()->id ? 1 : 0, ]); } $keyResult->delete(); // must be removed after we find the missing scenario updateUserPrivateObjectiveIds($objective->instance); return response()->json([ 'status' => 'success' ], 200); } public function statusList() { return response()->json([ 'status' => 'success', 'data' => KeyResult::getStatusList(), ], 200); } public function progressTypeList() { $instance = Auth::user()->instance; $defaultUnities = [ [ 'label' => __('general.unities.€'), 'value' => '€'], [ 'label' => __('general.unities.$'), 'value' => '$'], [ 'label' => __('general.unities.RON'), 'value' => 'RON'], [ 'label' => __('general.unities.Ore'), 'value' => 'Ore'], [ 'label' => __('general.unities.Minute'), 'value' => 'Minute'], [ 'label' => __('general.unities.%'), 'value' => '%'] ]; $defaultValues = data_get($defaultUnities, '*.value'); $dynamicUnities = $instance->key_results->pluck('unity')->unique()->map(function ($unity) use ($defaultValues) { if(!in_array($unity, $defaultValues)){ return [ 'label' => $unity, 'value' => $unity]; } })->filter()->toArray(); return response()->json([ 'status' => 'success', 'data' => [ 'progress_type' => KeyResult::getProgressTypeList(), 'unities' => array_merge($defaultUnities, $dynamicUnities), ], ], 200); } public function publicKeyResult($keyResultUuid) { $keyResult = KeyResult::where('uuid', $keyResultUuid)->first(); // check if the entity is available for public if($keyResult){ return new EditKeyResultResource( $keyResult ); }else{ throw (new ModelNotFoundException); } } public function updateStatus(Request $request, KeyResult $keyResult) { $keyResult->update(['status' => $request->status]); return response()->json([ 'status' => 'success' ], 200); } } Back

Edit File : KeyResultController.php | Size : 10.74 KB

<?php

namespace App\Http\Controllers\Api;

use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Models\Objective;
use App\Models\KeyResult;
use App\Models\Instance;
use App\Models\NotificationLog;
use App\Models\User;
use App\Http\Resources\KeyResultCollection;
use App\Http\Resources\KeyResultResource;
use App\Http\Resources\EditKeyResultResource;
use App\Http\Requests\KeyResultFormRequest;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Auth;

class KeyResultController extends Controller
{
    public function allFromUser(User $user) {
        $authUser = Auth::user();

// check if the auth user can see key results of private objectives
        if($authUser->isAdmin()){
            $keyResults = $user->key_results()->where('status', KeyResult::STATUS_ACTIVE);
        }else{
            $keyResults = $user->key_results()->where('status', KeyResult::STATUS_ACTIVE)->whereNotIn('objective_id', explode(',', $authUser->private_objective_ids));
        }

return new KeyResultCollection(
            $keyResults->orderBy('created_at', 'desc')->get()
        );
    }

public function index(Objective $objective) {
        $authUser = Auth::user();

// check if the auth user can see key results of private objectives
        if(!$authUser->isAdmin() && isPrivateObjective($objective->id, $authUser)){
            return response()->json(['data' => []]);
        }else{
            $keyResults = $objective->key_results;
        }

return new KeyResultCollection(
            $keyResults->sortByDesc('created_at')->values()
        );
    }

public function store(KeyResultFormRequest $request) {
        $data = $request->validated();
        $authUser = Auth::user();

$keyResult = KeyResult::create($data);

$objective = $keyResult->objective;
        // remove for the responsible of this key result, the private objective id from private_objective_ids
        if($objective->is_private){
            removePrivateObjectiveId($keyResult->user, $objective->id);
        }

if($keyResult->user_id != $authUser->id){
            assignedToKeyResultMail($keyResult->user, $keyResult);
        }
        
        if($objective->user_id != $authUser->id){
            newKeyResultForYourObjectiveMail($keyResult); 
        }

NotificationLog::create([
            'username' => $authUser->getFullName(),
            'entity_name' => $keyResult->name,
            'avatar' => $keyResult->user->avatar,
            'objective_slug' => $objective->slug,
            'key_result_id' => $keyResult->id,
            'type' => NotificationLog::KEY_RESULT_RESPONSIBLE,
            'frontend_type' => NotificationLog::FE_KEY_RESULTS,
            'responsible_id' => $keyResult->user_id,
            'need_link' => 1,
            'for_all' => $objective->is_private ? 0 : 1,
            'for_auth_user' => $keyResult->user_id != $authUser->id ? 1 : 0,
        ]);

// must be removed after we find the missing scenario
        updateUserPrivateObjectiveIds($keyResult->instance);

return response()->json([
            'status'    => 'success',
        ], 200);
    }

public function show(KeyResult $keyResult) {
        $authUser = Auth::user();

if(!$authUser->isAdmin() && isPrivateObjective($keyResult->objective_id, $authUser)){
            return response()->json(['data' => []]);
        }

return new KeyResultResource(
            $keyResult
        );
    }

public function edit(KeyResult $keyResult) {
        $authUser = Auth::user();

if(!$authUser->isAdmin() && isPrivateObjective($keyResult->objective_id, $authUser)){
            return response()->json(['data' => []]);
        }
        
        return new EditKeyResultResource(
            $keyResult
        );
    }

public function update(KeyResultFormRequest $request, KeyResult $keyResult) {
        $data = $request->validated();
        $authUser = Auth::user();
        $userChanged = $data['user_id'] != $keyResult->user_id;
        $data['status'] = setStatus($keyResult);
        $objective = Objective::findOrFail($data['objective_id']);

// update users objective_private_ids if the objective is private and the user changed
        if($objective->is_private && $userChanged){
            $objectiveId = $objective->id;

// for old responsible user add this objective id to it`s objective_private_ids
            $oldRespUser = $keyResult->user;
            if($oldRespUser){
                // check if the user still has assigned key results to this objective
                $hasKeyResults = $oldRespUser->key_results()->where([['objective_id', $objectiveId], ['id', '!=', $keyResult->id]])->count();
                if(!$hasKeyResults && !checkManagerAccess($objective->master_goal_id, $oldRespUser)){
                    setPrivateObjectiveId($oldRespUser, $objectiveId);
                }
            }

// for new responsible user remove this objective id from it`s objective_private_ids
            $newRespUser = User::findOrFail($data['user_id']);
            removePrivateObjectiveId($newRespUser, $objectiveId);
        }

// recalculate key result precent if the target is changed
        $lastKeyResultLog = $keyResult->lastKeyResultLog();
        if($lastKeyResultLog){
            $data['percent'] = calculateKeyResultPercentage($lastKeyResultLog->value, $keyResult);
        }

$keyResult->update($data);

$modifiedColumns = modifiedColumns($keyResult);
        if($modifiedColumns){
            NotificationLog::create([
                'username' => Auth::user()->getFullName(),
                'entity_name' => $keyResult->name,
                'avatar' => $keyResult->user->avatar,
                'key_result_id' => $keyResult->id,
                'objective_slug' => $objective->slug,
                'type' => NotificationLog::KEY_RESULT_MODIFIED,
                'frontend_type' => NotificationLog::FE_KEY_RESULTS,
                'responsible_id' => $keyResult->user_id,
                'need_link' => 1,
                'modified_columns' => $modifiedColumns,
                'for_all' => $objective->is_private ? 0 : 1,
                'for_auth_user' => $keyResult->user_id != $authUser->id ? 1 : 0,
            ]);
        }

if($userChanged){
            if($keyResult->user_id != $authUser->id){
                assignedToKeyResultMail($keyResult->user, $keyResult);
            }

NotificationLog::create([
                'username' => Auth::user()->getFullName(),
                'entity_name' => $keyResult->name,
                'avatar' => $keyResult->user->avatar,
                'key_result_id' => $keyResult->id,
                'objective_slug' => $objective->slug,
                'type' => NotificationLog::KEY_RESULT_NEW_RESPONSIBLE,
                'frontend_type' => NotificationLog::FE_KEY_RESULTS,
                'need_link' => 1,
                'responsible_id' => $keyResult->user_id,
                'for_all' => $objective->is_private ? 0 : 1,
                'for_auth_user' => $keyResult->user_id != $authUser->id ? 1 : 0,
            ]);
        }

// must be removed after we find the missing scenario
        updateUserPrivateObjectiveIds($keyResult->instance);

return response()->json([
            'status' => 'success'
        ], 200);
    }

public function destroy(KeyResult $keyResult) {
        $objective = $keyResult->objective;
        // delete users objective_private_ids
        $respUser = $keyResult->user;
        if($objective->is_private && $respUser){
            // check if the user still has assigned key results to this objective
            $hasKeyResults = $respUser->key_results()->where([['objective_id', $objective->id], ['id', '!=', $keyResult->id]])->count();
            if(!$hasKeyResults && !checkManagerAccess($objective->master_goal_id, $respUser)){
                setPrivateObjectiveId($respUser, $objective->id);
            }
        }

if($respUser){
            NotificationLog::create([
                'username' => Auth::user()->getFullName(),
                'entity_name' => $keyResult->name,
                'avatar' => $keyResult->user->avatar,
                'key_result_id' => $keyResult->id,
                'objective_slug' => $objective->slug,
                'type' => NotificationLog::KEY_RESULT_DELETED,
                'frontend_type' => NotificationLog::FE_KEY_RESULTS,
                'responsible_id' => $keyResult->user_id,
                'for_all' => $objective->is_private ? 0 : 1,
                'for_auth_user' => $keyResult->user_id != Auth::user()->id ? 1 : 0,
            ]);
        }
        
        $keyResult->delete();

// must be removed after we find the missing scenario
        updateUserPrivateObjectiveIds($objective->instance);

return response()->json([
            'status' => 'success'
        ], 200);
    }

public function statusList() {
        return response()->json([
            'status'    => 'success',
            'data'      => KeyResult::getStatusList(),
        ], 200);
    }

public function progressTypeList() {
        $instance = Auth::user()->instance;

$defaultUnities = [
            [ 'label' => __('general.unities.€'), 'value' => '€'],
            [ 'label' => __('general.unities.$'), 'value' => '$'],
            [ 'label' => __('general.unities.RON'), 'value' => 'RON'],
            [ 'label' => __('general.unities.Ore'), 'value' => 'Ore'],
            [ 'label' => __('general.unities.Minute'), 'value' => 'Minute'],
            [ 'label' => __('general.unities.%'), 'value' => '%']
        ];
        
        $defaultValues = data_get($defaultUnities, '*.value');
        $dynamicUnities = $instance->key_results->pluck('unity')->unique()->map(function ($unity) use ($defaultValues) {
            if(!in_array($unity, $defaultValues)){
                return [ 'label' => $unity, 'value' => $unity];
            }
        })->filter()->toArray();

return response()->json([
            'status'    => 'success',
            'data'      => [
                'progress_type' => KeyResult::getProgressTypeList(),
                'unities'       => array_merge($defaultUnities, $dynamicUnities),
            ],
        ], 200);
    }

public function publicKeyResult($keyResultUuid) {
        $keyResult = KeyResult::where('uuid', $keyResultUuid)->first();
        // check if the entity is available for public
        if($keyResult){
            return new EditKeyResultResource(
                $keyResult
            );
        }else{
            throw (new ModelNotFoundException);
        }
    }

public function updateStatus(Request $request, KeyResult $keyResult) {
        $keyResult->update(['status' => $request->status]);

return response()->json([
            'status' => 'success'
        ], 200);
    }

}

Back