diff --git a/backend/main.go b/backend/main.go index 29fac77..236efea 100644 --- a/backend/main.go +++ b/backend/main.go @@ -31,7 +31,7 @@ func getCORSConfig(env string) cors.Config { case "dev": return cors.Config{ AllowOrigins: []string{"http://localhost:5173"}, - AllowMethods: []string{"GET", "POST", "OPTIONS"}, + AllowMethods: []string{"GET", "POST", "OPTIONS", "DELETE"}, AllowHeaders: []string{"Origin", "OCBO-Token", "Content-Length", "Content-Type", "X-Server"}, ExposeHeaders: []string{"Content-Length"}, AllowCredentials: true, @@ -39,7 +39,7 @@ func getCORSConfig(env string) cors.Config { case "prod": return cors.Config{ AllowOrigins: []string{"https://ocboapps.davaocity.gov.ph", "https://esign.patalcala.com"}, - AllowMethods: []string{"GET", "POST", "OPTIONS"}, + AllowMethods: []string{"GET", "POST", "OPTIONS", "DELETE"}, // AllowHeaders: []string{"Origin", "OCBO-Token", "Content-Length", "Content-Type", "X-Server", "Authorization"}, AllowHeaders: []string{"*"}, ExposeHeaders: []string{"Content-Length"}, @@ -1419,7 +1419,7 @@ func connect() { "result": result, }) - case "get-totalamount-electrical": + case "get-totalamount-electrical": err := db.QueryRow(`SELECT IFNULL(SUM(amount), 0) AS result FROM electrical_orderofpayment_new WHERE electricalid = (SELECT electricalid FROM electrical WHERE electricalNo = ?)`, data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) @@ -1430,8 +1430,19 @@ func connect() { "result": result, }) - case "check-popsrecord": - err := dbpop.QueryRow("SELECT COUNT(OrderPayId) AS result FROM orderpaydetail WHERE oprefid = ?" , data).Scan(&result) + case "check-popsrecord": + err := dbpop.QueryRow("SELECT COUNT(OrderPayId) AS result FROM orderpaydetail WHERE oprefid = ?", data).Scan(&result) + if err != nil { + c.AbortWithError(http.StatusBadRequest, err) + c.String(http.StatusBadRequest, err.Error()) + return + } + c.JSON(http.StatusOK, gin.H{ + "result": result, + }) + + case "get-opdata-electrical": + err := db.QueryRow(`SELECT IFNULL(CONCAT(electricalid, '-', assessedbyid, '-', reviewedbyid, '-', SUM(ref_bldgcomputationsheetid), '-', SUM(amount)),'') AS result FROM electrical_orderofpayment_new WHERE electricalid = (SELECT electricalid FROM electrical WHERE electricalNo = ?)`, data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) @@ -2265,5 +2276,221 @@ func connect() { }) + router.POST("/api/save-lockdata", middleware.TokenChecker(), func(c *gin.Context) { + type saveLockData struct { + Data string `json:"data"` //referenceNo + Data2 string `json:"data2"` //lock_data + } + var savelockData saveLockData + if err := c.ShouldBindJSON(&savelockData); err != nil { + c.String(http.StatusBadRequest, "Invalid request body") + return + } + + c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") + c.Writer.Header().Set("X-Content-Type-Options", "nosniff") + c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") + c.Writer.Header().Set("X-Frame-Options", "DENY") + c.Writer.Header().Set("X-Download-Options", "noopen") + c.Writer.Header().Set("Referrer-Policy", "no-referrer") + c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';") + c.Writer.Header().Set("X-Server", "OCBO Server") + + dbpost, err := db.Prepare("INSERT INTO esign_lock (esign_lockid, referenceNo, lock_code) VALUES (NULL, ?, ?)") + if err != nil { + c.AbortWithError(http.StatusInternalServerError, err) + c.String(http.StatusInternalServerError, "Internal Server Error") + return + } + defer dbpost.Close() + + exec, err := dbpost.Exec(savelockData.Data, savelockData.Data2) + if err != nil { + panic(err.Error()) + } + + affect, err := exec.RowsAffected() + if err != nil { + panic(err.Error()) + } + + if affect > 0 { + c.String(http.StatusOK, "Success on Saving Lock Data") + } else { + c.String(http.StatusInternalServerError, "Failed on Saving Lock Data") + } + }) + + router.DELETE("/api/delete-orderofpayment-electrical", middleware.TokenChecker(), func(c *gin.Context) { + type DeleteOP struct { + Data int `json:"data"` + } + var deleteOp DeleteOP + if err := c.ShouldBindJSON(&deleteOp); err != nil { + c.String(http.StatusBadRequest, "Invalid request body") + return + } + + c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") + c.Writer.Header().Set("X-Content-Type-Options", "nosniff") + c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") + c.Writer.Header().Set("X-Frame-Options", "DENY") + c.Writer.Header().Set("X-Download-Options", "noopen") + c.Writer.Header().Set("Referrer-Policy", "no-referrer") + c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';") + c.Writer.Header().Set("X-Server", "OCBO Server") + + var isPaid int + checkErr := db.QueryRow("SELECT is_paid FROM electrical_orderofpayment_new WHERE electricalid = ?", deleteOp.Data).Scan(&isPaid) + if checkErr != nil { + c.AbortWithError(http.StatusInternalServerError, checkErr) + c.String(http.StatusInternalServerError, "Internal Server Error") + return + } + + if isPaid == 1 { + c.String(http.StatusBadRequest, "Order of Payment has Already been Paid") + return + } + + dbpost, err := db.Prepare("DELETE FROM electrical_orderofpayment_new WHERE electricalid = ? AND is_paid = 0") + if err != nil { + c.AbortWithError(http.StatusInternalServerError, err) + c.String(http.StatusInternalServerError, "Internal Server Error") + return + } + defer dbpost.Close() + + exec, err := dbpost.Exec(deleteOp.Data) + if err != nil { + panic(err.Error()) + } + + affect, err := exec.RowsAffected() + if err != nil { + panic(err.Error()) + } + + if affect > 0 { + c.String(http.StatusOK, "Success on Deleting Order of Payment") + } else { + c.String(http.StatusInternalServerError, "Failed on Deleting Order of Payment") + } + }) + + router.DELETE("/api/delete-orderofpayment-occupancy", middleware.TokenChecker(), func(c *gin.Context) { + type DeleteOP struct { + Data int `json:"data"` + } + var deleteOp DeleteOP + if err := c.ShouldBindJSON(&deleteOp); err != nil { + c.String(http.StatusBadRequest, "Invalid request body") + return + } + + c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") + c.Writer.Header().Set("X-Content-Type-Options", "nosniff") + c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") + c.Writer.Header().Set("X-Frame-Options", "DENY") + c.Writer.Header().Set("X-Download-Options", "noopen") + c.Writer.Header().Set("Referrer-Policy", "no-referrer") + c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';") + c.Writer.Header().Set("X-Server", "OCBO Server") + + var isPaid int + checkErr := db.QueryRow("SELECT is_paid FROM occupancy_orderofpayment WHERE occupancyid = ?", deleteOp.Data).Scan(&isPaid) + if checkErr != nil { + c.AbortWithError(http.StatusInternalServerError, checkErr) + c.String(http.StatusInternalServerError, "Internal Server Error") + return + } + + if isPaid == 1 { + c.String(http.StatusBadRequest, "Order of Payment has Already been Paid") + return + } + + dbpost, err := db.Prepare("DELETE FROM occupancy_orderofpayment WHERE occupancyid = ? AND is_paid = 0") + if err != nil { + c.AbortWithError(http.StatusInternalServerError, err) + c.String(http.StatusInternalServerError, "Internal Server Error") + return + } + defer dbpost.Close() + + exec, err := dbpost.Exec(deleteOp.Data) + if err != nil { + panic(err.Error()) + } + + affect, err := exec.RowsAffected() + if err != nil { + panic(err.Error()) + } + + if affect > 0 { + c.String(http.StatusOK, "Success on Deleting Order of Payment") + } else { + c.String(http.StatusInternalServerError, "Failed on Deleting Order of Payment") + } + }) + + router.DELETE("/api/void-op-local", func(c *gin.Context) { + type DeleteOPLocal struct { + Data string `json:"data"` + } + var deleteOpLocal DeleteOPLocal + if err := c.ShouldBindJSON(&deleteOpLocal); err != nil { + c.String(http.StatusBadRequest, "Invalid request body") + return + } + + c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") + c.Writer.Header().Set("X-Content-Type-Options", "nosniff") + c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") + c.Writer.Header().Set("X-Frame-Options", "DENY") + c.Writer.Header().Set("X-Download-Options", "noopen") + c.Writer.Header().Set("Referrer-Policy", "no-referrer") + c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';") + c.Writer.Header().Set("X-Server", "OCBO Server") + + var resultCount int + checkErr := dbpop.QueryRow("SELECT COUNT(AFNum) AS resultCount FROM orderpaydetail WHERE OPRefId = ?", deleteOpLocal.Data).Scan(&resultCount) + if checkErr != nil { + c.AbortWithError(http.StatusInternalServerError, checkErr) + c.String(http.StatusInternalServerError, "Internal Server Error") + return + } + + if resultCount > 0 { + c.String(http.StatusBadRequest, "Error! Payment already exist.") + return + } + + dbpost, err := dbpop.Prepare("DELETE FROM orderpaydetail WHERE OPRefId = ?") + if err != nil { + c.AbortWithError(http.StatusInternalServerError, err) + c.String(http.StatusInternalServerError, "Internal Server Error") + return + } + defer dbpost.Close() + + exec, err := dbpost.Exec(deleteOpLocal.Data) + if err != nil { + panic(err.Error()) + } + + affect, err := exec.RowsAffected() + if err != nil { + panic(err.Error()) + } + + if affect > 0 { + c.String(http.StatusOK, "Success on Deleting POPS Local") + } else { + c.String(http.StatusInternalServerError, "Failed on Deleting POPS Local") + } + }) + router.Run(":4320") } diff --git a/package.json b/package.json index cf9e07f..4cbd703 100644 --- a/package.json +++ b/package.json @@ -12,6 +12,7 @@ "dependencies": { "@fontsource-variable/roboto": "^5.2.10", "@kobalte/core": "^0.13.11", + "@rabbit-company/xchacha20": "^2.3.0", "@solidjs-use/integrations": "^2.3.0", "@solidjs/router": "^0.15.4", "consola": "^3.4.2", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 7eb926f..57b84e2 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -14,6 +14,9 @@ importers: '@kobalte/core': specifier: ^0.13.11 version: 0.13.11(solid-js@1.9.11) + '@rabbit-company/xchacha20': + specifier: ^2.3.0 + version: 2.3.0(typescript@5.8.3) '@solidjs-use/integrations': specifier: ^2.3.0 version: 2.3.0(qrcode@1.5.4)(sortablejs@1.15.6) @@ -814,6 +817,11 @@ packages: resolution: {integrity: sha512-WYa2tUVV5HiArWPB3ydlOc4R2ivq0IDrlqhMi3l7mVsFEXNcTfxYFPIHXHXIh/ca/y/V5N4E1zecyxdIBjYnkQ==} engines: {node: '>= 10.0.0'} + '@rabbit-company/xchacha20@2.3.0': + resolution: {integrity: sha512-d2itZPlgb+Sxpdi9jBMGEfenQQyQwdynxw6pkgoDXth6y236c9NGxi8Y5k12tlE6l0vhzwRcrmfL/DpOIOnSRg==} + peerDependencies: + typescript: ^5.6.2 + '@rollup/pluginutils@5.3.0': resolution: {integrity: sha512-5EdhGZtnu3V88ces7s53hhfK5KSASnJZv8Lulpc04cWO3REESroJXg73DFsOmgbU2BhwV0E20bu2IDZb3VKW4Q==} engines: {node: '>=14.0.0'} @@ -2568,6 +2576,10 @@ snapshots: '@parcel/watcher-win32-x64': 2.5.4 optional: true + '@rabbit-company/xchacha20@2.3.0(typescript@5.8.3)': + dependencies: + typescript: 5.8.3 + '@rollup/pluginutils@5.3.0(rollup@4.52.1)': dependencies: '@types/estree': 1.0.8 diff --git a/src/pages/AssessorPage/Assessor.tsx b/src/pages/AssessorPage/Assessor.tsx index 3ad095d..9c47f6f 100644 --- a/src/pages/AssessorPage/Assessor.tsx +++ b/src/pages/AssessorPage/Assessor.tsx @@ -450,12 +450,12 @@ export default () => { const postTransaction = async (application: string) => { const id = await geteSignId(employeeId()) const today = await getDateTime() - const formatedDate = dayjs(today).format('YYYY-MM-DD HH:mm:ss') + const formattedDate = dayjs(today).format('YYYY-MM-DD HH:mm:ss') await postApi('post-esigntransaction', { data: parseInt(id, 10), data2: application, - data3: formatedDate, + data3: formattedDate, }) } diff --git a/src/pages/MainPage/Main.sass b/src/pages/MainPage/Main.sass index 14ce5d9..e97fdbd 100644 --- a/src/pages/MainPage/Main.sass +++ b/src/pages/MainPage/Main.sass @@ -102,3 +102,14 @@ h1 opacity: 0.6 text-align: center margin: 1rem 0 -0.75rem 0 + +.incomplete + padding: 0.5rem 0 0.5rem 0 + + &__text + padding: 0 0 0.25rem 0 + color: #c85656 + + &__error + color: #c85656 + diff --git a/src/pages/MainPage/Main.tsx b/src/pages/MainPage/Main.tsx index 85f52fb..7216bd6 100644 --- a/src/pages/MainPage/Main.tsx +++ b/src/pages/MainPage/Main.tsx @@ -1,14 +1,13 @@ import { Tabs } from '@kobalte/core/tabs' import { useNavigate } from '@solidjs/router' import dayjs from 'dayjs' -import { FaSolidThumbsUp } from 'solid-icons/fa' +import { FaSolidThumbsUp, FaSolidUserGear } from 'solid-icons/fa' import { FiLogOut } from 'solid-icons/fi' import { VsRefresh } from 'solid-icons/vs' -import { createSignal, onMount, createEffect } from 'solid-js' -import { Box, Button, Clickable, Column, Link, Logo, Modal, ModalButton, Padding, Page, Row, Input } from '../../components/' -import { checkConnection, getApi, getApiMulti, getDateTime, postApi, saveNewName, saveNewPassword, securePassword } from '../../utils/functions' -import { FaSolidUserGear } from 'solid-icons/fa' +import { createEffect, createSignal, onMount } from 'solid-js' import { Show } from 'solid-js/web' +import { Box, Button, Clickable, Column, Input, Link, Logo, Modal, ModalButton, Padding, Page, Row } from '../../components/' +import { checkConnection, deleteApi, getApi, getApiMulti, getDateTime, lockData, postApi, saveNewName, saveNewPassword, securePassword, voidPopsApi } from '../../utils/functions' import './Main.sass' const PESO = import.meta.env.VITE_PESO @@ -131,7 +130,7 @@ export default () => { } const isDetailsComplete = (result: string[], result2: string[], result3: string[], result4: string[], result5: string[], result6: string[]) => { - return result.length > 0 && result2.length > 0 && result3.length > 0 && result4.length > 0 && result5.length > 0 && result6.length > 0 ? false : false + return result.length > 0 && result2.length > 0 && result3.length > 0 && result4.length > 0 && result5.length > 0 && result6.length > 0 ? true : false } const calculateTotal = (list: number[]) => { @@ -139,6 +138,11 @@ export default () => { return total } + // const sample = async () => { + // const data = await lockData('asdasdsadsad') + // console.log(data) + // } + const approveHandler = async (division: string, application: string) => { let signed: boolean = false let forprinting: boolean = false @@ -151,10 +155,12 @@ export default () => { } if (division === 'electrical') { + await voidPopsOp(application) await postPops(division, application) const popsResult = await checkPops(application) + const lockResult = await lockOpData(division, application) - if (popsResult) { + if (popsResult && lockResult) { signed = await setNewStatus(division, 'ELECTRICAL ORDER OF PAYMENT APPROVED AND SIGNED', '170', 'ELECOPAPPROVEDSIGNED', 1) updateDocflow(division, application, 'FOR ELECTRICAL ORDER OF PAYMENT APPROVAL') if (!signed) return @@ -174,17 +180,16 @@ export default () => { setErrorMessage('Error on posting on POPS Server, please try again') return } - } else if (division === 'occupancy') { const additionalResult = await getApi('check-bldgadditional-approval', application) bldgadditional = additionalResult > 0 + await voidPopsOp(application) await postPops(division, application) const popsResult = await checkPops(application) + const lockResult = await lockOpData(division, application) - console.log('popsResult', popsResult) - - if (popsResult) { + if (popsResult && lockResult) { signed = await setNewStatus(division, 'OCCUPANCY ORDER OF PAYMENT APPROVED AND SIGNED', '172', 'OCCOPAPPROVEDSIGNED', 1) updateDocflow(division, application, 'FOR OCCUPANCY RECOMMENDING APPROVAL') if (bldgadditional) { @@ -211,6 +216,54 @@ export default () => { } } + const lockOpData = async (division: string, application: string) => { + const dataToLock = await getApi(`get-opdata-${division}`, application) + const lockedData = await lockData(dataToLock) + const fixedLockedData = lockedData.replace(/\//g, '~') + const saveLockedData = await postApi('save-lockdata', { data: application, data2: fixedLockedData }) + return saveLockedData + } + + const voidPopsOp = async (application: string) => { + const response = await voidPopsApi(application) + if (response.includes('Error')) return false + return true + } + + const returnAssessment = async (division: string, application: string) => { + const id = await getApplicationById(division, application) + setApplicationId(id) + let forassessment + + if (division === 'electrical') { + forassessment = await setNewStatus(division, 'FOR ELECTRICAL ASSESSMENT', '88', 'ELECASSESSMENT', 0) + } else { + forassessment = await setNewStatus(division, 'OCCUPANCY ASSESSMENT', '21', 'OCASSESSMENT', 0) + } + if (!forassessment) return + + if (division === 'electrical') { + updateDocflow(division, application, 'FOR ELECTRICAL ORDER OF PAYMENT APPROVAL') + } else { + updateDocflow(division, application, 'FOR OCCUPANCY RECOMMENDING APPROVAL') + } + + await deleteOrderofPayment(division, id) + await load('all') + } + + const getApplicationById = async (division: string, application: string) => { + const id = await getApi(`get-idbyapplication-${division}`, application) + return parseInt(id) + } + + const deleteOrderofPayment = async (division: string, id: number) => { + const deleteOp = await deleteApi(`delete-orderofpayment-${division}`, { + data: id, + }) + return deleteOp + } + const setNewStatus = async (division: string, status: string, tag: string, tagword: string, approved: number) => { // const today = new Date() const today = await getDateTime() @@ -334,9 +387,9 @@ export default () => { const postTransaction = async () => { const id = await geteSignId() const today = await getDateTime() - const formatedDate = dayjs(today).format('YYYY-MM-DD HH:mm:ss') + const formattedDate = dayjs(today).format('YYYY-MM-DD HH:mm:ss') - await postApi('post-esigntransaction', { data: parseInt(id), data2: approvedApplication(), data3: formatedDate }) + await postApi('post-esigntransaction', { data: parseInt(id), data2: approvedApplication(), data3: formattedDate }) } const updateDocflow = async (division: string, application: string, status: string) => { @@ -375,7 +428,6 @@ export default () => { setConfigError('') encryptNewPassword() } - } else { setConfigError('Invalid Password') setConfigNewEncPassword('') @@ -404,7 +456,7 @@ export default () => { // const saveNewPassword = async (password: string) => { // await postApi('update-password', { // data: parseInt(ID), - // data2: password + // data2: password // }) // } @@ -653,48 +705,76 @@ export default () => { await getopdetails('electrical', item) }} > - - {item} + + + {item} - -
- Name of Applicant: - {nameListElectrical()[index]} -
+ + + +

Signing Error

+ +

Missing Data Detected

+ -
- Location: - {location()} -
- -
- Type: - {type().toUpperCase()} -
- -
- Assessed By: - {assessor()} -
- -
- Date Assessed: - {dateOp().toUpperCase()} -
- -
- Total Fee: - - {PESO} {totalOp()} - -
+
+ + Some required information is missing from the application details + Please return to Assessment to complete the required fields + +
+ + + - Click anywhere to cancel - - + + + {item} + + +
+ Name of Applicant: + {nameListElectrical()[index]} +
+ +
+ Location: + {location()} +
+ +
+ Type: + {type().toUpperCase()} +
+ +
+ Assessed By: + {assessor()} +
+ +
+ Date Assessed: + {dateOp().toUpperCase()} +
+ +
+ Total Fee: + + {PESO} {totalOp()} + +
+ + + +