PatAlcala9/ocbo-esign
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ocbo-esign/backend/main.go

638 lines
21 KiB
Go
Raw Blame History

package main
import (
"database/sql"
"net/http"
// "crypto/rand"
// "crypto/rsa"
// "crypto/x509"
// "encoding/base64"
// "encoding/pem"
// "errors"
// "os"
"github.com/gin-contrib/cors"
"github.com/gin-gonic/gin"
_ "github.com/go-sql-driver/mysql"
)
// DEV
var connection string = "root:superuser@tcp(localhost:3306)/iips"
// SERVER
// var connection string = "iips:iipsuser@tcp(192.168.7.100:3306)/iips"
func main() {
connect()
}
func connect() {
db, err := sql.Open("mysql", connection)
if err != nil {
panic(err)
}
defer db.Close()
router := gin.Default()
// router.Use(cors.Default())
//DEV
router.Use(cors.New(cors.Config{
AllowOrigins: []string{"http://localhost:5173"},
AllowMethods: []string{"GET", "POST"},
AllowHeaders: []string{"Origin", "OCBO-ShieldConnection"},
ExposeHeaders: []string{"Content-Length"},
AllowCredentials: true,
}))
//SERVER
// router.Use(cors.New(cors.Config{
// AllowOrigins: []string{"http://192.168.7.160:8080/inquiry"},
// AllowMethods: []string{"GET"},
// AllowHeaders: []string{"Origin", "OCBO-ShieldConnection"},
// ExposeHeaders: []string{"Content-Length"},
// AllowCredentials: true,
// }))
router.StaticFile("/", "static/index.html")
// shield := "inquiry"
router.GET("/api/:method", func(c *gin.Context) {
var result string
method := c.Param("method")
c.Writer.Header().Set("X-XSS-Protection", "1; mode=block")
c.Writer.Header().Set("X-Content-Type-Options", "nosniff")
c.Writer.Header().Set("X-DNS-Prefetch-Control", "off")
c.Writer.Header().Set("X-Frame-Options", "DENY")
c.Writer.Header().Set("X-Download-Options", "noopen")
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
c.Writer.Header().Set("Server", "Batman")
switch method {
case "test":
err = db.QueryRow("SELECT IFNULL(employeename, '') FROM employee WHERE uname = ?", "TEST").Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.String(http.StatusOK, "Connection is OK")
case "check-connection":
err = db.QueryRow("SELECT 1 AS result").Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": "Connection is OK",
})
case "get-listopapproval-electrical":
array := []string{}
results, err := db.Query("SELECT DISTINCT IFNULL(electricalid, 0) AS result FROM electricaldocflowtxn WHERE remarks = ?", "FOR ELECTRICAL ORDER OF PAYMENT APPROVAL")
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
for results.Next() {
err = results.Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
array = append(array, result)
}
c.JSON(http.StatusOK, gin.H{
"result": array,
})
case "get-list-assessors":
array := []string{}
results, err := db.Query("SELECT IFNULL(employeename, '') AS result FROM employee WHERE is_assessment = ? AND is_delete = ? AND NOT (employeename LIKE ? OR employeename LIKE ? OR employeename LIKE ?) AND employeeid NOT IN (?, ?, ?, ?, ?, ?, ?, ?, ?)", 1, 0, "%OFFICE%", "%TEST%", "%SAMPLE%", 55, 68, 120, 136, 103, 233, 235, 243, 310)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
for results.Next() {
err = results.Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
array = append(array, result)
}
c.JSON(http.StatusOK, gin.H{
"result": array,
})
case "get-list-approvers":
var result2 string
array := []string{}
array2 := []string{}
results, err := db.Query("SELECT IFNULL(employeeid, '') AS result, IFNULL(employeename, '') AS result2 FROM employee WHERE is_finalapprover = ? AND is_delete = ? AND NOT (employeename LIKE ? OR employeename LIKE ? OR employeename LIKE ? OR employeename LIKE ? OR employeename LIKE ?) AND employeeid NOT IN (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", 1, 0, "%OFFICE%", "%TEST%", "%SAMPLE%", "%BUILDING%", "%OCCUPANCY%", 124, 141, 178, 14, 77, 82, 83, 129, 137, 144, 169, 233, 247, 267, 282)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
for results.Next() {
err = results.Scan(&result, &result2)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
array = append(array, result)
array2 = append(array2, result2)
}
c.JSON(http.StatusOK, gin.H{
"result": array,
"result2": array2,
})
case "get-list-registered":
array := []string{}
results, err := db.Query("SELECT IFNULL(employeeid, 0) AS result FROM esign WHERE employeeid <> ?", 276)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
for results.Next() {
err = results.Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
array = append(array, result)
}
c.JSON(http.StatusOK, gin.H{
"result": array,
})
case "get-listopapproval-electrical2":
var status string
array := []string{}
results, err := db.Query("SELECT DISTINCT IFNULL(electricalid, 0) AS result FROM electricaldocflowtxn WHERE remarks = ? LIMIT 20", "FOR ELECTRICAL ORDER OF PAYMENT APPROVAL")
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
for results.Next() {
var result string
err = results.Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
err = db.QueryRow("SELECT IFNULL(remarks, '') AS status FROM electricaldocflowtxn WHERE electricaldocflowtxnid = (SELECT MAX(electricaldocflowtxnid) FROM electricaldocflowtxn WHERE electricalid = ?)", result).Scan(&status)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
return
}
if status == "FOR ELECTRICAL ORDER OF PAYMENT APPROVAL" {
array = append(array, result)
}
}
c.JSON(http.StatusOK, gin.H{
"result": array,
})
}
})
router.GET("/api/:method/:data", func(c *gin.Context) {
var result string
method := c.Param("method")
data := c.Param("data")
c.Writer.Header().Set("X-XSS-Protection", "1; mode=block")
c.Writer.Header().Set("X-Content-Type-Options", "nosniff")
c.Writer.Header().Set("X-DNS-Prefetch-Control", "off")
c.Writer.Header().Set("X-Frame-Options", "DENY")
c.Writer.Header().Set("X-Download-Options", "noopen")
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
switch method {
case "check-building":
err = db.QueryRow("SELECT IFNULL(COUNT(receivingid), 0) AS result FROM receiving WHERE applicationNo = ?", data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "check-occupancy":
err = db.QueryRow("SELECT IFNULL(COUNT(occupancyid), 0) AS result FROM occupancy WHERE controlNo = ?", data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "check-signage":
err = db.QueryRow("SELECT IFNULL(COUNT(signageid), 0) AS result FROM signage WHERE signApplicationNo = ?", data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "check-electrical":
err = db.QueryRow("SELECT IFNULL(COUNT(electricalid), 0) AS result FROM electrical WHERE electricalNo = ?", data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "check-mechanical":
err = db.QueryRow("SELECT IFNULL(COUNT(mechanicalid), 0) AS result FROM mechanical WHERE mechApplicationNo = ?", data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "get-owner-building":
var result2, result3, result4, result5, result6 string
err = db.QueryRow("SELECT IFNULL(c.firstName, '') AS result, IFNULL(c.middleInitial, '') AS result2, IFNULL(c.lastName, '') AS result3, IFNULL(rp.block, '') AS result4, IFNULL(rp.lot, '') AS result5, IFNULL(rp.address, '') AS result6 FROM customer c, receiving r, receiving_permitnoaddress rp WHERE r.customerid = c.customerid AND r.receivingid = rp.receivingid AND r.applicationNo = ?", data).Scan(&result, &result2, &result3, &result4, &result5, &result6)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
"result2": result2,
"result3": result3,
"result4": result4,
"result5": result5,
"result6": result6,
})
case "get-owner-occupancy":
var result2, result3, result4 string
err = db.QueryRow("SELECT IFNULL(c.firstName, '') AS result, IFNULL(c.middleInitial, '') AS result2, IFNULL(c.lastName, '') AS result3, IFNULL(c.address, '') AS result4 FROM customer c, receiving r, occupancy o WHERE r.customerid = c.customerid AND r.applicationNo = o.bldgApplicationNo AND o.controlNo = ?", data).Scan(&result, &result2, &result3, &result4)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
"result2": result2,
"result3": result3,
"result4": result4,
})
case "get-owner-electrical":
var result2, result3, result4 string
err = db.QueryRow("SELECT IFNULL(c.firstName, '') AS result, IFNULL(c.middleInitial, '') AS result2, IFNULL(c.lastName, '') AS result3, IFNULL(c.address, '') AS result4 FROM customer c, electrical e WHERE e.customerid = c.customerid AND e.electricalNo = ?", data).Scan(&result, &result2, &result3, &result4)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
"result2": result2,
"result3": result3,
"result4": result4,
})
case "get-status-building":
var result2 string
array := []string{}
array2 := []string{}
results, err := db.Query(`SELECT IFNULL(DATE_FORMAT(b.datetransac, '%M %d, %Y'), '') AS result, IFNULL(REPLACE(REPLACE(b.remarks, 'RECEIVING', 'RECEIVED'), 'PERMIT ALREADY RELEASE', 'PERMIT RELEASED'), '') AS result2
FROM docflowtxn b, receiving r WHERE r.receivingid = b.receivingid AND r.applicationNo = ? ORDER BY b.docflowtxnid DESC`, data)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
for results.Next() {
err = results.Scan(&result, &result2)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
array = append(array, result)
array2 = append(array2, result2)
}
c.JSON(http.StatusOK, gin.H{
"result": array,
"result2": array2,
})
case "get-status-occupancy":
var result2 string
array := []string{}
array2 := []string{}
results, err := db.Query(`SELECT IFNULL(DATE_FORMAT(b.txndate, '%M %d, %Y'), '') AS result, IFNULL(REPLACE(b.remarks, 'RECEIVE', 'RECEIVED'), '') AS result2
FROM occupancydocflowtxn b, occupancy o WHERE o.occupancyid = b.occupancyreceivingid AND o.controlNo = ? ORDER BY b.occupancydocflowtxnid DESC`, data)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
for results.Next() {
err = results.Scan(&result, &result2)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
array = append(array, result)
array2 = append(array2, result2)
}
c.JSON(http.StatusOK, gin.H{
"result": array,
"result2": array2,
})
case "get-status-electrical":
var result2 string
array := []string{}
array2 := []string{}
results, err := db.Query(`SELECT IFNULL(DATE_FORMAT(b.txndate, '%M %d, %Y'), '') AS result, IFNULL(b.remarks, '') AS result2
FROM electricaldocflowtxn b, electrical e WHERE e.electricalid = b.electricalid AND e.electricalNo = ? ORDER BY b.electricaldocflowtxnid DESC`, data)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
for results.Next() {
err = results.Scan(&result, &result2)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
array = append(array, result)
array2 = append(array2, result2)
}
c.JSON(http.StatusOK, gin.H{
"result": array,
"result2": array2,
})
case "get-list-clients":
var result2, result3, result4 string
array := []string{}
array2 := []string{}
array3 := []string{}
array4 := []string{}
results, err := db.Query(`SELECT IFNULL(IF(firstName = '', lastName, CONCAT(firstName, ' ', IF(middleInitial = '', lastName, CONCAT(middleInitial, '. ', lastName)))), "") AS result, IFNULL(address, '') AS result2, IFNULL(lastName, "") AS result3, IFNULL(firstName, "") AS result4 FROM customer WHERE (lastName LIKE ? OR firstName LIKE ?)`, "%"+data+"%", "%"+data+"%")
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
for results.Next() {
err = results.Scan(&result, &result2, &result3, &result4)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
array = append(array, result)
array2 = append(array2, result2)
array3 = append(array3, result3)
array4 = append(array4, result4)
}
c.JSON(http.StatusOK, gin.H{
"result": array,
"result2": array2,
"result3": array3,
"result4": array4,
})
case "get-laststatus-building":
err := db.QueryRow(`SELECT IFNULL(remarks, '') AS result FROM docflowtxn WHERE docflowtxnid = (SELECT MAX(docflowtxnid) FROM docflowtxn WHERE receivingid = ?)`, data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
return
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "get-laststatus-occupancy":
err := db.QueryRow(`SELECT IFNULL(remarks, '') AS result FROM occupancydocflowtxn WHERE occupancydocflowtxnid = (SELECT MAX(occupancydocflowtxnid) FROM occupancydocflowtxn WHERE occupancyreceivingid = ?)`, data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "get-laststatus-electrical":
err := db.QueryRow(`SELECT IFNULL(remarks, '') AS result FROM electricaldocflowtxn WHERE electricaldocflowtxnid = (SELECT MAX(electricaldocflowtxnid) FROM electricaldocflowtxn WHERE electricalid = ?)`, data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "get-applicationbyid-building":
err := db.QueryRow(`SELECT IFNULL(applicationNo, '') AS result FROM receiving WHERE receivingid = ?`, data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "get-applicationbyid-occupancy":
err := db.QueryRow(`SELECT IFNULL(controlNo, '') AS result FROM occupancy WHERE occupancyid = ?`, data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "get-applicationbyid-electrical":
err := db.QueryRow(`SELECT IFNULL(electricalNo, '') AS result FROM electrical WHERE electricalid = ?`, data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "get-employeeid":
err := db.QueryRow("SELECT IFNULL(employeeid, 0) AS result FROM employee WHERE employeename = ?", data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "check-registered":
err := db.QueryRow("SELECT IFNULL(esignid, 0) AS result FROM esign WHERE employeeid = ?", data).Scan(&result)
if err != nil {
if err == sql.ErrNoRows {
result = "0"
} else {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "get-password":
err := db.QueryRow("SELECT IFNULL(password, '') AS result FROM esign WHERE employeeid = ?", data).Scan(&result)
if err != nil {
if err == sql.ErrNoRows {
result = "0"
} else {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "get-employeename":
err := db.QueryRow("SELECT IFNULL(employeename, '') AS result FROM employee WHERE employeeid = ?", data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
case "get-opdetails-electrical":
var result2, result3, result4, result5 string
array := []string{}
array2 := []string{}
array3 := []string{}
array4 := []string{}
array5 := []string{}
results, err := db.Query("SELECT IFNULL(assessedbyid, 0) AS result, IFNULL(reviewedbyid, 0) AS result2, IFNULL(ref_bldgcomputationsheetid, 0) AS result3, IFNULL(amount, 0) AS result4, IFNULL(opDate, '') AS result5 FROM electrical_orderofpayment_new WHERE electricalid = ?", data)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
for results.Next() {
err = results.Scan(&result, &result2, &result3, &result4, &result5)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
array = append(array, result)
array2 = append(array2, result2)
array3 = append(array3, result3)
array4 = append(array4, result4)
array5 = append(array5, result5)
}
c.JSON(http.StatusOK, gin.H{
"result": array,
"result2": array2,
"result3": array3,
"result4": array4,
"result5": array5,
})
case "get-paymentname":
err := db.QueryRow("SELECT IFNULL(accountdescription, '') AS result FROM ref_bldgcomputationsheet WHERE ref_bldgcomputationsheetid = ?", data).Scan(&result)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
c.String(http.StatusBadRequest, err.Error())
}
c.JSON(http.StatusOK, gin.H{
"result": result,
})
}
})
router.POST("/api/post-registration", func(c *gin.Context) {
type RegistrationData struct {
Data int `json:"data"`
Data2 string `json:"data2"`
Data3 string `json:"data3"`
Data4 string `json:"data4"`
}
var registrationData RegistrationData
if err := c.ShouldBindJSON(&registrationData); err != nil {
c.String(http.StatusBadRequest, "Invalid request body")
return
}
c.Writer.Header().Set("X-XSS-Protection", "1; mode=block")
c.Writer.Header().Set("X-Content-Type-Options", "nosniff")
c.Writer.Header().Set("X-DNS-Prefetch-Control", "off")
c.Writer.Header().Set("X-Frame-Options", "DENY")
c.Writer.Header().Set("X-Download-Options", "noopen")
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
dbpost, err := db.Prepare("INSERT INTO esign (esignid, employeeid, password, signature, image) VALUES (NULL, ?, ?, ?, ?)")
if err != nil {
panic(err.Error())
}
defer dbpost.Close()
exec, err := dbpost.Exec(registrationData.Data, registrationData.Data2, registrationData.Data3, registrationData.Data4)
if err != nil {
panic(err.Error())
}
affect, err := exec.RowsAffected()
if err != nil {
panic(err.Error())
}
if affect > 0 {
c.String(http.StatusOK, "Success on Registrating e-Sign")
} else {
c.String(http.StatusInternalServerError, "Failed on Registrating e-Sign")
}
})
router.Run(":4320")
}
Reference in a new issue View git blame Copy permalink