Basic login and admin panel functionality

code/config/routes.php

@@ -66,6 +66,8 @@
 	$routes->connect('/admin/setup/staff/', ['controller' => 'SetupAdmin', 'action' => 'staff']);
 	$routes->connect('/admin/setup/staff/*', ['controller' => 'SetupAdmin', 'action' => 'staff']);
 
+	$routes->connect('/admin/settings/select/*', ['controller' => 'AdminSettings', 'action' => 'select']);
+
     $routes->connect('/admindata', ['controller' => 'AdminData', 'action' => 'index']);
     //$routes->connect('/admindata/*', ['controller' => 'AdminData']);
 	/**

code/src/Controller/AdminController.php

@@ -3,10 +3,97 @@
 namespace App\Controller;
 
 use Cake\Event\Event;
+use Cake\ORM\TableRegistry;
+use Symfony\Component\Config\Definition\Exception\Exception;
 
 class AdminController extends AppController {
+
 	function beforeFilter(Event $event) {
 		parent::beforeFilter($event);
 		$this->viewBuilder()->layout('admin');
+
+		// Display an error if the user is not logged in
+		if (!($this->loggedIn && $this->admin)) {
+			$this->response->statusCode(403);
+			return $this->response;
+		}
+
+		// Handle selection of the admin control panel
+		if (count($this->adminTheaters) == 0 && !$this->superAdmin) {
+
+			// Do nothing if the user is not a theater admin
+
+		} else if ($this->Cookie->read('ta_theater_admin') == null) {
+
+			// If none set, Set the admin to be viewing the admin panel for their first assigned theater
+			if ($this->superAdmin) {
+				$this->adminTheater = 0;
+			} else {
+				$this->Cookie->write("ta_theater_admin", $this->adminTheaters[0]->theater_id);
+				$this->adminTheater = $this->adminTheaters[0]->theater_id;
+			}
+
+		} else if ($this->Cookie->read('ta_theater_admin') == 0) {
+
+			// Set the user as having selected the super admin console
+			if ($this->superAdmin) {
+				$this->adminTheater = 0;
+			} else {
+				// If not allowed, set the panel as the first allowed panel again
+				$this->Cookie->write("ta_theater_admin", $this->adminTheaters[0]->theater_id);
+				$this->adminTheater = $this->adminTheaters[0]->theater_id;
+			}
+
+		} else if ($this->superAdmin) {
+
+			// Read the theater from the cookie directly
+			$this->adminTheater = $this->Cookie->read('ta_theater_admin');
+
+		} else {
+
+			// If the user has a panel selected, verify
+			$selected = $this->Cookie->read('ta_theater_admin');
+			$found = false;
+
+			// Search through allowed theaters to find the selected
+			foreach ($this->adminTheaters as $theater) {
+				if ($theater->theater_id == $selected) {
+					$this->adminTheater = $theater->theater_id;
+					$found = true;
+					break;
+				}
+			}
+
+			// If none found, reset to first allowed
+			if (!$found) {
+				$this->Cookie->write("ta_theater_admin", $this->adminTheaters[0]->theater_id);
+				$this->adminTheater = $this->adminTheaters[0]->theater_id;
+			}
+
+		}
+
+		// Set default permissions
+		$this->canCashier = false;
+		$this->canManage = false;
+
+		// Calculate the current permissions
+		if ($this->superAdmin) {
+			$this->canCashier = true;
+			$this->canManage = true;
+		} else {
+			foreach ($this->adminTheaters as $theater) {
+				if ($theater->theater_id == $this->adminTheater) {
+					$this->canCashier = $theater->access_level >= 1;
+					$this->canManage = $theater->access_level >= 2;
+					break;
+				}
+			}
+		}
+
+		// Pass the current permissions to the view
+		$this->set("adminTheater", $this->adminTheater);
+		$this->set("canCashier", $this->canCashier);
+		$this->set("canManage", $this->canManage);
+
 	}
 }

code/src/Controller/AdminSettingsController.php

@@ -0,0 +1,12 @@
+<?php
+
+namespace App\Controller;
+
+use Cake\Core\Configure;
+
+class AdminSettingsController extends AdminController {
+	public function select($panel) {
+		$this->Cookie->write("ta_theater_admin", $panel);
+		return $this->redirect("/admin/");
+	}
+}

code/src/Controller/AppController.php

@@ -51,29 +51,59 @@ public function initialize() {
 	public function beforeFilter(Event $event) {
 		parent::beforeFilter($event);
 
-		if ($this->Cookie->read('ta_login_id') !== null) {
+		$this->loggedIn = false;
+		$this->user = null;
+		$this->admin = false;
+		$this->superAdmin = false;
+		$this->adminTheaters = [];
+
+		if ($this->Cookie->read('ta_login_id') !== null && $this->Cookie->read('ta_login_id') != 0) {
+
+			// Pull data from session cookies
 			$login_id = $this->Cookie->read('ta_login_id');
 			$login_email = $this->Cookie->read('ta_login_email');
 			$login_key = $this->Cookie->read('ta_login_key');
 
+			// Select the user that the user is supposedly logged in as
 			$table = TableRegistry::get("Users");
 			$user = $table->find('all')
 				->where(["id" => $login_id, "email" => $login_email])->all();
 
+			// If the user exists
 			if ($user->count() > 0) {
+
+				// If the user session cookie is valid
 				if ($user->first()->makeKey() == $login_key) {
+
+					// Set basic login variables
 					$this->loggedIn = true;
 					$this->user = $user->first();
-				} else {
-					$this->loggedIn = true;
-					$this->user = null;
+					$this->superAdmin = $this->user->is_super_admin;
+
+					// Retrieve admin status
+					$staffTable = TableRegistry::get("StaffAssignments");
+					$assignments = $staffTable->find()
+						->where(["user_id" => $this->user->id])
+						->contain(["Theaters"]);
+
+					// Store all admin assignments
+					foreach ($assignments as $assign) {
+						$this->adminTheaters[] = $assign;
+					}
+
+					// Store whether the user is an admin of any theater
+					$this->admin = $this->user->is_super_admin = $this->superAdmin || count($this->adminTheaters) > 0;
+
 				}
 			}
-
-			$this->set("loggedIn", $this->loggedIn);
-			$this->set("me", $this->user);
 		}
 
+		$this->set("loggedIn", $this->loggedIn);
+		$this->set("me", $this->user);
+		$this->set("admin", $this->admin);
+		$this->set("superAdmin", $this->superAdmin);
+		$this->set("adminTheaters", $this->adminTheaters);
+
 	}
 
 	/**

code/src/Controller/AuthController.php

@@ -18,6 +18,40 @@ public function index()
 	public function login()
 	{
 		$this->viewBuilder()->layout("auth");
+
+		if ($this->request->is('post')) {
+			$email = $this->request->data("email");
+			$password = $this->request->data("password");
+
+			$table = TableRegistry::get('Users');
+			$users = $table->find()->where(["email" => $email])->all();
+
+			if ($users->count() > 0) {
+				$user = $users->first();
+				$hash = pbkdf2("sha256", $password, $user->salt);
+
+				if ($hash == $user->password) {
+					$key = $user->makeKey();
+					$this->Cookie->write('ta_login_id', $user->id);
+					$this->Cookie->write('ta_login_email', $user->email);
+					$this->Cookie->write('ta_login_key', $key);
+					return $this->redirect("/");
+				}
+			}
+
+			$this->Flash->set("The email and/or password you entered are not valid.", [
+				'element' => 'error'
+			]);
+
+		}
+	}
+
+	public function logout()
+	{
+		$this->Cookie->write('ta_login_id', "0");
+		$this->Cookie->write('ta_login_email', "");
+		$this->Cookie->write('ta_login_key', "");
+		return $this->redirect("/");
 	}
 
 	public function signup()

code/src/Controller/CustomerAdminController.php

@@ -15,14 +15,14 @@ public function index() {
 		foreach ($query as $row) {
 
 			$assignment = $staff->find("all")
-				->where(['theater_id' => 1, 'user_id' => $row->id])
+				->where(['theater_id' => $this->adminTheater, 'user_id' => $row->id])
 				->all();
 
 			$staff_name = "Customer";
 			$staff_level = "0";
 
-			if (count($assignment) > 0) {
-				$staff_level = $assignment[0]->access_level;
+			if ($assignment->count() > 0) {
+				$staff_level = $assignment->first()->access_level;
 				if ($staff_level == 1) {
 					$staff_name = "Cashier";
 				} else if ($staff_level == 2) {

code/src/Controller/TicketAdminController.php

@@ -10,7 +10,16 @@ class TicketAdminController extends AdminController {
 	public function index() {
 		$tickets = TableRegistry::get('Tickets');
 		$pass = [];
-		$query = $tickets->find()->contain(['Seats', 'Rows', 'Sections', 'Performances', 'Performances.Plays']);
+		$query = null;
+
+		if ($this->adminTheater == 0) {
+			$query = $tickets->find()
+				->contain(['Seats', 'Rows', 'Sections', 'Performances', 'Performances.Plays']);
+		} else {
+			$query = $tickets->find()
+				->where(["theater_id" => $this->adminTheater])
+				->contain(['Seats', 'Rows', 'Sections', 'Performances', 'Performances.Plays']);
+		}
 
 		foreach ($query as $row) {
 			$pass[] = [

code/src/Model/Entity/StaffAssignment.php

@@ -15,46 +15,9 @@
 class StaffAssignment extends Entity
 {
 
-    /**
-     * Fields that can be mass assigned using newEntity() or patchEntity().
-     *
-     * Note that when '*' is set to true, this allows all unspecified fields to
-     * be mass assigned. For security purposes, it is advised to set '*' to false
-     * (or remove it), and explicitly make individual fields accessible as needed.
-     *
-     * @var array
-     */
     protected $_accessible = [
         '*' => true,
     ];
 
-    protected function _getUserId()
-    {
-        return $this->user_id;
-    }
 
-    protected function _getUser()
-    {
-        return $this->user;
-    }
-
-    protected function _getAccessLevel()
-    {
-        return $this->access_level;
-    }
-
-    protected function _setUserId($value)
-    {
-        return $value;
-    }
-
-    protected function _setUser($value)
-    {
-        return $value;
-    }
-
-    protected function _setAccessLevel($value)
-    {
-        return $value;
-    }
 }

code/src/Model/Table/StaffAssignmentsTable.php

@@ -34,6 +34,13 @@ public function initialize(array $config)
             'foreignKey' => 'user_id',
             'joinType' => 'INNER'
         ]);
+
+        $this->hasOne('Theaters', [
+            'foreignKey' => 'id',
+			'bindingKey' => 'theater_id',
+			'propertyName' => 'theater'
+        ]);
+
         $options = array(
             // Refer to php.net fgetcsv for more information
             'length' => 0,

code/src/Template/Auth/login.ctp

@@ -6,12 +6,13 @@
 			<div class="auth-logo"><a href="<?= $this->Url->build('/', true) ?>"></a></div>
 		</div>
 		<div class="auth-body">
-			<form class="auth-form">
+			<?= $this->Flash->render('flash'); ?>
+			<form class="auth-form" action="" method="post">
 				<label for="email">Email Address:</label>
 				<input type="text" name="email" id="email" />
 				<em class="requirement"><a href="<?= $this->Url->build('/auth/forgot/', true) ?>">Forgot password?</a></em>
 				<label for="password">Password:</label>
-				<input type="password" name="passowrd" id="password" />
+				<input type="password" name="password" id="password" />
 				<input type="submit" value="Login In" class="submit" />
 				<div class="create-account-notice">
 					or <a href="<?= $this->Url->build('/auth/signup/', true) ?>">sign up for an account</a>

code/src/Template/Element/navigation/login_admin.ctp

@@ -1,8 +1,8 @@
 <div class="navigation-login navigation-guest">
 	<div class="navigation-button navigation-item">
-		<a href="<?= $this->Url->build('/admin/', true) ?>">Administration</a>
+		<a href="<?= $this->Url->build('/admin/', true) ?>"><span class="icomoon">&#xe994;</span> Administration</a>
 	</div>
 	<div class="navigation-item">
-		<a href="<?= $this->Url->build('/signout/', true) ?>">Sign Out</a>
+		<a href="<?= $this->Url->build('/auth/logout/', true) ?>"><span class="icomoon">&#xea14;</span> Sign Out</a>
 	</div>
 </div>

code/src/Template/Element/navigation/login_member.ctp

@@ -0,0 +1,5 @@
+<div class="navigation-login navigation-guest">
+	<div class="navigation-item">
+		<a href="<?= $this->Url->build('/auth/logout/', true) ?>">Sign Out</a>
+	</div>
+</div>