diff --git a/api-payroll/src/application/EmployeeApplication.php b/api-payroll/src/application/EmployeeApplication.php new file mode 100644 index 0000000..de8652b --- /dev/null +++ b/api-payroll/src/application/EmployeeApplication.php @@ -0,0 +1,154 @@ +settings = $employeeSettings; + + $this->cryptographyService = $cryptographyService; + $this->pdo = $mysql; + $this->asserts = $asserts; + + $this->databaseSelectQueryErrorMessage = 'There was an error inserting the record.'; + } + + /** + * @return array + */ + function listEmployeeTypes(){ + $stmt = $this->pdo->prepare("SELECT id, name FROM employeeType WHERE status = 'ACTIVE'"); + $stmt->execute(); + + $results = $stmt->fetchAll(); + + if(!$results){ + exit($this->databaseSelectQueryErrorMessage); + } + $stmt = null; + + return $results; + } + + /** + * @param $firstName varbinary + * @param $middleName varbinary + * @param $lastName varbinary or null + * @param $birthDate date yyyy-mm-dd + * @param $email string + * @param $phone string + * @return integer + */ + function saveNewPerson($firstName, $middleName, $lastName, $birthDate, $email, $phone){ + $this->asserts->firstName($firstName); + $this->asserts->middleName($middleName); + $this->asserts->birthDate($birthDate); + $this->asserts->email($email); + $this->asserts->phone($phone); + + try { + $stmt = $this->pdo->prepare("INSERT INTO persons (firstName, middleName, lastName, birthDate, email, phone) + VALUES (:firstName, :middleName, :lastName, :birthDate, :email, :phone)"); + $this->pdo->beginTransaction(); + $stmt->execute(array(':firstName' => $firstName, ':middleName' => $middleName, ':lastName' => $lastName, + ':birthDate' => $birthDate, ':email' => $email, ':phone' => $phone)); + $id = $this->pdo->lastInsertId(); + $this->pdo->commit(); + + return $id; + + $stmt = null; + } catch( PDOExecption $e ) { + $this->pdo->rollback(); + throw new Exception('There was an error while trying to save a new person.'); + $this->logger->warning("There was an error in the EmployeeApplication->saveNewPerson caused by: $e "); + } + } + + /** + * @param $idEmployeeType integer + * @param $idPerson integer + * @param $code string + * @param $contractType string + * @return mixed + */ + function savePersonAsEmployee($idEmployeeType, $idPerson, $code, $contractType){ + try { + $stmt = $this->pdo->prepare("INSERT INTO employees (idEmployeeType, idPerson, code, contractType) + VALUES (:idEmployeeType, :idPerson, :code, :contractType)"); + $this->pdo->beginTransaction(); + $stmt->execute(array(':idEmployeeType' => $idEmployeeType, ':idPerson' => $idPerson, ':code' => $code, + ':contractType' => $contractType)); + $id = $this->pdo->lastInsertId(); + $this->pdo->commit(); + + return $id; + + $stmt = null; + } catch( PDOExecption $e ) { + $this->pdo->rollback(); + throw new Exception('There was an error while trying to save a new employee.'); + $this->logger->warning("There was an error in the EmployeeApplication->savePersonAsEmployee caused by: $e "); + } + } + + /** + * @param $requestData object + * @return array + */ + function saveNewEmployee($requestData){ + // Getting and validating the data + $firstName = $requestData['firstName']; + $this->asserts->firstName($firstName); + + $middleName = $requestData['middleName']; + $this->asserts->middleName($middleName); + + $lastName = isset($requestData['lastName']) ? $requestData['lastName'] : null; + + $birthDate = $requestData['birthDate']; + $this->asserts->birthDate($birthDate); + + $email = $requestData['email']; + $this->asserts->email($email); + + $phone = $requestData['phone']; + $this->asserts->phone($phone); + + $idEmployeeType = $requestData{'idEmployeeType'}; + $contractType = $requestData{'contractType'}; + + // Encrypting the sensitive data + $securedFirstName = $this->cryptographyService->encryptString($firstName); + $securedMiddleName = $this->cryptographyService->encryptString($middleName); + + if (isset($lastName)) { + $securedLastName = $this->cryptographyService->encryptString($lastName); + } else { + $securedLastName = null; + } + + $securedEmail = $this->cryptographyService->encryptString($email); + + // Here begins the saving process + $idNewPerson = $this->saveNewPerson($securedFirstName, $securedMiddleName, $securedLastName, + $birthDate, $securedEmail, $phone); + + $employeeCode = $this->cryptographyService->pseudoRandomStringOpenssl($this->settings['codeLength']); + $idEmployee = $this->savePersonAsEmployee($idEmployeeType, $idNewPerson, $employeeCode, $contractType); + + $response = array( + "fullName" => "$firstName $middleName $lastName", + "employeeCode" => $employeeCode, + "idEmployee" => $idEmployee, + "email" => $email, + "phone" => $phone + ); + + return $response; + } +} +?> \ No newline at end of file diff --git a/api-payroll/src/dependencies.php b/api-payroll/src/dependencies.php index 9b14dd6..1075e7b 100644 --- a/api-payroll/src/dependencies.php +++ b/api-payroll/src/dependencies.php @@ -62,3 +62,11 @@ $container['sessionApplication'] = function ($c) { $sessionApplication = new App\Application\SessionApplication($c['mysql'], $c['cryptographyService'], $c['asserts']); return $sessionApplication; }; + +// The employee application +$container['employeeApplication'] = function ($c) { + $employeeSettings = $c->get('settings')['employee']; + $employeeApplication = new App\Application\EmployeeApplication($employeeSettings, + $c['mysql'], $c['cryptographyService'], $c['asserts']); + return $employeeApplication; +}; \ No newline at end of file diff --git a/api-payroll/src/routes.php b/api-payroll/src/routes.php index 680333b..97df0fe 100644 --- a/api-payroll/src/routes.php +++ b/api-payroll/src/routes.php @@ -20,9 +20,9 @@ $app->get('/api/session', function (Request $request, Response $response, array }); $app->post('/api/session/login', function ($request, $response) { - $RequestData = $request->getParsedBody(); + $requestData = $request->getParsedBody(); - $data = $this->sessionApplication->newSession($RequestData['userName'], $RequestData['password']); + $data = $this->sessionApplication->newSession($requestData['userName'], $requestData['password']); return $response->withStatus(200) ->withHeader('Content-Type', 'application/json') @@ -33,4 +33,18 @@ $app->post('/api/session/logout', function (Request $request, Response $response return $response->withStatus(200) ->withHeader('Content-Type', 'application/json') ->write(json_encode($this->sessionApplication->destroySession())); -}); \ No newline at end of file +}); + +$app->get('/api/employee/types', function (Request $request, Response $response, array $args) { + return $response->withStatus(200) + ->withHeader('Content-Type', 'application/json') + ->write(json_encode($this->employeeApplication->listEmployeeTypes())); +}); + +$app->post('/api/employee', function ($request, $response) { + $requestData = $request->getParsedBody(); + + return $response->withStatus(200) + ->withHeader('Content-Type', 'application/json') + ->write(json_encode($this->employeeApplication->saveNewEmployee($requestData))); +}); diff --git a/api-payroll/src/service/CryptographyService.php b/api-payroll/src/service/CryptographyService.php index 41e3e5d..95bec62 100644 --- a/api-payroll/src/service/CryptographyService.php +++ b/api-payroll/src/service/CryptographyService.php @@ -85,4 +85,18 @@ class CryptographyService{ function decryptPassword($plainPassword, $encryptedPassword) { return password_verify($plainPassword, $encryptedPassword); } + + /** + * Generates a psudo random string using openssl + * + * @param $length integer + * @return string + */ + function pseudoRandomStringOpenssl($length){ + + $string = openssl_random_pseudo_bytes($length); + $string = bin2hex($string); + + return substr($string, 0, $length); + } } \ No newline at end of file diff --git a/api-payroll/src/settings.php b/api-payroll/src/settings.php index 54893f4..10ea7c9 100644 --- a/api-payroll/src/settings.php +++ b/api-payroll/src/settings.php @@ -40,5 +40,10 @@ return [ 'databaseSelectQueryErrorMessage' => 'There was an error fetching the data.', 'databaseInsertQueryErrorMessage' => 'There was an error inserting the record.', ], + + // Employee settings + 'employee' => [ + 'codeLength' => '5', + ], ], ]; diff --git a/database/database.sql b/database/database.sql index 930a97a..c2f1084 100644 --- a/database/database.sql +++ b/database/database.sql @@ -16,8 +16,7 @@ CREATE TABLE IF NOT EXISTS `persons` ( `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'The date on which the registry was created', `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'The date of the last time the row was modified', PRIMARY KEY (`id`), - UNIQUE (`phone`), - UNIQUE (`firstName`,`middleName`,`lastName`,`birthDate`) + UNIQUE (`phone`) ); INSERT INTO persons (firstName, middleName, lastName, birthDate, email, phone) @@ -45,3 +44,32 @@ CREATE TABLE IF NOT EXISTS `users` ( INSERT INTO users (idPerson, name, password) VALUES (1, 'sloth', '$2y$12$51mfESaLEGXDT4u9Bd9kiOHEpaJ1Bx4SEcVwsU5K6jVPMNkrnpJAa'); + +DROP TABLE IF EXISTS employeeType; +CREATE TABLE IF NOT EXISTS `employeeType` ( + `id` INT UNSIGNED NOT NULL AUTO_INCREMENT, + `name` VARCHAR(100) NOT NULL comment 'Type or rol that the employee can be', + `status` ENUM('ACTIVE', 'INACTIVE') NOT NULL DEFAULT 'ACTIVE', + `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'The date on which the registry was created', + `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'The date of the last time the row was modified', + PRIMARY KEY (`id`), + UNIQUE (`name`) +); + +INSERT INTO employeeType (name) VALUES ('Chofer'), + ('Cargador'), + ('Auxiliar'); + +DROP TABLE IF EXISTS employees; +CREATE TABLE IF NOT EXISTS `employees` ( + `id` INT UNSIGNED NOT NULL AUTO_INCREMENT, + `idEmployeeType` INT UNSIGNED NOT NULL comment 'Defines the rol within the company', + `idPerson` INT UNSIGNED NOT NULL comment 'Defines the rol within the company', + `code` VARCHAR(100) NOT NULL comment 'A code to reference the employee', + `contractType` ENUM('INTERNO', 'EXTERNO') NOT NULL comment 'The type of contract', + `status` ENUM('ACTIVE', 'INACTIVE') NOT NULL DEFAULT 'ACTIVE', + `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'The date on which the registry was created', + `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'The date of the last time the row was modified', + PRIMARY KEY (`id`), + UNIQUE (`code`) +);