From 692f52b533e6a5715ec24070616b73f2d56bec5a Mon Sep 17 00:00:00 2001 From: Jose Pabl Domingo Aramburo Sanchez Date: Sun, 5 Aug 2018 22:31:40 -0600 Subject: [PATCH 1/4] [add] Listing of employee types --- .../src/application/EmployeeApplication.php | 31 +++++++++++++++++++ api-payroll/src/dependencies.php | 6 ++++ api-payroll/src/routes.php | 6 ++++ database/database.sql | 15 +++++++++ 4 files changed, 58 insertions(+) create mode 100644 api-payroll/src/application/EmployeeApplication.php diff --git a/api-payroll/src/application/EmployeeApplication.php b/api-payroll/src/application/EmployeeApplication.php new file mode 100644 index 0000000..51f74d3 --- /dev/null +++ b/api-payroll/src/application/EmployeeApplication.php @@ -0,0 +1,31 @@ +cryptographyService = $cryptographyService; + $this->pdo = $mysql; + $this->asserts = $asserts; + + $this->databaseSelectQueryErrorMessage = 'There was an error inserting the record.'; + } + + function listEmployeeTypes(){ + $stmt = $this->pdo->prepare("SELECT id, name FROM employeeType WHERE status = 'ACTIVE'"); + $stmt->execute(); + + $results = $stmt->fetchAll(); + + if(!$results){ + exit($this->databaseSelectQueryErrorMessage); + } + $stmt = null; + + return $results; + } +} +?> \ No newline at end of file diff --git a/api-payroll/src/dependencies.php b/api-payroll/src/dependencies.php index 9b14dd6..cb1fa94 100644 --- a/api-payroll/src/dependencies.php +++ b/api-payroll/src/dependencies.php @@ -62,3 +62,9 @@ $container['sessionApplication'] = function ($c) { $sessionApplication = new App\Application\SessionApplication($c['mysql'], $c['cryptographyService'], $c['asserts']); return $sessionApplication; }; + +// The employee application +$container['employeeApplication'] = function ($c) { + $employeeApplication = new App\Application\EmployeeApplication($c['mysql'], $c['cryptographyService'], $c['asserts']); + return $employeeApplication; +}; \ No newline at end of file diff --git a/api-payroll/src/routes.php b/api-payroll/src/routes.php index 680333b..53e5f5a 100644 --- a/api-payroll/src/routes.php +++ b/api-payroll/src/routes.php @@ -33,4 +33,10 @@ $app->post('/api/session/logout', function (Request $request, Response $response return $response->withStatus(200) ->withHeader('Content-Type', 'application/json') ->write(json_encode($this->sessionApplication->destroySession())); +}); + +$app->get('/api/employee/types', function (Request $request, Response $response, array $args) { + return $response->withStatus(200) + ->withHeader('Content-Type', 'application/json') + ->write(json_encode($this->employeeApplication->listEmployeeTypes())); }); \ No newline at end of file diff --git a/database/database.sql b/database/database.sql index 930a97a..8b311b7 100644 --- a/database/database.sql +++ b/database/database.sql @@ -45,3 +45,18 @@ CREATE TABLE IF NOT EXISTS `users` ( INSERT INTO users (idPerson, name, password) VALUES (1, 'sloth', '$2y$12$51mfESaLEGXDT4u9Bd9kiOHEpaJ1Bx4SEcVwsU5K6jVPMNkrnpJAa'); + +DROP TABLE IF EXISTS employeeType; +CREATE TABLE IF NOT EXISTS `employeeType` ( + `id` INT UNSIGNED NOT NULL AUTO_INCREMENT, + `name` VARCHAR(100) NOT NULL comment 'Type or rol that the employee can be', + `status` ENUM('ACTIVE', 'INACTIVE') NOT NULL DEFAULT 'ACTIVE', + `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'The date on which the registry was created', + `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'The date of the last time the row was modified', + PRIMARY KEY (`id`), + UNIQUE (`name`) +); + +INSERT INTO employeeType (name) VALUES ('Chofer'), + ('Cargador'), + ('Auxiliar'); From 304e3045c7bc0fe03ba7a561aa6a3005a3a32610 Mon Sep 17 00:00:00 2001 From: Jose Pabl Domingo Aramburo Sanchez Date: Sun, 5 Aug 2018 23:44:46 -0600 Subject: [PATCH 2/4] [add} Saving new person --- .../src/application/EmployeeApplication.php | 70 +++++++++++++++++++ api-payroll/src/routes.php | 14 +++- database/database.sql | 16 ++++- 3 files changed, 95 insertions(+), 5 deletions(-) diff --git a/api-payroll/src/application/EmployeeApplication.php b/api-payroll/src/application/EmployeeApplication.php index 51f74d3..ce52e18 100644 --- a/api-payroll/src/application/EmployeeApplication.php +++ b/api-payroll/src/application/EmployeeApplication.php @@ -14,6 +14,9 @@ class EmployeeApplication{ $this->databaseSelectQueryErrorMessage = 'There was an error inserting the record.'; } + /** + * @return array + */ function listEmployeeTypes(){ $stmt = $this->pdo->prepare("SELECT id, name FROM employeeType WHERE status = 'ACTIVE'"); $stmt->execute(); @@ -27,5 +30,72 @@ class EmployeeApplication{ return $results; } + + function saveNewPerson($firstName, $middleName, $lastName, $birthDate, $email, $phone){ + $this->asserts->firstName($firstName); + $this->asserts->middleName($middleName); + $this->asserts->birthDate($birthDate); + $this->asserts->email($email); + $this->asserts->phone($phone); + + try { + $stmt = $this->pdo->prepare("INSERT INTO persons (firstName, middleName, lastName, birthDate, email, phone) + VALUES (:firstName, :middleName, :lastName, :birthDate, :email, :phone)"); + $this->pdo->beginTransaction(); + $stmt->execute(array(':firstName' => $firstName, ':middleName' => $middleName, ':lastName' => $lastName, + ':birthDate' => $birthDate, ':email' => $email, ':phone' => $phone)); + $id = $this->pdo->lastInsertId(); + $this->pdo->commit(); + + return $id; + + $stmt = null; + } catch( PDOExecption $e ) { + $this->pdo->rollback(); + throw new Exception('There was an error while trying to save a new person.'); + $this->logger->warning("There was an error in the EmployeeApplication->saveNewPerson caused by: $e "); + } + } + + function saveNewEmployee($requestData){ + // Getting and validating the data + $firstName = $requestData['firstName']; + $this->asserts->firstName($firstName); + + $middleName = $requestData['middleName']; + $this->asserts->middleName($middleName); + + $lastName = isset($requestData['lastName']) ? $requestData['lastName'] : null; + + $birthDate = $requestData['birthDate']; + $this->asserts->birthDate($birthDate); + + $email = $requestData['email']; + $this->asserts->email($email); + + $phone = $requestData['phone']; + $this->asserts->phone($phone); + + $employeeType = $requestData{'employeeType'}; + $contractType = $requestData{'contractType'}; + + // Encrypting the sensitive data + $securedFirstName = $this->cryptographyService->encryptString($firstName); + $securedMiddleName = $this->cryptographyService->encryptString($middleName); + + if(isset($lastName)){ + $securedLastName = $this->cryptographyService->encryptString($lastName); + } + else { + $securedLastName = null; + } + + $securedEmail = $this->cryptographyService->encryptString($email); + + $idNewperson = $this->saveNewPerson($securedFirstName, $securedMiddleName, $securedLastName, + $birthDate, $securedEmail, $phone); + + return $idNewperson; + } } ?> \ No newline at end of file diff --git a/api-payroll/src/routes.php b/api-payroll/src/routes.php index 53e5f5a..97df0fe 100644 --- a/api-payroll/src/routes.php +++ b/api-payroll/src/routes.php @@ -20,9 +20,9 @@ $app->get('/api/session', function (Request $request, Response $response, array }); $app->post('/api/session/login', function ($request, $response) { - $RequestData = $request->getParsedBody(); + $requestData = $request->getParsedBody(); - $data = $this->sessionApplication->newSession($RequestData['userName'], $RequestData['password']); + $data = $this->sessionApplication->newSession($requestData['userName'], $requestData['password']); return $response->withStatus(200) ->withHeader('Content-Type', 'application/json') @@ -39,4 +39,12 @@ $app->get('/api/employee/types', function (Request $request, Response $response, return $response->withStatus(200) ->withHeader('Content-Type', 'application/json') ->write(json_encode($this->employeeApplication->listEmployeeTypes())); -}); \ No newline at end of file +}); + +$app->post('/api/employee', function ($request, $response) { + $requestData = $request->getParsedBody(); + + return $response->withStatus(200) + ->withHeader('Content-Type', 'application/json') + ->write(json_encode($this->employeeApplication->saveNewEmployee($requestData))); +}); diff --git a/database/database.sql b/database/database.sql index 8b311b7..4effb71 100644 --- a/database/database.sql +++ b/database/database.sql @@ -16,8 +16,7 @@ CREATE TABLE IF NOT EXISTS `persons` ( `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'The date on which the registry was created', `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'The date of the last time the row was modified', PRIMARY KEY (`id`), - UNIQUE (`phone`), - UNIQUE (`firstName`,`middleName`,`lastName`,`birthDate`) + UNIQUE (`phone`) ); INSERT INTO persons (firstName, middleName, lastName, birthDate, email, phone) @@ -60,3 +59,16 @@ CREATE TABLE IF NOT EXISTS `employeeType` ( INSERT INTO employeeType (name) VALUES ('Chofer'), ('Cargador'), ('Auxiliar'); + +DROP TABLE IF EXISTS employees; +CREATE TABLE IF NOT EXISTS `employees` ( + `id` INT UNSIGNED NOT NULL AUTO_INCREMENT, + `idEmployeeType` INT UNSIGNED NOT NULL comment 'Defines the rol within the company', + `numero` VARCHAR(100) NOT NULL comment 'A code to reference the employee', + `contractType` ENUM('INTERNO', 'EXTERNO') NOT NULL comment 'The type of contract', + `status` ENUM('ACTIVE', 'INACTIVE') NOT NULL DEFAULT 'ACTIVE', + `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'The date on which the registry was created', + `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'The date of the last time the row was modified', + PRIMARY KEY (`id`), + UNIQUE (`name`) +); From 69b636620af74a4055805908fcc2761945242154 Mon Sep 17 00:00:00 2001 From: Jose Pabl Domingo Aramburo Sanchez Date: Mon, 6 Aug 2018 00:53:03 -0600 Subject: [PATCH 3/4] [add] Saving person as employee --- .../src/application/EmployeeApplication.php | 63 +++++++++++++++++-- .../src/service/CryptographyService.php | 14 +++++ database/database.sql | 5 +- 3 files changed, 74 insertions(+), 8 deletions(-) diff --git a/api-payroll/src/application/EmployeeApplication.php b/api-payroll/src/application/EmployeeApplication.php index ce52e18..46e193a 100644 --- a/api-payroll/src/application/EmployeeApplication.php +++ b/api-payroll/src/application/EmployeeApplication.php @@ -31,6 +31,15 @@ class EmployeeApplication{ return $results; } + /** + * @param $firstName varbinary + * @param $middleName varbinary + * @param $lastName varbinary or null + * @param $birthDate date yyyy-mm-dd + * @param $email string + * @param $phone string + * @return integer + */ function saveNewPerson($firstName, $middleName, $lastName, $birthDate, $email, $phone){ $this->asserts->firstName($firstName); $this->asserts->middleName($middleName); @@ -57,6 +66,37 @@ class EmployeeApplication{ } } + /** + * @param $idEmployeeType integer + * @param $idPerson integer + * @param $code string + * @param $contractType string + * @return mixed + */ + function savePersonAsEmployee($idEmployeeType, $idPerson, $code, $contractType){ + try { + $stmt = $this->pdo->prepare("INSERT INTO employees (idEmployeeType, idPerson, code, contractType) + VALUES (:idEmployeeType, :idPerson, :code, :contractType)"); + $this->pdo->beginTransaction(); + $stmt->execute(array(':idEmployeeType' => $idEmployeeType, ':idPerson' => $idPerson, ':code' => $code, + ':contractType' => $contractType)); + $id = $this->pdo->lastInsertId(); + $this->pdo->commit(); + + return $id; + + $stmt = null; + } catch( PDOExecption $e ) { + $this->pdo->rollback(); + throw new Exception('There was an error while trying to save a new employee.'); + $this->logger->warning("There was an error in the EmployeeApplication->savePersonAsEmployee caused by: $e "); + } + } + + /** + * @param $requestData object + * @return array + */ function saveNewEmployee($requestData){ // Getting and validating the data $firstName = $requestData['firstName']; @@ -76,26 +116,37 @@ class EmployeeApplication{ $phone = $requestData['phone']; $this->asserts->phone($phone); - $employeeType = $requestData{'employeeType'}; + $idEmployeeType = $requestData{'idEmployeeType'}; $contractType = $requestData{'contractType'}; // Encrypting the sensitive data $securedFirstName = $this->cryptographyService->encryptString($firstName); $securedMiddleName = $this->cryptographyService->encryptString($middleName); - if(isset($lastName)){ + if (isset($lastName)) { $securedLastName = $this->cryptographyService->encryptString($lastName); - } - else { + } else { $securedLastName = null; } $securedEmail = $this->cryptographyService->encryptString($email); - $idNewperson = $this->saveNewPerson($securedFirstName, $securedMiddleName, $securedLastName, + // Here begins the saving process + $idNewPerson = $this->saveNewPerson($securedFirstName, $securedMiddleName, $securedLastName, $birthDate, $securedEmail, $phone); - return $idNewperson; + $employeeCode = $this->cryptographyService->pseudoRandomStringOpenssl(10); + $idEmployee = $this->savePersonAsEmployee($idEmployeeType, $idNewPerson, $employeeCode, $contractType); + + $response = array( + "fullName" => "$firstName $middleName $lastName", + "employeeCode" => $employeeCode, + "idEmployee" => $idEmployee, + "email" => $email, + "phone" => $phone + ); + + return $response; } } ?> \ No newline at end of file diff --git a/api-payroll/src/service/CryptographyService.php b/api-payroll/src/service/CryptographyService.php index 41e3e5d..95bec62 100644 --- a/api-payroll/src/service/CryptographyService.php +++ b/api-payroll/src/service/CryptographyService.php @@ -85,4 +85,18 @@ class CryptographyService{ function decryptPassword($plainPassword, $encryptedPassword) { return password_verify($plainPassword, $encryptedPassword); } + + /** + * Generates a psudo random string using openssl + * + * @param $length integer + * @return string + */ + function pseudoRandomStringOpenssl($length){ + + $string = openssl_random_pseudo_bytes($length); + $string = bin2hex($string); + + return substr($string, 0, $length); + } } \ No newline at end of file diff --git a/database/database.sql b/database/database.sql index 4effb71..c2f1084 100644 --- a/database/database.sql +++ b/database/database.sql @@ -64,11 +64,12 @@ DROP TABLE IF EXISTS employees; CREATE TABLE IF NOT EXISTS `employees` ( `id` INT UNSIGNED NOT NULL AUTO_INCREMENT, `idEmployeeType` INT UNSIGNED NOT NULL comment 'Defines the rol within the company', - `numero` VARCHAR(100) NOT NULL comment 'A code to reference the employee', + `idPerson` INT UNSIGNED NOT NULL comment 'Defines the rol within the company', + `code` VARCHAR(100) NOT NULL comment 'A code to reference the employee', `contractType` ENUM('INTERNO', 'EXTERNO') NOT NULL comment 'The type of contract', `status` ENUM('ACTIVE', 'INACTIVE') NOT NULL DEFAULT 'ACTIVE', `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'The date on which the registry was created', `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'The date of the last time the row was modified', PRIMARY KEY (`id`), - UNIQUE (`name`) + UNIQUE (`code`) ); From 90f11867a53f63e27e7c3ab675ed3ee8fdd86b32 Mon Sep 17 00:00:00 2001 From: Jose Pabl Domingo Aramburo Sanchez Date: Mon, 6 Aug 2018 01:00:31 -0600 Subject: [PATCH 4/4] [add] Employee code length as setting --- api-payroll/src/application/EmployeeApplication.php | 6 ++++-- api-payroll/src/dependencies.php | 4 +++- api-payroll/src/settings.php | 5 +++++ 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/api-payroll/src/application/EmployeeApplication.php b/api-payroll/src/application/EmployeeApplication.php index 46e193a..de8652b 100644 --- a/api-payroll/src/application/EmployeeApplication.php +++ b/api-payroll/src/application/EmployeeApplication.php @@ -6,7 +6,9 @@ class EmployeeApplication{ private $cryptographyService; private $asserts; - function __construct($mysql, $cryptographyService, $asserts){ + function __construct($employeeSettings, $mysql, $cryptographyService, $asserts){ + $this->settings = $employeeSettings; + $this->cryptographyService = $cryptographyService; $this->pdo = $mysql; $this->asserts = $asserts; @@ -135,7 +137,7 @@ class EmployeeApplication{ $idNewPerson = $this->saveNewPerson($securedFirstName, $securedMiddleName, $securedLastName, $birthDate, $securedEmail, $phone); - $employeeCode = $this->cryptographyService->pseudoRandomStringOpenssl(10); + $employeeCode = $this->cryptographyService->pseudoRandomStringOpenssl($this->settings['codeLength']); $idEmployee = $this->savePersonAsEmployee($idEmployeeType, $idNewPerson, $employeeCode, $contractType); $response = array( diff --git a/api-payroll/src/dependencies.php b/api-payroll/src/dependencies.php index cb1fa94..1075e7b 100644 --- a/api-payroll/src/dependencies.php +++ b/api-payroll/src/dependencies.php @@ -65,6 +65,8 @@ $container['sessionApplication'] = function ($c) { // The employee application $container['employeeApplication'] = function ($c) { - $employeeApplication = new App\Application\EmployeeApplication($c['mysql'], $c['cryptographyService'], $c['asserts']); + $employeeSettings = $c->get('settings')['employee']; + $employeeApplication = new App\Application\EmployeeApplication($employeeSettings, + $c['mysql'], $c['cryptographyService'], $c['asserts']); return $employeeApplication; }; \ No newline at end of file diff --git a/api-payroll/src/settings.php b/api-payroll/src/settings.php index 54893f4..10ea7c9 100644 --- a/api-payroll/src/settings.php +++ b/api-payroll/src/settings.php @@ -40,5 +40,10 @@ return [ 'databaseSelectQueryErrorMessage' => 'There was an error fetching the data.', 'databaseInsertQueryErrorMessage' => 'There was an error inserting the record.', ], + + // Employee settings + 'employee' => [ + 'codeLength' => '5', + ], ], ];