[add] Access config

Login front

api-payroll/.dockerignore

@@ -0,0 +1,5 @@
+Dockerfile
+README.md
+buildspec.yml
+CONTRIBUTING.md
+docker-compose.yml

api-payroll/.htaccess

@@ -0,0 +1,2 @@
+Options -Indexes
+Deny from all

api-payroll/Dockerfile

@@ -0,0 +1,52 @@
+# Stage 1 - the build process
+FROM composer:1.7.1 as build-deps
+ENV COMPOSER_ALLOW_SUPERUSER 1
+
+WORKDIR /root
+
+COPY . .
+RUN composer install
+RUN composer test
+
+# Stage 2 - the production environment
+FROM ubuntu:16.04
+
+RUN apt-get -y update && apt-get -y upgrade
+
+RUN apt-get -y install apache2 \
+php7.0 \
+libapache2-mod-php7.0 \
+php7.0-cli \
+php7.0-common \
+php7.0-mbstring \
+php7.0-gd \
+php7.0-intl \
+php7.0-xml \
+php7.0-mysql \
+php7.0-mcrypt
+
+# Enable apache mods
+RUN a2enmod php7.0
+RUN a2enmod rewrite
+
+# Update the PHP.ini file, enable <? ?> tags and quieten logging
+RUN sed -i "s/short_open_tag = Off/short_open_tag = On/" /etc/php/7.0/apache2/php.ini
+RUN sed -i "s/error_reporting = .*$/error_reporting = E_ERROR | E_WARNING | E_PARSE/" /etc/php/7.0/apache2/php.ini
+
+# Manually set up the apache environment variables
+ENV APACHE_RUN_USER www-data
+ENV APACHE_RUN_GROUP www-data
+ENV APACHE_LOG_DIR /var/log/apache2
+ENV APACHE_LOCK_DIR /var/lock/apache2
+
+WORKDIR /var/www/site
+COPY --from=build-deps /root .
+
+RUN touch logs/app.log
+RUN chmod 777 logs/app.log
+
+# Update the default apache site
+ADD docker/apache-config.conf /etc/apache2/sites-enabled/000-default.conf
+
+# By default start up apache in the foreground
+CMD /usr/sbin/apache2ctl -D FOREGROUND

api-payroll/buildspec.yml

@@ -14,8 +14,9 @@ phases:
       - echo Entered the build phase...
       - echo Build started on `date`
       - composer test
+      - sudo docker-compose up --build -d
   post_build:
     commands:
       - echo Entered the post_build phase...
+      - sudo docker-compose down --rmi all -v
       - echo Build completed on `date`
-

api-payroll/composer.json

@@ -16,7 +16,8 @@
         "slim/slim": "^3.1",
         "slim/php-view": "^2.0",
         "monolog/monolog": "^1.17",
-        "respect/validation": "^1.1"
+        "respect/validation": "^1.1",
+        "tuupola/cors-middleware": "^0.5.2"
     },
     "require-dev": {
         "phpunit/phpunit": ">=4.8 < 6.0"

api-payroll/composer.lock

@@ -4,8 +4,8 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
         "This file is @generated automatically"
     ],
-    "hash": "677ee7ce2e986cfa3ab0df77d78e0a4c",
+    "hash": "93a9656f4e6eb0e25be1bad59ac6f487",
-    "content-hash": "fddce0c9f8dd9b23d45f6d6e4b4b6310",
+    "content-hash": "a3fc18885cc45d2733b77fa2081bdc72",
     "packages": [
         {
             "name": "container-interop/container-interop",
@@ -116,6 +116,61 @@
             ],
             "time": "2017-06-19 01:22:40"
         },
+        {
+            "name": "neomerx/cors-psr7",
+            "version": "v1.0.13",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/neomerx/cors-psr7.git",
+                "reference": "2556e2013f16a55532c95928455257d5b6bbc6e2"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/neomerx/cors-psr7/zipball/2556e2013f16a55532c95928455257d5b6bbc6e2",
+                "reference": "2556e2013f16a55532c95928455257d5b6bbc6e2",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=5.6.0",
+                "psr/http-message": "^1.0",
+                "psr/log": "^1.0"
+            },
+            "require-dev": {
+                "mockery/mockery": "^1.0",
+                "phpunit/phpunit": "^5.7",
+                "scrutinizer/ocular": "^1.1",
+                "squizlabs/php_codesniffer": "^3.0"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Neomerx\\Cors\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "Apache-2.0"
+            ],
+            "authors": [
+                {
+                    "name": "neomerx",
+                    "email": "info@neomerx.com"
+                }
+            ],
+            "description": "Framework agnostic (PSR-7) CORS implementation (www.w3.org/TR/cors/)",
+            "homepage": "https://github.com/neomerx/cors-psr7",
+            "keywords": [
+                "Cross Origin Resource Sharing",
+                "Cross-Origin Resource Sharing",
+                "cors",
+                "neomerx",
+                "psr-7",
+                "psr7",
+                "w3.org",
+                "www.w3.org"
+            ],
+            "time": "2018-05-23 16:10:11"
+        },
         {
             "name": "nikic/fast-route",
             "version": "v1.3.0",
@@ -599,6 +654,56 @@
                 "shim"
             ],
             "time": "2018-04-26 10:06:28"
+        },
+        {
+            "name": "tuupola/cors-middleware",
+            "version": "0.5.2",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/tuupola/cors-middleware.git",
+                "reference": "db69d8e67b99570b16e8cd5f78c423ed1167cb21"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/tuupola/cors-middleware/zipball/db69d8e67b99570b16e8cd5f78c423ed1167cb21",
+                "reference": "db69d8e67b99570b16e8cd5f78c423ed1167cb21",
+                "shasum": ""
+            },
+            "require": {
+                "neomerx/cors-psr7": "^1.0",
+                "php": "^5.5 || ^7.0"
+            },
+            "require-dev": {
+                "phpunit/phpunit": "^4.8",
+                "squizlabs/php_codesniffer": "^2.5",
+                "zendframework/zend-diactoros": "^1.3"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Tuupola\\Middleware\\": "src"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Mika Tuupola",
+                    "email": "tuupola@appelsiini.net",
+                    "homepage": "http://www.appelsiini.net/",
+                    "role": "Developer"
+                }
+            ],
+            "description": "PSR-7 CORS Middleware",
+            "homepage": "https://github.com/tuupola/cors-middleware",
+            "keywords": [
+                "cors",
+                "middleware",
+                "slim"
+            ],
+            "time": "2016-08-12 13:12:58"
         }
     ],
     "packages-dev": [

api-payroll/docker/apache-config.conf

@@ -0,0 +1,15 @@
+<VirtualHost *:80>
+  ServerAdmin me@mydomain.com
+  DocumentRoot /var/www/site
+
+  <Directory /var/www/site/>
+      Options Indexes FollowSymLinks MultiViews
+      AllowOverride All
+      Order deny,allow
+      Allow from all
+  </Directory>
+
+  ErrorLog ${APACHE_LOG_DIR}/error.log
+  CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+</VirtualHost>

api-payroll/public/.htaccess

@@ -1,3 +1,5 @@
+allow from all
+
 <IfModule mod_rewrite.c>
   RewriteEngine On
 

api-payroll/public/css/login.css

@@ -0,0 +1,81 @@
+body {
+    background: url(../imagenes/grey_background.jpg);
+    background-size: cover;
+    font-family: Montserrat;
+}
+@media only screen and (min-device-width: 480px) {
+    body {
+        background: url('../imagenes/grey_background.jpg') no-repeat fixed center center;
+    }
+}
+.logo {
+    width: 213px;
+    height: 60px;
+    margin: 30px auto;
+}
+.login-block {
+    width: 320px;
+    padding: 20px;
+    background: #fff;
+    border-radius: 5px;
+    border-top: 5px solid #bdb035;
+    margin: 0 auto;
+}
+.login-block h1 {
+    text-align: center;
+    color: #000;
+    font-size: 18px;
+    text-transform: uppercase;
+    margin-top: 0;
+    margin-bottom: 20px;
+}
+.login-block input {
+    width: 100%;
+    height: 42px;
+    box-sizing: border-box;
+    border-radius: 5px;
+    border: 1px solid #ccc;
+    margin-bottom: 20px;
+    font-size: 14px;
+    font-family: Montserrat;
+    padding: 0 20px 0 50px;
+    outline: none;
+}
+.login-block input#user {
+    background: #fff url('../imagenes/login_username.png') 20px top no-repeat;
+    background-size: 16px 80px;
+}
+.login-block input#user:focus {
+    background: #fff url('../imagenes/login_username.png') 20px bottom no-repeat;
+    background-size: 16px 80px;
+}
+.login-block input#password {
+    background: #fff url('../imagenes/login_password.png') 20px top no-repeat;
+    background-size: 16px 80px;
+}
+.login-block input#password:focus {
+    background: #fff url('../imagenes/login_password.png') 20px bottom no-repeat;
+    background-size: 16px 80px;
+}
+.login-block input:active, .login-block input:focus {
+    border: 1px solid #bdb035;
+}
+.login-block #loginButon {
+    width: 100%;
+    height: 40px;
+    background: #bdb035;
+    box-sizing: border-box;
+    border-radius: 5px;
+    border: 1px solid #6d661c;
+    color: #fff;
+    font-weight: bold;
+    text-transform: uppercase;
+    font-size: 14px;
+    font-family: Montserrat;
+    outline: none;
+    cursor: pointer;
+}
+.login-block button:hover {
+    background: #c7b935;
+    border: 1px solid #6d661c;
+}

api-payroll/public/html/login.php

@@ -0,0 +1,44 @@
+<!-- Latest compiled and minified CSS -->
+<link rel="stylesheet" href="../css/bootstrap.min.css">
+
+<!-- jQuery library -->
+<script src="../js/jquery.min.js"></script>
+
+<!-- Latest compiled JavaScript -->
+<script src="../js/bootstrap.min.js"></script>
+
+<link href='http://fonts.googleapis.com/css?family=Montserrat:400,700' rel='stylesheet' type='text/css'>
+<div class="container">
+    <div class="logo"></div>
+    <div class="login-block">
+        <form action="" method="post" name="Login_Form" class="login">
+            <h1>Login</h1>
+            <input type="text" value="" placeholder="User" id="userName" name="user" required="" autofocus=""/>
+            <input type="password" value="" placeholder="Password" id="password" name="password" required=""/>
+            <a href="#" class="btn btn-lg btn-warning btn-default" id="loginButon" name="login" value="Login" onclick="processLogin();">Login</a>
+        </form>
+    </div>
+</div>
+
+<div id="modalLoginError" class="modal fade" role="dialog">
+    <div class="modal-dialog">
+
+        <!-- Modal content-->
+        <div class="modal-content">
+            <div class="modal-header" id="modalLoginErrorHeader">
+                <button type="button" class="close" data-dismiss="modal">&times;</button>
+                <h4 class="modal-title"><center>Ha ocurrido un error</center></h4>
+            </div>
+            <div class="modal-body">
+                <p id="modalLoginErrorBody"></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-default" data-dismiss="modal">Cerrar</button>
+            </div>
+        </div>
+
+    </div>
+</div>
+
+<script src="../js/login.js"></script>
+<link href="../css/login.css" rel="stylesheet">

api-payroll/public/js/login.js

@@ -0,0 +1,38 @@
+function getbaseUrl(uriPath){
+    var url = window.location.href;
+    return url.substring(0, url.indexOf(uriPath));
+}
+
+function processLogin() {
+console.log(getbaseUrl('html/'));
+    var parametros = {
+        "userName":$('#userName').val(),
+        "password":$('#password').val()
+    };
+
+    $.ajax({
+        url: getbaseUrl('/html/') + '/index.php/api/session/login',
+        type: 'POST',
+        dataType: 'json',
+        data: parametros,
+        success:function(data){
+            console.log(JSON.stringify(data));
+            if(data["status"] == "success"){
+                redirect("http://stackoverflow.com");
+            }else if(data["status"] == "success" || (data["status"] === undefined)){
+                $('#modalLoginError').modal('show');
+                document.getElementById('modalLoginErrorBody').innerHTML = "The server didn't respond in time, please try again or refresh this page.";
+            }
+        },
+        error:function(x) {
+            if (x.status==500){
+                $('#modalLoginError').modal('show');
+                document.getElementById('modalLoginErrorBody').innerHTML = "The user or password didnt match, please try again";
+            }
+        },
+    });
+}
+
+function redirect(url){
+    window.location.replace(url);
+}

api-payroll/src/application/EmployeeApplication.php

@@ -0,0 +1,462 @@
+<?php
+namespace App\Application;
+
+use phpDocumentor\Reflection\Types\Integer;
+
+class EmployeeApplication{
+    private $pdo;
+    private $cryptographyService;
+    private $asserts;
+    private $settings;
+
+    function __construct($employeeSettings, $mysql, $cryptographyService, $asserts){
+        $this->settings = $employeeSettings;
+
+        $this->cryptographyService = $cryptographyService;
+        $this->pdo = $mysql;
+        $this->asserts = $asserts;
+
+        $this->databaseSelectQueryErrorMessage = 'There was an error inserting the record.';
+    }
+
+    /**
+     * @return array
+     */
+    function listEmployeeTypes(){
+        $stmt = $this->pdo->prepare("SELECT 
+                                        id, name
+                                    FROM
+                                        employeeType
+                                    WHERE
+                                        status = 'ACTIVE'");
+        $stmt->execute();
+
+        $results = $stmt->fetchAll();
+
+        if(!$results){
+            exit($this->databaseSelectQueryErrorMessage);
+        }
+        $stmt = null;
+
+        $employeeTypes = array();
+        foreach($results as $row){
+            $employeeTypes[] = array('id' => (int)$row['id'], 'name' => $row['name']);
+        }
+
+        return $employeeTypes;
+    }
+
+    /**
+     * @param $firstName binary
+     * @param $middleName binary
+     * @param $lastName binary or null
+     * @param $birthDate date yyyy-mm-dd
+     * @param $email string
+     * @param $phone string
+     * @return integer
+     */
+    function saveNewPerson($firstName, $middleName, $lastName, $birthDate, $email, $phone){
+        $this->asserts->firstName($firstName);
+        $this->asserts->middleName($middleName);
+        $this->asserts->birthDate($birthDate);
+        $this->asserts->email($email);
+        $this->asserts->phone($phone);
+
+        try {
+            $stmt = $this->pdo->prepare("INSERT INTO persons (firstName, middleName, lastName, birthDate, email, phone) 
+                                          VALUES (:firstName, :middleName, :lastName, :birthDate, :email, :phone)");
+            $this->pdo->beginTransaction();
+            $stmt->execute(array(':firstName' => $firstName, ':middleName' => $middleName, ':lastName' => $lastName,
+                ':birthDate' => $birthDate, ':email' => $email, ':phone' => $phone));
+            $id = $this->pdo->lastInsertId();
+            $this->pdo->commit();
+
+            return $id;
+
+            $stmt = null;
+        } catch( PDOExecption $e ) {
+            $this->pdo->rollback();
+            throw new Exception('There was an error while trying to save a new person.');
+            $this->logger->warning("There was an error in the EmployeeApplication->saveNewPerson caused by: $e ");
+        }
+    }
+
+    /**
+     * @param $idEmployeeType integer
+     * @param $idPerson integer
+     * @param $code string
+     * @param $contractType string
+     * @return mixed
+     */
+    function savePersonAsEmployee($idEmployeeType, $idPerson, $code, $contractType){
+        try {
+            $stmt = $this->pdo->prepare("INSERT INTO employees (idEmployeeType, idPerson, code, contractType) 
+                                          VALUES (:idEmployeeType, :idPerson, :code, :contractType)");
+            $this->pdo->beginTransaction();
+            $stmt->execute(array(':idEmployeeType' => $idEmployeeType, ':idPerson' => $idPerson, ':code' => $code,
+                ':contractType' => $contractType));
+            $id = $this->pdo->lastInsertId();
+            $this->pdo->commit();
+
+            return $id;
+
+            $stmt = null;
+        } catch( PDOExecption $e ) {
+            $this->pdo->rollback();
+            throw new Exception('There was an error while trying to save a new employee.');
+            $this->logger->warning("There was an error in the EmployeeApplication->savePersonAsEmployee caused by: $e ");
+        }
+    }
+
+    /**
+     * @param $requestData object
+     * @return array
+     */
+    function saveNewEmployee($requestData){
+        // Getting and validating the data
+        $firstName = $requestData['firstName'];
+        $this->asserts->firstName($firstName);
+
+        $middleName = $requestData['middleName'];
+        $this->asserts->middleName($middleName);
+
+        $lastName = isset($requestData['lastName']) ? $requestData['lastName'] : null;
+
+        $birthDate = $requestData['birthDate'];
+        $this->asserts->birthDate($birthDate);
+
+        $email = $requestData['email'];
+        $this->asserts->email($email);
+
+        $phone = $requestData['phone'];
+        $this->asserts->phone($phone);
+
+        $idEmployeeType = $requestData{'idEmployeeType'};
+        $contractType = $requestData{'contractType'};
+
+        // Encrypting the sensitive data
+        $securedFirstName = $this->cryptographyService->encryptString($firstName);
+        $securedMiddleName = $this->cryptographyService->encryptString($middleName);
+
+        if (isset($lastName)) {
+            $securedLastName = $this->cryptographyService->encryptString($lastName);
+        } else {
+            $securedLastName = null;
+        }
+
+        $securedEmail = $this->cryptographyService->encryptString($email);
+
+        // Here begins the saving process
+        $idNewPerson = $this->saveNewPerson($securedFirstName, $securedMiddleName, $securedLastName,
+            $birthDate, $securedEmail, $phone);
+
+        $employeeCode = $this->cryptographyService->pseudoRandomStringOpenssl($this->settings['codeLength']);
+        $idEmployee = $this->savePersonAsEmployee($idEmployeeType, $idNewPerson, $employeeCode, $contractType);
+
+        $response = array(
+            "fullName" => "$firstName $middleName $lastName",
+            "employeeCode" => $employeeCode,
+            "idEmployee" => $idEmployee,
+            "email" => $email,
+            "phone" => $phone
+        );
+
+        return $response;
+    }
+
+    /**
+     * @param $idEmployee
+     * @return Integer
+     */
+    function getIdPersonByIdEmployee($idEmployee){
+        $stmt = $this->pdo->prepare("SELECT 
+                                        COALESCE((SELECT 
+                                                        idPerson
+                                                    FROM
+                                                        employees
+                                                    WHERE
+                                                        id = :idEmployee),
+                                                0) AS id");
+
+        $stmt->execute(array(':idEmployee' => $idEmployee));
+        $results = $stmt->fetchAll();
+        if(!$results){
+            exit($this->databaseSelectQueryErrorMessage);
+        }
+        $stmt = null;
+
+        return $results[0]['id'];
+    }
+
+    /**
+     * @param $code
+     * @return mixed
+     */
+    function getIdEmployeeTypeByCode($code){
+        $stmt = $this->pdo->prepare("SELECT COALESCE((SELECT 
+                                        et.id
+                                    FROM
+                                        employees e
+                                            INNER JOIN
+                                        employeeType et ON et.id = e.idEmployeeType
+                                    WHERE
+                                        e.code = :code), 0) AS id");
+
+        $stmt->execute(array(':code' => $code));
+        $results = $stmt->fetchAll();
+        if(!$results){
+            exit($this->databaseSelectQueryErrorMessage);
+        }
+        $stmt = null;
+
+        return $results[0]['id'];
+    }
+
+    /**
+     * Gets the data associated with the employee
+     *
+     * @param $idEmployee
+     * @return array
+     */
+    function getEmployeeDataById($idEmployee){
+        $stmt = $this->pdo->prepare("SELECT 
+                                        p.id AS idPerson,
+                                        p.firstName,
+                                        p.middleName,
+                                        IFNULL(p.lastName, '') AS lastName,
+                                        p.email,
+                                        p.phone,
+                                        e.code,
+                                        e.contractType
+                                    FROM
+                                        employees e
+                                            INNER JOIN
+                                        persons p ON p.id = e.idPerson
+                                    WHERE
+                                        e.id = :idEmployee");
+
+        $stmt->execute(array(':idEmployee' => $idEmployee));
+        $results = $stmt->fetchAll();
+        if(!$results){
+            exit($this->databaseSelectQueryErrorMessage);
+        }
+        $stmt = null;
+
+        return $results[0];
+    }
+
+    /**
+     * Acts as a man in the middle for the getEmployeeDataById method to decrypt the contents
+     * and make the necesary data manipulations
+     *
+     * @param $idEmployee
+     * @return array
+     */
+    function proxyGetEmployeeDataById($idEmployee){
+        $employeeData = $this->getEmployeeDataById($idEmployee);
+
+        $response = array(
+            "idPerson" => (int)$employeeData['idPerson'],
+            "firstName" => $this->cryptographyService->decryptString($employeeData['firstName']),
+            "middleName" => $this->cryptographyService->decryptString($employeeData['middleName']),
+
+            "lastName" => strlen($employeeData['lastName']) > 0
+                ? $this->cryptographyService->decryptString($employeeData['lastName'])
+                : '',
+
+            "email" => $this->cryptographyService->decryptString($employeeData['email']),
+            "phone" => $employeeData['phone'],
+            "code" => $employeeData['code'],
+            "contractType" => $employeeData['contractType']
+
+        );
+
+        return $response;
+    }
+
+    /**
+     * @param $code string
+     * @return array
+     */
+    function getEmployeeDataByCode($code){
+        $idEmployee = $this->getIdEmployeeTypeByCode($code);
+
+        return $this->proxyGetEmployeeDataById($idEmployee);
+    }
+
+    /**
+     * @param $idPerson integer
+     * @param $firstName  binary
+     * @param $middleName binary
+     * @param $lastName binary
+     * @param $birthDate date
+     * @param $email binary
+     * @param $phone string
+     */
+    function updatePerson($idPerson, $firstName, $middleName, $lastName, $birthDate, $email, $phone){
+        try {
+            $stmt = $this->pdo->prepare("UPDATE persons 
+                                        SET 
+                                            firstName = :firstName,
+                                            middleName = :middleName,
+                                            lastName = :lastName,
+                                            birthDate = :birthDate,
+                                            email = :email,
+                                            phone = :phone
+                                        WHERE
+                                            id = :idPerson");
+            $this->pdo->beginTransaction();
+            $stmt->execute(array(':firstName' => $firstName, ':middleName' => $middleName, ':lastName' => $lastName,
+                ':birthDate' => $birthDate, ':email' => $email, ':phone' => $phone, ':idPerson' => $idPerson));
+            $this->pdo->commit();
+
+            $stmt = null;
+        } catch( PDOExecption $e ) {
+            $this->pdo->rollback();
+        }
+    }
+
+    /**
+     * @param $idEmployee integer
+     * @param $code string
+     * @param $idEmployeeType integer
+     * @param $contractType string
+     */
+    function updateEmployee($idEmployee, $code, $idEmployeeType, $contractType){
+        try {
+            $stmt = $this->pdo->prepare("UPDATE employees 
+                                        SET 
+                                            idEmployeeType = :idEmployeeType,
+                                            code = :code,
+                                            contractType = :contractType
+                                        WHERE
+                                            id = :idEmployee");
+            $this->pdo->beginTransaction();
+            $stmt->execute(array(':idEmployeeType' => $idEmployeeType, ':code' => $code, ':contractType' => $contractType,
+                ':idEmployee' => $idEmployee));
+            $this->pdo->commit();
+
+            $stmt = null;
+        } catch( PDOExecption $e ) {
+            $this->pdo->rollback();
+        }
+    }
+
+    /**
+     * @param $requestData object
+     * @return array
+     */
+    function updateEmployeeData($requestData){
+        // Getting and validating the data
+        $idEmployee = $requestData['idEmployee'];
+        $idPerson = $this->getIdPersonByIdEmployee($idEmployee);
+        $code = $requestData['code'];
+
+        $firstName = $requestData['firstName'];
+        $this->asserts->firstName($firstName);
+
+        $middleName = $requestData['middleName'];
+        $this->asserts->middleName($middleName);
+
+        $lastName = isset($requestData['lastName']) ? $requestData['lastName'] : null;
+
+        $birthDate = $requestData['birthDate'];
+        $this->asserts->birthDate($birthDate);
+
+        $email = $requestData['email'];
+        $this->asserts->email($email);
+
+        $phone = $requestData['phone'];
+        $this->asserts->phone($phone);
+
+        $idEmployeeType = $requestData{'idEmployeeType'};
+        $contractType = $requestData{'contractType'};
+
+        // Encrypting the sensitive data
+        $securedFirstName = $this->cryptographyService->encryptString($firstName);
+        $securedMiddleName = $this->cryptographyService->encryptString($middleName);
+
+        if (isset($lastName)) {
+            $securedLastName = $this->cryptographyService->encryptString($lastName);
+        } else {
+            $securedLastName = null;
+        }
+
+        $securedEmail = $this->cryptographyService->encryptString($email);
+
+        // Update process
+        $this->updatePerson($idPerson, $securedFirstName, $securedMiddleName, $securedLastName,
+            $birthDate, $securedEmail, $phone);
+
+        $this->updateEmployee($idEmployee, $code, $idEmployeeType, $contractType);
+
+        $response = array(
+            "fullName" => "$firstName $middleName $lastName",
+            "idEmployee" => $idEmployee,
+            "email" => $email,
+            "phone" => $phone,
+            "birthDate" => $birthDate,
+            "idEmployeeType" => $idEmployeeType,
+            "contractType" => $contractType
+        );
+
+        return $response;
+    }
+
+    function disableEmployeeRecord($idEmployee){
+        try {
+            $stmt = $this->pdo->prepare("UPDATE employees 
+                                        SET 
+                                            status = 'INACTIVE'
+                                        WHERE
+                                            id = :idEmployee");
+            $this->pdo->beginTransaction();
+            $stmt->execute(array(':idEmployee' => $idEmployee));
+            $this->pdo->commit();
+
+            $stmt = null;
+        } catch( PDOExecption $e ) {
+            $this->pdo->rollback();
+        }
+    }
+
+    /**
+     * Intended for internal use
+     *
+     * This method will bring a list of ids of all the employees that are
+     * currently active in the system
+     *
+     * @return array
+     */
+    function getIdEmployeeFromAllActiveEmployees(){
+        $stmt = $this->pdo->prepare("SELECT 
+                                        id
+                                    FROM
+                                        employees
+                                    WHERE
+                                        status = 'ACTIVE';");
+        $stmt->execute();
+
+        $results = $stmt->fetchAll();
+
+        if(!$results){
+            exit($this->databaseSelectQueryErrorMessage);
+        }
+        $stmt = null;
+
+        return $results;
+    }
+
+    function listAllActiveEmployees(){
+        $ids = $this->getIdEmployeeFromAllActiveEmployees();
+
+        $result = array();
+
+        foreach($ids as $row){
+            $result[] = $this->proxyGetEmployeeDataById($row['id']);
+        }
+
+        return $result;
+    }
+}
+?>

api-payroll/src/application/SessionApplication.php

@@ -69,7 +69,7 @@ class SessionApplication{
 
         // If the credentials don't match anything in the the records
         if(!isset($storedPassword)){
-            throw new Exception('The user or password didnt match, please try again.');
+            return false;
         }
 
         // Already has a session
@@ -82,7 +82,22 @@ class SessionApplication{
             return true;
         }
         else{
-            return false;
+            throw new Exception('The user or password didnt match, please try again.');
+        }
+    }
+
+    /**
+     * @param $userName
+     * @param $password
+     * @return array
+     * @throws Exception
+     */
+    function login($userName, $password){
+        if($this->newSession($userName, $password)){
+            return array('status' => 'success', 'message' => 'Logged in successfully.');
+        }
+        else{
+            throw new Exception('The user or password didnt match, please try again.');
         }
     }
 

api-payroll/src/dependencies.php

@@ -24,6 +24,7 @@ $container['mysql'] = function ($c) {
 
     // The database parameters
     $host = $mysqlSettings['host'];
+    $port = $mysqlSettings['port'];
     $database = $mysqlSettings['database'];
     $user = $mysqlSettings['user'];
     $password = $mysqlSettings['password'];
@@ -34,7 +35,7 @@ $container['mysql'] = function ($c) {
     $databaseConnectionErrorMessage = $mysqlSettings['databaseConnectionErrorMessage'];
 
     // Initiate the connection
-    $dsn = "mysql:host=$host;dbname=$database;charset=$charset";
+    $dsn = "mysql:host=$host;port=$port;dbname=$database;charset=$charset";
     try {
         $pdo = new PDO($dsn, $user, $password, $pdoConnectionOptions);
     } catch (Exception $e) {
@@ -62,3 +63,11 @@ $container['sessionApplication'] = function ($c) {
     $sessionApplication = new App\Application\SessionApplication($c['mysql'], $c['cryptographyService'], $c['asserts']);
     return $sessionApplication;
 };
+
+// The employee application
+$container['employeeApplication'] = function ($c) {
+    $employeeSettings = $c->get('settings')['employee'];
+    $employeeApplication = new App\Application\EmployeeApplication($employeeSettings,
+        $c['mysql'], $c['cryptographyService'], $c['asserts']);
+    return $employeeApplication;
+};

api-payroll/src/middleware.php

@@ -2,3 +2,21 @@
 // Application middleware
 
 // e.g: $app->add(new \Slim\Csrf\Guard);
+
+// Enable cors
+$app->add(new \Tuupola\Middleware\Cors([
+    "origin" => ["*"],
+    "methods" => ["GET", "POST", "PUT", "PATCH", "DELETE"],
+    "headers.allow" => ["Accept", "Content-Type"],
+    "headers.expose" => [],
+    "credentials" => false,
+    "cache" => 0,
+    "logger" => $container['logger'],
+    "error" => function ($request, $response, $arguments) {
+        $data["status"] = "error";
+        $data["message"] = $arguments["message"];
+        return $response
+            ->withHeader("Content-Type", "application/json")
+            ->write(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
+    }
+]));

api-payroll/src/routes.php

@@ -20,17 +20,77 @@ $app->get('/api/session', function (Request $request, Response $response, array
 });
 
 $app->post('/api/session/login', function ($request, $response) {
-    $RequestData = $request->getParsedBody();
+    $requestData = $request->getParsedBody();
 
-    $data = $this->sessionApplication->newSession($RequestData['userName'], $RequestData['password']);
+    $data = $this->sessionApplication->login($requestData['userName'], $requestData['password']);
 
     return $response->withStatus(200)
         ->withHeader('Content-Type', 'application/json')
         ->write(json_encode($data));
 });
 
-$app->post('/api/session/logout', function (Request $request, Response $response, array $args) {
+$app->get('/api/session/logout', function (Request $request, Response $response, array $args) {
     return $response->withStatus(200)
         ->withHeader('Content-Type', 'application/json')
         ->write(json_encode($this->sessionApplication->destroySession()));
 });
+
+$app->get('/api/employee/types', function (Request $request, Response $response, array $args) {
+    return $response->withStatus(200)
+        ->withHeader('Content-Type', 'application/json')
+        ->write(json_encode($this->employeeApplication->listEmployeeTypes()));
+});
+
+$app->get('/api/employee/all', function (Request $request, Response $response, array $args) {
+    return $response->withStatus(200)
+        ->withHeader('Content-Type', 'application/json')
+        ->write(json_encode($this->employeeApplication->listAllActiveEmployees()));
+});
+
+$app->post('/api/employee', function ($request, $response) {
+    $requestData = $request->getParsedBody();
+
+    return $response->withStatus(200)
+        ->withHeader('Content-Type', 'application/json')
+        ->write(json_encode($this->employeeApplication->saveNewEmployee($requestData)));
+});
+
+$app->put('/api/employee', function ($request, $response) {
+    $requestData = $request->getParsedBody();
+
+    return $response->withStatus(200)
+        ->withHeader('Content-Type', 'application/json')
+        ->write(json_encode($this->employeeApplication->updateEmployeeData($requestData)));
+});
+
+$app->DELETE('/api/employee/{idEmployee}', function (Request $request, Response $response, array $args) {
+    $idEmployee = $args['idEmployee'];
+
+    return $response->withStatus(200)
+        ->withHeader('Content-Type', 'application/json')
+        ->write(json_encode($this->employeeApplication->disableEmployeeRecord($idEmployee)));
+});
+
+$app->get('/api/employee/type/{code}', function (Request $request, Response $response, array $args) {
+    $code = $args['code'];
+
+    return $response->withStatus(200)
+        ->withHeader('Content-Type', 'application/json')
+        ->write(json_encode($this->employeeApplication->getIdEmployeeTypeByCode($code)));
+});
+
+$app->get('/api/employee/id/{idEmployee}', function (Request $request, Response $response, array $args) {
+    $idEmployee = $args['idEmployee'];
+
+    return $response->withStatus(200)
+        ->withHeader('Content-Type', 'application/json')
+        ->write(json_encode($this->employeeApplication->proxyGetEmployeeDataById($idEmployee)));
+});
+
+$app->get('/api/employee/code/{code}', function (Request $request, Response $response, array $args) {
+    $code = $args['code'];
+
+    return $response->withStatus(200)
+        ->withHeader('Content-Type', 'application/json')
+        ->write(json_encode($this->employeeApplication->getEmployeeDataByCode($code)));
+});

api-payroll/src/service/CryptographyService.php

@@ -85,4 +85,18 @@ class CryptographyService{
     function decryptPassword($plainPassword, $encryptedPassword) {
         return password_verify($plainPassword, $encryptedPassword);
     }
+
+    /**
+     * Generates a psudo random string using openssl
+     *
+     * @param $length integer
+     * @return string
+     */
+    function pseudoRandomStringOpenssl($length){
+
+        $string = openssl_random_pseudo_bytes($length);
+        $string = bin2hex($string);
+
+        return substr($string, 0, $length);
+    }
 }

api-payroll/src/settings.php

@@ -26,7 +26,8 @@ return [
 
         // Datanase settings
         'mysql' => [
-            'host' => 'localhost',
+            'host' => 'mysql',
+            'port' => '3307',
             'database' => 'payroll',
             'user' => 'root',
             'password' => '12345678',
@@ -40,5 +41,10 @@ return [
             'databaseSelectQueryErrorMessage' => 'There was an error fetching the data.',
             'databaseInsertQueryErrorMessage' => 'There was an error inserting the record.',
         ],
+
+        // Employee settings
+        'employee' => [
+            'codeLength' => '3',
+        ],
     ],
 ];

database/.dockerignore

@@ -0,0 +1 @@
+Dockerfile

database/Dockerfile

@@ -0,0 +1,7 @@
+FROM mysql:5.7
+
+# Starting scripts
+ADD . /docker-entrypoint-initdb.d
+
+# Config
+ADD my.cnf /etc/mysql

database/database.sql

@@ -16,8 +16,7 @@ CREATE TABLE IF NOT EXISTS `persons` (
   `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'The date on which the registry was created',
   `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'The date of the last time the row was modified',
   PRIMARY KEY  (`id`),
-  UNIQUE (`phone`),
+  UNIQUE (`phone`)
-  UNIQUE (`firstName`,`middleName`,`lastName`,`birthDate`)
 );
 
 INSERT INTO persons (firstName, middleName, lastName, birthDate, email, phone)
@@ -45,3 +44,32 @@ CREATE TABLE IF NOT EXISTS `users` (
 
 INSERT INTO users (idPerson, name, password)
   VALUES (1, 'sloth', '$2y$12$51mfESaLEGXDT4u9Bd9kiOHEpaJ1Bx4SEcVwsU5K6jVPMNkrnpJAa');
+
+DROP TABLE IF EXISTS employeeType;
+CREATE TABLE IF NOT EXISTS `employeeType` (
+  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  `name` VARCHAR(100) NOT NULL comment 'Type or rol that the employee can be',
+  `status` ENUM('ACTIVE', 'INACTIVE') NOT NULL DEFAULT 'ACTIVE',
+  `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'The date on which the registry was created',
+  `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'The date of the last time the row was modified',
+  PRIMARY KEY  (`id`),
+  UNIQUE (`name`)
+);
+
+INSERT INTO employeeType (name) VALUES ('Chofer'),
+                                        ('Cargador'),
+                                        ('Auxiliar');
+
+DROP TABLE IF EXISTS employees;
+CREATE TABLE IF NOT EXISTS `employees` (
+  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  `idEmployeeType` INT UNSIGNED NOT NULL comment 'Defines the rol within the company',
+  `idPerson` INT UNSIGNED NOT NULL comment 'Defines the rol within the company',
+  `code` VARCHAR(100) NOT NULL comment 'A code to reference the employee',
+  `contractType` ENUM('INTERNO', 'EXTERNO') NOT NULL comment 'The type of contract',
+  `status` ENUM('ACTIVE', 'INACTIVE') NOT NULL DEFAULT 'ACTIVE',
+  `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'The date on which the registry was created',
+  `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'The date of the last time the row was modified',
+  PRIMARY KEY  (`id`),
+  UNIQUE (`code`)
+);

database/my.cnf

@@ -0,0 +1,20 @@
+# Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+
+[mysqld]
+port = 3307
+
+!includedir /etc/mysql/conf.d/
+!includedir /etc/mysql/mysql.conf.d/

docker-compose.yml

@@ -0,0 +1,28 @@
+version: '3'
+services:
+  api:
+    container_name: payroll_api
+    build: api-payroll/
+    ports:
+     - "8085:80"
+    volumes:
+      - ./volumes/apache-logs:/var/log/apache2
+    depends_on:
+      - mysql
+  mysql:
+    container_name: payroll_mysql
+    restart: always
+    build: database
+    expose:
+      - "3307"
+    ports:
+     - "3307:3307"
+    volumes:
+      - ./volumes/mysql-data:/var/lib/mysql
+    environment:
+      MYSQL_ROOT_PASSWORD: '12345678'
+      MYSQL_USER: 'sloth'
+      MYSQL_PASS: '12345678'
+volumes:
+  mysql-data:
+  apache-logs:

volumes/.gitignore

@@ -0,0 +1,2 @@
+mysql-data/
+apache-logs/

volumes/README.md

@@ -0,0 +1 @@
+# Do not delete this directory, it'll contain the volumes created by the containers