Merge ../../BizApps/BusinessAppTemplate

action.php

@@ -7,7 +7,6 @@
 /**
  * Make things happen when buttons are pressed and forms submitted.
  */
-
 require_once __DIR__ . "/required.php";
 
 if ($VARS['action'] !== "signout") {
@@ -22,11 +21,11 @@ if ($VARS['action'] !== "signout") {
  */
 function returnToSender($msg, $arg = "") {
     global $VARS;
-    if ($arg == "") {
+    $header = "Location: app.php?page=" . urlencode($VARS['source']) . "&msg=$msg";
-        header("Location: app.php?page=" . urlencode($VARS['source']) . "&msg=" . $msg);
+    if ($arg != "") {
-    } else {
+        $header .= "&arg=$arg";
-        header("Location: app.php?page=" . urlencode($VARS['source']) . "&msg=$msg&arg=$arg");
     }
+    header($header);
     die();
 }
 

api/functions.php

@@ -52,7 +52,7 @@ function getCensoredKey() {
  * @return bool true if the request should continue, false if the request is bad
  */
 function authenticate(): bool {
-    global $VARS;
+    global $VARS, $SETTINGS;
     // HTTP basic auth
     if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
         $username = $_SERVER['PHP_AUTH_USER'];
@@ -68,6 +68,13 @@ function authenticate(): bool {
         return false;
     }
     if ($user->checkPassword($password, true)) {
+        // Check that the user has permission to access the app
+        $perms = is_array($SETTINGS['api_permissions']) ? $SETTINGS['api_permissions'] : $SETTINGS['permissions'];
+        foreach ($perms as $perm) {
+            if (!$user->hasPermission($perm)) {
+                return false;
+            }
+        }
         return true;
     }
     return false;

lib/FormBuilder.lib.php

@@ -116,6 +116,41 @@ class FormBuilder {
         $this->items[] = $item;
     }
 
+    /**
+     * Add a text input.
+     *
+     * @param string $name Element name
+     * @param string $value Element value
+     * @param bool $required If the element is required for form submission.
+     * @param string $id Element ID
+     * @param string $label Text label to display near the input
+     * @param string $icon FontAwesome icon (example: "fas fa-toilet-paper")
+     * @param int $width Bootstrap column width for the input, out of 12.
+     * @param int $minlength Minimum number of characters for the input.
+     * @param int $maxlength Maximum number of characters for the input.
+     * @param string $pattern Regex pattern for custom client-side validation.
+     * @param string $error Message to show if the input doesn't validate.
+     */
+    public function addTextInput(string $name, string $value = "", bool $required = true, string $id = "", string $label = "", string $icon = "", int $width = 4, int $minlength = 1, int $maxlength = 100, string $pattern = "", string $error = "") {
+        $this->addInput($name, $value, "text", $required, $id, null, $label, $icon, $width, $minlength, $maxlength, $pattern, $error);
+    }
+
+    /**
+     * Add a select dropdown.
+     *
+     * @param string $name Element name
+     * @param string $value Element value
+     * @param bool $required If the element is required for form submission.
+     * @param string $id Element ID
+     * @param array $options Array of [value => text] pairs for a select element
+     * @param string $label Text label to display near the input
+     * @param string $icon FontAwesome icon (example: "fas fa-toilet-paper")
+     * @param int $width Bootstrap column width for the input, out of 12.
+     */
+    public function addSelect(string $name, string $value = "", bool $required = true, string $id = null, array $options = null, string $label = "", string $icon = "", int $width = 4) {
+        $this->addInput($name, $value, "select", $required, $id, $options, $label, $icon, $width);
+    }
+
     /**
      * Add a button to the form.
      *

settings.template.php

@@ -39,6 +39,10 @@ $SETTINGS = [
     // List of required user permissions to access this app.
     "permissions" => [
     ],
+    // List of permissions required for API access. Remove to use the value of
+    // "permissions" instead.
+    "api_permissions" => [
+    ],
     // For supported values, see http://php.net/manual/en/timezones.php
     "timezone" => "America/Denver",
     // Language to use for localization. See langs folder to add a language.

static/js/app.js

@@ -13,7 +13,7 @@ $(document).ready(function () {
         var gone = 20;
 
         var msgticker = setInterval(function () {
-            if ($('#msg-alert-box .alert:hover').length) {
+            if ($("#msg-alert-box .alert:hover").length) {
                 msginteractiontick = 0;
             } else {
                 msginteractiontick++;
@@ -55,7 +55,6 @@ $(document).ready(function () {
         $("#msg-alert-box").on("mouseenter", function () {
             $("#msg-alert-box").css("opacity", "1");
             msginteractiontick = 0;
-            console.log("👈😎👈 zoop");
         });
         $("#msg-alert-box").on("click", ".close", function (e) {
             $("#msg-alert-box").fadeOut("slow");

static/js/form.js

@@ -12,5 +12,5 @@ $("#savebtn").click(function (event) {
         event.preventDefault();
         event.stopPropagation();
     }
-    form.addClass('was-validated');
+    form.addClass("was-validated");
 });