fixed drop down, limited sales user to only access their customers and only…

fixed drop down, limited sales user to only access their customers and only admins can access the customer page

fixed drop down, limited sales user to only access their customers and only…
fixed drop down, limited sales user to only access their customers and only admins can access the customer page
1f4ba8ce · Cam Hayes · 64f087b4 · 1f4ba8ce · 1f4ba8ce · 1f4ba8ce
Commit 1f4ba8ce authored Nov 21, 2025 by Cam Hayes
10 changed files
--- a/kgOrdersClient/View.EditUser.dfm
+++ b/kgOrdersClient/View.EditUser.dfm
@@ -25,7 +25,7 @@ object FViewEditUser: TFViewEditUser
    WidthPercent = 100.000000000000000000
  end
  object WebLabel5: TWebLabel
-    Left = 284
+    Left = 280
    Top = 8
    Width = 56
    Height = 15
@@ -36,8 +36,8 @@ object FViewEditUser: TFViewEditUser
    WidthPercent = 100.000000000000000000
  end
  object WebLabel6: TWebLabel
-    Left = 240
-    Top = 41
+    Left = 236
+    Top = 37
    Width = 100
    Height = 15
    Caption = 'Confirm Password:'
@@ -79,8 +79,8 @@ object FViewEditUser: TFViewEditUser
    WidthPercent = 100.000000000000000000
  end
  object lblAccess: TWebLabel
-    Left = 272
-    Top = 96
+    Left = 269
+    Top = 93
    Width = 67
    Height = 15
    Caption = 'Access Type:'
@@ -100,7 +100,7 @@ object FViewEditUser: TFViewEditUser
    WidthPercent = 100.000000000000000000
  end
  object edtConfirmPassword: TWebEdit
-    Left = 348
+    Left = 346
    Top = 34
    Width = 121
    Height = 22
@@ -136,7 +136,7 @@ object FViewEditUser: TFViewEditUser
    Top = 200
    Width = 96
    Height = 25
-    Caption = 'Confirm'
+    Caption = 'Save'
    ChildOrder = 9
    ElementClassName = 'btn btn-light'
    ElementID = 'btnconfirm'
@@ -217,7 +217,7 @@ object FViewEditUser: TFViewEditUser
    WidthPercent = 100.000000000000000000
  end
  object cbAccess: TWebComboBox
-    Left = 352
+    Left = 346
    Top = 90
    Width = 145
    Height = 23
@@ -226,12 +226,9 @@ object FViewEditUser: TFViewEditUser
    WidthPercent = 100.000000000000000000
    ItemIndex = -1
    Items.Strings = (
-      'PLATE'
-      'MOUNT'
-      'SHIP'
-      'ART'
-      'ALL'
-      'ACTIVE')
+      'SALES'
+      'USER'
+      'ADMIN')
  end
  object edtQB: TWebEdit
    Left = 346
@@ -245,14 +242,14 @@ object FViewEditUser: TFViewEditUser
  end
  object XDataWebClient1: TXDataWebClient
    Connection = DMConnection.ApiConnection
-    Left = 556
-    Top = 416
+    Left = 514
+    Top = 304
  end
  object WebTimer1: TWebTimer
    Enabled = False
    Interval = 500
    OnTimer = WebTimer1Timer
-    Left = 430
-    Top = 382
+    Left = 428
+    Top = 304
  end
 end
--- a/kgOrdersClient/View.EditUser.pas
+++ b/kgOrdersClient/View.EditUser.pas
@@ -51,7 +51,6 @@ type
    Email: string;
    Access: string;
    Rights: string;
-    Perspective: string;
    QB: string;
    [async] procedure EditUser();
    [async] function AddUser(): string;
@@ -60,7 +59,7 @@ type
    { Public declarations }
    Info: string;
    class function CreateForm(AElementID, Mode, Username, Password, Name, Status, Email,
-                               Access, Rights, Perspective, QB: string): TWebForm;
+                               Access, Rights, QB: string): TWebForm;
  end;

 var
@@ -150,7 +149,7 @@ begin
 end;

 class function TFViewEditUser.CreateForm(AElementID, Mode, Username, Password, Name, Status, Email,
-                               Access, Rights, Perspective, QB: string): TWebForm;
+                               Access, Rights, QB: string): TWebForm;
 // Autofills known information about a user on create
  procedure AfterCreate(AForm: TObject);
  begin
@@ -161,7 +160,6 @@ class function TFViewEditUser.CreateForm(AElementID, Mode, Username, Password, N
    TFViewEditUser(AForm).Email := Email;
    TFViewEditUser(AForm).Access := Access;
    TFViewEditUser(AForm).Rights := Rights;
-    TFViewEditUser(AForm).Perspective := Perspective;
    TFViewEditUser(AForm).QB := QB;
  end;


--- a/kgOrdersClient/View.Main.pas
+++ b/kgOrdersClient/View.Main.pas
@@ -50,7 +50,7 @@ type
    { Public declarations }
    class procedure Display(LogoutProc: TLogoutProc);
    procedure ShowForm( AFormClass: TWebFormClass );
-    procedure EditUser(  Mode, Username, Password, Name, Status, Email, Access, Rights, Perspective, QB: string);
+    procedure EditUser(  Mode, Username, Password, Name, Status, Email, Access, Rights, QB: string);
    procedure ViewOrderEntryCorrugated(orderInfo, customerInfo, mode, info: string);
    procedure ViewOrderEntryWeb(orderInfo, customerInfo, mode, info: string);
    procedure ViewOrderEntryCuttingDie(orderInfo, customerInfo, mode, info: string);
@@ -96,7 +96,10 @@ begin
  change := false;
  console.log(JS.toBoolean(AuthService.TokenPayload.Properties['user_access_type']));
  if (not (JS.toString(AuthService.TokenPayload.Properties['user_access_type']) = 'ADMIN'))  then
+  begin
    lblUsers.enabled := false;
+    lblCustomers.Enabled := false;
+  end;

  ShowForm(TFViewOrders);
  lblAppTitle.Caption := 'Koehler-Gibson Orders';
@@ -275,12 +278,12 @@ begin
 end;

 procedure TFViewMain.EditUser(Mode, Username, Password, Name, Status, Email,
-                               Access, Rights, Perspective, QB: string);
+                               Access, Rights, QB: string);
 begin
  if Assigned(FChildForm) then
    FChildForm.Free;
  FChildForm := TFViewEditUser.CreateForm(WebPanel1.ElementID, Mode, Username,
-                                Password, Name, Status, Email, Access, Rights, Perspective, QB);
+                                Password, Name, Status, Email, Access, Rights, QB);
 end;

 procedure TFViewMain.ViewOrders(info: string);

--- a/kgOrdersClient/View.Users.pas
+++ b/kgOrdersClient/View.Users.pas
@@ -117,7 +117,6 @@ var
  Email: TJSNode;
  Access: TJSNode;
  Rights: TJSNode;
-  Perspective: TJSNode;
  QB: TJSNode;
  isAdmin: boolean;
  isActive: boolean;
@@ -139,12 +138,11 @@ begin
  Email := cells[5];
  Access := cells[6];
  Rights := cells[7];
-  Perspective := cells[8];
-  QB := cells[9];
+  QB := cells[8];

  FViewMain.EditUser('Edit', Username.innerText, Password.innerText, FullName.innerText,
                    Status.innerText, Email.innerText, Access.innerText,
-                    Rights.innerText, Perspective.innerText, QB.innerText);
+                    Rights.innerText, QB.innerText);

 end;

@@ -455,7 +453,7 @@ end;
 procedure TFViewUsers.btnAddUserClick(Sender: TObject);
 begin
  //Info := '';
-  FViewMain.EditUser('Add', '', '', '', '', '', '', '', '', '');
+  FViewMain.EditUser('Add', '', '', '', '', '', '', '', '');
 end;



--- a/kgOrdersServer/Source/Api.Database.dfm
+++ b/kgOrdersServer/Source/Api.Database.dfm
@@ -6,7 +6,8 @@ object ApiDatabase: TApiDatabase
    ProviderName = 'MySQL'
    Database = 'kg_order_entry'
    Username = 'root'
-    Server = '192.168.159.158'
+    Server = '192.168.159.10'
+    Connected = True
    LoginPrompt = False
    Left = 75
    Top = 65
@@ -408,4 +409,29 @@ object ApiDatabase: TApiDatabase
      Required = True
    end
  end
+  object uqUsers: TUniQuery
+    Connection = ucKG
+    SQL.Strings = (
+      'SELECT USER_ID, NAME, STATUS from users ORDER BY NAME')
+    OnCalcFields = uqUsersCalcFields
+    Left = 318
+    Top = 252
+    object uqUsersUSER_ID: TIntegerField
+      FieldName = 'USER_ID'
+      Required = True
+    end
+    object uqUsersNAME: TStringField
+      FieldName = 'NAME'
+      Size = 40
+    end
+    object uqUsersSTATUS: TStringField
+      FieldName = 'STATUS'
+      Size = 7
+    end
+    object uqUsersREPRESENTATIVE: TStringField
+      FieldKind = fkCalculated
+      FieldName = 'REPRESENTATIVE'
+      Calculated = True
+    end
+  end
 end
--- a/kgOrdersServer/Source/Api.Database.pas
+++ b/kgOrdersServer/Source/Api.Database.pas
@@ -112,7 +112,13 @@ type
    uqOrdersStatusScheduleORIGINAL_STATUS_DATE: TDateField;
    uqOrdersStatusScheduleUSER_ID: TLongWordField;
    uqOrdersStatusScheduleORDER_REVISION: TLongWordField;
+    uqUsers: TUniQuery;
+    uqUsersUSER_ID: TIntegerField;
+    uqUsersNAME: TStringField;
+    uqUsersSTATUS: TStringField;
+    uqUsersREPRESENTATIVE: TStringField;
    procedure DataModuleCreate(Sender: TObject);
+    procedure uqUsersCalcFields(DataSet: TDataSet);
  private
    { Private declarations }
  public
@@ -158,4 +164,9 @@ begin
  end;
 end;

+procedure TApiDatabase.uqUsersCalcFields(DataSet: TDataSet);
+begin
+  uqUsersREPRESENTATIVE.AsString := uqUsersNAME.AsString + '(' + uqUsersSTATUS.AsString + ')';
+end;
+
 end.
--- a/kgOrdersServer/Source/Lookup.Service.pas
+++ b/kgOrdersServer/Source/Lookup.Service.pas
@@ -33,6 +33,7 @@ type
    rights: integer;
    perspectiveID: string;
    QBID: string;
+    representative: string;
  end;

  TUserList = class

--- a/kgOrdersServer/Source/Lookup.ServiceImpl.pas
+++ b/kgOrdersServer/Source/Lookup.ServiceImpl.pas
@@ -528,17 +528,18 @@ var
  SQL: string;
 begin
  Logger.Log(3, 'TLookupService.GetRepUsers');
-  SQL := 'SELECT USER_ID, NAME from users where QB_ID IS NOT NULL AND QB_ID <> ' + quotedStr('');
+  SQL := 'SELECT USER_ID, NAME, STATUS from users ORDER BY NAME';
  result := TList<TUserItem>.Create;
-  doQuery(ordersDB.UniQuery1, SQL);
-  while not ordersDB.UniQuery1.Eof do
+  doQuery(ordersDB.uqUsers, SQL);
+  while not ordersDB.uqUsers.Eof do
  begin
    USER := TUserItem.Create;
    TXDataOperationContext.Current.Handler.ManagedObjects.Add( USER );
-    USER.userID := ordersDB.UniQuery1.FieldByName('USER_ID').AsString;
-    USER.full_name := ordersDB.UniQuery1.FieldByName('NAME').AsString;
+    USER.userID := ordersDB.uqUsersUSER_ID.AsString;
+    USER.full_name := ordersDB.uqUsersNAME.AsString;
+    USER.representative := ordersDB.uqUsersREPRESENTATIVE.AsString;
    result.Add(USER);
-    ordersDB.UniQuery1.Next;
+    ordersDB.uqUsers.Next;
  end;
 end;

@@ -1736,12 +1737,12 @@ begin
    if not QB.IsEmpty then
      ordersDB.UniQuery1.FieldByName('QB_ID').AsString := QB;

-    {if((not (Password = 'hidden')) and (not (Password.IsEmpty))) then
+    if((not (Password = 'hidden')) and (not (Password.IsEmpty))) then
    begin
-      hashString :=  ordersDB.UniQuery1.FieldByName('date_created').AsString + password;
+      hashString := ordersDB.UniQuery1.FieldByName('NAME').AsString + password;
      hashPW := THashSHA2.GetHashString(hashString, THashSHA2.TSHA2Version.SHA512).ToUpper;
      ordersDB.UniQuery1.FieldByName('password').AsString := hashPW;
-    end;}
+    end;

    ordersDB.UniQuery1.Post;
    Result := 'Success: User Successfully Edited';

--- a/kgOrdersServer/Source/qbAPI.dfm
+++ b/kgOrdersServer/Source/qbAPI.dfm
@@ -148,7 +148,7 @@ object fQB: TfQB
      OnClick = Button12Click
    end
    object Button15: TButton
-      Left = 646
+      Left = 631
      Top = 32
      Width = 137
      Height = 25

--- a/kgOrdersServer/bin/kgOrdersServer.ini
+++ b/kgOrdersServer/bin/kgOrdersServer.ini
@@ -2,7 +2,7 @@
 MemoLogLevel=4
 FileLogLevel=4
 webClientVersion=1.0.0
-LogFileNum=129
+LogFileNum=137

 [Database]
 --Server=192.168.116.138