admin/bij
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit BIJ CI4

Browse Source
This commit is contained in:
BIJ Dev
2026-04-21 05:49:17 +07:00
commit fa38ac6b24
13170 changed files with 866701 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
app/Controllers/Admin/Auth.php Normal file
View File

@@ -0,0 +1,112 @@
<?php
declare(strict_types=1);
namespace App\Controllers\Admin;
use App\Controllers\BaseController;
use App\Services\Admin\AdminUsersLoginService;
use App\Services\ApiClient;
use CodeIgniter\HTTP\RedirectResponse;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Login admin → token API mobile disimpan di sesi.
*/
class Auth extends BaseController
{
public function login(): ResponseInterface|string
{
if (session()->get('admin_mobile_token')) {
return redirect()->to(site_url('admin'));
}
return view('admin/auth/login');
}
public function attempt(): RedirectResponse
{
$user = (string) $this->request->getPost('username');
$pass = (string) $this->request->getPost('password');
$client = new ApiClient();
$res = $client->postMobile('login', [
'username' => $user,
'password' => $pass,
]);
$json = $res['json'];
if ($res['transport_ok'] && ApiClient::isSuccess($json) && is_array($json) && ! empty($json['token'])) {
$token = (string) $json['token'];
$loginSvc = new AdminUsersLoginService();
$pid = $loginSvc->resolvePegawaiIdFromCredentials($user);
$linked = ($pid !== null && $pid > 0) ? $loginSvc->findLinkedAdminForPegawaiId($pid) : null;
if ($linked !== null) {
$dispUser = $linked['username'] !== '' ? $linked['username'] : $user;
session()->set([
'admin_mobile_token' => $token,
'admin_username' => $dispUser,
'admin_auth_source' => 'admin_users',
'admin_ion_user_id' => $linked['admin_user_id'],
'admin_ion_groups' => $linked['group_names'],
]);
return redirect()->to(site_url('admin'))->with('message', 'Login berhasil (akun admin / grup terhubung).');
}
session()->remove(['admin_ion_user_id', 'admin_ion_groups']);
session()->set([
'admin_mobile_token' => $token,
'admin_username' => $user,
'admin_auth_source' => 'pegawai',
]);
return redirect()->to(site_url('admin'))->with('message', 'Login berhasil.');
}
$ion = (new AdminUsersLoginService())->tryLogin($user, $pass);
if (($ion['ok'] ?? false) === true) {
session()->set([
'admin_mobile_token' => (string) $ion['token'],
'admin_username' => (string) $ion['username'],
'admin_auth_source' => 'admin_users',
'admin_ion_user_id' => (int) $ion['admin_user_id'],
'admin_ion_groups' => $ion['group_names'],
]);
return redirect()->to(site_url('admin'))->with('message', 'Login berhasil (Ion Auth / admin_users).');
}
if (($ion['reason'] ?? '') === 'no_group') {
return redirect()->back()->withInput()->with(
'error',
'Akun admin_users tidak memiliki grup di admin_users_groups — login ditolak (sesuai struktur Ion Auth).'
);
}
if (($ion['reason'] ?? '') === 'no_proxy') {
return redirect()->back()->withInput()->with(
'error',
'Akun admin_users valid, tetapi tidak ada pegawai untuk token API. Isi ADMIN_LOGIN_PROXY_PEGAWAI_ID di .env (id_pegawai) atau pastikan tabel pegawai berisi data.'
);
}
$msg = is_array($json) ? (string) ($json['pesan'] ?? 'Login gagal.') : ($res['error'] ?? 'Login gagal.');
return redirect()->back()->withInput()->with('error', $msg);
}
public function logout(): RedirectResponse
{
session()->remove([
'admin_mobile_token',
'admin_username',
'admin_auth_source',
'admin_ion_user_id',
'admin_ion_groups',
]);
return redirect()->to(site_url('admin/login'))->with('message', 'Anda telah keluar.');
}
}

112
app/Controllers/Admin/BaseAdminController.php Normal file
View File

@@ -0,0 +1,112 @@
<?php
declare(strict_types=1);
namespace App\Controllers\Admin;
use App\Controllers\BaseController;
use App\Services\ApiClient;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Psr\Log\LoggerInterface;
abstract class BaseAdminController extends BaseController
{
protected ApiClient $apiClient;
public function initController(RequestInterface $request, ResponseInterface $response, LoggerInterface $logger): void
{
parent::initController($request, $response, $logger);
helper('rbac');
$this->apiClient = new ApiClient();
}
/**
* RBAC fitur (`Config\AdminAccess` + `canAccess()`). Null = boleh lanjut.
*/
protected function enforceAccess(string $feature): ?ResponseInterface
{
if (canAccess($feature)) {
return null;
}
if ($this->request->isAJAX()) {
return $this->response->setStatusCode(403)->setJSON([
'status' => 0,
'pesan' => 'Akses ditolak untuk peran Anda.',
]);
}
return redirect()->to(site_url('admin'))->with('error', 'Akses ditolak untuk peran Anda.');
}
protected function adminToken(): ?string
{
$t = session()->get('admin_mobile_token');
return is_string($t) && $t !== '' ? $t : null;
}
/**
* @param array<string, scalar|null> $extra
*
* @return array{transport_ok: bool, http_code: int, json: array<string, mixed>|null, error: string|null, raw: string}
*/
protected function apiMobile(string $method, array $extra = []): array
{
$token = $this->adminToken();
if ($token === null) {
return [
'transport_ok' => false,
'http_code' => 0,
'json' => null,
'error' => 'Belum login — tidak ada token API.',
'raw' => '',
];
}
return $this->apiClient->postMobileWithToken($method, $token, $extra);
}
/**
* @param array<string, scalar|null> $query
*
* @return array{transport_ok: bool, http_code: int, json: array<string, mixed>|null, error: string|null, raw: string}
*/
protected function apiAdminGet(string $path, array $query = []): array
{
$token = $this->adminToken();
if ($token === null) {
return [
'transport_ok' => false,
'http_code' => 0,
'json' => null,
'error' => 'Belum login — tidak ada token API.',
'raw' => '',
];
}
return $this->apiClient->getAdmin($path, $token, $query);
}
/**
* @param array<string, scalar|null> $form
*
* @return array{transport_ok: bool, http_code: int, json: array<string, mixed>|null, error: string|null, raw: string}
*/
protected function apiAdminPost(string $path, array $form = []): array
{
$token = $this->adminToken();
if ($token === null) {
return [
'transport_ok' => false,
'http_code' => 0,
'json' => null,
'error' => 'Belum login — tidak ada token API.',
'raw' => '',
];
}
return $this->apiClient->postAdmin($path, $token, $form);
}
}

267
app/Controllers/Admin/Company.php Normal file
View File

@@ -0,0 +1,267 @@
<?php
declare(strict_types=1);
namespace App\Controllers\Admin;
use App\Services\ApiClient;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Master perusahaan — memanggil `/api/admin/company/*`.
*/
class Company extends BaseAdminController
{
public function kantor(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->loadExtra('company/kantor', 'admin/perusahaan/kantor');
}
public function kantorSave(): ResponseInterface
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->postExtra('company/kantor/save', 'admin/perusahaan/kantor');
}
public function kantorDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->postExtra('company/kantor/delete/' . $id, 'admin/perusahaan/kantor', []);
}
public function unitKerja(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->loadExtra('company/unit_kerja', 'admin/perusahaan/unit_kerja');
}
public function unitKerjaSave(): ResponseInterface
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->postExtra('company/unit_kerja/save', 'admin/perusahaan/unit_kerja');
}
public function unitKerjaDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->postExtra('company/unit_kerja/delete/' . $id, 'admin/perusahaan/unit_kerja', []);
}
public function golongan(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->loadExtra('company/golongan', 'admin/perusahaan/golongan');
}
public function golonganSave(): ResponseInterface
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->postExtra('company/golongan/save', 'admin/perusahaan/golongan');
}
public function golonganDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->postExtra('company/golongan/delete/' . $id, 'admin/perusahaan/golongan', []);
}
public function jabatan(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->loadExtra('company/jabatan', 'admin/perusahaan/jabatan');
}
public function jabatanSave(): ResponseInterface
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->postExtra('company/jabatan/save', 'admin/perusahaan/jabatan');
}
public function jabatanDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->postExtra('company/jabatan/delete/' . $id, 'admin/perusahaan/jabatan', []);
}
public function berita(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->loadExtra('company/berita', 'admin/perusahaan/berita');
}
public function beritaSave(): ResponseInterface
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
$post = $this->request->getPost() ?? [];
$existing = (string) ($this->request->getPost('photo_existing') ?? '');
if (($err = $this->mergeBeritaPhotoIntoPost($post, $existing)) !== null) {
return redirect()->to(site_url('admin/perusahaan/berita'))->with('error', $err);
}
unset($post['photo_existing']);
$r = $this->apiAdminPost('company/berita/save', $post);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url('admin/perusahaan/berita'))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
}
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
return redirect()->to(site_url('admin/perusahaan/berita'))->with('error', $msg);
}
public function beritaDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('perusahaan')) !== null) {
return $deny;
}
return $this->postExtra('company/berita/delete/' . $id, 'admin/perusahaan/berita', []);
}
private function loadExtra(string $apiPath, string $view): string
{
$errors = [];
$data = null;
$r = $this->apiAdminGet($apiPath);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$data = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat data') : 'Gagal memuat data');
}
return view($view, [
'payload' => is_array($data) ? $data : null,
'errors' => $errors,
]);
}
private function postExtra(string $apiPath, string $redirectUri, ?array $mergePost = null): ResponseInterface
{
$post = array_merge($this->request->getPost(), $mergePost ?? []);
$r = $this->apiAdminPost($apiPath, $post);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url($redirectUri))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
}
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
return redirect()->to(site_url($redirectUri))->with('error', $msg);
}
/**
* Selaras CI3: `assets/uploads/berita/`.
*/
private function beritaPhotoUploadDir(): string
{
$base = FCPATH . 'assets' . DIRECTORY_SEPARATOR . 'uploads' . DIRECTORY_SEPARATOR . 'berita';
if (! is_dir($base)) {
mkdir($base, 0755, true);
}
return $base;
}
/**
* Unggah ke folder berita atau nama file manual. Kolom DB kosong di API disimpan sebagai '-'.
*
* @param array<string, mixed> $post
*
* @return string|null pesan error, atau null jika OK
*/
private function mergeBeritaPhotoIntoPost(array &$post, string $photoExistingFromDb): ?string
{
$file = $this->request->getFile('photo_file');
if ($file !== null && $file->getError() !== UPLOAD_ERR_NO_FILE) {
if (! $file->isValid()) {
return 'Unggah foto tidak valid.';
}
$mime = (string) $file->getMimeType();
$allowedMime = ['image/jpeg', 'image/png', 'image/gif', 'image/webp'];
if (! in_array($mime, $allowedMime, true)) {
return 'Format foto harus JPG, PNG, GIF, atau WebP.';
}
if ($file->getSize() > 2_097_152) {
return 'Ukuran foto maksimal 2 MB.';
}
$ext = strtolower((string) ($file->guessExtension() ?: $file->getClientExtension()));
if (! in_array($ext, ['jpg', 'jpeg', 'png', 'gif', 'webp'], true)) {
return 'Ekstensi foto tidak didukung.';
}
$dir = $this->beritaPhotoUploadDir();
$rawName = pathinfo($file->getClientName(), PATHINFO_FILENAME);
$safeOriginal = preg_replace('/[^A-Za-z0-9._-]+/', '_', (string) $rawName) ?: 'berita';
$safeOriginal = substr($safeOriginal, 0, 80);
$filename = uniqid((string) mt_rand(), true) . '-' . $safeOriginal . '.' . $ext;
if (! $file->move($dir, $filename, true)) {
return 'Gagal menyimpan file foto ke server.';
}
$old = trim($photoExistingFromDb);
if ($old !== '' && $old !== '-' && $old !== $filename) {
$oldPath = $dir . DIRECTORY_SEPARATOR . basename(str_replace('\\', '/', $old));
if (is_file($oldPath)) {
@unlink($oldPath);
}
}
$post['photo'] = $filename;
return null;
}
$manual = isset($post['photo']) ? trim((string) $post['photo']) : '';
if ($manual === '' || $manual === '-') {
$post['photo'] = '';
return null;
}
$base = basename(str_replace('\\', '/', $manual));
if (! preg_match('/^[A-Za-z0-9._-]+$/', $base)) {
return 'Nama file foto hanya boleh huruf, angka, titik, garis bawah, dan tanda hubung (atau unggah file).';
}
$post['photo'] = substr($base, 0, 255);
return null;
}
}

153
app/Controllers/Admin/Cuti.php Normal file
View File

@@ -0,0 +1,153 @@
<?php
declare(strict_types=1);
namespace App\Controllers\Admin;
use App\Services\ApiClient;
use CodeIgniter\Exceptions\PageNotFoundException;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Manajemen cuti pegawai (setara `admin/pegawai/cuti` CI3) via `/api/admin/cuti*`.
*/
class Cuti extends BaseAdminController
{
public function index(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('cuti')) !== null) {
return $deny;
}
$status = (string) ($this->request->getGet('status') ?? 'Waiting');
$page = max(1, (int) ($this->request->getGet('page') ?? 1));
$errors = [];
$payload = null;
$r = $this->apiAdminGet('cuti', [
'status' => $status,
'page' => (string) $page,
'per_page' => '30',
]);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$payload = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat cuti') : 'Gagal memuat cuti');
}
helper('cuti_display');
return view('admin/cuti/index', [
'payload' => $payload,
'errors' => $errors,
'status' => $status,
'page' => $page,
]);
}
/**
* Layani dokumen cuti dari disk (setara file statis CI3 di assets/uploads/dokcuti/).
* Dipakai saat berkas belum dilayani langsung oleh web server (mis. file belum di-copy ke public).
*/
public function dokumen(string $file): ResponseInterface
{
if (($deny = $this->enforceAccess('cuti')) !== null) {
return $deny;
}
$safe = basename(rawurldecode($file));
if ($safe === '' || $safe === '.' || $safe === '..') {
throw PageNotFoundException::forPageNotFound();
}
if (! preg_match('/^[A-Za-z0-9._-]+$/', $safe)) {
throw PageNotFoundException::forPageNotFound();
}
$path = FCPATH . 'assets' . DIRECTORY_SEPARATOR . 'uploads' . DIRECTORY_SEPARATOR . 'dokcuti' . DIRECTORY_SEPARATOR . $safe;
if (! is_file($path)) {
throw PageNotFoundException::forPageNotFound(
'Berkas tidak ada di server. Salin isi folder dokcuti dari CI3 ke: public/assets/uploads/dokcuti/',
);
}
$ext = strtolower((string) pathinfo($safe, PATHINFO_EXTENSION));
$mime = match ($ext) {
'jpg', 'jpeg' => 'image/jpeg',
'png' => 'image/png',
'gif' => 'image/gif',
'webp' => 'image/webp',
'pdf' => 'application/pdf',
default => 'application/octet-stream',
};
$this->response->setHeader('Content-Type', $mime);
$this->response->setHeader('Content-Disposition', 'inline; filename="' . addcslashes($safe, '"\\') . '"');
return $this->response->setBody((string) file_get_contents($path));
}
public function detail(int $id): ResponseInterface|string
{
if (($deny = $this->enforceAccess('cuti')) !== null) {
return $deny;
}
$errors = [];
$bundle = null;
$r = $this->apiAdminGet('cuti/' . $id);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$bundle = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat detail') : 'Gagal memuat detail');
}
helper('cuti_display');
return view('admin/cuti/detail', [
'bundle' => is_array($bundle) ? $bundle : null,
'errors' => $errors,
'id' => $id,
]);
}
public function approve(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('cuti')) !== null) {
return $deny;
}
$res = $this->apiAdminPost('cuti/approve', ['id_cuti' => (string) $id]);
if ($res['transport_ok'] && ApiClient::isSuccess($res['json'])) {
return redirect()->to(site_url('admin/cuti'))->with('message', (string) ($res['json']['pesan'] ?? 'Disetujui'));
}
$msg = is_array($res['json']) ? (string) ($res['json']['pesan'] ?? 'Gagal') : ($res['error'] ?? 'Gagal');
return redirect()->back()->with('error', $msg);
}
public function reject(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('cuti')) !== null) {
return $deny;
}
$alasan = (string) ($this->request->getPost('alasan_tolak') ?? '');
$res = $this->apiAdminPost('cuti/reject', [
'id_cuti' => (string) $id,
'alasan_tolak' => $alasan,
]);
if ($res['transport_ok'] && ApiClient::isSuccess($res['json'])) {
return redirect()->to(site_url('admin/cuti'))->with('message', (string) ($res['json']['pesan'] ?? 'Ditolak'));
}
$msg = is_array($res['json']) ? (string) ($res['json']['pesan'] ?? 'Gagal') : ($res['error'] ?? 'Gagal');
return redirect()->back()->withInput()->with('error', $msg);
}
}

62
app/Controllers/Admin/Dashboard.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
declare(strict_types=1);
namespace App\Controllers\Admin;
use App\Services\ApiClient;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Beranda: statistik admin (`/api/admin/dashboard`) + profil/berita mobile (opsional).
*/
class Dashboard extends BaseAdminController
{
public function index(): string|ResponseInterface
{
if (($deny = $this->enforceAccess('dashboard')) !== null) {
return $deny;
}
$token = $this->adminToken();
$profil = null;
$berita = null;
$errors = [];
$summary = null;
if ($token === null) {
$errors[] = 'Silakan login untuk memuat data dari API.';
} else {
$d = $this->apiAdminGet('dashboard');
if ($d['transport_ok'] && ApiClient::isSuccess($d['json'])) {
$summary = $d['json']['data'] ?? null;
} else {
$errors[] = $d['error'] ?? (is_array($d['json']) ? (string) ($d['json']['pesan'] ?? 'Ringkasan dashboard tidak dapat dimuat.') : 'Ringkasan dashboard tidak dapat dimuat.');
}
$p = $this->apiMobile('profil', []);
if ($p['transport_ok'] && ApiClient::isSuccess($p['json'])) {
$profil = $p['json']['pegawai'] ?? null;
} else {
$errors[] = $p['error'] ?? (is_array($p['json']) ? (string) ($p['json']['pesan'] ?? 'Profil tidak dapat dimuat.') : 'Profil tidak dapat dimuat.');
}
$b = $this->apiMobile('berita', ['dari' => '0', 'jumlah' => '5']);
if ($b['transport_ok'] && ApiClient::isSuccess($b['json'])) {
$berita = $b['json']['data'] ?? [];
} else {
$errors[] = $b['error'] ?? (is_array($b['json']) ? (string) ($b['json']['pesan'] ?? 'Berita tidak dapat dimuat.') : 'Berita tidak dapat dimuat.');
}
}
helper('cuti_display');
return view('admin/dashboard/index', [
'summary' => is_array($summary) ? $summary : null,
'profil' => $profil,
'berita' => is_array($berita) ? $berita : [],
'errors' => $errors,
'token' => $token !== null,
]);
}
}

75
app/Controllers/Admin/Laporan.php Normal file
View File

@@ -0,0 +1,75 @@
<?php
declare(strict_types=1);
namespace App\Controllers\Admin;
use App\Services\ApiClient;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Ringkasan laporan (dashboard angka) lewat `/api/admin/laporan`.
*/
class Laporan extends BaseAdminController
{
public function index(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('laporan')) !== null) {
return $deny;
}
$today = date('Y-m-d');
$dari = (string) ($this->request->getGet('dari') ?? $today);
$sampai = (string) ($this->request->getGet('sampai') ?? $today);
$errors = [];
$summary = null;
$r = $this->apiAdminGet('laporan', ['dari' => $dari, 'sampai' => $sampai]);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$summary = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat laporan') : 'Gagal memuat laporan');
}
return view('admin/laporan/index', [
'summary' => is_array($summary) ? $summary : null,
'errors' => $errors,
'dari' => $dari,
'sampai' => $sampai,
]);
}
public function cuti(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('laporan')) !== null) {
return $deny;
}
$today = date('Y-m-d');
$dari = (string) ($this->request->getGet('dari') ?? $today);
$sampai = (string) ($this->request->getGet('sampai') ?? $today);
$errors = [];
$rows = [];
$meta = ['dari' => $dari, 'sampai' => $sampai];
$r = $this->apiAdminGet('laporan/cuti', ['dari' => $dari, 'sampai' => $sampai]);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$d = $r['json']['data'] ?? [];
$rows = is_array($d['rows'] ?? null) ? $d['rows'] : [];
$meta = [
'dari' => (string) ($d['dari'] ?? $dari),
'sampai' => (string) ($d['sampai'] ?? $sampai),
];
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
}
return view('admin/laporan/cuti', [
'rows' => $rows,
'errors' => $errors,
'dari' => $meta['dari'],
'sampai' => $meta['sampai'],
]);
}
}

308
app/Controllers/Admin/Panel.php Normal file
View File

@@ -0,0 +1,308 @@
<?php
declare(strict_types=1);
namespace App\Controllers\Admin;
use App\Services\ApiClient;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Panel pengguna admin (Ion) — API `/api/admin/panel/*`.
*/
class Panel extends BaseAdminController
{
public function users(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$errors = [];
$rows = [];
$r = $this->apiAdminGet('panel/users');
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$d = $r['json']['data'] ?? [];
$rows = is_array($d['rows'] ?? null) ? $d['rows'] : [];
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
}
return view('admin/panel/users', ['rows' => $rows, 'errors' => $errors]);
}
public function groups(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$errors = [];
$rows = [];
$r = $this->apiAdminGet('panel/groups');
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$d = $r['json']['data'] ?? [];
$rows = is_array($d['rows'] ?? null) ? $d['rows'] : [];
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
}
return view('admin/panel/groups', ['rows' => $rows, 'errors' => $errors]);
}
public function groupCreate(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
return view('admin/panel/group_create', ['errors' => []]);
}
public function groupStore(): ResponseInterface
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$r = $this->apiAdminPost('panel/groups/create', $this->request->getPost());
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url('admin/panel/groups'))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
}
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
return redirect()->to(site_url('admin/panel/groups/create'))->withInput()->with('error', $msg);
}
public function groupEdit(int $id): ResponseInterface|string
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$errors = [];
$row = null;
$r = $this->apiAdminGet('panel/groups');
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$d = $r['json']['data'] ?? [];
$list = is_array($d['rows'] ?? null) ? $d['rows'] : [];
foreach ($list as $g) {
if ((int) ($g['id'] ?? 0) === $id) {
$row = $g;
break;
}
}
if ($row === null) {
$errors[] = 'Grup tidak ditemukan.';
}
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
}
if ($row === null && $errors === []) {
$errors[] = 'Grup tidak ditemukan.';
}
return view('admin/panel/group_edit', ['id' => $id, 'row' => $row, 'errors' => $errors]);
}
public function groupUpdate(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$r = $this->apiAdminPost('panel/groups/update/' . $id, $this->request->getPost());
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url('admin/panel/groups'))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
}
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
return redirect()->to(site_url('admin/panel/groups/edit/' . $id))->withInput()->with('error', $msg);
}
public function groupDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$r = $this->apiAdminPost('panel/groups/delete/' . $id, $this->request->getPost());
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url('admin/panel/groups'))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
}
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
return redirect()->to(site_url('admin/panel/groups'))->with('error', $msg);
}
public function userCreate(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$errors = [];
$groups = [];
$pegawaiRows = [];
$r = $this->apiAdminGet('panel/groups');
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$d = $r['json']['data'] ?? [];
$groups = is_array($d['rows'] ?? null) ? $d['rows'] : [];
} else {
$errors[] = $r['error'] ?? 'Gagal memuat grup';
}
$pegawaiRows = $this->fetchPegawaiRowsForSelect($errors);
return view('admin/panel/user_create', [
'groups' => $groups,
'pegawai_rows' => $pegawaiRows,
'errors' => $errors,
]);
}
public function userStore(): ResponseInterface
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$r = $this->apiAdminPost('panel/users/create', $this->request->getPost());
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url('admin/panel/users'))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
}
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
return redirect()->to(site_url('admin/panel/users/create'))->withInput()->with('error', $msg);
}
public function userEdit(int $id): ResponseInterface|string
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$errors = [];
$user = null;
$r = $this->apiAdminGet('panel/users/' . $id);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$d = $r['json']['data'] ?? null;
$user = is_array($d) ? $d : null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat pengguna') : 'Gagal memuat pengguna');
}
$groups = [];
$gr = $this->apiAdminGet('panel/groups');
if ($gr['transport_ok'] && ApiClient::isSuccess($gr['json'])) {
$gd = $gr['json']['data'] ?? [];
$groups = is_array($gd['rows'] ?? null) ? $gd['rows'] : [];
} else {
$errors[] = $gr['error'] ?? 'Gagal memuat grup';
}
$pegawaiRows = $this->fetchPegawaiRowsForSelect($errors);
return view('admin/panel/user_edit', [
'id' => $id,
'user' => $user,
'groups' => $groups,
'pegawai_rows' => $pegawaiRows,
'errors' => $errors,
]);
}
public function userUpdate(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$r = $this->apiAdminPost('panel/users/update/' . $id, $this->request->getPost());
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url('admin/panel/users'))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
}
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
return redirect()->to(site_url('admin/panel/users/edit/' . $id))->withInput()->with('error', $msg);
}
public function userReset(int $id): ResponseInterface|string
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
return view('admin/panel/user_reset', ['id' => $id]);
}
public function userResetPassword(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('panel')) !== null) {
return $deny;
}
$r = $this->apiAdminPost('panel/users/reset_password/' . $id, $this->request->getPost());
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url('admin/panel/users'))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
}
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
return redirect()->to(site_url('admin/panel/users/reset/' . $id))->withInput()->with('error', $msg);
}
/**
* Gabungkan semua halaman `GET api/admin/pegawai` — satu request cuma mengembalikan `per_page` baris.
*
* @param list<string> $errors
*
* @return list<array<string, mixed>>
*/
private function fetchPegawaiRowsForSelect(array &$errors): array
{
$byId = [];
$page = 1;
$maxPage = 80;
while ($page <= $maxPage) {
$pr = $this->apiAdminGet('pegawai', [
'page' => (string) $page,
'per_page' => '500',
'q' => '',
]);
if (! $pr['transport_ok'] || ! ApiClient::isSuccess($pr['json'])) {
if ($page === 1) {
$errors[] = $pr['error'] ?? (is_array($pr['json']) ? (string) ($pr['json']['pesan'] ?? 'Gagal memuat daftar pegawai') : 'Gagal memuat daftar pegawai');
}
break;
}
$pd = $pr['json']['data'] ?? [];
$chunk = is_array($pd['rows'] ?? null) ? $pd['rows'] : [];
foreach ($chunk as $row) {
if (! is_array($row)) {
continue;
}
$pid = (int) ($row['id_pegawai'] ?? 0);
if ($pid > 0) {
$byId[$pid] = $row;
}
}
$totalPage = (int) ($pd['total_page'] ?? 1);
if ($page >= $totalPage || $chunk === []) {
break;
}
$page++;
}
$out = array_values($byId);
usort($out, static function (array $a, array $b): int {
return strcasecmp((string) ($a['nama_lengkap'] ?? ''), (string) ($b['nama_lengkap'] ?? ''));
});
return $out;
}
}

288
app/Controllers/Admin/Pegawai.php Normal file
View File

@@ -0,0 +1,288 @@
<?php
declare(strict_types=1);
namespace App\Controllers\Admin;
use App\Services\ApiClient;
use CodeIgniter\HTTP\ResponseInterface;
/**
* CRUD pegawai lewat API `/api/admin/pegawai/*` (tanpa query DB di controller).
*/
class Pegawai extends BaseAdminController
{
public function index(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('pegawai')) !== null) {
return $deny;
}
$page = max(1, (int) ($this->request->getGet('page') ?? 1));
$q = (string) ($this->request->getGet('q') ?? '');
$errors = [];
$payload = null;
$r = $this->apiAdminGet('pegawai', [
'page' => (string) $page,
'per_page' => '20',
'q' => $q,
]);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$payload = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat daftar pegawai') : 'Gagal memuat daftar pegawai');
}
return view('admin/pegawai/index', [
'payload' => $payload,
'errors' => $errors,
'q' => $q,
'page' => $page,
]);
}
public function create(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('pegawai_tambah')) !== null) {
return $deny;
}
$refs = $this->loadReferences();
return view('admin/pegawai/form', [
'mode' => 'create',
'row' => null,
'refs' => $refs['data'],
'errors' => $refs['errors'],
'apiError' => null,
]);
}
public function store(): ResponseInterface
{
if (($deny = $this->enforceAccess('pegawai_tambah')) !== null) {
return $deny;
}
$post = $this->sanitizePegawaiPost($this->request->getPost() ?? []);
if (($err = $this->mergePegawaiPhotoIntoPost($post, null)) !== null) {
return redirect()->back()->withInput()->with('error', $err);
}
$res = $this->apiAdminPost('pegawai/create', $post);
if ($res['transport_ok'] && ApiClient::isSuccess($res['json'])) {
return redirect()->to(site_url('admin/pegawai'))->with('message', (string) ($res['json']['pesan'] ?? 'Data berhasil disimpan'));
}
$msg = is_array($res['json']) ? (string) ($res['json']['pesan'] ?? 'Gagal menyimpan') : ($res['error'] ?? 'Gagal menyimpan');
return redirect()->back()->withInput()->with('error', $msg);
}
public function edit(int $id): ResponseInterface|string
{
if (($deny = $this->enforceAccess('pegawai')) !== null) {
return $deny;
}
$refs = $this->loadReferences();
$row = null;
$err = $refs['errors'];
$r = $this->apiAdminGet('pegawai/' . $id);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$row = $r['json']['data'] ?? null;
} else {
$err[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat pegawai') : 'Gagal memuat pegawai');
}
return view('admin/pegawai/form', [
'mode' => 'edit',
'row' => is_array($row) ? $row : null,
'refs' => $refs['data'],
'errors' => $err,
'apiError' => null,
]);
}
public function update(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('pegawai')) !== null) {
return $deny;
}
$post = $this->sanitizePegawaiPost($this->request->getPost() ?? []);
$post['id_pegawai'] = $id;
$photoExisting = (string) ($this->request->getPost('photo_existing') ?? '');
if (($err = $this->mergePegawaiPhotoIntoPost($post, $photoExisting)) !== null) {
return redirect()->back()->withInput()->with('error', $err);
}
$res = $this->apiAdminPost('pegawai/update', $post);
if ($res['transport_ok'] && ApiClient::isSuccess($res['json'])) {
return redirect()->to(site_url('admin/pegawai'))->with('message', (string) ($res['json']['pesan'] ?? 'Data berhasil diperbarui'));
}
$msg = is_array($res['json']) ? (string) ($res['json']['pesan'] ?? 'Gagal memperbarui') : ($res['error'] ?? 'Gagal memperbarui');
return redirect()->back()->withInput()->with('error', $msg);
}
public function delete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('pegawai')) !== null) {
return $deny;
}
$res = $this->apiAdminPost('pegawai/delete', ['id_pegawai' => (string) $id]);
if ($res['transport_ok'] && ApiClient::isSuccess($res['json'])) {
return redirect()->to(site_url('admin/pegawai'))->with('message', (string) ($res['json']['pesan'] ?? 'Terhapus'));
}
$msg = is_array($res['json']) ? (string) ($res['json']['pesan'] ?? 'Gagal menghapus') : ($res['error'] ?? 'Gagal menghapus');
return redirect()->back()->with('error', $msg);
}
public function reset(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('pegawai')) !== null) {
return $deny;
}
$res = $this->apiAdminPost('pegawai/reset_password', ['id_pegawai' => (string) $id]);
if ($res['transport_ok'] && ApiClient::isSuccess($res['json'])) {
return redirect()->to(site_url('admin/pegawai'))->with('message', (string) ($res['json']['pesan'] ?? 'Password direset'));
}
$msg = is_array($res['json']) ? (string) ($res['json']['pesan'] ?? 'Gagal reset') : ($res['error'] ?? 'Gagal reset');
return redirect()->back()->with('error', $msg);
}
/**
* @return array{data: array<string, mixed>|null, errors: list<string>}
*/
private function loadReferences(): array
{
$errors = [];
$data = null;
$r = $this->apiAdminGet('references');
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$data = is_array($r['json']['data'] ?? null) ? $r['json']['data'] : null;
} else {
$errors[] = $r['error'] ?? 'Referensi jabatan/unit tidak dapat dimuat.';
}
return ['data' => $data, 'errors' => $errors];
}
/**
* @param array<string, mixed> $post
*
* @return array<string, scalar|null>
*/
private function sanitizePegawaiPost(array $post): array
{
$out = [];
foreach ($post as $k => $v) {
if (! is_scalar($v) && $v !== null) {
continue;
}
$key = (string) $k;
if (in_array($key, ['nip', 'nama_lengkap', 'jenis_kelamin', 'tempat_lahir', 'tanggal_lahir', 'email', 'jabatan', 'unit_kerja', 'golongan_pekerjaan', 'kantor', 'status_kepegawaian', 'tanggal_bergabung', 'jadwal', 'super_akses', 'username', 'password', 'photo'], true)) {
$out[$key] = $v;
}
}
foreach (['jabatan', 'unit_kerja', 'golongan_pekerjaan', 'kantor', 'jadwal'] as $intKey) {
if (isset($out[$intKey]) && $out[$intKey] !== '' && $out[$intKey] !== null) {
$out[$intKey] = (int) $out[$intKey];
}
}
return $out;
}
/**
* Sama dengan aplikasi mobile: `public/assets/uploads/pengguna/`.
*/
private function pegawaiPhotoUploadDir(): string
{
$base = FCPATH . 'assets' . DIRECTORY_SEPARATOR . 'uploads' . DIRECTORY_SEPARATOR . 'pengguna';
if (! is_dir($base)) {
mkdir($base, 0755, true);
}
return $base;
}
/**
* Unggah file ke folder pengguna atau pakai nama file manual. Mengisi `$post['photo']`.
*
* @param array<string, scalar|null> $post
*
* @return string|null pesan error, atau null jika OK
*/
private function mergePegawaiPhotoIntoPost(array &$post, ?string $photoExistingFromDb): ?string
{
$file = $this->request->getFile('photo_file');
if ($file !== null && $file->getError() !== UPLOAD_ERR_NO_FILE) {
if (! $file->isValid()) {
return 'Unggah foto tidak valid.';
}
$mime = (string) $file->getMimeType();
$allowedMime = ['image/jpeg', 'image/png', 'image/gif', 'image/webp'];
if (! in_array($mime, $allowedMime, true)) {
return 'Format foto harus JPG, PNG, GIF, atau WebP.';
}
if ($file->getSize() > 2_097_152) {
return 'Ukuran foto maksimal 2 MB.';
}
$ext = strtolower((string) ($file->guessExtension() ?: $file->getClientExtension()));
if (! in_array($ext, ['jpg', 'jpeg', 'png', 'gif', 'webp'], true)) {
return 'Ekstensi foto tidak didukung.';
}
$dir = $this->pegawaiPhotoUploadDir();
$rawName = pathinfo($file->getClientName(), PATHINFO_FILENAME);
$safeOriginal = preg_replace('/[^A-Za-z0-9._-]+/', '_', (string) $rawName) ?: 'photo';
$safeOriginal = substr($safeOriginal, 0, 80);
$filename = uniqid((string) mt_rand(), true) . '-' . $safeOriginal . '.' . $ext;
if (! $file->move($dir, $filename, true)) {
return 'Gagal menyimpan file foto ke server.';
}
$old = $photoExistingFromDb !== null ? trim($photoExistingFromDb) : '';
if ($old !== '' && $old !== '-' && $old !== $filename) {
$oldPath = $dir . DIRECTORY_SEPARATOR . basename(str_replace('\\', '/', $old));
if (is_file($oldPath)) {
@unlink($oldPath);
}
}
$post['photo'] = $filename;
return null;
}
$manual = isset($post['photo']) ? trim((string) $post['photo']) : '';
if ($manual === '' || $manual === '-') {
$post['photo'] = '';
return null;
}
$base = basename(str_replace('\\', '/', $manual));
if (! preg_match('/^[A-Za-z0-9._-]+$/', $base)) {
return 'Nama file foto hanya boleh huruf, angka, titik, garis bawah, dan tanda hubung (atau unggah file).';
}
$post['photo'] = substr($base, 0, 255);
return null;
}
}

645
app/Controllers/Admin/Presensi.php Normal file
View File

@@ -0,0 +1,645 @@
<?php
declare(strict_types=1);
namespace App\Controllers\Admin;
use App\Services\ApiClient;
use CodeIgniter\Exceptions\PageNotFoundException;
use CodeIgniter\HTTP\ResponseInterface;
use PhpOffice\PhpSpreadsheet\Cell\Coordinate;
use PhpOffice\PhpSpreadsheet\Spreadsheet;
use PhpOffice\PhpSpreadsheet\Style\Alignment;
use PhpOffice\PhpSpreadsheet\Style\Border;
use PhpOffice\PhpSpreadsheet\Style\Fill;
use PhpOffice\PhpSpreadsheet\Writer\Xlsx;
/**
* Daftar & detail presensi lewat `/api/admin/presensi*`.
*/
class Presensi extends BaseAdminController
{
public function index(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
$today = date('Y-m-d');
$dari = (string) ($this->request->getGet('tanggal_dari') ?? $today);
$sampai = (string) ($this->request->getGet('tanggal_sampai') ?? $today);
$page = max(1, (int) ($this->request->getGet('page') ?? 1));
$q = (string) ($this->request->getGet('q') ?? '');
$errors = [];
$payload = null;
$r = $this->apiAdminGet('presensi', [
'tanggal_dari' => $dari,
'tanggal_sampai' => $sampai,
'page' => (string) $page,
'per_page' => '30',
'q' => $q,
]);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$payload = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat presensi') : 'Gagal memuat presensi');
}
return view('admin/presensi/index', [
'payload' => $payload,
'errors' => $errors,
'dari' => $dari,
'sampai' => $sampai,
'page' => $page,
'q' => $q,
]);
}
/**
* Ambil semua baris presensi untuk ekspor (sama dengan filter list; maks. 100 halaman × 200 baris).
*
* @return array{ok: true, rows: list<array<string, mixed>>, dari: string, sampai: string, q: string}|array{ok: false, error: string, dari: string, sampai: string, q: string}
*/
private function fetchPresensiExportRows(): array
{
$today = date('Y-m-d');
$dari = (string) ($this->request->getGet('tanggal_dari') ?? $today);
$sampai = (string) ($this->request->getGet('tanggal_sampai') ?? $today);
$q = (string) ($this->request->getGet('q') ?? '');
$per = 200;
$maxPg = 100;
$allRows = [];
$totalPage = 1;
for ($page = 1; $page <= $totalPage && $page <= $maxPg; $page++) {
$r = $this->apiAdminGet('presensi', [
'tanggal_dari' => $dari,
'tanggal_sampai' => $sampai,
'page' => (string) $page,
'per_page' => (string) $per,
'q' => $q,
]);
if (! $r['transport_ok'] || ! ApiClient::isSuccess($r['json'])) {
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal mengekspor') : 'Gagal mengekspor');
return ['ok' => false, 'error' => $msg, 'dari' => $dari, 'sampai' => $sampai, 'q' => $q];
}
$payload = $r['json']['data'] ?? [];
$rows = is_array($payload['rows'] ?? null) ? $payload['rows'] : [];
if ($page === 1) {
$totalPage = max(1, min($maxPg, (int) ($payload['total_page'] ?? 1)));
}
$allRows = array_merge($allRows, $rows);
}
return ['ok' => true, 'rows' => $allRows, 'dari' => $dari, 'sampai' => $sampai, 'q' => $q];
}
/**
* Unduh CSV semua baris presensi untuk filter yang sama (paginasi digabung, maks. 100 halaman × 200 baris).
*/
public function exportCsv(): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
$fetched = $this->fetchPresensiExportRows();
if (! $fetched['ok']) {
return redirect()->to(site_url('admin/presensi?' . http_build_query(array_filter([
'tanggal_dari' => $fetched['dari'],
'tanggal_sampai' => $fetched['sampai'],
'q' => $fetched['q'],
]))))->with('error', $fetched['error']);
}
$allRows = $fetched['rows'];
$dari = $fetched['dari'];
$sampai = $fetched['sampai'];
$fh = fopen('php://memory', 'r+b');
if ($fh === false) {
return redirect()->to(site_url('admin/presensi'))->with('error', 'Gagal membuat file CSV.');
}
fwrite($fh, "\xEF\xBB\xBF");
fputcsv($fh, [
'id_presensi',
'tanggal',
'nama_lengkap',
'nip',
'status',
'jam_masuk',
'ket_masuk',
'jam_pulang',
'ket_pulang',
'istirahat',
]);
foreach ($allRows as $pr) {
if (! is_array($pr)) {
continue;
}
$jm = $pr['jam_masuk'] ?? null;
$jp = $pr['jam_pulang'] ?? null;
$mi = $pr['mulai_istirahat'] ?? null;
$bi = $pr['beres_istirahat'] ?? null;
$ist = '';
if (! empty($mi) || ! empty($bi)) {
$ist = (empty($mi) ? '—' : self::formatTimeForCsv((string) $mi)) . ' → ' . (empty($bi) ? '—' : self::formatTimeForCsv((string) $bi));
}
fputcsv($fh, [
(string) ($pr['id_presensi'] ?? ''),
(string) ($pr['tanggal'] ?? ''),
(string) ($pr['nama_lengkap'] ?? ''),
(string) ($pr['nip'] ?? ''),
self::presensiStatusLabelForCsv($pr),
self::formatTimeForCsv($jm !== null ? (string) $jm : ''),
(string) ($pr['ket_masuk'] ?? ''),
self::formatTimeForCsv($jp !== null ? (string) $jp : ''),
(string) ($pr['ket_pulang'] ?? ''),
$ist,
]);
}
rewind($fh);
$csv = stream_get_contents($fh) ?: '';
fclose($fh);
$fn = 'presensi_' . preg_replace('/[^0-9-]/', '', $dari) . '_' . preg_replace('/[^0-9-]/', '', $sampai) . '_' . date('His') . '.csv';
return $this->response
->setHeader('Content-Type', 'text/csv; charset=UTF-8')
->setHeader('Content-Disposition', 'attachment; filename="' . str_replace(['"', "\r", "\n"], '', $fn) . '"')
->setBody($csv);
}
/**
* Unduh Excel (.xlsx) dengan kolom rapi: header tebal, filter, lebar kolom, teks ket. dibungkus.
*/
public function exportXlsx(): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
$fetched = $this->fetchPresensiExportRows();
if (! $fetched['ok']) {
return redirect()->to(site_url('admin/presensi?' . http_build_query(array_filter([
'tanggal_dari' => $fetched['dari'],
'tanggal_sampai' => $fetched['sampai'],
'q' => $fetched['q'],
]))))->with('error', $fetched['error']);
}
$allRows = $fetched['rows'];
$dari = $fetched['dari'];
$sampai = $fetched['sampai'];
$spreadsheet = new Spreadsheet();
$sheet = $spreadsheet->getActiveSheet();
$sheet->setTitle('Presensi');
$headers = [
'ID presensi',
'Tanggal',
'Nama lengkap',
'NIP',
'Status',
'Jam masuk',
'Ket. masuk',
'Jam pulang',
'Ket. pulang',
'Istirahat',
];
foreach ($headers as $i => $h) {
$sheet->setCellValue(Coordinate::stringFromColumnIndex($i + 1) . '1', $h);
}
$headerStyle = [
'font' => ['bold' => true, 'color' => ['rgb' => 'FFFFFF']],
'fill' => [
'fillType' => Fill::FILL_SOLID,
'startColor' => ['rgb' => '1F4E79'],
],
'alignment' => [
'horizontal' => Alignment::HORIZONTAL_CENTER,
'vertical' => Alignment::VERTICAL_CENTER,
],
'borders' => [
'allBorders' => ['borderStyle' => Border::BORDER_THIN, 'color' => ['rgb' => 'CCCCCC']],
],
];
$sheet->getStyle('A1:J1')->applyFromArray($headerStyle);
$sheet->getRowDimension(1)->setRowHeight(22);
$rowNum = 2;
foreach ($allRows as $pr) {
if (! is_array($pr)) {
continue;
}
$jm = $pr['jam_masuk'] ?? null;
$jp = $pr['jam_pulang'] ?? null;
$mi = $pr['mulai_istirahat'] ?? null;
$bi = $pr['beres_istirahat'] ?? null;
$ist = '';
if (! empty($mi) || ! empty($bi)) {
$ist = (empty($mi) ? '—' : self::formatTimeForCsv((string) $mi)) . ' → ' . (empty($bi) ? '—' : self::formatTimeForCsv((string) $bi));
}
$sheet->setCellValue('A' . $rowNum, (string) ($pr['id_presensi'] ?? ''));
$sheet->setCellValue('B' . $rowNum, (string) ($pr['tanggal'] ?? ''));
$sheet->setCellValue('C' . $rowNum, (string) ($pr['nama_lengkap'] ?? ''));
$sheet->setCellValue('D' . $rowNum, (string) ($pr['nip'] ?? ''));
$sheet->setCellValue('E' . $rowNum, self::presensiStatusLabelForCsv($pr));
$sheet->setCellValue('F' . $rowNum, self::formatTimeForCsv($jm !== null ? (string) $jm : ''));
$sheet->setCellValue('G' . $rowNum, (string) ($pr['ket_masuk'] ?? ''));
$sheet->setCellValue('H' . $rowNum, self::formatTimeForCsv($jp !== null ? (string) $jp : ''));
$sheet->setCellValue('I' . $rowNum, (string) ($pr['ket_pulang'] ?? ''));
$sheet->setCellValue('J' . $rowNum, $ist);
$rowNum++;
}
$lastRow = max(2, $rowNum - 1);
if ($lastRow >= 2) {
$sheet->getStyle('A2:J' . $lastRow)->applyFromArray([
'borders' => [
'allBorders' => ['borderStyle' => Border::BORDER_THIN, 'color' => ['rgb' => 'DDDDDD']],
],
'alignment' => [
'vertical' => Alignment::VERTICAL_TOP,
],
]);
$sheet->getStyle('G2:G' . $lastRow)->getAlignment()->setWrapText(true);
$sheet->getStyle('I2:I' . $lastRow)->getAlignment()->setWrapText(true);
$sheet->getStyle('A2:A' . $lastRow)->getNumberFormat()->setFormatCode('@');
$sheet->getStyle('D2:D' . $lastRow)->getNumberFormat()->setFormatCode('@');
}
$sheet->freezePane('A2');
$sheet->setAutoFilter('A1:J1');
$sheet->getColumnDimension('A')->setWidth(14);
$sheet->getColumnDimension('B')->setWidth(12);
$sheet->getColumnDimension('C')->setWidth(28);
$sheet->getColumnDimension('D')->setWidth(18);
$sheet->getColumnDimension('E')->setWidth(14);
$sheet->getColumnDimension('F')->setWidth(11);
$sheet->getColumnDimension('G')->setWidth(36);
$sheet->getColumnDimension('H')->setWidth(11);
$sheet->getColumnDimension('I')->setWidth(36);
$sheet->getColumnDimension('J')->setWidth(22);
$tmp = tempnam(sys_get_temp_dir(), 'prxlsx');
if ($tmp === false) {
return redirect()->to(site_url('admin/presensi'))->with('error', 'Gagal membuat file Excel.');
}
try {
(new Xlsx($spreadsheet))->save($tmp);
} catch (\Throwable $e) {
@unlink($tmp);
log_message('error', 'exportXlsx: {message}', ['message' => $e->getMessage()]);
return redirect()->to(site_url('admin/presensi?' . http_build_query(array_filter([
'tanggal_dari' => $dari,
'tanggal_sampai' => $sampai,
'q' => $fetched['q'],
]))))->with('error', 'Gagal menulis file Excel. Pastikan ekstensi PHP zip aktif.');
}
$binary = (string) file_get_contents($tmp);
@unlink($tmp);
$spreadsheet->disconnectWorksheets();
$fn = 'presensi_' . preg_replace('/[^0-9-]/', '', $dari) . '_' . preg_replace('/[^0-9-]/', '', $sampai) . '_' . date('His') . '.xlsx';
return $this->response
->setHeader('Content-Type', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet')
->setHeader('Content-Disposition', 'attachment; filename="' . str_replace(['"', "\r", "\n"], '', $fn) . '"')
->setBody($binary);
}
/**
* @param array<string, mixed> $pr
*/
private static function presensiStatusLabelForCsv(array $pr): string
{
$jm = $pr['jam_masuk'] ?? null;
$jp = $pr['jam_pulang'] ?? null;
$hadirMasuk = $jm !== null && $jm !== '';
$hadirPulang = $jp !== null && $jp !== '';
if ($hadirMasuk && $hadirPulang) {
return 'Lengkap';
}
if ($hadirMasuk || $hadirPulang) {
return 'Sebagian';
}
return 'Belum rekam';
}
private static function formatTimeForCsv(string $t): string
{
if ($t === '') {
return '';
}
$ts = strtotime($t);
return $ts ? date('H:i', $ts) : $t;
}
/**
* Layani foto absen masuk/pulang dari disk (public/assets/uploads/absen/…).
*/
public function foto(string $jenis, string $file): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
$jenis = strtolower($jenis);
if ($jenis !== 'masuk' && $jenis !== 'pulang') {
throw PageNotFoundException::forPageNotFound();
}
$safe = basename(rawurldecode($file));
if ($safe === '' || $safe === '.' || $safe === '..') {
throw PageNotFoundException::forPageNotFound();
}
if (! preg_match('/^[A-Za-z0-9._-]+$/', $safe)) {
throw PageNotFoundException::forPageNotFound();
}
$path = FCPATH . 'assets' . DIRECTORY_SEPARATOR . 'uploads' . DIRECTORY_SEPARATOR . 'absen' . DIRECTORY_SEPARATOR . $jenis . DIRECTORY_SEPARATOR . $safe;
if (! is_file($path)) {
throw PageNotFoundException::forPageNotFound(
'Foto tidak ada di server. Salin folder absen/masuk dan absen/pulang dari CI3 ke: public/assets/uploads/absen/',
);
}
$ext = strtolower((string) pathinfo($safe, PATHINFO_EXTENSION));
$mime = match ($ext) {
'jpg', 'jpeg' => 'image/jpeg',
'png' => 'image/png',
'gif' => 'image/gif',
'webp' => 'image/webp',
default => 'application/octet-stream',
};
$this->response->setHeader('Content-Type', $mime);
$this->response->setHeader('Content-Disposition', 'inline; filename="' . addcslashes($safe, '"\\') . '"');
return $this->response->setBody((string) file_get_contents($path));
}
public function detail(int $id): ResponseInterface|string
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
$errors = [];
$row = null;
$r = $this->apiAdminGet('presensi/' . $id);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$row = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat detail') : 'Gagal memuat detail');
}
return view('admin/presensi/detail', [
'row' => is_array($row) ? $row : null,
'errors' => $errors,
]);
}
public function lapangan(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
$errors = [];
$payload = null;
$pegawai = [];
$r = $this->apiAdminGet('presensi/dilapangan');
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$payload = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
}
$p = $this->apiAdminGet('pegawai', ['page' => '1', 'per_page' => '500', 'q' => '']);
if ($p['transport_ok'] && ApiClient::isSuccess($p['json'])) {
$d = $p['json']['data'] ?? [];
$pegawai = is_array($d['rows'] ?? null) ? $d['rows'] : [];
}
return view('admin/presensi/lapangan', [
'payload' => is_array($payload) ? $payload : null,
'pegawai' => $pegawai,
'errors' => $errors,
]);
}
public function lapanganSave(): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
return $this->toolPost('presensi/dilapangan/save', 'admin/presensi/lapangan');
}
public function lapanganDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
return $this->toolPost('presensi/dilapangan/delete/' . $id, 'admin/presensi/lapangan', []);
}
public function lembur(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
$errors = [];
$payload = null;
$pegawai = [];
$r = $this->apiAdminGet('presensi/lembur');
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$payload = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
}
$p = $this->apiAdminGet('pegawai', ['page' => '1', 'per_page' => '500', 'q' => '']);
if ($p['transport_ok'] && ApiClient::isSuccess($p['json'])) {
$d = $p['json']['data'] ?? [];
$pegawai = is_array($d['rows'] ?? null) ? $d['rows'] : [];
}
return view('admin/presensi/lembur', [
'payload' => is_array($payload) ? $payload : null,
'pegawai' => $pegawai,
'errors' => $errors,
]);
}
public function lemburSave(): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
return $this->toolPost('presensi/lembur/save', 'admin/presensi/lembur');
}
public function lemburDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
return $this->toolPost('presensi/lembur/delete/' . $id, 'admin/presensi/lembur', []);
}
public function libur(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('presensi_libur')) !== null) {
return $deny;
}
return $this->toolPage('presensi/libur', 'admin/presensi/libur', false);
}
public function liburSave(): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi_libur')) !== null) {
return $deny;
}
return $this->toolPost('presensi/libur/save', 'admin/presensi/libur');
}
public function liburDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi_libur')) !== null) {
return $deny;
}
return $this->toolPost('presensi/libur/delete/' . $id, 'admin/presensi/libur', []);
}
public function jadwal(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('presensi_jadwal')) !== null) {
return $deny;
}
return $this->toolPage('presensi/jadwal', 'admin/presensi/jadwal', false);
}
public function jadwalSave(): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi_jadwal')) !== null) {
return $deny;
}
return $this->toolPost('presensi/jadwal/save', 'admin/presensi/jadwal');
}
public function jadwalDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi_jadwal')) !== null) {
return $deny;
}
return $this->toolPost('presensi/jadwal/delete/' . $id, 'admin/presensi/jadwal', []);
}
public function aktivitas(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
$page = max(1, (int) ($this->request->getGet('page') ?? 1));
$errors = [];
$payload = null;
$r = $this->apiAdminGet('presensi/aktivitas', ['page' => (string) $page, 'per_page' => '20']);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$payload = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
}
return view('admin/presensi/aktivitas', [
'payload' => is_array($payload) ? $payload : null,
'errors' => $errors,
'page' => $page,
]);
}
public function aktivitasDelete(int $id): ResponseInterface
{
if (($deny = $this->enforceAccess('presensi')) !== null) {
return $deny;
}
return $this->toolPost('presensi/aktivitas/delete/' . $id, 'admin/presensi/aktivitas', []);
}
/**
* @return ResponseInterface|string
*/
private function toolPage(string $apiPath, string $view, bool $loadRefs)
{
$errors = [];
$payload = null;
$refs = null;
$r = $this->apiAdminGet($apiPath);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$payload = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat data') : 'Gagal memuat data');
}
if ($loadRefs) {
$ref = $this->apiAdminGet('references');
if ($ref['transport_ok'] && ApiClient::isSuccess($ref['json'])) {
$refs = $ref['json']['data'] ?? null;
}
}
return view($view, [
'payload' => is_array($payload) ? $payload : null,
'refs' => is_array($refs) ? $refs : null,
'errors' => $errors,
]);
}
/**
* @param array<string, scalar|null> $merge
*/
private function toolPost(string $apiPath, string $redirectPath, array $merge = []): ResponseInterface
{
$post = array_merge($this->request->getPost(), $merge);
$r = $this->apiAdminPost($apiPath, $post);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url($redirectPath))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
}
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
return redirect()->to(site_url($redirectPath))->with('error', $msg);
}
}

87
app/Controllers/Admin/Util.php Normal file
View File

@@ -0,0 +1,87 @@
<?php
declare(strict_types=1);
namespace App\Controllers\Admin;
use App\Services\Admin\AdminExtraApiService;
use App\Services\ApiClient;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Utilitas backup DB — file di <code>writable/admin_db_backup/</code>.
*/
class Util extends BaseAdminController
{
public function backup(): ResponseInterface|string
{
if (($deny = $this->enforceAccess('utilitas')) !== null) {
return $deny;
}
$errors = [];
$data = null;
$r = $this->apiAdminGet('backup');
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
$data = $r['json']['data'] ?? null;
} else {
$errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
}
return view('admin/util/backup', [
'payload' => is_array($data) ? $data : null,
'errors' => $errors,
]);
}
public function backupRun(): ResponseInterface
{
if (($deny = $this->enforceAccess('utilitas')) !== null) {
return $deny;
}
$post = $this->request->getPost();
$r = $this->apiAdminPost('backup/run', $post);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url('admin/util/backup'))->with('message', (string) ($r['json']['pesan'] ?? 'Backup OK'));
}
$msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');
return redirect()->to(site_url('admin/util/backup'))->with('error', $msg);
}
public function backupDelete(string $file): ResponseInterface
{
if (($deny = $this->enforceAccess('utilitas')) !== null) {
return $deny;
}
$r = $this->apiAdminPost('backup/delete/' . rawurlencode($file), []);
if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
return redirect()->to(site_url('admin/util/backup'))->with('message', 'File dihapus');
}
$msg = $r['error'] ?? 'Gagal hapus';
return redirect()->to(site_url('admin/util/backup'))->with('error', $msg);
}
public function backupDownload(string $file): ResponseInterface
{
if (($deny = $this->enforceAccess('utilitas')) !== null) {
return $deny;
}
$extra = new AdminExtraApiService();
$path = $extra->backupFilePath($file);
if ($path === null) {
return redirect()->to(site_url('admin/util/backup'))->with('error', 'File tidak ditemukan');
}
$dl = $this->response->download($path, null);
if ($dl === null) {
return redirect()->to(site_url('admin/util/backup'))->with('error', 'Gagal menyiapkan unduhan');
}
return $dl->setFileName(basename($path));
}
}