zet-lib 1.2.31 → 1.2.32

package/lib/index.js

@@ -12,6 +12,7 @@ module.exports = {
   zMail: require('./Mail'),
   moduleLib: require('./moduleLib'),
   zApp: require('./zapp'),
+  zAppRouter: require('./zAppRouter'),
   zComponent: require('./zComponent'),
   zFn: require('./zFn'),
   zFunction: require('./zFunction'),

package/lib/zAppRouter.js

@@ -0,0 +1,1298 @@
+const express = require('express')
+const router = express.Router()
+const csrf = require('csurf')
+const csrfProtection = csrf({ cookie: true })
+const zRoute = require('./zRoute')
+const connection = require('./connection')
+const access = require('./access')
+const myCache = require('./cache')
+const Util = require('./Util')
+const moment = require('moment')
+const fs = require('fs')
+const moduleLib = require('./moduleLib')
+var env = process.env.NODE_ENV || 'development'
+var ecosystem = require(`${dirRoot}/ecosystem.config.js`)
+const config = require('dotenv').config()
+const debug = require('./debug')
+const io = require('./io')
+const Mail = require('./Mail')
+const zCache = require('./zCache')
+const pm2 = require('pm2')
+
+/*
+ ajax Post
+ */
+router.post('/zajax', zRoute.ajax)
+router.get('/ztypeahead/:table/:field', zRoute.typeahead)
+router.post('/ztypeaheadpost/:table/:field', zRoute.typeaheadpost)
+
+//password
+router.post('/password-change', zRoute.changePassword)
+router.post('/reset-password/:forgot_password', zRoute.resetPassword)
+//logout
+router.get('/logout', zRoute.logout)
+/*
+function for build form for table type
+ */
+router.post('/buildform', csrfProtection, zRoute.buildForm)
+/*
+function for tab access if any
+ */
+router.post('/ztab-access', csrfProtection, zRoute.tabAccess)
+
+router.get('/profile', csrfProtection, access, async (req, res) => {
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  let result = await connection.result({ table: 'zuser', where: { id: res.locals.userId } })
+  let role = await connection.result({ table: 'zrole', where: { id: result.role_id } })
+  let canEditCompany = false
+  if (result.role_id == 1 || result.role_id == 2) {
+    canEditCompany = true
+  }
+  let company = await connection.result({ table: 'zcompany', where: { id: res.locals.companyId } })
+  let verify_signed = result.verify_signed ? '/uploads/zuser/' + result.verify_signed : '/img/user.png'
+  res.render('layouts/' + layout, {
+    menu: { menu: 'profile' },
+    data: result,
+    attributeData: MYMODEL,
+    role: role,
+    company: company,
+    canEditCompany: canEditCompany,
+    verify_signed: verify_signed,
+    routeName: 'zuser',
+    csrfToken: req.csrfToken(),
+    renderHead: 'index/profile_head.ejs',
+    renderBody: 'index/profile.ejs',
+    renderEnd: 'index/profilejs.ejs',
+  })
+})
+
+router.post('/profile', access, async (req, res) => {
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  let json = Util.jsonSuccess(LANGUAGE['data_saved'])
+  let userId = req.session.user.id
+  let dataPost = zRoute.post(req, res, MYMODEL, 'zuser', req.body)
+  let data = dataPost['zuser']
+  if (req.body.company) {
+    await connection.update({
+      table: 'zcompany',
+      data: { name: req.body.company },
+      where: {
+        id: res.locals.companyId,
+      },
+    })
+  }
+  await connection.update({
+    table: 'zuser',
+    data: data,
+    where: {
+      id: userId,
+    },
+  })
+  for (var keys in data) {
+    req.session.user[keys] = data[keys]
+  }
+  req.session.sessionFlash = json
+  if (data.image) {
+    json.image = Util.imageProfile(data.image)
+  }
+  res.json(json)
+})
+
+router.post('/profile-sign', access, async (req, res) => {
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  let json = Util.jsonSuccess(LANGUAGE['data_saved'])
+  let userId = res.locals.userId
+  let image = req.body.image
+  let ext = req.body.ext
+  let base64Image = image.split(';base64,').pop()
+  let filename = `${Util.generateUnique(10)}${res.locals.userId}.${ext}`
+  await connection.update({
+    table: 'zuser',
+    where: {
+      id: res.locals.userId,
+    },
+    data: {
+      verify_signed: filename,
+    },
+  })
+  fs.writeFile(dirRoot + '/public/uploads/zuser/' + filename, base64Image, { encoding: 'base64' }, function (err) {})
+  res.json(json)
+})
+
+router.get('/znotification/:token', async (req, res) => {
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  let token = req.params.token
+  let url = '/dashboard'
+  let results = await connection.results({ table: 'znotification', where: { token: token } })
+  if (results.length) {
+    let data = {
+      status: 2,
+    }
+    await connection.update({ table: 'znotification', data: data, where: { token: token } })
+    if (results[0].link) {
+      return res.redirect(results[0].link)
+    }
+  }
+  return res.redirect(url)
+})
+
+router.post('/notification-data', csrfProtection, async (req, res) => {
+  let id = req.query.id
+  let rows = await connection.results({
+    table: 'znotification',
+    where: {
+      user_id: res.locals.userId,
+      //status: 1
+    },
+    limit: 10,
+    orderBy: ['id', 'desc'],
+  })
+
+  let rowsCount = await connection.result({
+    select: ' count(id) as count ',
+    table: 'znotification',
+    where: {
+      user_id: res.locals.userId,
+    },
+  })
+  let arr = []
+  rows.forEach(function (item) {
+    item.ago = moment(item.updated_at).fromNow()
+    item.avatar = res.locals.userAvatar
+    arr.push(item)
+  })
+
+  let data = {
+    count: rowsCount.count,
+    data: arr,
+  }
+
+  res.json(data)
+})
+
+//check status user login in session
+router.put('/zuser-session', csrfProtection, async (req, res) => {
+  let json = Util.flashError('err')
+  if (USER_ID > 0) {
+    json = Util.jsonSuccess('Success')
+  }
+  res.json(json)
+})
+
+router.get('/login', csrfProtection, async (req, res) => {
+  if (res.locals.isLogin) {
+    return res.redirect(process.env.APP_AFTER_LOGIN)
+  } else {
+    await zFunction('form_login', req, res)
+  }
+  const isError = req.query.err == 1 ? true : false
+  if (isError) {
+    res.locals.error = null
+  }
+  res.locals.menuApp = 'login'
+  res.render('layouts/blank', {
+    isError: isError,
+    csrfToken: req.csrfToken(),
+    renderHead: 'index/logincss.ejs',
+    renderBody: 'index/login.ejs',
+  })
+})
+
+router.post('/login', csrfProtection, async (req, res) => {
+  await zRoute.login(req.body.username, req.body.password, req, res)
+})
+
+router.post('/login-ajax', csrfProtection, async (req, res) => {
+  res.json(await zRoute.loginAjax(req.body.username, req.body.password, req, res))
+})
+
+router.get('/signup', csrfProtection, async (req, res) => {
+  res.locals.menuApp = 'signup'
+  if (res.locals.isLogin) {
+    return res.redirect(CONFIG.app.afterLogin)
+  } else {
+    await zFunction('form_register', req, res)
+  }
+  res.render('layouts/blank', {
+    renderBody: 'index/signup.ejs',
+  })
+})
+
+router.post('/signup', async (req, res) => {
+  let body = req.body
+  let menuData = {}
+  let userCompany = {}
+  let user = {}
+  let company = {}
+  try {
+    let validation = registrationValidation(body)
+    if (validation.status == 0) {
+      res.json(Util.flashError(validation.message))
+      return false
+    }
+    let dataCompany = {
+      code: Util.generateUnique(5),
+      name: body.company,
+      created_at: Util.now(),
+      updated_at: Util.now(),
+      created_by: 1,
+      updated_by: 1,
+    }
+    company = await connection.insert({
+      table: 'zcompany',
+      data: dataCompany,
+    })
+    let dataCache = zCache.myCache.has(body.username)
+      ? zCache.get(body.username)
+      : {
+          fullname: '',
+          email: '',
+          image: '',
+        }
+    let dataUser = {
+      company_id: company.id,
+      created_at: Util.now(),
+      updated_at: Util.now(),
+      created_by: 1,
+      updated_by: 1,
+      role_id: 2,
+      token: Util.generateUnique(28),
+      username: body.username,
+      email: body.username,
+      password: Util.hash(body.password),
+      fullname: body.fullname,
+      image: !dataCache.image ? '' : dataCache.image,
+      active: 1,
+      language: '1',
+    }
+    user = await connection.insert({
+      table: 'zuser',
+      data: dataUser,
+    })
+
+    //insert user company
+    userCompany = await connection.insert({
+      table: 'zuser_company',
+      data: {
+        role_id: 2,
+        company_id: company.id,
+        user_id: user.id,
+      },
+    })
+
+    let menu = await connection.result({
+      table: 'zmenu',
+      where: {
+        id: 1,
+      },
+    })
+    //insert menu dari user yang sudah ada menu
+    menuData = await connection.insert({
+      table: 'zmenu',
+      data: {
+        company_id: company.id,
+        created_at: Util.now(),
+        updated_at: Util.now(),
+        created_by: 1,
+        updated_by: 1,
+        name: menu.name,
+        json: JSON.stringify(menu.json),
+        active: 1,
+      },
+    })
+    await zRoute.loginAjax(dataUser.username, body.password, req, res)
+    //refresh cache
+    await zCache.renew()
+    res.json(Util.jsonSuccess(LANGUAGE.success))
+  } catch (e) {
+    if (menuData && menuData.id) {
+      await connection.delete({
+        table: 'zmenu',
+        where: {
+          id: menuData.id,
+        },
+      })
+    }
+    if (userCompany && userCompany.id) {
+      await connection.delete({
+        table: 'zuser_company',
+        where: {
+          id: userCompany.id,
+        },
+      })
+    }
+    if (user && user.id) {
+      await connection.delete({
+        table: 'zuser',
+        where: {
+          id: user.id,
+        },
+      })
+    }
+    if (company && company.id) {
+      await connection.delete({
+        table: 'zcompany',
+        where: {
+          id: company.id,
+        },
+      })
+    }
+    res.json(Util.flashError(e.toString()))
+  }
+})
+
+const registrationValidation = (body) => {
+  let json = {
+    message: 'ok',
+    status: 0,
+  }
+  if (!Util.validateEmail(body.username)) {
+    json.message = 'Email format is wrong!!'
+  }
+  if (body.password != body.confirm_password) {
+    json.message = 'Password not equal to confirm password'
+  }
+  if (body.password.length < 6) {
+    json.message = 'Password must be at least 6 chars'
+  }
+  if (body.fullname.length < 3) {
+    json.message = 'Fullname must be at least 3 chars'
+  }
+  if (body.company.length < 3) {
+    json.message = 'Company Name must be at least 3 chars'
+  }
+  json.status = json.message == 'ok' ? 1 : 0
+  return json
+}
+
+const registrationCUSTOMValidation = (body) => {
+  var json = {
+    message: 'ok',
+    status: 0,
+  }
+  if (!Util.validateEmail(body.username)) {
+    json.message = 'Format email salah'
+  }
+  if (body.password != body.confirm_password) {
+    json.message = 'Password dan repasword tidak cocok'
+  }
+  if (body.password.length < 6) {
+    json.message = 'Password kurang dari 6 '
+  }
+  if (body.fullname.length < 6) {
+    json.message = 'Nama lengkap kurang lengkap'
+  }
+  if (body.phone.length < 6) {
+    json.message = 'No telp kurang lengkap'
+  }
+  json.status = json.message == 'ok' ? 1 : 0
+  return json
+}
+
+router.post('/signup-custom', async (req, res) => {
+  var body = req.body
+  try {
+    var validation = registrationCUSTOMValidation(body)
+    if (validation.status == 0) {
+      res.json(Util.flashError(validation.message))
+      return false
+    }
+
+    var dataUser = {
+      company_id: 1,
+      created_at: Util.now(),
+      updated_at: Util.now(),
+      created_by: 1,
+      updated_by: 1,
+      role_id: 4,
+      token: Util.generateUnique(28),
+      username: body.username,
+      email: body.username,
+      password: Util.hash(body.password),
+      fullname: body.fullname,
+      phone: body.phone,
+      verify_signed: 'lizhn63iqA8CVDQeOw8.png',
+      active: 0,
+      language: '2',
+    }
+    var user = await connection.insert({
+      table: 'zuser',
+      data: dataUser,
+    })
+    var userCompany = await connection.insert({
+      table: 'zuser_company',
+      data: {
+        role_id: 4,
+        company_id: 1,
+        user_id: user.id,
+      },
+    })
+    /* await zRoute.loginAjax(dataUser.username, body.password, req, res);
+         //refresh cache
+         await zCache.renew();*/
+
+    res.json(Util.jsonSuccess('Successfuly'))
+  } catch (e) {
+    res.json(Util.flashError(e.toString()))
+  }
+})
+
+router.post('/gridprint', async (req, res) => {
+  let html = ''
+  let id = req.body.id
+  let table = req.body.table
+  if (id) {
+    let results = await connection.results({
+      table: 'zapprovals',
+      where: {
+        id_data: id,
+        table: table,
+      },
+    })
+    if (results.length) {
+      let result = results[0]
+      if (result.status == 3 || result.status == 4) {
+        html += `<button class="btn btn-sm btn-info  gridprint" data-token="${result.token}"><span class="fa fa-print"></span></button> `
+      }
+    }
+  }
+  res.json(html)
+})
+
+router.get('/failed', async function (req, res) {
+  let template = 'fronts'
+  res.render('layouts/' + template, {
+    menu: 'failed',
+    renderBody: 'index/failed.ejs',
+    Util: Util,
+  })
+})
+
+router.get('/forgot', csrfProtection, async (req, res) => {
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  if (res.locals.isLogin) {
+    return res.redirect('/dashboard')
+  }
+  let script = `submitForm('forgot-form',"","",function(data){if (data.status == 1) {
+     toastrForm(data);spinner.hide();
+                         setTimeout(function () {location.href='/';},6000);
+                }});`
+  await moduleLib.custom(req, res, script)
+
+  res.render('layouts/fronts', {
+    csrfToken: req.csrfToken(),
+    attributeData: MYMODEL,
+    routeName: 'zuser',
+    data: MYMODEL.datas,
+    renderBody: 'index/forgot.ejs',
+  })
+})
+
+router.post('/forgot', csrfProtection, async (req, res) => {
+  let json = Util.jsonError('email', 'Email not found in our database')
+  let routeName = 'user'
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  let data = zRoute.post(req, res, MYMODEL)['zuser']
+  var port = ecosystem.apps[0].env.PORT
+  var url = env == 'production' ? process.env.APP_URL : 'http://localhost:' + port
+  let email = data.email || ' '
+  email = email.trim()
+  if (email.length > 5) {
+    let rows = await connection.results({
+      table: 'zuser',
+      where: {
+        email: email,
+      },
+    })
+    if (rows.length > 0) {
+      let post = {
+        forgot_password: Util.generateUnique(23),
+      }
+      await connection.update({
+        table: 'zuser',
+        where: {
+          id: rows[0].id,
+        },
+        data: post,
+      })
+      let options = {
+        to: email,
+        subject: 'Forgot Password',
+      }
+      let datas = {
+        config: {
+          app: {
+            url: url,
+          },
+        },
+        url: url,
+        link: url + '/reset-password/' + post.forgot_password,
+      }
+      Mail.forgotPassword(datas, options)
+      json = Util.jsonSuccess('Please check your email to reset ')
+    }
+  }
+
+  res.json(json)
+})
+
+router.get('/reset-password/:forgot_password', csrfProtection, async (req, res) => {
+  let forgot_password = req.params.forgot_password || ''
+  let activated = false
+  if (forgot_password != '') {
+    let results = await connection.results({
+      table: 'zuser',
+      where: {
+        forgot_password: forgot_password,
+      },
+    })
+    if (results.length > 0) {
+      activated = true
+    }
+  }
+  var script = `submitForm('form-group','','',function(data){
+        if(data.status==1){
+            location.href = '/login'
+        }
+    });`
+  await moduleLib.custom(req, res, script)
+  res.render('layouts/fronts', {
+    activated: activated,
+    csrfToken: req.csrfToken(),
+    forgot_password: forgot_password,
+    renderBody: 'index/reset-password.ejs',
+  })
+})
+
+router.get('/no-access', async (req, res) => {
+  let myview = 'fronts'
+  if (req.session.user) {
+    myview = 'main'
+  }
+  res.render('layouts/' + myview, {
+    data: { table: 'error' },
+    menu: 'error',
+    renderBody: 'index/no-access.ejs',
+  })
+})
+
+router.get('/page_not_found', async (req, res) => {
+  res.render('layouts/page_not_found', {
+    data: { table: 'error' },
+    menu: 'error',
+    //renderBody: "index/no-found.ejs",
+  })
+})
+
+// for change company session
+router.get('/session/:id', access, async (req, res) => {
+  let companies = res.locals.zcompanies
+  let user = await connection.result({
+    table: 'zuser',
+    where: {
+      id: res.locals.userId,
+    },
+  })
+  for (let i = 0; i < companies.length; i++) {
+    if (companies[i].id == req.params.id) {
+      user.company_id = req.params.id
+      await zRoute.handleSession(req, user)
+      var post = {
+        company_id: companies[i].id,
+        role_id: companies[i].role_id,
+      }
+      await connection.update({
+        table: 'zuser',
+        data: post,
+        where: {
+          id: res.locals.userId,
+        },
+      })
+    }
+  }
+  var backURL = req.header('Referer') || '/'
+  // do your thang
+  res.redirect(backURL)
+})
+
+//RESTART
+router.get('/restart', access, async (req, res) => {
+  var room = res.locals.user.token
+  if (env == 'production') {
+    pm2.connect(function (err) {
+      if (err) {
+        io.to(room).emit('error', err.toString())
+      }
+      pm2.restart(process.env.PM2_NAME, (err, proc) => {
+        io.to(room).emit('message', 'Restart done')
+      })
+    })
+  } else {
+    io.to(room).emit('message', 'Restart done')
+  }
+  res.json('ok')
+})
+
+//ERROR UI
+router.get('/error', async (err, req, res, next) => {
+  res.locals.message = err.message
+  res.locals.error = req.app.get('env') === 'development' ? err : err
+  // render the error page
+  res.status(err.status || 500)
+  debug(req, res, err)
+  res.render('layouts/' + layout, {
+    renderBody: 'index/error.ejs',
+  })
+})
+
+//APPROVAL SYSTEMS
+router.post('/zzapproval', async (req, res) => {
+  let json = Util.jsonSuccess(LANGUAGE['data_saved'])
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zapprovals']
+  const port = ecosystem.apps[0].env.PORT
+  let users = Util.arrayToObject(await connection.results({ table: 'zuser' }), 'id')
+  try {
+    let userId = res.locals.userId
+    let data = zRoute.post(req, res, MYMODEL)[MYMODEL.table]
+    let validator = zRoute.validator(data, MYMODEL)
+    if (validator.status == 0) return res.json(validator.message)
+    if (data.status == 2) {
+      if (!data.approvers) {
+        return res.json(Util.flashError('Approvers empty'))
+      }
+      if (data.title == '') {
+        return res.json(Util.flashError('Title empty', 'title'))
+      }
+    }
+    //update template for newst
+    var row = await connection.result({ table: 'zfields', where: { table: data.table } })
+    var jsonApproval = row.approval_json || {}
+    data.template = jsonApproval.content || {}
+    var approvers = []
+    if (typeof data.approvers == 'string') {
+      data.approvers = JSON.parse(data.approvers)
+    }
+    approvers = data.approvers || []
+    if (approvers.length > 1) {
+      approvers = approvers.filter(Util.arrayUnique)
+    }
+    data.approvers = JSON.stringify(approvers)
+    let knowings = []
+    if (typeof data.knowings == 'string') {
+      data.knowings = JSON.parse(data.knowings)
+    }
+    knowings = data.knowings || []
+    if (knowings.length > 1) {
+      knowings = knowings.filter(Util.arrayUnique)
+    }
+    data.knowings = JSON.stringify(knowings)
+    let allUsers = [...approvers, ...knowings]
+
+    let statusApprovers = approvers.reduce((result, item) => {
+      return [...result, { user: item, status: 2 }]
+    }, [])
+    data.approved_stats = JSON.stringify({
+      stats: `0/${approvers.length}`,
+      status: statusApprovers,
+    })
+    let knowingStatus = knowings.reduce((result, item) => {
+      return [...result, { user: item, status: 7 }]
+    }, [])
+
+    data.knowing_stats = JSON.stringify({
+      stats: `0/${knowings.length}`,
+      status: knowingStatus,
+    })
+    let results = await connection.results({
+      table: MYMODEL.table,
+      where: { table: data.table, id_data: data.id_data },
+    })
+    if (results.length) {
+      let query = await zRoute.updateSQL(req, res, MYMODEL.table, data, { id: results[0].id })
+      data.id = results[0].id
+    } else {
+      var query = await zRoute.insertSQL(req, res, MYMODEL.table, data)
+      data.id = query.id
+    }
+    if (data.status == 2) {
+      //send activity
+      /* await zRoute.insertSQL(req, res, "zactivity", {
+                 user_id: res.locals.userId,
+                 table: MYMODEL.table,
+                 id_data: data.id,
+                 status: data.status,
+                 status_label: MYMODEL.widgets.status.fields[data.status],
+                 title: MYMODEL.widgets.status.fields[data.status],
+                 description: users[res.locals.userId].fname + " " +users[res.locals.userId].lname ,
+                 data: JSON.stringify(data)
+             });*/
+      //if serial
+      if (data.type == 2) {
+        approvers = [approvers[0]]
+      }
+      let sectionsAprrovers = approvers.reduce((temp, item, index) => {
+        return [
+          ...temp,
+          {
+            title: users[item].fullname,
+            description: '@' + users[item].fullname,
+            rowId: 'row' + index,
+          },
+        ]
+      }, [])
+      let sectionsKnowings = knowings.reduce((temp, item, index) => {
+        return [
+          ...temp,
+          {
+            title: users[item].fullname,
+            description: '@' + users[item].fullname,
+            rowId: 'row' + index,
+          },
+        ]
+      }, [])
+      let sections = []
+      sections.push({ title: 'Approvers', rows: sectionsAprrovers })
+      if (sectionsKnowings) {
+        sections.push({ title: 'Knowings', rows: sectionsKnowings })
+      }
+      approvers.forEach(async (item, num) => {
+        let post = {
+          title_id: data.id,
+          user_id: item,
+          status: 7,
+          type: 1,
+          token: Util.uuid(),
+        }
+        await zRoute.insertSQL(req, res, 'zapprovals_details', post)
+        let link = env == 'production' ? process.env.APP_URL + '/za/' + post.token : `http://localhost:${port}/za/${post.token}`
+        let email = users[post.user_id].email
+
+        post.subject = `Need Approve ${data.title}`
+        post.buttonTitle = `Approve Now`
+        post.title = `NEED APPROVE DOCUMENT`
+        post.link = link
+        post.url = CONFIG.app.url
+        post.description = `Hai ${users[post.user_id].fullname} <br>
+
+                
+                We have some document for you.<br>
+                Please click the link above to view the document.`
+
+        post.note = `If you click the link, it's will be automatically acknowledged`
+        Mail.gmail(req, res, post, email)
+
+        //send to whatsapp
+        let phone = Util.phoneWA(users[post.user_id].phone)
+        if (phone) {
+          var textWa = ''
+          textWa += `*NEED APPROVE DOCUMENT* \r\n_${data.title}_\r\nHai ${users[post.user_id].fullname} \r\n \r\n`
+          textWa += 'We have some document for you.\r\n'
+          textWa += `Please click the link above to view the document.\r\n${link}`
+
+          /* await whatsapp({
+                         to: phone,
+                         text: textWa,
+                         sections: JSON.stringify(sections),
+                         buttonText: "Click me for details"
+                     });*/
+        }
+
+        //send notification
+        /* await zRoute.insertSQL(req, res, "znotification", {
+                     user_id: item,
+                     table: MYMODEL.table,
+                     id_data: data.id,
+                     status: 1,
+                     link: "/za/" + post.token,
+                     status_label: MYMODEL.widgets.status.fields[1],
+                     title: `Need Approve`,
+                     description: data.title,
+                     token: post.token
+                 });*/
+
+        //send todolist
+        /* await zRoute.insertSQL(req, res, "ztodolist", {
+                     user_id: item,
+                     table: MYMODEL.table,
+                     id_data: data.id,
+                     status: 1,
+                     link: "/za/" + post.token,
+                     status_label: MYMODEL.widgets.status.fields[1],
+                     title: `Need Approve`,
+                     description: data.title,
+                     users: JSON.stringify(allUsers)
+                 });*/
+
+        //send toastr using socket.io
+        io.to(users[item].token).emit('message', 'Need Approve ' + data.title)
+      })
+
+      knowings.map(async (item) => {
+        let post = {
+          title_id: data.id,
+          user_id: item,
+          status: 7,
+          type: 2,
+          token: Util.uuid(),
+        }
+        await zRoute.insertSQL(req, res, 'zapprovals_details', post)
+        let link = env == 'production' ? process.env.APP_URL + '/za/' + post.token : `http://localhost:${port}/za/${post.token}`
+        let email = users[post.user_id].email
+
+        post.subject = `Need acknowledge ${data.title}`
+        post.buttonTitle = `Acknowledge Now`
+        post.title = `NEED ACKNOWLEDGE DOCUMENT`
+
+        post.link = link
+        post.url = CONFIG.app.url
+        post.description = `Hai ${users[post.user_id].fullname} <br>
+
+                
+                We have some document for you.<br>
+                Please click the link above to view the document.`
+
+        post.note = `If you click the link, it's will be automatically acknowledged`
+        Mail.gmail(req, res, post, email)
+
+        //send to whatsapp
+        let phone = Util.phoneWA(users[post.user_id].phone)
+        if (phone) {
+          var textWa = ''
+          textWa += `*NEED ACKNOWLEDGE DOCUMENT* \r\n_${data.title}_\r\nHai ${users[post.user_id].fullname} \r\n \r\n`
+          textWa += 'We have some document for you.\r\n'
+          textWa += `Please click the link above to view the document.\r\n${link}`
+          /*  await whatsapp({
+                          to: phone,
+                          text: textWa,
+                          sections: JSON.stringify(sections),
+                          buttonText: "Click me for details"
+                      });*/
+        }
+
+        //send activity
+        /*                await cRoute.insertSQL(req, res, "zactivity",{
+                 user_id:item,
+                 table:MYMODEL.table,
+                 id_data:data.id,
+                 status:7,
+                 status_label: MYMODEL.widgets.status.fields[7],
+                 title : MYMODEL.widgets.status.fields[7],
+                 description: data.title,
+                 data:JSON.stringify(data)
+                 });*/
+
+        //send notification
+        /*   await zRoute.insertSQL(req, res, "znotification", {
+                       user_id: item,
+                       table: MYMODEL.table,
+                       id_data: data.id,
+                       status: 1,
+                       link: "/za/" + post.token,
+                       status_label: MYMODEL.widgets.status.fields[1],
+                       title: `Need Acknowledge`,
+                       description: data.title,
+                       token: post.token
+                   });
+
+                   //send todolist
+                   await zRoute.insertSQL(req, res, "ztodolist", {
+                       user_id: item,
+                       table: MYMODEL.table,
+                       id_data: data.id,
+                       status: 1,
+                       link: "/za/" + post.token,
+                       status_label: MYMODEL.widgets.status.fields[1],
+                       title: `Need Acknowledge`,
+                       description: data.title,
+                       users: JSON.stringify(allUsers)
+                   });*/
+        io.to(users[item].token).emit('message', 'Need Acknowledge ' + data.title)
+      })
+    }
+  } catch (err) {
+    if (Object.prototype.hasOwnProperty.call(err, 'sqlMessage')) {
+      json = Util.flashError(err.sqlMessage)
+    } else {
+      json = Util.flashError(err.toString())
+    }
+    debug(req, res, err)
+  }
+  res.json(json)
+})
+
+router.get('/za/:token', csrfProtection, async (req, res) => {
+  let token = req.params.token
+  let data = {},
+    data2 = {}
+  let template = ''
+  let result
+  let isClosed = false
+  let footers = ''
+  let details = []
+  let routeName = env == 'production' ? process.env.APP_URL : `http://localhost:${port}`
+  let statusLabel = ''
+  let knowings = []
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zapprovals']
+  let users = Util.arrayToObject(await connection.results({ table: 'zuser' }), 'id')
+  try {
+    result = await connection.result({
+      select: '*, zapprovals.id as ide, zapprovals_details.token as usertoken, zapprovals.status as statuse, zapprovals_details.status as mystatus,  zapprovals_details.type as user_type,  zapprovals_details.updated_at',
+      table: 'zapprovals_details',
+      joins: ['LEFT JOIN zapprovals ON (zapprovals_details.title_id = zapprovals.id)', 'LEFT JOIN employee ON (zapprovals_details.user_id = employee.id)'],
+      where: { 'zapprovals_details.token': token },
+    })
+    let approvers = result.approvers
+    knowings = result.knowings ? result.knowings : []
+
+    statusLabel = MYMODEL.widgets.status.fields[result.statuse]
+    routeName = routeName + '/' + result.table + '/view/' + result.id_data
+    if (result.statuse == 3 || result.statuse == 4 || result.mystatus == 3 || result.mystatus == 4) {
+      isClosed = true
+    }
+    details = await connection.results({ table: 'zapprovals_details', where: { title_id: result.ide } })
+    if (result.user_type == 2) {
+      isClosed = true
+      var post = {
+        status: 6, //read
+      }
+      await connection.update({ table: 'zapprovals_details', data: post, where: { token: token } })
+
+      //set stats
+      //{"stats":"0/1","status":[{"user":"12","status":0}]}
+      let knowing_stats = result.knowing_stats || {}
+      let statuses = knowing_stats.status
+      let stats = knowing_stats.stats
+      let explode = stats.split('/')
+      let count = parseInt(explode[0])
+      let newStatus = []
+      knowings = result.knowings || []
+      statuses.map((item) => {
+        if (item.user == result.user_id && result.mystatus != 3) {
+          item.status = 3
+          if (count < knowings.length) {
+            count = count + 1
+          }
+          newStatus.push(item)
+        } else {
+          newStatus.push(item)
+        }
+      })
+      if (result.mystatus != 3) {
+        post = {
+          knowing_stats: JSON.stringify({ stats: count + '/' + explode[1], status: newStatus }),
+        }
+        await connection.update({ table: 'zapprovals', data: post, where: { id: result.ide } })
+        //var users = await zRoute.getUsers();
+        var message = users[result.user_id].fullname + ' has readed document ' + result.title
+        details.forEach(function (item) {
+          io.to(users[item.user_id].token).emit('message', message)
+        })
+      }
+    }
+
+    MYMODEL = MYMODELS[result.table]
+    let row = await connection.result({ table: MYMODEL.table, where: { id: result.id_data } })
+    data = await zRoute.viewTable(req, res, MYMODEL, row)
+    template = result.template
+    for (var key in data) {
+      template = Util.replaceAll(template, '{{' + key + '}}', data[key])
+    }
+
+    footers = await zRoute.approversFooter(details)
+
+    //send activity
+    if (result.mystatus == 7) {
+      MYMODEL = MYMODELS['zapprovals']
+      /* await connection.insert({
+                 table: "zactivity",
+                 data: {
+                     company_id: result.company_id,
+                     created_at: Util.now(),
+                     created_by: result.user_id,
+                     updated_by: result.user_id,
+                     user_id: result.user_id,
+                     table: MYMODEL.table,
+                     id_data: result.ide,
+                     status: 6,
+                     status_label: MYMODEL.widgets.status.fields[6],
+                     title: `${MYMODEL.widgets.status.fields[6]}`,
+                     description: `Ok `,
+                     data: JSON.stringify(data)
+                 }
+             });
+ */
+
+      await connection.update({
+        table: 'zapprovals_details',
+        where: {
+          token: token,
+        },
+        data: { status: 6 },
+      })
+    }
+  } catch (err) {
+    debug(req, res, err)
+    res.send('Not Found')
+  }
+  res.render('layouts/blank', {
+    routeName: routeName,
+    Util: Util,
+    data: data,
+    statusLabel: statusLabel,
+    template: template,
+    result: result,
+    statusLabel: statusLabel,
+    isClosed: isClosed,
+    footers: footers,
+    csrfToken: req.csrfToken(),
+    token: result.usertoken,
+    tokendoc: token,
+    renderHead: 'index/zacss.ejs',
+    renderBody: 'index/za.ejs',
+    renderEnd: 'index/zajs.ejs',
+  })
+})
+
+router.post('/za/:token', csrfProtection, async (req, res) => {
+  let token = req.params.token
+  let comments = req.body.comments
+  let status = req.body.status
+  let json = Util.jsonSuccess('Success')
+  let data = {},
+    data2 = {}
+  let template = ''
+  let approvers = [],
+    knowings = []
+  let users = Util.arrayToObject(await connection.results({ table: 'zuser' }), 'id')
+  let employee_user = users
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zapprovals']
+  let post = {}
+  try {
+    var results = await connection.results({
+      select: '*,zapprovals_details.status as approvers_status, zapprovals.created_by as submiter,  zapprovals.type as typee, zapprovals.status as statuse, zapprovals_details.id as detaild_id, zapprovals.id as ide, zapprovals.approvers as approvers ',
+      table: 'zapprovals_details',
+      joins: ['LEFT JOIN zapprovals ON (zapprovals_details.title_id = zapprovals.id)'],
+      where: { 'zapprovals_details.token': token },
+    })
+    if (!results.length) {
+      return res.json(Util.jsonError('Data not found!'))
+    }
+
+    var result = results[0]
+    if (result.approvers_status == 3 || result.approvers_status == 4) {
+      return res.json(Util.jsonError('You have submited.'))
+    }
+    post = {
+      status: status,
+      comments: comments,
+      updated_at: Util.now(),
+    }
+    let update = await connection.update({ table: 'zapprovals_details', data: post, where: { id: result.detaild_id } })
+    let details = await connection.results({ table: 'zapprovals_details', where: { title_id: result.ide } })
+    approvers = result.approvers
+    knowings = result.knowings || []
+    let stats = 0
+    let status_stats = []
+    let approversSigned = []
+    //{"stats":"0/2","status":[{"user":"12","status":2},{"user":"35","status":2}]}
+    let last_status
+    details.map((item) => {
+      if (item.type == 1) {
+        if (item.status == 4 || item.status == 3) {
+          stats++
+          approversSigned.push(item.user_id + '')
+        }
+        status_stats.push({
+          user: item.user_id,
+          status: item.status,
+        })
+        last_status = item.status
+      }
+    })
+
+    post.approved_stats = JSON.stringify({
+      stats: stats + '/' + approvers.length,
+      status: status_stats,
+    })
+    if (stats == approvers.length) {
+      post.status = last_status
+    } else {
+      post.status = 5
+    }
+    if (status == 4) {
+      post.status = 4
+    }
+    await connection.update({ table: 'zapprovals', data: post, where: { id: result.ide } })
+
+    //send activity
+    await connection.insert({
+      table: 'zactivity',
+      data: {
+        company_id: result.company_id,
+        created_at: Util.now(),
+        created_by: result.user_id,
+        updated_by: result.user_id,
+        user_id: result.user_id,
+        table: MYMODEL.table,
+        id_data: result.ide,
+        status: status,
+        status_label: MYMODEL.widgets.status.fields[status],
+        title: MYMODEL.widgets.status.fields[status],
+        description: comments,
+        data: JSON.stringify(post),
+      },
+    })
+
+    //send notification
+    if (status == 3 || status == 4) {
+      let message = `Document ${result.title} has ${MYMODEL.widgets.status[status]};`
+      approvers.forEach(function (item) {
+        io.to(users[item].token).emit('message', message)
+      })
+      if (status == 3) {
+        // if type is serial is step by step
+        //send notification and generate email
+        //approversSigned
+        if (result.typee == 2) {
+          //get approvers has already sign
+
+          approversSigned.push(result.user_id)
+          var newApprovers = approvers.filter((item) => {
+            return !approversSigned.includes(item)
+          })
+          var item = newApprovers.length ? newApprovers[0] : ''
+          if (item) {
+            post = {
+              title_id: result.ide,
+              user_id: employee_user[item].user_id,
+              status: 7,
+              type: 1,
+              comments: comments,
+              token: Util.uuid(),
+              company_id: result.company_id,
+              created_at: Util.now(),
+              updated_at: Util.now(),
+              created_by: employee_user[item].user_id,
+              updated_by: employee_user[item].user_id,
+            }
+            await connection.insert({
+              table: 'zapprovals_details',
+              data: post,
+            })
+            let link = CONFIG.app.url + '/za/' + post.token
+            let email = users[item].username
+
+            post.subject = `Need Approve ${result.title}`
+            post.buttonTitle = `Approve Now`
+            post.title = `NEED APPROVE DOCUMENT`
+            post.link = link
+            post.url = CONFIG.app.url
+            post.description = `Hai ${users[item].fullname} <br>
+
+                
+                We have some document for you.<br>
+                Please click the link above to view the document.`
+
+            post.note = `If you click the link, it's will be automatically acknowledged`
+            Mail.gmail(req, res, post, email)
+
+            //send to whatsapp
+            let sectionsAprrovers = approvers.reduce((temp, item, index) => {
+              return [
+                ...temp,
+                {
+                  title: users[item].fullname + ' ' + users[item].position,
+                  description: '@' + users[item].fullname + ' ' + users[item].position,
+                  rowId: 'roe' + index,
+                },
+              ]
+            }, [])
+            let sectionsKnowings = knowings.reduce((temp, item, index) => {
+              return [
+                ...temp,
+                {
+                  title: users[item].fullname + ' ' + users[item].position,
+                  description: '@' + users[item].fullname + ' ' + users[item].position,
+                  rowId: 'roe' + index,
+                },
+              ]
+            }, [])
+            let sections = []
+            sections.push({ title: 'Approvers', rows: sectionsAprrovers })
+            if (sectionsKnowings) {
+              sections.push({ title: 'Knowings', rows: sectionsKnowings })
+            }
+            //send notification
+            await connection.insert({
+              table: 'znotification',
+              data: {
+                company_id: result.company_id,
+                created_at: Util.now(),
+                created_by: employee_user[result.user_id].user_id,
+                updated_by: employee_user[result.user_id].user_id,
+                user_id: item,
+                table: MYMODEL.table,
+                id_data: data.id,
+                status: 1,
+                link: '/za/' + post.token,
+                status_label: 'Unread',
+                title: `Need Approve`,
+                description: data.title,
+                token: post.token,
+              },
+            })
+
+            //send todolist
+            await connection.insert({
+              table: 'ztodolist',
+              data: {
+                company_id: result.company_id,
+                created_at: Util.now(),
+                created_by: employee_user[result.user_id].user_id,
+                updated_by: employee_user[result.user_id].user_id,
+                user_id: item,
+                table: MYMODEL.table,
+                id_data: result.ide,
+                status: 1,
+                link: '/za/' + post.token,
+                status_label: 'Unread',
+                title: `Need Approve`,
+                description: result.title,
+                users: JSON.stringify(approvers),
+              },
+            })
+
+            //send toastr using socket.io
+            io.to(users[item].token).emit('message', 'Need Approve for document : ' + result.title)
+          }
+        }
+      }
+    }
+  } catch (err) {
+    debug(req, res, err)
+    json = Util.flashError(err.toString())
+  }
+
+  res.json(json)
+})
+
+router.get('/zdownload/zgenerator/:table', async (req, res) => {
+  var table = req.params.table
+  var path = `${dirRoot}/public/uploads/zgenerator/${table}.json`
+  res.download(path, function (err) {
+    if (err) {
+      //console.log(err);
+    }
+  })
+})
+
+module.exports = router

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "zet-lib",
-  "version": "1.2.31",
+  "version": "1.2.32",
   "description": "zet is a library that part of zet generator.",
   "engines": {
     "node": ">=18"