npm - zet-lib - Versions diffs - 1.3.39 → 1.3.41 - Mend

zet-lib 1.3.39 → 1.3.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/LICENSE +21 -21
package/README.md +15 -15
package/lib/ErrorWithCode.js +6 -6
package/lib/Form.js +1020 -1019
package/lib/Mail.js +68 -68
package/lib/Modal.js +95 -95
package/lib/Pool.js +437 -437
package/lib/UI.js +7 -7
package/lib/Util.js +1384 -1384
package/lib/access.js +6 -6
package/lib/cache.js +3 -3
package/lib/connection.js +409 -409
package/lib/debug.js +22 -22
package/lib/index.js +36 -36
package/lib/io.js +44 -44
package/lib/languages/lang_en.js +125 -125
package/lib/languages/lang_fr.js +125 -125
package/lib/languages/lang_id.js +126 -126
package/lib/languages/lang_jp.js +125 -125
package/lib/moduleLib.js +661 -661
package/lib/tableForm.js +10 -10
package/lib/views/generator.ejs +598 -598
package/lib/views/generator_layout.ejs +224 -224
package/lib/views/generatorjs.ejs +927 -927
package/lib/zAppRouter.js +1637 -1637
package/lib/zCache.js +301 -301
package/lib/zComponent.js +27 -27
package/lib/zFn.js +58 -58
package/lib/zFunction.js +20 -20
package/lib/zGeneratorRouter.js +1641 -1641
package/lib/zMenuRouter.js +556 -556
package/lib/zPage.js +188 -188
package/lib/zReport.js +982 -982
package/lib/zRole.js +256 -256
package/lib/zRoleRouter.js +609 -609
package/lib/zRoute.js +5025 -5024
package/lib/zTester.js +93 -93
package/lib/zapp.js +65 -65
package/lib/zdataTable.js +330 -330
package/package.json +56 -56

package/lib/zAppRouter.js CHANGED Viewed

@@ -1,1637 +1,1637 @@
-const express = require('express')
-const router = express.Router()
-const csrf = require('csurf')
-const csrfProtection = csrf({ cookie: true })
-const zRoute = require('./zRoute')
-const connection = require('./connection')
-const access = require('./access')
-const myCache = require('./cache')
-const Util = require('./Util')
-const moment = require('moment')
-const fs = require('fs-extra')
-const moduleLib = require('./moduleLib')
-var env = process.env.NODE_ENV || 'development'
-var ecosystem = require(`./../../../ecosystem.config.js`)
-const config = require('dotenv').config()
-const debug = require('./debug')
-const io = require('./io')
-const Mail = require('./Mail')
-const zCache = require('./zCache')
-const pm2 = require('pm2')
-const zFunction = require('./zFunction')
-const qs = require('qs')
-const zip = require('express-zip')
-/*
- ajax Post
- */
-router.post('/zajax', zRoute.ajax)
-router.get('/ztypeahead/:table/:field', zRoute.typeahead)
-router.post('/ztypeaheadpost/:table/:field', zRoute.typeaheadpost)
-//password
-router.post('/password-change', zRoute.changePassword)
-router.post('/reset-password/:forgot_password', zRoute.resetPassword)
-//logout
-router.get('/logout', zRoute.logout)
-/*
-function for build form for table type
- */
-router.post('/buildform', csrfProtection, zRoute.buildForm)
-/*
-function for tab access if any
- */
-router.post('/ztab-access', csrfProtection, zRoute.tabAccess)
-router.get('/profile', csrfProtection, access, async (req, res) => {
-  const MYMODELS = myCache.get('MYMODELS')
-  let MYMODEL = MYMODELS['zuser']
-  let result = await connection.result({ table: 'zuser', where: { id: res.locals.userId } })
-  let role = await connection.result({ table: 'zrole', where: { id: result.role_id } })
-  let canEditCompany = false
-  if (result.role_id == 1 || result.role_id == 2) {
-    canEditCompany = true
-  }
-  let company = await connection.result({ table: 'zcompany', where: { id: res.locals.companyId } })
-  let verify_signed = result.verify_signed ? '/uploads/zuser/' + result.verify_signed : '/img/user.png'
-  res.render('layouts/' + layout, {
-    menu: { menu: 'profile' },
-    data: result,
-    attributeData: MYMODEL,
-    role: role,
-    company: company,
-    canEditCompany: canEditCompany,
-    verify_signed: verify_signed,
-    routeName: 'zuser',
-    csrfToken: req.csrfToken(),
-    renderHead: 'index/profile_head.ejs',
-    renderBody: 'index/profile.ejs',
-    renderEnd: 'index/profilejs.ejs',
-  })
-})
-router.post('/profile', access, async (req, res) => {
-  const MYMODELS = myCache.get('MYMODELS')
-  let MYMODEL = MYMODELS['zuser']
-  let json = Util.jsonSuccess(LANGUAGE['data_saved'])
-  let userId = req.session.user.id
-  let dataPost = zRoute.post(req, res, MYMODEL, 'zuser', req.body)
-  let data = dataPost['zuser']
-  if (req.body.company) {
-    await connection.update({
-      table: 'zcompany',
-      data: { name: req.body.company },
-      where: {
-        id: res.locals.companyId,
-      },
-    })
-  }
-  await connection.update({
-    table: 'zuser',
-    data: data,
-    where: {
-      id: userId,
-    },
-  })
-  for (var keys in data) {
-    req.session.user[keys] = data[keys]
-  }
-  req.session.sessionFlash = json
-  if (data.image) {
-    json.image = Util.imageProfile(data.image)
-  }
-  res.json(json)
-})
-router.post('/profile-sign', access, async (req, res) => {
-  const MYMODELS = myCache.get('MYMODELS')
-  let MYMODEL = MYMODELS['zuser']
-  let json = Util.jsonSuccess(LANGUAGE['data_saved'])
-  let userId = res.locals.userId
-  let image = req.body.image
-  let ext = req.body.ext
-  let base64Image = image.split(';base64,').pop()
-  let filename = `${Util.generateUnique(10)}${res.locals.userId}.${ext}`
-  await connection.update({
-    table: 'zuser',
-    where: {
-      id: res.locals.userId,
-    },
-    data: {
-      verify_signed: filename,
-    },
-  })
-  fs.writeFile(dirRoot + '/public/uploads/zuser/' + filename, base64Image, { encoding: 'base64' }, function (err) {})
-  res.json(json)
-})
-//check status user login in session
-router.put('/zuser-session', csrfProtection, async (req, res) => {
-  let json = Util.flashError('err')
-  if (USER_ID > 0) {
-    json = Util.jsonSuccess('Success')
-  }
-  res.json(json)
-})
-router.get('/login', csrfProtection, async (req, res) => {
-  if (res.locals.isLogin) {
-    return res.redirect(process.env.APP_AFTER_LOGIN)
-  } else {
-    await zFunction('form_login', req, res)
-  }
-  const isError = req.query.err == 1 ? true : false
-  if (isError) {
-    res.locals.error = null
-  }
-  res.locals.menuApp = 'login'
-  res.render('layouts/blank', {
-    isError: isError,
-    csrfToken: req.csrfToken(),
-    renderHead: 'index/logincss.ejs',
-    renderBody: 'index/login.ejs',
-  })
-})
-router.post('/login', csrfProtection, async (req, res) => {
-  await zRoute.login(req.body.username, req.body.password, req, res)
-})
-router.post('/login-ajax', csrfProtection, async (req, res) => {
-  res.json(await zRoute.loginAjax(req.body.username, req.body.password, req, res))
-})
-router.get('/signup', csrfProtection, async (req, res) => {
-  res.locals.menuApp = 'signup'
-  if (res.locals.isLogin) {
-    return res.redirect(CONFIG.app.afterLogin)
-  } else {
-    await zFunction('form_register', req, res)
-  }
-  res.render('layouts/blank', {
-    renderBody: 'index/signup.ejs',
-  })
-})
-router.post('/signup', async (req, res) => {
-  let body = req.body
-  let menuData = {}
-  let userCompany = {}
-  let user = {}
-  let company = {}
-  try {
-    let validation = registrationValidation(body)
-    if (validation.status == 0) {
-      res.json(Util.flashError(validation.message))
-      return false
-    }
-    let dataCompany = {
-      code: Util.generateUnique(5),
-      name: body.company,
-      created_at: Util.now(),
-      updated_at: Util.now(),
-      created_by: 1,
-      updated_by: 1,
-    }
-    company = await connection.insert({
-      table: 'zcompany',
-      data: dataCompany,
-    })
-    let dataCache = zCache.myCache.has(body.username)
-      ? zCache.get(body.username)
-      : {
-          fullname: '',
-          email: '',
-          image: '',
-        }
-    let dataUser = {
-      company_id: company.id,
-      created_at: Util.now(),
-      updated_at: Util.now(),
-      created_by: 1,
-      updated_by: 1,
-      role_id: 2,
-      token: Util.generateUnique(28),
-      username: body.username,
-      email: body.username,
-      password: Util.hash(body.password),
-      fullname: body.fullname,
-      image: !dataCache.image ? '' : dataCache.image,
-      active: 1,
-      language: '1',
-    }
-    user = await connection.insert({
-      table: 'zuser',
-      data: dataUser,
-    })
-    //insert user company
-    userCompany = await connection.insert({
-      table: 'zuser_company',
-      data: {
-        role_id: 2,
-        company_id: company.id,
-        user_id: user.id,
-      },
-    })
-    let menu = await connection.result({
-      table: 'zmenu',
-      where: {
-        id: 1,
-      },
-    })
-    //insert menu dari user yang sudah ada menu
-    menuData = await connection.insert({
-      table: 'zmenu',
-      data: {
-        company_id: company.id,
-        created_at: Util.now(),
-        updated_at: Util.now(),
-        created_by: 1,
-        updated_by: 1,
-        name: menu.name,
-        json: JSON.stringify(menu.json),
-        active: 1,
-      },
-    })
-    await zRoute.loginAjax(dataUser.username, body.password, req, res)
-    //refresh cache
-    await zCache.renew()
-    res.json(Util.jsonSuccess(LANGUAGE.success))
-  } catch (e) {
-    if (menuData && menuData.id) {
-      await connection.delete({
-        table: 'zmenu',
-        where: {
-          id: menuData.id,
-        },
-      })
-    }
-    if (userCompany && userCompany.id) {
-      await connection.delete({
-        table: 'zuser_company',
-        where: {
-          id: userCompany.id,
-        },
-      })
-    }
-    if (user && user.id) {
-      await connection.delete({
-        table: 'zuser',
-        where: {
-          id: user.id,
-        },
-      })
-    }
-    if (company && company.id) {
-      await connection.delete({
-        table: 'zcompany',
-        where: {
-          id: company.id,
-        },
-      })
-    }
-    res.json(Util.flashError(e.toString()))
-  }
-})
-const registrationValidation = (body) => {
-  let json = {
-    message: 'ok',
-    status: 0,
-  }
-  if (!Util.validateEmail(body.username)) {
-    json.message = 'Email format is wrong!!'
-  }
-  if (body.password != body.confirm_password) {
-    json.message = 'Password not equal to confirm password'
-  }
-  if (body.password.length < 6) {
-    json.message = 'Password must be at least 6 chars'
-  }
-  if (body.fullname.length < 3) {
-    json.message = 'Fullname must be at least 3 chars'
-  }
-  if (body.company.length < 3) {
-    json.message = 'Company Name must be at least 3 chars'
-  }
-  json.status = json.message == 'ok' ? 1 : 0
-  return json
-}
-const registrationCUSTOMValidation = (body) => {
-  var json = {
-    message: 'ok',
-    status: 0,
-  }
-  if (!Util.validateEmail(body.username)) {
-    json.message = 'Format email salah'
-  }
-  if (body.password != body.confirm_password) {
-    json.message = 'Password dan repasword tidak cocok'
-  }
-  if (body.password.length < 6) {
-    json.message = 'Password kurang dari 6 '
-  }
-  if (body.fullname.length < 6) {
-    json.message = 'Nama lengkap kurang lengkap'
-  }
-  if (body.phone.length < 6) {
-    json.message = 'No telp kurang lengkap'
-  }
-  json.status = json.message == 'ok' ? 1 : 0
-  return json
-}
-router.post('/signup-custom', async (req, res) => {
-  var body = req.body
-  try {
-    var validation = registrationCUSTOMValidation(body)
-    if (validation.status == 0) {
-      res.json(Util.flashError(validation.message))
-      return false
-    }
-    var dataUser = {
-      company_id: 1,
-      created_at: Util.now(),
-      updated_at: Util.now(),
-      created_by: 1,
-      updated_by: 1,
-      role_id: 4,
-      token: Util.generateUnique(28),
-      username: body.username,
-      email: body.username,
-      password: Util.hash(body.password),
-      fullname: body.fullname,
-      phone: body.phone,
-      verify_signed: 'lizhn63iqA8CVDQeOw8.png',
-      active: 0,
-      language: '2',
-    }
-    var user = await connection.insert({
-      table: 'zuser',
-      data: dataUser,
-    })
-    var userCompany = await connection.insert({
-      table: 'zuser_company',
-      data: {
-        role_id: 4,
-        company_id: 1,
-        user_id: user.id,
-      },
-    })
-    /* await zRoute.loginAjax(dataUser.username, body.password, req, res);
-         //refresh cache
-         await zCache.renew();*/
-    res.json(Util.jsonSuccess('Successfuly'))
-  } catch (e) {
-    res.json(Util.flashError(e.toString()))
-  }
-})
-router.post('/gridprint', async (req, res) => {
-  let html = ''
-  let id = req.body.id
-  let table = req.body.table
-  if (id) {
-    let results = await connection.results({
-      table: 'zapprovals',
-      where: {
-        id_data: id,
-        table: table,
-      },
-    })
-    if (results.length) {
-      let result = results[0]
-      if (result.status == 3 || result.status == 4) {
-        html += `<button class="btn btn-sm btn-info  gridprint" data-token="${result.token}"><span class="fa fa-print"></span></button> `
-      }
-    }
-  }
-  res.json(html)
-})
-router.get('/failed', async function (req, res) {
-  let template = 'fronts'
-  res.render('layouts/' + template, {
-    menu: 'failed',
-    renderBody: 'index/failed.ejs',
-    Util: Util,
-  })
-})
-router.get('/forgot', csrfProtection, async (req, res) => {
-  const MYMODELS = myCache.get('MYMODELS')
-  let MYMODEL = MYMODELS['zuser']
-  if (res.locals.isLogin) {
-    return res.redirect('/dashboard')
-  }
-  let script = `submitForm('forgot-form',"","",function(data){if (data.status == 1) {
-     toastrForm(data);spinner.hide();
-                         setTimeout(function () {location.href='/';},6000);
-                }});`
-  await moduleLib.custom(req, res, script)
-  res.render('layouts/fronts', {
-    csrfToken: req.csrfToken(),
-    attributeData: MYMODEL,
-    routeName: 'zuser',
-    data: MYMODEL.datas,
-    renderBody: 'index/forgot.ejs',
-  })
-})
-router.post('/forgot', csrfProtection, async (req, res) => {
-  let json = Util.jsonError('email', 'Email not found in our database')
-  let routeName = 'user'
-  const MYMODELS = myCache.get('MYMODELS')
-  let MYMODEL = MYMODELS['zuser']
-  let data = zRoute.post(req, res, MYMODEL)['zuser']
-  var port = ecosystem.apps[0].env.PORT
-  var url = env == 'production' ? process.env.APP_URL : 'http://localhost:' + port
-  let email = data.email || ' '
-  email = email.trim()
-  if (email.length > 5) {
-    let rows = await connection.results({
-      table: 'zuser',
-      where: {
-        email: email,
-      },
-    })
-    if (rows.length > 0) {
-      let post = {
-        forgot_password: Util.generateUnique(23),
-      }
-      await connection.update({
-        table: 'zuser',
-        where: {
-          id: rows[0].id,
-        },
-        data: post,
-      })
-      let options = {
-        to: email,
-        subject: 'Forgot Password',
-      }
-      let datas = {
-        config: {
-          app: {
-            url: url,
-          },
-        },
-        url: url,
-        link: url + '/reset-password/' + post.forgot_password,
-      }
-      Mail.forgotPassword(datas, options)
-      json = Util.jsonSuccess('Please check your email to reset ')
-    }
-  }
-  res.json(json)
-})
-router.get('/reset-password/:forgot_password', csrfProtection, async (req, res) => {
-  let forgot_password = req.params.forgot_password || ''
-  let activated = false
-  if (forgot_password != '') {
-    let results = await connection.results({
-      table: 'zuser',
-      where: {
-        forgot_password: forgot_password,
-      },
-    })
-    if (results.length > 0) {
-      activated = true
-    }
-  }
-  var script = `submitForm('form-group','','',function(data){
-        if(data.status==1){
-            location.href = '/login'
-        }
-    });`
-  await moduleLib.custom(req, res, script)
-  res.render('layouts/fronts', {
-    activated: activated,
-    csrfToken: req.csrfToken(),
-    forgot_password: forgot_password,
-    renderBody: 'index/reset-password.ejs',
-  })
-})
-router.get('/no-access', async (req, res) => {
-  let myview = 'fronts'
-  if (req.session.user) {
-    myview = 'main'
-  }
-  res.render('layouts/' + myview, {
-    data: { table: 'error' },
-    menu: 'error',
-    renderBody: 'index/no-access.ejs',
-  })
-})
-router.get('/page_not_found', async (req, res) => {
-  res.render('layouts/page_not_found', {
-    data: { table: 'error' },
-    menu: 'error',
-    //renderBody: "index/no-found.ejs",
-  })
-})
-// for change company session
-router.get('/session/:id', access, async (req, res) => {
-  let companies = res.locals.zcompanies
-  let user = await connection.result({
-    table: 'zuser',
-    where: {
-      id: res.locals.userId,
-    },
-  })
-  for (let i = 0; i < companies.length; i++) {
-    if (companies[i].id == req.params.id) {
-      user.company_id = req.params.id
-      await zRoute.handleSession(req, user)
-      var post = {
-        company_id: companies[i].id,
-        role_id: companies[i].role_id,
-      }
-      await connection.update({
-        table: 'zuser',
-        data: post,
-        where: {
-          id: res.locals.userId,
-        },
-      })
-    }
-  }
-  var backURL = req.header('Referer') || '/'
-  // do your thang
-  res.redirect(backURL)
-})
-//RESTART
-router.get('/restart', access, async (req, res) => {
-  var room = res.locals.user.token
-  if (env == 'production') {
-    pm2.connect(function (err) {
-      if (err) {
-        io.to(room).emit('error', err.toString())
-      }
-      pm2.restart(process.env.PM2_NAME, (err, proc) => {
-        io.to(room).emit('message', 'Restart done')
-      })
-    })
-  } else {
-    io.to(room).emit('message', 'Restart done')
-  }
-  res.json('ok')
-})
-//ERROR UI
-router.get('/error', async (err, req, res, next) => {
-  res.locals.message = err.message
-  res.locals.error = req.app.get('env') === 'development' ? err : err
-  // render the error page
-  res.status(err.status || 500)
-  debug(req, res, err)
-  res.render('layouts/' + layout, {
-    renderBody: 'index/error.ejs',
-  })
-})
-//APPROVAL SYSTEMS
-router.post('/zzapproval', async (req, res) => {
-  let json = Util.jsonSuccess(LANGUAGE['data_saved'])
-  const MYMODELS = myCache.get('MYMODELS')
-  let MYMODEL = MYMODELS['zapprovals']
-  const port = ecosystem.apps[0].env.PORT
-  let users = Util.arrayToObject(await connection.results({ table: 'zuser' }), 'id')
-  try {
-    let userId = res.locals.userId
-    let data = zRoute.post(req, res, MYMODEL)[MYMODEL.table]
-    let validator = zRoute.validator(data, MYMODEL)
-    if (validator.status == 0) return res.json(validator.message)
-    if (data.status == 2) {
-      if (!data.approvers) {
-        return res.json(Util.flashError('Approvers empty'))
-      }
-      if (data.title == '') {
-        return res.json(Util.flashError('Title empty', 'title'))
-      }
-    }
-    //update template for newst
-    var row = await connection.result({ table: 'zfields', where: { table: data.table } })
-    var jsonApproval = row.approval_json || {}
-    data.template = jsonApproval.content || {}
-    var approvers = []
-    if (typeof data.approvers == 'string') {
-      data.approvers = JSON.parse(data.approvers)
-    }
-    approvers = data.approvers || []
-    if (approvers.length > 1) {
-      approvers = approvers.filter(Util.arrayUnique)
-    }
-    data.approvers = JSON.stringify(approvers)
-    let knowings = []
-    if (typeof data.knowings == 'string') {
-      data.knowings = JSON.parse(data.knowings)
-    }
-    knowings = data.knowings || []
-    if (knowings.length > 1) {
-      knowings = knowings.filter(Util.arrayUnique)
-    }
-    data.knowings = JSON.stringify(knowings)
-    let allUsers = [...approvers, ...knowings]
-    let statusApprovers = approvers.reduce((result, item) => {
-      return [...result, { user: item, status: 2 }]
-    }, [])
-    data.approved_stats = JSON.stringify({
-      stats: `0/${approvers.length}`,
-      status: statusApprovers,
-    })
-    let knowingStatus = knowings.reduce((result, item) => {
-      return [...result, { user: item, status: 7 }]
-    }, [])
-    data.knowing_stats = JSON.stringify({
-      stats: `0/${knowings.length}`,
-      status: knowingStatus,
-    })
-    let results = await connection.results({
-      table: MYMODEL.table,
-      where: { table: data.table, id_data: data.id_data },
-    })
-    if (results.length) {
-      let query = await zRoute.updateSQL(req, res, MYMODEL.table, data, { id: results[0].id })
-      data.id = results[0].id
-    } else {
-      var query = await zRoute.insertSQL(req, res, MYMODEL.table, data)
-      data.id = query.id
-    }
-    if (data.status == 2) {
-      //send activity
-      /* await zRoute.insertSQL(req, res, "zactivity", {
-                 user_id: res.locals.userId,
-                 table: MYMODEL.table,
-                 id_data: data.id,
-                 status: data.status,
-                 status_label: MYMODEL.widgets.status.fields[data.status],
-                 title: MYMODEL.widgets.status.fields[data.status],
-                 description: users[res.locals.userId].fname + " " +users[res.locals.userId].lname ,
-                 data: JSON.stringify(data)
-             });*/
-      //if serial
-      if (data.type == 2) {
-        approvers = [approvers[0]]
-      }
-      let sectionsAprrovers = approvers.reduce((temp, item, index) => {
-        return [
-          ...temp,
-          {
-            title: users[item].fullname,
-            description: '@' + users[item].fullname,
-            rowId: 'row' + index,
-          },
-        ]
-      }, [])
-      let sectionsKnowings = knowings.reduce((temp, item, index) => {
-        return [
-          ...temp,
-          {
-            title: users[item].fullname,
-            description: '@' + users[item].fullname,
-            rowId: 'row' + index,
-          },
-        ]
-      }, [])
-      let sections = []
-      sections.push({ title: 'Approvers', rows: sectionsAprrovers })
-      if (sectionsKnowings) {
-        sections.push({ title: 'Knowings', rows: sectionsKnowings })
-      }
-      approvers.forEach(async (item, num) => {
-        let post = {
-          title_id: data.id,
-          user_id: item,
-          status: 7,
-          type: 1,
-          token: Util.uuid(),
-        }
-        await zRoute.insertSQL(req, res, 'zapprovals_details', post)
-        let link = env == 'production' ? process.env.APP_URL + '/za/' + post.token : `http://localhost:${port}/za/${post.token}`
-        let email = users[post.user_id].email
-        post.subject = `Need Approve ${data.title}`
-        post.buttonTitle = `Approve Now`
-        post.title = `NEED APPROVE DOCUMENT`
-        post.link = link
-        post.url = CONFIG.app.url
-        post.description = `Hai ${users[post.user_id].fullname} <br>
-                We have some document for you.<br>
-                Please click the link above to view the document.`
-        post.note = `If you click the link, it's will be automatically acknowledged`
-        Mail.gmail(req, res, post, email)
-        //send to whatsapp
-        let phone = Util.phoneWA(users[post.user_id].phone)
-        if (phone) {
-          var textWa = ''
-          textWa += `*NEED APPROVE DOCUMENT* \r\n_${data.title}_\r\nHai ${users[post.user_id].fullname} \r\n \r\n`
-          textWa += 'We have some document for you.\r\n'
-          textWa += `Please click the link above to view the document.\r\n${link}`
-          /* await whatsapp({
-                         to: phone,
-                         text: textWa,
-                         sections: JSON.stringify(sections),
-                         buttonText: "Click me for details"
-                     });*/
-        }
-        //send notification
-        /* await zRoute.insertSQL(req, res, "znotification", {
-                     user_id: item,
-                     table: MYMODEL.table,
-                     id_data: data.id,
-                     status: 1,
-                     link: "/za/" + post.token,
-                     status_label: MYMODEL.widgets.status.fields[1],
-                     title: `Need Approve`,
-                     description: data.title,
-                     token: post.token
-                 });*/
-        //send todolist
-        /* await zRoute.insertSQL(req, res, "ztodolist", {
-                     user_id: item,
-                     table: MYMODEL.table,
-                     id_data: data.id,
-                     status: 1,
-                     link: "/za/" + post.token,
-                     status_label: MYMODEL.widgets.status.fields[1],
-                     title: `Need Approve`,
-                     description: data.title,
-                     users: JSON.stringify(allUsers)
-                 });*/
-        //send toastr using socket.io
-        io.to(users[item].token).emit('message', 'Need Approve ' + data.title)
-      })
-      knowings.map(async (item) => {
-        let post = {
-          title_id: data.id,
-          user_id: item,
-          status: 7,
-          type: 2,
-          token: Util.uuid(),
-        }
-        await zRoute.insertSQL(req, res, 'zapprovals_details', post)
-        let link = env == 'production' ? process.env.APP_URL + '/za/' + post.token : `http://localhost:${port}/za/${post.token}`
-        let email = users[post.user_id].email
-        post.subject = `Need acknowledge ${data.title}`
-        post.buttonTitle = `Acknowledge Now`
-        post.title = `NEED ACKNOWLEDGE DOCUMENT`
-        post.link = link
-        post.url = CONFIG.app.url
-        post.description = `Hai ${users[post.user_id].fullname} <br>
-                We have some document for you.<br>
-                Please click the link above to view the document.`
-        post.note = `If you click the link, it's will be automatically acknowledged`
-        Mail.gmail(req, res, post, email)
-        //send to whatsapp
-        let phone = Util.phoneWA(users[post.user_id].phone)
-        if (phone) {
-          var textWa = ''
-          textWa += `*NEED ACKNOWLEDGE DOCUMENT* \r\n_${data.title}_\r\nHai ${users[post.user_id].fullname} \r\n \r\n`
-          textWa += 'We have some document for you.\r\n'
-          textWa += `Please click the link above to view the document.\r\n${link}`
-          /*  await whatsapp({
-                          to: phone,
-                          text: textWa,
-                          sections: JSON.stringify(sections),
-                          buttonText: "Click me for details"
-                      });*/
-        }
-        //send activity
-        /*                await cRoute.insertSQL(req, res, "zactivity",{
-                 user_id:item,
-                 table:MYMODEL.table,
-                 id_data:data.id,
-                 status:7,
-                 status_label: MYMODEL.widgets.status.fields[7],
-                 title : MYMODEL.widgets.status.fields[7],
-                 description: data.title,
-                 data:JSON.stringify(data)
-                 });*/
-        //send notification
-        /*   await zRoute.insertSQL(req, res, "znotification", {
-                       user_id: item,
-                       table: MYMODEL.table,
-                       id_data: data.id,
-                       status: 1,
-                       link: "/za/" + post.token,
-                       status_label: MYMODEL.widgets.status.fields[1],
-                       title: `Need Acknowledge`,
-                       description: data.title,
-                       token: post.token
-                   });
-                   //send todolist
-                   await zRoute.insertSQL(req, res, "ztodolist", {
-                       user_id: item,
-                       table: MYMODEL.table,
-                       id_data: data.id,
-                       status: 1,
-                       link: "/za/" + post.token,
-                       status_label: MYMODEL.widgets.status.fields[1],
-                       title: `Need Acknowledge`,
-                       description: data.title,
-                       users: JSON.stringify(allUsers)
-                   });*/
-        io.to(users[item].token).emit('message', 'Need Acknowledge ' + data.title)
-      })
-    }
-  } catch (err) {
-    if (Object.prototype.hasOwnProperty.call(err, 'sqlMessage')) {
-      json = Util.flashError(err.sqlMessage)
-    } else {
-      json = Util.flashError(err.toString())
-    }
-    debug(req, res, err)
-  }
-  res.json(json)
-})
-router.get('/za/:token', csrfProtection, async (req, res) => {
-  let token = req.params.token
-  let data = {},
-    data2 = {}
-  let template = ''
-  let result
-  let isClosed = false
-  let footers = ''
-  let details = []
-  let routeName = env == 'production' ? process.env.APP_URL : `http://localhost:${port}`
-  let statusLabel = ''
-  let knowings = []
-  const MYMODELS = myCache.get('MYMODELS')
-  let MYMODEL = MYMODELS['zapprovals']
-  let users = Util.arrayToObject(await connection.results({ table: 'zuser' }), 'id')
-  try {
-    result = await connection.result({
-      select: '*, zapprovals.id as ide, zapprovals_details.token as usertoken, zapprovals.status as statuse, zapprovals_details.status as mystatus,  zapprovals_details.type as user_type,  zapprovals_details.updated_at',
-      table: 'zapprovals_details',
-      joins: ['LEFT JOIN zapprovals ON (zapprovals_details.title_id = zapprovals.id)', 'LEFT JOIN employee ON (zapprovals_details.user_id = employee.id)'],
-      where: { 'zapprovals_details.token': token },
-    })
-    let approvers = result.approvers
-    knowings = result.knowings ? result.knowings : []
-    statusLabel = MYMODEL.widgets.status.fields[result.statuse]
-    routeName = routeName + '/' + result.table + '/view/' + result.id_data
-    if (result.statuse == 3 || result.statuse == 4 || result.mystatus == 3 || result.mystatus == 4) {
-      isClosed = true
-    }
-    details = await connection.results({ table: 'zapprovals_details', where: { title_id: result.ide } })
-    if (result.user_type == 2) {
-      isClosed = true
-      var post = {
-        status: 6, //read
-      }
-      await connection.update({ table: 'zapprovals_details', data: post, where: { token: token } })
-      //set stats
-      //{"stats":"0/1","status":[{"user":"12","status":0}]}
-      let knowing_stats = result.knowing_stats || {}
-      let statuses = knowing_stats.status
-      let stats = knowing_stats.stats
-      let explode = stats.split('/')
-      let count = parseInt(explode[0])
-      let newStatus = []
-      knowings = result.knowings || []
-      statuses.map((item) => {
-        if (item.user == result.user_id && result.mystatus != 3) {
-          item.status = 3
-          if (count < knowings.length) {
-            count = count + 1
-          }
-          newStatus.push(item)
-        } else {
-          newStatus.push(item)
-        }
-      })
-      if (result.mystatus != 3) {
-        post = {
-          knowing_stats: JSON.stringify({ stats: count + '/' + explode[1], status: newStatus }),
-        }
-        await connection.update({ table: 'zapprovals', data: post, where: { id: result.ide } })
-        //var users = await zRoute.getUsers();
-        var message = users[result.user_id].fullname + ' has readed document ' + result.title
-        details.forEach(function (item) {
-          io.to(users[item.user_id].token).emit('message', message)
-        })
-      }
-    }
-    MYMODEL = MYMODELS[result.table]
-    let row = await connection.result({ table: MYMODEL.table, where: { id: result.id_data } })
-    data = await zRoute.viewTable(req, res, MYMODEL, row)
-    template = result.template
-    for (var key in data) {
-      template = Util.replaceAll(template, '{{' + key + '}}', data[key])
-    }
-    footers = await zRoute.approversFooter(details)
-    //send activity
-    if (result.mystatus == 7) {
-      MYMODEL = MYMODELS['zapprovals']
-      /* await connection.insert({
-                 table: "zactivity",
-                 data: {
-                     company_id: result.company_id,
-                     created_at: Util.now(),
-                     created_by: result.user_id,
-                     updated_by: result.user_id,
-                     user_id: result.user_id,
-                     table: MYMODEL.table,
-                     id_data: result.ide,
-                     status: 6,
-                     status_label: MYMODEL.widgets.status.fields[6],
-                     title: `${MYMODEL.widgets.status.fields[6]}`,
-                     description: `Ok `,
-                     data: JSON.stringify(data)
-                 }
-             });
- */
-      await connection.update({
-        table: 'zapprovals_details',
-        where: {
-          token: token,
-        },
-        data: { status: 6 },
-      })
-    }
-  } catch (err) {
-    debug(req, res, err)
-    res.send('Not Found')
-  }
-  res.render('layouts/blank', {
-    routeName: routeName,
-    Util: Util,
-    data: data,
-    statusLabel: statusLabel,
-    template: template,
-    result: result,
-    statusLabel: statusLabel,
-    isClosed: isClosed,
-    footers: footers,
-    csrfToken: req.csrfToken(),
-    token: result.usertoken,
-    tokendoc: token,
-    renderHead: 'index/zacss.ejs',
-    renderBody: 'index/za.ejs',
-    renderEnd: 'index/zajs.ejs',
-  })
-})
-router.post('/za/:token', csrfProtection, async (req, res) => {
-  let token = req.params.token
-  let comments = req.body.comments
-  let status = req.body.status
-  let json = Util.jsonSuccess('Success')
-  let data = {},
-    data2 = {}
-  let template = ''
-  let approvers = [],
-    knowings = []
-  let users = Util.arrayToObject(await connection.results({ table: 'zuser' }), 'id')
-  let employee_user = users
-  const MYMODELS = myCache.get('MYMODELS')
-  let MYMODEL = MYMODELS['zapprovals']
-  let post = {}
-  try {
-    var results = await connection.results({
-      select: '*,zapprovals_details.status as approvers_status, zapprovals.created_by as submiter,  zapprovals.type as typee, zapprovals.status as statuse, zapprovals_details.id as detaild_id, zapprovals.id as ide, zapprovals.approvers as approvers ',
-      table: 'zapprovals_details',
-      joins: ['LEFT JOIN zapprovals ON (zapprovals_details.title_id = zapprovals.id)'],
-      where: { 'zapprovals_details.token': token },
-    })
-    if (!results.length) {
-      return res.json(Util.jsonError('Data not found!'))
-    }
-    var result = results[0]
-    if (result.approvers_status == 3 || result.approvers_status == 4) {
-      return res.json(Util.jsonError('You have submited.'))
-    }
-    post = {
-      status: status,
-      comments: comments,
-      updated_at: Util.now(),
-    }
-    let update = await connection.update({ table: 'zapprovals_details', data: post, where: { id: result.detaild_id } })
-    let details = await connection.results({ table: 'zapprovals_details', where: { title_id: result.ide } })
-    approvers = result.approvers
-    knowings = result.knowings || []
-    let stats = 0
-    let status_stats = []
-    let approversSigned = []
-    //{"stats":"0/2","status":[{"user":"12","status":2},{"user":"35","status":2}]}
-    let last_status
-    details.map((item) => {
-      if (item.type == 1) {
-        if (item.status == 4 || item.status == 3) {
-          stats++
-          approversSigned.push(item.user_id + '')
-        }
-        status_stats.push({
-          user: item.user_id,
-          status: item.status,
-        })
-        last_status = item.status
-      }
-    })
-    post.approved_stats = JSON.stringify({
-      stats: stats + '/' + approvers.length,
-      status: status_stats,
-    })
-    if (stats == approvers.length) {
-      post.status = last_status
-    } else {
-      post.status = 5
-    }
-    if (status == 4) {
-      post.status = 4
-    }
-    await connection.update({ table: 'zapprovals', data: post, where: { id: result.ide } })
-    //send activity
-    await connection.insert({
-      table: 'zactivity',
-      data: {
-        company_id: result.company_id,
-        created_at: Util.now(),
-        created_by: result.user_id,
-        updated_by: result.user_id,
-        user_id: result.user_id,
-        table: MYMODEL.table,
-        id_data: result.ide,
-        status: status,
-        status_label: MYMODEL.widgets.status.fields[status],
-        title: MYMODEL.widgets.status.fields[status],
-        description: comments,
-        data: JSON.stringify(post),
-      },
-    })
-    //send notification
-    if (status == 3 || status == 4) {
-      let message = `Document ${result.title} has ${MYMODEL.widgets.status[status]};`
-      approvers.forEach(function (item) {
-        io.to(users[item].token).emit('message', message)
-      })
-      if (status == 3) {
-        // if type is serial is step by step
-        //send notification and generate email
-        //approversSigned
-        if (result.typee == 2) {
-          //get approvers has already sign
-          approversSigned.push(result.user_id)
-          var newApprovers = approvers.filter((item) => {
-            return !approversSigned.includes(item)
-          })
-          var item = newApprovers.length ? newApprovers[0] : ''
-          if (item) {
-            post = {
-              title_id: result.ide,
-              user_id: employee_user[item].user_id,
-              status: 7,
-              type: 1,
-              comments: comments,
-              token: Util.uuid(),
-              company_id: result.company_id,
-              created_at: Util.now(),
-              updated_at: Util.now(),
-              created_by: employee_user[item].user_id,
-              updated_by: employee_user[item].user_id,
-            }
-            await connection.insert({
-              table: 'zapprovals_details',
-              data: post,
-            })
-            let link = CONFIG.app.url + '/za/' + post.token
-            let email = users[item].username
-            post.subject = `Need Approve ${result.title}`
-            post.buttonTitle = `Approve Now`
-            post.title = `NEED APPROVE DOCUMENT`
-            post.link = link
-            post.url = CONFIG.app.url
-            post.description = `Hai ${users[item].fullname} <br>
-                We have some document for you.<br>
-                Please click the link above to view the document.`
-            post.note = `If you click the link, it's will be automatically acknowledged`
-            Mail.gmail(req, res, post, email)
-            //send to whatsapp
-            let sectionsAprrovers = approvers.reduce((temp, item, index) => {
-              return [
-                ...temp,
-                {
-                  title: users[item].fullname + ' ' + users[item].position,
-                  description: '@' + users[item].fullname + ' ' + users[item].position,
-                  rowId: 'roe' + index,
-                },
-              ]
-            }, [])
-            let sectionsKnowings = knowings.reduce((temp, item, index) => {
-              return [
-                ...temp,
-                {
-                  title: users[item].fullname + ' ' + users[item].position,
-                  description: '@' + users[item].fullname + ' ' + users[item].position,
-                  rowId: 'roe' + index,
-                },
-              ]
-            }, [])
-            let sections = []
-            sections.push({ title: 'Approvers', rows: sectionsAprrovers })
-            if (sectionsKnowings) {
-              sections.push({ title: 'Knowings', rows: sectionsKnowings })
-            }
-            //send notification
-            await connection.insert({
-              table: 'znotification',
-              data: {
-                company_id: result.company_id,
-                created_at: Util.now(),
-                created_by: employee_user[result.user_id].user_id,
-                updated_by: employee_user[result.user_id].user_id,
-                user_id: item,
-                table: MYMODEL.table,
-                id_data: data.id,
-                status: 1,
-                link: '/za/' + post.token,
-                status_label: 'Unread',
-                title: `Need Approve`,
-                description: data.title,
-                token: post.token,
-              },
-            })
-            //send todolist
-            await connection.insert({
-              table: 'ztodolist',
-              data: {
-                company_id: result.company_id,
-                created_at: Util.now(),
-                created_by: employee_user[result.user_id].user_id,
-                updated_by: employee_user[result.user_id].user_id,
-                user_id: item,
-                table: MYMODEL.table,
-                id_data: result.ide,
-                status: 1,
-                link: '/za/' + post.token,
-                status_label: 'Unread',
-                title: `Need Approve`,
-                description: result.title,
-                users: JSON.stringify(approvers),
-              },
-            })
-            //send toastr using socket.io
-            io.to(users[item].token).emit('message', 'Need Approve for document : ' + result.title)
-          }
-        }
-      }
-    }
-  } catch (err) {
-    debug(req, res, err)
-    json = Util.flashError(err.toString())
-  }
-  res.json(json)
-})
-router.get('/zdownload/zgenerator/:table', async (req, res) => {
-  var table = req.params.table
-  var path = `${dirRoot}/public/uploads/zgenerator/${table}.json`
-  res.download(path, function (err) {
-    if (err) {
-      //console.log(err);
-    }
-  })
-})
-router.post('/zlock-unlock/:table', async (req, res) => {
-  let json = Util.jsonSuccess('Success')
-  let table = req.params.table
-  let cacheRoles = myCache.get('ROLES')
-  let roleId = res.locals.roleId
-  let myrole = cacheRoles[roleId]
-  let tableRole = myrole.params[table] || []
-  let hasAccess = tableRole.includes('lock') ? true : false
-  if (hasAccess) {
-    let type = req.body.type
-    let datas = req.body.datas || []
-    if (datas.length > 0) {
-      for (const data of datas) {
-        let id = data.name.replace('ck[', '').replace(']', '')
-        await connection.update({
-          table: table,
-          data: {
-            lock: type,
-          },
-          where: {
-            id: id,
-          },
-        })
-      }
-    } else {
-      json = Util.flashError('No Data')
-    }
-  } else {
-    json = Util.flashError('No Access')
-  }
-  res.json(json)
-})
-router.post('/zdeleted-selected/:table', async (req, res) => {
-  let json = Util.jsonSuccess('Success')
-  let table = req.params.table
-  let cacheRoles = myCache.get('ROLES')
-  let roleId = res.locals.roleId
-  let myrole = cacheRoles[roleId]
-  let tableRole = myrole.params[table] || []
-  let hasAccess = tableRole.includes('lock') ? true : false
-  if (hasAccess) {
-    let type = req.body.type
-    let datas = req.body.datas || []
-    if (datas.length > 0) {
-      for (const data of datas) {
-        let id = data.name.replace('ck[', '').replace(']', '')
-        try {
-          await connection.delete({
-            table: table,
-            where: {
-              id: id,
-            },
-          })
-        } catch (e) {
-          io.emit('error', e + '')
-        }
-      }
-    } else {
-      json = Util.flashError('No Data')
-    }
-  } else {
-    json = Util.flashError('No Access')
-  }
-  res.json(json)
-})
-router.post('/zapproval-update/:table', async (req, res) => {
-  let json = Util.jsonSuccess('Success')
-  let table = req.params.table
-  let value = req.body.value
-  let text = req.body.text
-  let datas = req.body.datas || []
-  let roles = myCache.get('ROLES')[res.locals.roleId] || {}
-  let myaccess = roles.approvals[table]
-  let hasAccess = myaccess.hasOwnProperty(value) ? true : false
-  let canUpdate = true
-  let dataStatus = []
-  if (text == '') {
-    res.json(Util.flashError('please type a message'))
-    return false
-  }
-  if (hasAccess) {
-    if (datas.length > 0) {
-      for (const data of datas) {
-        let id = data.name.replace('ck[', '').replace(']', '')
-        let result = await connection.result({
-          select: 'id,approval_status,approval_history',
-          table: table,
-          where: {
-            id: id,
-          },
-        })
-        let approval_status = result.approval_status || null
-        let approval_history = result.approval_history || []
-        if (approval_status == null) {
-          canUpdate = true
-        } else if (approval_status == 22) {
-          canUpdate = true
-        } else {
-          if (+value > +approval_status) {
-            canUpdate = true
-          } else {
-            canUpdate = false
-          }
-        }
-        if (canUpdate) {
-          approval_history.push({
-            status: value,
-            user_id: res.locals.userId,
-            created_at: Util.now(),
-            text: text,
-          })
-          let mydata = {
-            approval_status: value,
-            approval_history: Util.array_to_jsonb(approval_history),
-          }
-          if (+value > 1 && +value < 22) {
-            mydata.lock = 1
-          }
-          if (+value === 22) {
-            mydata.lock = 0
-          }
-          await connection.update({
-            table: table,
-            where: {
-              id: id,
-            },
-            data: mydata,
-          })
-        } else {
-          dataStatus.push(`${id} -> Status has been delivered`)
-        }
-      }
-    } else {
-      json = Util.flashError('No Data')
-    }
-  } else {
-    json = Util.flashError('No Access')
-  }
-  json.dataStatus = dataStatus
-  res.json(json)
-})
-router.get('/addlock-fields', async (req, res) => {
-  let tables = await connection.query(connection.showTables)
-  for (const table of tables) {
-    let tablename = table.tablename
-    let sql = `ALTER TABLE ${tablename}  ADD COLUMN "lock" smallint DEFAULT 0 `
-    try {
-      await connection.query(sql)
-    } catch (e) {
-      console.log(e)
-    }
-  }
-  res.send(tables)
-})
-router.get('/addlock-models', async (req, res) => {
-  let text = ''
-  let results = await connection.results({
-    table: 'zfields',
-  })
-  for (const result of results) {
-    let labels = result.labels
-    let arr = Object.keys(labels)
-    if (!Util.in_array('lock', arr)) {
-      text += result.id + ' tidak ada'
-      labels.lock = 'Lock/Unlock'
-      try {
-        await connection.update({
-          table: 'zfields',
-          data: {
-            labels: JSON.stringify(labels),
-          },
-          where: {
-            id: result.id,
-          },
-        })
-      } catch (err) {
-        console.log(err)
-      }
-    }
-  }
-  res.send(text)
-})
-router.get('/addapprovals-data', async (req, res) => {
-  let tables = await connection.query(connection.showTables)
-  for (const table of tables) {
-    let tablename = table.tablename
-    let sql = `ALTER TABLE ${tablename}  ADD COLUMN "approval_status" smallint DEFAULT NULL`
-    let sql2 = `ALTER TABLE ${tablename}  ADD COLUMN "approval_history" jsonb[] DEFAULT NULL `
-    try {
-      await connection.query(sql)
-    } catch (e) {
-      console.log(e)
-    }
-    try {
-      await connection.query(sql2)
-    } catch (e) {
-      console.log(e)
-    }
-  }
-  res.send(tables)
-})
-router.get('/addapproval-models', async (req, res) => {
-  let text = ''
-  let results = await connection.results({
-    table: 'zfields',
-  })
-  for (const result of results) {
-    let labels = result.labels
-    let arr = Object.keys(labels)
-    if (!Util.in_array('approval_status', arr)) {
-      text += result.id + ' tidak ada'
-      //approval_status_id : "Approval Status",
-      labels.approval_status = 'Approval Status'
-      labels.approval_history = 'Approval History'
-      try {
-        await connection.update({
-          table: 'zfields',
-          data: {
-            labels: JSON.stringify(labels),
-          },
-          where: {
-            id: result.id,
-          },
-        })
-      } catch (err) {
-        console.log(err)
-      }
-    }
-  }
-  res.send(text)
-})
-//post dropzone widget
-router.post('/zdropzone', async (req, res) => {
-  try {
-    let userId = res.locals.userId
-    if (userId) {
-      let dir = `${dirRoot}/public/zdropzone/${userId}`
-      if (!fs.existsSync(dir)) {
-        fs.mkdirSync(dir, { recursive: true })
-      }
-      let filename = req.files.file.name
-      req.files.file.mv(dir + '/' + filename, function (err) {
-        if (err) {
-          return res.status(500).send(err + '')
-        }
-      })
-    }
-    res.json('ok')
-  } catch (e) {
-    console.log(e)
-    res.status(500)
-    res.send(e + '')
-  }
-})
-router.post('/zdropzone-remove', async (req, res) => {
-  try {
-    let userId = res.locals.userId
-    let cacheName = req.body.cname.replace('ZUSER___ID', userId)
-    let dir = `${dirRoot}/public/zdropzone/${userId}`
-    if (!fs.existsSync(dir)) {
-      fs.mkdirSync(dir, { recursive: true })
-    }
-    let filename = `${dirRoot}/public/zdropzone/${userId}/${req.body.file}`
-    if (Util.fileExist(filename)) {
-      await fs.unlink(filename)
-      if (myCache.has(cacheName)) {
-        arr = myCache.get(name)
-      }
-      arr = Util.arrayDelete(arr, body.file)
-      myCache.set(name, arr)
-    }
-    res.json('ok')
-  } catch (e) {
-    console.log(e)
-    res.status(500).send(e + '')
-  }
-})
-router.post('/zdropzone-attributes', async (req, res) => {
-  try {
-    let userId = res.locals.userId
-    let dir = `${dirRoot}/public/zdropzone/${userId}`
-    if (!fs.existsSync(dir)) {
-      fs.mkdirSync(dir, { recursive: true })
-    }
-    let body = req.body
-    let category = body.category
-    let name = `dropzone__${userId}__${body.table}__${body.field}__${body.type}`
-    //dropzone__${res.locals.userId}__${table}__${key}__create
-    let arr = []
-    if (category === 'add') {
-      if (myCache.has(name)) {
-        arr = myCache.get(name)
-      }
-      arr.push(body.file)
-    } else {
-      name = `dropzone__${userId}__${body.table}__${body.field}__${body.type}`
-      if (myCache.has(name)) {
-        arr = myCache.get(name)
-      }
-      arr = Util.arrayDelete(arr, body.file)
-    }
-    myCache.set(name, arr)
-    res.json('ok')
-  } catch (e) {
-    console.log(e)
-    res.status(500).send(e + '')
-  }
-})
-router.post('/zhistory-data', async (req, res) => {
-  let html = ''
-  try {
-    let id = req.body.id
-    let table = req.body.table
-    const relations = await zRoute.relations(req, res, table)
-    const MYMODELS = zRoute.MYMODELS()
-    const MYMODEL = MYMODELS[table]
-    let results = await connection.results({
-      table: 'zhistory',
-      where: {
-        module: table,
-        module_id: id,
-      },
-      order_by: ['id asc'],
-    })
-    if (results.length > 0) {
-      let users = {}
-      if (myCache.has('users')) {
-        users = myCache.get('users')
-      } else {
-        users = Util.arrayToObject(
-          await connection.results({
-            table: 'zuser',
-          }),
-          'id'
-        )
-        myCache.set('users', users)
-      }
-      html = await zRoute.history(req, res, relations, id, MYMODEL, users, results)
-    }
-    res.json(html)
-  } catch (e) {
-    console.log(e)
-    res.json(e + '')
-  }
-})
-router.get('/zdownloads-dropzone/:table/:field/:id', async (req, res) => {
-  try {
-    let table = req.params.table
-    let field = req.params.field
-    let id = req.params.id
-    const room = res.locals.token
-    let result = await connection.result({
-      table: table,
-      where: {
-        id: id,
-      },
-    })
-    let dir = `${dirRoot}/public/uploads/${table}/${field}/`
-    let arr = []
-    let files = result[field]
-    for (const file of files) {
-      if (Util.fileExist(dir + file)) {
-        let filename = file.substring(13)
-        arr.push({ path: dir + file, name: filename })
-        io.to(room).emit('info', `Zip file ${filename}`)
-      }
-    }
-    io.to(room).emit('info', `Zip file completed...`)
-    res.zip(arr, `${field}_${table}_${id}.zip`)
-  } catch (e) {
-    console.log(e)
-    res.json(e + '')
-  }
-})
-module.exports = router
+const express = require('express')
+const router = express.Router()
+const csrf = require('csurf')
+const csrfProtection = csrf({ cookie: true })
+const zRoute = require('./zRoute')
+const connection = require('./connection')
+const access = require('./access')
+const myCache = require('./cache')
+const Util = require('./Util')
+const moment = require('moment')
+const fs = require('fs-extra')
+const moduleLib = require('./moduleLib')
+var env = process.env.NODE_ENV || 'development'
+var ecosystem = require(`./../../../ecosystem.config.js`)
+const config = require('dotenv').config()
+const debug = require('./debug')
+const io = require('./io')
+const Mail = require('./Mail')
+const zCache = require('./zCache')
+const pm2 = require('pm2')
+const zFunction = require('./zFunction')
+const qs = require('qs')
+const zip = require('express-zip')
+/*
+ ajax Post
+ */
+router.post('/zajax', zRoute.ajax)
+router.get('/ztypeahead/:table/:field', zRoute.typeahead)
+router.post('/ztypeaheadpost/:table/:field', zRoute.typeaheadpost)
+//password
+router.post('/password-change', zRoute.changePassword)
+router.post('/reset-password/:forgot_password', zRoute.resetPassword)
+//logout
+router.get('/logout', zRoute.logout)
+/*
+function for build form for table type
+ */
+router.post('/buildform', csrfProtection, zRoute.buildForm)
+/*
+function for tab access if any
+ */
+router.post('/ztab-access', csrfProtection, zRoute.tabAccess)
+router.get('/profile', csrfProtection, access, async (req, res) => {
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  let result = await connection.result({ table: 'zuser', where: { id: res.locals.userId } })
+  let role = await connection.result({ table: 'zrole', where: { id: result.role_id } })
+  let canEditCompany = false
+  if (result.role_id == 1 || result.role_id == 2) {
+    canEditCompany = true
+  }
+  let company = await connection.result({ table: 'zcompany', where: { id: res.locals.companyId } })
+  let verify_signed = result.verify_signed ? '/uploads/zuser/' + result.verify_signed : '/img/user.png'
+  res.render('layouts/' + layout, {
+    menu: { menu: 'profile' },
+    data: result,
+    attributeData: MYMODEL,
+    role: role,
+    company: company,
+    canEditCompany: canEditCompany,
+    verify_signed: verify_signed,
+    routeName: 'zuser',
+    csrfToken: req.csrfToken(),
+    renderHead: 'index/profile_head.ejs',
+    renderBody: 'index/profile.ejs',
+    renderEnd: 'index/profilejs.ejs',
+  })
+})
+router.post('/profile', access, async (req, res) => {
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  let json = Util.jsonSuccess(LANGUAGE['data_saved'])
+  let userId = req.session.user.id
+  let dataPost = zRoute.post(req, res, MYMODEL, 'zuser', req.body)
+  let data = dataPost['zuser']
+  if (req.body.company) {
+    await connection.update({
+      table: 'zcompany',
+      data: { name: req.body.company },
+      where: {
+        id: res.locals.companyId,
+      },
+    })
+  }
+  await connection.update({
+    table: 'zuser',
+    data: data,
+    where: {
+      id: userId,
+    },
+  })
+  for (var keys in data) {
+    req.session.user[keys] = data[keys]
+  }
+  req.session.sessionFlash = json
+  if (data.image) {
+    json.image = Util.imageProfile(data.image)
+  }
+  res.json(json)
+})
+router.post('/profile-sign', access, async (req, res) => {
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  let json = Util.jsonSuccess(LANGUAGE['data_saved'])
+  let userId = res.locals.userId
+  let image = req.body.image
+  let ext = req.body.ext
+  let base64Image = image.split(';base64,').pop()
+  let filename = `${Util.generateUnique(10)}${res.locals.userId}.${ext}`
+  await connection.update({
+    table: 'zuser',
+    where: {
+      id: res.locals.userId,
+    },
+    data: {
+      verify_signed: filename,
+    },
+  })
+  fs.writeFile(dirRoot + '/public/uploads/zuser/' + filename, base64Image, { encoding: 'base64' }, function (err) {})
+  res.json(json)
+})
+//check status user login in session
+router.put('/zuser-session', csrfProtection, async (req, res) => {
+  let json = Util.flashError('err')
+  if (USER_ID > 0) {
+    json = Util.jsonSuccess('Success')
+  }
+  res.json(json)
+})
+router.get('/login', csrfProtection, async (req, res) => {
+  if (res.locals.isLogin) {
+    return res.redirect(process.env.APP_AFTER_LOGIN)
+  } else {
+    await zFunction('form_login', req, res)
+  }
+  const isError = req.query.err == 1 ? true : false
+  if (isError) {
+    res.locals.error = null
+  }
+  res.locals.menuApp = 'login'
+  res.render('layouts/blank', {
+    isError: isError,
+    csrfToken: req.csrfToken(),
+    renderHead: 'index/logincss.ejs',
+    renderBody: 'index/login.ejs',
+  })
+})
+router.post('/login', csrfProtection, async (req, res) => {
+  await zRoute.login(req.body.username, req.body.password, req, res)
+})
+router.post('/login-ajax', csrfProtection, async (req, res) => {
+  res.json(await zRoute.loginAjax(req.body.username, req.body.password, req, res))
+})
+router.get('/signup', csrfProtection, async (req, res) => {
+  res.locals.menuApp = 'signup'
+  if (res.locals.isLogin) {
+    return res.redirect(CONFIG.app.afterLogin)
+  } else {
+    await zFunction('form_register', req, res)
+  }
+  res.render('layouts/blank', {
+    renderBody: 'index/signup.ejs',
+  })
+})
+router.post('/signup', async (req, res) => {
+  let body = req.body
+  let menuData = {}
+  let userCompany = {}
+  let user = {}
+  let company = {}
+  try {
+    let validation = registrationValidation(body)
+    if (validation.status == 0) {
+      res.json(Util.flashError(validation.message))
+      return false
+    }
+    let dataCompany = {
+      code: Util.generateUnique(5),
+      name: body.company,
+      created_at: Util.now(),
+      updated_at: Util.now(),
+      created_by: 1,
+      updated_by: 1,
+    }
+    company = await connection.insert({
+      table: 'zcompany',
+      data: dataCompany,
+    })
+    let dataCache = zCache.myCache.has(body.username)
+      ? zCache.get(body.username)
+      : {
+          fullname: '',
+          email: '',
+          image: '',
+        }
+    let dataUser = {
+      company_id: company.id,
+      created_at: Util.now(),
+      updated_at: Util.now(),
+      created_by: 1,
+      updated_by: 1,
+      role_id: 2,
+      token: Util.generateUnique(28),
+      username: body.username,
+      email: body.username,
+      password: Util.hash(body.password),
+      fullname: body.fullname,
+      image: !dataCache.image ? '' : dataCache.image,
+      active: 1,
+      language: '1',
+    }
+    user = await connection.insert({
+      table: 'zuser',
+      data: dataUser,
+    })
+    //insert user company
+    userCompany = await connection.insert({
+      table: 'zuser_company',
+      data: {
+        role_id: 2,
+        company_id: company.id,
+        user_id: user.id,
+      },
+    })
+    let menu = await connection.result({
+      table: 'zmenu',
+      where: {
+        id: 1,
+      },
+    })
+    //insert menu dari user yang sudah ada menu
+    menuData = await connection.insert({
+      table: 'zmenu',
+      data: {
+        company_id: company.id,
+        created_at: Util.now(),
+        updated_at: Util.now(),
+        created_by: 1,
+        updated_by: 1,
+        name: menu.name,
+        json: JSON.stringify(menu.json),
+        active: 1,
+      },
+    })
+    await zRoute.loginAjax(dataUser.username, body.password, req, res)
+    //refresh cache
+    await zCache.renew()
+    res.json(Util.jsonSuccess(LANGUAGE.success))
+  } catch (e) {
+    if (menuData && menuData.id) {
+      await connection.delete({
+        table: 'zmenu',
+        where: {
+          id: menuData.id,
+        },
+      })
+    }
+    if (userCompany && userCompany.id) {
+      await connection.delete({
+        table: 'zuser_company',
+        where: {
+          id: userCompany.id,
+        },
+      })
+    }
+    if (user && user.id) {
+      await connection.delete({
+        table: 'zuser',
+        where: {
+          id: user.id,
+        },
+      })
+    }
+    if (company && company.id) {
+      await connection.delete({
+        table: 'zcompany',
+        where: {
+          id: company.id,
+        },
+      })
+    }
+    res.json(Util.flashError(e.toString()))
+  }
+})
+const registrationValidation = (body) => {
+  let json = {
+    message: 'ok',
+    status: 0,
+  }
+  if (!Util.validateEmail(body.username)) {
+    json.message = 'Email format is wrong!!'
+  }
+  if (body.password != body.confirm_password) {
+    json.message = 'Password not equal to confirm password'
+  }
+  if (body.password.length < 6) {
+    json.message = 'Password must be at least 6 chars'
+  }
+  if (body.fullname.length < 3) {
+    json.message = 'Fullname must be at least 3 chars'
+  }
+  if (body.company.length < 3) {
+    json.message = 'Company Name must be at least 3 chars'
+  }
+  json.status = json.message == 'ok' ? 1 : 0
+  return json
+}
+const registrationCUSTOMValidation = (body) => {
+  var json = {
+    message: 'ok',
+    status: 0,
+  }
+  if (!Util.validateEmail(body.username)) {
+    json.message = 'Format email salah'
+  }
+  if (body.password != body.confirm_password) {
+    json.message = 'Password dan repasword tidak cocok'
+  }
+  if (body.password.length < 6) {
+    json.message = 'Password kurang dari 6 '
+  }
+  if (body.fullname.length < 6) {
+    json.message = 'Nama lengkap kurang lengkap'
+  }
+  if (body.phone.length < 6) {
+    json.message = 'No telp kurang lengkap'
+  }
+  json.status = json.message == 'ok' ? 1 : 0
+  return json
+}
+router.post('/signup-custom', async (req, res) => {
+  var body = req.body
+  try {
+    var validation = registrationCUSTOMValidation(body)
+    if (validation.status == 0) {
+      res.json(Util.flashError(validation.message))
+      return false
+    }
+    var dataUser = {
+      company_id: 1,
+      created_at: Util.now(),
+      updated_at: Util.now(),
+      created_by: 1,
+      updated_by: 1,
+      role_id: 4,
+      token: Util.generateUnique(28),
+      username: body.username,
+      email: body.username,
+      password: Util.hash(body.password),
+      fullname: body.fullname,
+      phone: body.phone,
+      verify_signed: 'lizhn63iqA8CVDQeOw8.png',
+      active: 0,
+      language: '2',
+    }
+    var user = await connection.insert({
+      table: 'zuser',
+      data: dataUser,
+    })
+    var userCompany = await connection.insert({
+      table: 'zuser_company',
+      data: {
+        role_id: 4,
+        company_id: 1,
+        user_id: user.id,
+      },
+    })
+    /* await zRoute.loginAjax(dataUser.username, body.password, req, res);
+         //refresh cache
+         await zCache.renew();*/
+    res.json(Util.jsonSuccess('Successfuly'))
+  } catch (e) {
+    res.json(Util.flashError(e.toString()))
+  }
+})
+router.post('/gridprint', async (req, res) => {
+  let html = ''
+  let id = req.body.id
+  let table = req.body.table
+  if (id) {
+    let results = await connection.results({
+      table: 'zapprovals',
+      where: {
+        id_data: id,
+        table: table,
+      },
+    })
+    if (results.length) {
+      let result = results[0]
+      if (result.status == 3 || result.status == 4) {
+        html += `<button class="btn btn-sm btn-info  gridprint" data-token="${result.token}"><span class="fa fa-print"></span></button> `
+      }
+    }
+  }
+  res.json(html)
+})
+router.get('/failed', async function (req, res) {
+  let template = 'fronts'
+  res.render('layouts/' + template, {
+    menu: 'failed',
+    renderBody: 'index/failed.ejs',
+    Util: Util,
+  })
+})
+router.get('/forgot', csrfProtection, async (req, res) => {
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  if (res.locals.isLogin) {
+    return res.redirect('/dashboard')
+  }
+  let script = `submitForm('forgot-form',"","",function(data){if (data.status == 1) {
+     toastrForm(data);spinner.hide();
+                         setTimeout(function () {location.href='/';},6000);
+                }});`
+  await moduleLib.custom(req, res, script)
+  res.render('layouts/fronts', {
+    csrfToken: req.csrfToken(),
+    attributeData: MYMODEL,
+    routeName: 'zuser',
+    data: MYMODEL.datas,
+    renderBody: 'index/forgot.ejs',
+  })
+})
+router.post('/forgot', csrfProtection, async (req, res) => {
+  let json = Util.jsonError('email', 'Email not found in our database')
+  let routeName = 'user'
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zuser']
+  let data = zRoute.post(req, res, MYMODEL)['zuser']
+  var port = ecosystem.apps[0].env.PORT
+  var url = env == 'production' ? process.env.APP_URL : 'http://localhost:' + port
+  let email = data.email || ' '
+  email = email.trim()
+  if (email.length > 5) {
+    let rows = await connection.results({
+      table: 'zuser',
+      where: {
+        email: email,
+      },
+    })
+    if (rows.length > 0) {
+      let post = {
+        forgot_password: Util.generateUnique(23),
+      }
+      await connection.update({
+        table: 'zuser',
+        where: {
+          id: rows[0].id,
+        },
+        data: post,
+      })
+      let options = {
+        to: email,
+        subject: 'Forgot Password',
+      }
+      let datas = {
+        config: {
+          app: {
+            url: url,
+          },
+        },
+        url: url,
+        link: url + '/reset-password/' + post.forgot_password,
+      }
+      Mail.forgotPassword(datas, options)
+      json = Util.jsonSuccess('Please check your email to reset ')
+    }
+  }
+  res.json(json)
+})
+router.get('/reset-password/:forgot_password', csrfProtection, async (req, res) => {
+  let forgot_password = req.params.forgot_password || ''
+  let activated = false
+  if (forgot_password != '') {
+    let results = await connection.results({
+      table: 'zuser',
+      where: {
+        forgot_password: forgot_password,
+      },
+    })
+    if (results.length > 0) {
+      activated = true
+    }
+  }
+  var script = `submitForm('form-group','','',function(data){
+        if(data.status==1){
+            location.href = '/login'
+        }
+    });`
+  await moduleLib.custom(req, res, script)
+  res.render('layouts/fronts', {
+    activated: activated,
+    csrfToken: req.csrfToken(),
+    forgot_password: forgot_password,
+    renderBody: 'index/reset-password.ejs',
+  })
+})
+router.get('/no-access', async (req, res) => {
+  let myview = 'fronts'
+  if (req.session.user) {
+    myview = 'main'
+  }
+  res.render('layouts/' + myview, {
+    data: { table: 'error' },
+    menu: 'error',
+    renderBody: 'index/no-access.ejs',
+  })
+})
+router.get('/page_not_found', async (req, res) => {
+  res.render('layouts/page_not_found', {
+    data: { table: 'error' },
+    menu: 'error',
+    //renderBody: "index/no-found.ejs",
+  })
+})
+// for change company session
+router.get('/session/:id', access, async (req, res) => {
+  let companies = res.locals.zcompanies
+  let user = await connection.result({
+    table: 'zuser',
+    where: {
+      id: res.locals.userId,
+    },
+  })
+  for (let i = 0; i < companies.length; i++) {
+    if (companies[i].id == req.params.id) {
+      user.company_id = req.params.id
+      await zRoute.handleSession(req, user)
+      var post = {
+        company_id: companies[i].id,
+        role_id: companies[i].role_id,
+      }
+      await connection.update({
+        table: 'zuser',
+        data: post,
+        where: {
+          id: res.locals.userId,
+        },
+      })
+    }
+  }
+  var backURL = req.header('Referer') || '/'
+  // do your thang
+  res.redirect(backURL)
+})
+//RESTART
+router.get('/restart', access, async (req, res) => {
+  var room = res.locals.user.token
+  if (env == 'production') {
+    pm2.connect(function (err) {
+      if (err) {
+        io.to(room).emit('error', err.toString())
+      }
+      pm2.restart(process.env.PM2_NAME, (err, proc) => {
+        io.to(room).emit('message', 'Restart done')
+      })
+    })
+  } else {
+    io.to(room).emit('message', 'Restart done')
+  }
+  res.json('ok')
+})
+//ERROR UI
+router.get('/error', async (err, req, res, next) => {
+  res.locals.message = err.message
+  res.locals.error = req.app.get('env') === 'development' ? err : err
+  // render the error page
+  res.status(err.status || 500)
+  debug(req, res, err)
+  res.render('layouts/' + layout, {
+    renderBody: 'index/error.ejs',
+  })
+})
+//APPROVAL SYSTEMS
+router.post('/zzapproval', async (req, res) => {
+  let json = Util.jsonSuccess(LANGUAGE['data_saved'])
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zapprovals']
+  const port = ecosystem.apps[0].env.PORT
+  let users = Util.arrayToObject(await connection.results({ table: 'zuser' }), 'id')
+  try {
+    let userId = res.locals.userId
+    let data = zRoute.post(req, res, MYMODEL)[MYMODEL.table]
+    let validator = zRoute.validator(data, MYMODEL)
+    if (validator.status == 0) return res.json(validator.message)
+    if (data.status == 2) {
+      if (!data.approvers) {
+        return res.json(Util.flashError('Approvers empty'))
+      }
+      if (data.title == '') {
+        return res.json(Util.flashError('Title empty', 'title'))
+      }
+    }
+    //update template for newst
+    var row = await connection.result({ table: 'zfields', where: { table: data.table } })
+    var jsonApproval = row.approval_json || {}
+    data.template = jsonApproval.content || {}
+    var approvers = []
+    if (typeof data.approvers == 'string') {
+      data.approvers = JSON.parse(data.approvers)
+    }
+    approvers = data.approvers || []
+    if (approvers.length > 1) {
+      approvers = approvers.filter(Util.arrayUnique)
+    }
+    data.approvers = JSON.stringify(approvers)
+    let knowings = []
+    if (typeof data.knowings == 'string') {
+      data.knowings = JSON.parse(data.knowings)
+    }
+    knowings = data.knowings || []
+    if (knowings.length > 1) {
+      knowings = knowings.filter(Util.arrayUnique)
+    }
+    data.knowings = JSON.stringify(knowings)
+    let allUsers = [...approvers, ...knowings]
+    let statusApprovers = approvers.reduce((result, item) => {
+      return [...result, { user: item, status: 2 }]
+    }, [])
+    data.approved_stats = JSON.stringify({
+      stats: `0/${approvers.length}`,
+      status: statusApprovers,
+    })
+    let knowingStatus = knowings.reduce((result, item) => {
+      return [...result, { user: item, status: 7 }]
+    }, [])
+    data.knowing_stats = JSON.stringify({
+      stats: `0/${knowings.length}`,
+      status: knowingStatus,
+    })
+    let results = await connection.results({
+      table: MYMODEL.table,
+      where: { table: data.table, id_data: data.id_data },
+    })
+    if (results.length) {
+      let query = await zRoute.updateSQL(req, res, MYMODEL.table, data, { id: results[0].id })
+      data.id = results[0].id
+    } else {
+      var query = await zRoute.insertSQL(req, res, MYMODEL.table, data)
+      data.id = query.id
+    }
+    if (data.status == 2) {
+      //send activity
+      /* await zRoute.insertSQL(req, res, "zactivity", {
+                 user_id: res.locals.userId,
+                 table: MYMODEL.table,
+                 id_data: data.id,
+                 status: data.status,
+                 status_label: MYMODEL.widgets.status.fields[data.status],
+                 title: MYMODEL.widgets.status.fields[data.status],
+                 description: users[res.locals.userId].fname + " " +users[res.locals.userId].lname ,
+                 data: JSON.stringify(data)
+             });*/
+      //if serial
+      if (data.type == 2) {
+        approvers = [approvers[0]]
+      }
+      let sectionsAprrovers = approvers.reduce((temp, item, index) => {
+        return [
+          ...temp,
+          {
+            title: users[item].fullname,
+            description: '@' + users[item].fullname,
+            rowId: 'row' + index,
+          },
+        ]
+      }, [])
+      let sectionsKnowings = knowings.reduce((temp, item, index) => {
+        return [
+          ...temp,
+          {
+            title: users[item].fullname,
+            description: '@' + users[item].fullname,
+            rowId: 'row' + index,
+          },
+        ]
+      }, [])
+      let sections = []
+      sections.push({ title: 'Approvers', rows: sectionsAprrovers })
+      if (sectionsKnowings) {
+        sections.push({ title: 'Knowings', rows: sectionsKnowings })
+      }
+      approvers.forEach(async (item, num) => {
+        let post = {
+          title_id: data.id,
+          user_id: item,
+          status: 7,
+          type: 1,
+          token: Util.uuid(),
+        }
+        await zRoute.insertSQL(req, res, 'zapprovals_details', post)
+        let link = env == 'production' ? process.env.APP_URL + '/za/' + post.token : `http://localhost:${port}/za/${post.token}`
+        let email = users[post.user_id].email
+        post.subject = `Need Approve ${data.title}`
+        post.buttonTitle = `Approve Now`
+        post.title = `NEED APPROVE DOCUMENT`
+        post.link = link
+        post.url = CONFIG.app.url
+        post.description = `Hai ${users[post.user_id].fullname} <br>
+                We have some document for you.<br>
+                Please click the link above to view the document.`
+        post.note = `If you click the link, it's will be automatically acknowledged`
+        Mail.gmail(req, res, post, email)
+        //send to whatsapp
+        let phone = Util.phoneWA(users[post.user_id].phone)
+        if (phone) {
+          var textWa = ''
+          textWa += `*NEED APPROVE DOCUMENT* \r\n_${data.title}_\r\nHai ${users[post.user_id].fullname} \r\n \r\n`
+          textWa += 'We have some document for you.\r\n'
+          textWa += `Please click the link above to view the document.\r\n${link}`
+          /* await whatsapp({
+                         to: phone,
+                         text: textWa,
+                         sections: JSON.stringify(sections),
+                         buttonText: "Click me for details"
+                     });*/
+        }
+        //send notification
+        /* await zRoute.insertSQL(req, res, "znotification", {
+                     user_id: item,
+                     table: MYMODEL.table,
+                     id_data: data.id,
+                     status: 1,
+                     link: "/za/" + post.token,
+                     status_label: MYMODEL.widgets.status.fields[1],
+                     title: `Need Approve`,
+                     description: data.title,
+                     token: post.token
+                 });*/
+        //send todolist
+        /* await zRoute.insertSQL(req, res, "ztodolist", {
+                     user_id: item,
+                     table: MYMODEL.table,
+                     id_data: data.id,
+                     status: 1,
+                     link: "/za/" + post.token,
+                     status_label: MYMODEL.widgets.status.fields[1],
+                     title: `Need Approve`,
+                     description: data.title,
+                     users: JSON.stringify(allUsers)
+                 });*/
+        //send toastr using socket.io
+        io.to(users[item].token).emit('message', 'Need Approve ' + data.title)
+      })
+      knowings.map(async (item) => {
+        let post = {
+          title_id: data.id,
+          user_id: item,
+          status: 7,
+          type: 2,
+          token: Util.uuid(),
+        }
+        await zRoute.insertSQL(req, res, 'zapprovals_details', post)
+        let link = env == 'production' ? process.env.APP_URL + '/za/' + post.token : `http://localhost:${port}/za/${post.token}`
+        let email = users[post.user_id].email
+        post.subject = `Need acknowledge ${data.title}`
+        post.buttonTitle = `Acknowledge Now`
+        post.title = `NEED ACKNOWLEDGE DOCUMENT`
+        post.link = link
+        post.url = CONFIG.app.url
+        post.description = `Hai ${users[post.user_id].fullname} <br>
+                We have some document for you.<br>
+                Please click the link above to view the document.`
+        post.note = `If you click the link, it's will be automatically acknowledged`
+        Mail.gmail(req, res, post, email)
+        //send to whatsapp
+        let phone = Util.phoneWA(users[post.user_id].phone)
+        if (phone) {
+          var textWa = ''
+          textWa += `*NEED ACKNOWLEDGE DOCUMENT* \r\n_${data.title}_\r\nHai ${users[post.user_id].fullname} \r\n \r\n`
+          textWa += 'We have some document for you.\r\n'
+          textWa += `Please click the link above to view the document.\r\n${link}`
+          /*  await whatsapp({
+                          to: phone,
+                          text: textWa,
+                          sections: JSON.stringify(sections),
+                          buttonText: "Click me for details"
+                      });*/
+        }
+        //send activity
+        /*                await cRoute.insertSQL(req, res, "zactivity",{
+                 user_id:item,
+                 table:MYMODEL.table,
+                 id_data:data.id,
+                 status:7,
+                 status_label: MYMODEL.widgets.status.fields[7],
+                 title : MYMODEL.widgets.status.fields[7],
+                 description: data.title,
+                 data:JSON.stringify(data)
+                 });*/
+        //send notification
+        /*   await zRoute.insertSQL(req, res, "znotification", {
+                       user_id: item,
+                       table: MYMODEL.table,
+                       id_data: data.id,
+                       status: 1,
+                       link: "/za/" + post.token,
+                       status_label: MYMODEL.widgets.status.fields[1],
+                       title: `Need Acknowledge`,
+                       description: data.title,
+                       token: post.token
+                   });
+                   //send todolist
+                   await zRoute.insertSQL(req, res, "ztodolist", {
+                       user_id: item,
+                       table: MYMODEL.table,
+                       id_data: data.id,
+                       status: 1,
+                       link: "/za/" + post.token,
+                       status_label: MYMODEL.widgets.status.fields[1],
+                       title: `Need Acknowledge`,
+                       description: data.title,
+                       users: JSON.stringify(allUsers)
+                   });*/
+        io.to(users[item].token).emit('message', 'Need Acknowledge ' + data.title)
+      })
+    }
+  } catch (err) {
+    if (Object.prototype.hasOwnProperty.call(err, 'sqlMessage')) {
+      json = Util.flashError(err.sqlMessage)
+    } else {
+      json = Util.flashError(err.toString())
+    }
+    debug(req, res, err)
+  }
+  res.json(json)
+})
+router.get('/za/:token', csrfProtection, async (req, res) => {
+  let token = req.params.token
+  let data = {},
+    data2 = {}
+  let template = ''
+  let result
+  let isClosed = false
+  let footers = ''
+  let details = []
+  let routeName = env == 'production' ? process.env.APP_URL : `http://localhost:${port}`
+  let statusLabel = ''
+  let knowings = []
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zapprovals']
+  let users = Util.arrayToObject(await connection.results({ table: 'zuser' }), 'id')
+  try {
+    result = await connection.result({
+      select: '*, zapprovals.id as ide, zapprovals_details.token as usertoken, zapprovals.status as statuse, zapprovals_details.status as mystatus,  zapprovals_details.type as user_type,  zapprovals_details.updated_at',
+      table: 'zapprovals_details',
+      joins: ['LEFT JOIN zapprovals ON (zapprovals_details.title_id = zapprovals.id)', 'LEFT JOIN employee ON (zapprovals_details.user_id = employee.id)'],
+      where: { 'zapprovals_details.token': token },
+    })
+    let approvers = result.approvers
+    knowings = result.knowings ? result.knowings : []
+    statusLabel = MYMODEL.widgets.status.fields[result.statuse]
+    routeName = routeName + '/' + result.table + '/view/' + result.id_data
+    if (result.statuse == 3 || result.statuse == 4 || result.mystatus == 3 || result.mystatus == 4) {
+      isClosed = true
+    }
+    details = await connection.results({ table: 'zapprovals_details', where: { title_id: result.ide } })
+    if (result.user_type == 2) {
+      isClosed = true
+      var post = {
+        status: 6, //read
+      }
+      await connection.update({ table: 'zapprovals_details', data: post, where: { token: token } })
+      //set stats
+      //{"stats":"0/1","status":[{"user":"12","status":0}]}
+      let knowing_stats = result.knowing_stats || {}
+      let statuses = knowing_stats.status
+      let stats = knowing_stats.stats
+      let explode = stats.split('/')
+      let count = parseInt(explode[0])
+      let newStatus = []
+      knowings = result.knowings || []
+      statuses.map((item) => {
+        if (item.user == result.user_id && result.mystatus != 3) {
+          item.status = 3
+          if (count < knowings.length) {
+            count = count + 1
+          }
+          newStatus.push(item)
+        } else {
+          newStatus.push(item)
+        }
+      })
+      if (result.mystatus != 3) {
+        post = {
+          knowing_stats: JSON.stringify({ stats: count + '/' + explode[1], status: newStatus }),
+        }
+        await connection.update({ table: 'zapprovals', data: post, where: { id: result.ide } })
+        //var users = await zRoute.getUsers();
+        var message = users[result.user_id].fullname + ' has readed document ' + result.title
+        details.forEach(function (item) {
+          io.to(users[item.user_id].token).emit('message', message)
+        })
+      }
+    }
+    MYMODEL = MYMODELS[result.table]
+    let row = await connection.result({ table: MYMODEL.table, where: { id: result.id_data } })
+    data = await zRoute.viewTable(req, res, MYMODEL, row)
+    template = result.template
+    for (var key in data) {
+      template = Util.replaceAll(template, '{{' + key + '}}', data[key])
+    }
+    footers = await zRoute.approversFooter(details)
+    //send activity
+    if (result.mystatus == 7) {
+      MYMODEL = MYMODELS['zapprovals']
+      /* await connection.insert({
+                 table: "zactivity",
+                 data: {
+                     company_id: result.company_id,
+                     created_at: Util.now(),
+                     created_by: result.user_id,
+                     updated_by: result.user_id,
+                     user_id: result.user_id,
+                     table: MYMODEL.table,
+                     id_data: result.ide,
+                     status: 6,
+                     status_label: MYMODEL.widgets.status.fields[6],
+                     title: `${MYMODEL.widgets.status.fields[6]}`,
+                     description: `Ok `,
+                     data: JSON.stringify(data)
+                 }
+             });
+ */
+      await connection.update({
+        table: 'zapprovals_details',
+        where: {
+          token: token,
+        },
+        data: { status: 6 },
+      })
+    }
+  } catch (err) {
+    debug(req, res, err)
+    res.send('Not Found')
+  }
+  res.render('layouts/blank', {
+    routeName: routeName,
+    Util: Util,
+    data: data,
+    statusLabel: statusLabel,
+    template: template,
+    result: result,
+    statusLabel: statusLabel,
+    isClosed: isClosed,
+    footers: footers,
+    csrfToken: req.csrfToken(),
+    token: result.usertoken,
+    tokendoc: token,
+    renderHead: 'index/zacss.ejs',
+    renderBody: 'index/za.ejs',
+    renderEnd: 'index/zajs.ejs',
+  })
+})
+router.post('/za/:token', csrfProtection, async (req, res) => {
+  let token = req.params.token
+  let comments = req.body.comments
+  let status = req.body.status
+  let json = Util.jsonSuccess('Success')
+  let data = {},
+    data2 = {}
+  let template = ''
+  let approvers = [],
+    knowings = []
+  let users = Util.arrayToObject(await connection.results({ table: 'zuser' }), 'id')
+  let employee_user = users
+  const MYMODELS = myCache.get('MYMODELS')
+  let MYMODEL = MYMODELS['zapprovals']
+  let post = {}
+  try {
+    var results = await connection.results({
+      select: '*,zapprovals_details.status as approvers_status, zapprovals.created_by as submiter,  zapprovals.type as typee, zapprovals.status as statuse, zapprovals_details.id as detaild_id, zapprovals.id as ide, zapprovals.approvers as approvers ',
+      table: 'zapprovals_details',
+      joins: ['LEFT JOIN zapprovals ON (zapprovals_details.title_id = zapprovals.id)'],
+      where: { 'zapprovals_details.token': token },
+    })
+    if (!results.length) {
+      return res.json(Util.jsonError('Data not found!'))
+    }
+    var result = results[0]
+    if (result.approvers_status == 3 || result.approvers_status == 4) {
+      return res.json(Util.jsonError('You have submited.'))
+    }
+    post = {
+      status: status,
+      comments: comments,
+      updated_at: Util.now(),
+    }
+    let update = await connection.update({ table: 'zapprovals_details', data: post, where: { id: result.detaild_id } })
+    let details = await connection.results({ table: 'zapprovals_details', where: { title_id: result.ide } })
+    approvers = result.approvers
+    knowings = result.knowings || []
+    let stats = 0
+    let status_stats = []
+    let approversSigned = []
+    //{"stats":"0/2","status":[{"user":"12","status":2},{"user":"35","status":2}]}
+    let last_status
+    details.map((item) => {
+      if (item.type == 1) {
+        if (item.status == 4 || item.status == 3) {
+          stats++
+          approversSigned.push(item.user_id + '')
+        }
+        status_stats.push({
+          user: item.user_id,
+          status: item.status,
+        })
+        last_status = item.status
+      }
+    })
+    post.approved_stats = JSON.stringify({
+      stats: stats + '/' + approvers.length,
+      status: status_stats,
+    })
+    if (stats == approvers.length) {
+      post.status = last_status
+    } else {
+      post.status = 5
+    }
+    if (status == 4) {
+      post.status = 4
+    }
+    await connection.update({ table: 'zapprovals', data: post, where: { id: result.ide } })
+    //send activity
+    await connection.insert({
+      table: 'zactivity',
+      data: {
+        company_id: result.company_id,
+        created_at: Util.now(),
+        created_by: result.user_id,
+        updated_by: result.user_id,
+        user_id: result.user_id,
+        table: MYMODEL.table,
+        id_data: result.ide,
+        status: status,
+        status_label: MYMODEL.widgets.status.fields[status],
+        title: MYMODEL.widgets.status.fields[status],
+        description: comments,
+        data: JSON.stringify(post),
+      },
+    })
+    //send notification
+    if (status == 3 || status == 4) {
+      let message = `Document ${result.title} has ${MYMODEL.widgets.status[status]};`
+      approvers.forEach(function (item) {
+        io.to(users[item].token).emit('message', message)
+      })
+      if (status == 3) {
+        // if type is serial is step by step
+        //send notification and generate email
+        //approversSigned
+        if (result.typee == 2) {
+          //get approvers has already sign
+          approversSigned.push(result.user_id)
+          var newApprovers = approvers.filter((item) => {
+            return !approversSigned.includes(item)
+          })
+          var item = newApprovers.length ? newApprovers[0] : ''
+          if (item) {
+            post = {
+              title_id: result.ide,
+              user_id: employee_user[item].user_id,
+              status: 7,
+              type: 1,
+              comments: comments,
+              token: Util.uuid(),
+              company_id: result.company_id,
+              created_at: Util.now(),
+              updated_at: Util.now(),
+              created_by: employee_user[item].user_id,
+              updated_by: employee_user[item].user_id,
+            }
+            await connection.insert({
+              table: 'zapprovals_details',
+              data: post,
+            })
+            let link = CONFIG.app.url + '/za/' + post.token
+            let email = users[item].username
+            post.subject = `Need Approve ${result.title}`
+            post.buttonTitle = `Approve Now`
+            post.title = `NEED APPROVE DOCUMENT`
+            post.link = link
+            post.url = CONFIG.app.url
+            post.description = `Hai ${users[item].fullname} <br>
+                We have some document for you.<br>
+                Please click the link above to view the document.`
+            post.note = `If you click the link, it's will be automatically acknowledged`
+            Mail.gmail(req, res, post, email)
+            //send to whatsapp
+            let sectionsAprrovers = approvers.reduce((temp, item, index) => {
+              return [
+                ...temp,
+                {
+                  title: users[item].fullname + ' ' + users[item].position,
+                  description: '@' + users[item].fullname + ' ' + users[item].position,
+                  rowId: 'roe' + index,
+                },
+              ]
+            }, [])
+            let sectionsKnowings = knowings.reduce((temp, item, index) => {
+              return [
+                ...temp,
+                {
+                  title: users[item].fullname + ' ' + users[item].position,
+                  description: '@' + users[item].fullname + ' ' + users[item].position,
+                  rowId: 'roe' + index,
+                },
+              ]
+            }, [])
+            let sections = []
+            sections.push({ title: 'Approvers', rows: sectionsAprrovers })
+            if (sectionsKnowings) {
+              sections.push({ title: 'Knowings', rows: sectionsKnowings })
+            }
+            //send notification
+            await connection.insert({
+              table: 'znotification',
+              data: {
+                company_id: result.company_id,
+                created_at: Util.now(),
+                created_by: employee_user[result.user_id].user_id,
+                updated_by: employee_user[result.user_id].user_id,
+                user_id: item,
+                table: MYMODEL.table,
+                id_data: data.id,
+                status: 1,
+                link: '/za/' + post.token,
+                status_label: 'Unread',
+                title: `Need Approve`,
+                description: data.title,
+                token: post.token,
+              },
+            })
+            //send todolist
+            await connection.insert({
+              table: 'ztodolist',
+              data: {
+                company_id: result.company_id,
+                created_at: Util.now(),
+                created_by: employee_user[result.user_id].user_id,
+                updated_by: employee_user[result.user_id].user_id,
+                user_id: item,
+                table: MYMODEL.table,
+                id_data: result.ide,
+                status: 1,
+                link: '/za/' + post.token,
+                status_label: 'Unread',
+                title: `Need Approve`,
+                description: result.title,
+                users: JSON.stringify(approvers),
+              },
+            })
+            //send toastr using socket.io
+            io.to(users[item].token).emit('message', 'Need Approve for document : ' + result.title)
+          }
+        }
+      }
+    }
+  } catch (err) {
+    debug(req, res, err)
+    json = Util.flashError(err.toString())
+  }
+  res.json(json)
+})
+router.get('/zdownload/zgenerator/:table', async (req, res) => {
+  var table = req.params.table
+  var path = `${dirRoot}/public/uploads/zgenerator/${table}.json`
+  res.download(path, function (err) {
+    if (err) {
+      //console.log(err);
+    }
+  })
+})
+router.post('/zlock-unlock/:table', async (req, res) => {
+  let json = Util.jsonSuccess('Success')
+  let table = req.params.table
+  let cacheRoles = myCache.get('ROLES')
+  let roleId = res.locals.roleId
+  let myrole = cacheRoles[roleId]
+  let tableRole = myrole.params[table] || []
+  let hasAccess = tableRole.includes('lock') ? true : false
+  if (hasAccess) {
+    let type = req.body.type
+    let datas = req.body.datas || []
+    if (datas.length > 0) {
+      for (const data of datas) {
+        let id = data.name.replace('ck[', '').replace(']', '')
+        await connection.update({
+          table: table,
+          data: {
+            lock: type,
+          },
+          where: {
+            id: id,
+          },
+        })
+      }
+    } else {
+      json = Util.flashError('No Data')
+    }
+  } else {
+    json = Util.flashError('No Access')
+  }
+  res.json(json)
+})
+router.post('/zdeleted-selected/:table', async (req, res) => {
+  let json = Util.jsonSuccess('Success')
+  let table = req.params.table
+  let cacheRoles = myCache.get('ROLES')
+  let roleId = res.locals.roleId
+  let myrole = cacheRoles[roleId]
+  let tableRole = myrole.params[table] || []
+  let hasAccess = tableRole.includes('lock') ? true : false
+  if (hasAccess) {
+    let type = req.body.type
+    let datas = req.body.datas || []
+    if (datas.length > 0) {
+      for (const data of datas) {
+        let id = data.name.replace('ck[', '').replace(']', '')
+        try {
+          await connection.delete({
+            table: table,
+            where: {
+              id: id,
+            },
+          })
+        } catch (e) {
+          io.emit('error', e + '')
+        }
+      }
+    } else {
+      json = Util.flashError('No Data')
+    }
+  } else {
+    json = Util.flashError('No Access')
+  }
+  res.json(json)
+})
+router.post('/zapproval-update/:table', async (req, res) => {
+  let json = Util.jsonSuccess('Success')
+  let table = req.params.table
+  let value = req.body.value
+  let text = req.body.text
+  let datas = req.body.datas || []
+  let roles = myCache.get('ROLES')[res.locals.roleId] || {}
+  let myaccess = roles.approvals[table]
+  let hasAccess = myaccess.hasOwnProperty(value) ? true : false
+  let canUpdate = true
+  let dataStatus = []
+  if (text == '') {
+    res.json(Util.flashError('please type a message'))
+    return false
+  }
+  if (hasAccess) {
+    if (datas.length > 0) {
+      for (const data of datas) {
+        let id = data.name.replace('ck[', '').replace(']', '')
+        let result = await connection.result({
+          select: 'id,approval_status,approval_history',
+          table: table,
+          where: {
+            id: id,
+          },
+        })
+        let approval_status = result.approval_status || null
+        let approval_history = result.approval_history || []
+        if (approval_status == null) {
+          canUpdate = true
+        } else if (approval_status == 22) {
+          canUpdate = true
+        } else {
+          if (+value > +approval_status) {
+            canUpdate = true
+          } else {
+            canUpdate = false
+          }
+        }
+        if (canUpdate) {
+          approval_history.push({
+            status: value,
+            user_id: res.locals.userId,
+            created_at: Util.now(),
+            text: text,
+          })
+          let mydata = {
+            approval_status: value,
+            approval_history: Util.array_to_jsonb(approval_history),
+          }
+          if (+value > 1 && +value < 22) {
+            mydata.lock = 1
+          }
+          if (+value === 22) {
+            mydata.lock = 0
+          }
+          await connection.update({
+            table: table,
+            where: {
+              id: id,
+            },
+            data: mydata,
+          })
+        } else {
+          dataStatus.push(`${id} -> Status has been delivered`)
+        }
+      }
+    } else {
+      json = Util.flashError('No Data')
+    }
+  } else {
+    json = Util.flashError('No Access')
+  }
+  json.dataStatus = dataStatus
+  res.json(json)
+})
+router.get('/addlock-fields', async (req, res) => {
+  let tables = await connection.query(connection.showTables)
+  for (const table of tables) {
+    let tablename = table.tablename
+    let sql = `ALTER TABLE ${tablename}  ADD COLUMN "lock" smallint DEFAULT 0 `
+    try {
+      await connection.query(sql)
+    } catch (e) {
+      console.log(e)
+    }
+  }
+  res.send(tables)
+})
+router.get('/addlock-models', async (req, res) => {
+  let text = ''
+  let results = await connection.results({
+    table: 'zfields',
+  })
+  for (const result of results) {
+    let labels = result.labels
+    let arr = Object.keys(labels)
+    if (!Util.in_array('lock', arr)) {
+      text += result.id + ' tidak ada'
+      labels.lock = 'Lock/Unlock'
+      try {
+        await connection.update({
+          table: 'zfields',
+          data: {
+            labels: JSON.stringify(labels),
+          },
+          where: {
+            id: result.id,
+          },
+        })
+      } catch (err) {
+        console.log(err)
+      }
+    }
+  }
+  res.send(text)
+})
+router.get('/addapprovals-data', async (req, res) => {
+  let tables = await connection.query(connection.showTables)
+  for (const table of tables) {
+    let tablename = table.tablename
+    let sql = `ALTER TABLE ${tablename}  ADD COLUMN "approval_status" smallint DEFAULT NULL`
+    let sql2 = `ALTER TABLE ${tablename}  ADD COLUMN "approval_history" jsonb[] DEFAULT NULL `
+    try {
+      await connection.query(sql)
+    } catch (e) {
+      console.log(e)
+    }
+    try {
+      await connection.query(sql2)
+    } catch (e) {
+      console.log(e)
+    }
+  }
+  res.send(tables)
+})
+router.get('/addapproval-models', async (req, res) => {
+  let text = ''
+  let results = await connection.results({
+    table: 'zfields',
+  })
+  for (const result of results) {
+    let labels = result.labels
+    let arr = Object.keys(labels)
+    if (!Util.in_array('approval_status', arr)) {
+      text += result.id + ' tidak ada'
+      //approval_status_id : "Approval Status",
+      labels.approval_status = 'Approval Status'
+      labels.approval_history = 'Approval History'
+      try {
+        await connection.update({
+          table: 'zfields',
+          data: {
+            labels: JSON.stringify(labels),
+          },
+          where: {
+            id: result.id,
+          },
+        })
+      } catch (err) {
+        console.log(err)
+      }
+    }
+  }
+  res.send(text)
+})
+//post dropzone widget
+router.post('/zdropzone', async (req, res) => {
+  try {
+    let userId = res.locals.userId
+    if (userId) {
+      let dir = `${dirRoot}/public/zdropzone/${userId}`
+      if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true })
+      }
+      let filename = req.files.file.name
+      req.files.file.mv(dir + '/' + filename, function (err) {
+        if (err) {
+          return res.status(500).send(err + '')
+        }
+      })
+    }
+    res.json('ok')
+  } catch (e) {
+    console.log(e)
+    res.status(500)
+    res.send(e + '')
+  }
+})
+router.post('/zdropzone-remove', async (req, res) => {
+  try {
+    let userId = res.locals.userId
+    let cacheName = req.body.cname.replace('ZUSER___ID', userId)
+    let dir = `${dirRoot}/public/zdropzone/${userId}`
+    if (!fs.existsSync(dir)) {
+      fs.mkdirSync(dir, { recursive: true })
+    }
+    let filename = `${dirRoot}/public/zdropzone/${userId}/${req.body.file}`
+    if (Util.fileExist(filename)) {
+      await fs.unlink(filename)
+      if (myCache.has(cacheName)) {
+        arr = myCache.get(name)
+      }
+      arr = Util.arrayDelete(arr, body.file)
+      myCache.set(name, arr)
+    }
+    res.json('ok')
+  } catch (e) {
+    console.log(e)
+    res.status(500).send(e + '')
+  }
+})
+router.post('/zdropzone-attributes', async (req, res) => {
+  try {
+    let userId = res.locals.userId
+    let dir = `${dirRoot}/public/zdropzone/${userId}`
+    if (!fs.existsSync(dir)) {
+      fs.mkdirSync(dir, { recursive: true })
+    }
+    let body = req.body
+    let category = body.category
+    let name = `dropzone__${userId}__${body.table}__${body.field}__${body.type}`
+    //dropzone__${res.locals.userId}__${table}__${key}__create
+    let arr = []
+    if (category === 'add') {
+      if (myCache.has(name)) {
+        arr = myCache.get(name)
+      }
+      arr.push(body.file)
+    } else {
+      name = `dropzone__${userId}__${body.table}__${body.field}__${body.type}`
+      if (myCache.has(name)) {
+        arr = myCache.get(name)
+      }
+      arr = Util.arrayDelete(arr, body.file)
+    }
+    myCache.set(name, arr)
+    res.json('ok')
+  } catch (e) {
+    console.log(e)
+    res.status(500).send(e + '')
+  }
+})
+router.post('/zhistory-data', async (req, res) => {
+  let html = ''
+  try {
+    let id = req.body.id
+    let table = req.body.table
+    const relations = await zRoute.relations(req, res, table)
+    const MYMODELS = zRoute.MYMODELS()
+    const MYMODEL = MYMODELS[table]
+    let results = await connection.results({
+      table: 'zhistory',
+      where: {
+        module: table,
+        module_id: id,
+      },
+      order_by: ['id asc'],
+    })
+    if (results.length > 0) {
+      let users = {}
+      if (myCache.has('users')) {
+        users = myCache.get('users')
+      } else {
+        users = Util.arrayToObject(
+          await connection.results({
+            table: 'zuser',
+          }),
+          'id'
+        )
+        myCache.set('users', users)
+      }
+      html = await zRoute.history(req, res, relations, id, MYMODEL, users, results)
+    }
+    res.json(html)
+  } catch (e) {
+    console.log(e)
+    res.json(e + '')
+  }
+})
+router.get('/zdownloads-dropzone/:table/:field/:id', async (req, res) => {
+  try {
+    let table = req.params.table
+    let field = req.params.field
+    let id = req.params.id
+    const room = res.locals.token
+    let result = await connection.result({
+      table: table,
+      where: {
+        id: id,
+      },
+    })
+    let dir = `${dirRoot}/public/uploads/${table}/${field}/`
+    let arr = []
+    let files = result[field]
+    for (const file of files) {
+      if (Util.fileExist(dir + file)) {
+        let filename = file.substring(13)
+        arr.push({ path: dir + file, name: filename })
+        io.to(room).emit('info', `Zip file ${filename}`)
+      }
+    }
+    io.to(room).emit('info', `Zip file completed...`)
+    res.zip(arr, `${field}_${table}_${id}.zip`)
+  } catch (e) {
+    console.log(e)
+    res.json(e + '')
+  }
+})
+module.exports = router