diff --git a/application/config/cis.php b/application/config/cis.php index 82655f244..8d3bc347e 100644 --- a/application/config/cis.php +++ b/application/config/cis.php @@ -7,3 +7,9 @@ if (! defined('BASEPATH')) exit('No direct script access allowed'); $config['cis_menu_root_content_id'] = 11087; // send Mails for ProfilUpdate $config['cis_send_profil_update_mails'] = true; +// Vilesci CI BaseUrl +$config['cis_vilesci_base_url'] = defined('VILESCI_ROOT') ? VILESCI_ROOT : APP_ROOT; +$config['cis_vilesci_index_page'] = 'index.ci.php'; +// Cis CI BaseUrl +$config['cis_base_url'] = defined('CIS_ROOT') ? CIS_ROOT : APP_ROOT; +$config['cis_index_page'] = 'cis.php'; diff --git a/application/config/routes.php b/application/config/routes.php index 3cba72628..de8e6e098 100644 --- a/application/config/routes.php +++ b/application/config/routes.php @@ -76,34 +76,34 @@ $route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/inout/outgoing'] = 'api/ $route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/inout/gemeinsamestudien'] = 'api/frontend/v1/stv/Students/getGemeinsamestudien'; // (studiengang_kz)/prestudent[/(studiensemester_kurzbz)[/(filter)[/(otherfilter)]]] -$route['api/frontend/v1/stv/[sS]tudents/(:num)/prestudent'] = 'api/frontend/v1/stv/Students/getPrestudents/$1'; -$route['api/frontend/v1/stv/[sS]tudents/(:num)/prestudent/([WS]S[0-9]{4})'] = 'api/frontend/v1/stv/Students/getPrestudents/$1/$2'; -$route['api/frontend/v1/stv/[sS]tudents/(:num)/prestudent/([WS]S[0-9]{4})/(:any)'] = 'api/frontend/v1/stv/Students/getPrestudents/$1/$2/$3'; -$route['api/frontend/v1/stv/[sS]tudents/(:num)/prestudent/([WS]S[0-9]{4})/(:any)/(:any)'] = 'api/frontend/v1/stv/Students/getPrestudents/$1/$2/$4'; +$route['api/frontend/v1/stv/[sS]tudents/(-?[0-9]+)/prestudent'] = 'api/frontend/v1/stv/Students/getPrestudents/$1'; +$route['api/frontend/v1/stv/[sS]tudents/(-?[0-9]+)/prestudent/([WS]S[0-9]{4})'] = 'api/frontend/v1/stv/Students/getPrestudents/$1/$2'; +$route['api/frontend/v1/stv/[sS]tudents/(-?[0-9]+)/prestudent/([WS]S[0-9]{4})/(:any)'] = 'api/frontend/v1/stv/Students/getPrestudents/$1/$2/$3'; +$route['api/frontend/v1/stv/[sS]tudents/(-?[0-9]+)/prestudent/([WS]S[0-9]{4})/(:any)/(:any)'] = 'api/frontend/v1/stv/Students/getPrestudents/$1/$2/$4'; // (studiengang_kz)/(orgform)/prestudent[/(studiensemester_kurzbz)[/(filter)[/(otherfilter)]]] -$route['api/frontend/v1/stv/[sS]tudents/(:num)/([A-Z]{2,3})/prestudent'] = 'api/frontend/v1/stv/Students/getPrestudentsOrgform/$1/$2'; -$route['api/frontend/v1/stv/[sS]tudents/(:num)/([A-Z]{2,3})/prestudent/([WS]S[0-9]{4})'] = 'api/frontend/v1/stv/Students/getPrestudentsOrgform/$1/$2/$3'; -$route['api/frontend/v1/stv/[sS]tudents/(:num)/([A-Z]{2,3})/prestudent/([WS]S[0-9]{4})/(:any)'] = 'api/frontend/v1/stv/Students/getPrestudentsOrgform/$1/$2/$3/$4'; -$route['api/frontend/v1/stv/[sS]tudents/(:num)/([A-Z]{2,3})/prestudent/([WS]S[0-9]{4})/(:any)/(:any)'] = 'api/frontend/v1/stv/Students/getPrestudentsOrgform/$1/$2/$3/$5'; +$route['api/frontend/v1/stv/[sS]tudents/(-?[0-9]+)/([A-Z]{2,3})/prestudent'] = 'api/frontend/v1/stv/Students/getPrestudentsOrgform/$1/$2'; +$route['api/frontend/v1/stv/[sS]tudents/(-?[0-9]+)/([A-Z]{2,3})/prestudent/([WS]S[0-9]{4})'] = 'api/frontend/v1/stv/Students/getPrestudentsOrgform/$1/$2/$3'; +$route['api/frontend/v1/stv/[sS]tudents/(-?[0-9]+)/([A-Z]{2,3})/prestudent/([WS]S[0-9]{4})/(:any)'] = 'api/frontend/v1/stv/Students/getPrestudentsOrgform/$1/$2/$3/$4'; +$route['api/frontend/v1/stv/[sS]tudents/(-?[0-9]+)/([A-Z]{2,3})/prestudent/([WS]S[0-9]{4})/(:any)/(:any)'] = 'api/frontend/v1/stv/Students/getPrestudentsOrgform/$1/$2/$3/$5'; // (studiensemester_kurzbz)/(studiengang_kz)/(semester)/grp/(gruppe) -$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(:num)/(:num)/grp/(:any)'] = 'api/frontend/v1/stv/Students/getStudentsSpezialgruppe/$1/$2/$3/$4'; +$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(-?[0-9]+)/(:num)/grp/(:any)'] = 'api/frontend/v1/stv/Students/getStudentsSpezialgruppe/$1/$2/$3/$4'; // (studiensemester_kurzbz)/(studiengang_kz)[/(semester)[/(verband)[/(gruppe)]]] -$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(:num)'] = 'api/frontend/v1/stv/Students/getStudents/$1/$2'; -$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(:num)/(:num)'] = 'api/frontend/v1/stv/Students/getStudents/$1/$2/$3'; -$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(:num)/(:num)/(:any)'] = 'api/frontend/v1/stv/Students/getStudents/$1/$2/$3/$4'; -$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(:num)/(:num)/(:any)/(:any)'] = 'api/frontend/v1/stv/Students/getStudents/$1/$2/$3/$4/$5'; +$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(-?[0-9]+)'] = 'api/frontend/v1/stv/Students/getStudents/$1/$2'; +$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(-?[0-9]+)/(:num)'] = 'api/frontend/v1/stv/Students/getStudents/$1/$2/$3'; +$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(-?[0-9]+)/(:num)/(:any)'] = 'api/frontend/v1/stv/Students/getStudents/$1/$2/$3/$4'; +$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(-?[0-9]+)/(:num)/(:any)/(:any)'] = 'api/frontend/v1/stv/Students/getStudents/$1/$2/$3/$4/$5'; // (studiensemester_kurzbz)/(studiengang_kz)/(orgform)/(semester)/grp/(gruppe) -$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(:num)/([A-Z]{2,3})/(:num)/grp/(:any)'] = 'api/frontend/v1/stv/Students/getStudentsOrgformSpezialgruppe/$1/$2/$3/$4/$5'; +$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(-?[0-9]+)/([A-Z]{2,3})/(:num)/grp/(:any)'] = 'api/frontend/v1/stv/Students/getStudentsOrgformSpezialgruppe/$1/$2/$3/$4/$5'; // (studiensemester_kurzbz)/(studiengang_kz)/(orgform)[/(semester)[/(verband)[/(gruppe)]]] -$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(:num)/([A-Z]{2,3})'] = 'api/frontend/v1/stv/Students/getStudentsOrgform/$1/$2/$3'; -$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(:num)/([A-Z]{2,3})/(:num)'] = 'api/frontend/v1/stv/Students/getStudentsOrgform/$1/$2/$3/$4'; -$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(:num)/([A-Z]{2,3})/(:num)/(:any)'] = 'api/frontend/v1/stv/Students/getStudentsOrgform/$1/$2/$3/$4/$5'; -$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(:num)/([A-Z]{2,3})/(:num)/(:any)/(:any)'] = 'api/frontend/v1/stv/Students/getStudentsOrgform/$1/$2/$3/$4/$5/$6'; +$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(-?[0-9]+)/([A-Z]{2,3})'] = 'api/frontend/v1/stv/Students/getStudentsOrgform/$1/$2/$3'; +$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(-?[0-9]+)/([A-Z]{2,3})/(:num)'] = 'api/frontend/v1/stv/Students/getStudentsOrgform/$1/$2/$3/$4'; +$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(-?[0-9]+)/([A-Z]{2,3})/(:num)/(:any)'] = 'api/frontend/v1/stv/Students/getStudentsOrgform/$1/$2/$3/$4/$5'; +$route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/(-?[0-9]+)/([A-Z]{2,3})/(:num)/(:any)/(:any)'] = 'api/frontend/v1/stv/Students/getStudentsOrgform/$1/$2/$3/$4/$5/$6'; // // (studiensemester_kurzbz)/uid/(uid) $route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/uid/(:any)'] = 'api/frontend/v1/stv/Students/getStudent/$1/$2'; @@ -112,24 +112,30 @@ $route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/prestudent/(:num)'] = 'a // // (studiensemester_kurzbz)/person/(person_id) $route['api/frontend/v1/stv/[sS]tudents/([WS]S[0-9]{4})/person/(:num)'] = 'api/frontend/v1/stv/Students/getPerson/$1/$2'; -// load routes from extensions -$subdir = 'application/config/extensions'; -$dirlist = scandir($subdir); +// load routes from extensions, also look for environment-specific configs +$subdirs = ['application/config/extensions', 'application/config/' . ENVIRONMENT . '/extensions']; -if ($dirlist) +foreach($subdirs as $subdir) { - $files = array_diff($dirlist, array('.','..')); - - foreach ($files as &$item) + if(is_dir($subdir)) { - if (is_dir($subdir . DIRECTORY_SEPARATOR . $item)) + $dirlist = scandir($subdir); + if ($dirlist) { - $routes_file = $subdir . DIRECTORY_SEPARATOR . $item . DIRECTORY_SEPARATOR . 'routes.php'; + $files = array_diff($dirlist, array('.','..')); - if (file_exists($routes_file)) + foreach ($files as &$item) { - require($routes_file); + if (is_dir($subdir . DIRECTORY_SEPARATOR . $item)) + { + $routes_file = $subdir . DIRECTORY_SEPARATOR . $item . DIRECTORY_SEPARATOR . 'routes.php'; + + if (file_exists($routes_file)) + { + require($routes_file); + } + } } } } -} \ No newline at end of file +} diff --git a/application/config/stv.php b/application/config/stv.php index aa885c9e1..675899108 100644 --- a/application/config/stv.php +++ b/application/config/stv.php @@ -58,6 +58,10 @@ $config['tabs'] = //if true, Anrechnungen can be added and edited in tab Anrechnungen 'editableAnrechnungen' => false, ], + 'notes' => [ + //if true, the count of Messages will be shown in the header of the Tab Messages + 'showCountNotes' => true + ] ]; // List of fields to show when ZGV_DOKTOR_ANZEIGEN is defined diff --git a/application/controllers/Cis/Auth.php b/application/controllers/Cis/Auth.php index 59dab1568..67267ebf6 100644 --- a/application/controllers/Cis/Auth.php +++ b/application/controllers/Cis/Auth.php @@ -72,6 +72,7 @@ class Auth extends FHC_Controller { $this->load->library('AuthLib'); $this->authlib->logout(); - redirect('/Cis/Auth/login', 'refresh'); + setcookie('fhclogout', 'fhclogout', 0, '/'); + redirect(base_url('/cis/private/logout.php'), 'refresh'); } } diff --git a/application/controllers/Cis/ProfilUpdate.php b/application/controllers/Cis/ProfilUpdate.php index c47b7540b..74641d748 100644 --- a/application/controllers/Cis/ProfilUpdate.php +++ b/application/controllers/Cis/ProfilUpdate.php @@ -9,54 +9,21 @@ if (!defined('BASEPATH')) class ProfilUpdate extends Auth_Controller { - public static $STATUS_PENDING = NULL; - public static $STATUS_ACCEPTED = NULL; - public static $STATUS_REJECTED = NULL; - - public static $TOPICS = []; - - public function __construct() { parent::__construct([ 'index' => ['student/stammdaten:r', 'mitarbeiter/stammdaten:r'], - 'id' => ['student/stammdaten:r', 'mitarbeiter/stammdaten:r'], - 'getProfilUpdateWithPermission' => ['student/stammdaten:r', 'mitarbeiter/stammdaten:r'], - 'acceptProfilRequest' => ['student/stammdaten:rw', 'mitarbeiter/stammdaten:rw'], - 'denyProfilRequest' => ['student/stammdaten:rw', 'mitarbeiter/stammdaten:rw'], 'show' => ['basis/cis:r'], - - 'insertProfilRequest' => ['basis/cis:rw'], - 'updateProfilRequest' => ['basis/cis:rw'], - 'deleteProfilRequest' => ['basis/cis:rw'], - 'selectProfilRequest' => ['basis/cis:r'], - 'insertFile' => ['basis/cis:rw'], - 'getProfilRequestFiles' => ['basis/cis:r'], - 'getStatus' => ['basis/cis:r'], - 'getTopic' => ['basis/cis:r'], + 'id' => ['student/stammdaten:r', 'mitarbeiter/stammdaten:r'] ]); - $this->load->config('cis'); - $this->load->model('person/Profil_update_model', 'ProfilUpdateModel'); - $this->load->model('person/Kontakt_model', 'KontaktModel'); - $this->load->model('person/Adresse_model', 'AdresseModel'); - $this->load->model('person/Adressentyp_model', 'AdressenTypModel'); - $this->load->model('person/Person_model', 'PersonModel'); $this->load->model('ressource/mitarbeiter_model', 'MitarbeiterModel'); $this->load->model('crm/Student_model', 'StudentModel'); - $this->load->model('person/Benutzer_model', 'BenutzerModel'); - $this->load->model('system/Sprache_model', 'SpracheModel'); - $this->load->model('person/Profil_update_status_model', 'ProfilUpdateStatusModel'); - $this->load->model('person/Profil_update_topic_model', 'ProfilUpdateTopicModel'); // Load language phrases $this->loadPhrases( array( - 'ui', - 'global', - 'person', - 'profil', 'profilUpdate' ) ); @@ -64,32 +31,10 @@ class ProfilUpdate extends Auth_Controller $this->load->library('DmsLib'); $this->load->library('PermissionLib'); - //? put the uid and pid inside the controller for reusability $this->uid = getAuthUID(); $this->pid = getAuthPersonID(); - - // setup the ProfilUpdate states - $this->ProfilUpdateStatusModel->addSelect(['status_kurzbz']); - $status_kurzbz = $this->ProfilUpdateStatusModel->load(); - if (hasData($status_kurzbz)) { - list($status_pending, $status_accepted, $status_rejected) = getData($status_kurzbz); - - self::$STATUS_PENDING = $status_pending->status_kurzbz; - self::$STATUS_ACCEPTED = $status_accepted->status_kurzbz; - self::$STATUS_REJECTED = $status_rejected->status_kurzbz; - } - // setup the ProfilUpdate topics - $this->ProfilUpdateTopicModel->addSelect(['topic_kurzbz']); - $topic_kurzbz = $this->ProfilUpdateTopicModel->load(); - - if (hasData($topic_kurzbz)) { - foreach (getData($topic_kurzbz) as $topic) { - self::$TOPICS[$topic->topic_kurzbz] = $topic->topic_kurzbz; - } - } } - public function index() { $this->load->view('Cis/ProfilUpdate'); @@ -100,129 +45,14 @@ class ProfilUpdate extends Auth_Controller $this->load->view('Cis/ProfilUpdate', ['profil_update_id' => $profil_update_id]); } - public function getStatus() - { - echo json_encode([self::$STATUS_PENDING => self::$STATUS_PENDING, self::$STATUS_ACCEPTED => self::$STATUS_ACCEPTED, self::$STATUS_REJECTED => self::$STATUS_REJECTED]); - } - - public function getTopic() - { - echo json_encode(self::$TOPICS); - } - - private function sendEmail_onProfilUpdate_response($uid, $topic, $status) - { - if($this->config->item('cis_send_profil_update_mails') === false) - { - return; - } - - $this->load->helper('hlp_sancho_helper'); - $email = $uid . "@" . DOMAIN; - - - function languageQuery($language) - { - return "select index from public.tbl_sprache where sprache = '" + $language + "'"; - } - $this->ProfilUpdateStatusModel->addSelect(["bezeichnung_mehrsprachig[(" . languageQuery('German') . ")] as status_de", "bezeichnung_mehrsprachig[(" . languageQuery('English') . ")] as status_en"]); - $status_translation = $this->ProfilUpdateStatusModel->loadWhere(["status_kurzbz" => $status]); - if (isError($status_translation)) { - show_error($this->p->t('profilUpdate', 'ProfilUpdateStatusTranslationError')); - } - $status_translation = hasData($status_translation) ? getData($status_translation)[0] : null; - if (isset($status_translation)) { - $mail_res = sendSanchoMail("profil_update_response", ['topic' => $topic, 'status_de' => $status_translation->status_de, 'status_en' => $status_translation->status_en, 'href' => APP_ROOT . 'Cis/Profil'], $email, ("Profil Änderung " . $this->p->t('profilUpdate', 'pending'))); - if (!$mail_res) { - show_error($this->p->t('profilUpdate', 'profilUpdate_email_error')); - } - } - - } - - - private function sendEmail_onProfilUpdate_insertion($uid, $profil_update_id, $topic) - { - if($this->config->item('cis_send_profil_update_mails') === false) - { - return; - } - - $this->load->helper('hlp_sancho_helper'); - $emails = []; - - $isMitarbeiter_res = $this->MitarbeiterModel->isMitarbeiter($uid); - if (isError($isMitarbeiter_res)) { - show_error($this->p->t('profilUpdate', 'profilUpdate_mitarbeiterCheck_error')); - } - $isMitarbeiter_res = getData($isMitarbeiter_res); - - //! if the $uid is a mitarbeiter and student, only the hr is notified by email - if ($isMitarbeiter_res) { - //? user is not a student therefore he is a mitarbeiter, send email to Personalverwaltung - //? use constant variable MAIL_GST to mail to the personalverwaltung - $this->MitarbeiterModel->addSelect([TRUE]); - $this->MitarbeiterModel->addJoin("public.tbl_benutzer", "public.tbl_benutzer.uid = public.tbl_mitarbeiter.mitarbeiter_uid"); - //? check if the the userID is a mitarbeiter and if the benutzer is active - $res = $this->MitarbeiterModel->loadWhere(["public.tbl_mitarbeiter.mitarbeiter_uid" => $uid, "public.tbl_benutzer.aktiv" => TRUE]); - if (isError($res)) { - show_error("was not able to query the mitarbeiter and benutzer by the uid: " . $uid); - } - if (hasData($res)) { - array_push($emails, MAIL_GST); - } else { - show_error($this->p->t('profilUpdate', 'profilUpdate_mitarbeiterCheck_error')); - } - } else { - //? if it is not a mitarbeiter, check whether it is a student and send email to studiengang - $isStudent_res = $this->StudentModel->isStudent($uid); - if (isError($isStudent_res)) { - show_error($this->p->t('profilUpdate', 'profilUpdate_studentCheck_error')); - } - $isStudent_res = getData($isStudent_res); - if ($isStudent_res) { - //? Send email to the Studiengangsassistentinnen - $this->StudentModel->addSelect(["public.tbl_studiengang.email"]); - $this->StudentModel->addJoin("public.tbl_benutzer", "public.tbl_benutzer.uid = public.tbl_student.student_uid"); - $this->StudentModel->addJoin("public.tbl_prestudent", "public.tbl_benutzer.person_id = public.tbl_prestudent.person_id"); - $this->StudentModel->addJoin("public.tbl_prestudentstatus", "public.tbl_prestudentstatus.prestudent_id = public.tbl_prestudent.prestudent_id"); - $this->StudentModel->addJoin("public.tbl_studiengang", "public.tbl_studiengang.studiengang_kz = public.tbl_prestudent.studiengang_kz"); - //* check if the benutzer itself is active - //* check if the student status is Student or Diplomand (active students) - $this->StudentModel->db->where_in("public.tbl_prestudentstatus.status_kurzbz", ['Student', 'Diplomand']); - $res = $this->StudentModel->loadWhere(["public.tbl_benutzer.aktiv" => TRUE, "public.tbl_student.student_uid" => $uid]); - if (isError($res)) { - show_error(getData($res)); - } else { - $res = hasData($res) ? getData($res) : []; - foreach ($res as $emailObj) { - array_push($emails, $emailObj->email); - } - } - } - } - $mail_res = []; - //? sending email - foreach ($emails as $email) { - array_push($mail_res, sendSanchoMail("profil_update", ['uid' => $uid, 'topic' => $topic, 'href' => APP_ROOT . 'Cis/ProfilUpdate/id/' . $profil_update_id], $email, ("Profil Änderung von " . $uid))); - } - foreach ($mail_res as $m_res) { - if (!$m_res) { - show_error($this->p->t('profilUpdate', 'profilUpdate_email_error')); - } - } - - } - - public function show($dms_id) { - $profil_update = $this->ProfilUpdateModel->loadWhere(['attachment_id' => $dms_id]); $profil_update = hasData($profil_update) ? getData($profil_update)[0] : null; //? checks if an profil update exists with the dms_id requested from the user - if ($profil_update) { + if ($profil_update) + { $is_mitarbeiter_profil_update = getData($this->MitarbeiterModel->isMitarbeiter($profil_update->uid)); $is_student_profil_update = getData($this->StudentModel->isStudent($profil_update->uid)); @@ -230,7 +60,8 @@ class ProfilUpdate extends Auth_Controller $this->permissionlib->isBerechtigt('student/stammdaten:r') && $is_student_profil_update || $this->permissionlib->isBerechtigt('mitarbeiter/stammdaten:r') && $is_mitarbeiter_profil_update || $this->uid == $profil_update->uid - ) { + ) + { // Get file to be downloaded from DMS $newFilename = $this->uid . "/document_" . $dms_id; $download = $this->dmslib->download($dms_id); @@ -239,576 +70,17 @@ class ProfilUpdate extends Auth_Controller // Download file $this->outputFile(getData($download)); - - - } else { + } + else + { show_error($this->p->t('profilUpdate', 'profilUpdate_permission_error')); return; } - - } else { + } + else + { show_error($this->p->t('profilUpdate', 'profilUpdate_dms_error')); return; } - } - - - public function insertFile($replace) - { - $replace = json_decode($replace); - - if (!count($_FILES)) { - echo json_encode([]); - return; - } - - //? if replace is set it contains the profil_update_id in which the attachment_id has to be replaced - if (isset($replace)) { - $this->ProfilUpdateModel->addSelect(["attachment_id"]); - $profilUpdate = $this->ProfilUpdateModel->load([$replace]); - if (isError($profilUpdate)) { - return json_encode(error($this->p->t('profilUpdate', 'profilUpdate_loading_error'))); - } - //? get the attachmentID - $dms_id = hasData($profilUpdate) ? getData($profilUpdate)[0]->attachment_id : null; - - //? delete old dms_file of Profil Update - $this->deleteOldVersionFile($dms_id); - } - - - $files = $_FILES['files']; - $file_count = count($files['name']); - - $res = []; - - for ($i = 0; $i < $file_count; $i++) { - $_FILES['files']['name'] = $files['name'][$i]; - $_FILES['files']['type'] = $files['type'][$i]; - $_FILES['files']['tmp_name'] = $files['tmp_name'][$i]; - $_FILES['files']['error'] = $files['error'][$i]; - $_FILES['files']['size'] = $files['size'][$i]; - - $dms = [ - "kategorie_kurzbz" => "profil_aenderung", - "version" => 0, - "name" => $_FILES['files']['name'], - "mimetype" => $_FILES['files']['type'], - "beschreibung" => $this->uid . " Profil Änderung", - "insertvon" => $this->uid, - "insertamum" => "NOW()", - ]; - - $tmp_res = $this->dmslib->upload($dms, 'files', array("jpg", "png", "pdf")); - - $tmp_res = hasData($tmp_res) ? getData($tmp_res) : null; - array_push($res, $tmp_res); - } - - echo json_encode($res); - } - - - public function selectProfilRequest() - { - $_GET = json_decode($this->input->raw_input_stream, true); - $uid = $this->input->get('uid'); - $id = $this->input->get('id'); - $whereClause = ['uid' => $this->uid]; - - if (isset($uid)) - $whereClause['uid'] = $uid; - if (isset($id)) - $whereClause['id'] = $id; - - $res = $this->ProfilUpdateModel->getProfilUpdatesWhere($whereClause); - $res = hasData($res) ? getData($res) : null; - echo json_encode($res); - - } - - - public function getProfilRequestFiles() - { - $id = json_decode($this->input->raw_input_stream); - - $this->ProfilUpdateModel->addSelect(["attachment_id"]); - $attachmentID = $this->ProfilUpdateModel->load([$id]); - if (isError($attachmentID)) { - return json_encode(error($this->p->t('profilUpdate', 'profilUpdate_loading_error'))); - } - //? get the attachmentID - $dms_id = hasData($attachmentID) ? getData($attachmentID)[0]->attachment_id : null; - - //? get the name to the file - $this->DmsVersionModel->addSelect(["name", "dms_id"]); - $attachment = $this->DmsVersionModel->load([$dms_id, 0]); - if (isError($attachment)) { - return json_encode(error($this->p->t('profilUpdate', 'profilUpdate_dmsVersion_error'))); - } - $attachment = hasData($attachment) ? getData($attachment) : null; - //? returns {name:..., dms_id:...} - echo json_encode($attachment); - } - - public function insertProfilRequest() - { - - $json = json_decode($this->input->raw_input_stream); - - $payload = $json->payload; - $identifier = property_exists($json->payload, "kontakt_id") ? "kontakt_id" : (property_exists($json->payload, "adresse_id") ? "adresse_id" : null); - - $data = ["topic" => $json->topic, "uid" => $this->uid, "requested_change" => json_encode($payload), "insertamum" => "NOW()", "insertvon" => $this->uid, "status" => self::$STATUS_PENDING ?: 'Pending']; - - //? insert fileID in the dataset if sent with post request - if (isset($json->fileID)) { - $data['attachment_id'] = $json->fileID; - - } - - //? loops over all updateRequests from a user to validate if the new request is valid - $res = $this->ProfilUpdateModel->getProfilUpdatesWhere(["uid" => $this->uid]); - if (isError($res)) { - show_error($this->p->t('profilUpdate', 'profilUpdate_loading_error')); - } - $res = hasData($res) ? getData($res) : null; - - //? the user cannot delete a zustelladresse/kontakt - if (isset($payload->delete) && $payload->{$identifier == "kontakt_id" ? "zustellung" : "zustelladresse"}) { - echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_deleteZustellung_error'))); - return; - } - - //? if the user tries to delete a adresse, checks whether the adresse is a heimatadresse, if so an error is raised - if (isset($payload->delete) && $identifier == "adresse_id") { - $adr = $this->AdresseModel->load($payload->$identifier); - $adr = getData($adr)[0]; - if ($adr->heimatadresse) { - echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_deleteZustellung_error'))); - return; - } - } - - if ($res) { - $pending_changes = array_filter($res, function ($element) { - return $element->status == (self::$STATUS_PENDING ?: "Pending"); - }); - - foreach ($pending_changes as $update_request) { - $existing_change = $update_request->requested_change; - - //? the user can add as many new kontakte/adressen as he likes - if (!isset($payload->add) && property_exists($existing_change, $identifier) && property_exists($payload, $identifier) && $existing_change->$identifier == $payload->$identifier) { - //? the kontakt_id / adresse_id of a change has to be unique - echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_changeTwice_error'))); - return; - } - - //? if it is not updating any kontakt/adresse, the topic has to be unique - elseif (!$identifier && $update_request->topic == $json->topic) { - echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_changeTopicTwice_error', ['0' => $update_request->topic]))); - return; - } - } - } - - $insertID = $this->ProfilUpdateModel->insert($data); - - if (isError($insertID)) { - show_error(getData($insertID)); - } else { - $insertID = hasData($insertID) ? getData($insertID) : null; - - //? sends emails to the correspondents of the $uid - $this->sendEmail_onProfilUpdate_insertion($this->uid, $insertID, $json->topic); - echo json_encode(success($insertID)); - } - } - - public function updateProfilRequest() - { - $json = json_decode($this->input->raw_input_stream); - - $updateData = ["requested_change" => json_encode($json->payload), "updateamum" => "NOW()", "updatevon" => $this->uid]; - if (isset($json->fileID)) { - $updateData['attachment_id'] = json_decode($json->fileID); - } - $updateID = $this->ProfilUpdateModel->update([$json->ID], $updateData); - //? insert fileID in the dataset if sent with post request - - if (isError($updateID)) { - //catch error - } else { - $updateID = hasData($updateID) ? getData($updateID)[0] : null; - //TODO: should an email be sent to the responsable people when the user changes his profil update - echo json_encode(success($updateID)); - } - } - - public function deleteProfilRequest() - { - - $json = json_decode($this->input->raw_input_stream); - $delete_res = $this->ProfilUpdateModel->delete([$json]); - echo json_encode($delete_res); - } - - - public function getProfilUpdateWithPermission($status = null) - { - // early return if no status has been passed as argument - if (!isset($status)) { - echo json_encode($this->ProfilUpdateModel->getProfilUpdateWithPermission()); - return; - } - - // get the sprache of the user - $sprachenIndex = $this->SpracheModel->loadWhere(["sprache" => getUserLanguage()]); - $sprachenIndex = hasData($sprachenIndex) ? getData($sprachenIndex)[0]->index : null; - - if (isset($sprachenIndex) && isset($status)) { - // get the corresponding status kurz_bz primary key out of the translation - $status = $this->ProfilUpdateStatusModel->execReadOnlyQuery("select * from public.tbl_profil_update_status where ? = ANY(bezeichnung_mehrsprachig)", [$status]); - $status = hasData($status) ? getData($status)[0]->status_kurzbz : null; - $res = $this->ProfilUpdateModel->getProfilUpdateWithPermission(isset($status) ? ['status' => $status] : null); - - echo json_encode($res); - } - } - - - - private function getOE_from_student($student_uid) - { - - //? returns the oe_einheit eines Studenten - $query = "SELECT public.tbl_studiengang.oe_kurzbz - FROM public.tbl_student - JOIN public.tbl_studiengang ON tbl_student.studiengang_kz = public.tbl_studiengang.studiengang_kz - WHERE public.tbl_student.student_uid = ?;"; - - $res = $this->StudentModel->execReadOnlyQuery($query, [$student_uid]); - if (!isSuccess($res)) { - show_error($this->p->t('profilUpdate', 'profilUpdate_loadingOE_error')); - } - $res = hasData($res) ? getData($res) : []; - $res = array_map( - function ($item) { - return $item->oe_kurzbz; - }, - $res - ); - return $res; - } - - - public function acceptProfilRequest() - { - $_POST = json_decode($this->input->raw_input_stream, true); - $id = $this->input->post('profil_update_id', true); - $uid = $this->input->post('uid', true); - - //? fetching person_id using UID - $personID = $this->PersonModel->getByUid($uid); - $personID = hasData($personID) ? getData($personID)[0]->person_id : null; - $status_message = $this->input->post('status_message', true); - $topic = $this->input->post('topic', true); - - //! somehow the xss check converted boolean false to empty string - $requested_change = $this->input->post('requested_change'); - - //! check for required information - if (!isset($id) || !isset($uid) || !isset($personID) || !isset($requested_change) || !isset($topic)) { - return json_encode(error($this->p->t('profilUpdate', 'profilUpdate_requiredInformation_error'))); - } - - $is_mitarbeiter_profil_update = getData($this->MitarbeiterModel->isMitarbeiter($uid)); - $is_student_profil_update = getData($this->StudentModel->isStudent($uid)); - - - //? check if the permissions are set correctly - if ( - $this->permissionlib->isBerechtigt('student/stammdaten', "suid", $this->getOE_from_student($uid)) && $is_student_profil_update || - $this->permissionlib->isBerechtigt('mitarbeiter/stammdaten', "suid") && $is_mitarbeiter_profil_update - ) { - - if (is_array($requested_change) && array_key_exists("adresse_id", $requested_change)) { - $insertID = $this->handleAdresse($requested_change, $personID); - $insertID = hasData($insertID) ? getData($insertID) : null; - if (isset($insertID)) { - $requested_change['adresse_id'] = $insertID; - $update_res = $this->updateRequestedChange($id, $requested_change); - if (isError($update_res)) { - echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_address_error', [$insertID]))); - return; - } - } - - } else if (is_array($requested_change) && array_key_exists("kontakt_id", $requested_change)) { - $insertID = $this->handleKontakt($requested_change, $personID); - $insertID = hasData($insertID) ? getData($insertID) : null; - if (isset($insertID)) { - $requested_change['kontakt_id'] = $insertID; - $update_res = $this->updateRequestedChange($id, $requested_change); - if (isError($update_res)) { - echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_kontakt_error', [$insertID]))); - return; - } - } - - - } else { - switch ($topic) { - // mapping phrasen to database columns to make the update with the correct column names - case self::$TOPICS['Titel']: - $topic = "titelpre"; - break; - case self::$TOPICS['Postnomen']: - $topic = "titelpost"; - break; - case self::$TOPICS['Vorname']: - $topic = "vorname"; - break; - case self::$TOPICS['Nachname']: - $topic = "nachname"; - break; - default: - show_error($this->p->t('profilUpdate', 'profilUpdate_topic_error', [$topic])); - return; - } - - $result = $this->PersonModel->update($personID, [$topic => $requested_change["value"]]); - if (isError($result)) { - echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_insert_error'))); - return; - } - } - $this->sendEmail_onProfilUpdate_response($uid, $topic, self::$STATUS_ACCEPTED); - - echo json_encode($this->setStatusOnUpdateRequest($id, self::$STATUS_ACCEPTED, $status_message, $requested_change)); - } else { - show_error($this->p->t('profilUpdate', 'profilUpdate_permission_error')); - } - - - } - - public function denyProfilRequest() - { - - $_POST = json_decode($this->input->raw_input_stream, true); - $id = $this->input->post('profil_update_id', true); - $uid = $this->input->post('uid', true); - $topic = $this->input->post('topic', true); - $status_message = $this->input->post('status_message', true); - - $is_mitarbeiter_profil_update = getData($this->MitarbeiterModel->isMitarbeiter($uid)); - $is_student_profil_update = getData($this->StudentModel->isStudent($uid)); - - - if ( - $this->permissionlib->isBerechtigt('student/stammdaten', "suid", $this->getOE_from_student($uid)) && $is_student_profil_update || - $this->permissionlib->isBerechtigt('mitarbeiter/stammdaten', "suid") && $is_mitarbeiter_profil_update - ) { - $this->sendEmail_onProfilUpdate_response($uid, $topic, self::$STATUS_REJECTED); - echo json_encode($this->setStatusOnUpdateRequest($id, self::$STATUS_REJECTED, $status_message)); - } else { - show_error($this->p->t('profilUpdate', 'profilUpdate_permission_error')); - } - - - } - - private function updateRequestedChange($id, $requested_change) - { - return $this->ProfilUpdateModel->update([$id], ['requested_change' => json_encode($requested_change)]); - } - - private function setStatusOnUpdateRequest($id, $status, $status_message) - { - return $this->ProfilUpdateModel->update([$id], ["status" => $status, "status_timestamp" => "NOW()", "status_message" => $status_message]); - } - - private function deleteOldVersionFile($dms_id) - { - if (!isset($dms_id)) { - return; - } - - //? collect all the results of the deleted versions in an array - $res = array(); - - //? delete all the different versions of the dms_file - $dmsVersions = $this->DmsVersionModel->loadWhere(["dms_id" => $dms_id]); - $dmsVersions = hasData($dmsVersions) ? getData($dmsVersions) : null; - if (isset($dmsVersions)) { - $zwischen_res = array_map(function ($item) { - return $item->version; - }, $dmsVersions); - foreach ($zwischen_res as $version) { - array_push($res, $this->DmsVersionModel->delete([$dms_id, $version])); - } - } else { - echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_dmsVersion_error'))); - } - - //? returns a result for each deleted dms_file - return $res; - } - - - private function handleKontakt($requested_change, $personID) - { - $kontakt_id = $requested_change["kontakt_id"]; - //? removes the kontakt_id because we don't want to update the kontakt_id in the database - unset($requested_change["kontakt_id"]); - - - //! ADD - if (array_key_exists('add', $requested_change) && $requested_change['add']) { - //? removes add flag - unset($requested_change['add']); - $requested_change['person_id'] = $personID; - $requested_change['insertamum'] = "NOW()"; - $requested_change['insertvon'] = getAuthUID(); - $insertID = $this->KontaktModel->insert($requested_change); - $insert_kontakt_id = $insertID; - if (isError($insert_kontakt_id)) { - show_error($this->p->t('profilUpdate', 'profilUpdate_insertKontakt_error')); - } - $insert_kontakt_id = hasData($insert_kontakt_id) ? getData($insert_kontakt_id) : null; - if ($insert_kontakt_id) { - $this->handleDupplicateZustellKontakte($requested_change['zustellung'], $insert_kontakt_id); - } - - - } - //! DELETE - elseif (array_key_exists('delete', $requested_change) && $requested_change['delete']) { - $this->KontaktModel->delete($kontakt_id); - } - //! UPDATE - else { - $requested_change['updateamum'] = "NOW()"; - $requested_change['updatevon'] = getAuthUID(); - - $update_kontakt_id = $this->KontaktModel->update($kontakt_id, $requested_change); - - if (isError($update_kontakt_id)) { - show_error($this->p->t('profilUpdate', 'profilUpdate_updateKontakt_error')); - } - $update_kontakt_id = hasData($update_kontakt_id) ? getData($update_kontakt_id) : null; - if ($update_kontakt_id) { - $this->handleDupplicateZustellKontakte($requested_change['zustellung'], $update_kontakt_id); - } - } - return isset($insertID) ? $insertID : null; - } - - private function handleAdresse($requested_change, $personID) - { - - $this->AdressenTypModel->addSelect(["adressentyp_kurzbz"]); - $adr_kurzbz = $this->AdressenTypModel->loadWhere(["bezeichnung" => $requested_change['typ']]); - $adr_kurzbz = hasData($adr_kurzbz) ? getData($adr_kurzbz)[0]->adressentyp_kurzbz : null; - //? replace the address_typ with its correct kurzbz foreign key - $requested_change['typ'] = $adr_kurzbz; - - $adresse_id = $requested_change["adresse_id"]; - //? removes the adresse_id because we don't want to update the kontakt_id in the database - unset($requested_change["adresse_id"]); - - - //! ADD - if (array_key_exists('add', $requested_change) && $requested_change['add']) { - - //? removes add flag - unset($requested_change['add']); - $requested_change['insertamum'] = "NOW()"; - $requested_change['insertvon'] = getAuthUID(); - $requested_change['person_id'] = $personID; - //TODO: zustelladresse, heimatadresse, rechnungsadresse und nation werden nicht beachtet - $insertID = $this->AdresseModel->insert($requested_change); - $insert_adresse_id = $insertID; - if (isError($insert_adresse_id)) { - show_error($this->p->t('profilUpdate', 'profilUpdate_insertAdresse_error')); - } - $insert_adresse_id = hasData($insert_adresse_id) ? getData($insert_adresse_id) : null; - if ($insert_adresse_id) { - $this->handleDupplicateZustellAdressen($requested_change['zustelladresse'], $insert_adresse_id); - } - - } - //! DELETE - elseif (array_key_exists('delete', $requested_change) && $requested_change['delete']) { - $this->AdresseModel->delete($adresse_id); - } - //! UPDATE - else { - $requested_change['updateamum'] = "NOW()"; - $requested_change['updatevon'] = getAuthUID(); - $update_adresse_id = $this->AdresseModel->update($adresse_id, $requested_change); - if (isError($update_adresse_id)) { - show_error($this->p->t('profilUpdate', 'profilUpdate_updateAdresse_error')); - } - $update_adresse_id = hasData($update_adresse_id) ? getData($update_adresse_id) : null; - if ($update_adresse_id) { - $this->handleDupplicateZustellAdressen($requested_change['zustelladresse'], $update_adresse_id); - } - } - return isset($insertID) ? $insertID : null; - } - - - private function handleDupplicateZustellKontakte($zustellung, $kontakt_id) - { - if ($zustellung) { - $this->PersonModel->addSelect("public.tbl_kontakt.kontakt_id"); - $this->PersonModel->addJoin("public.tbl_kontakt", "public.tbl_kontakt.person_id = public.tbl_person.person_id"); - $zustellKontakteArray = $this->PersonModel->loadWhere(["public.tbl_person.person_id" => $this->pid, "zustellung" => TRUE]); - if (!isSuccess($zustellKontakteArray)) { - return error($this->p->t('profilUpdate', 'profilUpdate_loadingZustellkontakte_error')); - } - $zustellKontakteArray = hasData($zustellKontakteArray) ? getData($zustellKontakteArray) : null; - - if ($zustellung && count($zustellKontakteArray) > 0) { - $zustellKontakteArray = array_filter($zustellKontakteArray, function ($kontakt) use ($kontakt_id) { - return $kontakt->kontakt_id != $kontakt_id; - }); - foreach ($zustellKontakteArray as $kontakt) { - $this->KontaktModel->update($kontakt->kontakt_id, ["zustellung" => FALSE]); - } - - } - } - } - - private function handleDupplicateZustellAdressen($zustellung, $adresse_id) - { - if ($zustellung) { - $this->PersonModel->addSelect("public.tbl_adresse.adresse_id"); - $this->PersonModel->addJoin("public.tbl_adresse", "public.tbl_adresse.person_id = public.tbl_person.person_id"); - $zustellAdressenArray = $this->PersonModel->loadWhere(["public.tbl_person.person_id" => $this->pid, "zustelladresse" => TRUE]); - if (!isSuccess($zustellAdressenArray)) { - return error($this->p->t('profilUpdate', 'profilUpdate_loadingZustellAdressen_error')); - } - $zustellAdressenArray = hasData($zustellAdressenArray) ? getData($zustellAdressenArray) : null; - - if ($zustellung && count($zustellAdressenArray) > 0) { - - $zustellAdressenArray = array_filter($zustellAdressenArray, function ($adresse) use ($adresse_id) { - - return $adresse->adresse_id != $adresse_id; - }); - foreach ($zustellAdressenArray as $adresse) { - $this->AdresseModel->update($adresse->adresse_id, ["zustelladresse" => FALSE]); - } - - } - } - } - - -} \ No newline at end of file +} diff --git a/application/controllers/api/frontend/v1/LvMenu.php b/application/controllers/api/frontend/v1/LvMenu.php index 393c4d5c3..45936d9f5 100644 --- a/application/controllers/api/frontend/v1/LvMenu.php +++ b/application/controllers/api/frontend/v1/LvMenu.php @@ -51,7 +51,7 @@ class LvMenu extends FHCAPI_Controller $this->load->library("PermissionLib", null, 'PermissionLib'); - $this->load->library("PhrasesLib"); + $this->load->library("PhrasesLib", null, 'PhrasesLib'); $this->loadPhrases(array('global', 'lehre')); } @@ -269,6 +269,8 @@ class LvMenu extends FHCAPI_Controller 'lehrfach_id'=>$lehrfach_id, 'lektor_der_lv'=>$lektor_der_lv, 'lehrfach_oe_kurzbz_arr'=>$lehrfach_oe_kurzbz_arr, + 'permissionLib' => &$this->PermissionLib, + 'phrasesLib' => &$this->PhrasesLib ]; Events::trigger('lvMenuBuild', @@ -331,6 +333,7 @@ class LvMenu extends FHCAPI_Controller 'id'=>'core_menu_lvinfo', 'position'=>'10', 'name'=>$this->p->t('lehre', 'lehrveranstaltungsinformation'), + 'phrase' => 'lehre/lehrveranstaltungsinformation', 'icon'=>'../../../skin/images/button_lvinfo.png', 'link'=>'', 'c4_icon'=> base_url('skin/images/button_lvinfo.png'), @@ -349,6 +352,7 @@ class LvMenu extends FHCAPI_Controller 'id'=>'core_menu_feedback', 'position'=>'60', 'name'=>$this->p->t('lehre', 'feedback'), + 'phrase' => 'lehre/feedback', 'c4_icon'=> base_url('skin/images/button_feedback.png'), 'c4_link'=> base_url('feedback.php?lvid='.$lvid), ); @@ -366,6 +370,7 @@ class LvMenu extends FHCAPI_Controller 'id'=>'core_menu_gesamtnote', 'position'=>'80', 'name'=>$this->p->t('lehre', 'gesamtnote'), + 'phrase' => 'lehre/gesamtnote', 'c4_icon'=> base_url('skin/images/button_endnote.png'), 'c4_link'=> base_url('cis/private/lehre/benotungstool/lvgesamtnoteverwalten.php?lvid='.urlencode($lvid).'&stsem='.urlencode($angezeigtes_stsem)) //'c4_link'=> base_url('benotungstool/lvgesamtnoteverwalten.php?lvid='.urlencode($lvid).'&stsem='.urlencode($angezeigtes_stsem)) @@ -378,6 +383,7 @@ class LvMenu extends FHCAPI_Controller 'id'=>'core_menu_gesamtnote', 'position'=>'80', 'name'=>$this->p->t('lehre', 'gesamtnote'), + 'phrase'=>'lehre/gesamtnote', 'c4_icon'=>base_url('skin/images/button_endnote.png'), 'c4_link'=>'#', 'c4_linkList'=>[[$this->p->t('lehre', 'noteneingabedeaktiviert'),'#']], @@ -450,6 +456,7 @@ class LvMenu extends FHCAPI_Controller 'id'=>'core_menu_mailanstudierende', 'position'=>'100', 'name'=>$this->p->t('lehre', 'mail'), + 'phrase' => 'lehre/mail', 'c4_icon'=>base_url('skin/images/button_feedback.png'), 'c4_icon2' => 'fa-regular fa-envelope', 'c4_link'=>$mailto, @@ -474,6 +481,7 @@ class LvMenu extends FHCAPI_Controller 'id'=>'core_menu_abmeldung', 'position'=>'120', 'name'=>$this->p->t('lehre', 'abmelden'), + 'phrase'=>'lehre/abmelden', 'c4_icon'=>base_url('skin/images/button_studiupload.png'), 'c4_link'=>base_url('abmeldung.php?lvid='.urlencode($lvid).'&stsem='.urlencode($angezeigtes_stsem)), ); @@ -508,6 +516,7 @@ class LvMenu extends FHCAPI_Controller 'id' => 'core_menu_anerkennungNachgewiesenerKenntnisse', 'position' => '128', 'name' => $this->p->t('lehre', 'anrechnung'), + 'phrase' => 'lehre/anrechnung', 'c4_icon' => base_url('skin/images/button_listen.png'), 'c4_icon2' => 'fa-regular fa-folder-open', 'c4_link' => base_url('cis.php/lehre/anrechnung/RequestAnrechnung?studiensemester='.urlencode($angezeigtes_stsem).'&lv_id='.urlencode($lvid)) @@ -525,6 +534,7 @@ class LvMenu extends FHCAPI_Controller 'id' => 'core_menu_anerkennungNachgewiesenerKenntnisse_empfehlen', 'position' => '128', 'name' => $this->p->t('lehre', 'anrechnungen'), + 'phrase' => 'lehre/anrechnung', 'c4_icon'=> base_url('skin/images/button_listen.png'), 'c4_icon2' => 'fa-regular fa-folder-open', 'c4_link' => base_url('cis.php/lehre/anrechnung/ReviewAnrechnungUebersicht?studiensemester='.urlencode($angezeigtes_stsem)) diff --git a/application/controllers/api/frontend/v1/LvPlan.php b/application/controllers/api/frontend/v1/LvPlan.php index 3b6b55911..28b48e3f1 100644 --- a/application/controllers/api/frontend/v1/LvPlan.php +++ b/application/controllers/api/frontend/v1/LvPlan.php @@ -176,6 +176,7 @@ class LvPlan extends FHCAPI_Controller { $this->load->model('ressource/Stunde_model', 'StundeModel'); + $this->StundeModel->addOrder('stunde', 'ASC'); $stunden = $this->StundeModel->load(); $stunden = $this->getDataOrTerminateWithError($stunden); diff --git a/application/controllers/api/frontend/v1/ProfilUpdate.php b/application/controllers/api/frontend/v1/ProfilUpdate.php index 929ea49d6..bbfed651c 100644 --- a/application/controllers/api/frontend/v1/ProfilUpdate.php +++ b/application/controllers/api/frontend/v1/ProfilUpdate.php @@ -573,8 +573,7 @@ class ProfilUpdate extends FHCAPI_Controller { // early return if no status has been passed as argument if (!isset($status)) { - echo json_encode($this->ProfilUpdateModel->getProfilUpdateWithPermission()); - return; + $this->terminateWithSuccess($this->ProfilUpdateModel->getProfilUpdateWithPermission()); } // get the sprache of the user @@ -587,7 +586,7 @@ class ProfilUpdate extends FHCAPI_Controller $status = hasData($status) ? getData($status)[0]->status_kurzbz : null; $res = $this->ProfilUpdateModel->getProfilUpdateWithPermission(isset($status) ? ['status' => $status] : null); - echo json_encode($res); + $this->terminateWithSuccess($res); } } @@ -641,6 +640,7 @@ class ProfilUpdate extends FHCAPI_Controller $this->StudentModel->addJoin("public.tbl_prestudent", "public.tbl_benutzer.person_id = public.tbl_prestudent.person_id"); $this->StudentModel->addJoin("public.tbl_prestudentstatus", "public.tbl_prestudentstatus.prestudent_id = public.tbl_prestudent.prestudent_id"); $this->StudentModel->addJoin("public.tbl_studiengang", "public.tbl_studiengang.studiengang_kz = public.tbl_prestudent.studiengang_kz"); + $this->StudentModel->addGroupBy(["public.tbl_studiengang.email"]); //* check if the benutzer itself is active //* check if the student status is Student or Diplomand (active students) $this->StudentModel->db->where_in("public.tbl_prestudentstatus.status_kurzbz", ['Student', 'Diplomand']); @@ -657,8 +657,10 @@ class ProfilUpdate extends FHCAPI_Controller } $mail_res = []; //? sending email - foreach ($emails as $email) { - array_push($mail_res, sendSanchoMail("profil_update", ['uid' => $uid, 'topic' => $topic, 'href' => APP_ROOT . 'Cis/ProfilUpdate/id/' . $profil_update_id], $email, ("Profil Änderung von " . $uid))); + foreach ($emails as $email) + { + $href = $this->config->item('cis_vilesci_base_url') . $this->config->item('cis_vilesci_index_page') . '/Cis/ProfilUpdate/id/' . $profil_update_id; + array_push($mail_res, sendSanchoMail("profil_update", ['uid' => $uid, 'topic' => $topic, 'href' => $href], $email, ("Profil Änderung von " . $uid))); } foreach ($mail_res as $m_res) { if (!$m_res) { @@ -681,21 +683,21 @@ class ProfilUpdate extends FHCAPI_Controller function languageQuery($language) { - return "select index from public.tbl_sprache where sprache = '" + $language + "'"; + return "select index from public.tbl_sprache where sprache = '" . $language . "'"; } $this->ProfilUpdateStatusModel->addSelect(["bezeichnung_mehrsprachig[(" . languageQuery('German') . ")] as status_de", "bezeichnung_mehrsprachig[(" . languageQuery('English') . ")] as status_en"]); $status_translation = $this->ProfilUpdateStatusModel->loadWhere(["status_kurzbz" => $status]); - if (isError($status_translation)) { $this->terminateWithError($this->p->t('profilUpdate', 'ProfilUpdateStatusTranslationError')); } $status_translation = hasData($status_translation) ? getData($status_translation)[0] : null; - - if (isset($status_translation)) { - $mail_res = sendSanchoMail("profil_update_response", ['topic' => $topic, 'status_de' => $status_translation->status_de, 'status_en' => $status_translation->status_en, 'href' => APP_ROOT . 'Cis/Profil'], $email, ("Profil Änderung " . $this->p->t('profilUpdate', 'pending'))); + if (isset($status_translation)) + { + $href = $this->config->item('cis_base_url') . $this->config->item('cis_index_page') . '/Cis/Profil'; + $mail_res = sendSanchoMail("profil_update_response", ['topic' => $topic, 'status_de' => $status_translation->status_de, 'status_en' => $status_translation->status_en, 'href' => $href], $email, ("Profil Änderung " . $status_translation->status_de . ' / Profile Update ' . $status_translation->status_en)); if (!$mail_res) { $this->addError($this->p->t('profilUpdate', 'profilUpdate_email_error')); } diff --git a/application/controllers/api/frontend/v1/RouteInfo.php b/application/controllers/api/frontend/v1/RouteInfo.php new file mode 100644 index 000000000..78db3ba2c --- /dev/null +++ b/application/controllers/api/frontend/v1/RouteInfo.php @@ -0,0 +1,60 @@ +. + */ +if (!defined('BASEPATH')) + exit('No direct script access allowed'); + +class RouteInfo extends FHCAPI_Controller +{ + + public function __construct() + { + parent::__construct([ + 'info' => self::PERM_LOGGED, + ]); + + $this->load->model('system/Webservicelog_model', 'WebservicelogModel'); + } + + public function info() + { + $payload = json_decode($this->input->raw_input_stream); + + if (isset($payload->app) && isset($payload->path) && $this->isValidApp($payload->app) && $this->isValidPath($payload->path)) + { + $this->WebservicelogModel->insert(array( + 'webservicetyp_kurzbz' => 'content', + 'beschreibung' => $payload->app, + 'request_data' => $payload->path, + 'execute_user' => getAuthUID(), + 'execute_time' => 'NOW()' + )); + } + $this->terminateWithSuccess(true); + } + + protected function isValidApp($app) + { + return preg_match("/^[A-Za-z0-9\-_]+$/", $app); + } + + protected function isValidPath($path) + { + return preg_match("/^[\/A-Za-z0-9_.\-~?%=&;]+$/", $path); + } +} diff --git a/application/controllers/api/frontend/v1/Searchbar.php b/application/controllers/api/frontend/v1/Searchbar.php index 363b6e534..b4c251555 100644 --- a/application/controllers/api/frontend/v1/Searchbar.php +++ b/application/controllers/api/frontend/v1/Searchbar.php @@ -39,6 +39,8 @@ class Searchbar extends FHCAPI_Controller 'searchCis' => self::PERM_LOGGED, 'searchStv' => self::PERM_LOGGED ]); + + $this->load->model('system/Webservicelog_model', 'WebservicelogModel'); } //------------------------------------------------------------------------------------------------------------------ @@ -103,6 +105,17 @@ class Searchbar extends FHCAPI_Controller // Convert to json the result from searchlib->search $result = $this->searchlib->search($this->input->post(self::SEARCHSTR_PARAM), $this->input->post(self::TYPES_PARAM)); + $this->WebservicelogModel->insert(array( + 'webservicetyp_kurzbz' => 'content', + 'beschreibung' => $config['config'], + 'request_data' => json_encode(array( + self::SEARCHSTR_PARAM => $this->input->post(self::SEARCHSTR_PARAM), + self::TYPES_PARAM => $this->input->post(self::TYPES_PARAM) + )), + 'execute_user' => getAuthUID(), + 'execute_time' => 'NOW()' + )); + $data = $this->getDataOrTerminateWithError($result); $this->addMeta('time', $result->meta['time']); diff --git a/application/controllers/api/frontend/v1/betriebsmittel/BetriebsmittelP.php b/application/controllers/api/frontend/v1/betriebsmittel/BetriebsmittelP.php index 05d7c66c2..7486f44f0 100644 --- a/application/controllers/api/frontend/v1/betriebsmittel/BetriebsmittelP.php +++ b/application/controllers/api/frontend/v1/betriebsmittel/BetriebsmittelP.php @@ -60,7 +60,11 @@ class BetriebsmittelP extends FHCAPI_Controller public function getAllBetriebsmittel($type_id, $id) { - $result = $this->BetriebsmittelpersonModel->getBetriebsmittelData($id, $type_id); + $betriebsmitteltypes = null; + if ($this->input->get('betriebsmitteltypes') !== null && !isEmptyArray($this->input->get('betriebsmitteltypes'))) + $betriebsmitteltypes = $this->input->get('betriebsmitteltypes'); + + $result = $this->BetriebsmittelpersonModel->getBetriebsmittelData($id, $type_id, $betriebsmitteltypes); if (isError($result)) { $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL); @@ -370,6 +374,12 @@ class BetriebsmittelP extends FHCAPI_Controller $this->load->model('ressource/Betriebsmitteltyp_model', 'BetriebsmitteltypModel'); $this->BetriebsmitteltypModel->addOrder('beschreibung', 'ASC'); + + if ($this->input->get('betriebsmitteltypes') !== null && !isEmptyArray($this->input->get('betriebsmitteltypes'))) + { + $this->BetriebsmitteltypModel->db->where_in('betriebsmitteltyp', $this->input->get('betriebsmitteltypes')); + } + $result = $this->BetriebsmitteltypModel->load(); // load All if (isError($result)) { diff --git a/application/controllers/api/frontend/v1/messages/Messages.php b/application/controllers/api/frontend/v1/messages/Messages.php index dbc11735a..fa6748f6a 100644 --- a/application/controllers/api/frontend/v1/messages/Messages.php +++ b/application/controllers/api/frontend/v1/messages/Messages.php @@ -418,6 +418,10 @@ class Messages extends FHCAPI_Controller } $data = $this->getDataOrTerminateWithError($result); + if (count($data) < 1) + { + $this->terminateWithError('Error: Messages API no person_id found.'); + } $person = current($data); return $person->person_id; @@ -432,8 +436,12 @@ class Messages extends FHCAPI_Controller ); $data = $this->getDataOrTerminateWithError($result); + if (count($data) < 1) + { + $this->terminateWithError('Error: Messages API no prestudent_id found.'); + } $student = current($data); - // $this->terminateWithError($student->prestudent_id, self::ERROR_TYPE_GENERAL); + return $student->prestudent_id; } diff --git a/application/controllers/api/frontend/v1/notiz/NotizPerson.php b/application/controllers/api/frontend/v1/notiz/NotizPerson.php index cb9d31024..23a8fd199 100644 --- a/application/controllers/api/frontend/v1/notiz/NotizPerson.php +++ b/application/controllers/api/frontend/v1/notiz/NotizPerson.php @@ -18,6 +18,7 @@ class NotizPerson extends Notiz_Controller 'loadDokumente' => ['admin:r', 'assistenz:r'], 'getMitarbeiter' => ['admin:r', 'assistenz:r'], 'isBerechtigt' => ['admin:r', 'assistenz:r'], + 'getCountNotes' => ['admin:r', 'assistenz:r'], ]); } diff --git a/application/controllers/api/frontend/v1/stv/Config.php b/application/controllers/api/frontend/v1/stv/Config.php index adf9f729e..2fb436384 100644 --- a/application/controllers/api/frontend/v1/stv/Config.php +++ b/application/controllers/api/frontend/v1/stv/Config.php @@ -62,10 +62,15 @@ class Config extends FHCAPI_Controller 'component' => './Stv/Studentenverwaltung/Details/Details.js', 'config' => $config['details'] ]; + $result['notes'] = [ 'title' => $this->p->t('stv', 'tab_notes'), - 'component' => './Stv/Studentenverwaltung/Details/Notizen.js' + 'component' => './Stv/Studentenverwaltung/Details/Notizen.js', + 'config' => $config['notes'], + 'showSuffix' => ($config['notes']['showCountNotes'] ?? false), + 'suffixhelper' => APP_ROOT . 'public/js/helpers/Stv/Studentenverwaltung/Details/Notizen/NotizenSuffixHelper.js' ]; + $result['contact'] = [ 'title' => $this->p->t('stv', 'tab_contact'), 'component' => './Stv/Studentenverwaltung/Details/Kontakt.js', diff --git a/application/controllers/api/frontend/v1/stv/Favorites.php b/application/controllers/api/frontend/v1/stv/Favorites.php index b8fe6f3d7..ca8b62da6 100644 --- a/application/controllers/api/frontend/v1/stv/Favorites.php +++ b/application/controllers/api/frontend/v1/stv/Favorites.php @@ -35,8 +35,6 @@ class Favorites extends FHCAPI_Controller // Load models $this->load->model('system/Variable_model', 'VariableModel'); - - // TODO(chris): variable table might be to small to store favorites! } public function index() @@ -62,6 +60,17 @@ class Favorites extends FHCAPI_Controller $favorites = $this->input->post('favorites'); + $removed = []; + while (strlen($favorites) > 64) { + $favObj = json_decode($favorites); + if (!$favObj->list) + break; + $removed[] = array_shift($favObj->list); + $favorites = json_encode($favObj); + } + if ($removed) + $this->addMeta('removed', $removed); + $result = $this->VariableModel->setVariable(getAuthUID(), 'stv_favorites', $favorites); $this->getDataOrTerminateWithError($result); diff --git a/application/controllers/api/frontend/v1/stv/Notiz.php b/application/controllers/api/frontend/v1/stv/Notiz.php index 19e568f33..ba7cd1928 100644 --- a/application/controllers/api/frontend/v1/stv/Notiz.php +++ b/application/controllers/api/frontend/v1/stv/Notiz.php @@ -16,7 +16,8 @@ class Notiz extends Notiz_Controller 'updateNotiz' => ['admin:rw', 'assistenz:rw'], // TODO(manu): self::PERM_LOGGED 'deleteNotiz' => ['admin:r', 'assistenz:r'], 'loadDokumente' => ['admin:r', 'assistenz:r'], - 'getMitarbeiter' => ['admin:r', 'assistenz:r'] + 'getMitarbeiter' => ['admin:r', 'assistenz:r'], + 'getCountNotes' => ['admin:r', 'assistenz:r'], ]); //Load Models diff --git a/application/controllers/api/frontend/v1/stv/Status.php b/application/controllers/api/frontend/v1/stv/Status.php index 629d5512a..665fb620f 100644 --- a/application/controllers/api/frontend/v1/stv/Status.php +++ b/application/controllers/api/frontend/v1/stv/Status.php @@ -24,7 +24,6 @@ class Status extends FHCAPI_Controller 'updateStatus' => ['admin:rw', 'assistenz:rw'], 'advanceStatus' => ['admin:rw', 'assistenz:rw'], 'confirmStatus' => ['admin:rw', 'assistenz:rw'], - ]); //Load Models @@ -440,9 +439,10 @@ class Status extends FHCAPI_Controller ]); if (!$this->form_validation->run()) + { $this->terminateWithValidationErrors($this->form_validation->error_array()); + } - $this->load->library('PrestudentLib'); $this->db->trans_start(); @@ -628,8 +628,9 @@ class Status extends FHCAPI_Controller ]); if (!$this->form_validation->run()) + { $this->terminateWithValidationErrors($this->form_validation->error_array()); - + } // Start DB transaction $this->db->trans_start(); diff --git a/application/controllers/api/frontend/v1/stv/Student.php b/application/controllers/api/frontend/v1/stv/Student.php index 2518e9af9..0cfd82c36 100644 --- a/application/controllers/api/frontend/v1/stv/Student.php +++ b/application/controllers/api/frontend/v1/stv/Student.php @@ -106,6 +106,7 @@ class Student extends FHCAPI_Controller $this->PrestudentModel->addSelect('p.staatsbuergerschaft'); $this->PrestudentModel->addSelect('p.matr_nr'); $this->PrestudentModel->addSelect('p.anrede'); + $this->PrestudentModel->addSelect('p.zugangscode'); if (defined('ACTIVE_ADDONS') && strpos(ACTIVE_ADDONS, 'bewerbung') !== false) { $this->PrestudentModel->addSelect( @@ -159,7 +160,7 @@ class Student extends FHCAPI_Controller { $laufendesStudiensemester = ''; $this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel'); - $result = $this->StudiensemesterModel->getNearest(); + $result = $this->StudiensemesterModel->getAktOrNextSemester(); if(hasData($result)) { $laufendesStudiensemester = (getData($result))[0]->studiensemester_kurzbz; } @@ -253,7 +254,6 @@ class Student extends FHCAPI_Controller 'gebdatum', 'gebort', 'geburtsnation', - 'svnr', 'ersatzkennzeichen', 'staatsbuergerschaft', 'matr_nr', @@ -693,7 +693,7 @@ class Student extends FHCAPI_Controller return $result; }*/ - $this->terminateWithSuccess(true); + return success(true); } public function requiredIfNotPersonId($value) @@ -709,4 +709,9 @@ class Student extends FHCAPI_Controller return true; return !!$value; } + + public function isValidDate($value) + { + return isValidDate($value); + } } diff --git a/application/controllers/api/frontend/v1/stv/Students.php b/application/controllers/api/frontend/v1/stv/Students.php index 12785d6d7..9de0c29b1 100644 --- a/application/controllers/api/frontend/v1/stv/Students.php +++ b/application/controllers/api/frontend/v1/stv/Students.php @@ -45,6 +45,13 @@ class Students extends FHCAPI_Controller // Load Libraries $this->load->library('VariableLib', ['uid' => getAuthUID()]); + $this->load->library('PhrasesLib'); + $this->loadPhrases( + array( + 'lehre' + ) + ); + } /** @@ -754,7 +761,6 @@ class Students extends FHCAPI_Controller $this->PrestudentModel->addSelect('wahlname'); $this->PrestudentModel->addSelect('vornamen'); $this->PrestudentModel->addSelect('titelpost'); - $this->PrestudentModel->addSelect('svnr'); $this->PrestudentModel->addSelect('ersatzkennzeichen'); $this->PrestudentModel->addSelect('gebdatum'); $this->PrestudentModel->addSelect('geschlecht'); diff --git a/application/controllers/codex/UHSTAT1.php b/application/controllers/codex/UHSTAT1.php index ff59ef41a..c1d4d0abf 100644 --- a/application/controllers/codex/UHSTAT1.php +++ b/application/controllers/codex/UHSTAT1.php @@ -11,6 +11,7 @@ class UHSTAT1 extends FHC_Controller const CODEX_UNKNOWN_YEAR = 9999; const CODEX_UNKNOWN_NATION = 'XXX'; const CODEX_UNKNOWN_BILDUNGMAX = 999; + const CODEX_EXCLUDED_NATIONS = ['ZZZ']; const LOWER_BOUNDARY_YEARS = 160; const UPPER_BOUNDARY_YEARS = 20; @@ -32,8 +33,7 @@ class UHSTAT1 extends FHC_Controller $this->load->library('PermissionLib'); // load models - $this->load->model('codex/Oehbeitrag_model', 'OehbeitragModel'); - $this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel'); + $this->load->model('person/Benutzer_model', 'BenutzerModel'); $this->load->model('system/Sprache_model', 'SpracheModel'); $this->load->model('codex/Abschluss_model', 'AbschlussModel'); $this->load->model('codex/Uhstat1daten_model', 'Uhstat1datenModel'); @@ -104,7 +104,7 @@ class UHSTAT1 extends FHC_Controller { $saved = false; - $person_id = $this->_getValidPersonId('sui'); + $person_id = $this->_getUHSTATPersonId('sui'); $this->form_validation->set_error_delimiters('', ''); @@ -245,7 +245,7 @@ class UHSTAT1 extends FHC_Controller // uhstat data can only be deleted with permission if (!$this->_checkPermission('suid')) show_error('no permission'); - $person_id = $this->_getValidPersonId('suid'); + $person_id = $this->_getUHSTATPersonId('suid'); $uhstat1datenRes = $this->Uhstat1datenModel->delete( array('person_id' => $person_id) @@ -287,13 +287,17 @@ class UHSTAT1 extends FHC_Controller */ private function _getFormMetaData() { - $person_id = $this->_getValidPersonId('s'); + $person_id = $this->_getUHSTATPersonId('s'); // read only display param $readOnly = $this->input->get('readOnly'); - // depending on permissions, editing or deleting is possible - $editPermission = $this->_checkPermission('sui'); + // checking permissions for form + + // saving is possible if there permission or student log in (but not from application tool) + $savePermission = $this->_checkPermission('sui') || ($this->_getUserPersonId() && !$this->_getApplicationToolPersonId()); + + // deleting only possible with permission $deletePermission = $this->_checkPermission('suid'); $languageIdx = $this->_getLanguageIndex(); @@ -304,7 +308,7 @@ class UHSTAT1 extends FHC_Controller 'abschluss_nicht_oesterreich' => array(), 'jahre' => array(), 'person_id' => $person_id, - 'editPermission' => $editPermission, + 'savePermission' => $savePermission, 'deletePermission' => $deletePermission, 'readOnly' => $readOnly ); @@ -336,15 +340,19 @@ class UHSTAT1 extends FHC_Controller if (hasData($nationRes)) { + $dropdownNations = []; $nations = getData($nationRes); - // put austria in beginning of selection foreach ($nations as $nation) { - if ($nation->nation_code == self::CODEX_OESTERREICH) array_unshift($nations, $nation); + // put austria in beginning of selection + if ($nation->nation_code == self::CODEX_OESTERREICH) + array_unshift($dropdownNations, $nation); + elseif (!in_array($nation->nation_code, self::CODEX_EXCLUDED_NATIONS)) // add nation if not excluded + $dropdownNations[] = $nation; } - $formMetaData['nation'] = $nations; + $formMetaData['nation'] = $dropdownNations; } // get abschluss list @@ -386,7 +394,7 @@ class UHSTAT1 extends FHC_Controller */ private function _getUHSTAT1Data() { - $person_id = $this->_getValidPersonId('s'); + $person_id = $this->_getUHSTATPersonId('s'); $this->Uhstat1datenModel->addSelect( implode(', ', array_keys($this->_uhstat1Fields)) @@ -417,29 +425,70 @@ class UHSTAT1 extends FHC_Controller } /** - * Gets Id of person having permissions to manage UHSTAT1 data. - * Can be passed as parameter or be in session. + * Gets Id of person, for which UHSTAT1 data is edited. + * Can be passed as parameter, id of logged in person, or be in session. + * @param berechtigungsArt type of permission (suid) * @return int person_id */ - private function _getValidPersonId($berechtigungsArt) + private function _getUHSTATPersonId($berechtigungsArt) { // if coming from bewerbungstool - person id is in session (person must be logged in bewerbungstool) + $applicationToolPersonId = $this->_getApplicationToolPersonId(); + if (isset($applicationToolPersonId) && is_numeric($applicationToolPersonId)) return $applicationToolPersonId; + + // if successfully logged in + $loggedInPersonId = $this->_getUserPersonId(); + if (isset($loggedInPersonId) && is_numeric($loggedInPersonId)) + { + // if person id passed directly... + $person_id = $this->input->post('person_id'); + if (!isset($person_id)) $person_id = $this->input->get('person_id'); + + if (isset($person_id)) + { + if (!is_numeric($person_id)) show_error("invalid person id"); + // ...check if there is a permission for editing UHSTAT1 data + if ($this->_checkPermission($berechtigungsArt)) return $person_id; + } + + // if no id passed, use logged in person id + return $loggedInPersonId; + } + + show_error("No permission"); + } + + /** + * Gets person Id if there is a application tool login. + * @return person Id or null + */ + private function _getApplicationToolPersonId() + { + // if coming from aplication tool - person id is in session (person must be logged in bewerbungstool) if (isset($_SESSION[self::PERSON_ID_SESSION_INDEX]) && is_numeric($_SESSION[self::PERSON_ID_SESSION_INDEX]) && isset($_SESSION[self::LOGIN_SESSION_INDEX]) ) return $_SESSION[self::PERSON_ID_SESSION_INDEX]; - // if person id passed directly... - $person_id = $this->input->post('person_id'); - if (!isset($person_id)) $person_id = $this->input->get('person_id'); + return null; + } - if (!isset($person_id) || !is_numeric($person_id)) show_error("invalid person id"); - - // ...check if there is a permission for editing UHSTAT1 data - if ($this->_checkPermission($berechtigungsArt)) return $person_id; - - show_error("No permission"); + /** + * Gets person Id if there is a user login. + * @return person Id or null + */ + private function _getUserPersonId() + { + $loggedInPersonId = getAuthPersonId(); + if (isset($loggedInPersonId) && is_numeric($loggedInPersonId)) + { + // check if the the user is a student and if the benutzer is active + $this->BenutzerModel->addSelect('1'); + $res = $this->BenutzerModel->loadWhere(["public.tbl_benutzer.person_id" => $loggedInPersonId, "public.tbl_benutzer.aktiv" => TRUE]); + if (hasData($res)) return $loggedInPersonId; + } + return null; } /** diff --git a/application/controllers/system/infocenter/InfoCenter.php b/application/controllers/system/infocenter/InfoCenter.php index 57aca0876..1fc49c72f 100644 --- a/application/controllers/system/infocenter/InfoCenter.php +++ b/application/controllers/system/infocenter/InfoCenter.php @@ -1275,7 +1275,6 @@ class InfoCenter extends Auth_Controller 'nachname' => $this->input->post('nachname'), 'titelpost' => isEmptyString($this->input->post('titelpost')) ? null : $this->input->post('titelpost'), 'gebdatum' => isEmptyString($this->input->post('gebdatum')) ? null : date("Y-m-d", strtotime($this->input->post('gebdatum'))), - 'svnr' => isEmptyString($this->input->post('svnr')) ? null : $this->input->post('svnr'), 'staatsbuergerschaft' => isEmptyString($this->input->post('buergerschaft')) ? null : $this->input->post('buergerschaft'), 'geschlecht' => $this->input->post('geschlecht'), 'geburtsnation' => isEmptyString($this->input->post('gebnation')) ? null : $this->input->post('gebnation'), @@ -1816,7 +1815,7 @@ class InfoCenter extends Auth_Controller } /** - * Loads all necessary Person data: Stammdaten (name, svnr, contact, ...), Dokumente, Logs and Notizen + * Loads all necessary Person data: Stammdaten (name, contact, ...), Dokumente, Logs and Notizen * @param $person_id * @return array */ diff --git a/application/core/Notiz_Controller.php b/application/core/Notiz_Controller.php index 472ac7669..c2bb03267 100644 --- a/application/core/Notiz_Controller.php +++ b/application/core/Notiz_Controller.php @@ -21,6 +21,7 @@ abstract class Notiz_Controller extends FHCAPI_Controller 'loadDokumente' => self::DEFAULT_PERMISSION_R, 'getMitarbeiter' => self::DEFAULT_PERMISSION_R, 'isBerechtigt' => self::DEFAULT_PERMISSION_R, + 'getCountNotes' => self::DEFAULT_PERMISSION_R, ]; if(!is_array($permissions)) @@ -459,4 +460,20 @@ abstract class Notiz_Controller extends FHCAPI_Controller return $this->terminateWithSuccess($result); } + public function getCountNotes($person_id) + { + $this->NotizzuordnungModel->addSelect('COUNT(*) AS anzahl', false); + + $result = $this->NotizzuordnungModel->loadWhere( + array('person_id' => $person_id) + ); + + if (isError($result)) { + $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL); + } + + $anzahl = current(getData($result)); + return $this->terminateWithSuccess($anzahl->anzahl ?: 0); + } + } \ No newline at end of file diff --git a/application/libraries/PhrasesLib.php b/application/libraries/PhrasesLib.php index ecd8094d6..647bf7074 100644 --- a/application/libraries/PhrasesLib.php +++ b/application/libraries/PhrasesLib.php @@ -122,6 +122,7 @@ class PhrasesLib $tmpText = substr($tmpText, 0, strlen($tmpText) - 4); } } + $tmpText = str_replace(['', ''], '', $tmpText); $result->retval[$i]->text = $tmpText; } diff --git a/application/models/ressource/Betriebsmittelperson_model.php b/application/models/ressource/Betriebsmittelperson_model.php index 6da9a384d..219af51b8 100644 --- a/application/models/ressource/Betriebsmittelperson_model.php +++ b/application/models/ressource/Betriebsmittelperson_model.php @@ -97,7 +97,7 @@ class Betriebsmittelperson_model extends DB_Model return $this->loadWhere($condition); } - public function getBetriebsmittelData($id, $type_id) + public function getBetriebsmittelData($id, $type_id, $betriesmitteltypes = null) { switch ($type_id) { case 'person_id': @@ -113,6 +113,15 @@ class Betriebsmittelperson_model extends DB_Model return error("ID nicht gültig"); } + $cond .= " = ? "; + $params[] = $id; + + if ($betriesmitteltypes && !isEmptyArray($betriesmitteltypes)) + { + $cond .= " AND bm.betriebsmitteltyp IN ?"; + $params[] = $betriesmitteltypes; + } + $query = " SELECT bm.nummer, bmp.person_id, bm.betriebsmitteltyp, bmp.anmerkung as anmerkung, @@ -126,9 +135,9 @@ class Betriebsmittelperson_model extends DB_Model JOIN wawi.tbl_betriebsmittel bm ON (bmp.betriebsmittel_id = bm.betriebsmittel_id) WHERE - " . $cond . " = ? "; + " . $cond; - return $this->execQuery($query, array($id)); + return $this->execQuery($query, $params); } /** diff --git a/application/views/codex/uhstat1.php b/application/views/codex/uhstat1.php index a255781f1..cb2f219f8 100644 --- a/application/views/codex/uhstat1.php +++ b/application/views/codex/uhstat1.php @@ -26,7 +26,7 @@ $vater_bildungsstaat = isset($uhstatData->vater_bildungsstaat) ? $uhstatData->va $vater_bildungmax = isset($uhstatData->vater_bildungmax) ? $uhstatData->vater_bildungmax : set_value('vater_bildungmax'); $readOnly = isset($formMetaData['readOnly']); $disabled = $readOnly ? ' disabled' : ''; -$editPermission = isset($formMetaData['editPermission']) && $formMetaData['editPermission'] === true; +$savePermission = isset($formMetaData['savePermission']) && $formMetaData['savePermission'] === true; $deletePermission = isset($formMetaData['deletePermission']) && $formMetaData['deletePermission'] === true; $saved = isset($saved) && $saved === true; ?> @@ -51,7 +51,7 @@ $saved = isset($saved) && $saved === true; p->t('uhstat', 'uhstat1EinleitungSvnrtext') ?>


- +
@@ -288,7 +288,7 @@ $saved = isset($saved) && $saved === true;
- +
diff --git a/application/views/system/infocenter/stammdaten.php b/application/views/system/infocenter/stammdaten.php index f143c9c03..f852e9ace 100644 --- a/application/views/system/infocenter/stammdaten.php +++ b/application/views/system/infocenter/stammdaten.php @@ -32,12 +32,6 @@
gebdatum), 'd.m.Y') ?>
- - p->t('person','svnr')) ?> - -
svnr ?>
- - p->t('person','staatsbuergerschaft')) ?> diff --git a/cis/infoterminal/index.php b/cis/infoterminal/index.php index 1b4c7d637..04c591ee1 100644 --- a/cis/infoterminal/index.php +++ b/cis/infoterminal/index.php @@ -843,7 +843,6 @@ function meine_uid_informationen_detail($db,$uid,$count=0) $aktiv=$db->db_result($erg,0,"aktiv"); - $svnr=$db->db_result($erg,0,"svnr"); $titelpre=$db->db_result($erg,0,"titelpre"); $titelpost=$db->db_result($erg,0,"titelpost"); diff --git a/cis/private/logout.php b/cis/private/logout.php new file mode 100644 index 000000000..9c1cbeee6 --- /dev/null +++ b/cis/private/logout.php @@ -0,0 +1,34 @@ + + + + + FH-Complete logout Basic Auth + + + + + + + '; - str += ''; + str += ''; str += ''; - str += ''; + str += ''; str += ''; str += ''; str += ''; str += ''; str += ''; str += ''; + str += ''; str += ''; sp.innerHTML = str; diff --git a/cis/private/tools/zeitaufzeichnung.php b/cis/private/tools/zeitaufzeichnung.php index 1ae315f7a..4dcb63b31 100644 --- a/cis/private/tools/zeitaufzeichnung.php +++ b/cis/private/tools/zeitaufzeichnung.php @@ -45,6 +45,7 @@ require_once('../../../include/benutzerberechtigung.class.php'); require_once('../../../include/zeitaufzeichnung_import_csv.class.php'); require_once('../../../include/zeitaufzeichnung_import_post.class.php'); require_once('../../../include/vertragsbestandteil.class.php'); +require_once('../../../include/benutzerfunktion.class.php'); $sprache = getSprache(); $p=new phrasen($sprache); @@ -112,6 +113,13 @@ else $activities = array('Admin', 'FuE','FuEallg','Lehre', 'Pause', 'Arztbesuch', 'DienstreiseMT', 'Behoerde', 'Ersatzruhe', 'Weiterbildung', 'LVEntwicklung'); } +// Wenn die Funktion Lehrling zugeteilt ist, kann zusaetzlich Berufsschule als Aktivitaet gewaehlt werden +$benutzerfunktion = new benutzerfunktion(); +if ($benutzerfunktion->benutzerfunktion_exists($user, 'lehrling', true)) +{ + $activities[] = 'Berufsschule'; +} + $activities_str = "'".implode("','", $activities)."'"; // definiert bis zu welchem Datum die Eintragung nicht mehr möglich ist @@ -690,7 +698,7 @@ echo ' function checkPausenblock() { var sel = $("#aktivitaet").val(); - var activities = ["Admin", "Lehre", "FuE", "Operativ", "Betrieb", "Design", "LVEntwicklung", "Weiterbildung", "FuEallg"]; + var activities = ["Admin", "Lehre", "FuE", "Operativ", "Betrieb", "Design", "LVEntwicklung", "Weiterbildung", "FuEallg", "Berufsschule"]; if (activities.includes(sel)) showPausenblock(); else diff --git a/content/dokumentenakt.pdf.php b/content/dokumentenakt.pdf.php index a27b8d562..a737ee72d 100644 --- a/content/dokumentenakt.pdf.php +++ b/content/dokumentenakt.pdf.php @@ -307,8 +307,6 @@ foreach($prestudent_ids as $pid) $nation->load($prestudent->zgvnation); $zgvnation = $nation->kurztext; - $svnr = ($prestudent->svnr == '')?($prestudent->ersatzkennzeichen != ''?'Ersatzkennzeichen: '.$prestudent->ersatzkennzeichen:''):$prestudent->svnr; - foreach($adresse->result as $row_adresse) { if($row_adresse->heimatadresse) @@ -439,7 +437,6 @@ foreach($prestudent_ids as $pid) 'zustell_ort' => $zustellOrt, 'zustell_bundesland' => $zustellBundesland, 'geburtsnation' => $geburtsnation, - 'svnr' => $svnr, 'staatsbuergerschaft' => $staatsbuergerschaft, 'geschlecht' => $prestudent->geschlecht, 'telefonnummer' => $telefonnummer, diff --git a/content/statistik/studentenexportextended.xls.php b/content/statistik/studentenexportextended.xls.php index 89acbe18f..5ab34d026 100644 --- a/content/statistik/studentenexportextended.xls.php +++ b/content/statistik/studentenexportextended.xls.php @@ -125,8 +125,6 @@ $worksheet->write($zeile, ++$i, "PERSONENKENNZEICHEN", $format_bold); $maxlength[$i] = 19; $worksheet->write($zeile, ++$i, "STAATSBÜRGERSCHAFT", $format_bold); $maxlength[$i] = 16; -$worksheet->write($zeile, ++$i, "SVNR", $format_bold); -$maxlength[$i] = 4; $worksheet->write($zeile, ++$i, "PERSON_ID", $format_bold); $maxlength[$i] = 6; $worksheet->write($zeile, ++$i, "ERSATZKENNZEICHEN", $format_bold); @@ -396,12 +394,7 @@ function draw_content($row) $worksheet->write($zeile, $i, $row->staatsbuergerschaft); $i++; - //SVNR - if (mb_strlen($row->svnr) > $maxlength[$i]) - $maxlength[$i] = mb_strlen($row->svnr); - $worksheet->write($zeile, $i, $row->svnr); - $i++; - + //Person_id if (mb_strlen($row->person_id) > $maxlength[$i]) $maxlength[$i] = mb_strlen($row->person_id); diff --git a/content/student/studentDBDML.php b/content/student/studentDBDML.php index e1bcffd84..041af9c20 100644 --- a/content/student/studentDBDML.php +++ b/content/student/studentDBDML.php @@ -594,7 +594,6 @@ if(!$error) $student->anmerkungen = $_POST['anmerkung']; $student->homepage = $_POST['homepage']; $student->matr_nr = $_POST['matr_nr']; - $student->svnr = $_POST['svnr']; $student->ersatzkennzeichen = $_POST['ersatzkennzeichen']; $student->familienstand = $_POST['familienstand']; $student->geschlecht = $_POST['geschlecht']; @@ -746,7 +745,6 @@ if(!$error) $person->gebzeit = $_POST['geburtszeit']; $person->anmerkungen = $_POST['anmerkung']; $person->homepage = $_POST['homepage']; - $person->svnr = $_POST['svnr']; $person->ersatzkennzeichen = $_POST['ersatzkennzeichen']; $person->familienstand = $_POST['familienstand']; $person->geschlecht = $_POST['geschlecht']; diff --git a/content/student/studentdetailoverlay.xul.php b/content/student/studentdetailoverlay.xul.php index 132667395..36740d209 100644 --- a/content/student/studentdetailoverlay.xul.php +++ b/content/student/studentdetailoverlay.xul.php @@ -134,8 +134,7 @@ echo ''; -