From 44ebe15c9cab8fbbf8396d255648b8afda0f5d14 Mon Sep 17 00:00:00 2001 From: paolo Date: Tue, 10 May 2016 13:05:02 +0200 Subject: [PATCH] - Method getCheckBewerbung implemented with new standard - Added new permission in fhcomplete.php config file --- application/config/fhcomplete.php | 1 + .../controllers/api/v1/person/Person.php | 40 +++------- .../models/organisation/Studiengang_model.php | 16 ++-- application/models/person/Person_model.php | 76 +++++++++++-------- 4 files changed, 65 insertions(+), 68 deletions(-) diff --git a/application/config/fhcomplete.php b/application/config/fhcomplete.php index 6479a3863..ba1f8eff1 100644 --- a/application/config/fhcomplete.php +++ b/application/config/fhcomplete.php @@ -18,6 +18,7 @@ $config['fhc_acl'] = array 'public.tbl_person' => 'basis/person', 'public.tbl_kontakt' => 'basis/kontakt', + 'public.tbl_benutzer' => 'basis/benutzer', 'public.tbl_prestudent' => 'basis/person', 'public.tbl_prestudentstatus' => 'basis/person', 'public.tbl_organisationseinheit' => 'basis/organisationseinheit', diff --git a/application/controllers/api/v1/person/Person.php b/application/controllers/api/v1/person/Person.php index ea708f8e5..9ffc14d45 100644 --- a/application/controllers/api/v1/person/Person.php +++ b/application/controllers/api/v1/person/Person.php @@ -93,43 +93,21 @@ class Person extends APIv1_Controller */ public function getCheckBewerbung() { - $result = $this->PersonModel->checkBewerbung($this->get("email"), $this->get("studiensemester_kurzbz")); - $httpstatus = REST_Controller::HTTP_OK; - $payload = [ - 'success' => true, - 'message' => 'Bewerbung exists.' - ]; - $payload['data'] = $result; - $this->response($payload, $httpstatus); - } - - /** - * @return void - */ - public function getCheckZugangscodePerson() - { - $result = $this->PersonModel->checkZugangscodePerson($this->get("code")); - $httpstatus = REST_Controller::HTTP_OK; - if(!empty($result)) + $email = $this->get('email'); + $studiensemester_kurzbz = $this->get('studiensemester_kurzbz'); + + if(isset($email)) { - $payload = [ - 'success' => true, - 'message' => 'Zugangscode exists.' - ]; - $payload['data'] = $result; + $result = $this->PersonModel->checkBewerbung($email, $studiensemester_kurzbz); + + $this->response($result, REST_Controller::HTTP_OK); } else { - $payload = [ - 'success' => false, - 'message' => 'Zugangscode does not exist.' - ]; - $httpstatus = REST_Controller::HTTP_OK; + $this->response(); } - - $this->response($payload, $httpstatus); } - + private function _validate($person = NULL) { if(!isset($person)) diff --git a/application/models/organisation/Studiengang_model.php b/application/models/organisation/Studiengang_model.php index a7f4b3f91..661dabfd6 100644 --- a/application/models/organisation/Studiengang_model.php +++ b/application/models/organisation/Studiengang_model.php @@ -16,6 +16,13 @@ class Studiengang_model extends DB_Model */ public function getAllForBewerbung() { + // Checks if the operation is permitted by the API caller + if (! $this->fhc_db_acl->isBerechtigt($this->acl['lehre.vw_studienplan'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['lehre.vw_studienplan'], FHC_MODEL_ERROR); + + if (! $this->fhc_db_acl->isBerechtigt($this->acl['bis.tbl_lgartcode'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['bis.tbl_lgartcode'], FHC_MODEL_ERROR); + $allForBewerbungQuery = "SELECT DISTINCT studiengang_kz, typ, organisationseinheittyp_kurzbz, @@ -29,13 +36,8 @@ class Studiengang_model extends DB_Model AND aktiv IS TRUE ORDER BY typ, studiengangbezeichnung, tbl_lgartcode.bezeichnung ASC"; - // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['lehre.vw_studienplan'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['lehre.vw_studienplan'], FHC_MODEL_ERROR); + $result = $this->db->query($allForBewerbungQuery); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['bis.tbl_lgartcode'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['bis.tbl_lgartcode'], FHC_MODEL_ERROR); - - return $this->db->query($allForBewerbungQuery); + return $this->_success($result->result()); } } \ No newline at end of file diff --git a/application/models/person/Person_model.php b/application/models/person/Person_model.php index 1a9192a88..fc8ad108a 100644 --- a/application/models/person/Person_model.php +++ b/application/models/person/Person_model.php @@ -15,41 +15,57 @@ class Person_model extends DB_Model /** * */ - /*public function checkBewerbung($email, $studiensemester_kurzbz = NULL) + public function checkBewerbung($email, $studiensemester_kurzbz = NULL) { - $this->db->distinct(); - + // Checks if the operation is permitted by the API caller + if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_person'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_person'], FHC_MODEL_ERROR); + + if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_kontakt'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_kontakt'], FHC_MODEL_ERROR); + + if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_benutzer'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_benutzer'], FHC_MODEL_ERROR); + + if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_prestudent'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_prestudent'], FHC_MODEL_ERROR); + + if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_prestudentstatus'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_prestudentstatus'], FHC_MODEL_ERROR); + + $result = NULL; + if(is_null($studiensemester_kurzbz)) { - $this->db->select("p.person_id, p.zugangscode, p.insertamum") - ->from("public.tbl_person p") - ->join("public.tbl_kontakt k", "p.person_id=k.person_id") - ->join("public.tbl_benutzer b", "p.person_id=b.person_id", "left") - ->where("k.kontakttyp", 'email') - ->where("(kontakt='" . $email . "'" . - " OR alias ||'@technikum-wien.at'='" . $email . "'" . - " OR uid ||'@technikum-wien.at'='" . $email . "')") - ->order_by("p.insertamum", "DESC") - ->limit(1) - ; + $checkBewerbungQuery = "SELECT DISTINCT p.person_id, p.zugangscode, p.insertamum + FROM public.tbl_person p JOIN public.tbl_kontakt k ON p.person_id = k.person_id + LEFT JOIN public.tbl_benutzer b ON p.person_id = b.person_id + WHERE k.kontakttyp = 'email' + AND (kontakt = ? OR alias || '@technikum-wien.at' = ? OR uid || '@technikum-wien.at' = ?) + ORDER BY p.insertamum DESC + LIMIT 1"; + + $result = $this->db->query($checkBewerbungQuery, array($email, $email, $email)); } else { - $this->db->select("p.person_id,p.zugangscode,p.insertamum") - ->from("public.tbl_person p") - ->join("public.tbl_kontakt k", "p.person_id=k.person_id") - ->join("public.tbl_benutzer b", "p.person_id=b.person_id", "left") - ->join("public.tbl_prestudent ps", "p.person_id=ps.person_id") - ->join("public.tbl_prestudentstatus pst", "pst.prestudent_id=ps.prestudent_id") - ->where("k.kontakttyp", 'email') - ->where("(kontakt='" . $email . "'" . - " OR alias ||'@technikum-wien.at'='" . $email . "'" . - " OR uid ||'@technikum-wien.at'='" . $email . "')") - ->where("studiensemester_kurzbz='" . $studiensemester_kurzbz . "'") - ->order_by("p.insertamum", "DESC") - ->limit(1) - ; + $checkBewerbungQuery = "SELECT DISTINCT p.person_id, p.zugangscode, p.insertamum + FROM public.tbl_person p JOIN public.tbl_kontakt k ON p.person_id = k.person_id + LEFT JOIN public.tbl_benutzer b ON p.person_id = b.person_id + JOIN public.tbl_prestudent ps ON p.person_id = ps.person_id + JOIN public.tbl_prestudentstatus pst ON pst.prestudent_id = ps.prestudent_id + WHERE k.kontakttyp = 'email' + AND (kontakt = ? OR alias || '@technikum-wien.at' = ? OR uid || '@technikum-wien.at' = ?) + AND studiensemester_kurzbz = ? + ORDER BY p.insertamum DESC + LIMIT 1"; + + $result = $this->db->query($checkBewerbungQuery, array($email, $email, $email, $studiensemester_kurzbz)); } - return $this->db->get()->result_array(); - }*/ + + if(is_object($result)) + return $this->_success($result->result()); + else + return $this->_error($this->db->error(), FHC_DB_ERROR); + } } \ No newline at end of file