Conflicts:
	application/config/fhcomplete.php
	application/core/FHC_Model.php
This commit is contained in:
Paminger
2016-05-10 14:36:01 +02:00
29 changed files with 631 additions and 1316 deletions
+22 -21
View File
@@ -1,21 +1,22 @@
.htaccess
.htaccessbak
bin
/nbproject/
/vendor/*
!/vendor/FHC-vendor
/.idea/
documents/
.settings
.project
.buildpath
tests/codeception/codeception.yml
tests/codeception/tests/api.suite.yml
tests/codeception/tests/functional.suite.yml
tests/codeception/tests/acceptance.suite.yml
tests/codeception/_support/_generated
tests/codeception/_output/*
!/tests/codeception/_output/.placeholder
/submodules/d3
composer.lock
bin
.htaccess
.htaccessbak
bin
/nbproject/
/vendor/*
!/vendor/FHC-vendor
/.idea/
documents/
.settings
.project
.buildpath
tests/codeception/codeception.yml
tests/codeception/tests/api.suite.yml
tests/codeception/tests/functional.suite.yml
tests/codeception/tests/acceptance.suite.yml
tests/codeception/_support/_generated
tests/codeception/_output/*
!/tests/codeception/_output/.placeholder
/submodules/d3
composer.lock
bin
/tests/codeception/api.suite.yml
+17
View File
@@ -6,11 +6,28 @@ $config['fhc_version'] = '3.2';
$config['fhc_acl'] = array
(
'bis.tbl_nation' => 'basis/nation',
'bis.tbl_lgartcode' => 'basis/lgartcode',
'campus.tbl_dms' => 'basis/tbl_dms',
'campus.tbl_dms_version' => 'basis/tbl_dms_version',
'lehre.tbl_studienplan' => 'basis/studienplan',
'lehre.tbl_studienordnung' => 'basis/studienordnung',
'lehre.vw_studienplan' => 'basis/vw_studienplan',
'public.tbl_person' => 'basis/person',
'public.tbl_kontakt' => 'basis/kontakt',
'public.tbl_benutzer' => 'basis/benutzer',
'public.tbl_prestudent' => 'basis/person',
'public.tbl_prestudentstatus' => 'basis/person',
'public.tbl_organisationseinheit' => 'basis/organisationseinheit',
<<<<<<< HEAD
'public.tbl_sprache' => 'admin',
'public.tbl_msg_thread' => 'admin',
'public.tbl_msg_message' => 'admin'
);
=======
'public.tbl_sprache' => 'admin'
);
>>>>>>> 44ebe15c9cab8fbbf8396d255648b8afda0f5d14
-9
View File
@@ -195,15 +195,6 @@ $config['auth_library_function'] = 'basicAuthentication';
| $config['auth_override_class_method_http']['deals']['*']['options'] = 'none';
*/
$config['auth_override_class_method_http']['Person']['checkBewerbung']['get'] = 'none';
$config['auth_override_class_method_http']['Person']['person']['post'] = 'none';
$config['auth_override_class_method_http']['Person']['person']['get'] = 'none';
$config['auth_override_class_method_http']['Person']['checkZugangscodePerson']['get'] = 'none';
$config['auth_override_class_method_http']['Person']['personFromCode']['post'] = 'none';
$config['auth_override_class_method_http']['Person']['personUpdate']['post'] = 'none';
$config['auth_override_class_method_http']['Kontakt']['kontakt']['post'] = 'none';
$config['auth_override_class_method_http']['Kontakt']['kontaktPerson']['get'] = 'none';
// ---Uncomment list line for the wildard unit test
// $config['auth_override_class_method_http']['wildcard_test_cases']['*']['options'] = 'basic';
-80
View File
@@ -1,80 +0,0 @@
<?php
/**
* FH-Complete
*
* @package FHC-API
* @author FHC-Team
* @copyright Copyright (c) 2016, fhcomplete.org
* @license GPLv3
* @link http://fhcomplete.org
* @since Version 1.0
* @filesource
*/
// ------------------------------------------------------------------------
if(!defined('BASEPATH')) exit('No direct script access allowed');
class Nation extends APIv1_Controller
{
/**
* Course API constructor.
*/
public function __construct()
{
parent::__construct();
// Load model PersonModel
$this->load->model('nation_model', 'NationModel');
// Load set the addonID of the model to let to check the permissions
$this->NationModel->setAddonID($this->_getAddonID());
}
public function getAll()
{
$result = $this->NationModel->getAll($this->get('ohnesperre'), $this->get('orderEnglish'));
if(is_object($result))
{
$payload = [
'success' => TRUE,
'message' => 'Nation found',
'data' => $result->result()
];
$httpstatus = REST_Controller::HTTP_OK;
}
else
{
$payload = [
'success' => FALSE,
'message' => 'Nation not found'
];
$httpstatus = REST_Controller::HTTP_OK;
}
$this->response($payload, $httpstatus);
}
public function getBundesland()
{
$result = $this->NationModel->getBundesland();
if(is_object($result))
{
$payload = [
'success' => TRUE,
'message' => 'Bundesland found',
'data' => $result->result()
];
$httpstatus = REST_Controller::HTTP_OK;
}
else
{
$payload = [
'success' => FALSE,
'message' => 'Bundesland not found'
];
$httpstatus = REST_Controller::HTTP_OK;
}
$this->response($payload, $httpstatus);
}
}
@@ -0,0 +1,56 @@
<?php
/**
* FH-Complete
*
* @package FHC-API
* @author FHC-Team
* @copyright Copyright (c) 2016, fhcomplete.org
* @license GPLv3
* @link http://fhcomplete.org
* @since Version 1.0
* @filesource
*/
// ------------------------------------------------------------------------
if(!defined('BASEPATH')) exit('No direct script access allowed');
class Nation extends APIv1_Controller
{
/**
* Course API constructor.
*/
public function __construct()
{
parent::__construct();
// Load model PersonModel
$this->load->model('codex/nation_model', 'NationModel');
// Load set the uid of the model to let to check the permissions
$this->NationModel->setUID($this->_getUID());
}
public function getAll()
{
if(!$this->get('orderEnglish'))
{
$result = $this->NationModel->addOrder('kurztext');
}
else
{
$result = $this->NationModel->addOrder('engltext');
}
if($result->error == EXIT_SUCCESS)
{
if($this->get('ohnesperre'))
{
$result = $this->NationModel->loadWhere('sperre IS NULL');
}
else
{
$result = $this->NationModel->loadWhole();
}
}
$this->response($result, REST_Controller::HTTP_OK);
}
}
@@ -1,55 +0,0 @@
<?php
/**
* FH-Complete
*
* @package FHC-API
* @author FHC-Team
* @copyright Copyright (c) 2016, fhcomplete.org
* @license GPLv3
* @link http://fhcomplete.org
* @since Version 1.0
* @filesource
*/
// ------------------------------------------------------------------------
if(!defined('BASEPATH')) exit('No direct script access allowed');
class Studiengang extends APIv1_Controller
{
/**
* Course API constructor.
*/
public function __construct()
{
parent::__construct();
// Load model PersonModel
$this->load->model('lehre/studiengang_model', 'StudiengangModel');
// Load set the addonID of the model to let to check the permissions
$this->StudiengangModel->setAddonID($this->_getAddonID());
}
public function getAllForBewerbung()
{
$result = $this->StudiengangModel->getAllForBewerbung();
if(is_object($result) && $result->num_rows() > 0)
{
$payload = [
'success' => TRUE,
'message' => 'Courses found',
'data' => $result->result()
];
$httpstatus = REST_Controller::HTTP_OK;
}
else
{
$payload = [
'success' => FALSE,
'message' => 'No courses found'
];
$httpstatus = REST_Controller::HTTP_OK;
}
$this->response($payload, $httpstatus);
}
}
@@ -1,55 +0,0 @@
<?php
/**
* FH-Complete
*
* @package FHC-API
* @author FHC-Team
* @copyright Copyright (c) 2016, fhcomplete.org
* @license GPLv3
* @link http://fhcomplete.org
* @since Version 1.0
* @filesource
*/
// ------------------------------------------------------------------------
if(!defined('BASEPATH')) exit('No direct script access allowed');
class Studienplan extends APIv1_Controller
{
/**
* Course API constructor.
*/
public function __construct()
{
parent::__construct();
// Load model PersonModel
$this->load->model('lehre/studienplan_model', 'StudienplanModel');
// Load set the addonID of the model to let to check the permissions
$this->StudienplanModel->setAddonID($this->_getAddonID());
}
public function getStudienplaene()
{
$result = $this->StudienplanModel->getStudienplaene($this->get('studiengang_kz'));
if(is_object($result) && $result->num_rows() > 0)
{
$payload = [
'success' => TRUE,
'message' => 'Plan found',
'data' => $result->result()
];
$httpstatus = REST_Controller::HTTP_OK;
}
else
{
$payload = [
'success' => FALSE,
'message' => 'Plan not found'
];
$httpstatus = REST_Controller::HTTP_OK;
}
$this->response($payload, $httpstatus);
}
}
@@ -0,0 +1,50 @@
<?php
/**
* FH-Complete
*
* @package FHC-API
* @author FHC-Team
* @copyright Copyright (c) 2016, fhcomplete.org
* @license GPLv3
* @link http://fhcomplete.org
* @since Version 1.0
* @filesource
*/
// ------------------------------------------------------------------------
if(!defined('BASEPATH')) exit('No direct script access allowed');
class Studienplan extends APIv1_Controller
{
/**
* Course API constructor.
*/
public function __construct()
{
parent::__construct();
// Load model PersonModel
$this->load->model('organisation/studienplan_model', 'StudienplanModel');
// Load set the uid of the model to let to check the permissions
$this->StudienplanModel->setUID($this->_getUID());
}
public function getStudienplaene()
{
$studiengang_kz = $this->get('studiengang_kz');
if(isset($studiengang_kz))
{
$result = $this->StudienplanModel->addJoin('lehre.tbl_studienordnung', 'studienordnung_id');
if($result->error == EXIT_SUCCESS)
{
$result = $this->StudienplanModel->loadWhere(array('studiengang_kz' => $this->get('studiengang_kz')));
}
$this->response($result, REST_Controller::HTTP_OK);
}
else
{
$this->response();
}
}
}
+264 -90
View File
@@ -24,8 +24,8 @@ class Person extends APIv1_Controller
parent::__construct();
// Load model PersonModel
$this->load->model('person/person_model', 'PersonModel');
// Load set the addonID of the model to let to check the permissions
$this->PersonModel->setAddonID($this->_getAddonID());
// Load set the uid of the model to let to check the permissions
$this->PersonModel->setUID($this->_getUID());
}
/**
@@ -36,28 +36,32 @@ class Person extends APIv1_Controller
$personID = $this->get('person_id');
$code = $this->get('code');
$email = $this->get('email');
$result = $this->PersonModel->getPerson($personID, $code, $email);
if(is_object($result) && $result->num_rows() > 0)
if(isset($code) || isset($email) || isset($personID))
{
$payload = [
'success' => TRUE,
'message' => 'Person found',
'data' => $result->result()
];
$httpstatus = REST_Controller::HTTP_OK;
if(isset($code) && isset($email))
{
$result = $this->PersonModel->addJoin('public.tbl_kontakt', 'person_id');
if($result->error == EXIT_SUCCESS)
{
$result = $this->PersonModel->loadWhere(array('zugangscode' => $code, 'kontakt' => $email));
}
}
elseif(isset($code))
{
$result = $this->PersonModel->loadWhere(array('zugangscode' => $code));
}
else
{
$result = $this->PersonModel->load($personID);
}
$this->response($result, REST_Controller::HTTP_OK);
}
else
{
$payload = [
'success' => FALSE,
'message' => 'Person not found'
];
$httpstatus = REST_Controller::HTTP_OK;
$this->response();
}
$this->response($payload, $httpstatus);
}
/**
@@ -65,93 +69,263 @@ class Person extends APIv1_Controller
*/
public function postPerson()
{
$result = $this->PersonModel->savePerson($this->post());
if($result === TRUE)
if($this->_validate($this->post()))
{
$httpstatus = REST_Controller::HTTP_OK;
$payload = [
'success' => true,
'message' => 'Person saved.'
];
$payload['data'] = $result;
if(isset($this->post()['person_id']))
{
$result = $this->PersonModel->update($this->post()['person_id'], $this->post());
}
else
{
$result = $this->PersonModel->insert($this->post());
}
$this->response($result, REST_Controller::HTTP_OK);
}
else
{
$payload = [
'success' => false,
'message' => 'Could not save person.'
];
$httpstatus = REST_Controller::HTTP_OK;
$this->response();
}
$this->response($payload, $httpstatus);
}
/**
*
*/
public function postPrestudent()
{
$result = $this->PersonModel->savePrestudent($this->post());
if($result === TRUE)
{
$httpstatus = REST_Controller::HTTP_OK;
$payload = [
'success' => true,
'message' => 'Interested student saved.'
];
}
else
{
$payload = [
'success' => false,
'message' => 'Could not save interested student.'
];
$httpstatus = REST_Controller::HTTP_OK;
}
$this->response($payload, $httpstatus);
}
/**
* @return void
*/
public function getCheckBewerbung()
{
$result = $this->PersonModel->checkBewerbung($this->get("email"), $this->get("studiensemester_kurzbz"));
$httpstatus = REST_Controller::HTTP_OK;
$payload = [
'success' => true,
'message' => 'Bewerbung exists.'
];
$payload['data'] = $result;
$this->response($payload, $httpstatus);
}
/**
* @return void
*/
public function getCheckZugangscodePerson()
{
$result = $this->PersonModel->checkZugangscodePerson($this->get("code"));
$httpstatus = REST_Controller::HTTP_OK;
if(!empty($result))
$email = $this->get('email');
$studiensemester_kurzbz = $this->get('studiensemester_kurzbz');
if(isset($email))
{
$payload = [
'success' => true,
'message' => 'Zugangscode exists.'
];
$payload['data'] = $result;
$result = $this->PersonModel->checkBewerbung($email, $studiensemester_kurzbz);
$this->response($result, REST_Controller::HTTP_OK);
}
else
{
$payload = [
'success' => false,
'message' => 'Zugangscode does not exist.'
];
$httpstatus = REST_Controller::HTTP_OK;
$this->response();
}
}
private function _validate($person = NULL)
{
if(!isset($person))
{
return false;
}
$person['nachname'] = trim($person['nachname']);
$person['vorname'] = trim($person['vorname']);
$person['vornamen'] = trim($person['vornamen']);
$person['anrede'] = trim($person['anrede']);
$person['titelpost'] = trim($person['titelpost']);
$person['titelpre'] = trim($person['titelpre']);
if(mb_strlen($person['sprache']) > 16)
{
//$this->errormsg = 'Sprache darf nicht laenger als 16 Zeichen sein';
return false;
}
if(mb_strlen($person['anrede']) > 16)
{
//$this->errormsg = 'Anrede darf nicht laenger als 16 Zeichen sein';
return false;
}
if(mb_strlen($person['titelpost']) > 32)
{
//$this->errormsg = 'Titelpost darf nicht laenger als 32 Zeichen sein';
return false;
}
if(mb_strlen($person['titelpre']) > 64)
{
//$this->errormsg = 'Titelpre darf nicht laenger als 64 Zeichen sein';
return false;
}
if(mb_strlen($person['nachname']) > 64)
{
//$this->errormsg = 'Nachname darf nicht laenger als 64 Zeichen sein';
return false;
}
if($person['nachname'] == '' || is_null($person['nachname']))
{
//$this->errormsg = 'Nachname muss eingegeben werden';
return false;
}
$this->response($payload, $httpstatus);
if(mb_strlen($person['vorname']) > 32)
{
//$this->errormsg = 'Vorname darf nicht laenger als 32 Zeichen sein';
return false;
}
if(mb_strlen($person['vornamen']) > 128)
{
//$this->errormsg = 'Vornamen darf nicht laenger als 128 Zeichen sein';
return false;
}
//ToDo Gebdatum pruefen -> laut bis muss student aelter als 10 Jahre sein
/* if (strlen($person['gebdatum) == 0 || is_null($person['gebdatum))
{
//$this->errormsg = "Geburtsdatum muss eingegeben werden\n";
return false;
} */
if(mb_strlen($person['gebort']) > 128)
{
//$this->errormsg = 'Geburtsort darf nicht laenger als 128 Zeichen sein';
return false;
}
if(mb_strlen($person['homepage']) > 256)
{
//$this->errormsg = 'Homepage darf nicht laenger als 256 Zeichen sein';
return false;
}
if(mb_strlen($person['svnr']) > 16)
{
//$this->errormsg = 'SVNR darf nicht laenger als 16 Zeichen sein';
return false;
}
if(mb_strlen($person['matr_nr']) > 32)
{
//$this->errormsg = 'Matrikelnummer darf nicht laenger als 32 Zeichen sein';
return false;
}
if($person['svnr'] != '' && mb_strlen($person['svnr']) != 16 && mb_strlen($person['svnr']) != 10)
{
//$this->errormsg = 'SVNR muss 10 oder 16 Zeichen lang sein';
return false;
}
if($person['svnr'] != '' && mb_strlen($person['svnr']) == 10)
{
//SVNR mit Pruefziffer pruefen
//Die 4. Stelle in der SVNR ist die Pruefziffer
//(Summe von (gewichtung[i]*svnr[i])) modulo 11 ergibt diese Pruefziffer
//Falls nicht, ist die SVNR ungueltig
$gewichtung = array(3, 7, 9, 0, 5, 8, 4, 2, 1, 6);
$erg = 0;
//Quersumme bilden
for($i = 0; $i < 10; $i++)
{
$erg += $gewichtung[$i] * $person['svnr']{$i};
}
if($person['svnr']{3} != ($erg % 11)) //Vergleichen der Pruefziffer mit Quersumme Modulo 11
{
//$this->errormsg = 'SVNR ist ungueltig';
return false;
}
}
if($person['svnr'] != '')
{
//Pruefen ob bereits ein Eintrag mit dieser SVNR vorhanden ist
$qry = "SELECT person_id FROM public.tbl_person WHERE svnr=" . $person['svnr'];
if(db_query($qry))
{
if($row = db_fetch_object())
{
if($row->person_id != $person['person_id'])
{
//$this->errormsg = 'Es existiert bereits eine Person mit dieser SVNR! Daten wurden NICHT gepeichert.';
return false;
}
}
}
}
if(mb_strlen($person['ersatzkennzeichen']) > 10)
{
//$this->errormsg = 'Ersatzkennzeichen darf nicht laenger als 10 Zeichen sein';
return false;
}
if(mb_strlen($person['familienstand']) > 1)
{
//$this->errormsg = 'Familienstand ist ungueltig';
return false;
}
if($person['anzahlkinder'] != '' && !is_numeric($person['anzahlkinder']))
{
//$this->errormsg = 'Anzahl der Kinder ist ungueltig';
return false;
}
if($person['aktiv'] != "t" && $person['aktiv'] != "f")
{
//$this->errormsg = 'Aktiv ist ungueltig';
return false;
}
if(!isset($person['person_id']) && mb_strlen($person['insertvon']) > 32)
{
//$this->errormsg = 'Insertvon darf nicht laenger als 32 Zeichen sein';
return false;
}
if(mb_strlen($person['updatevon']) > 32)
{
//$this->errormsg = 'Updatevon darf nicht laenger als 32 Zeichen sein';
return false;
}
/*if($person['ext_id'] != '' && !is_numeric($person['ext_id']))
{
//$this->errormsg = 'Ext_ID ist keine gueltige Zahl';
return false;
}*/
if(mb_strlen($person['geschlecht']) > 1)
{
//$this->errormsg = 'Geschlecht darf nicht laenger als 1 Zeichen sein';
return false;
}
if(mb_strlen($person['geburtsnation']) > 3)
{
//$this->errormsg = 'Geburtsnation darf nicht laenger als 3 Zeichen sein';
return false;
}
if(mb_strlen($person['staatsbuergerschaft']) > 3)
{
//$this->errormsg = 'Staatsbuergerschaft darf nicht laenger als 3 Zeichen sein';
return false;
}
if($person['geschlecht'] != 'm' && $person['geschlecht'] != 'w' && $person['geschlecht'] != 'u')
{
//$this->errormsg = 'Geschlecht muss w, m oder u sein!';
return false;
}
//Pruefen ob das Geburtsdatum mit der SVNR uebereinstimmt.
if($person['svnr'] != '' && $person['gebdatum'] != '')
{
if(mb_ereg("([0-9]{1,2}).([0-9]{1,2}).([0-9]{4})", $person['gebdatum'], $regs))
{
//$day = sprintf('%02s',$regs[1]);
//$month = sprintf('%02s',$regs[2]);
//$year = mb_substr($regs[3],2,2);
}
elseif(mb_ereg("([0-9]{4})-([0-9]{2})-([0-9]{2})", $person['gebdatum'], $regs))
{
//$day = sprintf('%02s',$regs[3]);
//$month = sprintf('%02s',$regs[2]);
//$year = mb_substr($regs[1],2,2);
}
else
{
//$this->errormsg = 'Format des Geburtsdatums ist ungueltig';
return false;
}
/* das muss nicht immer so sein
$day_svnr = mb_substr($person['svnr, 4, 2);
$month_svnr = mb_substr($person['svnr, 6, 2);
$year_svnr = mb_substr($person['svnr, 8, 2);
if ($day_svnr!=$day || $month_svnr!=$month || $year_svnr!=$year)
{
//$this->errormsg = 'SVNR und Geburtsdatum passen nicht zusammen';
return false;
}
*/
}
return true;
}
}
}
+104 -29
View File
@@ -6,9 +6,6 @@ class DB_Model extends FHC_Model
protected $pk; // Name of the PrimaryKey for DB-Update, Load, ...
protected $acl; // Name of the PrimaryKey for DB-Update, Load, ...
// Addon ID, stored to let to check the permissions
private $_addonID;
function __construct($dbTable = null, $pk = null)
{
parent::__construct();
@@ -114,6 +111,7 @@ class DB_Model extends FHC_Model
if(is_null($this->pk))
return $this->_error(lang('fhc_'.FHC_NOPK), FHC_MODEL_ERROR);
// Check rights
if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->dbTable], 's'))
return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->dbTable], FHC_MODEL_ERROR);
@@ -129,16 +127,17 @@ class DB_Model extends FHC_Model
}
else
$result = $this->db->get_where($this->dbTable, array($this->pk => $id));
if ($result)
return $this->_success($result);
return $this->_success($result->result());
else
return $this->_error($this->db->error(), FHC_DB_ERROR);
}
/** ---------------------------------------------------------------
* Load data from DB-Table
* Load data from DB-Table with a where clause
*
* @return array
* @return array
*/
public function loadWhere($where = null)
{
@@ -156,10 +155,97 @@ class DB_Model extends FHC_Model
else
$result = $this->db->get_where($this->dbTable, $where);
if ($result)
return $this->_success($result);
return $this->_success($result->result());
else
return $this->_error($this->db->error(), FHC_DB_ERROR);
}
/** ---------------------------------------------------------------
* Load single data from DB-Table
*
* @param string $id ID (Primary Key) for SELECT ... WHERE
* @return array
*/
public function loadWhole()
{
// Check Class-Attributes
if(is_null($this->dbTable))
return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR);
if(is_null($this->pk))
return $this->_error(lang('fhc_'.FHC_NOPK), FHC_MODEL_ERROR);
// Check rights
if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->dbTable], 's'))
return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->dbTable], FHC_MODEL_ERROR);
// DB-SELECT
$result = $this->db->get($this->dbTable);
if ($result)
return $this->_success($result->result());
else
return $this->_error($this->db->error(), FHC_DB_ERROR);
}
/** ---------------------------------------------------------------
* Add a table to join with
*
* @return void
*/
public function addJoin($joinTable = null, $cond = null, $type = '')
{
// Check parameters
if(is_null($joinTable) || is_null($cond) || !in_array($type, array('', 'LEFT', 'RIGHT', 'OUTER', 'INNER', 'LEFT OUTER', 'RIGHT OUTER')))
return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR);
// Check rights for joined table
if (! $this->fhc_db_acl->isBerechtigt($this->acl[$joinTable], 's'))
return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$joinTable], FHC_MODEL_ERROR);
$this->db->join($joinTable, $cond, $type);
return $this->_success(TRUE);
}
/** ---------------------------------------------------------------
* Add order clause
*
* @return void
*/
public function addOrder($field = null, $type = 'ASC')
{
// Check Class-Attributes and parameters
if(is_null($field) || !in_array($type, array('ASC', 'DESC')))
return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR);
$this->db->order_by($field, $type);
return $this->_success(TRUE);
}
/** ---------------------------------------------------------------
* Add limit clause
*
* @return void
*/
public function addLimit($start = null, $end = null)
{
// Check Class-Attributes and parameters
if(!is_numeric($start) || (is_numeric($start) && $start <= 0))
return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR);
if(is_numeric($end) && $end > $start)
{
$this->db->limit($start, $end);
}
else
{
$this->db->limit($start);
}
return $this->_success(TRUE);
}
/** ---------------------------------------------------------------
* Delete data from DB-Table
@@ -195,6 +281,16 @@ class DB_Model extends FHC_Model
else
return $this->_error($this->db->error(), FHC_DB_ERROR);
}
/** ---------------------------------------------------------------
* Reset the query builder state
*
* @return void
*/
public function resetQuery()
{
$this->db->reset_query();
}
/** ---------------------------------------------------------------
* Convert PG-Boolean to PHP-Boolean
@@ -296,25 +392,4 @@ class DB_Model extends FHC_Model
'msg' => lang('fhc_' . $error)
);
}
/**
* Method setAddonID
*
* @param $addonID
* @return void
*/
public function setAddonID($addonID)
{
$this->_addonID = $addonID;
}
/**
* Method getAddonID
*
* @return string _addonID
*/
public function getAddonID()
{
return $this->_addonID;
}
}
}
+3 -2
View File
@@ -4,7 +4,7 @@ if (! defined('BASEPATH'))
class FHC_Model extends CI_Model
{
function __construct($uid = null)
function __construct()
{
parent::__construct();
$this->load->helper('language');
@@ -15,6 +15,7 @@ class FHC_Model extends CI_Model
else
$uid = null;
$this->load->library('FHC_DB_ACL', array('uid' => $uid));
//$this->load->library('FHC_DB_ACL');
}
/** ---------------------------------------------------------------
@@ -27,7 +28,7 @@ class FHC_Model extends CI_Model
{
return $this->fhc_db_acl->setUID($uid);
}
/** ---------------------------------------------------------------
* Success
*
-12
View File
@@ -1,12 +0,0 @@
<?php
//require_once(FCPATH.'include/benutzerberechtigung.class.php');
function isAllowed($uid, $berechtigung_kurzbz, $art = NULL, $oe_kurzbz = NULL, $kostenstelle_id = NULL)
{
/*$bb = benutzerberechtigung();
$bb->getBerechtigungen($uid);
return $bb->isBerechtigt($berechtigung_kurzbz, $art, $oe_kurzbz, $kostenstelle_id);*/
return TRUE;
}
+6 -3
View File
@@ -10,7 +10,9 @@
* @since Version 1.0.0
* @filesource
*/
defined('FCPATH') OR exit('No direct script access allowed');
if (! defined('FCPATH'))
exit('No direct script access allowed');
require_once(FCPATH.'include/basis_db.class.php');
require_once(FCPATH.'include/organisationseinheit.class.php');
require_once(FCPATH.'include/studiengang.class.php');
@@ -43,10 +45,11 @@ class FHC_DB_ACL
* @param string $password
* @return bool
*/
function __construct($param)
function __construct($param = null)
{
$this->bb = new benutzerberechtigung();
$this->_uid = $param['uid'];
if (is_array($param) && isset($param['uid']))
$this->_uid = $param['uid'];
}
function isBerechtigt($berechtigung_kurzbz, $art=null, $oe_kurzbz=null, $kostenstelle_id=null)
+9 -11
View File
@@ -355,7 +355,7 @@ abstract class REST_Controller extends CI_Controller {
/**
*
*/
protected $_addonID = NULL;
protected $_uid = NULL;
/**
* Extend this function to apply additional checking early on in the process
@@ -727,7 +727,6 @@ abstract class REST_Controller extends CI_Controller {
// Set the output as NULL by default
$output = NULL;
// If data is NULL and no HTTP status code provided, then display, error and exit
if ($data === NULL && $http_code === NULL)
{
@@ -743,7 +742,7 @@ abstract class REST_Controller extends CI_Controller {
// Set the format header
$this->output->set_content_type($this->_supported_formats[$this->response->format], strtolower($this->config->item('charset')));
$output = $this->format->factory($data)->{'to_' . $this->response->format}();
// An array must be parsed as a string, so as not to cause an array to string error
// Json is the most appropriate form for such a datatype
if ($this->response->format === 'array')
@@ -758,7 +757,6 @@ abstract class REST_Controller extends CI_Controller {
{
$data = $this->format->factory($data)->{'to_json'}();
}
// Format is not supported, so output the raw data as a string
$output = $data;
}
@@ -1911,20 +1909,20 @@ abstract class REST_Controller extends CI_Controller {
/**
* TO BE COMMENTED
*/
private function _setAddonID($username)
private function _setUID($username)
{
if(!isset($this->_addonID) && isset($username))
if(!isset($this->_uid) && isset($username))
{
$this->_addonID = $username;
$this->_uid = $username;
}
}
/**
* @return int ID of the authenticated addon
* @return int ID of the authenticated caller
*/
protected function _getAddonID()
protected function _getUID()
{
return $this->_addonID;
return $this->_uid;
}
/**
@@ -1968,7 +1966,7 @@ abstract class REST_Controller extends CI_Controller {
}
else // If logged
{
$this->_setAddonID($username);
$this->_setUID($username);
}
}
+3 -62
View File
@@ -1,11 +1,9 @@
<?php
class Nation_model extends DB_Model
{
protected $_bundeslandQuery = "SELECT * FROM bis.tbl_bundesland";
/**
* Constructor
*
*/
public function __construct()
{
@@ -13,61 +11,4 @@ class Nation_model extends DB_Model
$this->dbTable = 'bis.tbl_nation';
$this->pk = 'nation_code';
}
/**
*
*/
public function getAll($notLocked = FALSE, $orderEnglish = FALSE)
{
$result = NULL;
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->getAddonID(), 'nation'))
{
$result = $this->db->query($this->_getNationQuery($notLocked, $orderEnglish));
}
return $result;
}
/**
*
*/
protected function _getNationQuery($notLocked = FALSE, $orderEnglish = FALSE)
{
$qry = "SELECT * FROM bis.tbl_nation";
if($notLocked)
{
$qry .= " WHERE sperre IS NULL";
}
if(!$orderEnglish)
{
$qry .= " ORDER BY kurztext";
}
else
{
$qry .= " ORDER BY engltext";
}
return $qry;
}
/**
*
*/
public function getBundesland()
{
$result = NULL;
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->getAddonID(), 'nation'))
{
$result = $this->db->query($this->_bundeslandQuery);
}
return $result;
}
}
}
+2 -3
View File
@@ -1,7 +1,6 @@
<?php
class Zgvgruppe_model extends DB_Model
{
/**
* Constructor
*/
@@ -9,6 +8,6 @@ class Zgvgruppe_model extends DB_Model
{
parent::__construct();
$this->dbTable = 'bis.tbl_zgvgruppe';
$this->pk = ;
$this->pk = '';
}
}
}
@@ -1,7 +1,6 @@
<?php
class Organisationseinheit_model extends DB_Model
{
/**
* Constructor
*/
@@ -11,4 +10,4 @@ class Organisationseinheit_model extends DB_Model
$this->dbTable = 'public.tbl_organisationseinheit';
$this->pk = 'oe_kurzbz';
}
}
}
@@ -1,10 +1,8 @@
<?php
class Studiengang_model extends DB_Model
{
/**
* Constructor
*
*/
public function __construct()
{
@@ -18,7 +16,13 @@ class Studiengang_model extends DB_Model
*/
public function getAllForBewerbung()
{
$result = NULL;
// Checks if the operation is permitted by the API caller
if (! $this->fhc_db_acl->isBerechtigt($this->acl['lehre.vw_studienplan'], 's'))
return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['lehre.vw_studienplan'], FHC_MODEL_ERROR);
if (! $this->fhc_db_acl->isBerechtigt($this->acl['bis.tbl_lgartcode'], 's'))
return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['bis.tbl_lgartcode'], FHC_MODEL_ERROR);
$allForBewerbungQuery = "SELECT DISTINCT studiengang_kz,
typ,
organisationseinheittyp_kurzbz,
@@ -32,13 +36,8 @@ class Studiengang_model extends DB_Model
AND aktiv IS TRUE
ORDER BY typ, studiengangbezeichnung, tbl_lgartcode.bezeichnung ASC";
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->getAddonID(), 'course'))
{
$result = $this->db->query($allForBewerbungQuery);
}
$result = $this->db->query($allForBewerbungQuery);
return $result;
return $this->_success($result->result());
}
}
}
@@ -11,24 +11,4 @@ class Studienplan_model extends DB_Model
$this->dbTable = 'lehre.tbl_studienplan';
$this->pk = 'studienplan_id';
}
/**
*
*/
public function getStudienplaene($studiengang_kz)
{
$result = NULL;
$studienplaeneQuery = "SELECT DISTINCT tbl_studienplan.*
FROM lehre.tbl_studienplan JOIN lehre.tbl_studienordnung USING(studienordnung_id)
WHERE tbl_studienordnung.studiengang_kz = ?";
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->getAddonID(), 'plan'))
{
$result = $this->db->query($studienplaeneQuery, array($studiengang_kz));
}
return $result;
}
}
}
+47 -805
View File
@@ -8,822 +8,64 @@ class Person_model extends DB_Model
public function __construct()
{
parent::__construct();
$this->dbTable = 'public.tbl_person';
$this->pk = 'person_id';
}
/**
*
*/
public function getPerson($personId = NULL, $code = NULL, $email = NULL)
{
$result = NULL;
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
/*if(isAllowed($this->getAddonID(), 'person'))
{*/
if((isset($code)) && (isset($email)))
{
$result = $this->_getPersonByCodeAndEmail($code, $email);
}
elseif(isset($code))
{
$result = $this->_getPersonByCode($code);
}
else
{
$result = $this->_getPersonByID($personId);
}
//}
return $result;
}
/**
* @param int $personId Person ID
* @return object
*/
private function _getPersonByID($personId = NULL)
{
$result = NULL;
$loadQuery = "SELECT person_id,
sprache,
anrede,
titelpost,
titelpre,
nachname,
vorname,
vornamen,
gebdatum,
gebort,
gebzeit,
foto,
anmerkung,
homepage,
svnr,
ersatzkennzeichen,
familienstand,
anzahlkinder,
aktiv,
insertamum,
insertvon,
updateamum,
updatevon,
ext_id,
geschlecht,
staatsbuergerschaft,
geburtsnation,
kurzbeschreibung,
zugangscode,
foto_sperre,
matr_nr
FROM public.tbl_person
WHERE person_id = ?";
if(isset($personId))
{
$result = $this->db->query($loadQuery, array($personId));
}
return $result;
}
/**
*
*/
private function _getPersonByCodeAndEmail($code = NULL, $email = NULL)
{
$result = NULL;
$query = "SELECT *
FROM public.tbl_person p JOIN public.tbl_kontakt k USING (person_id)
WHERE p.zugangscode = ?
AND k.kontakt = ?";
if((isset($code)) && (isset($email)))
{
$result = $this->db->query($query, array($code, $email));
}
return $result;
}
/**
*
*/
private function _getPersonByCode($code = NULL)
{
$result = NULL;
$query = "SELECT *
FROM public.tbl_person p
WHERE p.zugangscode = ?";
if(isset($code))
{
$result = $this->db->query($query, array($code));
}
return $result;
}
/**
*
*/
public function savePerson($person = NULL)
{
$result = FALSE;
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->getAddonID(), 'person'))
{
if($this->_validate($person))
{
if(isset($person['person_id']))
{
$result = $this->_updatePerson($person);
}
else
{
$result = $this->_insertPerson($person);
}
}
}
return $result;
}
/**
*
*/
private function _insertPerson($person)
{
$this->db->trans_begin(); // Start DB transaction
$insertQuery = "INSERT INTO public.tbl_person (
sprache,
anrede,
titelpost,
titelpre,
nachname,
vorname,
vornamen,
gebdatum,
gebort,
gebzeit,
foto,
anmerkung,
homepage,
svnr,
ersatzkennzeichen,
familienstand,
anzahlkinder,
aktiv,
insertamum,
insertvon,
updateamum,
updatevon,
geschlecht,
geburtsnation,
staatsbuergerschaft,
kurzbeschreibung,
zugangscode,
foto_sperre,
matr_nr
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?, ?, ?, ?, ?, ?, ?, ?, ?)";
$sqlParametersArray = array($person['sprache'],
$person['anrede'],
$person['titelpost'],
$person['titelpre'],
$person['nachname'],
$person['vorname'],
$person['vornamen'],
$person['gebdatum'],
$person['gebort'],
$person['gebzeit'],
$person['foto'],
$person['anmerkung'],
$person['homepage'],
$person['svnr'],
$person['ersatzkennzeichen'],
$person['familienstand'],
$person['anzahlkinder'],
$person['aktiv'],
"now()",
$person['insertvon'],
"now()",
$person['updatevon'],
$person['geschlecht'],
$person['geburtsnation'],
$person['staatsbuergerschaft'],
$person['kurzbeschreibung'],
$person['zugangscode'],
$person['foto_sperre'],
$person['matr_nr']);
$result = $this->db->query($insertQuery, $sqlParametersArray);
// Check DB transaction result
if($this->db->trans_status() === FALSE)
{
$this->db->trans_rollback();
$result = FALSE;
}
else
{
$this->db->trans_commit();
$result = TRUE;
}
return $result;
}
/**
*
*/
private function _updatePerson($person)
{
$this->db->trans_begin(); // Start DB transaction
$updateQuery = "UPDATE public.tbl_person SET
sprache = ?,
anrede = ?,
titelpost = ?,
titelpre = ?,
nachname = ?,
vorname = ?,
vornamen = ?,
gebdatum = ?,
gebort = ?,
gebzeit = ?,
foto = ?,
anmerkung = ?,
homepage = ?,
svnr = ?,
ersatzkennzeichen = ?,
familienstand = ?,
anzahlkinder = ?,
aktiv = ?,
updateamum = ?,
updatevon = ?,
geschlecht = ?,
geburtsnation = ?,
staatsbuergerschaft = ?,
kurzbeschreibung = ?,
foto_sperre = ?,
zugangscode = ?,
matr_nr = ?
WHERE person_id = ?";
$sqlParametersArray = array($person['sprache'],
$person['anrede'],
$person['titelpost'],
$person['titelpre'],
$person['nachname'],
$person['vorname'],
$person['vornamen'],
$person['gebdatum'],
$person['gebort'],
$person['gebzeit'],
$person['foto'],
$person['anmerkung'],
$person['homepage'],
$person['svnr'],
$person['ersatzkennzeichen'],
$person['familienstand'],
$person['anzahlkinder'],
$person['aktiv'],
"now()",
$person['updatevon'],
$person['geschlecht'],
$person['geburtsnation'],
$person['staatsbuergerschaft'],
$person['kurzbeschreibung'],
$person['foto_sperre'],
$person['zugangscode'],
$person['matr_nr'],
$person['person_id']);
$result = $this->db->query($updateQuery, $sqlParametersArray);
// Check DB transaction result
if($this->db->trans_status() === FALSE)
{
$this->db->trans_rollback();
$result = FALSE;
}
else
{
$this->db->trans_commit();
$result = TRUE;
}
return $result;
}
/**
*
*/
public function savePrestudent($interestedStudent = NULL)
{
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->getAddonID(), 'person'))
{
return $this->_savePrestudent($interestedStudent);
}
}
/**
* Method saveInterestedStudent
*
* @return bool true when everything goes right, otherwise false
*/
private function _savePrestudent($interestedStudent = NULL)
{
if(!isset($interestedStudent))
{
return FALSE;
}
if($interestedStudent['zgvmas_code'] && $interestedStudent['zgvmanation'])
{
$interestedStudent['ausstellungsstaat'] = $interestedStudent['zgvmanation'];
}
elseif($interestedStudent['zgv_code'] && $interestedStudent['zgvnation'])
{
$interestedStudent['ausstellungsstaat'] = $interestedStudent['zgvnation'];
}
//Variablen auf Gueltigkeit pruefen
if(isset($interestedStudent['prestudent_id']) && $interestedStudent['punkte'] > 9999.9999)
{
//$this->errormsg = 'Reihungstestgesamtpunkte should be no bigger than 9999.9999';
return FALSE;
}
if($interestedStudent['rt_punkte1'] > 9999.9999)
{
//$this->errormsg = 'Reihungstestpunkte1 should be no bigger than 9999.9999';
return FALSE;
}
if($interestedStudent['rt_punkte2'] > 9999.9999)
{
//$this->errormsg = 'Reihungstestpunkte2 should be no bigger than 9999.9999';
return FALSE;
}
if($interestedStudent['rt_punkte3'] > 9999.9999)
{
//$this->errormsg = 'Reihungstestpunkte3 should be no bigger than 9999.9999';
return FALSE;
}
$this->db->trans_begin(); // Start DB transaction
// If prestudent_id is NOT set it's an insert
if(!isset($interestedStudent['prestudent_id']))
{
$insertQuery = "INSERT INTO public.tbl_prestudent (
aufmerksamdurch_kurzbz,
person_id,
studiengang_kz,
berufstaetigkeit_code,
ausbildungcode,
zgv_code,
zgvort,
zgvdatum,
zgvnation,
zgvmas_code,
zgvmaort,
zgvmadatum,
zgvmanation,
aufnahmeschluessel,
facheinschlberuf,
reihungstest_id,
anmeldungreihungstest,
reihungstestangetreten,
rt_gesamtpunkte,
rt_punkte1,
rt_punkte2,
rt_punkte3,
bismelden,
insertamum,
insertvon,
updateamum,
updatevon,
anmerkung,
dual,
ausstellungsstaat,
mentor
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$sqlParametersArray = array($interestedStudent['aufmerksamdurch_kurzbz'],
$interestedStudent['person_id'],
$interestedStudent['studiengang_kz'],
$interestedStudent['berufstaetigkeit_code'],
$interestedStudent['ausbildungcode'],
$interestedStudent['zgv_code'],
$interestedStudent['zgvort'],
$interestedStudent['zgvdatum'],
$interestedStudent['zgvnation'],
$interestedStudent['zgvmas_code'],
$interestedStudent['zgvmaort'],
$interestedStudent['zgvmadatum'],
$interestedStudent['zgvmanation'],
$interestedStudent['aufnahmeschluessel'],
$interestedStudent['facheinschlberuf'],
$interestedStudent['reihungstest_id'],
$interestedStudent['anmeldungreihungstest'],
$interestedStudent['reihungstestangetreten'],
$interestedStudent['rt_gesamtpunkte'],
$interestedStudent['rt_punkte1'],
$interestedStudent['rt_punkte2'],
$interestedStudent['rt_punkte3'],
$interestedStudent['bismelden'],
$interestedStudent['insertamum'],
$interestedStudent['insertvon'],
$interestedStudent['updateamum'],
$interestedStudent['updatevon'],
$interestedStudent['anmerkung'],
$interestedStudent['dual'],
$interestedStudent['ausstellungsstaat'],
$interestedStudent['mentor']);
$result = $this->db->query($insertQuery, $sqlParametersArray);
}
// otherwise it's an update
else
{
$updateQuery = "UPDATE public.tbl_prestudent SET
aufmerksamdurch_kurzbz = ?,
person_id = ?,
studiengang_kz = ?,
berufstaetigkeit_code = ?,
ausbildungcode = ?,
zgv_code = ?,
zgvort = ?,
zgvdatum = ?,
zgvnation = ?,
zgvmas_code = ?,
zgvmaort = ?,
zgvmadatum = ?,
zgvmanation = ?,
aufnahmeschluessel = ?,
facheinschlberuf = ?,
reihungstest_id = ?,
anmeldungreihungstest = ?,
reihungstestangetreten = ?,
rt_gesamtpunkte = ?,
rt_punkte1 = ?,
rt_punkte2 = ?,
rt_punkte3 = ?,
bismelden = ?,
updateamum = ?,
updatevon = ?,
anmerkung = ?,
mentor = ?,
dual = ?,
ausstellungsstaat = ?
WHERE prestudent_id = ?";
$sqlParametersArray = array($interestedStudent['aufmerksamdurch_kurzbz'],
$interestedStudent['person_id'],
$interestedStudent['studiengang_kz'],
$interestedStudent['berufstaetigkeit_code'],
$interestedStudent['ausbildungcode'],
$interestedStudent['zgv_code'],
$interestedStudent['zgvort'],
$interestedStudent['zgvdatum'],
$interestedStudent['zgvnation'],
$interestedStudent['zgvmas_code'],
$interestedStudent['zgvmaort'],
$interestedStudent['zgvmadatum'],
$interestedStudent['zgvmanation'],
$interestedStudent['aufnahmeschluessel'],
$interestedStudent['facheinschlberuf'],
$interestedStudent['reihungstest_id'],
$interestedStudent['anmeldungreihungstest'],
$interestedStudent['reihungstestangetreten'],
$interestedStudent['punkte'],
$interestedStudent['rt_punkte1'],
$interestedStudent['rt_punkte2'],
$interestedStudent['rt_punkte3'],
$interestedStudent['bismelden'],
$interestedStudent['updateamum'],
$interestedStudent['updatevon'],
$interestedStudent['anmerkung'],
$interestedStudent['mentor'],
$interestedStudent['dual'],
$interestedStudent['ausstellungsstaat'],
$interestedStudent['prestudent_id']);
$result = $this->db->query($updateQuery, $sqlParametersArray);
}
// Check DB transaction result
if($this->db->trans_status() === FALSE)
{
$this->db->trans_rollback();
$result = FALSE;
}
else
{
$this->db->trans_commit();
$result = TRUE;
}
return $result;
}
private function _validate($person = NULL)
{
if(!isset($person))
{
return false;
}
$person['nachname'] = trim($person['nachname']);
$person['vorname'] = trim($person['vorname']);
$person['vornamen'] = trim($person['vornamen']);
$person['anrede'] = trim($person['anrede']);
$person['titelpost'] = trim($person['titelpost']);
$person['titelpre'] = trim($person['titelpre']);
if(mb_strlen($person['sprache']) > 16)
{
//$this->errormsg = 'Sprache darf nicht laenger als 16 Zeichen sein';
return false;
}
if(mb_strlen($person['anrede']) > 16)
{
//$this->errormsg = 'Anrede darf nicht laenger als 16 Zeichen sein';
return false;
}
if(mb_strlen($person['titelpost']) > 32)
{
//$this->errormsg = 'Titelpost darf nicht laenger als 32 Zeichen sein';
return false;
}
if(mb_strlen($person['titelpre']) > 64)
{
//$this->errormsg = 'Titelpre darf nicht laenger als 64 Zeichen sein';
return false;
}
if(mb_strlen($person['nachname']) > 64)
{
//$this->errormsg = 'Nachname darf nicht laenger als 64 Zeichen sein';
return false;
}
if($person['nachname'] == '' || is_null($person['nachname']))
{
//$this->errormsg = 'Nachname muss eingegeben werden';
return false;
}
if(mb_strlen($person['vorname']) > 32)
{
//$this->errormsg = 'Vorname darf nicht laenger als 32 Zeichen sein';
return false;
}
if(mb_strlen($person['vornamen']) > 128)
{
//$this->errormsg = 'Vornamen darf nicht laenger als 128 Zeichen sein';
return false;
}
//ToDo Gebdatum pruefen -> laut bis muss student aelter als 10 Jahre sein
/* if (strlen($person['gebdatum) == 0 || is_null($person['gebdatum))
{
//$this->errormsg = "Geburtsdatum muss eingegeben werden\n";
return false;
} */
if(mb_strlen($person['gebort']) > 128)
{
//$this->errormsg = 'Geburtsort darf nicht laenger als 128 Zeichen sein';
return false;
}
if(mb_strlen($person['homepage']) > 256)
{
//$this->errormsg = 'Homepage darf nicht laenger als 256 Zeichen sein';
return false;
}
if(mb_strlen($person['svnr']) > 16)
{
//$this->errormsg = 'SVNR darf nicht laenger als 16 Zeichen sein';
return false;
}
if(mb_strlen($person['matr_nr']) > 32)
{
//$this->errormsg = 'Matrikelnummer darf nicht laenger als 32 Zeichen sein';
return false;
}
if($person['svnr'] != '' && mb_strlen($person['svnr']) != 16 && mb_strlen($person['svnr']) != 10)
{
//$this->errormsg = 'SVNR muss 10 oder 16 Zeichen lang sein';
return false;
}
if($person['svnr'] != '' && mb_strlen($person['svnr']) == 10)
{
//SVNR mit Pruefziffer pruefen
//Die 4. Stelle in der SVNR ist die Pruefziffer
//(Summe von (gewichtung[i]*svnr[i])) modulo 11 ergibt diese Pruefziffer
//Falls nicht, ist die SVNR ungueltig
$gewichtung = array(3, 7, 9, 0, 5, 8, 4, 2, 1, 6);
$erg = 0;
//Quersumme bilden
for($i = 0; $i < 10; $i++)
{
$erg += $gewichtung[$i] * $person['svnr']{$i};
}
if($person['svnr']{3} != ($erg % 11)) //Vergleichen der Pruefziffer mit Quersumme Modulo 11
{
//$this->errormsg = 'SVNR ist ungueltig';
return false;
}
}
if($person['svnr'] != '')
{
//Pruefen ob bereits ein Eintrag mit dieser SVNR vorhanden ist
$qry = "SELECT person_id FROM public.tbl_person WHERE svnr=" . $person['svnr'];
if(db_query($qry))
{
if($row = db_fetch_object())
{
if($row->person_id != $person['person_id'])
{
//$this->errormsg = 'Es existiert bereits eine Person mit dieser SVNR! Daten wurden NICHT gepeichert.';
return false;
}
}
}
}
if(mb_strlen($person['ersatzkennzeichen']) > 10)
{
//$this->errormsg = 'Ersatzkennzeichen darf nicht laenger als 10 Zeichen sein';
return false;
}
if(mb_strlen($person['familienstand']) > 1)
{
//$this->errormsg = 'Familienstand ist ungueltig';
return false;
}
if($person['anzahlkinder'] != '' && !is_numeric($person['anzahlkinder']))
{
//$this->errormsg = 'Anzahl der Kinder ist ungueltig';
return false;
}
if($person['aktiv'] != "t" && $person['aktiv'] != "f")
{
//$this->errormsg = 'Aktiv ist ungueltig';
return false;
}
if(!isset($person['person_id']) && mb_strlen($person['insertvon']) > 32)
{
//$this->errormsg = 'Insertvon darf nicht laenger als 32 Zeichen sein';
return false;
}
if(mb_strlen($person['updatevon']) > 32)
{
//$this->errormsg = 'Updatevon darf nicht laenger als 32 Zeichen sein';
return false;
}
/*if($person['ext_id'] != '' && !is_numeric($person['ext_id']))
{
//$this->errormsg = 'Ext_ID ist keine gueltige Zahl';
return false;
}*/
if(mb_strlen($person['geschlecht']) > 1)
{
//$this->errormsg = 'Geschlecht darf nicht laenger als 1 Zeichen sein';
return false;
}
if(mb_strlen($person['geburtsnation']) > 3)
{
//$this->errormsg = 'Geburtsnation darf nicht laenger als 3 Zeichen sein';
return false;
}
if(mb_strlen($person['staatsbuergerschaft']) > 3)
{
//$this->errormsg = 'Staatsbuergerschaft darf nicht laenger als 3 Zeichen sein';
return false;
}
if($person['geschlecht'] != 'm' && $person['geschlecht'] != 'w' && $person['geschlecht'] != 'u')
{
//$this->errormsg = 'Geschlecht muss w, m oder u sein!';
return false;
}
//Pruefen ob das Geburtsdatum mit der SVNR uebereinstimmt.
if($person['svnr'] != '' && $person['gebdatum'] != '')
{
if(mb_ereg("([0-9]{1,2}).([0-9]{1,2}).([0-9]{4})", $person['gebdatum'], $regs))
{
//$day = sprintf('%02s',$regs[1]);
//$month = sprintf('%02s',$regs[2]);
//$year = mb_substr($regs[3],2,2);
}
elseif(mb_ereg("([0-9]{4})-([0-9]{2})-([0-9]{2})", $person['gebdatum'], $regs))
{
//$day = sprintf('%02s',$regs[3]);
//$month = sprintf('%02s',$regs[2]);
//$year = mb_substr($regs[1],2,2);
}
else
{
//$this->errormsg = 'Format des Geburtsdatums ist ungueltig';
return false;
}
/* das muss nicht immer so sein
$day_svnr = mb_substr($person['svnr, 4, 2);
$month_svnr = mb_substr($person['svnr, 6, 2);
$year_svnr = mb_substr($person['svnr, 8, 2);
if ($day_svnr!=$day || $month_svnr!=$month || $year_svnr!=$year)
{
//$this->errormsg = 'SVNR und Geburtsdatum passen nicht zusammen';
return false;
}
*/
}
return true;
}
/**
* Laedt Personendaten eine BenutzerUID
* @param string $uid DB-Attr: tbl_benutzer.uid .
* @return bool
*/
public function getPersonFromBenutzerUID($uid)
{
if(!$this->fhc_db_acl->bb->isBerechtigt('person', 's'))
{
$this->db->select('tbl_person.*');
$this->db->from('public.tbl_person JOIN public.tbl_benutzer USING (person_id)');
$query = $this->db->get_where(null, array('uid' => $uid));
return $query->result_object();
}
}
/**
*
*/
public function checkBewerbung($email, $studiensemester_kurzbz = NULL)
{
$this->db->distinct();
// Checks if the operation is permitted by the API caller
if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_person'], 's'))
return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_person'], FHC_MODEL_ERROR);
if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_kontakt'], 's'))
return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_kontakt'], FHC_MODEL_ERROR);
if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_benutzer'], 's'))
return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_benutzer'], FHC_MODEL_ERROR);
if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_prestudent'], 's'))
return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_prestudent'], FHC_MODEL_ERROR);
if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_prestudentstatus'], 's'))
return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_prestudentstatus'], FHC_MODEL_ERROR);
$result = NULL;
if(is_null($studiensemester_kurzbz))
{
$this->db->select("p.person_id, p.zugangscode, p.insertamum")
->from("public.tbl_person p")
->join("public.tbl_kontakt k", "p.person_id=k.person_id")
->join("public.tbl_benutzer b", "p.person_id=b.person_id", "left")
->where("k.kontakttyp", 'email')
->where("(kontakt='" . $email . "'" .
" OR alias ||'@technikum-wien.at'='" . $email . "'" .
" OR uid ||'@technikum-wien.at'='" . $email . "')")
->order_by("p.insertamum", "DESC")
->limit(1)
;
$checkBewerbungQuery = "SELECT DISTINCT p.person_id, p.zugangscode, p.insertamum
FROM public.tbl_person p JOIN public.tbl_kontakt k ON p.person_id = k.person_id
LEFT JOIN public.tbl_benutzer b ON p.person_id = b.person_id
WHERE k.kontakttyp = 'email'
AND (kontakt = ? OR alias || '@technikum-wien.at' = ? OR uid || '@technikum-wien.at' = ?)
ORDER BY p.insertamum DESC
LIMIT 1";
$result = $this->db->query($checkBewerbungQuery, array($email, $email, $email));
}
else
{
$this->db->select("p.person_id,p.zugangscode,p.insertamum")
->from("public.tbl_person p")
->join("public.tbl_kontakt k", "p.person_id=k.person_id")
->join("public.tbl_benutzer b", "p.person_id=b.person_id", "left")
->join("public.tbl_prestudent ps", "p.person_id=ps.person_id")
->join("public.tbl_prestudentstatus pst", "pst.prestudent_id=ps.prestudent_id")
->where("k.kontakttyp", 'email')
->where("(kontakt='" . $email . "'" .
" OR alias ||'@technikum-wien.at'='" . $email . "'" .
" OR uid ||'@technikum-wien.at'='" . $email . "')")
->where("studiensemester_kurzbz='" . $studiensemester_kurzbz . "'")
->order_by("p.insertamum", "DESC")
->limit(1)
;
$checkBewerbungQuery = "SELECT DISTINCT p.person_id, p.zugangscode, p.insertamum
FROM public.tbl_person p JOIN public.tbl_kontakt k ON p.person_id = k.person_id
LEFT JOIN public.tbl_benutzer b ON p.person_id = b.person_id
JOIN public.tbl_prestudent ps ON p.person_id = ps.person_id
JOIN public.tbl_prestudentstatus pst ON pst.prestudent_id = ps.prestudent_id
WHERE k.kontakttyp = 'email'
AND (kontakt = ? OR alias || '@technikum-wien.at' = ? OR uid || '@technikum-wien.at' = ?)
AND studiensemester_kurzbz = ?
ORDER BY p.insertamum DESC
LIMIT 1";
$result = $this->db->query($checkBewerbungQuery, array($email, $email, $email, $studiensemester_kurzbz));
}
return $this->db->get()->result_array();
if(is_object($result))
return $this->_success($result->result());
else
return $this->_error($this->db->error(), FHC_DB_ERROR);
}
/**
*
*/
public function checkZugangscodePerson($code)
{
$this->db->select("p.person_id")
->from("public.tbl_person p")
->where("p.zugangscode", $code);
return $this->db->get()->result_array();
}
}
}
+1 -1
View File
@@ -9,6 +9,6 @@ class Server_model extends DB_Model
{
parent::__construct();
$this->dbTable = 'system.tbl_server';
$this->pk = ;
$this->pk = '';
}
}
@@ -9,6 +9,6 @@ class Kriterien_model extends DB_Model
{
parent::__construct();
$this->dbTable = 'testtool.tbl_kriterien';
$this->pk = ;
$this->pk = '';
}
}
+8 -4
View File
@@ -56,10 +56,14 @@ sudo -u postgres createdb -O fhcomplete fhctest
echo "Installing FH-Complete..."
# cp index.ci.php index.php # Maybe somtimes
cp config/global.config-default.inc.php config/global.config.inc.php
cp config/cis.config-default.inc.php config/cis.config.inc.php
cp config/vilesci.config-default.inc.php config/vilesci.config.inc.php
cp config/system.config-default.inc.php config/system.config.inc.php
if [ "$1" != "-no-copy-config" ]; then
cp config/global.config-default.inc.php config/global.config.inc.php
cp config/cis.config-default.inc.php config/cis.config.inc.php
cp config/vilesci.config-default.inc.php config/vilesci.config.inc.php
cp config/system.config-default.inc.php config/system.config.inc.php
fi
# mkdir documents
#chown www-data data/cache
@@ -1,12 +0,0 @@
<?php
$I = new ApiTester($scenario);
$I->wantTo('Test API call v1/lehre/studiengang/AllForBewerbung');
$I->amHttpAuthenticated("admin", "1q2w3");
$I->haveHttpHeader('FHC-API-KEY', 'testapikey@fhcomplete.org');
$I->sendGET('v1/lehre/studiengang/AllForBewerbung');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$I->seeResponseContainsJson([
'success' => TRUE,
'message' => 'Courses found']);
+3 -12
View File
@@ -1,19 +1,10 @@
<?php
$I = new ApiTester($scenario);
$I->wantTo('Test API call v1/nation All and FederalState');
$I->wantTo('Test API call v1/codex/nation All and FederalState');
$I->amHttpAuthenticated("admin", "1q2w3");
$I->haveHttpHeader('FHC-API-KEY', 'testapikey@fhcomplete.org');
$I->sendGET('v1/nation/All');
$I->sendGET('v1/codex/nation/All');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$I->seeResponseContainsJson([
'success' => TRUE,
'message' => 'Nation found']);
$I->sendGET('v1/nation/Bundesland');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$I->seeResponseContainsJson([
'success' => TRUE,
'message' => 'Bundesland found']);
$I->seeResponseContainsJson(['error' => 0]);
@@ -25,8 +25,8 @@ $I->sendGET('v1/person/person/Person', array('code' => '12345'));
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$I->seeResponseContainsJson([
'success' => false,
'message' => 'Person not found']);
'error' => 0,
'retval' => array()]);
$I->sendGET('v1/person/person/Person', array('code' => '01234567C', 'email' => 'harvey.joshuah@calva.dev'));
$I->seeResponseCodeIs(200);
@@ -1,12 +0,0 @@
<?php
$I = new ApiTester($scenario);
$I->wantTo('Test API call v1/lehre/studienplan/Studienplaene');
$I->amHttpAuthenticated("admin", "1q2w3");
$I->haveHttpHeader('FHC-API-KEY', 'testapikey@fhcomplete.org');
$I->sendGET('v1/lehre/studienplan/Studienplaene', array('studiengang_kz' => 1));
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$I->seeResponseContainsJson([
'success' => TRUE,
'message' => 'Plan found']);
@@ -0,0 +1,10 @@
<?php
$I = new ApiTester($scenario);
$I->wantTo('Test API call v1/organisation/studiengang/AllForBewerbung');
$I->amHttpAuthenticated("admin", "1q2w3");
$I->haveHttpHeader('FHC-API-KEY', 'testapikey@fhcomplete.org');
$I->sendGET('v1/organisation/studiengang/AllForBewerbung');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$I->seeResponseContainsJson(['error' => 0]);
@@ -0,0 +1,10 @@
<?php
$I = new ApiTester($scenario);
$I->wantTo('Test API call v1/organisation/studienplan/Studienplaene');
$I->amHttpAuthenticated("admin", "1q2w3");
$I->haveHttpHeader('FHC-API-KEY', 'testapikey@fhcomplete.org');
$I->sendGET('v1/organisation/studienplan/Studienplaene', array('studiengang_kz' => 1));
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$I->seeResponseContainsJson(['error' => 0]);