From 6d093dc4ed1980315686c3e730d77c7086267af4 Mon Sep 17 00:00:00 2001 From: paolo Date: Mon, 9 May 2016 18:19:58 +0200 Subject: [PATCH 1/2] - DB_Model added new functionalities - Codeception changed - Studiengang_model fixed message error - Removed File and File_model, they will be replaced by Dms and Dms_model - Added new permissions in fhcomplete config file --- application/config/fhcomplete.php | 3 ++ application/controllers/api/v1/File.php | 45 ------------------- application/core/DB_Model.php | 23 ++++++++++ application/models/File_model.php | 42 ----------------- .../models/organisation/Studiengang_model.php | 2 +- tests/codeception/tests/api/v1/CourseCept.php | 12 ----- tests/codeception/tests/api/v1/NationCept.php | 15 ++----- tests/codeception/tests/api/v1/PersonCept.php | 4 +- tests/codeception/tests/api/v1/PlanCept.php | 12 ----- .../tests/api/v1/StudiengangCept.php | 10 +++++ .../tests/api/v1/StudienplanCept.php | 10 +++++ 11 files changed, 52 insertions(+), 126 deletions(-) delete mode 100644 application/controllers/api/v1/File.php delete mode 100644 application/models/File_model.php delete mode 100644 tests/codeception/tests/api/v1/CourseCept.php delete mode 100644 tests/codeception/tests/api/v1/PlanCept.php create mode 100644 tests/codeception/tests/api/v1/StudiengangCept.php create mode 100644 tests/codeception/tests/api/v1/StudienplanCept.php diff --git a/application/config/fhcomplete.php b/application/config/fhcomplete.php index 37bb2a457..6479a3863 100644 --- a/application/config/fhcomplete.php +++ b/application/config/fhcomplete.php @@ -9,6 +9,9 @@ $config['fhc_acl'] = array 'bis.tbl_nation' => 'basis/nation', 'bis.tbl_lgartcode' => 'basis/lgartcode', + 'campus.tbl_dms' => 'basis/tbl_dms', + 'campus.tbl_dms_version' => 'basis/tbl_dms_version', + 'lehre.tbl_studienplan' => 'basis/studienplan', 'lehre.tbl_studienordnung' => 'basis/studienordnung', 'lehre.vw_studienplan' => 'basis/vw_studienplan', diff --git a/application/controllers/api/v1/File.php b/application/controllers/api/v1/File.php deleted file mode 100644 index 6ae23d3a5..000000000 --- a/application/controllers/api/v1/File.php +++ /dev/null @@ -1,45 +0,0 @@ -load->model('file_model', 'FileModel'); - // Load set the uid of the model to let to check the permissions - $this->FileModel->setUID($this->_getUID()); - } - - /** - * @return void - */ - public function postFile() - { - $result = $this->FileModel->saveFile($this->post()); - - if($result === TRUE) - { - $httpstatus = REST_Controller::HTTP_OK; - $payload = [ - 'success' => true, - 'message' => 'File saved.' - ]; - $payload['data'] = $result; - } - else - { - $payload = [ - 'success' => false, - 'message' => 'Could not save file.' - ]; - $httpstatus = REST_Controller::HTTP_OK; - } - $this->response($payload, $httpstatus); - } -} \ No newline at end of file diff --git a/application/core/DB_Model.php b/application/core/DB_Model.php index c7b387faa..777c9b26c 100644 --- a/application/core/DB_Model.php +++ b/application/core/DB_Model.php @@ -223,6 +223,29 @@ class DB_Model extends FHC_Model return $this->_success(TRUE); } + + /** --------------------------------------------------------------- + * Add limit clause + * + * @return void + */ + public function addLimit($start = null, $end = null) + { + // Check Class-Attributes and parameters + if(!is_numeric($start) || (is_numeric($start) && $start <= 0)) + return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + + if(is_numeric($end) && $end > $start) + { + $this->db->limit($start, $end); + } + else + { + $this->db->limit($start); + } + + return $this->_success(TRUE); + } /** --------------------------------------------------------------- * Delete data from DB-Table diff --git a/application/models/File_model.php b/application/models/File_model.php deleted file mode 100644 index 7e2638fb4..000000000 --- a/application/models/File_model.php +++ /dev/null @@ -1,42 +0,0 @@ -getUID(), 'file')) - { - if($this->_validate($file)) - { - $result = $this->_write($file); - } - } - - return $result; - } - - private function _validate($file = NULL) - { - return TRUE; - } - - private function _write($file = NULL) - { - return TRUE; - } -} \ No newline at end of file diff --git a/application/models/organisation/Studiengang_model.php b/application/models/organisation/Studiengang_model.php index f2fc37ed5..a7f4b3f91 100644 --- a/application/models/organisation/Studiengang_model.php +++ b/application/models/organisation/Studiengang_model.php @@ -34,7 +34,7 @@ class Studiengang_model extends DB_Model return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['lehre.vw_studienplan'], FHC_MODEL_ERROR); if (! $this->fhc_db_acl->isBerechtigt($this->acl['bis.tbl_lgartcode'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['lehre.vw_studienplan'], FHC_MODEL_ERROR); + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['bis.tbl_lgartcode'], FHC_MODEL_ERROR); return $this->db->query($allForBewerbungQuery); } diff --git a/tests/codeception/tests/api/v1/CourseCept.php b/tests/codeception/tests/api/v1/CourseCept.php deleted file mode 100644 index 8f43b91af..000000000 --- a/tests/codeception/tests/api/v1/CourseCept.php +++ /dev/null @@ -1,12 +0,0 @@ -wantTo('Test API call v1/lehre/studiengang/AllForBewerbung'); -$I->amHttpAuthenticated("admin", "1q2w3"); -$I->haveHttpHeader('FHC-API-KEY', 'testapikey@fhcomplete.org'); -$I->sendGET('v1/lehre/studiengang/AllForBewerbung'); -$I->seeResponseCodeIs(200); -$I->seeResponseIsJson(); -$I->seeResponseContainsJson([ - 'success' => TRUE, - 'message' => 'Courses found']); \ No newline at end of file diff --git a/tests/codeception/tests/api/v1/NationCept.php b/tests/codeception/tests/api/v1/NationCept.php index 081931b76..c441a4249 100644 --- a/tests/codeception/tests/api/v1/NationCept.php +++ b/tests/codeception/tests/api/v1/NationCept.php @@ -1,19 +1,10 @@ wantTo('Test API call v1/nation All and FederalState'); +$I->wantTo('Test API call v1/codex/nation All and FederalState'); $I->amHttpAuthenticated("admin", "1q2w3"); $I->haveHttpHeader('FHC-API-KEY', 'testapikey@fhcomplete.org'); -$I->sendGET('v1/nation/All'); +$I->sendGET('v1/codex/nation/All'); $I->seeResponseCodeIs(200); $I->seeResponseIsJson(); -$I->seeResponseContainsJson([ - 'success' => TRUE, - 'message' => 'Nation found']); - -$I->sendGET('v1/nation/Bundesland'); -$I->seeResponseCodeIs(200); -$I->seeResponseIsJson(); -$I->seeResponseContainsJson([ - 'success' => TRUE, - 'message' => 'Bundesland found']); \ No newline at end of file +$I->seeResponseContainsJson(['error' => 0]); \ No newline at end of file diff --git a/tests/codeception/tests/api/v1/PersonCept.php b/tests/codeception/tests/api/v1/PersonCept.php index af4edd27c..ab292bba6 100644 --- a/tests/codeception/tests/api/v1/PersonCept.php +++ b/tests/codeception/tests/api/v1/PersonCept.php @@ -25,8 +25,8 @@ $I->sendGET('v1/person/person/Person', array('code' => '12345')); $I->seeResponseCodeIs(200); $I->seeResponseIsJson(); $I->seeResponseContainsJson([ - 'success' => false, - 'message' => 'Person not found']); + 'error' => 0, + 'retval' => array()]); $I->sendGET('v1/person/person/Person', array('code' => '01234567C', 'email' => 'harvey.joshuah@calva.dev')); $I->seeResponseCodeIs(200); diff --git a/tests/codeception/tests/api/v1/PlanCept.php b/tests/codeception/tests/api/v1/PlanCept.php deleted file mode 100644 index 90ed424e0..000000000 --- a/tests/codeception/tests/api/v1/PlanCept.php +++ /dev/null @@ -1,12 +0,0 @@ -wantTo('Test API call v1/lehre/studienplan/Studienplaene'); -$I->amHttpAuthenticated("admin", "1q2w3"); -$I->haveHttpHeader('FHC-API-KEY', 'testapikey@fhcomplete.org'); -$I->sendGET('v1/lehre/studienplan/Studienplaene', array('studiengang_kz' => 1)); -$I->seeResponseCodeIs(200); -$I->seeResponseIsJson(); -$I->seeResponseContainsJson([ - 'success' => TRUE, - 'message' => 'Plan found']); \ No newline at end of file diff --git a/tests/codeception/tests/api/v1/StudiengangCept.php b/tests/codeception/tests/api/v1/StudiengangCept.php new file mode 100644 index 000000000..de1b37ae0 --- /dev/null +++ b/tests/codeception/tests/api/v1/StudiengangCept.php @@ -0,0 +1,10 @@ +wantTo('Test API call v1/organisation/studiengang/AllForBewerbung'); +$I->amHttpAuthenticated("admin", "1q2w3"); +$I->haveHttpHeader('FHC-API-KEY', 'testapikey@fhcomplete.org'); +$I->sendGET('v1/organisation/studiengang/AllForBewerbung'); +$I->seeResponseCodeIs(200); +$I->seeResponseIsJson(); +$I->seeResponseContainsJson(['error' => 0]); \ No newline at end of file diff --git a/tests/codeception/tests/api/v1/StudienplanCept.php b/tests/codeception/tests/api/v1/StudienplanCept.php new file mode 100644 index 000000000..78a2ce600 --- /dev/null +++ b/tests/codeception/tests/api/v1/StudienplanCept.php @@ -0,0 +1,10 @@ +wantTo('Test API call v1/organisation/studienplan/Studienplaene'); +$I->amHttpAuthenticated("admin", "1q2w3"); +$I->haveHttpHeader('FHC-API-KEY', 'testapikey@fhcomplete.org'); +$I->sendGET('v1/organisation/studienplan/Studienplaene', array('studiengang_kz' => 1)); +$I->seeResponseCodeIs(200); +$I->seeResponseIsJson(); +$I->seeResponseContainsJson(['error' => 0]); \ No newline at end of file From 44ebe15c9cab8fbbf8396d255648b8afda0f5d14 Mon Sep 17 00:00:00 2001 From: paolo Date: Tue, 10 May 2016 13:05:02 +0200 Subject: [PATCH 2/2] - Method getCheckBewerbung implemented with new standard - Added new permission in fhcomplete.php config file --- application/config/fhcomplete.php | 1 + .../controllers/api/v1/person/Person.php | 40 +++------- .../models/organisation/Studiengang_model.php | 16 ++-- application/models/person/Person_model.php | 76 +++++++++++-------- 4 files changed, 65 insertions(+), 68 deletions(-) diff --git a/application/config/fhcomplete.php b/application/config/fhcomplete.php index 6479a3863..ba1f8eff1 100644 --- a/application/config/fhcomplete.php +++ b/application/config/fhcomplete.php @@ -18,6 +18,7 @@ $config['fhc_acl'] = array 'public.tbl_person' => 'basis/person', 'public.tbl_kontakt' => 'basis/kontakt', + 'public.tbl_benutzer' => 'basis/benutzer', 'public.tbl_prestudent' => 'basis/person', 'public.tbl_prestudentstatus' => 'basis/person', 'public.tbl_organisationseinheit' => 'basis/organisationseinheit', diff --git a/application/controllers/api/v1/person/Person.php b/application/controllers/api/v1/person/Person.php index ea708f8e5..9ffc14d45 100644 --- a/application/controllers/api/v1/person/Person.php +++ b/application/controllers/api/v1/person/Person.php @@ -93,43 +93,21 @@ class Person extends APIv1_Controller */ public function getCheckBewerbung() { - $result = $this->PersonModel->checkBewerbung($this->get("email"), $this->get("studiensemester_kurzbz")); - $httpstatus = REST_Controller::HTTP_OK; - $payload = [ - 'success' => true, - 'message' => 'Bewerbung exists.' - ]; - $payload['data'] = $result; - $this->response($payload, $httpstatus); - } - - /** - * @return void - */ - public function getCheckZugangscodePerson() - { - $result = $this->PersonModel->checkZugangscodePerson($this->get("code")); - $httpstatus = REST_Controller::HTTP_OK; - if(!empty($result)) + $email = $this->get('email'); + $studiensemester_kurzbz = $this->get('studiensemester_kurzbz'); + + if(isset($email)) { - $payload = [ - 'success' => true, - 'message' => 'Zugangscode exists.' - ]; - $payload['data'] = $result; + $result = $this->PersonModel->checkBewerbung($email, $studiensemester_kurzbz); + + $this->response($result, REST_Controller::HTTP_OK); } else { - $payload = [ - 'success' => false, - 'message' => 'Zugangscode does not exist.' - ]; - $httpstatus = REST_Controller::HTTP_OK; + $this->response(); } - - $this->response($payload, $httpstatus); } - + private function _validate($person = NULL) { if(!isset($person)) diff --git a/application/models/organisation/Studiengang_model.php b/application/models/organisation/Studiengang_model.php index a7f4b3f91..661dabfd6 100644 --- a/application/models/organisation/Studiengang_model.php +++ b/application/models/organisation/Studiengang_model.php @@ -16,6 +16,13 @@ class Studiengang_model extends DB_Model */ public function getAllForBewerbung() { + // Checks if the operation is permitted by the API caller + if (! $this->fhc_db_acl->isBerechtigt($this->acl['lehre.vw_studienplan'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['lehre.vw_studienplan'], FHC_MODEL_ERROR); + + if (! $this->fhc_db_acl->isBerechtigt($this->acl['bis.tbl_lgartcode'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['bis.tbl_lgartcode'], FHC_MODEL_ERROR); + $allForBewerbungQuery = "SELECT DISTINCT studiengang_kz, typ, organisationseinheittyp_kurzbz, @@ -29,13 +36,8 @@ class Studiengang_model extends DB_Model AND aktiv IS TRUE ORDER BY typ, studiengangbezeichnung, tbl_lgartcode.bezeichnung ASC"; - // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['lehre.vw_studienplan'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['lehre.vw_studienplan'], FHC_MODEL_ERROR); + $result = $this->db->query($allForBewerbungQuery); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['bis.tbl_lgartcode'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['bis.tbl_lgartcode'], FHC_MODEL_ERROR); - - return $this->db->query($allForBewerbungQuery); + return $this->_success($result->result()); } } \ No newline at end of file diff --git a/application/models/person/Person_model.php b/application/models/person/Person_model.php index 1a9192a88..fc8ad108a 100644 --- a/application/models/person/Person_model.php +++ b/application/models/person/Person_model.php @@ -15,41 +15,57 @@ class Person_model extends DB_Model /** * */ - /*public function checkBewerbung($email, $studiensemester_kurzbz = NULL) + public function checkBewerbung($email, $studiensemester_kurzbz = NULL) { - $this->db->distinct(); - + // Checks if the operation is permitted by the API caller + if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_person'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_person'], FHC_MODEL_ERROR); + + if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_kontakt'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_kontakt'], FHC_MODEL_ERROR); + + if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_benutzer'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_benutzer'], FHC_MODEL_ERROR); + + if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_prestudent'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_prestudent'], FHC_MODEL_ERROR); + + if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_prestudentstatus'], 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_prestudentstatus'], FHC_MODEL_ERROR); + + $result = NULL; + if(is_null($studiensemester_kurzbz)) { - $this->db->select("p.person_id, p.zugangscode, p.insertamum") - ->from("public.tbl_person p") - ->join("public.tbl_kontakt k", "p.person_id=k.person_id") - ->join("public.tbl_benutzer b", "p.person_id=b.person_id", "left") - ->where("k.kontakttyp", 'email') - ->where("(kontakt='" . $email . "'" . - " OR alias ||'@technikum-wien.at'='" . $email . "'" . - " OR uid ||'@technikum-wien.at'='" . $email . "')") - ->order_by("p.insertamum", "DESC") - ->limit(1) - ; + $checkBewerbungQuery = "SELECT DISTINCT p.person_id, p.zugangscode, p.insertamum + FROM public.tbl_person p JOIN public.tbl_kontakt k ON p.person_id = k.person_id + LEFT JOIN public.tbl_benutzer b ON p.person_id = b.person_id + WHERE k.kontakttyp = 'email' + AND (kontakt = ? OR alias || '@technikum-wien.at' = ? OR uid || '@technikum-wien.at' = ?) + ORDER BY p.insertamum DESC + LIMIT 1"; + + $result = $this->db->query($checkBewerbungQuery, array($email, $email, $email)); } else { - $this->db->select("p.person_id,p.zugangscode,p.insertamum") - ->from("public.tbl_person p") - ->join("public.tbl_kontakt k", "p.person_id=k.person_id") - ->join("public.tbl_benutzer b", "p.person_id=b.person_id", "left") - ->join("public.tbl_prestudent ps", "p.person_id=ps.person_id") - ->join("public.tbl_prestudentstatus pst", "pst.prestudent_id=ps.prestudent_id") - ->where("k.kontakttyp", 'email') - ->where("(kontakt='" . $email . "'" . - " OR alias ||'@technikum-wien.at'='" . $email . "'" . - " OR uid ||'@technikum-wien.at'='" . $email . "')") - ->where("studiensemester_kurzbz='" . $studiensemester_kurzbz . "'") - ->order_by("p.insertamum", "DESC") - ->limit(1) - ; + $checkBewerbungQuery = "SELECT DISTINCT p.person_id, p.zugangscode, p.insertamum + FROM public.tbl_person p JOIN public.tbl_kontakt k ON p.person_id = k.person_id + LEFT JOIN public.tbl_benutzer b ON p.person_id = b.person_id + JOIN public.tbl_prestudent ps ON p.person_id = ps.person_id + JOIN public.tbl_prestudentstatus pst ON pst.prestudent_id = ps.prestudent_id + WHERE k.kontakttyp = 'email' + AND (kontakt = ? OR alias || '@technikum-wien.at' = ? OR uid || '@technikum-wien.at' = ?) + AND studiensemester_kurzbz = ? + ORDER BY p.insertamum DESC + LIMIT 1"; + + $result = $this->db->query($checkBewerbungQuery, array($email, $email, $email, $studiensemester_kurzbz)); } - return $this->db->get()->result_array(); - }*/ + + if(is_object($result)) + return $this->_success($result->result()); + else + return $this->_error($this->db->error(), FHC_DB_ERROR); + } } \ No newline at end of file