diff --git a/application/config/fhcomplete.php b/application/config/fhcomplete.php index 76250a6fe..f51185a2d 100755 --- a/application/config/fhcomplete.php +++ b/application/config/fhcomplete.php @@ -238,7 +238,9 @@ $config['fhc_acl'] = array DMS_PATH => 'fs/dms', - 'public.tbl_sprache' => 'admin' + 'public.tbl_sprache' => 'admin', + + 'PhrasesLib.getPhrase' => 'system/PhrasesLib' ); $config['addons_aufnahme_url'] = 'http://debian.dev/build/addons/aufnahme/cis/index.php'; \ No newline at end of file diff --git a/application/core/DB_Model.php b/application/core/DB_Model.php index 429c3e438..1b93c864d 100644 --- a/application/core/DB_Model.php +++ b/application/core/DB_Model.php @@ -36,7 +36,7 @@ class DB_Model extends FHC_Model return error(FHC_MODEL_ERROR, FHC_NODBTABLE); // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::INSERT_RIGHT)) return $chkRights; + if ($isEntitled = $this->_isEntitled(PermissionLib::INSERT_RIGHT)) return $isEntitled; // DB-INSERT if ($this->db->insert($this->dbTable, $data)) @@ -80,7 +80,7 @@ class DB_Model extends FHC_Model return error(FHC_MODEL_ERROR, FHC_NODBTABLE); // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::REPLACE_RIGHT)) return $chkRights; + if ($isEntitled = $this->_isEntitled(PermissionLib::REPLACE_RIGHT)) return $isEntitled; // DB-REPLACE if ($this->db->replace($this->dbTable, $data)) @@ -105,7 +105,7 @@ class DB_Model extends FHC_Model return error(FHC_MODEL_ERROR, FHC_NOPK); // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::UPDATE_RIGHT)) return $chkRights; + if ($isEntitled = $this->_isEntitled(PermissionLib::UPDATE_RIGHT)) return $isEntitled; // DB-UPDATE // Check for composite Primary Key @@ -139,7 +139,7 @@ class DB_Model extends FHC_Model return error(FHC_MODEL_ERROR, FHC_NOPK); // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::DELETE_RIGHT)) return $chkRights; + if ($isEntitled = $this->_isEntitled(PermissionLib::DELETE_RIGHT)) return $isEntitled; // DB-DELETE // Check for composite Primary Key @@ -173,7 +173,7 @@ class DB_Model extends FHC_Model return error(FHC_MODEL_ERROR, FHC_NOPK); // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights; + if ($isEntitled = $this->_isEntitled(PermissionLib::SELECT_RIGHT)) return $isEntitled; // DB-SELECT // Check for composite Primary Key @@ -207,7 +207,7 @@ class DB_Model extends FHC_Model return error(FHC_MODEL_ERROR, FHC_NODBTABLE); // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights; + if ($isEntitled = $this->_isEntitled(PermissionLib::SELECT_RIGHT)) return $isEntitled; // Execute query $result = $this->db->get_where($this->dbTable, $where); @@ -235,7 +235,7 @@ class DB_Model extends FHC_Model return error(FHC_MODEL_ERROR, FHC_NODBTABLE); // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights; + if ($isEntitled = $this->_isEntitled(PermissionLib::SELECT_RIGHT)) return $isEntitled; // List of tables on which it will work $tables = array_merge(array($mainTable), $sideTables); @@ -609,7 +609,7 @@ class DB_Model extends FHC_Model /** * Checks if the caller is entitled to perform this operation with this right */ - protected function chkRights($permission) + private function _isEntitled($permission) { // If the caller is _not_ a model _and_ tries to read data, then avoids to check permissions // Otherwise checks always the permissions @@ -617,9 +617,9 @@ class DB_Model extends FHC_Model substr(get_called_class(), -6) == DB_Model::MODEL_POSTFIX) || $permission != PermissionLib::SELECT_RIGHT) { - if (($chkRights = $this->isEntitled($this->dbTable, $permission, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + if (($isEntitled = $this->isEntitled($this->dbTable, $permission, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) { - return $chkRights; + return $isEntitled; } } } diff --git a/application/models/codex/Orgform_model.php b/application/models/codex/Orgform_model.php index 6b5d1f0e7..238376ba4 100644 --- a/application/models/codex/Orgform_model.php +++ b/application/models/codex/Orgform_model.php @@ -15,7 +15,8 @@ class Orgform_model extends DB_Model public function getOrgformLV() { // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights; + if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $query = "SELECT * FROM bis.tbl_orgform diff --git a/application/models/crm/Akte_model.php b/application/models/crm/Akte_model.php index 828dee826..084c3606c 100644 --- a/application/models/crm/Akte_model.php +++ b/application/models/crm/Akte_model.php @@ -18,14 +18,14 @@ class Akte_model extends DB_Model public function getAkten($person_id, $dokument_kurzbz = null, $stg_kz = null, $prestudent_id = null) { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_dokument', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_dokumentstudiengang', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_dokument', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_dokumentstudiengang', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $query = 'SELECT akte_id, person_id, @@ -84,12 +84,12 @@ class Akte_model extends DB_Model public function getAktenAccepted($person_id, $dokument_kurzbz = null) { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $query = 'SELECT a.akte_id, a.person_id, diff --git a/application/models/crm/Dokumentprestudent_model.php b/application/models/crm/Dokumentprestudent_model.php index 6e3afec00..720c976e6 100644 --- a/application/models/crm/Dokumentprestudent_model.php +++ b/application/models/crm/Dokumentprestudent_model.php @@ -14,8 +14,8 @@ class Dokumentprestudent_model extends DB_Model public function setAccepted($prestudent_id, $studiengang_kz) { - if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $result = null; @@ -43,8 +43,8 @@ class Dokumentprestudent_model extends DB_Model public function setAcceptedDocuments($prestudent_id, $dokument_kurzbz) { - if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $result = null; diff --git a/application/models/crm/Dokumentstudiengang_model.php b/application/models/crm/Dokumentstudiengang_model.php index 4781a5343..9ffe90e91 100644 --- a/application/models/crm/Dokumentstudiengang_model.php +++ b/application/models/crm/Dokumentstudiengang_model.php @@ -15,8 +15,8 @@ class Dokumentstudiengang_model extends DB_Model public function getDokumentstudiengangByStudiengang_kz($studiengang_kz, $onlinebewerbung, $pflicht) { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled("public.tbl_dokument", "s", FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled("public.tbl_dokument", "s", FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $this->addJoin("public.tbl_dokument", "dokument_kurzbz"); diff --git a/application/models/crm/Prestudentstatus_model.php b/application/models/crm/Prestudentstatus_model.php index 19b94f27f..1f84ca034 100644 --- a/application/models/crm/Prestudentstatus_model.php +++ b/application/models/crm/Prestudentstatus_model.php @@ -19,12 +19,12 @@ class Prestudentstatus_model extends DB_Model public function getLastStatus($prestudent_id, $studiensemester_kurzbz = '', $status_kurzbz = '') { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('lehre.tbl_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('lehre.tbl_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $query = 'SELECT tbl_prestudentstatus.*, bezeichnung AS studienplan_bezeichnung, diff --git a/application/models/organisation/Studiengang_model.php b/application/models/organisation/Studiengang_model.php index 2a2df0cbb..f33e531b4 100644 --- a/application/models/organisation/Studiengang_model.php +++ b/application/models/organisation/Studiengang_model.php @@ -18,10 +18,10 @@ class Studiengang_model extends DB_Model public function getAllForBewerbung() { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled('lehre.vw_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('bis.tbl_lgartcode', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('lehre.vw_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('bis.tbl_lgartcode', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $allForBewerbungQuery = 'SELECT DISTINCT studiengang_kz, typ, diff --git a/application/models/organisation/Studiensemester_model.php b/application/models/organisation/Studiensemester_model.php index f2763f036..484956e05 100644 --- a/application/models/organisation/Studiensemester_model.php +++ b/application/models/organisation/Studiensemester_model.php @@ -15,7 +15,8 @@ class Studiensemester_model extends DB_Model public function getLastOrAktSemester($days = 60) { // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights; + if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; if (!is_numeric($days)) { @@ -34,7 +35,8 @@ class Studiensemester_model extends DB_Model public function getNextFrom($studiensemester_kurzbz) { // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights; + if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $query = 'SELECT studiensemester_kurzbz, start, @@ -57,8 +59,8 @@ class Studiensemester_model extends DB_Model public function getNearest($semester = '') { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled('public.vw_studiensemester', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.vw_studiensemester', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $query = 'SELECT studiensemester_kurzbz, start, diff --git a/application/models/person/Person_model.php b/application/models/person/Person_model.php index 64b328817..5192cc316 100644 --- a/application/models/person/Person_model.php +++ b/application/models/person/Person_model.php @@ -24,16 +24,16 @@ class Person_model extends DB_Model */ public function checkBewerbung($email, $studiensemester_kurzbz = null) { - if (($chkRights = $this->isEntitled('public.tbl_person', 's', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_kontakt', 's', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_benutzer', 's', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_prestudent', 's', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_prestudentstatus', 's', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_benutzer', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $checkBewerbungQuery = ''; $parametersArray = array($email, $email, $email); diff --git a/application/models/system/Message_model.php b/application/models/system/Message_model.php index 8d4fad145..4748f9448 100644 --- a/application/models/system/Message_model.php +++ b/application/models/system/Message_model.php @@ -20,12 +20,12 @@ class Message_model extends DB_Model public function getMessagesByPerson($person_id, $all) { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $sql = 'SELECT m.message_id, m.person_id, diff --git a/application/models/system/Phrase_model.php b/application/models/system/Phrase_model.php index 952631171..13ae9aa19 100644 --- a/application/models/system/Phrase_model.php +++ b/application/models/system/Phrase_model.php @@ -18,10 +18,10 @@ class Phrase_model extends DB_Model public function getPhrases($app, $sprache, $phrase = null, $orgeinheit_kurzbz = null, $orgform_kurzbz = null) { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled('system.tbl_phrase', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('system.tbl_phrasentext', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('system.tbl_phrase', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('system.tbl_phrasentext', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $parametersArray = array('app' => $app, 'sprache' => $sprache); diff --git a/application/models/system/Recipient_model.php b/application/models/system/Recipient_model.php index 772650d73..4039307f8 100644 --- a/application/models/system/Recipient_model.php +++ b/application/models/system/Recipient_model.php @@ -19,14 +19,14 @@ class Recipient_model extends DB_Model public function getMessage($message_id, $person_id) { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $query = 'SELECT mr.message_id, mr.person_id, @@ -56,12 +56,12 @@ class Recipient_model extends DB_Model public function getMessageByToken($token) { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $sql = 'SELECT r.message_id, m.person_id as sender_id, @@ -90,14 +90,14 @@ class Recipient_model extends DB_Model public function getMessagesByPerson($person_id, $all) { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $sql = 'SELECT DISTINCT ON (r.message_id) r.message_id, m.person_id, @@ -152,14 +152,14 @@ class Recipient_model extends DB_Model // if same user if ($uid === getAuthUID()) { - if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; } // if different user, for reading messages from other users else { - if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; } // get Data @@ -208,12 +208,12 @@ class Recipient_model extends DB_Model public function getMessages($kontaktType, $sent, $limit = null, $message_id = null) { // Checks if the operation is permitted by the API caller - if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; - if (($chkRights = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) - return $chkRights; + if (($isEntitled = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; + if (($isEntitled = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $query = 'SELECT mm.message_id, ks.kontakt as sender, diff --git a/application/models/system/Vorlage_model.php b/application/models/system/Vorlage_model.php index e5633d96b..bca397825 100644 --- a/application/models/system/Vorlage_model.php +++ b/application/models/system/Vorlage_model.php @@ -15,7 +15,8 @@ class Vorlage_model extends DB_Model public function getMimeTypes() { // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights; + if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $query = 'SELECT DISTINCT mimetype FROM public.tbl_vorlage ORDER BY mimetype'; diff --git a/application/models/system/Vorlagedokument_model.php b/application/models/system/Vorlagedokument_model.php index 924ff16a9..23c0de329 100644 --- a/application/models/system/Vorlagedokument_model.php +++ b/application/models/system/Vorlagedokument_model.php @@ -18,7 +18,8 @@ class Vorlagedokument_model extends DB_Model public function loadDokumenteFromVorlagestudiengang($vorlagestudiengang_id) { // Checks rights - if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights; + if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $isEntitled; $qry = 'SELECT vorlagedokument_id, sort, diff --git a/tests/codeception/_data/dump.sql b/tests/codeception/_data/dump.sql index ca66b931f..70ea11a97 100644 --- a/tests/codeception/_data/dump.sql +++ b/tests/codeception/_data/dump.sql @@ -425,7 +425,8 @@ DELETE FROM system.tbl_rolleberechtigung WHERE berechtigung_kurzbz IN ( 'system/phrase', 'system/vorlagestudiengang', 'system/vorlage', - 'system/appdaten' + 'system/appdaten', + 'system/PhrasesLib' ); -- DELETE FROM system.tbl_berechtigung @@ -656,7 +657,8 @@ DELETE FROM system.tbl_berechtigung WHERE berechtigung_kurzbz IN ( 'system/phrase', 'system/vorlagestudiengang', 'system/vorlage', - 'system/appdaten' + 'system/appdaten', + 'system/PhrasesLib' ); -- INSERT Permissions @@ -887,6 +889,7 @@ INSERT INTO system.tbl_berechtigung (berechtigung_kurzbz, beschreibung) VALUES(' INSERT INTO system.tbl_berechtigung (berechtigung_kurzbz, beschreibung) VALUES('system/vorlagestudiengang', ''); INSERT INTO system.tbl_berechtigung (berechtigung_kurzbz, beschreibung) VALUES('system/vorlage', ''); INSERT INTO system.tbl_berechtigung (berechtigung_kurzbz, beschreibung) VALUES('system/appdaten', ''); +INSERT INTO system.tbl_berechtigung (berechtigung_kurzbz, beschreibung) VALUES('system/PhrasesLib', ''); -- INSERT link between user admin and permissions INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art) VALUES('basis/archiv', 'admin', 'suid'); @@ -1116,6 +1119,7 @@ INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art) VALUES('system/vorlagestudiengang', 'admin', 'suid'); INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art) VALUES('system/vorlage', 'admin', 'suid'); INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art) VALUES('system/appdaten', 'admin', 'suid'); +INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art) VALUES('system/PhrasesLib', 'admin', 'suid'); -- EMPTY public.tbl_statistik DELETE FROM public.tbl_statistik; diff --git a/tests/codeception/tests/api.suite.dist.yml b/tests/codeception/tests/api.suite.dist.yml index e5d6d175b..62209bd04 100644 --- a/tests/codeception/tests/api.suite.dist.yml +++ b/tests/codeception/tests/api.suite.dist.yml @@ -4,7 +4,7 @@ modules: - Db - REST: # API URL - url: http://demo.fhcomplete.org/index.ci.php/api/ + url: http://debian.dev/build/index.ci.php/api/ # Can also be a framework module name depends: PhpBrowser # Limits PhpBrowser to JSON or XML diff --git a/tests/codeception/tests/api/v1/CallerLibraryCept.php b/tests/codeception/tests/api/v1/CallerLibraryCept.php new file mode 100644 index 000000000..c5b302f21 --- /dev/null +++ b/tests/codeception/tests/api/v1/CallerLibraryCept.php @@ -0,0 +1,19 @@ +wantTo("Test API call v1/system/CallerLibrary/Call"); +$I->amHttpAuthenticated("admin", "1q2w3"); +$I->haveHttpHeader("FHC-API-KEY", "testapikey@fhcomplete.org"); + +$I->sendGET( + "v1/system/CallerLibrary/Call", + array( + "resource" => "PhrasesLib", + "function" => "getPhrase", + "phrase_id" => 1 + ) +); +$I->seeResponseCodeIs(200); +$I->seeResponseIsJson(); +$I->seeResponseContainsJson(["error" => 0]); +$I->wait(); \ No newline at end of file diff --git a/tests/codeception/tests/api/v1/CallerModelCept.php b/tests/codeception/tests/api/v1/CallerModelCept.php new file mode 100644 index 000000000..b5edabe04 --- /dev/null +++ b/tests/codeception/tests/api/v1/CallerModelCept.php @@ -0,0 +1,19 @@ +wantTo("Test API call v1/system/CallerModel/Call"); +$I->amHttpAuthenticated("admin", "1q2w3"); +$I->haveHttpHeader("FHC-API-KEY", "testapikey@fhcomplete.org"); + +$I->sendGET( + "v1/system/CallerModel/Call", + array( + "resource" => "codex/Bundesland_model", + "function" => "load", + "bundesland_code" => "1" + ) +); +$I->seeResponseCodeIs(200); +$I->seeResponseIsJson(); +$I->seeResponseContainsJson(["error" => 0]); +$I->wait(); \ No newline at end of file diff --git a/tests/codeception/tests/api/v1/PCRMCept.php b/tests/codeception/tests/api/v1/PCRMCept.php deleted file mode 100644 index 25c8892eb..000000000 --- a/tests/codeception/tests/api/v1/PCRMCept.php +++ /dev/null @@ -1,23 +0,0 @@ -wantTo("Test API call v1/system/PCRM/Call"); -$I->amHttpAuthenticated("admin", "1q2w3"); -$I->haveHttpHeader("FHC-API-KEY", "testapikey@fhcomplete.org"); - -$I->sendGET("v1/system/PCRM/Call", array( - "resource" => "codex/Bundesland_model", "function" => "load", "bundesland_code" => "1") -); -$I->seeResponseCodeIs(200); -$I->seeResponseIsJson(); -$I->seeResponseContainsJson(["error" => 0]); -$I->wait(); - -$I->sendGET("v1/system/PCRM/Call", array( - "resource" => "PermissionLib", "function" => "hasPermission", - "sn" => "bis.tbl_archiv", "pt" => "s") -); -$I->seeResponseCodeIs(200); -$I->seeResponseIsJson(); -$I->seeResponseContainsJson(["error" => 0]); -$I->wait(); \ No newline at end of file