mirror of
https://github.com/FH-Complete/FHC-Core.git
synced 2026-06-01 12:19:28 +00:00
- phpC(d)I
- Renamed method chkRights to _isEntitled in model DB_Model - Updated models where it was needed
This commit is contained in:
bison-paolo
@@ -238,7 +238,9 @@ $config['fhc_acl'] = array
|
||||
|
||||
DMS_PATH => 'fs/dms',
|
||||
|
||||
'public.tbl_sprache' => 'admin'
|
||||
'public.tbl_sprache' => 'admin',
|
||||
|
||||
'PhrasesLib.getPhrase' => 'system/PhrasesLib'
|
||||
);
|
||||
|
||||
$config['addons_aufnahme_url'] = 'http://debian.dev/build/addons/aufnahme/cis/index.php';
|
||||
@@ -36,7 +36,7 @@ class DB_Model extends FHC_Model
|
||||
return error(FHC_MODEL_ERROR, FHC_NODBTABLE);
|
||||
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::INSERT_RIGHT)) return $chkRights;
|
||||
if ($isEntitled = $this->_isEntitled(PermissionLib::INSERT_RIGHT)) return $isEntitled;
|
||||
|
||||
// DB-INSERT
|
||||
if ($this->db->insert($this->dbTable, $data))
|
||||
@@ -80,7 +80,7 @@ class DB_Model extends FHC_Model
|
||||
return error(FHC_MODEL_ERROR, FHC_NODBTABLE);
|
||||
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::REPLACE_RIGHT)) return $chkRights;
|
||||
if ($isEntitled = $this->_isEntitled(PermissionLib::REPLACE_RIGHT)) return $isEntitled;
|
||||
|
||||
// DB-REPLACE
|
||||
if ($this->db->replace($this->dbTable, $data))
|
||||
@@ -105,7 +105,7 @@ class DB_Model extends FHC_Model
|
||||
return error(FHC_MODEL_ERROR, FHC_NOPK);
|
||||
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::UPDATE_RIGHT)) return $chkRights;
|
||||
if ($isEntitled = $this->_isEntitled(PermissionLib::UPDATE_RIGHT)) return $isEntitled;
|
||||
|
||||
// DB-UPDATE
|
||||
// Check for composite Primary Key
|
||||
@@ -139,7 +139,7 @@ class DB_Model extends FHC_Model
|
||||
return error(FHC_MODEL_ERROR, FHC_NOPK);
|
||||
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::DELETE_RIGHT)) return $chkRights;
|
||||
if ($isEntitled = $this->_isEntitled(PermissionLib::DELETE_RIGHT)) return $isEntitled;
|
||||
|
||||
// DB-DELETE
|
||||
// Check for composite Primary Key
|
||||
@@ -173,7 +173,7 @@ class DB_Model extends FHC_Model
|
||||
return error(FHC_MODEL_ERROR, FHC_NOPK);
|
||||
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights;
|
||||
if ($isEntitled = $this->_isEntitled(PermissionLib::SELECT_RIGHT)) return $isEntitled;
|
||||
|
||||
// DB-SELECT
|
||||
// Check for composite Primary Key
|
||||
@@ -207,7 +207,7 @@ class DB_Model extends FHC_Model
|
||||
return error(FHC_MODEL_ERROR, FHC_NODBTABLE);
|
||||
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights;
|
||||
if ($isEntitled = $this->_isEntitled(PermissionLib::SELECT_RIGHT)) return $isEntitled;
|
||||
|
||||
// Execute query
|
||||
$result = $this->db->get_where($this->dbTable, $where);
|
||||
@@ -235,7 +235,7 @@ class DB_Model extends FHC_Model
|
||||
return error(FHC_MODEL_ERROR, FHC_NODBTABLE);
|
||||
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights;
|
||||
if ($isEntitled = $this->_isEntitled(PermissionLib::SELECT_RIGHT)) return $isEntitled;
|
||||
|
||||
// List of tables on which it will work
|
||||
$tables = array_merge(array($mainTable), $sideTables);
|
||||
@@ -609,7 +609,7 @@ class DB_Model extends FHC_Model
|
||||
/**
|
||||
* Checks if the caller is entitled to perform this operation with this right
|
||||
*/
|
||||
protected function chkRights($permission)
|
||||
private function _isEntitled($permission)
|
||||
{
|
||||
// If the caller is _not_ a model _and_ tries to read data, then avoids to check permissions
|
||||
// Otherwise checks always the permissions
|
||||
@@ -617,9 +617,9 @@ class DB_Model extends FHC_Model
|
||||
substr(get_called_class(), -6) == DB_Model::MODEL_POSTFIX) ||
|
||||
$permission != PermissionLib::SELECT_RIGHT)
|
||||
{
|
||||
if (($chkRights = $this->isEntitled($this->dbTable, $permission, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
if (($isEntitled = $this->isEntitled($this->dbTable, $permission, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
{
|
||||
return $chkRights;
|
||||
return $isEntitled;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -15,7 +15,8 @@ class Orgform_model extends DB_Model
|
||||
public function getOrgformLV()
|
||||
{
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$query = "SELECT *
|
||||
FROM bis.tbl_orgform
|
||||
|
||||
@@ -18,14 +18,14 @@ class Akte_model extends DB_Model
|
||||
public function getAkten($person_id, $dokument_kurzbz = null, $stg_kz = null, $prestudent_id = null)
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_dokument', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_dokumentstudiengang', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_dokument', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_dokumentstudiengang', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$query = 'SELECT akte_id,
|
||||
person_id,
|
||||
@@ -84,12 +84,12 @@ class Akte_model extends DB_Model
|
||||
public function getAktenAccepted($person_id, $dokument_kurzbz = null)
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$query = 'SELECT a.akte_id,
|
||||
a.person_id,
|
||||
|
||||
@@ -14,8 +14,8 @@ class Dokumentprestudent_model extends DB_Model
|
||||
|
||||
public function setAccepted($prestudent_id, $studiengang_kz)
|
||||
{
|
||||
if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$result = null;
|
||||
|
||||
@@ -43,8 +43,8 @@ class Dokumentprestudent_model extends DB_Model
|
||||
|
||||
public function setAcceptedDocuments($prestudent_id, $dokument_kurzbz)
|
||||
{
|
||||
if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$result = null;
|
||||
|
||||
|
||||
@@ -15,8 +15,8 @@ class Dokumentstudiengang_model extends DB_Model
|
||||
public function getDokumentstudiengangByStudiengang_kz($studiengang_kz, $onlinebewerbung, $pflicht)
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled("public.tbl_dokument", "s", FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled("public.tbl_dokument", "s", FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$this->addJoin("public.tbl_dokument", "dokument_kurzbz");
|
||||
|
||||
|
||||
@@ -19,12 +19,12 @@ class Prestudentstatus_model extends DB_Model
|
||||
public function getLastStatus($prestudent_id, $studiensemester_kurzbz = '', $status_kurzbz = '')
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('lehre.tbl_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('lehre.tbl_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$query = 'SELECT tbl_prestudentstatus.*,
|
||||
bezeichnung AS studienplan_bezeichnung,
|
||||
|
||||
@@ -18,10 +18,10 @@ class Studiengang_model extends DB_Model
|
||||
public function getAllForBewerbung()
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled('lehre.vw_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('bis.tbl_lgartcode', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('lehre.vw_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('bis.tbl_lgartcode', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$allForBewerbungQuery = 'SELECT DISTINCT studiengang_kz,
|
||||
typ,
|
||||
|
||||
@@ -15,7 +15,8 @@ class Studiensemester_model extends DB_Model
|
||||
public function getLastOrAktSemester($days = 60)
|
||||
{
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
if (!is_numeric($days))
|
||||
{
|
||||
@@ -34,7 +35,8 @@ class Studiensemester_model extends DB_Model
|
||||
public function getNextFrom($studiensemester_kurzbz)
|
||||
{
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$query = 'SELECT studiensemester_kurzbz,
|
||||
start,
|
||||
@@ -57,8 +59,8 @@ class Studiensemester_model extends DB_Model
|
||||
public function getNearest($semester = '')
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled('public.vw_studiensemester', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.vw_studiensemester', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$query = 'SELECT studiensemester_kurzbz,
|
||||
start,
|
||||
|
||||
@@ -24,16 +24,16 @@ class Person_model extends DB_Model
|
||||
*/
|
||||
public function checkBewerbung($email, $studiensemester_kurzbz = null)
|
||||
{
|
||||
if (($chkRights = $this->isEntitled('public.tbl_person', 's', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_kontakt', 's', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_benutzer', 's', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_prestudent', 's', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_prestudentstatus', 's', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_benutzer', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$checkBewerbungQuery = '';
|
||||
$parametersArray = array($email, $email, $email);
|
||||
|
||||
@@ -20,12 +20,12 @@ class Message_model extends DB_Model
|
||||
public function getMessagesByPerson($person_id, $all)
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$sql = 'SELECT m.message_id,
|
||||
m.person_id,
|
||||
|
||||
@@ -18,10 +18,10 @@ class Phrase_model extends DB_Model
|
||||
public function getPhrases($app, $sprache, $phrase = null, $orgeinheit_kurzbz = null, $orgform_kurzbz = null)
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled('system.tbl_phrase', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('system.tbl_phrasentext', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('system.tbl_phrase', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('system.tbl_phrasentext', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$parametersArray = array('app' => $app, 'sprache' => $sprache);
|
||||
|
||||
|
||||
@@ -19,14 +19,14 @@ class Recipient_model extends DB_Model
|
||||
public function getMessage($message_id, $person_id)
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$query = 'SELECT mr.message_id,
|
||||
mr.person_id,
|
||||
@@ -56,12 +56,12 @@ class Recipient_model extends DB_Model
|
||||
public function getMessageByToken($token)
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$sql = 'SELECT r.message_id,
|
||||
m.person_id as sender_id,
|
||||
@@ -90,14 +90,14 @@ class Recipient_model extends DB_Model
|
||||
public function getMessagesByPerson($person_id, $all)
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$sql = 'SELECT DISTINCT ON (r.message_id) r.message_id,
|
||||
m.person_id,
|
||||
@@ -152,14 +152,14 @@ class Recipient_model extends DB_Model
|
||||
// if same user
|
||||
if ($uid === getAuthUID())
|
||||
{
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
}
|
||||
// if different user, for reading messages from other users
|
||||
else
|
||||
{
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
}
|
||||
|
||||
// get Data
|
||||
@@ -208,12 +208,12 @@ class Recipient_model extends DB_Model
|
||||
public function getMessages($kontaktType, $sent, $limit = null, $message_id = null)
|
||||
{
|
||||
// Checks if the operation is permitted by the API caller
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($chkRights = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
if (($isEntitled = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$query = 'SELECT mm.message_id,
|
||||
ks.kontakt as sender,
|
||||
|
||||
@@ -15,7 +15,8 @@ class Vorlage_model extends DB_Model
|
||||
public function getMimeTypes()
|
||||
{
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$query = 'SELECT DISTINCT mimetype FROM public.tbl_vorlage ORDER BY mimetype';
|
||||
|
||||
|
||||
@@ -18,7 +18,8 @@ class Vorlagedokument_model extends DB_Model
|
||||
public function loadDokumenteFromVorlagestudiengang($vorlagestudiengang_id)
|
||||
{
|
||||
// Checks rights
|
||||
if ($chkRights = $this->chkRights(PermissionLib::SELECT_RIGHT)) return $chkRights;
|
||||
if (($isEntitled = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true)
|
||||
return $isEntitled;
|
||||
|
||||
$qry = 'SELECT vorlagedokument_id,
|
||||
sort,
|
||||
|
||||
@@ -425,7 +425,8 @@ DELETE FROM system.tbl_rolleberechtigung WHERE berechtigung_kurzbz IN (
|
||||
'system/phrase',
|
||||
'system/vorlagestudiengang',
|
||||
'system/vorlage',
|
||||
'system/appdaten'
|
||||
'system/appdaten',
|
||||
'system/PhrasesLib'
|
||||
);
|
||||
|
||||
-- DELETE FROM system.tbl_berechtigung
|
||||
@@ -656,7 +657,8 @@ DELETE FROM system.tbl_berechtigung WHERE berechtigung_kurzbz IN (
|
||||
'system/phrase',
|
||||
'system/vorlagestudiengang',
|
||||
'system/vorlage',
|
||||
'system/appdaten'
|
||||
'system/appdaten',
|
||||
'system/PhrasesLib'
|
||||
);
|
||||
|
||||
-- INSERT Permissions
|
||||
@@ -887,6 +889,7 @@ INSERT INTO system.tbl_berechtigung (berechtigung_kurzbz, beschreibung) VALUES('
|
||||
INSERT INTO system.tbl_berechtigung (berechtigung_kurzbz, beschreibung) VALUES('system/vorlagestudiengang', '');
|
||||
INSERT INTO system.tbl_berechtigung (berechtigung_kurzbz, beschreibung) VALUES('system/vorlage', '');
|
||||
INSERT INTO system.tbl_berechtigung (berechtigung_kurzbz, beschreibung) VALUES('system/appdaten', '');
|
||||
INSERT INTO system.tbl_berechtigung (berechtigung_kurzbz, beschreibung) VALUES('system/PhrasesLib', '');
|
||||
|
||||
-- INSERT link between user admin and permissions
|
||||
INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art) VALUES('basis/archiv', 'admin', 'suid');
|
||||
@@ -1116,6 +1119,7 @@ INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art
|
||||
INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art) VALUES('system/vorlagestudiengang', 'admin', 'suid');
|
||||
INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art) VALUES('system/vorlage', 'admin', 'suid');
|
||||
INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art) VALUES('system/appdaten', 'admin', 'suid');
|
||||
INSERT INTO system.tbl_rolleberechtigung (berechtigung_kurzbz, rolle_kurzbz, art) VALUES('system/PhrasesLib', 'admin', 'suid');
|
||||
|
||||
-- EMPTY public.tbl_statistik
|
||||
DELETE FROM public.tbl_statistik;
|
||||
|
||||
@@ -4,7 +4,7 @@ modules:
|
||||
- Db
|
||||
- REST:
|
||||
# API URL
|
||||
url: http://demo.fhcomplete.org/index.ci.php/api/
|
||||
url: http://debian.dev/build/index.ci.php/api/
|
||||
# Can also be a framework module name
|
||||
depends: PhpBrowser
|
||||
# Limits PhpBrowser to JSON or XML
|
||||
|
||||
@@ -0,0 +1,19 @@
|
||||
<?php
|
||||
|
||||
$I = new ApiTester($scenario);
|
||||
$I->wantTo("Test API call v1/system/CallerLibrary/Call");
|
||||
$I->amHttpAuthenticated("admin", "1q2w3");
|
||||
$I->haveHttpHeader("FHC-API-KEY", "testapikey@fhcomplete.org");
|
||||
|
||||
$I->sendGET(
|
||||
"v1/system/CallerLibrary/Call",
|
||||
array(
|
||||
"resource" => "PhrasesLib",
|
||||
"function" => "getPhrase",
|
||||
"phrase_id" => 1
|
||||
)
|
||||
);
|
||||
$I->seeResponseCodeIs(200);
|
||||
$I->seeResponseIsJson();
|
||||
$I->seeResponseContainsJson(["error" => 0]);
|
||||
$I->wait();
|
||||
@@ -0,0 +1,19 @@
|
||||
<?php
|
||||
|
||||
$I = new ApiTester($scenario);
|
||||
$I->wantTo("Test API call v1/system/CallerModel/Call");
|
||||
$I->amHttpAuthenticated("admin", "1q2w3");
|
||||
$I->haveHttpHeader("FHC-API-KEY", "testapikey@fhcomplete.org");
|
||||
|
||||
$I->sendGET(
|
||||
"v1/system/CallerModel/Call",
|
||||
array(
|
||||
"resource" => "codex/Bundesland_model",
|
||||
"function" => "load",
|
||||
"bundesland_code" => "1"
|
||||
)
|
||||
);
|
||||
$I->seeResponseCodeIs(200);
|
||||
$I->seeResponseIsJson();
|
||||
$I->seeResponseContainsJson(["error" => 0]);
|
||||
$I->wait();
|
||||
@@ -1,23 +0,0 @@
|
||||
<?php
|
||||
|
||||
$I = new ApiTester($scenario);
|
||||
$I->wantTo("Test API call v1/system/PCRM/Call");
|
||||
$I->amHttpAuthenticated("admin", "1q2w3");
|
||||
$I->haveHttpHeader("FHC-API-KEY", "testapikey@fhcomplete.org");
|
||||
|
||||
$I->sendGET("v1/system/PCRM/Call", array(
|
||||
"resource" => "codex/Bundesland_model", "function" => "load", "bundesland_code" => "1")
|
||||
);
|
||||
$I->seeResponseCodeIs(200);
|
||||
$I->seeResponseIsJson();
|
||||
$I->seeResponseContainsJson(["error" => 0]);
|
||||
$I->wait();
|
||||
|
||||
$I->sendGET("v1/system/PCRM/Call", array(
|
||||
"resource" => "PermissionLib", "function" => "hasPermission",
|
||||
"sn" => "bis.tbl_archiv", "pt" => "s")
|
||||
);
|
||||
$I->seeResponseCodeIs(200);
|
||||
$I->seeResponseIsJson();
|
||||
$I->seeResponseContainsJson(["error" => 0]);
|
||||
$I->wait();
|
||||
Reference in New Issue
Block a user