diff --git a/application/controllers/api/frontend/fas/studstatus/Wiederholung.php b/application/controllers/api/frontend/fas/studstatus/Wiederholung.php new file mode 100644 index 000000000..c6e5a4fa9 --- /dev/null +++ b/application/controllers/api/frontend/fas/studstatus/Wiederholung.php @@ -0,0 +1,161 @@ +. + */ + +if (! defined('BASEPATH')) exit('No direct script access allowed'); + + +/** + * This controller operates between (interface) the JS (FAS) and the AntragLib (back-end) + * This controller works with calls on the HTTP GET or POST and the output is always RDF + */ +class Wiederholung extends Auth_Controller +{ + + /** + * Calls the parent's constructor and loads the FilterCmptLib + */ + public function __construct() + { + parent::__construct([ + 'getLvs' => ['student/studierendenantrag:r', 'student/noten:r'], + 'moveLvsToZeugnis' => ['student/studierendenantrag:w', 'student/noten:w'] + ]); + + // Libraries + $this->load->library('AntragLib'); + + // Load language phrases + $this->loadPhrases([ + 'global', + 'studierendenantrag' + ]); + } + + //------------------------------------------------------------------------------------------------------------------ + // Public methods + + public function getLvs($prestudent_id) + { + // header für no cache + $this->output->set_header("Cache-Control: no-cache"); + $this->output->set_header("Cache-Control: post-check=0, pre-check=0", false); + $this->output->set_header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); + $this->output->set_header("Pragma: no-cache"); + $this->output->set_header("Content-type: application/xhtml+xml"); + + $this->load->library('VariableLib', ['uid' => getAuthUID()]); + $sem_akt = $this->variablelib->getVar('semester_aktuell'); + + + $result = $this->antraglib->getLvsForPrestudent($prestudent_id, $sem_akt); + $lvs = $this->getDataOrTerminateWithError($result) ?: []; + + $rdf_url = 'http://www.technikum-wien.at/antragnote'; + + $this->load->view('lehre/Antrag/Wiederholung/getLvs.rdf.php', [ + 'url' => $rdf_url, + 'lvs' => $lvs + ]); + } + + public function moveLvsToZeugnis() + { + $anzahl = $this->input->post('anzahl'); + $student_uid = $this->input->post('student_uid'); + $this->load->model('education/Studierendenantraglehrveranstaltung_model', 'StudierendenantraglehrveranstaltungModel'); + $this->load->model('education/Zeugnisnote_model', 'ZeugnisnoteModel'); + + $errormsg = array(); + + for($i=0; $i<$anzahl; $i++) + { + $id = $this->input->post('studierendenantrag_lehrveranstaltung_id_' . $i); + $result =$this->StudierendenantraglehrveranstaltungModel->load($id); + if(isError($result)) + { + $errormsg[] = getError($result); + } + elseif(!hasData($result)) + { + $errormsg[] = $this->p->t('studierendenantrag', 'error_no_lv_in_application'); + } + else + { + $antragLv = getData($result)[0]; + $result= $this->ZeugnisnoteModel->load([ + 'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id, + 'student_uid'=> $student_uid, + 'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz + ]); + if(isError($result)) + { + $errormsg[] = getError($result); + } + else + { + if (hasData($result)) + { + $result = $this->ZeugnisnoteModel->update( + [ + 'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id, + 'student_uid'=> $student_uid, + 'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz + ], + [ + 'note'=> $antragLv->note, + 'uebernahmedatum' => date('c'), + 'benotungsdatum' => $antragLv->insertamum, + 'updateamum' => date('c'), + 'bemerkung'=>$antragLv->anmerkung, + 'updatevon'=>getAuthUID() + ] + ); + } + else + { + $result = $this->ZeugnisnoteModel->insert([ + 'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id, + 'student_uid'=> $student_uid, + 'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz, + 'note'=> $antragLv->note, + 'uebernahmedatum' => date('c'), + 'benotungsdatum' => $antragLv->insertamum, + 'insertamum' => date('c'), + 'bemerkung'=>$antragLv->anmerkung, + 'insertvon'=>getAuthUID() + ]); + } + if(isError($result)) + { + $errormsg[] = getError($result); + } + } + } + } + + if($errormsg) + $return = false; + else + $return = true; + + $this->load->view('lehre/Antrag/Wiederholung/moveLvs.rdf.php', [ + 'return' => $return, + 'errormsg' => $errormsg + ]); + } +} diff --git a/application/controllers/api/frontend/v1/Filter.php b/application/controllers/api/frontend/v1/Filter.php new file mode 100644 index 000000000..45838fc5f --- /dev/null +++ b/application/controllers/api/frontend/v1/Filter.php @@ -0,0 +1,231 @@ +. + */ + +if (! defined('BASEPATH')) exit('No direct script access allowed'); + +/** + * This controller operates between (interface) the JS (GUI) and the FilterCmptLib (back-end) + * Provides data to the ajax get calls about the filter component + * Listens to ajax post calls to change the filter data + * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON + */ +class Filter extends FHCAPI_Controller +{ + const FILTER_UNIQUE_ID = 'filterUniqueId'; // Name of the filter cmpt unique id (mandatory) + const FILTER_TYPE = 'filterType'; // The filter type (PHP filter definition) used (mandatory) + const FILTER_ID = 'filterId'; // The id of the used filter (optional) + + /** + * Calls the parent's constructor and loads the FilterCmptLib + */ + public function __construct() + { + // NOTE: FilterCmpt has its own permissions checks + parent::__construct([ + 'getFilter' => self::PERM_LOGGED, + 'removeFilterField' => self::PERM_LOGGED, + 'addFilterField' => self::PERM_LOGGED, + 'applyFilterFields' => self::PERM_LOGGED, + 'removeCustomFilter' => self::PERM_LOGGED, + 'saveCustomFilter' => self::PERM_LOGGED, + 'reloadDataset' => self::PERM_LOGGED + ]); + + // Loads the FiltersModel + $this->load->model('system/Filters_model', 'FiltersModel'); + + // Loads the FilterCmptLib with HTTP GET/POST parameters + $this->_startFilterCmptLib(); + } + + //------------------------------------------------------------------------------------------------------------------ + // Public methods + + /** + * Retrieves data about the current filter from the session and will be written on the output in JSON format + */ + public function getFilter() + { + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $session = $this->filtercmptlib->getSession(); + if (is_object($session)) { + // If stdClass it is an retval object + $session = $this->getDataOrTerminateWithError($session); + } + $this->terminateWithSuccess($session); + } + + /** + * Remove an applied filter (SQL where condition) from the current filter + */ + public function removeFilterField() + { + $this->form_validation->set_rules('filterField', 'filterField', 'required'); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $result = $this->filtercmptlib->removeFilterField($this->input->post('filterField')); + + if (!$result) + $this->terminateWithError('Error occurred', self::ERROR_TYPE_GENERAL); + + $this->terminateWithSuccess('Field removed'); + } + + /** + * Add a filter (SQL where clause) to be applied to the current filter + */ + public function addFilterField() + { + $this->form_validation->set_rules('filterField', 'filterField', 'required'); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $result = $this->filtercmptlib->addFilterField($this->input->post('filterField')); + + if (!$result) + $this->terminateWithError('Error occurred', self::ERROR_TYPE_GENERAL); + + $this->terminateWithSuccess('Field added'); + } + + /** + * Apply the filter changes + */ + public function applyFilterFields() + { + $this->form_validation->set_rules('filterFields', 'filterFields', 'required'); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $result = $this->filtercmptlib->applyFilterFields($this->input->post('filterFields')); + + if (!$result) + $this->terminateWithError('Error occurred', self::ERROR_TYPE_GENERAL); + + $this->terminateWithSuccess('Applied'); + } + + /** + * Save the current filter as a custom filter for this user with the given description + */ + public function saveCustomFilter() + { + $this->form_validation->set_rules('customFilterName', 'customFilterName', 'required'); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $result = $this->filtercmptlib->saveCustomFilter($this->input->post('customFilterName')); + + if (!$result) + $this->terminateWithError('Error occurred', self::ERROR_TYPE_GENERAL); + + $this->terminateWithSuccess('Saved'); + } + + /** + * Remove a custom filter by its filterId + */ + public function removeCustomFilter() + { + $this->form_validation->set_rules('filterId', 'filterId', 'required'); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $result = $this->filtercmptlib->removeCustomFilter($this->input->post('filterId')); + + if (!$result) + $this->terminateWithError('Error occurred', self::ERROR_TYPE_GENERAL); + + $this->terminateWithSuccess('Removed'); + } + + /** + * Reloads the dataset + */ + public function reloadDataset() + { + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $this->filtercmptlib->reloadDataset(); + + $this->terminateWithSuccess('Success'); + } + + //------------------------------------------------------------------------------------------------------------------ + // Private methods + + /** + * Loads the FilterCmptLib with the FILTER_UNIQUE_ID parameter + * If the parameter FILTER_UNIQUE_ID is not given then the execution of the controller is terminated and + * an error message is printed + */ + private function _startFilterCmptLib() + { + $filterUniqueId = null; + $filterType = null; + $filterId = null; + + $validations = [ + [ + 'field' => self::FILTER_UNIQUE_ID, + 'label' => self::FILTER_UNIQUE_ID, + 'rules' => 'required' + ], + [ + 'field' => self::FILTER_TYPE, + 'label' => self::FILTER_TYPE, + 'rules' => 'required' + ], + ]; + + $this->load->library('form_validation'); + + if ($this->input->method() == 'get') + $this->form_validation->set_data($this->input->get()); + $this->form_validation->set_rules($validations); + + if ($this->form_validation->run()) { + $filterUniqueId = $this->input->post_get(self::FILTER_UNIQUE_ID); + $filterType = $this->input->post_get(self::FILTER_TYPE); + $filterId = $this->input->post_get(self::FILTER_ID); + + // Loads the FilterCmptLib that contains all the used logic + $this->load->library( + 'FilterCmptLib', + array( + 'filterUniqueId' => $filterUniqueId, + 'filterType' => $filterType, + 'filterId' => $filterId + ) + ); + + // Start the component + $this->filtercmptlib->start(); + } + } +} + diff --git a/application/controllers/api/frontend/v1/Navigation.php b/application/controllers/api/frontend/v1/Navigation.php new file mode 100644 index 000000000..6cbbbd385 --- /dev/null +++ b/application/controllers/api/frontend/v1/Navigation.php @@ -0,0 +1,101 @@ +. + */ + +if (! defined('BASEPATH')) exit('No direct script access allowed'); + +/** + * This controller operates between (interface) the JS (GUI) and the NavigationLib (back-end) + * Provides data to the ajax get calls about the filter + * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON + */ +class Navigation extends FHCAPI_Controller +{ + const NAVIGATION_PAGE_PARAM = 'navigation_page'; // Navigation page parameter name + + /** + * Loads the NavigationLib where the used logic lies + */ + public function __construct() + { + parent::__construct([ + 'menu' => self::PERM_LOGGED, + 'header' => self::PERM_LOGGED + ]); + + $this->_loadNavigationLib(); // Loads the NavigationLib with parameters + } + + //------------------------------------------------------------------------------------------------------------------ + // Public methods + + /** + * This function creates the left Menu for each Page + * @param NAVIGATION_PAGE_PARAM GET Parameter witch holds the currently called Page + * @return JSON object with the Menu Entries + */ + public function menu() + { + $menuArray = $this->navigationlib->getMenuArray($this->input->get(self::NAVIGATION_PAGE_PARAM)); + + $this->terminateWithSuccess($menuArray); + } + + /** + * This function creates the Top Menu for each Page + * @param NAVIGATION_PAGE_PARAM GET Parameter witch holds the currently called Page + * @return JSON object with the Menu Entries + */ + public function header() + { + $headerArray = $this->navigationlib->getHeaderArray($this->input->get(self::NAVIGATION_PAGE_PARAM)); + + $this->terminateWithSuccess($headerArray); + } + + //------------------------------------------------------------------------------------------------------------------ + // Private methods + + /** + * Loads the NavigationLib with the NAVIGATION_PAGE_PARAM parameter + * If the parameter NAVIGATION_PAGE_PARAM is not given then the execution of the controller is terminated and + * an error message is printed + */ + private function _loadNavigationLib() + { + // If the parameter NAVIGATION_PAGE_PARAM is present in the HTTP GET or POST + if (isset($_GET[self::NAVIGATION_PAGE_PARAM]) || isset($_POST[self::NAVIGATION_PAGE_PARAM])) + { + // If it is present in the HTTP GET + if (isset($_GET[self::NAVIGATION_PAGE_PARAM])) + { + $navigationPage = $this->input->get(self::NAVIGATION_PAGE_PARAM); // is retrieved from the HTTP GET + } + elseif (isset($_POST[self::NAVIGATION_PAGE_PARAM])) // Else if it is present in the HTTP POST + { + $navigationPage = $this->input->post(self::NAVIGATION_PAGE_PARAM); // is retrieved from the HTTP POST + } + + // Loads the NavigationLib that contains all the used logic + $this->load->library('NavigationLib', array(self::NAVIGATION_PAGE_PARAM => $navigationPage)); + } + else // Otherwise an error will be written in the output + { + show_error('Parameter "' . self::NAVIGATION_PAGE_PARAM . '" not provided!'); + } + } +} diff --git a/application/controllers/api/frontend/v1/Phrasen.php b/application/controllers/api/frontend/v1/Phrasen.php new file mode 100644 index 000000000..472308d2b --- /dev/null +++ b/application/controllers/api/frontend/v1/Phrasen.php @@ -0,0 +1,46 @@ +. + */ + +if (! defined('BASEPATH')) exit('No direct script access allowed'); + +/** + * This controller operates between (interface) the JS (GUI) and the PhrasesLib (back-end) + * Provides data to the ajax get calls about the Phrasen plugin + * This controller works with JSON calls on the HTTP GET and the output is always JSON + */ +class Phrasen extends FHCAPI_Controller +{ + public function __construct() + { + parent::__construct([ + 'loadModule' => self::PERM_ANONYMOUS + ]); + } + + //------------------------------------------------------------------------------------------------------------------ + // Public methods + + /** + * @param string $module + */ + public function loadModule($module) + { + $this->load->library('PhrasesLib', [$module], 'pj'); + $this->terminateWithSuccess(json_decode($this->pj->getJSON())); + } +} diff --git a/application/controllers/api/frontend/v1/Searchbar.php b/application/controllers/api/frontend/v1/Searchbar.php new file mode 100644 index 000000000..8b383e042 --- /dev/null +++ b/application/controllers/api/frontend/v1/Searchbar.php @@ -0,0 +1,69 @@ +. + */ + +if (! defined('BASEPATH')) exit('No direct script access allowed'); + +/** + * This controller operates between (interface) the JS (GUI) and the SearchBarLib (back-end) + * Provides data to the ajax get calls about the searchbar component + * This controller works with JSON calls on the HTTP GET and the output is always JSON + */ +class Searchbar extends FHCAPI_Controller +{ + const SEARCHSTR_PARAM = 'searchstr'; + const TYPES_PARAM = 'types'; + + /** + * Object initialization + */ + public function __construct() + { + // NOTE(chris): additional permission checks will be done in SearchBarLib + parent::__construct([ + 'search' => self::PERM_LOGGED + ]); + + // Load the library SearchBarLib + $this->load->library('SearchBarLib'); + } + + //------------------------------------------------------------------------------------------------------------------ + // Public methods + + /** + * Gets a JSON body via HTTP POST and provides the parameters + */ + public function search() + { + $this->load->library('form_validation'); + + // Checks if the searchstr and the types parameters are in the POSTed JSON + $this->form_validation->set_rules(self::SEARCHSTR_PARAM, null, 'required'); + $this->form_validation->set_rules(self::TYPES_PARAM . '[]', null, 'required'); + + if (!$this->form_validation->run()) + $this->terminateWithError(SearchBarLib::ERROR_WRONG_JSON, self::ERROR_TYPE_GENERAL); + + // Convert to json the result from searchbarlib->search + $result = $this->searchbarlib->search($this->input->post(self::SEARCHSTR_PARAM), $this->input->post(self::TYPES_PARAM)); + if (property_exists($result, 'error')) + $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL); + $this->terminateWithSuccess($result); + } +} + diff --git a/application/controllers/api/frontend/v1/studstatus/Abmeldung.php b/application/controllers/api/frontend/v1/studstatus/Abmeldung.php new file mode 100644 index 000000000..875b6484c --- /dev/null +++ b/application/controllers/api/frontend/v1/studstatus/Abmeldung.php @@ -0,0 +1,187 @@ +. + */ + +if (! defined('BASEPATH')) exit('No direct script access allowed'); + +use \REST_Controller as REST_Controller; +use \Studierendenantrag_model as Studierendenantrag_model; + +/** + * This controller operates between (interface) the JS (GUI) and the AntragLib (back-end) + * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON + */ +class Abmeldung extends FHCAPI_Controller +{ + + /** + * Calls the parent's constructor and loads the AntragLib + */ + public function __construct() + { + parent::__construct([ + 'getDetailsForNewAntrag' => self::PERM_LOGGED, + 'getDetailsForAntrag' => self::PERM_LOGGED, + 'createAntrag' => self::PERM_LOGGED, + 'cancelAntrag' => self::PERM_LOGGED + ]); + + // Libraries + $this->load->library('AntragLib'); + + // Load language phrases + $this->loadPhrases([ + 'studierendenantrag' + ]); + } + + //------------------------------------------------------------------------------------------------------------------ + // Public methods + + /** + * Retrieves data of the current studiengang for the current user + */ + + public function getDetailsForNewAntrag($prestudent_id) + { + if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, true)) + $this->terminateWithError('Forbidden', self::ERROR_TYPE_AUTH, REST_Controller::HTTP_FORBIDDEN); + + $result = $this->antraglib->getPrestudentAbmeldeBerechtigt($prestudent_id); + $result = $this->getDataOrTerminateWithError($result); + + if (!$result) { + $this->terminateWithError( + $this->p->t('studierendenantrag', 'error_no_student'), + self::ERROR_TYPE_AUTH, + REST_Controller::HTTP_FORBIDDEN + ); + } elseif ($result == -3) { + $this->terminateWithError( + $this->p->t('studierendenantrag', 'error_stg_blacklist'), + self::ERROR_TYPE_AUTH, + REST_Controller::HTTP_FORBIDDEN + ); + } elseif ($result == -1) { + $result = $this->antraglib->getDetailsForLastAntrag( + $prestudent_id, + [ + Studierendenantrag_model::TYP_ABMELDUNG, + Studierendenantrag_model::TYP_ABMELDUNG_STGL + ] + ); + + $data = $this->getDataOrTerminateWithError($result); + + $data->canCancel = ( + $data->status == Studierendenantragstatus_model::STATUS_CREATED && + $this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id) + ); + + $this->terminateWithSuccess($data); + } + + $result = $this->antraglib->getDetailsForNewAntrag($prestudent_id); + + $data = $this->getDataOrTerminateWithError($result); + + $this->terminateWithSuccess($data); + } + + public function getDetailsForAntrag($studierendenantrag_id) + { + if (!$this->antraglib->isEntitledToShowAntrag($studierendenantrag_id)) + return show_404(); + + $result = $this->antraglib->getDetailsForAntrag($studierendenantrag_id); + + $data = $this->getDataOrTerminateWithError($result); + + if ($data->typ !== Studierendenantrag_model::TYP_ABMELDUNG_STGL && $data->typ !== Studierendenantrag_model::TYP_ABMELDUNG) + return show_404(); + + $data->canCancel = ( + $data->status == Studierendenantragstatus_model::STATUS_CREATED && + $this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id) + ); + + $this->terminateWithSuccess($data); + } + + public function createAntrag() + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules('studiensemester', 'Studiensemester', 'required'); + $this->form_validation->set_rules('prestudent_id', 'Prestudent ID', 'required'); + $this->form_validation->set_rules('grund', 'Grund', 'required'); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $grund = $this->input->post('grund'); + $studiensemester = $this->input->post('studiensemester'); + $prestudent_id = $this->input->post('prestudent_id'); + + $result = $this->antraglib->getPrestudentAbmeldeBerechtigt($prestudent_id); + $result = $this->getDataOrTerminateWithError($result); + if (!$result) + $this->terminateWithError($this->p->t('studierendenantrag', 'error_no_student'), self::ERROR_TYPE_GENERAL); + elseif ($result == -3) + $this->terminateWithError($this->p->t('studierendenantrag', 'error_stg_blacklist'), self::ERROR_TYPE_GENERAL); + elseif ($result < 0) + $this->terminateWithError($this->p->t('studierendenantrag', 'error_antrag_exists'), self::ERROR_TYPE_GENERAL); + + $result = $this->antraglib->createAbmeldung($prestudent_id, $studiensemester, getAuthUID(), $grund); + $data = $this->getDataOrTerminateWithError($result); + + $result = $this->antraglib->getDetailsForAntrag($data); + if (!hasData($result)) + return $this->terminateWithSuccess(true); + + $data = getData($result); + $data->canCancel = (boolean)$this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id); + + $this->terminateWithSuccess($data); + } + + public function cancelAntrag() + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules('antrag_id', 'Antrag ID', 'required'); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $antrag_id = $this->input->post('antrag_id'); + + if (!$this->antraglib->isEntitledToCancelAntrag($antrag_id)) + $this->terminateWithError('Forbidden', self::ERROR_TYPE_AUTH, REST_Controller::HTTP_FORBIDDEN); + + $result = $this->antraglib->cancelAntrag($antrag_id, getAuthUID()); + $this->getDataOrTerminateWithError($result); + + $result = $this->antraglib->getDetailsForAntrag($antrag_id); + if (!hasData($result)) + $this->terminateWithSuccess($antrag_id); + + $data = getData($result); + + $this->terminateWithSuccess($data); + } +} diff --git a/application/controllers/api/frontend/v1/studstatus/Leitung.php b/application/controllers/api/frontend/v1/studstatus/Leitung.php new file mode 100644 index 000000000..2699a3dbb --- /dev/null +++ b/application/controllers/api/frontend/v1/studstatus/Leitung.php @@ -0,0 +1,428 @@ +. + */ + +if (! defined('BASEPATH')) exit('No direct script access allowed'); + +use \stdClass as stdClass; +use \Studierendenantrag_model as Studierendenantrag_model; + +/** + * This controller operates between (interface) the JS (GUI) and the AntragLib (back-end) + * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON + */ +class Leitung extends FHCAPI_Controller +{ + + /** + * Calls the parent's constructor and loads the AntragLib + */ + public function __construct() + { + parent::__construct([ + 'getActiveStgs' => ['student/antragfreigabe:r', 'student/studierendenantrag:r'], + 'getAntraege' => ['student/antragfreigabe:r', 'student/studierendenantrag:r'], + 'getHistory' => ['student/antragfreigabe:r', 'student/studierendenantrag:r'], + 'getPrestudents' => 'student/studierendenantrag:w', + 'approveAntrag' => 'student/antragfreigabe:w', + 'rejectAntrag' => 'student/antragfreigabe:w', + 'reopenAntrag' => 'student/studierendenantrag:w', + 'pauseAntrag' => ['student/antragfreigabe:w', 'student/studierendenantrag:w'], + 'unpauseAntrag' => ['student/antragfreigabe:w', 'student/studierendenantrag:w'], + 'objectAntrag' => ['student/antragfreigabe:w', 'student/studierendenantrag:w'], + 'approveObjection' => ['student/antragfreigabe:w', 'student/studierendenantrag:w'], + 'denyObjection' => ['student/antragfreigabe:w', 'student/studierendenantrag:w'] + ]); + + // Libraries + $this->load->library('AntragLib'); + + // Load language phrases + $this->loadPhrases([ + 'studierendenantrag' + ]); + } + + //------------------------------------------------------------------------------------------------------------------ + // Public methods + + public function getActiveStgs() + { + $studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/antragfreigabe') ?: []; + $studiengaenge = array_merge($studiengaenge, $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag') ?: []); + + $result = $this->StudierendenantragModel->loadStgsWithAntraege($studiengaenge); + $data = $this->getDataOrTerminateWithError($result); + + $this->terminateWithSuccess($data); + } + + public function getAntraege($studiengang = null, $extra = null) + { + if ($studiengang && $studiengang == 'todo') { + $studiengang = $extra; + $extra = true; + } else { + $extra = false; + } + + $studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/antragfreigabe'); + if(!is_array($studiengaenge)) + $studiengaenge = []; + + + $stgsNeuanlage = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag'); + if(!is_array($stgsNeuanlage)) + $stgsNeuanlage = []; + + $studiengaenge = array_unique(array_merge($studiengaenge, $stgsNeuanlage)); + + if ($studiengang) { + if (!in_array($studiengang, $studiengaenge)) + $this->terminateWithError( + 'Forbidden', + self::ERROR_TYPE_AUTH, + REST_Controller::HTTP_FORBIDDEN + ); + $studiengaenge = [$studiengang]; + } + + $antraege = []; + if ($studiengaenge) { + $result = $extra + ? $this->StudierendenantragModel->loadActiveForStudiengaenge($studiengaenge) + : $this->StudierendenantragModel->loadForStudiengaenge($studiengaenge); + + $antraege = $this->getDataOrTerminateWithError($result); + } + + $this->terminateWithSuccess($antraege ?: []); + } + + public function getHistory($studierendenantrag_id) + { + if (!$this->antraglib->isEntitledToSeeHistoryForAntrag($studierendenantrag_id)) + $this->terminateWithError( + 'Forbidden', + self::ERROR_TYPE_AUTH, + REST_Controller::HTTP_FORBIDDEN + ); + + $result = $this->antraglib->getAntragHistory($studierendenantrag_id); + $data = $this->getDataOrTerminateWithError($result); + + $this->terminateWithSuccess($data ?: []); + } + + public function getPrestudents() + { + $query = $this->input->post('query'); + + $studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag'); + + $result = $this->antraglib->getAktivePrestudentenInStgs($studiengaenge, $query); + $result = $this->getDataOrTerminateWithError($result); + + return $this->terminateWithSuccess($result ?: []); + } + + public function approveAntrag() + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules( + 'studierendenantrag_id', + 'Studierenden Antrag', + [ + 'required', + ['isEntitledToApproveAntrag', [$this->antraglib, 'isEntitledToApproveAntrag']], + ], + [ + 'isEntitledToApproveAntrag' => $this->p->t('studierendenantrag', 'error_no_right') + ] + ); + $this->form_validation->set_rules( + 'typ', + 'Typ', + 'required|in_list[' . implode(',', [ + Studierendenantrag_model::TYP_ABMELDUNG, + Studierendenantrag_model::TYP_ABMELDUNG_STGL, + Studierendenantrag_model::TYP_UNTERBRECHUNG, + Studierendenantrag_model::TYP_WIEDERHOLUNG + ]) . ']' + ); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $studierendenantrag_id = $this->input->post('studierendenantrag_id'); + switch ($this->input->post('typ')) { + case Studierendenantrag_model::TYP_ABMELDUNG: + case Studierendenantrag_model::TYP_ABMELDUNG_STGL: + $result = $this->antraglib->approveAbmeldung([$studierendenantrag_id], getAuthUID()); + break; + case Studierendenantrag_model::TYP_UNTERBRECHUNG: + $result = $this->antraglib->approveUnterbrechung([$studierendenantrag_id], getAuthUID()); + break; + case Studierendenantrag_model::TYP_WIEDERHOLUNG: + $result = $this->antraglib->approveWiederholung($studierendenantrag_id, getAuthUID()); + break; + } + $this->getDataOrTerminateWithError($result); + + return $this->terminateWithSuccess($studierendenantrag_id); + } + + public function rejectAntrag() + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules( + 'studierendenantrag_id', + 'Studierenden Antrag', + [ + 'required', + ['isEntitledToRejectAntrag', [$this->antraglib, 'isEntitledToRejectAntrag']], + ], + [ + 'isEntitledToRejectAntrag' => $this->p->t('studierendenantrag', 'error_no_right') + ] + ); + $this->form_validation->set_rules('grund', 'Grund', 'required'); + $this->form_validation->set_rules( + 'typ', + 'Typ', + 'required|in_list[' . implode(',', [ + Studierendenantrag_model::TYP_UNTERBRECHUNG + ]) . ']' + ); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $studierendenantrag_id = $this->input->post('studierendenantrag_id'); + $grund = $this->input->post('grund'); + + $result = $this->antraglib->rejectUnterbrechung([$studierendenantrag_id], getAuthUID(), $grund); + $this->getDataOrTerminateWithError($result); + + return $this->terminateWithSuccess($studierendenantrag_id); + } + + public function reopenAntrag() + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules( + 'studierendenantrag_id', + 'Studierenden Antrag', + [ + 'required', + ['isEntitledToReopenAntrag', [$this->antraglib, 'isEntitledToReopenAntrag']], + ], + [ + 'isEntitledToReopenAntrag' => $this->p->t('studierendenantrag', 'error_no_right') + ] + ); + $this->form_validation->set_rules( + 'typ', + 'Typ', + 'required|in_list[' . implode(',', [ + Studierendenantrag_model::TYP_WIEDERHOLUNG + ]) . ']' + ); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $studierendenantrag_id = $this->input->post('studierendenantrag_id'); + + $result = $this->antraglib->reopenWiederholung($studierendenantrag_id, getAuthUID()); + $this->getDataOrTerminateWithError($result); + + return $this->terminateWithSuccess($studierendenantrag_id); + } + + public function pauseAntrag() + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules( + 'studierendenantrag_id', + 'Studierenden Antrag', + [ + 'required', + ['isEntitledToPauseAntrag', [$this->antraglib, 'isEntitledToPauseAntrag']], + ['antragCanBeManualPaused', [$this->antraglib, 'antragCanBeManualPaused']] + ], + [ + 'isEntitledToPauseAntrag' => $this->p->t('studierendenantrag', 'error_no_right'), + 'antragCanBeManualPaused' => $this->p->t( + 'studierendenantrag', + 'error_not_pauseable', + ['id' => $this->input->post('studierendenantrag_id')] + ) + ] + ); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $studierendenantrag_id = $this->input->post('studierendenantrag_id'); + + $result = $this->antraglib->pauseAntrag($studierendenantrag_id, getAuthUID()); + $this->getDataOrTerminateWithError($result); + + return $this->terminateWithSuccess($studierendenantrag_id); + } + + public function unpauseAntrag() + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules( + 'studierendenantrag_id', + 'Studierenden Antrag', + [ + 'required', + ['isEntitledToUnpauseAntrag', [$this->antraglib, 'isEntitledToUnpauseAntrag']], + ['antragCanBeManualUnpaused', [$this->antraglib, 'antragCanBeManualUnpaused']] + ], + [ + 'isEntitledToUnpauseAntrag' => $this->p->t('studierendenantrag', 'error_no_right'), + 'antragCanBeManualUnpaused' => $this->p->t( + 'studierendenantrag', + 'error_not_paused', + ['id' => $this->input->post('studierendenantrag_id')] + ) + ] + ); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $studierendenantrag_id = $this->input->post('studierendenantrag_id'); + + $result = $this->antraglib->unpauseAntrag($studierendenantrag_id, getAuthUID()); + $this->getDataOrTerminateWithError($result); + + return $this->terminateWithSuccess($studierendenantrag_id); + } + + public function objectAntrag() + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules( + 'studierendenantrag_id', + 'Studierenden Antrag', + [ + 'required', + ['isEntitledToObjectAntrag', [$this->antraglib, 'isEntitledToObjectAntrag']], + ['canBeObjected', function ($a) { + return $this->antraglib->hasType($a, Studierendenantrag_model::TYP_ABMELDUNG_STGL); + }] + ], + [ + 'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'), + 'canBeObjected' => $this->p->t( + 'studierendenantrag', + 'error_no_objection' + ) + ] + ); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $studierendenantrag_id = $this->input->post('studierendenantrag_id'); + + $result = $this->antraglib->objectAbmeldung($studierendenantrag_id, getAuthUID()); + $this->getDataOrTerminateWithError($result); + + return $this->terminateWithSuccess($studierendenantrag_id); + } + + public function approveObjection() + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules( + 'studierendenantrag_id', + 'Studierenden Antrag', + [ + 'required', + ['isEntitledToObjectAntrag', [$this->antraglib, 'isEntitledToObjectAntrag']], + ['isObjected', function ($a) { + return $this->antraglib->hasStatus($a, Studierendenantragstatus_model::STATUS_OBJECTED); + }] + ], + [ + 'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'), + 'isObjected' => $this->p->t( + 'studierendenantrag', + 'error_not_objected' + ) + ] + ); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $studierendenantrag_id = $this->input->post('studierendenantrag_id'); + + $result = $this->antraglib->cancelAntrag($studierendenantrag_id, getAuthUID()); + $this->getDataOrTerminateWithError($result); + + return $this->terminateWithSuccess($studierendenantrag_id); + } + + public function denyObjection() + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules( + 'studierendenantrag_id', + 'Studierenden Antrag', + [ + 'required', + ['isEntitledToObjectAntrag', [$this->antraglib, 'isEntitledToObjectAntrag']], + ['isObjected', function ($a) { + return $this->antraglib->hasStatus($a, Studierendenantragstatus_model::STATUS_OBJECTED); + }] + ], + [ + 'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'), + 'isObjected' => $this->p->t( + 'studierendenantrag', + 'error_not_objected' + ) + ] + ); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $studierendenantrag_id = $this->input->post('studierendenantrag_id'); + $grund = $this->input->post('grund'); + + $result = $this->antraglib->denyObjectionAbmeldung($studierendenantrag_id, getAuthUID(), $grund); + $this->getDataOrTerminateWithError($result); + + return $this->terminateWithSuccess($studierendenantrag_id); + } +} diff --git a/application/controllers/components/Antrag/Unterbrechung.php b/application/controllers/api/frontend/v1/studstatus/Unterbrechung.php similarity index 52% rename from application/controllers/components/Antrag/Unterbrechung.php rename to application/controllers/api/frontend/v1/studstatus/Unterbrechung.php index f19139e00..abf58cf4f 100644 --- a/application/controllers/components/Antrag/Unterbrechung.php +++ b/application/controllers/api/frontend/v1/studstatus/Unterbrechung.php @@ -1,4 +1,20 @@ . + */ if (! defined('BASEPATH')) exit('No direct script access allowed'); @@ -6,23 +22,28 @@ use \Studierendenantrag_model as Studierendenantrag_model; use \DateTime as DateTime; /** - * + * This controller operates between (interface) the JS (GUI) and the AntragLib (back-end) + * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON */ -class Unterbrechung extends FHC_Controller +class Unterbrechung extends FHCAPI_Controller { /** - * Calls the parent's constructor and loads the FilterCmptLib + * Calls the parent's constructor and loads the AntragLib */ public function __construct() { - parent::__construct(); + parent::__construct([ + 'getDetailsForNewAntrag' => self::PERM_LOGGED, + 'getDetailsForAntrag' => self::PERM_LOGGED, + 'createAntrag' => self::PERM_LOGGED, + 'cancelAntrag' => self::PERM_LOGGED + ]); // Configs $this->load->config('studierendenantrag'); // Libraries - $this->load->library('AuthLib'); $this->load->library('AntragLib'); // Load language phrases @@ -38,74 +59,62 @@ class Unterbrechung extends FHC_Controller public function getDetailsForNewAntrag($prestudent_id) { - if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, false)) { - $this->output->set_status_header(403); - return $this->outputJsonError('Forbidden'); - } + if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, false)) + $this->terminateWithError('Forbidden', self::ERROR_TYPE_AUTH, REST_Controller::HTTP_FORBIDDEN); + $result = $this->antraglib->getPrestudentUnterbrechungsBerechtigt($prestudent_id); - if (isError($result)) { - $this->output->set_status_header(500); - return $this->outputJsonError(getError($result)); - } - $result = $result->retval; + $result = $this->getDataOrTerminateWithError($result); + if (!$result) { - $this->output->set_status_header(403); - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_no_student')); - } - elseif ($result == -1) - { + $this->terminateWithError( + $this->p->t('studierendenantrag', 'error_no_student'), + self::ERROR_TYPE_AUTH, + REST_Controller::HTTP_FORBIDDEN + ); + } elseif ($result == -1) { $result = $this->antraglib->getDetailsForLastAntrag($prestudent_id, Studierendenantrag_model::TYP_UNTERBRECHUNG); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } + + $data = $this->getDataOrTerminateWithError($result); - return $this->outputJsonSuccess(getData($result)); - } - elseif ($result == -2) - { + return $this->terminateWithSuccess($data); + } elseif ($result == -2) { $result = $this->antraglib->getDetailsForLastAntrag($prestudent_id); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - $result = getData($result); - $this->output->set_status_header(400); - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_antrag_pending', [ + $data = $this->getDataOrTerminateWithError($result); + + return $this->terminateWithError($this->p->t('studierendenantrag', 'error_antrag_pending', [ 'typ' => $this->p->t('studierendenantrag', 'antrag_typ_' . $result->typ) ])); - } - elseif ($result == -3) - { - $this->output->set_status_header(403); - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_stg_blacklist')); - } - $result = $this->antraglib->getDetailsForNewAntrag($prestudent_id); - if (isError($result)) { - return $this->outputJsonError(getError($result)); + } elseif ($result == -3) { + $this->terminateWithError( + $this->p->t('studierendenantrag', 'error_stg_blacklist'), + self::ERROR_TYPE_AUTH, + REST_Controller::HTTP_FORBIDDEN + ); } - $data = getData($result); + $result = $this->antraglib->getDetailsForNewAntrag($prestudent_id); + + $data = $this->getDataOrTerminateWithError($result); $data->studiensemester = $this->antraglib->getSemesterForUnterbrechung($prestudent_id, null); - $this->outputJsonSuccess($data); + $this->terminateWithSuccess($data); } public function getDetailsForAntrag($studierendenantrag_id) { - if (!$this->antraglib->isEntitledToShowAntrag($studierendenantrag_id)) return show_404(); + if (!$this->antraglib->isEntitledToShowAntrag($studierendenantrag_id)) + return show_404(); $result = $this->antraglib->getDetailsForAntrag($studierendenantrag_id); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - $data = getData($result); + $data = $this->getDataOrTerminateWithError($result); if ($data->typ !== Studierendenantrag_model::TYP_UNTERBRECHUNG) return show_404(); - $this->outputJsonSuccess($data); + $this->terminateWithSuccess($data); } public function createAntrag() @@ -125,9 +134,8 @@ class Unterbrechung extends FHC_Controller ] ); - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); + if (!$this->form_validation->run()) { + $this->terminateWithValidationErrors($this->form_validation->error_array()); } $grund = $this->input->post('grund'); @@ -137,25 +145,17 @@ class Unterbrechung extends FHC_Controller $dms_id = null; $result = $this->antraglib->getPrestudentUnterbrechungsBerechtigt($prestudent_id, $studiensemester, $datum_wiedereinstieg); - if (isError($result)) { - return $this->outputJsonError(['db' => getError($result)]); - } - $result = $result->retval; - if (!$result) - { - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_no_student')]); - } - elseif ($result == -3) - { - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_stg_blacklist')]); - } - elseif ($result < 0) - { - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_antrag_exists')]); - } - if(isset($_FILES['attachment']) && (!isset($_FILES['attachment']['error']) || $_FILES['attachment']['error'] != UPLOAD_ERR_NO_FILE)) - { + $result = $this->getDataOrTerminateWithError($result); + + if (!$result) + $this->terminateWithError($this->p->t('studierendenantrag', 'error_no_student'), self::ERROR_TYPE_GENERAL); + elseif ($result == -3) + $this->terminateWithError($this->p->t('studierendenantrag', 'error_stg_blacklist'), self::ERROR_TYPE_GENERAL); + elseif ($result < 0) + $this->terminateWithError($this->p->t('studierendenantrag', 'error_antrag_exists'), self::ERROR_TYPE_GENERAL); + + if (isset($_FILES['attachment']) && (!isset($_FILES['attachment']['error']) || $_FILES['attachment']['error'] != UPLOAD_ERR_NO_FILE)) { $this->load->library('DmsLib'); $dms = $this->config->item('unterbrechung_dms'); @@ -167,53 +167,46 @@ class Unterbrechung extends FHC_Controller $allowed_filetypes = $this->config->item('unterbrechung_dms_filetypes') ?: ['*']; $result = $this->dmslib->upload($dms, 'attachment', $allowed_filetypes); - if(isError($result)) - { - return $this->outputJsonError(['db' => getError($result)]); - } - $dms_id = getData($result)['dms_id']; + + $data = $this->getDataOrTerminateWithError($result); + + $dms_id = $data['dms_id']; } $result = $this->antraglib->createUnterbrechung($prestudent_id, $studiensemester, getAuthUID(), $grund, $datum_wiedereinstieg, $dms_id); - if(isError($result)) - { - return $this->outputJsonError(['db' => getError($result)]); - } - $antragId = getData($result); + $antragId = $this->getDataOrTerminateWithError($result); + $result = $this->antraglib->getDetailsForAntrag($antragId); - if(!hasData($result)) - return $this->outputJsonSuccess($antragId); - $this->outputJsonSuccess(getData($result)); + if (!hasData($result)) + $this->terminateWithSuccess($antragId); + + $this->terminateWithSuccess(getData($result)); } public function cancelAntrag() { $this->load->library('form_validation'); - $_POST = json_decode($this->input->raw_input_stream, true); - $this->form_validation->set_rules('antrag_id', 'Antrag ID', 'required'); - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); + if (!$this->form_validation->run()) { + $this->terminateWithValidationErrors($this->form_validation->error_array()); } $antrag_id = $this->input->post('antrag_id'); $result = $this->antraglib->cancelAntrag($antrag_id, getAuthUID()); - if (isError($result)) - { - return $this->outputJsonError(['db' => getError($result)]); - } + + $this->getDataOrTerminateWithError($result); $result = $this->antraglib->getDetailsForAntrag($antrag_id); if (!hasData($result)) - return $this->outputJsonSuccess($antrag_id); - $this->outputJsonSuccess(getData($result)); + return $this->terminateWithSuccess($antrag_id); + + $this->terminateWithSuccess(getData($result)); } public function isValidDate($date) diff --git a/application/controllers/api/frontend/v1/studstatus/Wiederholung.php b/application/controllers/api/frontend/v1/studstatus/Wiederholung.php new file mode 100644 index 000000000..1a8f70d52 --- /dev/null +++ b/application/controllers/api/frontend/v1/studstatus/Wiederholung.php @@ -0,0 +1,258 @@ +. + */ + +if (! defined('BASEPATH')) exit('No direct script access allowed'); + +use \REST_Controller as REST_Controller; +use \Studierendenantragstatus_model as Studierendenantragstatus_model; + +/** + * This controller operates between (interface) the JS (GUI) and the AntragLib (back-end) + * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON + */ +class Wiederholung extends FHCAPI_Controller +{ + + /** + * Calls the parent's constructor and loads the FilterCmptLib + */ + public function __construct() + { + parent::__construct([ + 'getDetailsForNewAntrag' => self::PERM_LOGGED, + 'createAntrag' => self::PERM_LOGGED, + 'cancelAntrag' => self::PERM_LOGGED, + 'getLvs' => self::PERM_LOGGED, + 'saveLvs' => ['student/studierendenantrag:w'] + ]); + + // Libraries + $this->load->library('AntragLib'); + + // Load language phrases + $this->loadPhrases([ + 'global', + 'studierendenantrag' + ]); + } + + //------------------------------------------------------------------------------------------------------------------ + // Public methods + + /** + * Retrieves data of the current studiengang for the current user + */ + + public function getDetailsForNewAntrag($prestudent_id) + { + if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, false)) + $this->terminateWithError('Forbidden', self::ERROR_TYPE_AUTH, REST_Controller::HTTP_FORBIDDEN); + + $result = $this->antraglib->getPrestudentWiederholungsBerechtigt($prestudent_id); + $result = $this->getDataOrTerminateWithError($result); + + if (!$result) { + $this->terminateWithError( + $this->p->t('studierendenantrag', 'error_no_student_no_failed_exam'), + self::ERROR_TYPE_AUTH, + REST_Controller::HTTP_FORBIDDEN + ); + } elseif ($result == -1) { + $result = $this->antraglib->getDetailsForLastAntrag($prestudent_id, Studierendenantrag_model::TYP_WIEDERHOLUNG); + $data = $this->getDataOrTerminateWithError($result); + + $result = $this->antraglib->getFailedExamForPrestudent($prestudent_id, $data->datum, $data->studiensemester_kurzbz); + // NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt() + $pruefungsdata = current(getData($result)); + + $data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz; + $data->lvbezeichnung = $pruefungsdata->lvbezeichnung; + $data->pruefungsdatum = $pruefungsdata->datum; + + $this->terminateWithSuccess($data); + } elseif ($result == -2) { + $result = $this->antraglib->getDetailsForLastAntrag($prestudent_id); + $result = $this->getDataOrTerminateWithError($result); + + $this->terminateWithError( + $this->p->t('studierendenantrag', 'error_antrag_pending', [ + 'typ' => $this->p->t('studierendenantrag', 'antrag_typ_' . $result->typ) + ]), + self::ERROR_TYPE_GENERAL, + REST_Controller::HTTP_BAD_REQUEST + ); + } elseif ($result == -3) { + $this->terminateWithError( + $this->p->t('studierendenantrag', 'error_stg_blacklist'), + self::ERROR_TYPE_GENERAL, + REST_Controller::HTTP_BAD_REQUEST + ); + } + + $result = $this->antraglib->getDetailsForNewAntrag($prestudent_id); + $data = $this->getDataOrTerminateWithError($result); + + $result = $this->antraglib->getFailedExamForPrestudent($prestudent_id); + // NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt() + $pruefungsdata = current(getData($result)); + + $data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz; + $data->lvbezeichnung = $pruefungsdata->lvbezeichnung; + $data->pruefungsdatum = $pruefungsdata->datum; + + $this->terminateWithSuccess($data); + } + + public function createAntrag() + { + $this->createAntragWithStatus(true); + } + + public function cancelAntrag() + { + $this->createAntragWithStatus(false); + } + + protected function createAntragWithStatus($repeat) + { + $this->load->library('form_validation'); + + $this->form_validation->set_rules('prestudent_id', 'Prestudent ID', 'required'); + $this->form_validation->set_rules('studiensemester', 'Studiensemester', 'required'); + + if (!$this->form_validation->run()) + $this->terminateWithValidationErrors($this->form_validation->error_array()); + + $prestudent_id = $this->input->post('prestudent_id'); + $studiensemester = $this->input->post('studiensemester'); + + $result = $this->antraglib->getPrestudentWiederholungsBerechtigt($prestudent_id); + $result = $this->getDataOrTerminateWithError($result); + + if (!$result) { + $this->terminateWithError($this->p->t('studierendenantrag', 'error_no_student'), self::ERROR_TYPE_GENERAL); + } elseif ($result == -1) { + $result = $this->PrestudentstatusModel->getLastStatus($prestudent_id); + $result = $this->getDataOrTerminateWithError($result); + if (!$result) + $this->terminateWithError($this->p->t('studierendenantrag', 'error_no_prestudentstatus', [ + 'prestudent_id' => $prestudent_id + ]), self::ERROR_TYPE_GENERAL); + if (!in_array(current($result)->status_kurzbz, $this->config->item('antrag_prestudentstatus_whitelist'))) + $this->terminateWithError($this->p->t('studierendenantrag', 'error_no_student'), self::ERROR_TYPE_GENERAL); + } elseif ($result == -2) { + $this->terminateWithError($this->p->t('studierendenantrag', 'error_antrag_exists'), self::ERROR_TYPE_GENERAL); + } elseif ($result == -3) { + $this->terminateWithError($this->p->t('studierendenantrag', 'error_stg_blacklist'), self::ERROR_TYPE_GENERAL); + } + + $result = $this->antraglib->createWiederholung($prestudent_id, $studiensemester, getAuthUID(), $repeat); + $antragId = $this->getDataOrTerminateWithError($result); + + $result = $this->antraglib->getDetailsForAntrag($antragId); + + if (!hasData($result)) + $this->terminateWithSuccess(true); + + $data = getData($result); + + $result = $this->antraglib->getFailedExamForPrestudent($prestudent_id); + // NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt() + $pruefungsdata = current(getData($result)); + + $data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz; + $data->lvbezeichnung = $pruefungsdata->lvbezeichnung; + $data->pruefungsdatum = $pruefungsdata->datum; + + $this->terminateWithSuccess($data); + } + + + public function getLvs($antrag_id) + { + $result = $this->antraglib->getLvsForAntrag($antrag_id); + if (isError($result)) { + $error = getError($result); + if ($error == 'Forbidden') + $this->terminateWithError( + $error, + self::ERROR_TYPE_AUTH, + REST_Controller::HTTP_FORBIDDEN + ); + $this->terminateWithError( + $error, + self::ERROR_TYPE_GENERAL + ); + } + $lvs = getData($result); + + $this->terminateWithSuccess($lvs); + } + + public function saveLvs() + { + $forbiddenLvs = $this->input->post('forbiddenLvs'); + $mandatoryLvs = $this->input->post('mandatoryLvs'); + $antragsLvs = array_merge($forbiddenLvs, $mandatoryLvs); + + if (!$antragsLvs) + $this->terminateWithError($this->p->t('studierendenantrag', 'error_no_lv'), self::ERROR_TYPE_GENERAL); + + $insert = array_map(function ($lv) { + return [ + 'studierendenantrag_id' => $lv['studierendenantrag_id'], + 'lehrveranstaltung_id' => $lv['lehrveranstaltung_id'], + 'note' => $lv['zugelassen'] + ? ($lv['zugelassen'] == 1 ? 0 : $this->config->item('wiederholung_note_angerechnet')) + : $this->config->item('wiederholung_note_nicht_zugelassen'), + 'anmerkung' => $lv['anmerkung'], + 'insertvon' => getAuthUID(), + 'studiensemester_kurzbz' => $lv['studiensemester_kurzbz'] + ]; + }, $antragsLvs); + + $antrag_ids = array_unique(array_map(function ($lv) { + return $lv['studierendenantrag_id']; + }, $insert)); + + foreach ($antrag_ids as $antrag_id) { + $result = $this->StudierendenantragModel->loadIdAndStatusWhere([ + 'studierendenantrag_id' => $antrag_id + ]); + $antrag = $this->getDataOrTerminateWithError($result); + if (!$antrag) + $this->terminateWithError( + $this->p->t('studierendenantrag', 'error_no_antrag_found', ['id' => $antrag_id]), + self::ERROR_TYPE_GENERAL + ); + $antrag = current($antrag); + + if ($antrag->status != Studierendenantragstatus_model::STATUS_CREATED + && $antrag->status != Studierendenantragstatus_model::STATUS_LVSASSIGNED) + $this->terminateWithError( + $this->p->t('studierendenantrag', 'error_antrag_locked'), + self::ERROR_TYPE_GENERAL + ); + } + + $result = $this->antraglib->saveLvs($insert); + $data = $this->getDataOrTerminateWithError($result); + + $this->terminateWithSuccess($data); + } +} diff --git a/application/controllers/components/Antrag/Abmeldung.php b/application/controllers/components/Antrag/Abmeldung.php deleted file mode 100644 index f30de6803..000000000 --- a/application/controllers/components/Antrag/Abmeldung.php +++ /dev/null @@ -1,218 +0,0 @@ -load->library('AuthLib'); - $this->load->library('AntragLib'); - - // Load language phrases - $this->loadPhrases([ - 'studierendenantrag' - ]); - } - - //------------------------------------------------------------------------------------------------------------------ - // Public methods - - /** - * Retrieves data of the current studiengang for the current user - */ - - public function getDetailsForNewAntrag($prestudent_id) - { - if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, true)) { - $this->output->set_status_header(403); - return $this->outputJsonError('Forbidden'); - } - $result = $this->antraglib->getPrestudentAbmeldeBerechtigt($prestudent_id); - if (isError($result)) { - $this->output->set_status_header(500); - return $this->outputJsonError(getError($result)); - } - $result = $result->retval; - if (!$result) { - $this->output->set_status_header(403); - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_no_student')); - } - elseif ($result == -3) - { - $this->output->set_status_header(403); - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_stg_blacklist')); - } - elseif ($result == -1) - { - $result = $this->antraglib->getDetailsForLastAntrag( - $prestudent_id, - [ - Studierendenantrag_model::TYP_ABMELDUNG, - Studierendenantrag_model::TYP_ABMELDUNG_STGL - ] - ); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - - $data = getData($result); - - $data->canCancel = ( - $data->status == Studierendenantragstatus_model::STATUS_CREATED && - $this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id) - ); - - return $this->outputJsonSuccess($data); - } - - $result = $this->antraglib->getDetailsForNewAntrag($prestudent_id); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - - $this->outputJsonSuccess(getData($result)); - } - - public function getDetailsForAntrag($studierendenantrag_id) - { - if (!$this->antraglib->isEntitledToShowAntrag($studierendenantrag_id)) return show_404(); - - $result = $this->antraglib->getDetailsForAntrag($studierendenantrag_id); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - - $data = getData($result); - - if ($data->typ !== Studierendenantrag_model::TYP_ABMELDUNG_STGL && $data->typ !== Studierendenantrag_model::TYP_ABMELDUNG) - return show_404(); - - $data->canCancel = ( - $data->status == Studierendenantragstatus_model::STATUS_CREATED && - $this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id) - ); - - $this->outputJsonSuccess($data); - } - - public function createAntrag() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules('studiensemester', 'Studiensemester', 'required'); - $this->form_validation->set_rules('prestudent_id', 'Prestudent ID', 'required'); - $this->form_validation->set_rules('grund', 'Grund', 'required'); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $grund = $this->input->post('grund'); - $studiensemester = $this->input->post('studiensemester'); - $prestudent_id = $this->input->post('prestudent_id'); - - $result = $this->antraglib->getPrestudentAbmeldeBerechtigt($prestudent_id); - if (isError($result)) { - return $this->outputJsonError(['db' => getError($result)]); - } - $result = $result->retval; - if (!$result) - { - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_no_student')]); - } - elseif ($result == -3) - { - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_stg_blacklist')]); - } - elseif ($result < 0) - { - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_antrag_exists')]); - } - - $result = $this->antraglib->createAbmeldung($prestudent_id, $studiensemester, getAuthUID(), $grund); - if (isError($result)) - { - return $this->outputJsonError(['db' => getError($result)]); - } - - $result = $this->antraglib->getDetailsForAntrag(getData($result)); - if (!hasData($result)) - return $this->outputJsonSuccess(true); - - $data = getData($result); - $data->canCancel = (boolean)$this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id); - - $this->outputJsonSuccess($data); - } - - public function cancelAntrag() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules('antrag_id', 'Antrag ID', 'required'); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $antrag_id = $this->input->post('antrag_id'); - if(!$this->antraglib->isEntitledToCancelAntrag($antrag_id)) - { - $this->output->set_status_header(403); - - return $this->outputJsonError('Forbidden'); - } - - $result = $this->antraglib->cancelAntrag($antrag_id, getAuthUID()); - if(isError($result)) - { - return $this->outputJsonError(['db' => getError($result)]); - } - - $result = $this->antraglib->getDetailsForAntrag($antrag_id); - - if (!hasData($result)) - return $this->outputJsonSuccess($antrag_id); - $this->outputJsonSuccess(getData($result)); - } - - public function getStudiengaengeAssistenz() - { - $this->load->library('PermissionLib'); - - $_POST = json_decode($this->input->raw_input_stream, true); - $query = $this->input->post('query'); - - $studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag'); - - $result = $this->antraglib->getAktivePrestudentenInStgs($studiengaenge, $query); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - $result = getData($result); - if (!$result) { - return $this->outputJsonSuccess([]); - } - - return $this->outputJsonSuccess($result); - } -} diff --git a/application/controllers/components/Antrag/Leitung.php b/application/controllers/components/Antrag/Leitung.php deleted file mode 100644 index 437030d08..000000000 --- a/application/controllers/components/Antrag/Leitung.php +++ /dev/null @@ -1,479 +0,0 @@ -load->library('AuthLib'); - $this->load->library('AntragLib'); - - // Load language phrases - $this->loadPhrases([ - 'studierendenantrag' - ]); - } - - - //------------------------------------------------------------------------------------------------------------------ - // Public methods - - public function getActiveStgs() - { - $studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/antragfreigabe') ?: []; - $studiengaenge = array_merge($studiengaenge, $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag') ?: []); - - $result = $this->StudierendenantragModel->loadStgsWithAntraege($studiengaenge); - if (isError($result)) { - $this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR); - } - $this->outputJson($result); - } - - public function getAntraege($studiengang = null, $extra = null) - { - if ($studiengang && $studiengang == 'todo') { - $studiengang = $extra; - $extra = true; - } else { - $extra = false; - } - - if ($studiengang) { - $studiengaenge = [$studiengang]; - } else { - $studiengaenge =$this->permissionlib->getSTG_isEntitledFor('student/antragfreigabe'); - if(!is_array($studiengaenge)) - $studiengaenge = []; - - - $stgsNeuanlage = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag'); - if(!is_array($stgsNeuanlage)) - $stgsNeuanlage = []; - - $studiengaenge = array_unique(array_merge($studiengaenge, $stgsNeuanlage)); - } - - - $antraege = []; - if ($studiengaenge) { - $result = $extra - ? $this->StudierendenantragModel->loadActiveForStudiengaenge($studiengaenge) - : $this->StudierendenantragModel->loadForStudiengaenge($studiengaenge); - if (isError($result)) { - $this->output->set_status_header(500); - return $this->outputJson('Internal Server Error'); - } - if(hasData($result)) - { - $antraege = getData($result); - } - } - - $this->outputJson($antraege); - } - - public function reopenAntrag() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules( - 'studierendenantrag_id', - 'Studierenden Antrag', - 'required|callback_isEntitledToReopenAntrag', - [ - 'isEntitledToReopenAntrag' => $this->p->t('studierendenantrag', 'error_no_right') - ] - ); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $studierendenantrag_id = $this->input->post('studierendenantrag_id'); - - $result = $this->antraglib->reopenWiederholung($studierendenantrag_id, getAuthUID()); - - if (isError($result)) - return $this->outputJsonError(['studierendenantrag_id' => getError($result)]); - - $this->outputJsonSuccess($studierendenantrag_id); - } - - public function pauseAntrag() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules( - 'studierendenantrag_id', - 'Studierenden Antrag', - [ - 'required', - [ - 'isEntitledToPauseAntrag', - [$this->antraglib, 'isEntitledToPauseAntrag'] - ], - [ - 'antragCanBeManualPaused', - [$this->antraglib, 'antragCanBeManualPaused'] - ] - ], - [ - 'isEntitledToPauseAntrag' => $this->p->t('studierendenantrag', 'error_no_right'), - 'antragCanBeManualPaused' => $this->p->t( - 'studierendenantrag', - 'error_not_pauseable', - ['id' => $this->input->post('studierendenantrag_id')] - ) - ] - ); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $studierendenantrag_id = $this->input->post('studierendenantrag_id'); - - $result = $this->antraglib->pauseAntrag($studierendenantrag_id, getAuthUID()); - - if (isError($result)) - return $this->outputJsonError(['studierendenantrag_id' => getError($result)]); - - $this->outputJsonSuccess($studierendenantrag_id); - } - - public function unpauseAntrag() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules( - 'studierendenantrag_id', - 'Studierenden Antrag', - [ - 'required', - [ - 'isEntitledToUnpauseAntrag', - [$this->antraglib, 'isEntitledToUnpauseAntrag'] - ], - [ - 'antragCanBeManualUnpaused', - [$this->antraglib, 'antragCanBeManualUnpaused'] - ] - ], - [ - 'isEntitledToUnpauseAntrag' => $this->p->t('studierendenantrag', 'error_no_right'), - 'antragCanBeManualUnpaused' => $this->p->t( - 'studierendenantrag', - 'error_not_paused', - ['id' => $this->input->post('studierendenantrag_id')] - ) - ] - ); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $studierendenantrag_id = $this->input->post('studierendenantrag_id'); - - $result = $this->antraglib->unpauseAntrag($studierendenantrag_id, getAuthUID()); - - if (isError($result)) - return $this->outputJsonError(['studierendenantrag_id' => getError($result)]); - - $this->outputJsonSuccess($studierendenantrag_id); - } - - public function objectAntrag() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules( - 'studierendenantrag_id', - 'Studierenden Antrag', - 'required|callback_isEntitledToObjectAntrag|callback_canBeObjected', - [ - 'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'), - 'canBeObjected' => $this->p->t('studierendenantrag', 'error_no_objection') - ] - ); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $studierendenantrag_id = $this->input->post('studierendenantrag_id'); - - $result = $this->antraglib->objectAbmeldung($studierendenantrag_id, getAuthUID()); - - if (isError($result)) - return $this->outputJsonError(['studierendenantrag_id' => getError($result)]); - - $this->outputJsonSuccess($studierendenantrag_id); - } - - public function objectionDeny() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules( - 'studierendenantrag_id', - 'Studierenden Antrag', - 'required|callback_isEntitledToObjectAntrag|callback_isObjected', - [ - 'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'), - 'isObjected' => $this->p->t('studierendenantrag', 'error_not_objected') - ] - ); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $studierendenantrag_id = $this->input->post('studierendenantrag_id'); - $grund = $this->input->post('grund'); - - $result = $this->antraglib->denyObjectionAbmeldung($studierendenantrag_id, getAuthUID(), $grund); - - if (isError($result)) - return $this->outputJsonError(['studierendenantrag_id' => getError($result)]); - - $this->outputJsonSuccess($studierendenantrag_id); - } - - public function objectionApprove() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules( - 'studierendenantrag_id', - 'Studierenden Antrag', - 'required|callback_isEntitledToObjectAntrag|callback_isObjected', - [ - 'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'), - 'isObjected' => $this->p->t('studierendenantrag', 'error_not_objected') - ] - ); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $studierendenantrag_id = $this->input->post('studierendenantrag_id'); - - $result = $this->antraglib->cancelAntrag($studierendenantrag_id, getAuthUID()); - - if (isError($result)) - return $this->outputJsonError(['studierendenantrag_id' => getError($result)]); - - $this->outputJsonSuccess($studierendenantrag_id); - } - - public function isEntitledToReopenAntrag($studierendenantrag_id) - { - return $this->antraglib->isEntitledToReopenAntrag($studierendenantrag_id); - } - - public function isEntitledToObjectAntrag($studierendenantrag_id) - { - return $this->antraglib->isEntitledToObjectAntrag($studierendenantrag_id); - } - - public function isEntitledToRejectAntrag($studierendenantrag_id) - { - return $this->antraglib->isEntitledToRejectAntrag($studierendenantrag_id); - } - - public function canBeObjected($studierendenantrag_id) - { - return $this->antraglib->hasType($studierendenantrag_id, Studierendenantrag_model::TYP_ABMELDUNG_STGL); - } - - public function isObjected($studierendenantrag_id) - { - return $this->antraglib->hasStatus($studierendenantrag_id, Studierendenantragstatus_model::STATUS_OBJECTED); - } - - - public function approveAbmeldung() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules( - 'studierendenantrag_id', - 'Studierenden Antrag', - 'required|callback_isEntitledToApproveAntrag', - [ - 'isEntitledToApproveAntrag' => $this->p->t('studierendenantrag', 'error_no_right') - ] - ); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $studierendenantrag_id = $this->input->post('studierendenantrag_id'); - - $result = $this->antraglib->approveAbmeldung([$studierendenantrag_id], getAuthUID()); - if (isError($result)) - { - return $this->outputJsonError(['db' => getError($result)]); - } - - return $this->outputJsonSuccess($studierendenantrag_id); - } - - public function approveAbmeldungStgl() - { - return $this->approveAbmeldung(); - } - - public function approveUnterbrechung() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules( - 'studierendenantrag_id', - 'Studierenden Antrag', - 'required|callback_isEntitledToApproveAntrag', - [ - 'isEntitledToApproveAntrag' => $this->p->t('studierendenantrag', 'error_no_right') - ] - ); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $studierendenantrag_id = $this->input->post('studierendenantrag_id'); - - $result = $this->antraglib->approveUnterbrechung([$studierendenantrag_id], getAuthUID()); - if (isError($result)) - { - return $this->outputJsonError(['db' => getError($result)]); - } - - return $this->outputJsonSuccess($studierendenantrag_id); - } - - public function rejectUnterbrechung() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules( - 'studierendenantrag_id', - 'Studierenden Antrag', - 'required|callback_isEntitledToRejectAntrag', - [ - 'isEntitledToRejectAntrag' => $this->p->t('studierendenantrag', 'error_no_right') - ] - ); - $this->form_validation->set_rules('grund', 'Grund', 'required'); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $studierendenantrag_id = $this->input->post('studierendenantrag_id'); - $grund = $this->input->post('grund'); - - $result = $this->antraglib->rejectUnterbrechung([$studierendenantrag_id], getAuthUID(), $grund); - if (isError($result)) - { - return $this->outputJsonError(['db' => getError($result)]); - } - - return $this->outputJsonSuccess($studierendenantrag_id); - } - - public function approveWiederholung() - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules( - 'studierendenantrag_id', - 'Studierenden Antrag', - 'required|callback_isEntitledToApproveAntrag', - [ - 'isEntitledToApproveAntrag' => $this->p->t('studierendenantrag', 'error_no_right') - ] - ); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $studierendenantrag_id = $this->input->post('studierendenantrag_id'); - - $result = $this->antraglib->approveWiederholung($studierendenantrag_id, getAuthUID()); - if (isError($result)) - { - return $this->outputJsonError(['db' => getError($result)]); - } - - return $this->outputJsonSuccess($studierendenantrag_id); - } - - public function isEntitledToApproveAntrag($studierendenantrag_id) - { - return $this->antraglib->isEntitledToApproveAntrag($studierendenantrag_id); - } - - public function getHistory($studierendenantrag_id) - { - if (!$this->antraglib->isEntitledToSeeHistoryForAntrag($studierendenantrag_id)) { - $this->output->set_status_header(403); - return $this->outputJson('Forbidden'); - } - - $result = $this->antraglib->getAntragHistory($studierendenantrag_id); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - - $this->outputJsonSuccess(getData($result) ?: []); - } -} diff --git a/application/controllers/components/Antrag/Wiederholung.php b/application/controllers/components/Antrag/Wiederholung.php deleted file mode 100644 index 2c672be54..000000000 --- a/application/controllers/components/Antrag/Wiederholung.php +++ /dev/null @@ -1,384 +0,0 @@ -load->config('studierendenantrag'); - - // Libraries - $this->load->library('AuthLib'); - $this->load->library('PermissionLib'); - $this->load->library('AntragLib'); - - $requiredPermissions = [ - 'saveLvs' => ['student/studierendenantrag:w'], - 'getLvsAsRdf' => ['student/studierendenantrag:r', 'student/noten:r'], - 'moveLvsToZeugnis' => ['student/studierendenantrag:w', 'student/noten:w'] - ]; - - if (isset($requiredPermissions[$this->router->method])) { - if (!$this->permissionlib->isEntitled($requiredPermissions, $this->router->method)) { - $this->output->set_status_header(REST_Controller::HTTP_FORBIDDEN); - $this->outputJson('Forbidden'); - exit; - } - } - - // Load language phrases - $this->loadPhrases([ - 'global', - 'studierendenantrag' - ]); - } - - - //------------------------------------------------------------------------------------------------------------------ - // Public methods - - /** - * Retrieves data of the current studiengang for the current user - */ - - public function getDetailsForNewAntrag($prestudent_id) - { - if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, false)) { - $this->output->set_status_header(REST_Controller::HTTP_FORBIDDEN); - return $this->outputJsonError('Forbidden'); - } - $result = $this->antraglib->getPrestudentWiederholungsBerechtigt($prestudent_id); - if (isError($result)) { - $this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR); - return $this->outputJsonError(getError($result)); - } - $result = $result->retval; - if (!$result) { - $this->output->set_status_header(REST_Controller::HTTP_FORBIDDEN); - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_no_student_no_failed_exam')); - } - elseif ($result == -1) - { - $result = $this->antraglib->getDetailsForLastAntrag($prestudent_id, Studierendenantrag_model::TYP_WIEDERHOLUNG); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - $data = getData($result); - - $result = $this->antraglib->getFailedExamForPrestudent($prestudent_id, $data->datum, $data->studiensemester_kurzbz); - // NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt() - $pruefungsdata = current(getData($result)); - - $data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz; - $data->lvbezeichnung = $pruefungsdata->lvbezeichnung; - $data->pruefungsdatum = $pruefungsdata->datum; - - return $this->outputJsonSuccess($data); - } - elseif ($result == -2) - { - $result = $this->antraglib->getDetailsForLastAntrag($prestudent_id); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - - $result = getData($result); - $this->output->set_status_header(REST_Controller::HTTP_BAD_REQUEST); - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_antrag_pending', [ - 'typ' => $this->p->t('studierendenantrag', 'antrag_typ_' . $result->typ) - ])); - } - elseif ($result == -3) - { - $this->output->set_status_header(REST_Controller::HTTP_BAD_REQUEST); - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_stg_blacklist')); - } - - $result = $this->antraglib->getDetailsForNewAntrag($prestudent_id); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - - $data = getData($result); - - $result = $this->antraglib->getFailedExamForPrestudent($prestudent_id); - // NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt() - $pruefungsdata = current(getData($result)); - - $data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz; - $data->lvbezeichnung = $pruefungsdata->lvbezeichnung; - $data->pruefungsdatum = $pruefungsdata->datum; - - $this->outputJsonSuccess($data); - } - - public function createAntrag() - { - $this->createAntragWithStatus(true); - } - - public function cancelAntrag() - { - $this->createAntragWithStatus(false); - } - - protected function createAntragWithStatus($repeat) - { - $this->load->library('form_validation'); - - $_POST = json_decode($this->input->raw_input_stream, true); - - $this->form_validation->set_rules('prestudent_id', 'Prestudent ID', 'required'); - $this->form_validation->set_rules('studiensemester', 'Studiensemester', 'required'); - - if ($this->form_validation->run() == false) - { - return $this->outputJsonError($this->form_validation->error_array()); - } - - $prestudent_id = $this->input->post('prestudent_id'); - $studiensemester = $this->input->post('studiensemester'); - - $result = $this->antraglib->getPrestudentWiederholungsBerechtigt($prestudent_id); - if (isError($result)) { - return $this->outputJsonError(['db' => getError($result)]); - } - $result = $result->retval; - if (!$result) - { - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_no_student')]); - } - elseif ($result == -1) - { - $result = $this->PrestudentstatusModel->getLastStatus($prestudent_id); - if (isError($result)) - return $this->outputJsonError(['db' => getError($result)]); - if (!hasData($result)) - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_no_prestudentstatus', [ - 'prestudent_id' => $prestudent_id - ])]); - if (!in_array(current(getData($result))->status_kurzbz, $this->config->item('antrag_prestudentstatus_whitelist'))) - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_no_student')]); - } - elseif ($result == -2) - { - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_antrag_exists')]); - } - elseif ($result == -3) - { - return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_stg_blacklist')]); - } - - $result = $this->antraglib->createWiederholung($prestudent_id, $studiensemester, getAuthUID(), $repeat); - if(isError($result)) - { - return $this->outputJsonError(['db' => getError($result)]); - } - - $antragId = getData($result); - $result = $this->antraglib->getDetailsForAntrag($antragId); - - if(!hasData($result)) - return $this->outputJsonSuccess(true); - - $data = getData($result); - - $result = $this->antraglib->getFailedExamForPrestudent($prestudent_id); - // NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt() - $pruefungsdata = current(getData($result)); - - $data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz; - $data->lvbezeichnung = $pruefungsdata->lvbezeichnung; - $data->pruefungsdatum = $pruefungsdata->datum; - - $this->outputJsonSuccess($data); - } - - - public function getLvs($antrag_id) - { - $result = $this->antraglib->getLvsForAntrag($antrag_id); - if (isError($result)) { - $error = getError($result); - if ($error == 'Forbidden') - $this->output->set_status_header(REST_Controller::HTTP_FORBIDDEN); - return $this->outputJsonError(getError($result)); - } - $lvs = getData($result); - - $this->outputJsonSuccess($lvs); - } - - public function saveLvs() - { - $result = $this->getPostJSON(); - $antragsLvs = array_merge($result->forbiddenLvs, $result->mandatoryLvs); - - $insert = array_map(function ($lv) { - return [ - 'studierendenantrag_id' => $lv->studierendenantrag_id, - 'lehrveranstaltung_id' => $lv->lehrveranstaltung_id, - 'note' => $lv->zugelassen - ? ($lv->zugelassen == 1 ? 0 : $this->config->item('wiederholung_note_angerechnet')) - : $this->config->item('wiederholung_note_nicht_zugelassen'), - 'anmerkung' => $lv->anmerkung, - 'insertvon' => getAuthUID(), - 'studiensemester_kurzbz' => $lv->studiensemester_kurzbz - ]; - }, $antragsLvs); - - $antrag_ids = array_unique(array_map(function ($lv) { - return $lv['studierendenantrag_id']; - }, $insert)); - - foreach ($antrag_ids as $antrag_id) { - $result = $this->StudierendenantragModel->loadIdAndStatusWhere([ - 'studierendenantrag_id' => $antrag_id - ]); - if (isError($result)) - return $this->outputJsonError(getError($result)); - if (!hasData($result)) - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_no_antrag_found', ['id' => $antrag_id])); - $antrag = current(getData($result)); - if ($antrag->status != Studierendenantragstatus_model::STATUS_CREATED - && $antrag->status != Studierendenantragstatus_model::STATUS_LVSASSIGNED) - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_antrag_locked')); - } - - if(!$antragsLvs) - return $this->outputJsonError($this->p->t('studierendenantrag', 'error_no_lv')); - - $result = $this->antraglib->saveLvs($insert); - - if (isError($result)) - return $this->outputJsonError(getError($result)); - - $this->outputJsonSuccess(getData($result)); - } - - public function getLvsAsRdf($prestudent_id) - { - // header für no cache - $this->output->set_header("Cache-Control: no-cache"); - $this->output->set_header("Cache-Control: post-check=0, pre-check=0", false); - $this->output->set_header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); - $this->output->set_header("Pragma: no-cache"); - $this->output->set_header("Content-type: application/xhtml+xml"); - - $this->load->library('VariableLib', ['uid' => getAuthUID()]); - $sem_akt = $this->variablelib->getVar('semester_aktuell'); - - - $result = $this->antraglib->getLvsForPrestudent($prestudent_id, $sem_akt); - if (isError($result)) { - return $this->outputJsonError(getError($result)); - } - - $lvs = getData($result) ?: []; - $rdf_url = 'http://www.technikum-wien.at/antragnote'; - - $this->load->view('lehre/Antrag/Wiederholung/getLvs.rdf.php', [ - 'url' => $rdf_url, - 'lvs' => $lvs - ]); - } - - public function moveLvsToZeugnis() - { - $anzahl = $this->input->post('anzahl'); - $student_uid = $this->input->post('student_uid'); - $this->load->model('education/Studierendenantraglehrveranstaltung_model', 'StudierendenantraglehrveranstaltungModel'); - $this->load->model('education/Zeugnisnote_model', 'ZeugnisnoteModel'); - - $errormsg = array(); - - for($i=0; $i<$anzahl; $i++) - { - $id = $this->input->post('studierendenantrag_lehrveranstaltung_id_' . $i); - $result =$this->StudierendenantraglehrveranstaltungModel->load($id); - if(isError($result)) - { - $errormsg[] = getError($result); - } - elseif(!hasData($result)) - { - $errormsg[] = $this->p->t('studierendenantrag', 'error_no_lv_in_application'); - } - else - { - $antragLv = getData($result)[0]; - $result= $this->ZeugnisnoteModel->load([ - 'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id, - 'student_uid'=> $student_uid, - 'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz - ]); - if(isError($result)) - { - $errormsg[] = getError($result); - } - else - { - if (hasData($result)) - { - $result = $this->ZeugnisnoteModel->update( - [ - 'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id, - 'student_uid'=> $student_uid, - 'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz - ], - [ - 'note'=> $antragLv->note, - 'uebernahmedatum' => date('c'), - 'benotungsdatum' => $antragLv->insertamum, - 'updateamum' => date('c'), - 'bemerkung'=>$antragLv->anmerkung, - 'updatevon'=>getAuthUID() - ] - ); - } - else - { - $result = $this->ZeugnisnoteModel->insert([ - 'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id, - 'student_uid'=> $student_uid, - 'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz, - 'note'=> $antragLv->note, - 'uebernahmedatum' => date('c'), - 'benotungsdatum' => $antragLv->insertamum, - 'insertamum' => date('c'), - 'bemerkung'=>$antragLv->anmerkung, - 'insertvon'=>getAuthUID() - ]); - } - if(isError($result)) - { - $errormsg[] = getError($result); - } - } - } - } - - if($errormsg) - $return = false; - else - $return = true; - - $this->load->view('lehre/Antrag/Wiederholung/moveLvs.rdf.php', [ - 'return' => $return, - 'errormsg' => $errormsg - ]); - } -} diff --git a/application/controllers/components/Filter.php b/application/controllers/components/Filter.php index bde7d7ed7..617edd69f 100644 --- a/application/controllers/components/Filter.php +++ b/application/controllers/components/Filter.php @@ -9,6 +9,7 @@ if (! defined('BASEPATH')) exit('No direct script access allowed'); * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON * NOTE: extends the FHC_Controller instead of the Auth_Controller because the FilterCmpt has its * own permissions check + * TODO(chris): deprecated */ class Filter extends FHC_Controller { diff --git a/application/controllers/components/Phrasen.php b/application/controllers/components/Phrasen.php index 87516ce00..3ac35a652 100644 --- a/application/controllers/components/Phrasen.php +++ b/application/controllers/components/Phrasen.php @@ -3,7 +3,7 @@ if (! defined('BASEPATH')) exit('No direct script access allowed'); /** - * + * TODO(chris): deprecated */ class Phrasen extends FHC_Controller { diff --git a/application/controllers/components/SearchBar.php b/application/controllers/components/SearchBar.php index dbf593f00..eac1a4cbc 100644 --- a/application/controllers/components/SearchBar.php +++ b/application/controllers/components/SearchBar.php @@ -3,7 +3,7 @@ if (! defined('BASEPATH')) exit('No direct script access allowed'); /** - * + * TODO(chris): deprecated */ class SearchBar extends FHC_Controller { diff --git a/application/controllers/system/Navigation.php b/application/controllers/system/Navigation.php index c3764b612..71ab1c81b 100644 --- a/application/controllers/system/Navigation.php +++ b/application/controllers/system/Navigation.php @@ -22,6 +22,7 @@ if (! defined('BASEPATH')) exit('No direct script access allowed'); * This controller operates between (interface) the JS (GUI) and the NavigationLib (back-end) * Provides data to the ajax get calls about the filter * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON + * TODO(chris): deprecated */ class Navigation extends FHC_Controller { diff --git a/application/core/Auth_Controller.php b/application/core/Auth_Controller.php index c407a106f..d170a7eca 100644 --- a/application/core/Auth_Controller.php +++ b/application/core/Auth_Controller.php @@ -7,6 +7,10 @@ if (!defined('BASEPATH')) exit('No direct script access allowed'); */ abstract class Auth_Controller extends FHC_Controller { + // Special Permissions + const PERM_ANONYMOUS = 'anonymous'; // Everyone + const PERM_LOGGED = 'logged_in'; // Every registered user + /** * Extends this controller if authentication is required */ @@ -14,17 +18,41 @@ abstract class Auth_Controller extends FHC_Controller { parent::__construct(); - // Loads authentication library and starts authentication - $this->load->library('AuthLib'); + if (!is_array($requiredPermissions) || isEmptyArray($requiredPermissions)) + show_error('The given permissions is not a valid array or it is an empty one'); + + if (!isset($requiredPermissions[$this->router->method])) + show_error('The given permission array does not contain the given method or is not correctly set'); + + $anonAllowed = false; + if ($requiredPermissions[$this->router->method] == self::PERM_ANONYMOUS) + $anonAllowed = true; + elseif (is_array($requiredPermissions[$this->router->method]) + && in_array(self::PERM_ANONYMOUS, $requiredPermissions[$this->router->method])) + $anonAllowed = true; - // Checks if the caller is allowed to access to this content - $this->_isAllowed($requiredPermissions); + if ($anonAllowed) { + // Loads authentication library without authentication + $this->load->library('AuthLib', [false]); + + // Loads helper since it would only be called on authentication + $this->load->helper('hlp_authentication'); + } else { + // Loads authentication library and starts authentication + $this->load->library('AuthLib'); + + // Checks if the caller is allowed to access to this content + $this->_isAllowed($requiredPermissions); + } } /** * Checks if the caller is allowed to access to this content with the given permissions * If it is not allowed will set the HTTP header with code 401 * Wrapper for permissionlib->isEntitled + * + * @param array $requiredPermissions + * @return void */ private function _isAllowed($requiredPermissions) { @@ -34,28 +62,43 @@ abstract class Auth_Controller extends FHC_Controller // Checks if this user is entitled to access to this content if (!$this->permissionlib->isEntitled($requiredPermissions, $this->router->method)) { - $this->output->set_status_header(REST_Controller::HTTP_UNAUTHORIZED); // set the HTTP header as unauthorized - - $this->load->library('EPrintfLib'); // loads the EPrintfLib to format the output - - // Prints the main error message - $this->eprintflib->printError('You are not allowed to access to this content'); - // Prints the called controller name - $this->eprintflib->printInfo('Controller name: '.$this->router->class); - // Prints the called controller method name - $this->eprintflib->printInfo('Method name: '.$this->router->method); - // Prints the required permissions needed to access to this method - $this->eprintflib->printInfo('Required permissions: '.$this->_rpsToString($requiredPermissions, $this->router->method)); - + $this->_outputAuthError($requiredPermissions); exit; // immediately terminate the execution } } + /** + * Outputs an error message and sets the HTTP Header. + * This function is protected so that it can be overwritten. + * + * @param array $requiredPermissions + * @return void + */ + protected function _outputAuthError($requiredPermissions) + { + $this->output->set_status_header(REST_Controller::HTTP_UNAUTHORIZED); // set the HTTP header as unauthorized + + $this->load->library('EPrintfLib'); // loads the EPrintfLib to format the output + + // Prints the main error message + $this->eprintflib->printError('You are not allowed to access to this content'); + // Prints the called controller name + $this->eprintflib->printInfo('Controller name: '.$this->router->class); + // Prints the called controller method name + $this->eprintflib->printInfo('Method name: '.$this->router->method); + // Prints the required permissions needed to access to this method + $this->eprintflib->printInfo('Required permissions: '.$this->_rpsToString($requiredPermissions, $this->router->method)); + } + /** * Converts an array of permissions to a string that contains them as a comma separated list * Ex: ", , " + * + * @param array $requiredPermissions + * @param string $method + * @return void */ - private function _rpsToString($requiredPermissions, $method) + final protected function _rpsToString($requiredPermissions, $method) { $strRequiredPermissions = ''; // string that contains all the required permissions needed to access to this method diff --git a/application/core/FHCAPI_Controller.php b/application/core/FHCAPI_Controller.php index e59740ded..647032795 100644 --- a/application/core/FHCAPI_Controller.php +++ b/application/core/FHCAPI_Controller.php @@ -5,7 +5,7 @@ if (!defined('BASEPATH')) exit('No direct script access allowed'); /** * Controller using JSON */ -class FHCAPI_Controller extends FHC_Controller +class FHCAPI_Controller extends Auth_Controller { /** @@ -19,12 +19,13 @@ class FHCAPI_Controller extends FHC_Controller /** * Error types */ - const ERROR_TYPE_PHP = 'php'; // TODO(chris): php types from severity? + const ERROR_TYPE_PHP = 'php'; const ERROR_TYPE_EXCEPTION = 'exception'; const ERROR_TYPE_GENERAL = 'general'; const ERROR_TYPE_404 = '404'; const ERROR_TYPE_DB = 'db'; const ERROR_TYPE_VALIDATION = 'validation'; + const ERROR_TYPE_AUTH = 'auth'; /** * Return Object @@ -45,10 +46,6 @@ class FHCAPI_Controller extends FHC_Controller if (is_cli()) show_404(); - parent::__construct(); - - $this->config->set_item('error_views_path', VIEWPATH.'errors'.DIRECTORY_SEPARATOR.'json'.DIRECTORY_SEPARATOR); - global $g_result; $g_result = $this; @@ -74,18 +71,14 @@ class FHCAPI_Controller extends FHC_Controller } } - #$this->returnObj['test'] = implode('/n', headers_list()); - return json_encode($this->returnObj); }); - // Load libraries - $this->load->library('AuthLib'); - $this->load->library('PermissionLib'); - - // Checks if the caller is allowed to access to this content - $this->_isAllowed($requiredPermissions); + // NOTE(chris): overwrite error_views_path before constructor + load_class('Config')->set_item('error_views_path', VIEWPATH.'errors'.DIRECTORY_SEPARATOR.'json'.DIRECTORY_SEPARATOR); + parent::__construct($requiredPermissions); + // For JSON Requests (as opposed to multipart/form-data) get the $_POST variable from the input stream instead if ($this->input->get_request_header('Content-Type', true) == 'application/json') $_POST = json_decode($this->security->xss_clean($this->input->raw_input_stream), true); @@ -136,15 +129,25 @@ class FHCAPI_Controller extends FHC_Controller $this->returnObj['data'] = $data; } + /** + * @param string $key + * @param mixed $value + * @return void + */ + public function addMeta($key, $value) + { + if (!isset($this->returnObj['meta'])) + $this->returnObj['meta'] = []; + $this->returnObj['meta'][$key] = $value; + } + /** * @param string $status * @return void */ public function setStatus($status) { - if (!isset($this->returnObj['meta'])) - $this->returnObj['meta'] = []; - $this->returnObj['meta']['status'] = $status; + $this->addMeta('status', $status); } @@ -152,6 +155,17 @@ class FHCAPI_Controller extends FHC_Controller // Handle Output object - Shortcut functions // --------------------------------------------------------------- + /** + * @param mixed $data (optional) + * @return void + */ + protected function terminateWithSuccess($data = null) + { + $this->setData($data); + $this->setStatus(self::STATUS_SUCCESS); + exit; + } + /** * @param array $errors * @return void @@ -164,25 +178,15 @@ class FHCAPI_Controller extends FHC_Controller exit(EXIT_ERROR); } - /** - * @param mixed $data (optional) - * @return void - */ - protected function terminateWithSuccess($data = null) - { - $this->setData($data); - $this->setStatus(self::STATUS_SUCCESS); - exit; - } - /** * @param array $error * @param string $type (optional) + * @param integer $status (optional) * @return void */ - protected function terminateWithError($error, $type = null) + protected function terminateWithError($error, $type = null, $status = REST_Controller::HTTP_INTERNAL_SERVER_ERROR) { - $this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR); + $this->output->set_status_header($status); $this->addError($error, $type); $this->setStatus(self::STATUS_ERROR); exit; @@ -193,63 +197,35 @@ class FHCAPI_Controller extends FHC_Controller * @param string $errortype * @return void */ - protected function checkForErrors($result, $errortype = self::ERROR_TYPE_GENERAL) + protected function getDataOrTerminateWithError($result, $errortype = self::ERROR_TYPE_GENERAL) { - // TODO(chris): IMPLEMENT! if (isError($result)) { $this->terminateWithError(getError($result), $errortype); } return $result->retval; } - // TODO(chris): complete list - // --------------------------------------------------------------- // Security // --------------------------------------------------------------- /** - * Checks if the caller is allowed to access to this content with the given permissions - * If it is not allowed will set the HTTP header with code 401 - * Wrapper for permissionlib->isEntitled + * Outputs an error message and sets the HTTP Header. + * This overwrites the default behaviour to output a json object. * * @param array $requiredPermissions * @return void */ - protected function _isAllowed($requiredPermissions) + protected function _outputAuthError($requiredPermissions) { - // Checks if this user is entitled to access to this content - if (!$this->permissionlib->isEntitled($requiredPermissions, $this->router->method)) - { - $this->output->set_status_header(isLogged() ? REST_Controller::HTTP_FORBIDDEN : REST_Controller::HTTP_UNAUTHORIZED); + $this->output->set_status_header(isLogged() ? REST_Controller::HTTP_FORBIDDEN : REST_Controller::HTTP_UNAUTHORIZED); - $this->addError([ - 'message' => 'You are not allowed to access to this content', - 'controller' => $this->router->class, - 'method' => $this->router->method, - 'required_permissions' => $this->_rpsToString($requiredPermissions, $this->router->method) - ]); - exit; // immediately terminate the execution - } - } - - /** - * Converts an array of permissions to a string that contains them as a comma separated list - * Ex: ", , " - * - * @param array $requiredPermissions - * @param string $method - * @return void - */ - protected function _rpsToString($requiredPermissions, $method) - { - if (!isset($requiredPermissions[$method])) - return ''; - - if (!is_array($requiredPermissions[$method])) - return $requiredPermissions[$method]; - - return implode(', ', $requiredPermissions[$method]); + $this->addError([ + 'message' => 'You are not allowed to access to this content', + 'controller' => $this->router->class, + 'method' => $this->router->method, + 'required_permissions' => $this->_rpsToString($requiredPermissions, $this->router->method) + ], self::ERROR_TYPE_AUTH); } } diff --git a/application/libraries/AntragLib.php b/application/libraries/AntragLib.php index 7d1b6a5ac..ce4485279 100644 --- a/application/libraries/AntragLib.php +++ b/application/libraries/AntragLib.php @@ -2058,7 +2058,7 @@ class AntragLib */ public function isEntitledToUnpauseAntrag($antrag_id) { - return $this->hasAccessToAntrag($antrag_id, 'student/studierendenantrag'); + return ($this->hasAccessToAntrag($antrag_id, 'student/antragfreigabe') || $this->hasAccessToAntrag($antrag_id, 'student/studierendenantrag')); } /** diff --git a/application/libraries/PermissionLib.php b/application/libraries/PermissionLib.php index 09f89abee..bf8174cf4 100644 --- a/application/libraries/PermissionLib.php +++ b/application/libraries/PermissionLib.php @@ -21,6 +21,8 @@ require_once(FHCPATH.'include/functions.inc.php'); require_once(FHCPATH.'include/wawi_kostenstelle.class.php'); require_once(FHCPATH.'include/benutzerberechtigung.class.php'); +use \benutzerberechtigung as benutzerberechtigung; + class PermissionLib { // Available rights in the DB @@ -65,8 +67,10 @@ class PermissionLib if (!is_cli()) { // API Caller rights initialization + $authObj = $this->_ci->authlib->getAuthObj(); self::$bb = new benutzerberechtigung(); - self::$bb->getBerechtigungen(($this->_ci->authlib->getAuthObj())->{AuthLib::AO_USERNAME}); + if ($authObj) + self::$bb->getBerechtigungen($authObj->{AuthLib::AO_USERNAME}); } } @@ -166,6 +170,16 @@ class PermissionLib if ($checkPermissions === true) break; } } + elseif ($permissions[$pCounter] == Auth_Controller::PERM_ANONYMOUS) + { + $checkPermissions = true; + break; + } + elseif ($permissions[$pCounter] == Auth_Controller::PERM_LOGGED) + { + $checkPermissions = isLogged(); + break; + } else { show_error('The given permission does not use the correct format'); diff --git a/application/views/lehre/Antrag/Create.php b/application/views/lehre/Antrag/Create.php index f0b681c2a..91b20c9b7 100644 --- a/application/views/lehre/Antrag/Create.php +++ b/application/views/lehre/Antrag/Create.php @@ -11,6 +11,7 @@ $sitesettings = array( 'customJSModules' => array('public/js/apps/lehre/Antrag.js'), 'customCSSs' => array( 'public/css/Fhc.css', + 'public/css/components/primevue.css', 'vendor/vuejs/vuedatepicker_css/main.css' ), 'customJSs' => array( diff --git a/application/views/lehre/Antrag/Leitung/List.php b/application/views/lehre/Antrag/Leitung/List.php index 9c0749dae..1225b16b6 100644 --- a/application/views/lehre/Antrag/Leitung/List.php +++ b/application/views/lehre/Antrag/Leitung/List.php @@ -20,7 +20,8 @@ $sitesettings = array( ), 'customJSModules' => array('public/js/apps/lehre/Antrag/Leitung.js'), 'customCSSs' => array( - 'public/css/Fhc.css' + 'public/css/Fhc.css', + 'public/css/components/primevue.css', ), 'customJSs' => array( ) diff --git a/application/views/lehre/Antrag/Student/List.php b/application/views/lehre/Antrag/Student/List.php index 55e7ec5df..614af5d79 100644 --- a/application/views/lehre/Antrag/Student/List.php +++ b/application/views/lehre/Antrag/Student/List.php @@ -10,7 +10,8 @@ $sitesettings = array( ), 'customJSModules' => array('public/js/apps/lehre/Antrag/Student.js'), 'customCSSs' => array( - 'public/css/Fhc.css' + 'public/css/Fhc.css', + 'public/css/components/primevue.css', ), 'customJSs' => array( ) diff --git a/application/views/lehre/Antrag/Wiederholung/Student.php b/application/views/lehre/Antrag/Wiederholung/Student.php index 9c2db040e..2171d6928 100644 --- a/application/views/lehre/Antrag/Wiederholung/Student.php +++ b/application/views/lehre/Antrag/Wiederholung/Student.php @@ -14,6 +14,8 @@ $sitesettings = array( ), 'customJSModules' => array('public/js/apps/lehre/Antrag/Lvzuweisung.js'), 'customCSSs' => array( + 'public/css/Fhc.css', + 'public/css/components/primevue.css', ), 'customJSs' => array( ) @@ -30,7 +32,7 @@ $this->load->view(

p->t('studierendenantrag', 'title_lvzuweisen', ['name' => $antrag->name]);?>

- status != Studierendenantragstatus_model::STATUS_CREATED && $antrag->status != Studierendenantragstatus_model::STATUS_LVSASSIGNED) ? ' disabled' : ''; ?>> + status != Studierendenantragstatus_model::STATUS_CREATED && $antrag->status != Studierendenantragstatus_model::STATUS_LVSASSIGNED) ? ' disabled' : ''; ?>>
diff --git a/application/views/system/logs/testSearch.php b/application/views/system/logs/testSearch.php index 882b953f5..57ed0d48a 100644 --- a/application/views/system/logs/testSearch.php +++ b/application/views/system/logs/testSearch.php @@ -1,13 +1,12 @@ 'Test Search', - 'jquery3' => true, 'bootstrap5' => true, 'fontawesome6' => true, - 'tablesorter2' => true, + 'tabulator5' => true, + 'primevue3' => true, + 'axios027' => true, 'vue3' => true, - 'ajaxlib' => true, - 'jqueryui1' => true, 'filtercomponent' => true, 'navigationcomponent' => true, 'phrases' => array( @@ -17,8 +16,8 @@ 'customCSSs' => array( 'public/css/components/verticalsplit.css', 'public/css/components/searchbar.css', + 'public/css/components/primevue.css', ), - 'customJSs' => array('vendor/axios/axios/axios.min.js'), 'customJSModules' => array('public/js/apps/TestSearch.js') ); @@ -40,17 +39,17 @@
- + - + - +
diff --git a/cis/private/info/service_uebersicht.php b/cis/private/info/service_uebersicht.php index 27759e6c6..348a82b0d 100644 --- a/cis/private/info/service_uebersicht.php +++ b/cis/private/info/service_uebersicht.php @@ -45,25 +45,22 @@ echo ' - - - - - -'; + + + + + + '; + +const MOODLE_ADDON_KURZBZ = 'moodle'; // Load Addons to get Moodle_Path $addon_obj = new addon(); -if ($addon_obj->loadAddons()) + +// include moodle addon config if active +if ($addon_obj->checkActiveAddon(MOODLE_ADDON_KURZBZ) && file_exists('../../../addons/'.MOODLE_ADDON_KURZBZ.'/config.inc.php')) { - if (count($addon_obj->result) > 0) - { - foreach ($addon_obj->result as $row) - { - if (file_exists('../../../addons/'.$row->kurzbz.'/config.inc.php')) - include_once('../../../addons/'.$row->kurzbz.'/config.inc.php'); - } - } + include_once('../../../addons/'.MOODLE_ADDON_KURZBZ.'/config.inc.php'); } echo ' @@ -117,6 +114,7 @@ echo ' '; +$servicekategorie_arr = $service->getKategorieArray(); if($oe_kurzbz!='') { @@ -134,6 +132,7 @@ echo ' + @@ -159,6 +158,8 @@ foreach($service->result as $row) echo ''; //echo ''; //echo ''; + $title = (isset($servicekategorie_arr[$row->servicekategorie_kurzbz])?$servicekategorie_arr[$row->servicekategorie_kurzbz]:''); + echo ''; echo '
'.$p->t("global/bezeichnung").' '.$p->t("services/leistung").' '.$p->t("services/design").''.$p->t("services/kritikalitaet").' '.$p->t("services/details").'
',$design,'',$betrieb,'',$operativ,'',$title,''.($row->content_id!=''?'Details':''); if (defined("ADDON_MOODLE_PATH")) echo ' '.($row->ext_id!=''?'Beschreibung':''); diff --git a/content/student/studentDBDML.php b/content/student/studentDBDML.php index ed0ee56e1..e1bcffd84 100644 --- a/content/student/studentDBDML.php +++ b/content/student/studentDBDML.php @@ -74,7 +74,10 @@ require_once('../../include/reihungstest.class.php'); require_once('../../include/studienplan.class.php'); require_once('../../include/mobilitaet.class.php'); require_once('../../include/studienordnung.class.php'); +require_once('../../include/mitarbeiter.class.php'); +require_once('../../include/bisverwendung.class.php'); require_once('../../include/bismeldestichtag.class.php'); +require_once('../../include/stundensatz.class.php'); $user = get_uid(); $db = new basis_db(); @@ -4654,6 +4657,7 @@ if(!$error) $errormsg = 'Fehlerhafte Parameteruebergabe'; } } + elseif(isset($_POST['type']) && $_POST['type']=='getstundensatz') { if(isset($_POST['person_id']) && isset($_POST['studiensemester_kurzbz'])) @@ -4661,33 +4665,87 @@ if(!$error) $studiensemester = new studiensemester(); if ($studiensemester->load($_POST['studiensemester_kurzbz'])) { - $qry = "SELECT ss.stundensatz - FROM hr.tbl_stundensatz ss - JOIN public.tbl_mitarbeiter ON ss.uid = tbl_mitarbeiter.mitarbeiter_uid - JOIN public.tbl_benutzer ON(tbl_benutzer.uid=tbl_mitarbeiter.mitarbeiter_uid) - WHERE person_id=".$db->db_add_param($_POST['person_id'], FHC_INTEGER) ." - AND stundensatztyp = ". $db->db_add_param('lehre') ." - AND gueltig_von <= ". $db->db_add_param($studiensemester->ende) ." - AND (gueltig_bis >= ". $db->db_add_param($studiensemester->start) ." OR gueltig_bis IS NULL) - ORDER BY gueltig_bis DESC NULLS FIRST, gueltig_von DESC NULLS LAST LIMIT 1 - "; - if($result = $db->db_query($qry)) + if (defined('FAS_LV_LEKTORINNENZUTEILUNG_FIXANGESTELLT_STUNDENSATZ') + && !FAS_LV_LEKTORINNENZUTEILUNG_FIXANGESTELLT_STUNDENSATZ) { - if($row = $db->db_fetch_object($result)) + // Mitarbeiter laden + $qry = " + SELECT + mitarbeiter_uid, fixangestellt + FROM + public.tbl_mitarbeiter + JOIN public.tbl_benutzer ON(tbl_benutzer.uid=tbl_mitarbeiter.mitarbeiter_uid) + WHERE + person_id=".$db->db_add_param($_POST['person_id'], FHC_INTEGER) ." + ORDER BY tbl_mitarbeiter.insertamum DESC NULLS LAST LIMIT 1 + "; + if($result = $db->db_query($qry)) { - $data = $row->stundensatz; - $return = true; - } - else - { - $data = '80.00'; - $return = true; + if($row = $db->db_fetch_object($result)) + { + $uid = $row->mitarbeiter_uid; + + if($db->db_parse_bool($row->fixangestellt)==true) + { + // Fixangestellte haben keinen Stundensatz + $data = ''; + $return = true; + } + else + { + // Stundensatz des Mitarbeiters laden + $stundensatz = new stundensatz(); + if($stundensatz->getStundensatzDatum($uid, $studiensemester->start, $studiensemester->ende, 'lehre')) + { + $data = $stundensatz->stundensatz; + $return = true; + } + else + { + // Keine Stundensatz hinterlegt + $data = '0.00'; + $return = true; + } + } + } + else + { + // Kein Mitarbeiter gefunden, kein Stundensatz + $data = '0.00'; + $return = true; + } } } else { - $return = false; - $errormsg = 'Unbekannter Fehler'; + $qry = "SELECT ss.stundensatz + FROM hr.tbl_stundensatz ss + JOIN public.tbl_mitarbeiter ON ss.uid = tbl_mitarbeiter.mitarbeiter_uid + JOIN public.tbl_benutzer ON(tbl_benutzer.uid=tbl_mitarbeiter.mitarbeiter_uid) + WHERE person_id=".$db->db_add_param($_POST['person_id'], FHC_INTEGER) ." + AND stundensatztyp = ". $db->db_add_param('lehre') ." + AND gueltig_von <= ". $db->db_add_param($studiensemester->ende) ." + AND (gueltig_bis >= ". $db->db_add_param($studiensemester->start) ." OR gueltig_bis IS NULL) + ORDER BY gueltig_bis DESC NULLS FIRST, gueltig_von DESC NULLS LAST LIMIT 1 + "; + if($result = $db->db_query($qry)) + { + if($row = $db->db_fetch_object($result)) + { + $data = $row->stundensatz; + $return = true; + } + else + { + $data = '80.00'; + $return = true; + } + } + else + { + $return = false; + $errormsg = 'Unbekannter Fehler'; + } } } else @@ -4695,8 +4753,15 @@ if(!$error) $return = false; $errormsg = 'Fehler beim Laden des Studiensemesters'; } + } - } + else + { + $data = '20.00'.$_POST['studiensemester_kurzbz']; + $return = true; + } + } + elseif(isset($_POST['type']) && $_POST['type']=='saveanrechnung') { $anrechnung = new anrechnung(); diff --git a/content/student/studentoverlay.js.php b/content/student/studentoverlay.js.php index 11a4d862f..8be20d32d 100644 --- a/content/student/studentoverlay.js.php +++ b/content/student/studentoverlay.js.php @@ -1658,7 +1658,7 @@ function StudentAuswahl() var antragnotentree = document.getElementById('student-antragnoten-tree'); - url='index.ci.php/components/Antrag/Wiederholung/getLvsAsRdf/'+prestudent_id+"?"+gettimestamp(); + url='index.ci.php/api/frontend/fas/studstatus/Wiederholung/getLvs/'+prestudent_id+"?"+gettimestamp(); try { @@ -4764,7 +4764,7 @@ function StudentNotenMoveFromAntrag() var paramList= ''; var i = 0; - var url = 'index.ci.php/components/Antrag/Wiederholung/moveLvsToZeugnis'; + var url = 'index.ci.php/api/frontend/fas/studstatus/Wiederholung/moveLvsToZeugnis'; var req = new phpRequest(url,'',''); for (var t = 0; t < numRanges; t++) diff --git a/content/student/studentprojektarbeit.js.php b/content/student/studentprojektarbeit.js.php index a18b94b6d..6c3919327 100644 --- a/content/student/studentprojektarbeit.js.php +++ b/content/student/studentprojektarbeit.js.php @@ -393,6 +393,7 @@ function StudentProjektarbeitAuswahl() anmerkung = getTargetHelper(dsource,subject,rdfService.GetResource( predicateNS + "#anmerkung" )); gesamtstunden = getTargetHelper(dsource,subject,rdfService.GetResource( predicateNS + "#gesamtstunden" )); final = getTargetHelper(dsource,subject,rdfService.GetResource( predicateNS + "#final" )); + var lehreinheit_stsem = getTargetHelper(dsource,subject,rdfService.GetResource( predicateNS + "#lehreinheit_stsem" )); var stg_kz = document.getElementById('student-detail-menulist-studiengang_kz').value; @@ -440,6 +441,7 @@ function StudentProjektarbeitAuswahl() //Werte setzen document.getElementById('student-projektarbeit-textbox-projektarbeit_id').value=projektarbeit_id; + document.getElementById('student-projektarbeit-textbox-lehreinheit_stsem').value=lehreinheit_stsem; document.getElementById('student-projektarbeit-menulist-projekttyp').value=projekttyp_kurzbz; document.getElementById('student-projektarbeit-menulist-lehrveranstaltung').value=lehrveranstaltung_id; document.getElementById('student-projektarbeit-menulist-lehreinheit').value=lehreinheit_id; @@ -649,6 +651,8 @@ function StudentProjektarbeitNeu() document.getElementById('student-projektarbeit-checkbox-neu').checked=true; document.getElementById('student-projektarbeit-textbox-projektarbeit_id').value=''; + document.getElementById('student-projektarbeit-textbox-lehreinheit_stsem').value=''; + StudentProjektarbeitResetFields(); StudentProjektarbeitDetailDisableFields(false); StudentProjektbetreuerDisableFields(true); @@ -872,6 +876,7 @@ function StudentProjektbetreuerAuswahl() name = getTargetHelper(dsource,subject,rdfService.GetResource( predicateNS + "#name" )); punkte = getTargetHelper(dsource,subject,rdfService.GetResource( predicateNS + "#punkte" )); stunden = getTargetHelper(dsource,subject,rdfService.GetResource( predicateNS + "#stunden" )); + stundensatz = getTargetHelper(dsource,subject,rdfService.GetResource( predicateNS + "#stundensatz" )); betreuerart_kurzbz = getTargetHelper(dsource,subject,rdfService.GetResource( predicateNS + "#betreuerart_kurzbz" )); person_nachname = getTargetHelper(dsource,subject,rdfService.GetResource( predicateNS + "#person_nachname" )); @@ -892,6 +897,16 @@ function StudentProjektbetreuerAuswahl() document.getElementById('student-projektbetreuer-textbox-person_id').value=person_id; document.getElementById('student-projektbetreuer-checkbox-neu').checked=false; + var lehreinheitstsem = document.getElementById('student-projektarbeit-textbox-lehreinheit_stsem').value; + var default_stundensatz = StudentProjektbetreuerLoadStundensatz(person_id, lehreinheitstsem); + + if (default_stundensatz != '') + default_stundensatz = 'Stundensatz (Default '+default_stundensatz+'):'; + else + default_stundensatz = 'Stundensatz'; + + document.getElementById('student-projektbetreuer-label-stundensatz').value= default_stundensatz; + var gesamtkosten = StudentProjektbetreuerGesamtkosten(); @@ -1171,7 +1186,9 @@ function StudentProjektbetreuerDetailReset() document.getElementById('student-projektbetreuer-textbox-stunden').value='0.0'; document.getElementById('student-projektbetreuer-menulist-betreuerart').value='Begutachter'; } + document.getElementById('student-projektbetreuer-textbox-stundensatz').value='80.0'; + document.getElementById('student-projektbetreuer-label-stundensatz').value= 'Stundensatz (Default 80.0):'; document.getElementById('student-projektbetreuer-menulist-person').value=''; } @@ -1358,16 +1375,16 @@ function StudentProjektbetreuerLoeschen() } } -function StudentProjektbetreuerLoadMitarbeiterDaten() +function StudentProjektbetreuerLoadStundensatz(person_id, studiensemester) { - person_id = MenulistGetSelectedValue('student-projektbetreuer-menulist-person'); + var stundensatz=''; var url = 'content/student/studentDBDML.php'; var req = new phpRequest(url,'',''); req.add('type', 'getstundensatz'); req.add('person_id', person_id); - req.add('studiensemester_kurzbz', getStudiensemester()) + req.add('studiensemester_kurzbz', studiensemester) var response = req.executePOST(); @@ -1385,7 +1402,23 @@ function StudentProjektbetreuerLoadMitarbeiterDaten() stundensatz = val.dbdml_data } - document.getElementById('student-projektbetreuer-textbox-stundensatz').value=stundensatz; + return stundensatz; +} + +function StudentProjektbetreuerLoadMitarbeiterDaten() +{ + var person_id = MenulistGetSelectedValue('student-projektbetreuer-menulist-person'); + var lehreinheitstsem = document.getElementById('student-projektarbeit-textbox-lehreinheit_stsem').value; + + var stundensatz = StudentProjektbetreuerLoadStundensatz(person_id, lehreinheitstsem); + + if (stundensatz != '') + default_stundensatz = 'Stundensatz (Default '+stundensatz+'):'; + else + default_stundensatz = 'Stundensatz'; + + document.getElementById('student-projektbetreuer-label-stundensatz').value = default_stundensatz; + document.getElementById('student-projektbetreuer-textbox-stundensatz').value = stundensatz; } // **** diff --git a/content/student/studentprojektarbeitoverlay.xul.php b/content/student/studentprojektarbeitoverlay.xul.php index fde05d4ad..71cae9cf6 100644 --- a/content/student/studentprojektarbeitoverlay.xul.php +++ b/content/student/studentprojektarbeitoverlay.xul.php @@ -171,7 +171,11 @@ $is_hidden = (!defined('FAS_STUDIERENDE_PROJEKTARBEIT_VERTRAGSDETAILS_ANZEIGEN') -