diff --git a/application/core/DB_Model.php b/application/core/DB_Model.php index 72b34a38f..4c075deb9 100644 --- a/application/core/DB_Model.php +++ b/application/core/DB_Model.php @@ -6,7 +6,6 @@ class DB_Model extends FHC_Model protected $pk; // Name of the PrimaryKey for DB-Update, Load, ... protected $hasSequence; // False if this table has a composite primary key that is not using a sequence // True if this table has a primary key that uses a sequence - protected $acl; // Name of the PrimaryKey for DB-Update, Load, ... function __construct($dbTable = null, $pk = null, $hasSequence = true) { @@ -15,7 +14,6 @@ class DB_Model extends FHC_Model $this->pk = $pk; $this->hasSequence = $hasSequence; $this->load->database(); - $this->acl = $this->config->item('fhc_acl'); } /** --------------------------------------------------------------- @@ -31,8 +29,8 @@ class DB_Model extends FHC_Model return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->dbTable], 'i')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->dbTable], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 'i')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); // DB-INSERT if ($this->db->insert($this->dbTable, $data)) @@ -76,8 +74,8 @@ class DB_Model extends FHC_Model return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->dbTable], 'ui')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->dbTable], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 'ui')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); // DB-REPLACE if ($this->db->replace($this->dbTable, $data)) @@ -102,8 +100,8 @@ class DB_Model extends FHC_Model return $this->_error(lang('fhc_'.FHC_NOPK), FHC_MODEL_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->dbTable], 'u')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->dbTable], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 'u')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); // DB-UPDATE // Check for composite Primary Key @@ -140,8 +138,8 @@ class DB_Model extends FHC_Model // Check rights only if this method is called from a model //var_dump(get_called_class()); if (substr(get_called_class(), -6) == '_model') - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->dbTable], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->dbTable], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); // DB-SELECT // Check for composite Primary Key @@ -178,8 +176,8 @@ class DB_Model extends FHC_Model // Check rights only if this method is called from a model //var_dump(get_called_class()); if (substr(get_called_class(), -6) == '_model') - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->dbTable], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->dbTable], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); // DB-SELECT if (is_null($where)) @@ -207,8 +205,8 @@ class DB_Model extends FHC_Model // Check rights only if this method is called from a model //var_dump(get_called_class()); if (substr(get_called_class(), -6) == '_model') - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$joinTable], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$joinTable], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($joinTable), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($joinTable), FHC_MODEL_ERROR); $this->db->join($joinTable, $cond, $type); @@ -297,8 +295,8 @@ class DB_Model extends FHC_Model // Check rights only if this method is called from a model //var_dump(get_called_class()); if (substr(get_called_class(), -6) == '_model') - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->dbTable], 'd')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->dbTable], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 'd')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); // DB-DELETE // Check for composite Primary Key @@ -427,4 +425,4 @@ class DB_Model extends FHC_Model 'msg' => lang('fhc_' . $error) ); } -} +} \ No newline at end of file diff --git a/application/core/FHC_Model.php b/application/core/FHC_Model.php index 0cba3cd16..e02aa995b 100644 --- a/application/core/FHC_Model.php +++ b/application/core/FHC_Model.php @@ -4,6 +4,8 @@ if (! defined('BASEPATH')) exit('No direct script access allowed'); class FHC_Model extends CI_Model { + protected $acl; + function __construct() { parent::__construct(); @@ -16,6 +18,8 @@ class FHC_Model extends CI_Model $this->load->helper('fhcauth'); $this->load->library('FHC_DB_ACL'); + + $this->acl = $this->config->item('fhc_acl'); } /** --------------------------------------------------------------- @@ -38,4 +42,16 @@ class FHC_Model extends CI_Model { return error($retval, $message); } + + protected function getBerechtigungKurzbz($sourceName) + { + if (isset($this->acl[$sourceName])) + { + return $this->acl[$sourceName]; + } + else + { + return null; + } + } } \ No newline at end of file diff --git a/application/core/FS_Model.php b/application/core/FS_Model.php index 1bcaaa251..003a72c1c 100644 --- a/application/core/FS_Model.php +++ b/application/core/FS_Model.php @@ -9,7 +9,6 @@ class FS_Model extends FHC_Model { parent::__construct(); $this->load->library('FilesystemLib'); - $this->acl = $this->config->item('fhc_acl'); $this->filepath = $filepath; } @@ -29,8 +28,8 @@ class FS_Model extends FHC_Model return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->filepath], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->filepath], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->filepath), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->filepath), FHC_MODEL_ERROR); if (!is_null($data = $this->filesystemlib->read($this->filepath, $filename))) { @@ -61,8 +60,8 @@ class FS_Model extends FHC_Model return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->filepath], 'i')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->filepath], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->filepath), 'i')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->filepath), FHC_MODEL_ERROR); if ($this->filesystemlib->write($this->filepath, $filename, base64_decode($content)) === true) { @@ -93,8 +92,8 @@ class FS_Model extends FHC_Model return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->filepath], 'i')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->filepath], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->filepath), 'i')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->filepath), FHC_MODEL_ERROR); if ($this->filesystemlib->append($this->filepath, $filename, base64_decode($content)) === true) { @@ -123,8 +122,8 @@ class FS_Model extends FHC_Model return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->filepath], 'd')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->filepath], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->filepath), 'd')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->filepath), FHC_MODEL_ERROR); if ($this->filesystemlib->remove($this->filepath, $filename) === true) { @@ -155,8 +154,8 @@ class FS_Model extends FHC_Model return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->acl[$this->filepath], 'u')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl[$this->filepath], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->filepath), 'u')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->filepath), FHC_MODEL_ERROR); if ($this->filesystemlib->rename($this->filepath, $filename, $this->filepath, $newFilename) === true) { diff --git a/application/libraries/FHC_DB_ACL.php b/application/libraries/FHC_DB_ACL.php index 2818f14ab..a741f6b23 100644 --- a/application/libraries/FHC_DB_ACL.php +++ b/application/libraries/FHC_DB_ACL.php @@ -54,7 +54,14 @@ class FHC_DB_ACL function isBerechtigt($berechtigung_kurzbz, $art = null, $oe_kurzbz = null, $kostenstelle_id = null) { - $this->bb->getBerechtigungen(getAuthUID()); - return $this->bb->isBerechtigt($berechtigung_kurzbz, $oe_kurzbz, $art, $kostenstelle_id); + if (!is_null($berechtigung_kurzbz)) + { + $this->bb->getBerechtigungen(getAuthUID()); + return $this->bb->isBerechtigt($berechtigung_kurzbz, $oe_kurzbz, $art, $kostenstelle_id); + } + else + { + return false; + } } } \ No newline at end of file diff --git a/application/models/codex/Orgform_model.php b/application/models/codex/Orgform_model.php index 1a08b17e3..9a6299eb1 100644 --- a/application/models/codex/Orgform_model.php +++ b/application/models/codex/Orgform_model.php @@ -15,8 +15,8 @@ class Orgform_model extends DB_Model public function getOrgformLV() { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['bis.tbl_orgform'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['bis.tbl_orgform'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); $query = "SELECT * FROM bis.tbl_orgform diff --git a/application/models/crm/Akte_model.php b/application/models/crm/Akte_model.php index b679c161b..bf9295f12 100644 --- a/application/models/crm/Akte_model.php +++ b/application/models/crm/Akte_model.php @@ -18,17 +18,17 @@ class Akte_model extends DB_Model public function getAkten($person_id, $dokument_kurzbz = null, $stg_kz = null, $prestudent_id = null) { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_akte'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_akte'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_dokument'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_dokument'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_dokument'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_dokument'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_dokumentstudiengang'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_dokumentstudiengang'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_dokumentstudiengang'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_dokumentstudiengang'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_dokumentprestudent'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_dokumentprestudent'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_dokumentprestudent'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_dokumentprestudent'), FHC_MODEL_ERROR); $query = 'SELECT akte_id, person_id, diff --git a/application/models/crm/Prestudent_model.php b/application/models/crm/Prestudent_model.php index cf6a5908d..c5896da64 100644 --- a/application/models/crm/Prestudent_model.php +++ b/application/models/crm/Prestudent_model.php @@ -18,14 +18,14 @@ class Prestudent_model extends DB_Model public function getLastStatus($prestudent_id, $studiensemester_kurzbz = '', $status_kurzbz = '') { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_prestudentstatus'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_prestudentstatus'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_prestudentstatus'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_prestudentstatus'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['lehre.tbl_studienplan'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['lehre.tbl_studienplan'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('lehre.tbl_studienplan'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('lehre.tbl_studienplan'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_status'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_status'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_status'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_status'), FHC_MODEL_ERROR); $query = "SELECT tbl_prestudentstatus.*, bezeichnung AS studienplan_bezeichnung, diff --git a/application/models/organisation/Studiengang_model.php b/application/models/organisation/Studiengang_model.php index f2bb57a81..e32c33ed9 100644 --- a/application/models/organisation/Studiengang_model.php +++ b/application/models/organisation/Studiengang_model.php @@ -17,11 +17,11 @@ class Studiengang_model extends DB_Model public function getAllForBewerbung() { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['lehre.vw_studienplan'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['lehre.vw_studienplan'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('lehre.vw_studienplan'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('lehre.vw_studienplan'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['bis.tbl_lgartcode'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['bis.tbl_lgartcode'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('bis.tbl_lgartcode'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('bis.tbl_lgartcode'), FHC_MODEL_ERROR); $allForBewerbungQuery = "SELECT DISTINCT studiengang_kz, typ, diff --git a/application/models/organisation/Studiensemester_model.php b/application/models/organisation/Studiensemester_model.php index e7eb26b18..fb68162bb 100644 --- a/application/models/organisation/Studiensemester_model.php +++ b/application/models/organisation/Studiensemester_model.php @@ -15,8 +15,8 @@ class Studiensemester_model extends DB_Model public function getLastOrAktSemester($days = 60) { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_studiensemester'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_studiensemester'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_studiensemester'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_studiensemester'), FHC_MODEL_ERROR); if (!is_numeric($days)) { @@ -40,8 +40,8 @@ class Studiensemester_model extends DB_Model public function getNextFrom($studiensemester_kurzbz) { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_studiensemester'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_studiensemester'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_studiensemester'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_studiensemester'), FHC_MODEL_ERROR); $query = "SELECT studiensemester_kurzbz, start, @@ -69,8 +69,8 @@ class Studiensemester_model extends DB_Model public function getNearest($semester = '') { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.vw_studiensemester'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.vw_studiensemester'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.vw_studiensemester'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.vw_studiensemester'), FHC_MODEL_ERROR); $query = "SELECT studiensemester_kurzbz, start, diff --git a/application/models/person/Person_model.php b/application/models/person/Person_model.php index a186ce08e..1980f07ec 100644 --- a/application/models/person/Person_model.php +++ b/application/models/person/Person_model.php @@ -18,20 +18,20 @@ class Person_model extends DB_Model public function checkBewerbung($email, $studiensemester_kurzbz = null) { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_person'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_person'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_person'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_person'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_kontakt'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_kontakt'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_kontakt'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_kontakt'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_benutzer'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_benutzer'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_benutzer'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_benutzer'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_prestudent'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_prestudent'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_prestudent'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_prestudent'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_prestudentstatus'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_prestudentstatus'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_prestudentstatus'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_prestudentstatus'), FHC_MODEL_ERROR); $result = null; diff --git a/application/models/system/Message_model.php b/application/models/system/Message_model.php index a603f0f49..602a01694 100644 --- a/application/models/system/Message_model.php +++ b/application/models/system/Message_model.php @@ -75,14 +75,14 @@ class Message_model extends DB_Model public function getMessagesByPerson($person_id, $all) { // Check wrights - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_msg_recipient'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_msg_recipient'], FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_msg_message'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_msg_message'], FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_person'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_person'], FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_msg_status'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_msg_status'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_msg_recipient'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_msg_recipient'), FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_msg_message'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_msg_message'), FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_person'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_person'), FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_msg_status'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_msg_status'), FHC_MODEL_ERROR); $sql = 'SELECT r.message_id, m.person_id, @@ -109,12 +109,12 @@ class Message_model extends DB_Model public function getMessagesByToken($token) { // Check wrights - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_msg_recipient'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_msg_recipient'], FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_msg_message'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_msg_message'], FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['public.tbl_msg_status'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['public.tbl_msg_status'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_msg_recipient'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_msg_recipient'), FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_msg_message'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_msg_message'), FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_msg_status'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_msg_status'), FHC_MODEL_ERROR); $sql = 'SELECT r.message_id, r.person_id as receiver_id, diff --git a/application/models/system/Phrase_model.php b/application/models/system/Phrase_model.php index 15958e1d4..d88b60e74 100644 --- a/application/models/system/Phrase_model.php +++ b/application/models/system/Phrase_model.php @@ -18,10 +18,10 @@ class Phrase_model extends DB_Model public function getPhrases($app, $sprache, $phrase = null, $orgeinheit_kurzbz = null, $orgform_kurzbz = null) { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->acl['system.tbl_phrase'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['system.tbl_phrase'], FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->acl['system.tbl_phrasentext'], 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->acl['system.tbl_phrasentext'], FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('system.tbl_phrase'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('system.tbl_phrase'), FHC_MODEL_ERROR); + if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('system.tbl_phrasentext'), 's')) + return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('system.tbl_phrasentext'), FHC_MODEL_ERROR); $parametersArray = array('app' => $app, 'sprache' => $sprache);