diff --git a/application/config/constants.php b/application/config/constants.php index ccb30cf7d..1746157a9 100755 --- a/application/config/constants.php +++ b/application/config/constants.php @@ -17,8 +17,7 @@ define('FHC_DB_ERROR', 3); // Database Error define('FHC_NODBTABLE', 4); // No DB-Table is set define('FHC_NORIGHT', 5); // No rights define('FHC_INVALIDID', 6); // Invalid or no ID (key) - - +define('FHC_NOPK', 7); // No primary key /* |-------------------------------------------------------------------------- diff --git a/application/controllers/api/v1/person/Person.php b/application/controllers/api/v1/person/Person.php index 249b7c89f..fb570e322 100644 --- a/application/controllers/api/v1/person/Person.php +++ b/application/controllers/api/v1/person/Person.php @@ -116,7 +116,7 @@ class Person extends APIv1_Controller { if (!isset($person)) { - return $this->_error("Parameter is null"); + return error("Parameter is null"); } if (isset($person["nachname"])) @@ -134,54 +134,54 @@ class Person extends APIv1_Controller if (isset($person["sprache"]) && mb_strlen($person["sprache"]) > 16) { - return $this->_error("Sprache darf nicht laenger als 16 Zeichen sein"); + return error("Sprache darf nicht laenger als 16 Zeichen sein"); } if (isset($person["anrede"]) && mb_strlen($person["anrede"]) > 16) { - return $this->_error("Anrede darf nicht laenger als 16 Zeichen sein"); + return error("Anrede darf nicht laenger als 16 Zeichen sein"); } if (isset($person["titelpost"]) && mb_strlen($person["titelpost"]) > 32) { - return $this->_error("Titelpost darf nicht laenger als 32 Zeichen sein"); + return error("Titelpost darf nicht laenger als 32 Zeichen sein"); } if (isset($person["titelpre"]) && mb_strlen($person["titelpre"]) > 64) { - return $this->_error("Titelpre darf nicht laenger als 64 Zeichen sein"); + return error("Titelpre darf nicht laenger als 64 Zeichen sein"); } if (isset($person["nachname"]) && mb_strlen($person["nachname"]) > 64) { - return $this->_error("Nachname darf nicht laenger als 64 Zeichen sein"); + return error("Nachname darf nicht laenger als 64 Zeichen sein"); } if (isset($person["nachname"]) && ($person["nachname"] == "" || is_null($person["nachname"]))) { - return $this->_error("Nachname muss eingegeben werden"); + return error("Nachname muss eingegeben werden"); } if (isset($person["vorname"]) && mb_strlen($person["vorname"]) > 32) { - return $this->_error("Vorname darf nicht laenger als 32 Zeichen sein"); + return error("Vorname darf nicht laenger als 32 Zeichen sein"); } if (isset($person["vornamen"]) && mb_strlen($person["vornamen"]) > 128) { - return $this->_error("Vornamen darf nicht laenger als 128 Zeichen sein"); + return error("Vornamen darf nicht laenger als 128 Zeichen sein"); } if (isset($person["gebort"]) && mb_strlen($person["gebort"]) > 128) { - return $this->_error("Geburtsort darf nicht laenger als 128 Zeichen sein"); + return error("Geburtsort darf nicht laenger als 128 Zeichen sein"); } if (isset($person["homepage"]) && mb_strlen($person["homepage"]) > 256) { - return $this->_error("Homepage darf nicht laenger als 256 Zeichen sein"); + return error("Homepage darf nicht laenger als 256 Zeichen sein"); } if (isset($person["matr_nr"]) && mb_strlen($person["matr_nr"]) > 32) { - return $this->_error("Matrikelnummer darf nicht laenger als 32 Zeichen sein"); + return error("Matrikelnummer darf nicht laenger als 32 Zeichen sein"); return false; } if (isset($person["svnr"]) && $person["svnr"] != "" && mb_strlen($person["svnr"]) != 16 && mb_strlen($person["svnr"]) != 12 && mb_strlen($person["svnr"]) != 10) { - return $this->_error("SVNR muss 10, 12 oder 16 Zeichen lang sein"); + return error("SVNR muss 10, 12 oder 16 Zeichen lang sein"); } if (isset($person["svnr"]) && (mb_strlen($person["svnr"]) == 10 || mb_strlen($person["svnr"]) == 12)) { @@ -200,7 +200,7 @@ class Person extends APIv1_Controller if ($tmpSvnr{3} != ($erg % 11)) //Vergleichen der Pruefziffer mit Quersumme Modulo 11 { - return $this->_error("SVNR ist ungueltig"); + return error("SVNR ist ungueltig"); } if (mb_strlen($person["svnr"]) == 12) @@ -208,49 +208,49 @@ class Person extends APIv1_Controller $last = substr($person["svnr"], 10, 12); if ($last{0} != "v" || !is_numeric($last{1})) { - return $this->_error("SVNR ist ungueltig"); + return error("SVNR ist ungueltig"); } } } if (isset($person["ersatzkennzeichen"]) && mb_strlen($person["ersatzkennzeichen"]) > 10) { - return $this->_error("Ersatzkennzeichen darf nicht laenger als 10 Zeichen sein"); + return error("Ersatzkennzeichen darf nicht laenger als 10 Zeichen sein"); } if (isset($person["familienstand"]) && mb_strlen($person["familienstand"]) > 1) { - return $this->_error("Familienstand ist ungueltig"); + return error("Familienstand ist ungueltig"); } if (isset($person["anzahlkinder"]) && $person["anzahlkinder"] != "" && !is_numeric($person["anzahlkinder"])) { - return $this->_error("Anzahl der Kinder ist ungueltig"); + return error("Anzahl der Kinder ist ungueltig"); } if (!isset($person["aktiv"]) || (isset($person["aktiv"]) && $person["aktiv"] != "t" && $person["aktiv"] != "f")) { - return $this->_error("Aktiv ist ungueltig"); + return error("Aktiv ist ungueltig"); } if (!isset($person["person_id"]) && isset($person["insertvon"]) && mb_strlen($person["insertvon"]) > 32) { - return $this->_error("Insertvon darf nicht laenger als 32 Zeichen sein"); + return error("Insertvon darf nicht laenger als 32 Zeichen sein"); } if (isset($person["updatevon"]) && mb_strlen($person["updatevon"]) > 32) { - return $this->_error("Updatevon darf nicht laenger als 32 Zeichen sein"); + return error("Updatevon darf nicht laenger als 32 Zeichen sein"); } if (!isset($person["geschlecht"]) || (isset($person["geschlecht"]) && mb_strlen($person["geschlecht"]) > 1)) { - return $this->_error("Geschlecht darf nicht laenger als 1 Zeichen sein"); + return error("Geschlecht darf nicht laenger als 1 Zeichen sein"); } if (isset($person["geburtsnation"]) && mb_strlen($person["geburtsnation"]) > 3) { - return $this->_error("Geburtsnation darf nicht laenger als 3 Zeichen sein"); + return error("Geburtsnation darf nicht laenger als 3 Zeichen sein"); } if (isset($person["staatsbuergerschaft"]) && mb_strlen($person["staatsbuergerschaft"]) > 3) { - return $this->_error("Staatsbuergerschaft darf nicht laenger als 3 Zeichen sein"); + return error("Staatsbuergerschaft darf nicht laenger als 3 Zeichen sein"); } if (isset($person["geschlecht"]) && $person["geschlecht"] != "m" && $person["geschlecht"] != "w" && $person["geschlecht"] != "u") { - return $this->_error("Geschlecht muss w, m oder u sein!"); + return error("Geschlecht muss w, m oder u sein!"); } //Pruefen ob das Geburtsdatum mit der SVNR uebereinstimmt. @@ -270,10 +270,10 @@ class Person extends APIv1_Controller } else { - return $this->_error("Format des Geburtsdatums ist ungueltig"); + return error("Format des Geburtsdatums ist ungueltig"); } } - return $this->_success("Input data are valid"); + return success("Input data are valid"); } } \ No newline at end of file diff --git a/application/controllers/api/v1/system/Message.php b/application/controllers/api/v1/system/Message.php index 4ebc97dfd..ffb532e08 100644 --- a/application/controllers/api/v1/system/Message.php +++ b/application/controllers/api/v1/system/Message.php @@ -185,43 +185,43 @@ class Message extends APIv1_Controller { if (!isset($message)) { - return $this->_error('Parameter is null'); + return error('Parameter is null'); } if (!isset($message['subject'])) { - return $this->_error('subject is not set'); + return error('subject is not set'); } if( !isset($message['body'])) { - return $this->_error('body is not set'); + return error('body is not set'); } if (!isset($message['receiver_id']) && !isset($message['oe_kurzbz'])) { - return $this->_error('If a receiver_id is not given a oe_kurzbz must be specified'); + return error('If a receiver_id is not given a oe_kurzbz must be specified'); } - return $this->_success('Input data are valid'); + return success('Input data are valid'); } private function _validatePostMessageVorlage($message = null) { if (!isset($message)) { - return $this->_error('Parameter is null'); + return error('Parameter is null'); } if (!isset($message['vorlage_kurzbz'])) { - return $this->_error('vorlage_kurzbz is not set'); + return error('vorlage_kurzbz is not set'); } if (!isset($message['data'])) { - return $this->_error('data is not set'); + return error('data is not set'); } if (!isset($message['receiver_id']) && !isset($message['oe_kurzbz'])) { - return $this->_error('If a receiver_id is not given a oe_kurzbz must be specified'); + return error('If a receiver_id is not given a oe_kurzbz must be specified'); } - return $this->_success('Input data are valid'); + return success('Input data are valid'); } } \ No newline at end of file diff --git a/application/core/APIv1_Controller.php b/application/core/APIv1_Controller.php index 83375f2dc..b3cb37bd1 100644 --- a/application/core/APIv1_Controller.php +++ b/application/core/APIv1_Controller.php @@ -7,30 +7,11 @@ class APIv1_Controller extends REST_Controller function __construct() { parent::__construct(); - $this->load->helper('Message'); + + // Loads return messages + $this->load->helper('message'); } - /** --------------------------------------------------------------- - * Success - * - * @param mixed $retval - * @return array - */ - protected function _success($retval, $message = null) - { - return success($retval, $message); - } - - /** --------------------------------------------------------------- - * General Error - * - * @return array - */ - protected function _error($retval, $message = null) - { - return error($retval, $message); - } - /** * * @param type $data diff --git a/application/core/DB_Model.php b/application/core/DB_Model.php index 483377cc2..a722efca4 100644 --- a/application/core/DB_Model.php +++ b/application/core/DB_Model.php @@ -26,11 +26,11 @@ class DB_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->dbTable)) - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_NODBTABLE); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 'i')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; // DB-INSERT if ($this->db->insert($this->dbTable, $data)) @@ -38,7 +38,7 @@ class DB_Model extends FHC_Model // If the table has a primary key that uses a sequence if ($this->hasSequence === true) { - return $this->_success($this->db->insert_id()); + return success($this->db->insert_id()); } // Avoid to use method insert_id() from CI because it forces to have a sequence // and doesn't return the primary key when it's composed by more columns @@ -54,11 +54,11 @@ class DB_Model extends FHC_Model } } - return $this->_success($primaryKeysArray); + return success($primaryKeysArray); } } else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** --------------------------------------------------------------- @@ -71,17 +71,17 @@ class DB_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->dbTable)) - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_NODBTABLE); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 'ui')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::REPLACE_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; // DB-REPLACE if ($this->db->replace($this->dbTable, $data)) - return $this->_success($this->db->insert_id()); + return success($this->db->insert_id()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** --------------------------------------------------------------- @@ -95,13 +95,13 @@ class DB_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->dbTable)) - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_NODBTABLE); if (is_null($this->pk)) - return $this->_error(lang('fhc_'.FHC_NOPK), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_NOPK); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 'u')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::UPDATE_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; // DB-UPDATE // Check for composite Primary Key @@ -115,9 +115,9 @@ class DB_Model extends FHC_Model else $this->db->where($this->pk, $id); if ($this->db->update($this->dbTable, $data)) - return $this->_success($id); + return success($id); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** --------------------------------------------------------------- @@ -130,16 +130,15 @@ class DB_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->dbTable)) - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_NODBTABLE); if (is_null($this->pk)) - return $this->_error(lang('fhc_'.FHC_NOPK), FHC_MODEL_ERROR); - + return error(FHC_MODEL_ERROR, FHC_NOPK); // Check rights only if this method is called from a model if (substr(get_called_class(), -6) == '_model') - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); - + if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + // DB-SELECT // Check for composite Primary Key if (is_array($id)) @@ -155,9 +154,9 @@ class DB_Model extends FHC_Model $result = $this->db->get_where($this->dbTable, array($this->pk => $id)); if ($result) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** --------------------------------------------------------------- @@ -169,21 +168,21 @@ class DB_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->dbTable)) - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_NODBTABLE); // Check rights // Check rights only if this method is called from a model if (substr(get_called_class(), -6) == '_model') - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; // Execute query $result = $this->db->get_where($this->dbTable, $where); if ($result) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** --------------------------------------------------------------- @@ -200,13 +199,13 @@ class DB_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->dbTable)) - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_NODBTABLE); // Check rights // Check rights only if this method is called from a model if (substr(get_called_class(), -6) == '_model') - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; // List of tables on which it will work $tables = array_merge(array($mainTable), $sideTables); @@ -214,7 +213,7 @@ class DB_Model extends FHC_Model $tableColumnsCountArray = array(); // Generates the select clause based on the columns of each table - $select = ""; + $select = ''; for ($t = 0; $t < count($tables); $t++) { $fields = $this->db->list_fields($tables[$t]); // list of the columns of the current table @@ -223,11 +222,11 @@ class DB_Model extends FHC_Model // To avoid overwriting of the properties within the object returned by CI // will be given an alias to every column, that will be composed with the following schema // . AS _ - $select .= $tables[$t] . "." . $fields[$f] . " AS " . $tables[$t] . "_" . $fields[$f]; - if ($f < count($fields) - 1) $select .= ", "; + $select .= $tables[$t] . '.' . $fields[$f] . ' AS ' . $tables[$t] . '_' . $fields[$f]; + if ($f < count($fields) - 1) $select .= ', '; } - if ($t < count($tables) - 1) $select .= ", "; + if ($t < count($tables) - 1) $select .= ', '; $tableColumnsCountArray[$t] = count($fields); } @@ -263,7 +262,7 @@ class DB_Model extends FHC_Model $objTmpArray[$f] = new stdClass(); // Object that will represent a data set of a table foreach (array_slice($objectVars, $f == 0 ? 0 : $tableColumnsCountArray[$f - 1], $tableColumnsCountArray[$f]) as $key => $value) { - $objTmpArray[$f]->{str_replace($tables[$f] . "_", "", $key)} = $value; + $objTmpArray[$f]->{str_replace($tables[$f] . '_', '', $key)} = $value; } } @@ -297,11 +296,11 @@ class DB_Model extends FHC_Model } // Sets result with the standard success object that contains all the studiengang - $result = $this->_success($returnArray); + $result = success($returnArray); } else { - $result = $this->_error($resultDB); + $result = error($resultDB); } return $result; @@ -332,17 +331,11 @@ class DB_Model extends FHC_Model { // Check parameters if (is_null($joinTable) || is_null($cond) || !in_array($type, array('', 'LEFT', 'RIGHT', 'OUTER', 'INNER', 'LEFT OUTER', 'RIGHT OUTER'))) - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_MODEL_ERROR); - // Check rights for joined table - // Check rights only if this method is called from a model -// if (substr(get_called_class(), -6) == '_model') -// if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($joinTable), 's')) -// return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($joinTable), FHC_MODEL_ERROR); - $this->db->join($joinTable, $cond, $type); - return $this->_success(true); + return success(true); } /** --------------------------------------------------------------- @@ -354,11 +347,11 @@ class DB_Model extends FHC_Model { // Check Class-Attributes and parameters if (is_null($field) || !in_array($type, array('ASC', 'DESC'))) - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_MODEL_ERROR); $this->db->order_by($field, $type); - return $this->_success(true); + return success(true); } /** --------------------------------------------------------------- @@ -370,11 +363,11 @@ class DB_Model extends FHC_Model { // Check Class-Attributes and parameters if (is_null($select) || $select == '') - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_MODEL_ERROR); $this->db->select($select, $escape); - return $this->_success(true); + return success(true); } /** --------------------------------------------------------------- @@ -396,7 +389,7 @@ class DB_Model extends FHC_Model { // Check Class-Attributes and parameters if (!is_numeric($start) || (is_numeric($start) && $start <= 0)) - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_MODEL_ERROR); if (is_numeric($end) && $end > $start) { @@ -407,7 +400,7 @@ class DB_Model extends FHC_Model $this->db->limit($start); } - return $this->_success(true); + return success(true); } /** --------------------------------------------------------------- @@ -420,14 +413,14 @@ class DB_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->dbTable)) - return $this->_error(lang('fhc_'.FHC_NODBTABLE), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_NODBTABLE); if (is_null($this->pk)) - return $this->_error(lang('fhc_'.FHC_NOPK), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_NOPK); // Check rights only if this method is called from a model if (substr(get_called_class(), -6) == '_model') - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 'd')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::DELETE_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; // DB-DELETE // Check for composite Primary Key @@ -441,9 +434,9 @@ class DB_Model extends FHC_Model else $result = $this->db->delete($this->dbTable, array($this->pk => $id)); if ($result) - return $this->_success($id); + return success($id); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** --------------------------------------------------------------- @@ -478,7 +471,7 @@ class DB_Model extends FHC_Model { if (is_null($b)) return null; - elseif ($b==='t') + elseif ($b === 't') return true; else return false; @@ -492,7 +485,7 @@ class DB_Model extends FHC_Model * @param string $end end-point for recursive iterations * @return array */ - public function pgArrayPhp($s,$start=0,&$end=NULL) + public function pgArrayPhp($s, $start=0, &$end=NULL) { if (empty($s) || $s[0]!='{') return NULL; $return = array(); @@ -521,16 +514,16 @@ class DB_Model extends FHC_Model $v = ''; } else - if (!$string && ($ch=='"' || $ch=="'")) + if (!$string && ($ch=='\'' || $ch=='\'')) { $string = true; $quote = $ch; } else - if ($string && $ch==$quote && $s[$i-1]=="\\") + if ($string && $ch==$quote && $s[$i-1]=='\\') $v = substr($v,0,-1).$ch; else - if ($string && $ch==$quote && $s[$i-1]!="\\") + if ($string && $ch==$quote && $s[$i-1]!='\\') $string = FALSE; else $v .= $ch; @@ -553,19 +546,4 @@ class DB_Model extends FHC_Model $a[$i[$j]] = $v[$j]; return $a; } - - /** --------------------------------------------------------------- - * Invalid ID - * - * @param integer config.php error code numbers - * @return array - */ - protected function _invalid_id($error = '') - { - return array( - 'err' => 1, - 'code' => $error, - 'msg' => lang('fhc_' . $error) - ); - } } \ No newline at end of file diff --git a/application/core/FHC_Model.php b/application/core/FHC_Model.php index 0270f85df..a63411475 100644 --- a/application/core/FHC_Model.php +++ b/application/core/FHC_Model.php @@ -1,67 +1,39 @@ lang->load("fhc_model"); - $this->lang->load("fhcomplete"); + // Load languages files + $this->lang->load('fhc_model'); + $this->lang->load('fhcomplete'); - $this->load->helper("language"); - $this->load->helper("Message"); - $this->load->helper("fhcauth"); + // Load return message helper + $this->load->helper('message'); - $this->load->library("FHC_DB_ACL"); - - $this->acl = $this->config->item("fhc_acl"); - } - - /** --------------------------------------------------------------- - * Success - * - * @param mixed $retval - * @return array - */ - protected function _success($retval, $message = null) - { - return success($retval, $message); - } - - /** --------------------------------------------------------------- - * General Error - * - * @return array - */ - protected function _error($retval, $message = null) - { - return error($retval, $message); + // Loads the permission library + $this->load->library('PermissionLib'); } - protected function getBerechtigungKurzbz($sourceName) + /** + * Check if the user is entitled to get access to a source with the given access type + * This is a wrapper for the same method present in the PermissionLib + */ + public function isEntitled($sourceName, $accessType, $languageMessageCode, $msgErrorCode) { - if (isset($this->acl[$sourceName])) + if ($this->permissionlib->isEntitled($sourceName, $accessType) === false) { - return $this->acl[$sourceName]; - } - else - { - return null; - } - } - - protected function isEntitled($sourceName, $accessType, $languageMessageCode, $msgErrorCode) - { - $fhc_acl = $this->getBerechtigungKurzbz($sourceName); - - if (! $this->fhc_db_acl->isBerechtigt($fhc_acl, $accessType)) - { - return $this->_error(lang("fhc_" . $languageMessageCode)." -> " . $fhc_acl . ":" . $accessType, $msgErrorCode); + $retval = sprintf( + '%s -> %s:%s', + lang('fhc_' . $languageMessageCode), + $this->permissionlib->getBerechtigungKurzbz($sourceName), + $accessType + ); + return error($retval, $msgErrorCode); } else { diff --git a/application/core/FS_Model.php b/application/core/FS_Model.php index 003a72c1c..c79360e9f 100644 --- a/application/core/FS_Model.php +++ b/application/core/FS_Model.php @@ -8,7 +8,13 @@ class FS_Model extends FHC_Model function __construct($filepath = null) { parent::__construct(); + + // Load the filesystem library $this->load->library('FilesystemLib'); + + // Load return message helper + $this->load->helper('message'); + $this->filepath = $filepath; } @@ -21,23 +27,23 @@ class FS_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->filepath)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); // Check method parameters if (is_null($filename)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->filepath), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->filepath), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->filepath, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; if (!is_null($data = $this->filesystemlib->read($this->filepath, $filename))) { - return $this->_success(base64_encode($data)); + return success(base64_encode($data)); } else { - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); } } @@ -51,25 +57,25 @@ class FS_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->filepath)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); // Check method parameters if (is_null($filename)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); if (is_null($content)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->filepath), 'i')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->filepath), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->filepath, PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; if ($this->filesystemlib->write($this->filepath, $filename, base64_decode($content)) === true) { - return $this->_success(FHC_SUCCESS); + return success(FHC_SUCCESS); } else { - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); } } @@ -83,25 +89,25 @@ class FS_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->filepath)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); // Check method parameters if (is_null($filename)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); if (is_null($content)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->filepath), 'i')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->filepath), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->filepath, PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; if ($this->filesystemlib->append($this->filepath, $filename, base64_decode($content)) === true) { - return $this->_success(FHC_SUCCESS); + return success(FHC_SUCCESS); } else { - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); } } @@ -115,23 +121,23 @@ class FS_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->filepath)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); // Check method parameters if (is_null($filename)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->filepath), 'd')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->filepath), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->filepath, PermissionLib::DELETE_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; if ($this->filesystemlib->remove($this->filepath, $filename) === true) { - return $this->_success(FHC_SUCCESS); + return success(FHC_SUCCESS); } else { - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); } } @@ -145,25 +151,25 @@ class FS_Model extends FHC_Model { // Check Class-Attributes if (is_null($this->filepath)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); // Check method parameters if (is_null($filename)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); if (is_null($newFilename)) - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->filepath), 'u')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->filepath), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->filepath, PermissionLib::UPDATE_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; if ($this->filesystemlib->rename($this->filepath, $filename, $this->filepath, $newFilename) === true) { - return $this->_success(FHC_SUCCESS); + return success(FHC_SUCCESS); } else { - return $this->_error(lang('fhc_'.FHC_ERROR), FHC_MODEL_ERROR); + return error(FHC_MODEL_ERROR, FHC_ERROR); } } } \ No newline at end of file diff --git a/application/libraries/FHC_DB_ACL.php b/application/libraries/FHC_DB_ACL.php deleted file mode 100644 index a741f6b23..000000000 --- a/application/libraries/FHC_DB_ACL.php +++ /dev/null @@ -1,67 +0,0 @@ -CI =& get_instance(); - $this->CI->load->helper('fhcauth'); - - $this->bb = new benutzerberechtigung(); - } - - function isBerechtigt($berechtigung_kurzbz, $art = null, $oe_kurzbz = null, $kostenstelle_id = null) - { - if (!is_null($berechtigung_kurzbz)) - { - $this->bb->getBerechtigungen(getAuthUID()); - return $this->bb->isBerechtigt($berechtigung_kurzbz, $oe_kurzbz, $art, $kostenstelle_id); - } - else - { - return false; - } - } -} \ No newline at end of file diff --git a/application/libraries/PCRMLib.php b/application/libraries/PCRMLib.php index 1777c7a3f..aa5293765 100644 --- a/application/libraries/PCRMLib.php +++ b/application/libraries/PCRMLib.php @@ -229,9 +229,9 @@ class PCRMLib $permissionPath .= $resourceName . '.' . $function; - if ($this->ci->permissionlib->hasPermission($permissionPath, $permissionType) === false) + if ($this->ci->permissionlib->isEntitled($permissionPath, $permissionType) === false) { - $result = error(lang('fhc_'.FHC_NORIGHT).' -> '.$permissionPath, FHC_NORIGHT); + $result = error(FHC_NORIGHT, FHC_NORIGHT); } else { diff --git a/application/libraries/PermissionLib.php b/application/libraries/PermissionLib.php index 880568d0c..dd0b2242a 100644 --- a/application/libraries/PermissionLib.php +++ b/application/libraries/PermissionLib.php @@ -10,6 +10,7 @@ * @since Version 1.0.0 * @filesource */ + if (! defined('FCPATH')) exit('No direct script access allowed'); require_once(FCPATH.'include/basis_db.class.php'); @@ -20,27 +21,18 @@ require_once(FCPATH.'include/functions.inc.php'); require_once(FCPATH.'include/wawi_kostenstelle.class.php'); require_once(FCPATH.'include/benutzerberechtigung.class.php'); -/** - * FHC-Auth Helpers - * - * @package FH-Complete - * @subpackage Libraries - * @category Library - * @author FHC-Team - * @link http://fhcomplete.org/user_guide/helpers/fhcauth_helper.html - */ - -// ------------------------------------------------------------------------ - class PermissionLib { - const SELECT_RIGHT = "s"; - const UPDATE_RIGHT = "u"; - const INSERT_RIGHT = "i"; - const DELETE_RIGHT = "d"; + // Available rights + const SELECT_RIGHT = 's'; + const UPDATE_RIGHT = 'u'; + const INSERT_RIGHT = 'i'; + const DELETE_RIGHT = 'd'; + const REPLACE_RIGHT = 'ui'; + + private $bb; // benutzerberechtigung + private $acl; // conversion array from a source to a permission - public $bb; - /** * */ @@ -50,23 +42,31 @@ class PermissionLib $this->ci =& get_instance(); // Loads the library to manage the rights system - $this->ci->load->library("FHC_DB_ACL"); + //$this->ci->load->library('FHC_DB_ACL'); + + // Loads the auth helper + $this->ci->load->helper('fhcauth'); // Loads the array of resources - $this->ci->fhc_db_acl->acl = $this->ci->config->item('fhc_acl'); + $this->acl = $this->ci->config->item('fhc_acl'); + + // + $this->bb = new benutzerberechtigung(); } - + /** + * Check if the user is entitled to get access to a source with the given access type + * * @return bool true if a user has the right to access to the specified * resource with a specified permission type, false otherwise */ - public function hasPermission($sourceName, $permissionType) + public function isEntitled($sourceName, $permissionType) { // If the resource exists - if (isset($this->ci->fhc_db_acl->acl[$sourceName])) + if (isset($this->acl[$sourceName])) { // Checks permission - return $this->ci->fhc_db_acl->isBerechtigt($this->ci->fhc_db_acl->acl[$sourceName], $permissionType); + return $this->isBerechtigt($this->acl[$sourceName], $permissionType); } // if the resource does not exist, do not lose useful clock cycles else @@ -75,13 +75,34 @@ class PermissionLib } } - function isBerechtigt($berechtigung_kurzbz, $art = null, $oe_kurzbz = null, $kostenstelle_id = null) + /** + * Get a permission by a given source + */ + public function getBerechtigungKurzbz($sourceName) { - $this->bb->getBerechtigungen(getAuthUID()); - return $this->bb->isBerechtigt($berechtigung_kurzbz, $oe_kurzbz, $art, $kostenstelle_id); + if (isset($this->acl[$sourceName])) + { + return $this->acl[$sourceName]; + } + else + { + return null; + } } - function getPermissions($uid) {} - - function isEntitled($berechtigung_kurzbz, $oe_kurzbz=null, $art=null, $kostenstelle_id=null) {} + /** + * + */ + private function isBerechtigt($berechtigung_kurzbz, $art = null, $oe_kurzbz = null, $kostenstelle_id = null) + { + if (!is_null($berechtigung_kurzbz)) + { + $this->bb->getBerechtigungen(getAuthUID()); + return $this->bb->isBerechtigt($berechtigung_kurzbz, $oe_kurzbz, $art, $kostenstelle_id); + } + else + { + return false; + } + } } \ No newline at end of file diff --git a/application/models/CheckUserAuth_model.php b/application/models/CheckUserAuth_model.php index acf9c3723..503251268 100644 --- a/application/models/CheckUserAuth_model.php +++ b/application/models/CheckUserAuth_model.php @@ -13,6 +13,6 @@ class CheckUserAuth_model extends FHC_Model public function checkByUsernamePassword($username, $password) { - return $this->_success($this->fhc_auth->checkpassword($username, $password)); + return success($this->fhc_auth->checkpassword($username, $password)); } } \ No newline at end of file diff --git a/application/models/codex/Orgform_model.php b/application/models/codex/Orgform_model.php index 9a6299eb1..51afac4b2 100644 --- a/application/models/codex/Orgform_model.php +++ b/application/models/codex/Orgform_model.php @@ -15,8 +15,8 @@ class Orgform_model extends DB_Model public function getOrgformLV() { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; $query = "SELECT * FROM bis.tbl_orgform @@ -26,8 +26,8 @@ class Orgform_model extends DB_Model $result = $this->db->query($query); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } } \ No newline at end of file diff --git a/application/models/crm/Akte_model.php b/application/models/crm/Akte_model.php index 968b089c9..b55d944d4 100644 --- a/application/models/crm/Akte_model.php +++ b/application/models/crm/Akte_model.php @@ -18,17 +18,14 @@ class Akte_model extends DB_Model public function getAkten($person_id, $dokument_kurzbz = null, $stg_kz = null, $prestudent_id = null) { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); - - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_dokument'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_dokument'), FHC_MODEL_ERROR); - - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_dokumentstudiengang'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_dokumentstudiengang'), FHC_MODEL_ERROR); - - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_dokumentprestudent'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_dokumentprestudent'), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_dokument', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_dokumentstudiengang', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; $query = 'SELECT akte_id, person_id, @@ -81,9 +78,9 @@ class Akte_model extends DB_Model $result = $this->db->query($query, $parametersArray); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** @@ -92,13 +89,13 @@ class Akte_model extends DB_Model public function getAktenAccepted($person_id, $dokument_kurzbz = null) { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz($this->dbTable), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz($this->dbTable), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_prestudent'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_prestudent'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_dokumentprestudent'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_dokumentprestudent'), FHC_MODEL_ERROR); - //CASE WHEN dp.dokument_kurzbz IS NOT NULL THEN TRUE ELSE FALSE END AS accepted + if (($chkRights = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + $query = 'SELECT a.akte_id, a.person_id, a.dokument_kurzbz, @@ -137,8 +134,8 @@ class Akte_model extends DB_Model $result = $this->db->query($query, $parametersArray); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } } \ No newline at end of file diff --git a/application/models/crm/Dokumentprestudent_model.php b/application/models/crm/Dokumentprestudent_model.php index 9254c1e72..2e522f047 100644 --- a/application/models/crm/Dokumentprestudent_model.php +++ b/application/models/crm/Dokumentprestudent_model.php @@ -14,7 +14,7 @@ class Dokumentprestudent_model extends DB_Model public function setAccepted($prestudent_id, $studiengang_kz) { - if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', 'i', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) return $chkRights; $result = null; @@ -39,14 +39,14 @@ class Dokumentprestudent_model extends DB_Model } if ($result) - return $this->_success($result); + return success($result); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } public function setAcceptedDocuments($prestudent_id, $dokument_kurzbz) { - if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', 'i', FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + if (($chkRights = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) return $chkRights; $result = null; @@ -70,8 +70,8 @@ class Dokumentprestudent_model extends DB_Model } if ($result) - return $this->_success($result); + return success($result); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } } \ No newline at end of file diff --git a/application/models/crm/Prestudentstatus_model.php b/application/models/crm/Prestudentstatus_model.php index 6d960a07b..c91a40291 100644 --- a/application/models/crm/Prestudentstatus_model.php +++ b/application/models/crm/Prestudentstatus_model.php @@ -19,22 +19,20 @@ class Prestudentstatus_model extends DB_Model public function getLastStatus($prestudent_id, $studiensemester_kurzbz = '', $status_kurzbz = '') { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_prestudentstatus'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_prestudentstatus'), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('lehre.tbl_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('lehre.tbl_studienplan'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('lehre.tbl_studienplan'), FHC_MODEL_ERROR); - - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_status'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_status'), FHC_MODEL_ERROR); - - $query = "SELECT tbl_prestudentstatus.*, + $query = 'SELECT tbl_prestudentstatus.*, bezeichnung AS studienplan_bezeichnung, tbl_status.bezeichnung_mehrsprachig FROM public.tbl_prestudentstatus LEFT JOIN lehre.tbl_studienplan USING (studienplan_id) JOIN public.tbl_status USING (status_kurzbz) WHERE tbl_status.status_kurzbz = tbl_prestudentstatus.status_kurzbz - AND prestudent_id = ?"; + AND prestudent_id = ?'; $parametersArray = array($prestudent_id); @@ -54,8 +52,8 @@ class Prestudentstatus_model extends DB_Model $result = $this->db->query($query, $parametersArray); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } } \ No newline at end of file diff --git a/application/models/organisation/Organisationseinheit_model.php b/application/models/organisation/Organisationseinheit_model.php index 3e668c4af..d33454e95 100644 --- a/application/models/organisation/Organisationseinheit_model.php +++ b/application/models/organisation/Organisationseinheit_model.php @@ -38,9 +38,9 @@ class Organisationseinheit_model extends DB_Model if ($res = $this->db->query($qry)) - return $this->_success($res); + return success($res); else - return $this->_error($this->db->error()); + return error($this->db->error()); } /** @@ -81,11 +81,11 @@ class Organisationseinheit_model extends DB_Model if ($result = $this->db->query($query, array($oe_kurzbz))) { - return $this->_success($result->result()); + return success($result->result()); } else { - return $this->_error($this->db->error()); + return error($this->db->error()); } } } \ No newline at end of file diff --git a/application/models/organisation/Studiengang_model.php b/application/models/organisation/Studiengang_model.php index bf67e8a46..d6c6e8736 100644 --- a/application/models/organisation/Studiengang_model.php +++ b/application/models/organisation/Studiengang_model.php @@ -18,11 +18,10 @@ class Studiengang_model extends DB_Model public function getAllForBewerbung() { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('lehre.vw_studienplan'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('lehre.vw_studienplan'), FHC_MODEL_ERROR); - - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('bis.tbl_lgartcode'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('bis.tbl_lgartcode'), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled('lehre.vw_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('bis.tbl_lgartcode', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; $allForBewerbungQuery = 'SELECT DISTINCT studiengang_kz, typ, @@ -99,7 +98,7 @@ class Studiengang_model extends DB_Model $result = $this->db->query($allForBewerbungQuery); - return $this->_success($result->result()); + return success($result->result()); } /** diff --git a/application/models/organisation/Studiensemester_model.php b/application/models/organisation/Studiensemester_model.php index fb68162bb..bc1c0436b 100644 --- a/application/models/organisation/Studiensemester_model.php +++ b/application/models/organisation/Studiensemester_model.php @@ -15,35 +15,35 @@ class Studiensemester_model extends DB_Model public function getLastOrAktSemester($days = 60) { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_studiensemester'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_studiensemester'), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled('public.tbl_studiensemester', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; if (!is_numeric($days)) { $days = 60; } - $query = "SELECT studiensemester_kurzbz + $query = 'SELECT studiensemester_kurzbz FROM public.tbl_studiensemester - WHERE start < NOW() - '" . $days . " DAYS'::INTERVAL + WHERE start < NOW() - \'' . $days . ' DAYS\'::INTERVAL ORDER BY start DESC - LIMIT 1"; + LIMIT 1'; $result = $this->db->query($query); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } public function getNextFrom($studiensemester_kurzbz) { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_studiensemester'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_studiensemester'), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled('public.tbl_studiensemester', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; - $query = "SELECT studiensemester_kurzbz, + $query = 'SELECT studiensemester_kurzbz, start, ende FROM public.tbl_studiensemester @@ -53,14 +53,14 @@ class Studiensemester_model extends DB_Model WHERE studiensemester_kurzbz = ? ) ORDER BY start - LIMIT 1"; + LIMIT 1'; $result = $this->db->query($query, array($studiensemester_kurzbz)); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** @@ -69,13 +69,13 @@ class Studiensemester_model extends DB_Model public function getNearest($semester = '') { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.vw_studiensemester'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.vw_studiensemester'), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled('public.vw_studiensemester', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; - $query = "SELECT studiensemester_kurzbz, + $query = 'SELECT studiensemester_kurzbz, start, ende - FROM public.vw_studiensemester"; + FROM public.vw_studiensemester'; if (is_numeric($semester)) { @@ -88,16 +88,16 @@ class Studiensemester_model extends DB_Model $ss = 'WS'; } - $query .= " WHERE SUBSTRING(studiensemester_kurzbz FROM 1 FOR 2) = '" . $ss . "'"; + $query .= ' WHERE SUBSTRING(studiensemester_kurzbz FROM 1 FOR 2) = '' . $ss . '''; } - $query .= " ORDER BY delta LIMIT 1"; + $query .= ' ORDER BY delta LIMIT 1'; $result = $this->db->query($query); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } } \ No newline at end of file diff --git a/application/models/person/Person_model.php b/application/models/person/Person_model.php index d139788b4..0b277b792 100644 --- a/application/models/person/Person_model.php +++ b/application/models/person/Person_model.php @@ -68,9 +68,9 @@ class Person_model extends DB_Model $result = $this->db->query($checkBewerbungQuery, $parametersArray); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } public function updatePerson($person) diff --git a/application/models/system/Message_model.php b/application/models/system/Message_model.php index 6d804aabe..6fd630e18 100644 --- a/application/models/system/Message_model.php +++ b/application/models/system/Message_model.php @@ -1,6 +1,6 @@ dbTable = "public.tbl_msg_message"; - $this->pk = "message_id"; + $this->dbTable = 'public.tbl_msg_message'; + $this->pk = 'message_id'; } /** @@ -19,15 +19,15 @@ class Message_model extends DB_Model */ public function getMessagesByPerson($person_id, $all) { - // Check wrights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_message"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_message"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_person"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_person"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_status"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_status"), FHC_MODEL_ERROR); + // Checks if the operation is permitted by the API caller + if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; - $sql = "SELECT m.message_id, + $sql = 'SELECT m.message_id, m.person_id, m.subject, m.body, @@ -51,23 +51,23 @@ class Message_model extends DB_Model %s ORDER BY insertamum DESC ) s ON (m.message_id = s.message_id AND m.person_id = s.person_id) - WHERE m.person_id = ?"; + WHERE m.person_id = ?'; $parametersArray = array($person_id); - if ($all == "true") + if ($all == 'true') { - $sql = sprintf($sql, ""); + $sql = sprintf($sql, ''); } else { - $sql = sprintf($sql, "WHERE status >= 3"); + $sql = sprintf($sql, 'WHERE status >= 3'); } $result = $this->db->query($sql, $parametersArray); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } -} +} \ No newline at end of file diff --git a/application/models/system/Phrase_model.php b/application/models/system/Phrase_model.php index d88b60e74..1433ef43b 100644 --- a/application/models/system/Phrase_model.php +++ b/application/models/system/Phrase_model.php @@ -18,10 +18,10 @@ class Phrase_model extends DB_Model public function getPhrases($app, $sprache, $phrase = null, $orgeinheit_kurzbz = null, $orgform_kurzbz = null) { // Checks if the operation is permitted by the API caller - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('system.tbl_phrase'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('system.tbl_phrase'), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('system.tbl_phrasentext'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('system.tbl_phrasentext'), FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled('system.tbl_phrase', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('system.tbl_phrasentext', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; $parametersArray = array('app' => $app, 'sprache' => $sprache); @@ -61,8 +61,8 @@ class Phrase_model extends DB_Model $result = $this->db->query($query, $parametersArray); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } } diff --git a/application/models/system/Recipient_model.php b/application/models/system/Recipient_model.php index 27d38377a..1aaa2690b 100644 --- a/application/models/system/Recipient_model.php +++ b/application/models/system/Recipient_model.php @@ -8,8 +8,8 @@ class Recipient_model extends DB_Model public function __construct() { parent::__construct(); - $this->dbTable = "public.tbl_msg_recipient"; - $this->pk = array("person_id", "message_id"); + $this->dbTable = 'public.tbl_msg_recipient'; + $this->pk = array('person_id', 'message_id'); $this->hasSequence = false; } @@ -18,17 +18,17 @@ class Recipient_model extends DB_Model */ public function getMessage($message_id, $person_id) { - // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_recipient"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_recipient"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_message"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_message"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_person"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_person"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_kontakt"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_kontakt"), FHC_MODEL_ERROR); - - $query = "SELECT mr.message_id, + // Checks if the operation is permitted by the API caller + if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + + $query = 'SELECT mr.message_id, mr.person_id, mm.subject, mm.body, @@ -40,18 +40,18 @@ class Recipient_model extends DB_Model INNER JOIN public.tbl_person p ON (mm.person_id = p.person_id) LEFT JOIN public.tbl_benutzer b ON (mr.person_id = b.person_id) LEFT JOIN ( - SELECT person_id, kontakt FROM public.tbl_kontakt WHERE kontakttyp = 'email' + SELECT person_id, kontakt FROM public.tbl_kontakt WHERE kontakttyp = \'email\' ) ks ON (ks.person_id = mr.person_id) - WHERE mr.message_id = ? AND mr.person_id = ?"; + WHERE mr.message_id = ? AND mr.person_id = ?'; $parametersArray = array($message_id, $person_id); // Get data of the messages to sent $result = $this->db->query($query, $parametersArray); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** @@ -59,15 +59,15 @@ class Recipient_model extends DB_Model */ public function getMessageByToken($token) { - // Check wrights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_recipient"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_recipient"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_message"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_message"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_status"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_status"), FHC_MODEL_ERROR); + // Checks if the operation is permitted by the API caller + if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; - $sql = "SELECT r.message_id, + $sql = 'SELECT r.message_id, m.person_id as sender_id, r.person_id as receiver_id, m.subject, @@ -83,13 +83,13 @@ class Recipient_model extends DB_Model SELECT * FROM public.tbl_msg_status WHERE status < ? ORDER BY insertamum DESC, status DESC ) s ON (r.message_id = s.message_id AND r.person_id = s.person_id) WHERE r.token = ? - LIMIT 1"; + LIMIT 1'; $result = $this->db->query($sql, array(MSG_STATUS_DELETED, $token)); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** @@ -97,17 +97,17 @@ class Recipient_model extends DB_Model */ public function getMessagesByPerson($person_id, $all) { - // Check wrights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_recipient"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_recipient"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_message"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_message"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_person"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_person"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_status"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_status"), FHC_MODEL_ERROR); + // Checks if the operation is permitted by the API caller + if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; - $sql = "SELECT DISTINCT ON (r.message_id) r.message_id, + $sql = 'SELECT DISTINCT ON (r.message_id) r.message_id, m.person_id, m.subject, m.body, @@ -133,25 +133,25 @@ class Recipient_model extends DB_Model ORDER BY insertamum DESC ) s ON (m.message_id = s.message_id AND r.person_id = s.person_id) WHERE r.person_id = ? - ORDER BY r.message_id DESC, s.status DESC"; + ORDER BY r.message_id DESC, s.status DESC'; $parametersArray = array($person_id); - if ($all == "true") + if ($all == 'true') { - $sql = sprintf($sql, ""); + $sql = sprintf($sql, ''); } else { array_push($parametersArray, $person_id, $person_id); - $sql = sprintf($sql, "WHERE person_id = ? AND message_id NOT IN (SELECT message_id FROM public.tbl_msg_status WHERE status >= 3 AND person_id = ?)"); + $sql = sprintf($sql, 'WHERE person_id = ? AND message_id NOT IN (SELECT message_id FROM public.tbl_msg_status WHERE status >= 3 AND person_id = ?)'); } $result = $this->db->query($sql, $parametersArray); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** @@ -159,23 +159,23 @@ class Recipient_model extends DB_Model */ public function getMessagesByUID($uid, $all) { - // Check wrights - // @ToDo: Define the special wright for reading own messages "basis/message:own" + // Checks if the operation is permitted by the API caller + // @ToDo: Define the special right for reading own messages 'basis/message:own' // if same user if ($uid === getAuthUID()) { - if (! $this->fhc_db_acl->isBerechtigt("basis/message", "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> basis/message", FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; } // if different user, for reading messages from other users else { - if (! $this->fhc_db_acl->isBerechtigt("basis/message", "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> basis/message:all", FHC_MODEL_ERROR); + if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; } // get Data - $sql = "SELECT b.uid, + $sql = 'SELECT b.uid, m.person_id, m.message_id, m.subject, @@ -199,16 +199,16 @@ class Recipient_model extends DB_Model JOIN ( SELECT * FROM public.tbl_msg_status ORDER BY insertamum DESC LIMIT 1 ) s ON (r.message_id = s.message_id AND r.person_id = s.person_id) - WHERE b.uid = ?"; + WHERE b.uid = ?'; if (! $all) - $sql .= " AND (status < 3 OR status IS NULL)"; + $sql .= ' AND (status < 3 OR status IS NULL)'; $result = $this->db->query($sql, array($uid)); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } /** @@ -223,15 +223,15 @@ class Recipient_model extends DB_Model */ public function getMessages($kontaktType, $sent, $limit = null, $message_id = null) { - // Check rights - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_recipient"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_recipient"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_msg_message"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_msg_message"), FHC_MODEL_ERROR); - if (! $this->fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz("public.tbl_kontakt"), "s")) - return $this->_error(lang("fhc_".FHC_NORIGHT)." -> ".$this->getBerechtigungKurzbz("public.tbl_kontakt"), FHC_MODEL_ERROR); - - $query = "SELECT mm.message_id, + // Checks if the operation is permitted by the API caller + if (($chkRights = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + if (($chkRights = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + + $query = 'SELECT mm.message_id, ks.kontakt as sender, kr.kontakt as receiver, mr.person_id as receiver_id, @@ -245,39 +245,39 @@ class Recipient_model extends DB_Model ) ks ON (ks.person_id = mm.person_id) LEFT JOIN ( SELECT person_id, kontakt FROM public.tbl_kontakt WHERE kontakttyp = ? - ) kr ON (kr.person_id = mr.person_id)"; + ) kr ON (kr.person_id = mr.person_id)'; $parametersArray = array($kontaktType, $kontaktType); - if (is_null($sent) || $sent == "") + if (is_null($sent) || $sent == '') { - $query .= " WHERE mr.sent IS NULL"; + $query .= ' WHERE mr.sent IS NULL'; } else { array_push($parametersArray, $sent); - $query .= " WHERE mr.sent = ?"; + $query .= ' WHERE mr.sent = ?'; } if (!is_null($message_id)) { array_push($parametersArray, $message_id); - $query .= " AND mm.message_id = ?"; + $query .= ' AND mm.message_id = ?'; } - $query .= " ORDER BY mr.insertamum ASC"; + $query .= ' ORDER BY mr.insertamum ASC'; if (!is_null($limit)) { - $query .= " LIMIT ?"; + $query .= ' LIMIT ?'; array_push($parametersArray, $limit); } // Get data of the messages to sent $result = $this->db->query($query, $parametersArray); if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } -} +} \ No newline at end of file diff --git a/application/models/system/Vorlage_model.php b/application/models/system/Vorlage_model.php index 4d39e82e3..45541f601 100644 --- a/application/models/system/Vorlage_model.php +++ b/application/models/system/Vorlage_model.php @@ -18,8 +18,8 @@ class Vorlage_model extends DB_Model if ($res = $this->db->query($qry)) - return $this->_success($res); + return success($res); else - return $this->_error($this->db->error()); + return error($this->db->error()); } } diff --git a/application/models/system/Vorlagedokument_model.php b/application/models/system/Vorlagedokument_model.php index 62741d52b..45ac287a1 100644 --- a/application/models/system/Vorlagedokument_model.php +++ b/application/models/system/Vorlagedokument_model.php @@ -1,7 +1,7 @@ fhc_db_acl->isBerechtigt($this->getBerechtigungKurzbz('public.tbl_vorlagedokument'), 's')) - return $this->_error(lang('fhc_'.FHC_NORIGHT).' -> '.$this->getBerechtigungKurzbz('public.tbl_vorlagedokument'), FHC_MODEL_ERROR); - + if (($chkRights = $this->isEntitled('public.tbl_vorlagedokument', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)) !== true) + return $chkRights; + $result = null; - - $qry = "SELECT vorlagedokument_id, sort, vorlagestudiengang_id, dokument_kurzbz, bezeichnung - FROM public.tbl_vorlagedokument - JOIN public.tbl_dokument USING(dokument_kurzbz) - WHERE vorlagestudiengang_id=? - ORDER BY sort ASC - "; - + + $qry = 'SELECT vorlagedokument_id, + sort, + vorlagestudiengang_id, + dokument_kurzbz, + bezeichnung + FROM public.tbl_vorlagedokument + JOIN public.tbl_dokument USING(dokument_kurzbz) + WHERE vorlagestudiengang_id = ? + ORDER BY sort ASC'; + $result = $this->db->query($qry, array($vorlagestudiengang_id)); - - + if (is_object($result)) - return $this->_success($result->result()); + return success($result->result()); else - return $this->_error($this->db->error(), FHC_DB_ERROR); + return error($this->db->error(), FHC_DB_ERROR); } -} +} \ No newline at end of file