From a390eefd75772e5ac59cab88be758fbcfc145a4a Mon Sep 17 00:00:00 2001
From: SimonGschnell <simongschnell@gmail.com>
Date: Wed, 24 Jan 2024 16:06:22 +0100
Subject: [PATCH] add/delete/update kontakt is possible

---
 application/controllers/Cis/Profil.php        |   7 +-
 application/controllers/Cis/ProfilUpdate.php  | 139 ++++++++++++------
 .../components/Cis/Profil/EditProfilSelect.js |  11 +-
 .../Profil/ProfilComponents/EditAdresse.js    |   1 +
 .../Profil/ProfilComponents/EditKontakt.js    |   8 +-
 .../Cis/ProfilUpdate/AcceptDenyUpdate.js      |  10 +-
 6 files changed, 115 insertions(+), 61 deletions(-)

diff --git a/application/controllers/Cis/Profil.php b/application/controllers/Cis/Profil.php
index cdd3ecde1..80f168585 100644
--- a/application/controllers/Cis/Profil.php
+++ b/application/controllers/Cis/Profil.php
@@ -95,6 +95,7 @@ class Profil extends Auth_Controller
 
 		$json = json_decode($this->input->raw_input_stream);
 		$payload = $json->payload;
+	
 		$type = property_exists($json->payload,"kontakt_id")? "kontakt_id" : "adresse_id";
 		
 		$name = $this->PersonModel->getFullName($this->uid);
@@ -449,7 +450,8 @@ class Profil extends Auth_Controller
 		if (
 
 			//? kontaktdaten soll auch nur der user selbst sehen
-			isSuccess($this->KontaktModel->addSelect('DISTINCT ON (kontakttyp) kontakttyp, kontakt_id, kontakt, tbl_kontakt.anmerkung, tbl_kontakt.zustellung')) &&
+			//DISTINCT ON (kontakttyp)
+			isSuccess($this->KontaktModel->addSelect(['kontakttyp','kontakt_id','kontakt', 'tbl_kontakt.anmerkung', 'tbl_kontakt.zustellung'])) &&
 			isSuccess($this->KontaktModel->addJoin('public.tbl_standort', 'standort_id', 'LEFT')) &&
 			isSuccess($this->KontaktModel->addJoin('public.tbl_firma', 'firma_id', 'LEFT')) &&
 			isSuccess($this->KontaktModel->addOrder('kontakttyp, kontakt, tbl_kontakt.updateamum, tbl_kontakt.insertamum'))
@@ -664,7 +666,8 @@ class Profil extends Auth_Controller
 		if (
 
 			//? kontaktdaten soll auch nur der user selbst sehen
-			isSuccess($this->KontaktModel->addSelect('DISTINCT ON (kontakttyp) kontakttyp, kontakt_id, kontakt, tbl_kontakt.anmerkung, tbl_kontakt.zustellung')) &&
+			//DISTINCT ON (kontakttyp) 
+			isSuccess($this->KontaktModel->addSelect(['kontakttyp', 'kontakt_id', 'kontakt', 'tbl_kontakt.anmerkung', 'tbl_kontakt.zustellung'])) &&
 			isSuccess($this->KontaktModel->addJoin('public.tbl_standort', 'standort_id', 'LEFT')) &&
 			isSuccess($this->KontaktModel->addJoin('public.tbl_firma', 'firma_id', 'LEFT')) &&
 			isSuccess($this->KontaktModel->addOrder('kontakttyp, kontakt, tbl_kontakt.updateamum, tbl_kontakt.insertamum'))
diff --git a/application/controllers/Cis/ProfilUpdate.php b/application/controllers/Cis/ProfilUpdate.php
index 32b54ac8e..48760d0dc 100644
--- a/application/controllers/Cis/ProfilUpdate.php
+++ b/application/controllers/Cis/ProfilUpdate.php
@@ -17,9 +17,7 @@ class ProfilUpdate extends Auth_Controller
 			'denyProfilRequest'=>['user:r'],
 
 		]);
-		//? put the uid and pid inside the controller to reuse in controller
-		$this->uid = getAuthUID();
-		$this->pid = getAuthPersonID();
+		
 
 		$this->load->model('person/Profil_change_model','ProfilChangeModel');
 		$this->load->model('person/Kontakt_model','KontaktModel');
@@ -44,48 +42,27 @@ class ProfilUpdate extends Auth_Controller
 		
 		$id = $this->input->post('profil_update_id',true);
 		$uid = $this->input->post('uid',true);	
+		//? fetching person_id using UID
+		$personID = $this->PersonModel->getByUid($uid);
+		$personID = hasData($personID)? getData($personID)[0]->person_id : null;
 		$status_message = $this->input->post('status_message',true);
 		$topic = $this->input->post('topic',true);
-		$requested_change = $this->input->post('requested_change',true);
+		//! somehow the xss check converted boolean false to empty string
+		$requested_change = $this->input->post('requested_change');
+
+		//! check for required information
+		if(!isset($id) || !isset($uid) || !isset($personID) || !isset($requested_change) || !isset($topic)){
+			return json_encode(error("missing required information"));
+		}
 		
 		
-		print_r($_POST);
-		//! PROPERTY EXISTS DOES NOT WORK FOR ASSOCIATIVE ARRAYS
-		if(property_exists($requested_change,"adresse_id")){
-			echo 'if';
+		if(is_array($requested_change) && array_key_exists("adresse_id",$requested_change)){
+			$this->handleAdresse($requested_change);
 			return;
-
-			$this->AdressenTypModel->addSelect(["adressentyp_kurzbz"]);
-			$adr_kurzbz = $this->AdressenTypModel->loadWhere(["bezeichnung"=>$requested_change['typ']]);
-			$adr_kurzbz = hasData($adr_kurzbz)? getData($adr_kurzbz)[0]->adressentyp_kurzbz : null;
-			//? replace the address_typ with its correct kurzbz foreign key
-			$requested_change['typ']= $adr_kurzbz;
-			
-			$adresse_id = $requested_change["adresse_id"];
-			//? removes the adresse_id because we don't want to update the kontakt_id in the database
-			unset($requested_change["adresse_id"]);
-
-			$res = $this->AdresseModel->update($adresse_id, $requested_change);
-			echo json_encode($res);
-		}else if (property_exists($requested_change,"kontakt_id")){
-			echo 'else if';
-			return;
-			
-			$kontakt_id = $requested_change["kontakt_id"];
-			//? removes the kontakt_id because we don't want to update the kontakt_id in the database
-			unset($requested_change["kontakt_id"]);
-			
-			
-			$res = $this->KontaktModel->update($kontakt_id,$requested_change);
-			
-			echo json_encode($res);
-
+		}else if (is_array($requested_change) && array_key_exists("kontakt_id", $requested_change)){
+			$this->handleKontakt($requested_change, $personID);
 		}else{
-			echo 'else';
-			return;
-			//? fetching person_id using UID
-			$personID = $this->PersonModel->getByUid($uid);
-			$personID = hasData($personID)? getData($personID)[0]->person_id : null;
+			
 			
 			switch($topic){
 				case "titel": $topic ="titelpre"; break;
@@ -96,11 +73,9 @@ class ProfilUpdate extends Auth_Controller
 			echo json_encode($res);
 		}
 
-		return;
-		if(isset($id)){
-			$res =$this->ProfilChangeModel->update([$id], ["status"=>"accepted","status_timestamp"=>"NOW()","status_message"=>$status_message]);
-			echo json_encode($res);
-		} 
+		
+		echo json_encode($this->setStatusOnUpdateRequest($id, "accepted", $status_message));
+		 
 
 	}
 
@@ -110,12 +85,78 @@ class ProfilUpdate extends Auth_Controller
 		$id = $this->input->post('profil_update_id',true);
 		$status_message = $this->input->post('status_message',true);
 		
-		if(isset($id)){
-			$res = $this->ProfilChangeModel->update([$id],["status"=>"rejected","status_timestamp"=>"NOW()","status_mesage"=>$status_message]);
-			echo json_encode($res);
-			
-		}
+		
+		echo json_encode($this->setStatusOnUpdateRequest($id, "rejected", $status_message));
+		
 		
 
 	}
+
+	private function setStatusOnUpdateRequest($id, $status, $status_message){
+		return $this->ProfilChangeModel->update([$id],["status"=>$status,"status_timestamp"=>"NOW()","status_message"=>$status_message]);
+	}
+
+	private function handleKontakt($requested_change, $personID){
+		$kontakt_id = $requested_change["kontakt_id"];
+		//? removes the kontakt_id because we don't want to update the kontakt_id in the database
+		unset($requested_change["kontakt_id"]);
+		
+
+		//! ADD
+		if(array_key_exists('add',$requested_change) && $requested_change['add']){
+			//? removes add flag
+			unset($requested_change['add']);
+			//? fields like insertvon are not filled when inserting new row
+			$requested_change['person_id'] = $personID;
+			$res = $this->KontaktModel->insert($requested_change);
+		}
+		//! DELETE
+		elseif(array_key_exists('delete',$requested_change) && $requested_change['delete']){
+			$res = $this->KontaktModel->delete($kontakt_id);
+		}
+		//! UPDATE
+		else{
+			$res = $this->KontaktModel->update($kontakt_id,$requested_change);
+		}
+		return $res;
+	}
+
+	private function handleAdresse($requested_change){
+
+		$this->AdressenTypModel->addSelect(["adressentyp_kurzbz"]);
+		$adr_kurzbz = $this->AdressenTypModel->loadWhere(["bezeichnung"=>$requested_change['typ']]);
+		$adr_kurzbz = hasData($adr_kurzbz)? getData($adr_kurzbz)[0]->adressentyp_kurzbz : null;
+		//? replace the address_typ with its correct kurzbz foreign key
+		$requested_change['typ']= $adr_kurzbz;
+		
+		$adresse_id = $requested_change["adresse_id"];
+		//? removes the adresse_id because we don't want to update the kontakt_id in the database
+		unset($requested_change["adresse_id"]);
+
+		
+		//! ADD
+		if(array_key_exists('add',$requested_change) && $requested_change['add']){
+			//? removes add flag
+			unset($requested_change['add']);
+			echo "add";
+			var_dump($requested_change);
+			return;
+			$res = $this->AdresseModel->insert($requested_change);
+		}
+		//! DELETE
+		elseif(array_key_exists('delete',$requested_change) && $requested_change['delete']){
+			echo "delete";
+			var_dump($requested_change);
+			return;
+			$res = $this->AdresseModel->delete($adresse_id);
+		}
+		//! UPDATE
+		else{
+			echo "update";
+			var_dump($requested_change);
+			return;
+			$res = $this->AdresseModel->update($adresse_id,$requested_change);
+		}
+		return $res;
+	}
 }
\ No newline at end of file
diff --git a/public/js/components/Cis/Profil/EditProfilSelect.js b/public/js/components/Cis/Profil/EditProfilSelect.js
index b620c2848..706cec63e 100644
--- a/public/js/components/Cis/Profil/EditProfilSelect.js
+++ b/public/js/components/Cis/Profil/EditProfilSelect.js
@@ -66,14 +66,16 @@ export default {
         
         this.data= this.view=="EditAdresse"?
         {
-          added:true,
+          //? add flag
+          add:true,
           adresse_id: null,
           strasse: null,
-          adr_typ: null,
+          typ: null,
           plz: null,
           ort: null
         }: {
-          added:true,
+          //? add flag
+          add:true,
           kontakt_id: null,
           kontakttyp: null,
           kontakt: null,
@@ -85,7 +87,8 @@ export default {
       },
 
       deleteItem: function(item){
-        
+        //? delete flag 
+        item.data.delete = true;
         this.$emit('update:profilUpdate',item.data);
         //? updates the topic when a Kontakt or an Address should be deleted
         this.topic = item.data.kontakt?"Delete Kontakte":"Delete Adressen";
diff --git a/public/js/components/Cis/Profil/ProfilComponents/EditAdresse.js b/public/js/components/Cis/Profil/ProfilComponents/EditAdresse.js
index 183f8fd8d..015a5ef5f 100644
--- a/public/js/components/Cis/Profil/ProfilComponents/EditAdresse.js
+++ b/public/js/components/Cis/Profil/ProfilComponents/EditAdresse.js
@@ -26,6 +26,7 @@ export default {
         
     },
     template:`
+   
      <div class="gy-3 row justify-content-center align-items-center">
     
     <!-- column 1 in the address row -->
diff --git a/public/js/components/Cis/Profil/ProfilComponents/EditKontakt.js b/public/js/components/Cis/Profil/ProfilComponents/EditKontakt.js
index 2343e7dfb..1b885be05 100644
--- a/public/js/components/Cis/Profil/ProfilComponents/EditKontakt.js
+++ b/public/js/components/Cis/Profil/ProfilComponents/EditKontakt.js
@@ -49,9 +49,13 @@ export default {
     
             <select :value="data.kontakttyp" @change="updateValue($event,'kontakttyp')" class="form-select" aria-label="Select Kontakttyp">
                 <option selected></option>
-                <option value="email">Email</option>
-                <option value="telefon">Telefon</option>
+                <option value="email">E-mail</option>
+                <option value="telefon">Telefonnummer</option>
                 <option value="notfallkontakt">Notfallkontakt</option>
+                <option value="mobil">Mobiltelefonnummer</option>
+                <option value="homepage">Homepage</option>
+                <option value="fax">Faxnummer</option>
+                
             </select>    
         </div>
         
diff --git a/public/js/components/Cis/ProfilUpdate/AcceptDenyUpdate.js b/public/js/components/Cis/ProfilUpdate/AcceptDenyUpdate.js
index 6b05a7bf3..f7cd05e31 100644
--- a/public/js/components/Cis/ProfilUpdate/AcceptDenyUpdate.js
+++ b/public/js/components/Cis/ProfilUpdate/AcceptDenyUpdate.js
@@ -44,7 +44,7 @@ export default {
 
   methods: {
     acceptRequest: function(){
-      console.log(this.data.profil_update_id);
+      
       Vue.$fhcapi.ProfilUpdate.acceptProfilRequest(this.data).then(res =>{
         console.log("res",res);
         console.log("res.data",res.data);
@@ -108,6 +108,7 @@ export default {
     return BsModal.popup.bind(this)(null, options);
   },
   template: `
+
   <bs-modal ref="modalContainer" v-bind="$props" body-class="" dialog-class="modal-lg" class="bootstrap-alert" backdrop="false" >
     
     <template v-slot:title>
@@ -116,14 +117,15 @@ export default {
 
 
     <template v-slot:default>
-   
+
     <!-- debugging prints 
     <pre>{{JSON.stringify(data.profil_update_id,null,2)}}</pre>
     <pre>view {{getComponentView}}</pre>
     <pre>topic {{JSON.stringify(data.topic,null,2)}}</pre>
-    <pre>data {{JSON.stringify(data.requested_change,null,2)}}</pre>
+    
     -->
-    <div class="row">
+    
+   <div class="row">
     <div  class="form-underline mb-2 col">
       <div class="form-underline-titel">Status: </div>