mirror of
https://github.com/FH-Complete/FHC-Core.git
synced 2026-07-16 06:22:18 +00:00
add checkBerechtigungen for Notes person_id and notes prestudent_id
This commit is contained in:
@@ -20,6 +20,66 @@ class NotizPerson extends Notiz_Controller
|
||||
'isBerechtigt' => ['admin:r', 'assistenz:r'],
|
||||
'getCountNotes' => ['admin:r', 'assistenz:r'],
|
||||
]);
|
||||
|
||||
//Load Models
|
||||
$this->load->model('person/Benutzer_model', 'BenutzerModel');
|
||||
$this->load->model('crm/Student_model', 'StudentModel');
|
||||
|
||||
//Permission checks for allowed Oes
|
||||
if ($this->router->method == 'addNewNotiz')
|
||||
{
|
||||
$json = $this->input->post('data');
|
||||
$post_data = json_decode($json, true);
|
||||
$person_id = $post_data['id'];
|
||||
|
||||
$allowedStgs = $this->permissionlib->getSTG_isEntitledFor('assistenz') ?: [];
|
||||
|
||||
if(!$person_id)
|
||||
{
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Person ID']), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
$this->_checkIfBerechtigungForOneUidExists($person_id, $allowedStgs);
|
||||
}
|
||||
|
||||
if ( $this->router->method == 'updateNotiz')
|
||||
{
|
||||
$json = $this->input->post('data');
|
||||
$post_data = json_decode($json, true);
|
||||
$notiz_id = $post_data['notiz_id'];
|
||||
|
||||
if(!$notiz_id)
|
||||
{
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Notiz ID']), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
|
||||
//get person_id
|
||||
$result = $this->NotizzuordnungModel->loadWhere(['notiz_id' => $notiz_id]);
|
||||
|
||||
$data = $this->getDataOrTerminateWithError($result);
|
||||
$person_id = current($data)->person_id;
|
||||
|
||||
$allowedStgs = $this->permissionlib->getSTG_isEntitledFor('assistenz') ?: [];
|
||||
$this->_checkIfBerechtigungForOneUidExists($person_id, $allowedStgs);
|
||||
}
|
||||
|
||||
if ($this->router->method == 'deleteNotiz' )
|
||||
{
|
||||
$notiz_id = $this->input->post('notiz_id');
|
||||
$person_id = $this->input->post('id');
|
||||
|
||||
if(!$notiz_id)
|
||||
{
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Notiz ID']), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
|
||||
if(!$person_id)
|
||||
{
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'person ID']), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
|
||||
$allowedStgs = $this->permissionlib->getSTG_isEntitledFor('assistenz') ?: [];
|
||||
$this->_checkIfBerechtigungForOneUidExists($person_id, $allowedStgs);
|
||||
}
|
||||
}
|
||||
|
||||
public function isBerechtigt($id, $typeId)
|
||||
@@ -29,7 +89,6 @@ class NotizPerson extends Notiz_Controller
|
||||
$this->terminateWithError($this->p->t('ui', 'error_typeNotizIdIncorrect'), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
|
||||
//TODO define permission
|
||||
if (!$this->permissionlib->isBerechtigt('admin', 'suid') && !$this->permissionlib->isBerechtigt('assistenz', 'suid'))
|
||||
{
|
||||
$result = $this->p->t('lehre', 'error_keineSchreibrechte');
|
||||
@@ -39,13 +98,45 @@ class NotizPerson extends Notiz_Controller
|
||||
$this->terminateWithSuccess("berechtigt in überschreibender Funktion");
|
||||
}
|
||||
|
||||
public function loadDokumente()
|
||||
//stv: if person has permission of one studiengang of person -> permission to add/update/delete Note
|
||||
private function _checkIfBerechtigungForOneUidExists($person_id, $allowedStgs)
|
||||
{
|
||||
$notiz_id = $this->input->post('notiz_id');
|
||||
//get all studentUids of person_id
|
||||
$result = $this->BenutzerModel->loadWhere(['person_id' => $person_id]);
|
||||
$data = $this->getDataOrTerminateWithError($result);
|
||||
|
||||
// TODO(chris): make CI variant of endpoint
|
||||
$this->NotizModel->addSelect($this->NotizModel->escape(base_url('content/notizdokdownload.php?id=')) . ' || campus.tbl_dms_version.dms_id AS preview');
|
||||
|
||||
return parent::loadDokumente();
|
||||
$checkarray = [];
|
||||
foreach ($data as $item)
|
||||
{
|
||||
//check if isStudent
|
||||
$result = $this->StudentModel->isStudent($item->uid);
|
||||
|
||||
$isStudent = $this->getDataOrTerminateWithError($result);
|
||||
if($isStudent)
|
||||
{
|
||||
$checkarray[] = $this->_checkAllowedStgsFromUid($item->uid, $allowedStgs);
|
||||
}
|
||||
|
||||
}
|
||||
if (!in_array(1, $checkarray))
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_keineBerechtigungStg'), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
|
||||
private function _checkAllowedStgsFromUid($student_uid, $allowedStgs)
|
||||
{
|
||||
$this->load->model('crm/Student_model', 'StudentModel');
|
||||
$result = $this->StudentModel->loadWhere(['student_uid' => $student_uid]);
|
||||
|
||||
$data = $this->getDataOrTerminateWithError($result);
|
||||
$studiengang_kz = current($data)->studiengang_kz;
|
||||
|
||||
if (!in_array($studiengang_kz, $allowedStgs))
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -15,6 +15,7 @@ class NotizPrestudent extends Notiz_Controller
|
||||
//Load Models
|
||||
$this->load->model('person/Notiz_model', 'NotizModel');
|
||||
$this->load->model('person/Notizzuordnung_model', 'NotizzuordnungModel');
|
||||
$this->load->model('crm/Student_model', 'StudentModel');
|
||||
|
||||
// Load Libraries
|
||||
$this->load->library('VariableLib', ['uid' => getAuthUID()]);
|
||||
@@ -23,6 +24,63 @@ class NotizPrestudent extends Notiz_Controller
|
||||
$this->loadPhrases([
|
||||
'ui'
|
||||
]);
|
||||
|
||||
//Permission checks for Studiengangsarray
|
||||
$allowedStgs = $this->permissionlib->getSTG_isEntitledFor('assistenz') ?: [];
|
||||
|
||||
if ($this->router->method == 'addNewNotiz')
|
||||
{
|
||||
$json = $this->input->post('data');
|
||||
$post_data = json_decode($json, true);
|
||||
$prestudent_id = $post_data['id'];
|
||||
|
||||
if(!$prestudent_id)
|
||||
{
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Lehreinheit ID']), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
$this->_checkAllowedOesFromPrestudent($prestudent_id, $allowedStgs);
|
||||
}
|
||||
|
||||
if ($this->router->method == 'updateNotiz')
|
||||
{
|
||||
$json = $this->input->post('data');
|
||||
$post_data = json_decode($json, true);
|
||||
$notiz_id = $post_data['notiz_id'];
|
||||
|
||||
if(!$notiz_id)
|
||||
{
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Notiz ID']), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
|
||||
//get prestudent_id
|
||||
$result = $this->NotizzuordnungModel->loadWhere(['notiz_id' => $notiz_id]);
|
||||
|
||||
$data = $this->getDataOrTerminateWithError($result);
|
||||
$prestudent_id = current($data)->prestudent_id;
|
||||
|
||||
if(!$prestudent_id)
|
||||
{
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Prestudent ID']), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
$this->_checkAllowedOesFromPrestudent($prestudent_id, $allowedStgs);
|
||||
}
|
||||
|
||||
if ($this->router->method == 'deleteNotiz')
|
||||
{
|
||||
$notiz_id = $this->input->post('notiz_id');
|
||||
$prestudent_id = $this->input->post('id');
|
||||
|
||||
if(!$notiz_id)
|
||||
{
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Notiz ID']), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
|
||||
if(!$prestudent_id)
|
||||
{
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Prestudent ID']), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
$this->_checkAllowedOesFromPrestudent($prestudent_id, $allowedStgs);
|
||||
}
|
||||
}
|
||||
|
||||
public function isBerechtigt($id, $typeId)
|
||||
@@ -32,7 +90,6 @@ class NotizPrestudent extends Notiz_Controller
|
||||
$this->terminateWithError($this->p->t('ui','error_typeNotizIdIncorrect'), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
|
||||
//TODO define permission
|
||||
if(!$this->permissionlib->isBerechtigt('admin', 'suid') && !$this->permissionlib->isBerechtigt('assistenz', 'suid'))
|
||||
{
|
||||
$result = $this->p->t('lehre','error_keineSchreibrechte');
|
||||
@@ -41,4 +98,20 @@ class NotizPrestudent extends Notiz_Controller
|
||||
}
|
||||
$this->terminateWithSuccess("berechtigt in überschreibender Funktion");
|
||||
}
|
||||
|
||||
private function _checkAllowedOesFromPrestudent($prestudent_id, $allowedStgs)
|
||||
{
|
||||
$student_uid = $this->StudentModel->getUID($prestudent_id);
|
||||
|
||||
$result = $this->StudentModel->loadWhere(['student_uid' => $student_uid]);
|
||||
|
||||
$data = $this->getDataOrTerminateWithError($result);
|
||||
$studiengang_kz = current($data)->studiengang_kz;
|
||||
|
||||
if (!in_array($studiengang_kz, $allowedStgs))
|
||||
{
|
||||
return $this->terminateWithError($this->p->t('ui', 'error_keineBerechtigungStg'), self::ERROR_TYPE_GENERAL);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@@ -517,7 +517,7 @@ class Students extends FHCAPI_Controller
|
||||
|
||||
$this->terminateWithSuccess($data);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param string $prestudent_id
|
||||
*
|
||||
|
||||
@@ -15,10 +15,7 @@ class Tags extends Tag_Controller
|
||||
'addTag' => self::BERECHTIGUNG_KURZBZ,
|
||||
'updateTag' => self::BERECHTIGUNG_KURZBZ,
|
||||
'doneTag' => self::BERECHTIGUNG_KURZBZ,
|
||||
'deleteTag' => self::BERECHTIGUNG_KURZBZ,
|
||||
/* 'updateLehre' => self::BERECHTIGUNG_KURZBZ,
|
||||
'doneLehre' => self::BERECHTIGUNG_KURZBZ,
|
||||
'deleteLehre' => self::BERECHTIGUNG_KURZBZ,*/
|
||||
'deleteTag' => self::BERECHTIGUNG_KURZBZ
|
||||
]);
|
||||
|
||||
$this->config->load('stv');
|
||||
@@ -26,12 +23,10 @@ class Tags extends Tag_Controller
|
||||
|
||||
public function getTag($readonly_tags = null)
|
||||
{
|
||||
// console.log("in this endpoint. getTags");
|
||||
parent::getTag($this->config->item('stv_prestudent_tags'));
|
||||
}
|
||||
public function getTags($tags = null)
|
||||
{
|
||||
// $this->terminateWithError(" IN TAGS.PHP ", self::ERROR_TYPE_GENERAL);
|
||||
parent::getTags($this->config->item('stv_prestudent_tags'));
|
||||
}
|
||||
public function addTag($withZuordnung = true, $updatable_tags = null)
|
||||
|
||||
Reference in New Issue
Block a user