Removed permission system from models

This commit is contained in:
Paolo
2018-03-29 12:13:08 +02:00
parent 0906f5bc85
commit d9b80b790d
16 changed files with 43 additions and 241 deletions
+2 -5
View File
@@ -11,20 +11,17 @@ class Orgform_model extends DB_Model
$this->dbTable = 'bis.tbl_orgform';
$this->pk = 'orgform_kurzbz';
}
/**
* Returns all the orgform except VBB and ZGS
*/
public function getOrgformLV()
{
// Checks rights
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$query = "SELECT *
FROM bis.tbl_orgform
WHERE orgform_kurzbz NOT IN ('VBB', 'ZGS')
ORDER BY orgform_kurzbz";
return $this->execQuery($query);
}
}
+14 -26
View File
@@ -11,15 +11,12 @@ class Akte_model extends DB_Model
$this->dbTable = 'public.tbl_akte';
$this->pk = 'akte_id';
}
/**
* getAkten
*/
public function getAkten($person_id, $dokument_kurzbz = null, $stg_kz = null, $prestudent_id = null)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$query = 'SELECT akte_id,
person_id,
dokument_kurzbz,
@@ -41,15 +38,15 @@ class Akte_model extends DB_Model
CASE WHEN inhalt is not null THEN true ELSE false END as inhalt_vorhanden
FROM public.tbl_akte
WHERE person_id = ?';
$parametersArray = array($person_id);
if (!is_null($dokument_kurzbz))
{
$query .= ' AND dokument_kurzbz = ?';
array_push($parametersArray, $dokument_kurzbz);
}
if (!is_null($stg_kz) && !is_null($prestudent_id))
{
$query .= ' AND dokument_kurzbz NOT IN (
@@ -65,9 +62,9 @@ class Akte_model extends DB_Model
)';
array_push($parametersArray, $stg_kz, $prestudent_id);
}
$query .= ' ORDER BY erstelltam';
return $this->execQuery($query, $parametersArray);
}
@@ -76,9 +73,6 @@ class Akte_model extends DB_Model
*/
public function getAktenAccepted($person_id, $dokument_kurzbz = null)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$query = 'SELECT a.akte_id,
a.person_id,
a.dokument_kurzbz,
@@ -103,17 +97,17 @@ class Akte_model extends DB_Model
INNER JOIN public.tbl_prestudent p USING(person_id)
LEFT JOIN public.tbl_dokumentprestudent dp USING(prestudent_id, dokument_kurzbz)
WHERE a.person_id = ?';
$parametersArray = array($person_id);
if (!empty($dokument_kurzbz))
{
$query .= ' AND a.dokument_kurzbz = ?';
array_push($parametersArray, $dokument_kurzbz);
}
$query .= ' GROUP BY a.akte_id ORDER BY a.erstelltam';
return $this->execQuery($query, $parametersArray);
}
@@ -122,10 +116,6 @@ class Akte_model extends DB_Model
*/
public function getAktenAcceptedDms($person_id, $dokument_kurzbz = null)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
if (isError($ent = $this->isEntitled('campus.tbl_dms', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$query = 'SELECT a.akte_id,
a.person_id,
a.dokument_kurzbz,
@@ -160,17 +150,17 @@ class Akte_model extends DB_Model
INNER JOIN (SELECT dms_id, MAX(version) AS version FROM campus.tbl_dms_version GROUP BY dms_id) dvv ON (d.dms_id = dvv.dms_id)
INNER JOIN campus.tbl_dms_version dv ON (dv.dms_id = dvv.dms_id AND dv.version = dvv.version)
WHERE a.person_id = ?';
$parametersArray = array($person_id);
if (!empty($dokument_kurzbz))
{
$query .= ' AND a.dokument_kurzbz = ?';
array_push($parametersArray, $dokument_kurzbz);
}
$query .= ' GROUP BY a.akte_id, d.dms_id, dv.dms_id, dv.version ORDER BY a.erstelltam';
return $this->execQuery($query, $parametersArray);
}
@@ -183,8 +173,6 @@ class Akte_model extends DB_Model
*/
public function getAktenWithDokInfo($person_id, $dokument_kurzbz = null, $nachgereicht = null)
{
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$this->addSelect('public.tbl_akte.*, bezeichnung_mehrsprachig, dokumentbeschreibung_mehrsprachig, public.tbl_dokument.bezeichnung as dokument_bezeichnung, bis.tbl_nation.*, ausstellungsdetails');
$this->addJoin('public.tbl_dokument', 'dokument_kurzbz');
$this->addJoin('bis.tbl_nation', 'ausstellungsnation = nation_code', 'LEFT');
@@ -11,17 +11,14 @@ class Dokumentprestudent_model extends DB_Model
$this->dbTable = 'public.tbl_dokumentprestudent';
$this->pk = array('prestudent_id', 'dokument_kurzbz');
}
/**
* setAccepted
*/
public function setAccepted($prestudent_id, $studiengang_kz)
{
if (isError($ent = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$result = null;
if (is_numeric($prestudent_id) && is_numeric($studiengang_kz))
{
$query = 'INSERT INTO public.tbl_dokumentprestudent (dokument_kurzbz, prestudent_id, insertamum) (
@@ -37,23 +34,20 @@ class Dokumentprestudent_model extends DB_Model
AND p.prestudent_id = ?
AND ds.studiengang_kz = ?
)';
$result = $this->execQuery($query, array($prestudent_id, $studiengang_kz));
}
return $result;
}
/**
* setAcceptedDocuments
*/
public function setAcceptedDocuments($prestudent_id, $dokument_kurzbz)
{
if (isError($ent = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$result = null;
if (is_numeric($prestudent_id) && is_array($dokument_kurzbz) && count($dokument_kurzbz) > 0)
{
$query = 'INSERT INTO public.tbl_dokumentprestudent (dokument_kurzbz, prestudent_id, insertamum) (
@@ -68,10 +62,10 @@ class Dokumentprestudent_model extends DB_Model
WHERE prestudent_id = ?
)
)';
$result = $this->execQuery($query, array($prestudent_id, $dokument_kurzbz, $prestudent_id));
}
return $result;
}
}
@@ -11,19 +11,16 @@ class Dokumentstudiengang_model extends DB_Model
$this->dbTable = 'public.tbl_dokumentstudiengang';
$this->pk = array('studiengang_kz', 'dokument_kurzbz');
}
/**
* getDokumentstudiengangByStudiengang_kz
*/
public function getDokumentstudiengangByStudiengang_kz($studiengang_kz, $onlinebewerbung = null, $pflicht = null, $nachreichbar = null)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_dokument', 's', FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$this->addJoin('public.tbl_dokument', 'dokument_kurzbz');
$parameterArray = array('studiengang_kz' => $studiengang_kz);
if( isset($onlinebewerbung))
{
$parameterArray['onlinebewerbung'] = $onlinebewerbung;
@@ -33,12 +30,12 @@ class Dokumentstudiengang_model extends DB_Model
{
$parameterArray['pflicht'] = $pflicht;
}
if( isset($nachreichbar))
{
$parameterArray['nachreichbar'] = $nachreichbar;
}
return $this->loadWhere($parameterArray);
}
}
@@ -17,12 +17,6 @@ class Prestudent_model extends DB_Model
*/
public function getLastStatuses($person_id, $studiensemester_kurzbz = null, $studiengang_kz = null, $status_kurzbz = null)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
if (isError($ent = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$query = 'SELECT *
FROM public.tbl_prestudent p
JOIN (
@@ -87,8 +81,6 @@ class Prestudent_model extends DB_Model
$studiengang = null, $studiensemester = null, $gruppe = null, $reihungstest = null, $stufe = null
)
{
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$this->addSelect(
'p.person_id,
prestudent_id,
@@ -18,12 +18,6 @@ class Prestudentstatus_model extends DB_Model
*/
public function getLastStatus($prestudent_id, $studiensemester_kurzbz = '', $status_kurzbz = '')
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
if (isError($ent = $this->isEntitled('lehre.tbl_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$query = 'SELECT tbl_prestudentstatus.*,
bezeichnung AS studienplan_bezeichnung,
tbl_studienplan.orgform_kurzbz as orgform,
@@ -59,8 +53,6 @@ class Prestudentstatus_model extends DB_Model
*/
public function updateStufe($prestudentIdArray, $stufe)
{
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
return $this->execQuery(
'UPDATE public.tbl_prestudentstatus
SET rt_stufe = ?
@@ -85,10 +77,6 @@ class Prestudentstatus_model extends DB_Model
*/
public function getStatusByFilter($prestudent_id, $status_kurzbz = '', $ausbildungssemester = '', $studiensemester_kurzbz = '')
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$query = '
SELECT
tbl_prestudentstatus.*
@@ -17,11 +17,6 @@ class Studiengang_model extends DB_Model
*/
public function getAllForBewerbung()
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
if (isError($ent = $this->isEntitled('bis.tbl_lgartcode', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
if (isError($ent = $this->isEntitled('lehre.vw_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$allForBewerbungQuery = 'SELECT DISTINCT studiengang_kz,
typ,
organisationseinheittyp_kurzbz,
@@ -103,8 +98,6 @@ class Studiengang_model extends DB_Model
*/
public function getStudienplan($studiensemester_kurzbz, $ausbildungssemester, $aktiv, $onlinebewerbung)
{
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
// Join table public.tbl_studiengang with table lehre.tbl_studienordnung on column studiengang_kz
$this->addJoin('lehre.tbl_studienordnung', 'studiengang_kz');
// Then join with table lehre.tbl_studienplan on column studienordnung_id
@@ -140,8 +133,6 @@ class Studiengang_model extends DB_Model
*/
public function getStudiengangBewerbung($oe_kurzbz = null)
{
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
// Join table public.tbl_studiengang with table lehre.tbl_studienordnung on column studiengang_kz
$this->addJoin('lehre.tbl_studienordnung', 'studiengang_kz');
// Join table lehre.tbl_studienordnung with table lehre.tbl_akadgrad on column akadgrad_id
@@ -213,8 +204,6 @@ class Studiengang_model extends DB_Model
*/
public function getAppliedStudiengang($person_id, $studiensemester_kurzbz, $titel)
{
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
// Then join with table public.tbl_prestudent
$this->addJoin('public.tbl_prestudent', 'studiengang_kz');
// Join table public.tbl_prestudentstatus
@@ -262,8 +251,6 @@ class Studiengang_model extends DB_Model
*/
public function getAppliedStudiengangFromNow($person_id, $titel)
{
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
// Then join with table public.tbl_prestudent
$this->addJoin('public.tbl_prestudent', 'studiengang_kz');
// Join table public.tbl_prestudentstatus
@@ -315,8 +302,6 @@ class Studiengang_model extends DB_Model
*/
public function getAppliedStudiengangFromNowOE($person_id, $titel, $oe_kurzbz)
{
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
// Then join with table public.tbl_prestudent
$this->addJoin('public.tbl_prestudent', 'studiengang_kz');
// Join table public.tbl_prestudentstatus
@@ -381,17 +366,6 @@ class Studiengang_model extends DB_Model
*/
public function getAvailableReihungstestByPersonId($person_id)
{
if (isError($ent = $this->isEntitled('lehre.tbl_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_reihungstest', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('lehre.tbl_studienordnung', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$this->addJoin('lehre.tbl_studienordnung', 'studiengang_kz');
$this->addJoin('lehre.tbl_studienplan', 'studienordnung_id');
@@ -12,37 +12,31 @@ class Studiensemester_model extends DB_Model
$this->pk = 'studiensemester_kurzbz';
$this->hasSequence = false;
}
/**
* getLastOrAktSemester
*/
public function getLastOrAktSemester($days = 60)
{
// Checks rights
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
if (!is_numeric($days))
{
$days = 60;
}
$query = 'SELECT studiensemester_kurzbz
FROM public.tbl_studiensemester
WHERE start < NOW() - \'' . $days . ' DAYS\'::INTERVAL
ORDER BY start DESC
LIMIT 1';
return $this->execQuery($query);
}
/**
* getNextFrom
*/
public function getNextFrom($studiensemester_kurzbz)
{
// Checks rights
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$query = 'SELECT studiensemester_kurzbz,
start,
ende
@@ -54,24 +48,20 @@ class Studiensemester_model extends DB_Model
)
ORDER BY start
LIMIT 1';
return $this->execQuery($query, array($studiensemester_kurzbz));
}
/**
* getNearest
*/
public function getNearest($semester = '')
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.vw_studiensemester', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$query = 'SELECT studiensemester_kurzbz,
start,
ende
FROM public.vw_studiensemester';
if (is_numeric($semester))
{
if ($semester % 2 == 0)
@@ -85,9 +75,9 @@ class Studiensemester_model extends DB_Model
$query .= ' WHERE SUBSTRING(studiensemester_kurzbz FROM 1 FOR 2) = \'' . $ss . '\'';
}
$query .= ' ORDER BY delta LIMIT 1';
return $this->execQuery($query);
}
}
@@ -27,17 +27,6 @@ class Person_model extends DB_Model
*/
public function checkBewerbung($email, $studiensemester_kurzbz = null)
{
if (isError($ent = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_benutzer', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$checkBewerbungQuery = '';
$parametersArray = array($email, $email, $email);
@@ -103,12 +92,6 @@ class Person_model extends DB_Model
*/
public function getPersonFromStatus($status_kurzbz, $von, $bis)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$this->addJoin('public.tbl_prestudent', 'person_id');
$result = $this->loadTree(
@@ -17,8 +17,6 @@ class Extensions_model extends DB_Model
*/
public function getDependencies($dependencies)
{
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
return $this->execQuery(
'SELECT *
FROM '.$this->dbTable.'
@@ -49,8 +47,6 @@ class Extensions_model extends DB_Model
*/
public function executeQuery($sql)
{
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
return $this->execQuery($sql);
}
}
+1 -19
View File
@@ -19,14 +19,6 @@ class Message_model extends DB_Model
*/
public function getMessagesByPerson($person_id, $oe_kurzbz, $all)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$sql = 'SELECT m.message_id,
m.person_id,
m.subject,
@@ -93,16 +85,6 @@ class Message_model extends DB_Model
*/
public function getMessagesOfPerson($person_id, $status = null)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$sql = 'SELECT m.message_id,
m.person_id,
m.subject,
@@ -129,7 +111,7 @@ class Message_model extends DB_Model
s.statusinfo,
s.insertamum AS statusamum
FROM public.tbl_msg_message m
JOIN public.tbl_msg_recipient r ON m.message_id = r.message_id
JOIN public.tbl_msg_recipient r ON m.message_id = r.message_id
JOIN public.tbl_person se ON (m.person_id = se.person_id)
JOIN public.tbl_person re ON (r.person_id = re.person_id)
LEFT JOIN (
@@ -42,11 +42,6 @@ class PersonLog_model extends CI_Model
*/
public function getLastLog($person_id, $taetigkeit_kurzbz = null, $app = null, $oe_kurzbz = null)
{
// Check Permissions
$this->load->library('PermissionLib');
if(!$this->permissionlib->isEntitled('system.tbl_log',PermissionLib::SELECT_RIGHT))
show_error('Permission denied - You need Access to system.tbl_log');
$this->db->order_by('zeitpunkt', 'DESC');
$this->db->order_by('log_id', 'DESC');
$this->db->limit(1);
@@ -72,11 +67,6 @@ class PersonLog_model extends CI_Model
*/
public function filterLog($person_id, $taetigkeit_kurzbz = null, $app = null, $oe_kurzbz = null)
{
// Check Permissions
$this->load->library('PermissionLib');
if(!$this->permissionlib->isEntitled('system.tbl_log',PermissionLib::SELECT_RIGHT))
show_error('Permission denied - You need Access to system.tbl_log');
$this->db->order_by('zeitpunkt', 'DESC');
$this->db->order_by('log_id', 'DESC');
if (!is_null($taetigkeit_kurzbz))
+2 -8
View File
@@ -17,12 +17,6 @@ class Phrase_model extends DB_Model
*/
public function getPhrases($app, $sprache, $phrase = null, $orgeinheit_kurzbz = null, $orgform_kurzbz = null)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('system.tbl_phrase', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('system.tbl_phrasentext', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$parametersArray = array('app' => $app, 'sprache' => $sprache);
$query = 'SELECT phrase,
@@ -36,7 +30,7 @@ class Phrase_model extends DB_Model
if (isset($phrase))
{
$parametersArray['phrase'] = $phrase;
if (is_array($phrase))
{
$query .= ' AND phrase IN ?';
@@ -57,7 +51,7 @@ class Phrase_model extends DB_Model
$parametersArray['orgform_kurzbz'] = $orgform_kurzbz;
$query .= ' AND orgform_kurzbz = ?';
}
return $this->execQuery($query, $parametersArray);
}
}
@@ -18,16 +18,6 @@ class Recipient_model extends DB_Model
*/
public function getMessage($message_id, $person_id)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$query = 'SELECT mr.message_id,
mr.person_id,
mm.subject,
@@ -55,14 +45,6 @@ class Recipient_model extends DB_Model
*/
public function getMessageByToken($token)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$sql = 'SELECT r.message_id,
m.person_id as sender_id,
r.person_id as receiver_id,
@@ -89,16 +71,6 @@ class Recipient_model extends DB_Model
*/
public function getMessagesByPerson($person_id, $oe_kurzbz, $all)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$sql = 'SELECT DISTINCT ON (r.message_id) r.message_id,
m.person_id,
m.subject,
@@ -166,21 +138,6 @@ class Recipient_model extends DB_Model
*/
public function getMessagesByUID($uid, $oe_kurzbz, $all)
{
// Checks if the operation is permitted by the API caller
// TODO: Define the special right for reading own messages 'basis/message:own'
// if same user
if ($uid === getAuthUID())
{
if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
}
// if different user, for reading messages from other users
else
{
if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
}
// get Data
$sql = 'SELECT DISTINCT ON (r.message_id) r.message_id,
m.person_id,
@@ -249,14 +206,6 @@ class Recipient_model extends DB_Model
*/
public function getMessages($kontaktType, $sent, $limit = null, $message_id = null)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$query = 'SELECT mm.message_id,
ks.kontakt as sender,
kr.kontakt as receiver,
@@ -321,12 +270,6 @@ class Recipient_model extends DB_Model
*/
public function getCountUnreadMessages($person_id, $oe_kurzbz)
{
// Checks if the operation is permitted by the API caller
if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
if (isError($ent = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR)))
return $ent;
$sql = 'SELECT COUNT(r.message_id) AS unreadMessages
FROM public.tbl_msg_recipient r
JOIN public.tbl_msg_status s ON (r.message_id = s.message_id AND r.person_id = s.person_id)
+1 -4
View File
@@ -17,11 +17,8 @@ class Vorlage_model extends DB_Model
*/
public function getMimeTypes()
{
// Checks rights
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$query = 'SELECT DISTINCT mimetype FROM public.tbl_vorlage ORDER BY mimetype';
return $this->execQuery($query);
}
}
@@ -17,9 +17,6 @@ class Vorlagedokument_model extends DB_Model
*/
public function loadDokumenteFromVorlagestudiengang($vorlagestudiengang_id)
{
// Checks rights
if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent;
$qry = 'SELECT vorlagedokument_id,
sort,
vorlagestudiengang_id,
@@ -29,7 +26,7 @@ class Vorlagedokument_model extends DB_Model
JOIN public.tbl_dokument USING(dokument_kurzbz)
WHERE vorlagestudiengang_id = ?
ORDER BY sort ASC';
return $this->execQuery($qry, array($vorlagestudiengang_id));
}
}