diff --git a/application/models/codex/Orgform_model.php b/application/models/codex/Orgform_model.php index 69a9d6b0d..0de30f1db 100644 --- a/application/models/codex/Orgform_model.php +++ b/application/models/codex/Orgform_model.php @@ -11,20 +11,17 @@ class Orgform_model extends DB_Model $this->dbTable = 'bis.tbl_orgform'; $this->pk = 'orgform_kurzbz'; } - + /** * Returns all the orgform except VBB and ZGS */ public function getOrgformLV() { - // Checks rights - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $query = "SELECT * FROM bis.tbl_orgform WHERE orgform_kurzbz NOT IN ('VBB', 'ZGS') ORDER BY orgform_kurzbz"; - + return $this->execQuery($query); } } diff --git a/application/models/crm/Akte_model.php b/application/models/crm/Akte_model.php index 8eba43521..a0df680de 100644 --- a/application/models/crm/Akte_model.php +++ b/application/models/crm/Akte_model.php @@ -11,15 +11,12 @@ class Akte_model extends DB_Model $this->dbTable = 'public.tbl_akte'; $this->pk = 'akte_id'; } - + /** * getAkten */ public function getAkten($person_id, $dokument_kurzbz = null, $stg_kz = null, $prestudent_id = null) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $query = 'SELECT akte_id, person_id, dokument_kurzbz, @@ -41,15 +38,15 @@ class Akte_model extends DB_Model CASE WHEN inhalt is not null THEN true ELSE false END as inhalt_vorhanden FROM public.tbl_akte WHERE person_id = ?'; - + $parametersArray = array($person_id); - + if (!is_null($dokument_kurzbz)) { $query .= ' AND dokument_kurzbz = ?'; array_push($parametersArray, $dokument_kurzbz); } - + if (!is_null($stg_kz) && !is_null($prestudent_id)) { $query .= ' AND dokument_kurzbz NOT IN ( @@ -65,9 +62,9 @@ class Akte_model extends DB_Model )'; array_push($parametersArray, $stg_kz, $prestudent_id); } - + $query .= ' ORDER BY erstelltam'; - + return $this->execQuery($query, $parametersArray); } @@ -76,9 +73,6 @@ class Akte_model extends DB_Model */ public function getAktenAccepted($person_id, $dokument_kurzbz = null) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $query = 'SELECT a.akte_id, a.person_id, a.dokument_kurzbz, @@ -103,17 +97,17 @@ class Akte_model extends DB_Model INNER JOIN public.tbl_prestudent p USING(person_id) LEFT JOIN public.tbl_dokumentprestudent dp USING(prestudent_id, dokument_kurzbz) WHERE a.person_id = ?'; - + $parametersArray = array($person_id); - + if (!empty($dokument_kurzbz)) { $query .= ' AND a.dokument_kurzbz = ?'; array_push($parametersArray, $dokument_kurzbz); } - + $query .= ' GROUP BY a.akte_id ORDER BY a.erstelltam'; - + return $this->execQuery($query, $parametersArray); } @@ -122,10 +116,6 @@ class Akte_model extends DB_Model */ public function getAktenAcceptedDms($person_id, $dokument_kurzbz = null) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - if (isError($ent = $this->isEntitled('campus.tbl_dms', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $query = 'SELECT a.akte_id, a.person_id, a.dokument_kurzbz, @@ -160,17 +150,17 @@ class Akte_model extends DB_Model INNER JOIN (SELECT dms_id, MAX(version) AS version FROM campus.tbl_dms_version GROUP BY dms_id) dvv ON (d.dms_id = dvv.dms_id) INNER JOIN campus.tbl_dms_version dv ON (dv.dms_id = dvv.dms_id AND dv.version = dvv.version) WHERE a.person_id = ?'; - + $parametersArray = array($person_id); - + if (!empty($dokument_kurzbz)) { $query .= ' AND a.dokument_kurzbz = ?'; array_push($parametersArray, $dokument_kurzbz); } - + $query .= ' GROUP BY a.akte_id, d.dms_id, dv.dms_id, dv.version ORDER BY a.erstelltam'; - + return $this->execQuery($query, $parametersArray); } @@ -183,8 +173,6 @@ class Akte_model extends DB_Model */ public function getAktenWithDokInfo($person_id, $dokument_kurzbz = null, $nachgereicht = null) { - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $this->addSelect('public.tbl_akte.*, bezeichnung_mehrsprachig, dokumentbeschreibung_mehrsprachig, public.tbl_dokument.bezeichnung as dokument_bezeichnung, bis.tbl_nation.*, ausstellungsdetails'); $this->addJoin('public.tbl_dokument', 'dokument_kurzbz'); $this->addJoin('bis.tbl_nation', 'ausstellungsnation = nation_code', 'LEFT'); diff --git a/application/models/crm/Dokumentprestudent_model.php b/application/models/crm/Dokumentprestudent_model.php index 001df404b..ab4764479 100644 --- a/application/models/crm/Dokumentprestudent_model.php +++ b/application/models/crm/Dokumentprestudent_model.php @@ -11,17 +11,14 @@ class Dokumentprestudent_model extends DB_Model $this->dbTable = 'public.tbl_dokumentprestudent'; $this->pk = array('prestudent_id', 'dokument_kurzbz'); } - + /** * setAccepted */ public function setAccepted($prestudent_id, $studiengang_kz) { - if (isError($ent = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $result = null; - + if (is_numeric($prestudent_id) && is_numeric($studiengang_kz)) { $query = 'INSERT INTO public.tbl_dokumentprestudent (dokument_kurzbz, prestudent_id, insertamum) ( @@ -37,23 +34,20 @@ class Dokumentprestudent_model extends DB_Model AND p.prestudent_id = ? AND ds.studiengang_kz = ? )'; - + $result = $this->execQuery($query, array($prestudent_id, $studiengang_kz)); } - + return $result; } - + /** * setAcceptedDocuments */ public function setAcceptedDocuments($prestudent_id, $dokument_kurzbz) { - if (isError($ent = $this->isEntitled('public.tbl_dokumentprestudent', PermissionLib::INSERT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $result = null; - + if (is_numeric($prestudent_id) && is_array($dokument_kurzbz) && count($dokument_kurzbz) > 0) { $query = 'INSERT INTO public.tbl_dokumentprestudent (dokument_kurzbz, prestudent_id, insertamum) ( @@ -68,10 +62,10 @@ class Dokumentprestudent_model extends DB_Model WHERE prestudent_id = ? ) )'; - + $result = $this->execQuery($query, array($prestudent_id, $dokument_kurzbz, $prestudent_id)); } - + return $result; } } diff --git a/application/models/crm/Dokumentstudiengang_model.php b/application/models/crm/Dokumentstudiengang_model.php index 697920409..67b546811 100644 --- a/application/models/crm/Dokumentstudiengang_model.php +++ b/application/models/crm/Dokumentstudiengang_model.php @@ -11,19 +11,16 @@ class Dokumentstudiengang_model extends DB_Model $this->dbTable = 'public.tbl_dokumentstudiengang'; $this->pk = array('studiengang_kz', 'dokument_kurzbz'); } - + /** * getDokumentstudiengangByStudiengang_kz */ public function getDokumentstudiengangByStudiengang_kz($studiengang_kz, $onlinebewerbung = null, $pflicht = null, $nachreichbar = null) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_dokument', 's', FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $this->addJoin('public.tbl_dokument', 'dokument_kurzbz'); - + $parameterArray = array('studiengang_kz' => $studiengang_kz); - + if( isset($onlinebewerbung)) { $parameterArray['onlinebewerbung'] = $onlinebewerbung; @@ -33,12 +30,12 @@ class Dokumentstudiengang_model extends DB_Model { $parameterArray['pflicht'] = $pflicht; } - + if( isset($nachreichbar)) { $parameterArray['nachreichbar'] = $nachreichbar; } - + return $this->loadWhere($parameterArray); } } diff --git a/application/models/crm/Prestudent_model.php b/application/models/crm/Prestudent_model.php index 2051c1666..d7a46e7c5 100644 --- a/application/models/crm/Prestudent_model.php +++ b/application/models/crm/Prestudent_model.php @@ -17,12 +17,6 @@ class Prestudent_model extends DB_Model */ public function getLastStatuses($person_id, $studiensemester_kurzbz = null, $studiengang_kz = null, $status_kurzbz = null) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - if (isError($ent = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $query = 'SELECT * FROM public.tbl_prestudent p JOIN ( @@ -87,8 +81,6 @@ class Prestudent_model extends DB_Model $studiengang = null, $studiensemester = null, $gruppe = null, $reihungstest = null, $stufe = null ) { - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $this->addSelect( 'p.person_id, prestudent_id, diff --git a/application/models/crm/Prestudentstatus_model.php b/application/models/crm/Prestudentstatus_model.php index 27f09289a..9948b3509 100644 --- a/application/models/crm/Prestudentstatus_model.php +++ b/application/models/crm/Prestudentstatus_model.php @@ -18,12 +18,6 @@ class Prestudentstatus_model extends DB_Model */ public function getLastStatus($prestudent_id, $studiensemester_kurzbz = '', $status_kurzbz = '') { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - if (isError($ent = $this->isEntitled('lehre.tbl_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $query = 'SELECT tbl_prestudentstatus.*, bezeichnung AS studienplan_bezeichnung, tbl_studienplan.orgform_kurzbz as orgform, @@ -59,8 +53,6 @@ class Prestudentstatus_model extends DB_Model */ public function updateStufe($prestudentIdArray, $stufe) { - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - return $this->execQuery( 'UPDATE public.tbl_prestudentstatus SET rt_stufe = ? @@ -85,10 +77,6 @@ class Prestudentstatus_model extends DB_Model */ public function getStatusByFilter($prestudent_id, $status_kurzbz = '', $ausbildungssemester = '', $studiensemester_kurzbz = '') { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $query = ' SELECT tbl_prestudentstatus.* diff --git a/application/models/organisation/Studiengang_model.php b/application/models/organisation/Studiengang_model.php index a091c9059..af790c831 100644 --- a/application/models/organisation/Studiengang_model.php +++ b/application/models/organisation/Studiengang_model.php @@ -17,11 +17,6 @@ class Studiengang_model extends DB_Model */ public function getAllForBewerbung() { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - if (isError($ent = $this->isEntitled('bis.tbl_lgartcode', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - if (isError($ent = $this->isEntitled('lehre.vw_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $allForBewerbungQuery = 'SELECT DISTINCT studiengang_kz, typ, organisationseinheittyp_kurzbz, @@ -103,8 +98,6 @@ class Studiengang_model extends DB_Model */ public function getStudienplan($studiensemester_kurzbz, $ausbildungssemester, $aktiv, $onlinebewerbung) { - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - // Join table public.tbl_studiengang with table lehre.tbl_studienordnung on column studiengang_kz $this->addJoin('lehre.tbl_studienordnung', 'studiengang_kz'); // Then join with table lehre.tbl_studienplan on column studienordnung_id @@ -140,8 +133,6 @@ class Studiengang_model extends DB_Model */ public function getStudiengangBewerbung($oe_kurzbz = null) { - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - // Join table public.tbl_studiengang with table lehre.tbl_studienordnung on column studiengang_kz $this->addJoin('lehre.tbl_studienordnung', 'studiengang_kz'); // Join table lehre.tbl_studienordnung with table lehre.tbl_akadgrad on column akadgrad_id @@ -213,8 +204,6 @@ class Studiengang_model extends DB_Model */ public function getAppliedStudiengang($person_id, $studiensemester_kurzbz, $titel) { - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - // Then join with table public.tbl_prestudent $this->addJoin('public.tbl_prestudent', 'studiengang_kz'); // Join table public.tbl_prestudentstatus @@ -262,8 +251,6 @@ class Studiengang_model extends DB_Model */ public function getAppliedStudiengangFromNow($person_id, $titel) { - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - // Then join with table public.tbl_prestudent $this->addJoin('public.tbl_prestudent', 'studiengang_kz'); // Join table public.tbl_prestudentstatus @@ -315,8 +302,6 @@ class Studiengang_model extends DB_Model */ public function getAppliedStudiengangFromNowOE($person_id, $titel, $oe_kurzbz) { - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - // Then join with table public.tbl_prestudent $this->addJoin('public.tbl_prestudent', 'studiengang_kz'); // Join table public.tbl_prestudentstatus @@ -381,17 +366,6 @@ class Studiengang_model extends DB_Model */ public function getAvailableReihungstestByPersonId($person_id) { - if (isError($ent = $this->isEntitled('lehre.tbl_studienplan', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_reihungstest', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('lehre.tbl_studienordnung', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $this->addJoin('lehre.tbl_studienordnung', 'studiengang_kz'); $this->addJoin('lehre.tbl_studienplan', 'studienordnung_id'); diff --git a/application/models/organisation/Studiensemester_model.php b/application/models/organisation/Studiensemester_model.php index e3c1261ca..cb693144d 100644 --- a/application/models/organisation/Studiensemester_model.php +++ b/application/models/organisation/Studiensemester_model.php @@ -12,37 +12,31 @@ class Studiensemester_model extends DB_Model $this->pk = 'studiensemester_kurzbz'; $this->hasSequence = false; } - + /** * getLastOrAktSemester */ public function getLastOrAktSemester($days = 60) { - // Checks rights - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - if (!is_numeric($days)) { $days = 60; } - + $query = 'SELECT studiensemester_kurzbz FROM public.tbl_studiensemester WHERE start < NOW() - \'' . $days . ' DAYS\'::INTERVAL ORDER BY start DESC LIMIT 1'; - + return $this->execQuery($query); } - + /** * getNextFrom */ public function getNextFrom($studiensemester_kurzbz) { - // Checks rights - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $query = 'SELECT studiensemester_kurzbz, start, ende @@ -54,24 +48,20 @@ class Studiensemester_model extends DB_Model ) ORDER BY start LIMIT 1'; - + return $this->execQuery($query, array($studiensemester_kurzbz)); } - + /** * getNearest */ public function getNearest($semester = '') { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.vw_studiensemester', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $query = 'SELECT studiensemester_kurzbz, start, ende FROM public.vw_studiensemester'; - + if (is_numeric($semester)) { if ($semester % 2 == 0) @@ -85,9 +75,9 @@ class Studiensemester_model extends DB_Model $query .= ' WHERE SUBSTRING(studiensemester_kurzbz FROM 1 FOR 2) = \'' . $ss . '\''; } - + $query .= ' ORDER BY delta LIMIT 1'; - + return $this->execQuery($query); } } diff --git a/application/models/person/Person_model.php b/application/models/person/Person_model.php index 0c7c169bb..3ec1ccd1c 100644 --- a/application/models/person/Person_model.php +++ b/application/models/person/Person_model.php @@ -27,17 +27,6 @@ class Person_model extends DB_Model */ public function checkBewerbung($email, $studiensemester_kurzbz = null) { - if (isError($ent = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_benutzer', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $checkBewerbungQuery = ''; $parametersArray = array($email, $email, $email); @@ -103,12 +92,6 @@ class Person_model extends DB_Model */ public function getPersonFromStatus($status_kurzbz, $von, $bis) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_prestudent', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_prestudentstatus', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $this->addJoin('public.tbl_prestudent', 'person_id'); $result = $this->loadTree( diff --git a/application/models/system/Extensions_model.php b/application/models/system/Extensions_model.php index c93817040..bdcbfa4d6 100644 --- a/application/models/system/Extensions_model.php +++ b/application/models/system/Extensions_model.php @@ -17,8 +17,6 @@ class Extensions_model extends DB_Model */ public function getDependencies($dependencies) { - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - return $this->execQuery( 'SELECT * FROM '.$this->dbTable.' @@ -49,8 +47,6 @@ class Extensions_model extends DB_Model */ public function executeQuery($sql) { - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - return $this->execQuery($sql); } } diff --git a/application/models/system/Message_model.php b/application/models/system/Message_model.php index 80a2b35ad..764c3ae14 100644 --- a/application/models/system/Message_model.php +++ b/application/models/system/Message_model.php @@ -19,14 +19,6 @@ class Message_model extends DB_Model */ public function getMessagesByPerson($person_id, $oe_kurzbz, $all) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $sql = 'SELECT m.message_id, m.person_id, m.subject, @@ -93,16 +85,6 @@ class Message_model extends DB_Model */ public function getMessagesOfPerson($person_id, $status = null) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $sql = 'SELECT m.message_id, m.person_id, m.subject, @@ -129,7 +111,7 @@ class Message_model extends DB_Model s.statusinfo, s.insertamum AS statusamum FROM public.tbl_msg_message m - JOIN public.tbl_msg_recipient r ON m.message_id = r.message_id + JOIN public.tbl_msg_recipient r ON m.message_id = r.message_id JOIN public.tbl_person se ON (m.person_id = se.person_id) JOIN public.tbl_person re ON (r.person_id = re.person_id) LEFT JOIN ( diff --git a/application/models/system/PersonLog_model.php b/application/models/system/PersonLog_model.php index 02f52008c..95863ea57 100644 --- a/application/models/system/PersonLog_model.php +++ b/application/models/system/PersonLog_model.php @@ -42,11 +42,6 @@ class PersonLog_model extends CI_Model */ public function getLastLog($person_id, $taetigkeit_kurzbz = null, $app = null, $oe_kurzbz = null) { - // Check Permissions - $this->load->library('PermissionLib'); - if(!$this->permissionlib->isEntitled('system.tbl_log',PermissionLib::SELECT_RIGHT)) - show_error('Permission denied - You need Access to system.tbl_log'); - $this->db->order_by('zeitpunkt', 'DESC'); $this->db->order_by('log_id', 'DESC'); $this->db->limit(1); @@ -72,11 +67,6 @@ class PersonLog_model extends CI_Model */ public function filterLog($person_id, $taetigkeit_kurzbz = null, $app = null, $oe_kurzbz = null) { - // Check Permissions - $this->load->library('PermissionLib'); - if(!$this->permissionlib->isEntitled('system.tbl_log',PermissionLib::SELECT_RIGHT)) - show_error('Permission denied - You need Access to system.tbl_log'); - $this->db->order_by('zeitpunkt', 'DESC'); $this->db->order_by('log_id', 'DESC'); if (!is_null($taetigkeit_kurzbz)) diff --git a/application/models/system/Phrase_model.php b/application/models/system/Phrase_model.php index 775940a0c..d79539995 100644 --- a/application/models/system/Phrase_model.php +++ b/application/models/system/Phrase_model.php @@ -17,12 +17,6 @@ class Phrase_model extends DB_Model */ public function getPhrases($app, $sprache, $phrase = null, $orgeinheit_kurzbz = null, $orgform_kurzbz = null) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('system.tbl_phrase', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('system.tbl_phrasentext', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $parametersArray = array('app' => $app, 'sprache' => $sprache); $query = 'SELECT phrase, @@ -36,7 +30,7 @@ class Phrase_model extends DB_Model if (isset($phrase)) { $parametersArray['phrase'] = $phrase; - + if (is_array($phrase)) { $query .= ' AND phrase IN ?'; @@ -57,7 +51,7 @@ class Phrase_model extends DB_Model $parametersArray['orgform_kurzbz'] = $orgform_kurzbz; $query .= ' AND orgform_kurzbz = ?'; } - + return $this->execQuery($query, $parametersArray); } } diff --git a/application/models/system/Recipient_model.php b/application/models/system/Recipient_model.php index b9e170fbf..7289c3055 100644 --- a/application/models/system/Recipient_model.php +++ b/application/models/system/Recipient_model.php @@ -18,16 +18,6 @@ class Recipient_model extends DB_Model */ public function getMessage($message_id, $person_id) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $query = 'SELECT mr.message_id, mr.person_id, mm.subject, @@ -55,14 +45,6 @@ class Recipient_model extends DB_Model */ public function getMessageByToken($token) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $sql = 'SELECT r.message_id, m.person_id as sender_id, r.person_id as receiver_id, @@ -89,16 +71,6 @@ class Recipient_model extends DB_Model */ public function getMessagesByPerson($person_id, $oe_kurzbz, $all) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_person', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $sql = 'SELECT DISTINCT ON (r.message_id) r.message_id, m.person_id, m.subject, @@ -166,21 +138,6 @@ class Recipient_model extends DB_Model */ public function getMessagesByUID($uid, $oe_kurzbz, $all) { - // Checks if the operation is permitted by the API caller - // TODO: Define the special right for reading own messages 'basis/message:own' - // if same user - if ($uid === getAuthUID()) - { - if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - } - // if different user, for reading messages from other users - else - { - if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - } - // get Data $sql = 'SELECT DISTINCT ON (r.message_id) r.message_id, m.person_id, @@ -249,14 +206,6 @@ class Recipient_model extends DB_Model */ public function getMessages($kontaktType, $sent, $limit = null, $message_id = null) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_message', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_kontakt', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $query = 'SELECT mm.message_id, ks.kontakt as sender, kr.kontakt as receiver, @@ -321,12 +270,6 @@ class Recipient_model extends DB_Model */ public function getCountUnreadMessages($person_id, $oe_kurzbz) { - // Checks if the operation is permitted by the API caller - if (isError($ent = $this->isEntitled('public.tbl_msg_recipient', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - if (isError($ent = $this->isEntitled('public.tbl_msg_status', PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) - return $ent; - $sql = 'SELECT COUNT(r.message_id) AS unreadMessages FROM public.tbl_msg_recipient r JOIN public.tbl_msg_status s ON (r.message_id = s.message_id AND r.person_id = s.person_id) diff --git a/application/models/system/Vorlage_model.php b/application/models/system/Vorlage_model.php index 380f26b99..8022e71fc 100644 --- a/application/models/system/Vorlage_model.php +++ b/application/models/system/Vorlage_model.php @@ -17,11 +17,8 @@ class Vorlage_model extends DB_Model */ public function getMimeTypes() { - // Checks rights - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $query = 'SELECT DISTINCT mimetype FROM public.tbl_vorlage ORDER BY mimetype'; - + return $this->execQuery($query); } } diff --git a/application/models/system/Vorlagedokument_model.php b/application/models/system/Vorlagedokument_model.php index e557d6e4d..1a61cf8c7 100644 --- a/application/models/system/Vorlagedokument_model.php +++ b/application/models/system/Vorlagedokument_model.php @@ -17,9 +17,6 @@ class Vorlagedokument_model extends DB_Model */ public function loadDokumenteFromVorlagestudiengang($vorlagestudiengang_id) { - // Checks rights - if (isError($ent = $this->isEntitled($this->dbTable, PermissionLib::SELECT_RIGHT, FHC_NORIGHT, FHC_MODEL_ERROR))) return $ent; - $qry = 'SELECT vorlagedokument_id, sort, vorlagestudiengang_id, @@ -29,7 +26,7 @@ class Vorlagedokument_model extends DB_Model JOIN public.tbl_dokument USING(dokument_kurzbz) WHERE vorlagestudiengang_id = ? ORDER BY sort ASC'; - + return $this->execQuery($qry, array($vorlagestudiengang_id)); } }