From 531fae8ab5834946e1b68eb4de061943502dcc9b Mon Sep 17 00:00:00 2001 From: Alexei Karpenko Date: Sat, 23 Aug 2025 16:46:26 +0200 Subject: [PATCH 1/2] enabled filling out UHSTAT1 form for logged in students --- application/controllers/codex/UHSTAT1.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/application/controllers/codex/UHSTAT1.php b/application/controllers/codex/UHSTAT1.php index ff59ef41a..c290b098a 100644 --- a/application/controllers/codex/UHSTAT1.php +++ b/application/controllers/codex/UHSTAT1.php @@ -34,6 +34,7 @@ class UHSTAT1 extends FHC_Controller // load models $this->load->model('codex/Oehbeitrag_model', 'OehbeitragModel'); $this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel'); + $this->load->model('crm/Student_model', 'StudentModel'); $this->load->model('system/Sprache_model', 'SpracheModel'); $this->load->model('codex/Abschluss_model', 'AbschlussModel'); $this->load->model('codex/Uhstat1daten_model', 'Uhstat1datenModel'); @@ -430,6 +431,17 @@ class UHSTAT1 extends FHC_Controller ) return $_SESSION[self::PERSON_ID_SESSION_INDEX]; + // ...check if student is successfully logged in + $loggedInPersonId = getAuthPersonId(); + if (isset($loggedInPersonId) && is_numeric($loggedInPersonId)) + { + // check if the the user is a student and if the benutzer is active + $this->StudentModel->addSelect('1'); + $this->StudentModel->addJoin("public.tbl_benutzer", "public.tbl_benutzer.uid = public.tbl_student.student_uid"); + $res = $this->StudentModel->loadWhere(["public.tbl_benutzer.person_id" => $loggedInPersonId, "public.tbl_benutzer.aktiv" => TRUE]); + if (hasData($res)) return $loggedInPersonId; + } + // if person id passed directly... $person_id = $this->input->post('person_id'); if (!isset($person_id)) $person_id = $this->input->get('person_id'); From 1d634a253048a227983c3af07558db9838fe6bfd Mon Sep 17 00:00:00 2001 From: Alexei Karpenko Date: Wed, 27 Aug 2025 16:23:58 +0200 Subject: [PATCH 2/2] uhstat form: bewerbungstool user data is loaded if there is a login, normal logged in user data otherwise. renamed methods, removed unnecessary model loads --- application/controllers/codex/UHSTAT1.php | 88 +++++++++++++++-------- application/views/codex/uhstat1.php | 6 +- 2 files changed, 63 insertions(+), 31 deletions(-) diff --git a/application/controllers/codex/UHSTAT1.php b/application/controllers/codex/UHSTAT1.php index c290b098a..60eb6695e 100644 --- a/application/controllers/codex/UHSTAT1.php +++ b/application/controllers/codex/UHSTAT1.php @@ -32,9 +32,7 @@ class UHSTAT1 extends FHC_Controller $this->load->library('PermissionLib'); // load models - $this->load->model('codex/Oehbeitrag_model', 'OehbeitragModel'); - $this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel'); - $this->load->model('crm/Student_model', 'StudentModel'); + $this->load->model('person/Benutzer_model', 'BenutzerModel'); $this->load->model('system/Sprache_model', 'SpracheModel'); $this->load->model('codex/Abschluss_model', 'AbschlussModel'); $this->load->model('codex/Uhstat1daten_model', 'Uhstat1datenModel'); @@ -105,7 +103,7 @@ class UHSTAT1 extends FHC_Controller { $saved = false; - $person_id = $this->_getValidPersonId('sui'); + $person_id = $this->_getUHSTATPersonId('sui'); $this->form_validation->set_error_delimiters('', ''); @@ -246,7 +244,7 @@ class UHSTAT1 extends FHC_Controller // uhstat data can only be deleted with permission if (!$this->_checkPermission('suid')) show_error('no permission'); - $person_id = $this->_getValidPersonId('suid'); + $person_id = $this->_getUHSTATPersonId('suid'); $uhstat1datenRes = $this->Uhstat1datenModel->delete( array('person_id' => $person_id) @@ -288,13 +286,17 @@ class UHSTAT1 extends FHC_Controller */ private function _getFormMetaData() { - $person_id = $this->_getValidPersonId('s'); + $person_id = $this->_getUHSTATPersonId('s'); // read only display param $readOnly = $this->input->get('readOnly'); - // depending on permissions, editing or deleting is possible - $editPermission = $this->_checkPermission('sui'); + // checking permissions for form + + // saving is possible if there permission or student log in (but not from application tool) + $savePermission = $this->_checkPermission('sui') || ($this->_getUserPersonId() && !$this->_getApplicationToolPersonId()); + + // deleting only possible with permission $deletePermission = $this->_checkPermission('suid'); $languageIdx = $this->_getLanguageIndex(); @@ -305,7 +307,7 @@ class UHSTAT1 extends FHC_Controller 'abschluss_nicht_oesterreich' => array(), 'jahre' => array(), 'person_id' => $person_id, - 'editPermission' => $editPermission, + 'savePermission' => $savePermission, 'deletePermission' => $deletePermission, 'readOnly' => $readOnly ); @@ -387,7 +389,7 @@ class UHSTAT1 extends FHC_Controller */ private function _getUHSTAT1Data() { - $person_id = $this->_getValidPersonId('s'); + $person_id = $this->_getUHSTATPersonId('s'); $this->Uhstat1datenModel->addSelect( implode(', ', array_keys($this->_uhstat1Fields)) @@ -418,40 +420,70 @@ class UHSTAT1 extends FHC_Controller } /** - * Gets Id of person having permissions to manage UHSTAT1 data. - * Can be passed as parameter or be in session. + * Gets Id of person, for which UHSTAT1 data is edited. + * Can be passed as parameter, id of logged in person, or be in session. + * @param berechtigungsArt type of permission (suid) * @return int person_id */ - private function _getValidPersonId($berechtigungsArt) + private function _getUHSTATPersonId($berechtigungsArt) { // if coming from bewerbungstool - person id is in session (person must be logged in bewerbungstool) + $applicationToolPersonId = $this->_getApplicationToolPersonId(); + if (isset($applicationToolPersonId) && is_numeric($applicationToolPersonId)) return $applicationToolPersonId; + + // if successfully logged in + $loggedInPersonId = $this->_getUserPersonId(); + if (isset($loggedInPersonId) && is_numeric($loggedInPersonId)) + { + // if person id passed directly... + $person_id = $this->input->post('person_id'); + if (!isset($person_id)) $person_id = $this->input->get('person_id'); + + if (isset($person_id)) + { + if (!is_numeric($person_id)) show_error("invalid person id"); + // ...check if there is a permission for editing UHSTAT1 data + if ($this->_checkPermission($berechtigungsArt)) return $person_id; + } + + // if no id passed, use logged in person id + return $loggedInPersonId; + } + + show_error("No permission"); + } + + /** + * Gets person Id if there is a application tool login. + * @return person Id or null + */ + private function _getApplicationToolPersonId() + { + // if coming from aplication tool - person id is in session (person must be logged in bewerbungstool) if (isset($_SESSION[self::PERSON_ID_SESSION_INDEX]) && is_numeric($_SESSION[self::PERSON_ID_SESSION_INDEX]) && isset($_SESSION[self::LOGIN_SESSION_INDEX]) ) return $_SESSION[self::PERSON_ID_SESSION_INDEX]; - // ...check if student is successfully logged in + return null; + } + + /** + * Gets person Id if there is a user login. + * @return person Id or null + */ + private function _getUserPersonId() + { $loggedInPersonId = getAuthPersonId(); if (isset($loggedInPersonId) && is_numeric($loggedInPersonId)) { // check if the the user is a student and if the benutzer is active - $this->StudentModel->addSelect('1'); - $this->StudentModel->addJoin("public.tbl_benutzer", "public.tbl_benutzer.uid = public.tbl_student.student_uid"); - $res = $this->StudentModel->loadWhere(["public.tbl_benutzer.person_id" => $loggedInPersonId, "public.tbl_benutzer.aktiv" => TRUE]); + $this->BenutzerModel->addSelect('1'); + $res = $this->BenutzerModel->loadWhere(["public.tbl_benutzer.person_id" => $loggedInPersonId, "public.tbl_benutzer.aktiv" => TRUE]); if (hasData($res)) return $loggedInPersonId; } - - // if person id passed directly... - $person_id = $this->input->post('person_id'); - if (!isset($person_id)) $person_id = $this->input->get('person_id'); - - if (!isset($person_id) || !is_numeric($person_id)) show_error("invalid person id"); - - // ...check if there is a permission for editing UHSTAT1 data - if ($this->_checkPermission($berechtigungsArt)) return $person_id; - - show_error("No permission"); + return null; } /** diff --git a/application/views/codex/uhstat1.php b/application/views/codex/uhstat1.php index a255781f1..cb2f219f8 100644 --- a/application/views/codex/uhstat1.php +++ b/application/views/codex/uhstat1.php @@ -26,7 +26,7 @@ $vater_bildungsstaat = isset($uhstatData->vater_bildungsstaat) ? $uhstatData->va $vater_bildungmax = isset($uhstatData->vater_bildungmax) ? $uhstatData->vater_bildungmax : set_value('vater_bildungmax'); $readOnly = isset($formMetaData['readOnly']); $disabled = $readOnly ? ' disabled' : ''; -$editPermission = isset($formMetaData['editPermission']) && $formMetaData['editPermission'] === true; +$savePermission = isset($formMetaData['savePermission']) && $formMetaData['savePermission'] === true; $deletePermission = isset($formMetaData['deletePermission']) && $formMetaData['deletePermission'] === true; $saved = isset($saved) && $saved === true; ?> @@ -51,7 +51,7 @@ $saved = isset($saved) && $saved === true; p->t('uhstat', 'uhstat1EinleitungSvnrtext') ?>


- +
@@ -288,7 +288,7 @@ $saved = isset($saved) && $saved === true;
- +