add tabulator6 option; added Filter function "scrollToLastActive" for tabulator setups losing scroll when changing fhc-tabs;

- sortierung gleichgezogen

.gitignore

@@ -2,6 +2,8 @@ documents/
 vendor/
 
 /nbproject/
+.vscode
+composer.phar
 /.idea/
 .settings
 .project

application/config/Events.php

@@ -0,0 +1,14 @@
+<?php
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+use CI3_Events as Events;
+
+/**
+ * NOTE(chris): example:
+	Events::on('stv_conf_student', function (&$res) {
+		$res['test'] = [
+			'title' => 'TEST',
+			'component' => './Stv/Studentenverwaltung/Details/Notizen.js'
+		];
+	});
+ */

application/config/anrechnung.php

@@ -21,3 +21,6 @@ $config['grades_blocking_application'] = array(
 $config['fbl'] = FALSE;
 //Enables Info Mails
 $config['send_mail'] = TRUE;
+
+// Display fields to explain equivalence of ECTS and LV-Inhalte
+$config['explain_equivalence'] = TRUE;

application/config/cis.php

@@ -0,0 +1,9 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+
+// CMS Content Id for CIS4 Menu Root
+$config['cis_menu_root_content_id'] = 11066;
+// send Mails for ProfilUpdate
+$config['cis_send_profil_update_mails'] = true;

application/config/db_crypt.php

@@ -0,0 +1,29 @@
+<?php
+
+/**
+ * Copyright (C) 2023 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+
+// NOTE: if database encryption is _not_ used then leave this array empty!
+$config['encryption_passwords'] = array(
+	// 'password name 1' => 'password 1'
+	// 'password name 2' => 'password 2'
+	// 'password name ...' => 'password ...'
+	// 'password name N' => 'password N'
+);
+

application/config/javascript.php

@@ -0,0 +1,7 @@
+<?php
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+// use vuejs dev version
+$config['use_vuejs_dev_version'] = false;
+// use bundled javascript
+$config['use_bundled_javascript'] = false;

application/config/migratecontract.php

@@ -0,0 +1,36 @@
+<?php
+
+/**
+ * Copyright (C) 2023 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+
+$config['migratecontract_oe_default'] = 'TODO_OE_DEFAULT';
+
+$config['migratecontract_matching_ba1_vertragsart'] = array(
+    '101'=>'dvbund',
+    '102'=>'dvanderengk',
+    '103'=>'echterdv',
+    '104'=>'studentischehilfskr',
+    '105'=>'externerlehrender',
+    '106'=>'dvanderenbet',
+    '107'=>'werkvertrag',
+    '108'=>'studentischehilfskr',
+    '109'=>'ueberlassungsvertrag',
+    '110'=>'echterfreier',
+    '111'=>'echterdv' //All-In
+);

application/config/navigation.php

@@ -1,6 +1,12 @@
 <?php
 // Header menu
 
+if(defined('CIS4') && CIS4) {
+	$root = APP_ROOT;
+} else {
+	$root = CIS_ROOT;
+}
+
 $config['navigation_header'] = array(
 	'*' => array(
 		'fhcomplete' => array(
@@ -31,6 +37,14 @@ $config['navigation_header'] = array(
 					'expand' => true,
 					'sort' => 20,
 					'requiredPermissions' => 'admin:w'
+				),
+				'bismeldestichtagsverwaltung' => array(
+					'link' => site_url('codex/Bismeldestichtag'),
+					'icon' => '',
+					'description' => 'BIS-Meldestichtagsverwaltung',
+					'expand' => true,
+					'sort' => 30,
+					'requiredPermissions' => 'admin:w'
 				)
 			)
 		),
@@ -42,11 +56,17 @@ $config['navigation_header'] = array(
 			'requiredPermissions' => 'basis/vilesci:r',
 			'children' => array(
 				'cis' => array(
-					'link' => CIS_ROOT,
+					'link' => $root,
 					'icon' => '',
 					'description' => 'CIS',
 					'sort' => 10
 				),
+				'lehrveranstaltungen' => array(
+					'link' => site_url('lehre/lvplanung/LvTemplateUebersicht'),
+					'icon' => '',
+					'description' => 'Lehrveranstaltungen',
+					'sort' => 15
+				),
 				'reihungstest' => array(
 					'link' => site_url('organisation/Reihungstest'),
 					'description' => 'Reihungstests',
@@ -209,7 +229,7 @@ $config['navigation_menu']['organisation/Reihungstest/index'] = array(
 		'target' => '_blank'
 	),
 	'auswertung' => array(
-		'link' => CIS_ROOT.'/cis/testtool/admin/auswertung.php',
+		'link' => $root.'/cis/testtool/admin/auswertung.php',
 		'description' => 'Auswertung',
 		'icon' => 'list-alt',
 		'sort' => 1,
@@ -279,6 +299,15 @@ $config['navigation_menu']['lehre/lehrauftrag/LehrauftragErteilen/*'] = array(
 	)
 );
 
+$config['navigation_menu']['lehre/lvplanung/LvTemplateUebersicht/index'] = array(
+	'lvTemplateUebersicht' => array(
+		'link' => site_url('lehre/lvplanung/LvTemplateUebersicht'),
+		'description' => 'LV Template Übersicht',
+		'icon' => '',
+		'sort' => 1
+	)
+);
+
 $config['navigation_menu']['system/issues/Issues/*'] = array(
 	'fehlerzustaendigkeiten' => array(
 		'link' => site_url('system/issues/IssuesZustaendigkeiten'),
@@ -296,5 +325,4 @@ $config['navigation_menu']['system/issues/Issues/*'] = array(
 		'target' => '_blank',
 		'requiredPermissions' => array('admin:rw')
 	),
-);
-
+);

application/config/routes.php

@@ -50,7 +50,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 | Examples: my-controller/index -> my_controller/index
 |   my-controller/my-method -> my_controller/my_method
 */
-$route['default_controller'] = 'Vilesci';
+$route['default_controller'] = defined('CIS4') && CIS4 ? 'Cis4' : 'Vilesci';
 $route['translate_uri_dashes'] = FALSE;
 
 // Class name conflicts
@@ -61,6 +61,9 @@ $route['api/v1/organisation/[O|o]rganisationseinheit/(:any)'] = 'api/v1/organisa
 $route['api/v1/ressource/[B|b]etriebsmittelperson/(:any)'] = 'api/v1/ressource/betriebsmittelperson2/$1';
 $route['api/v1/system/[S|s]prache/(:any)'] = 'api/v1/system/sprache2/$1';
 
+$route['CisVue'] = 'CisVue/dashboard';
+$route['Cis/Stundenplan/(:any)'] = 'Cis/Stundenplan';
+
 // load routes from extensions
 $subdir = 'application/config/extensions';
 $dirlist = scandir($subdir);
@@ -81,5 +84,4 @@ if ($dirlist)
 			}
 		}
 	}
-}
-
+}

application/config/studierendenantrag.php

@@ -126,6 +126,7 @@ $config['antrag_job_systemuser'] = '';
  * @var array			Array of tbl_status.status_kurzbz's
  */
 $config['antrag_prestudentstatus_whitelist'] = ['Student', 'Diplomand'];
+$config['antrag_prestudentstatus_whitelist_abmeldung'] = ['Student', 'Diplomand', 'Unterbrecher'];
 
 
 /**
@@ -159,3 +160,11 @@ $config['stgkz_blacklist_unterbrechung'] = [];
  * @var array           An array of tbl_studiengang.studiengang_kz's
  */
 $config['stgkz_blacklist_wiederholung'] = [];
+
+/**
+ * Blacklisted noten for negative committee exams
+ * noten with this ids won't be seen as negative
+ *
+ * @var array           An array of noten ids
+ */
+$config['note_blacklist_wiederholung'] = [];

application/controllers/Cis/Auth.php

@@ -0,0 +1,77 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+ 
+/**
+ *
+ */
+class Auth extends FHC_Controller
+{
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct();
+
+		// Load Helpers
+		$this->load->helper('form');
+		$this->load->helper('hlp_authentication');
+
+		// Loads phrases system
+		$this->loadPhrases([
+			'global'
+		]);
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * @return void
+	 */
+	public function login()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('username', 'Username', 'required|trim|callback_validation');
+		$this->form_validation->set_rules('password', 'Password', 'required|trim');
+
+
+		if ($this->form_validation->run())
+		{
+			redirect($this->authlib->getLandingPage('/CisVue/Dashboard'));
+		}
+		else
+		{
+			$this->load->view('Cis/Login');
+		}
+	}
+
+	/**
+	 * @return boolean
+	 */
+	public function validation()
+	{
+		$username = $this->input->post('username');
+		$password = $this->input->post('password');
+
+		$this->load->library('AuthLib', [false]); // without authentication otherwise loooooop!
+
+		$login = $this->authlib->loginLDAP($username, $password);
+		if (isSuccess($login))
+			return true;
+		$this->form_validation->set_message('validation', 'Incorrect username/password.');
+		return false;
+	}
+
+	/**
+	 * @return void
+	 */
+	public function logout()
+	{
+		$this->load->library('AuthLib');
+		$this->authlib->logout();
+		redirect('/Cis/Auth/login', 'refresh');
+	}
+}

application/controllers/Cis/Documents.php

@@ -0,0 +1,192 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+use \stdClass as stdClass;
+
+/**
+ *
+ */
+class Documents extends Auth_Controller
+{
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'index' => [self::PERM_LOGGED],
+			'student' => ['admin:r'],
+			'download' => [self::PERM_LOGGED]
+		]);
+
+		$this->load->model('crm/Prestudentstatus_model', 'PrestudentstatusModel');
+
+		$this->loadPhrases([
+			'global',
+			'tools'
+		]);
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * @return void
+	 */
+	public function index()
+	{
+		return $this->showDocuments(getAuthUID());
+	}
+
+	/**
+	 * @param string		$uid		Administratoren dürfen die UID als Parameter übergeben um die Dokumente von anderen Personen anzuzeigen
+	 * @return void
+	 */
+	public function student($uid)
+	{
+		return $this->showDocuments($uid);
+	}
+
+	/**
+	 * @param string		$uid
+	 * @return void
+	 */
+	protected function showDocuments($uid)
+	{
+		$this->load->model('crm/Konto_model', 'KontoModel');
+		$this->load->model('organisation/Studiengang_model', 'StudiengangModel');
+
+		$stati = $this->PrestudentstatusModel->loadWhereUid($uid, null, true);
+		if (isError($stati))
+			return $this->load->view('errors/html/error_db.php', [
+				'heading' => 'Database Error',
+				'message' => getError($stati)
+			]);
+		$stati = getData($stati);
+		if (!$stati)
+			return $this->load->view('errors/html/error_general.php', [
+				'heading' => 'User ist kein Student',
+				'message' => 'Es konnten keine Studiensemester gefunden werden in denen der User als Student inskripiert ist'
+			]);
+
+		$stgs = [];
+		$stsemArray = [];
+		$buchungstypen = implode('\',\'', defined("CIS_DOKUMENTE_STUDIENBEITRAG_TYPEN") ? unserialize(CIS_DOKUMENTE_STUDIENBEITRAG_TYPEN) : []);
+		$person_ids = [];
+		foreach ($stati as $status) {
+			$person_ids[] = $status->person_id;
+
+			if(!in_array($status->studiensemester_kurzbz, $stsemArray)) {
+				$stsemArray[] = $status->studiensemester_kurzbz;
+			}
+			
+			if (!isset($stgs[$status->studiengang_kz])) {
+				$stg = $this->StudiengangModel->load($status->studiengang_kz);
+				if (isError($stg))
+					return $this->load->view('errors/html/error_db.php', [
+						'heading' => 'Database Error',
+						'message' => getError($stg)
+					]);
+				$stg = getData($stg);
+				if (!$stg)
+					return $this->load->view('errors/html/error_db.php', [
+						'heading' => 'Database Error',
+						'message' => 'No Studiengang found for studiengang_kz ' . $status->studiengang_kz
+					]);
+				$stgs[$status->studiengang_kz] = current($stg);
+				$stgs[$status->studiengang_kz]->studiensemester = [];
+			}
+			if (!isset($stgs[$status->studiengang_kz]->studiensemester[$status->studiensemester_kurzbz])) {
+				$stgs[$status->studiengang_kz]->studiensemester[$status->studiensemester_kurzbz] = new stdClass();
+				$stgs[$status->studiengang_kz]->studiensemester[$status->studiensemester_kurzbz]->inskriptionsbestaetigung = (boolean)getData(
+					$this->KontoModel->checkStudienbeitragFromPrestudent(
+						$status->prestudent_id,
+						$status->studiensemester_kurzbz,
+						$buchungstypen
+					)
+				);
+			}
+		}
+		$person_ids = array_unique($person_ids);
+
+		$selfservice = null;
+		if (!defined('CIS_DOKUMENTE_SELFSERVICE') || CIS_DOKUMENTE_SELFSERVICE) {
+			$this->load->model('crm/Akte_model', 'AkteModel');
+			$selfservice = [];
+			foreach ($person_ids as $person_id) {
+				$result = $this->AkteModel->getArchiv($person_id, null, true);
+				if (isError($result))
+					return $this->load->view('errors/html/error_db.php', [
+						'heading' => 'Database Error',
+						'message' => getError($result)
+					]);
+				$selfservice = array_merge($selfservice, getData($result) ?: []);
+			}
+		}
+
+		
+		$this->load->view('Cis/Documents', [
+			'stsemArray' => $stsemArray,
+			'stgs' => $stgs,
+			'uid' => $uid,
+			'studienbuchblatt' => defined('CIS_DOKUMENTE_STUDIENBUCHLBATT_DRUCKEN') && CIS_DOKUMENTE_STUDIENBUCHLBATT_DRUCKEN,
+			'studienerfolgsbestaetigung' => defined('CIS_DOKUMENTE_STUDIENERFOLGSBESTAETIGUNG_DRUCKEN') && CIS_DOKUMENTE_STUDIENERFOLGSBESTAETIGUNG_DRUCKEN,
+			'selfservice' => $selfservice
+		]);
+	}
+
+	/**
+	 * @param integer		$akte_id
+	 * @param string		$uid		(optional) Administratoren dürfen die UID als Parameter übergeben um die Dokumente von anderen Personen anzuzeigen
+	 *
+	 * @return void
+	 */
+	public function download($akte_id, $uid = null)
+	{
+		if (!is_numeric($akte_id))
+			return show_404();
+
+		$this->load->model('crm/Akte_model', 'AkteModel');
+		$result = $this->AkteModel->load($akte_id);
+		if (isError($result))
+			return show_error(getError($result));
+		$akte = getData($result);
+		if (!$akte)
+			return show_404();
+		$akte = current($akte);
+
+		$admin_access = false;
+		if ($uid !== null && $this->permissionlib->isBerechtigt('admin')) {
+			$stati = $this->PrestudentstatusModel->loadWhereUid($uid, null, true);
+			if (hasData($stati)) {
+				$person_ids = array_map(function ($status) {
+					return $status->person_id;
+				}, getData($stati));
+				$person_ids = array_unique($person_ids);
+				if (count($person_ids) == 1 && current($person_ids) == $akte->person_id) {
+					$admin_access = true;
+				}
+			}
+		}
+
+		if (!$admin_access && ($akte->person_id != getAuthPersonId() || !$akte->stud_selfservice))
+			return show_error('Forbidden', 403);
+
+		// NOTE(chris): Log bei einem Download vom Becheid
+		if (isset($akte->dokument_kurzbz) && ($akte->dokument_kurzbz === 'Bescheid' || $akte->dokument_kurzbz === 'BescheidEng')) {
+			$this->load->model('system/Webservicelog_model', 'WebservicelogModel');
+			$this->WebservicelogModel->insert([
+				'webservicetyp_kurzbz' => 'content',
+				'request_id' => (isset($akte->akte_id) && !empty($akte->akte_id)) ? $akte->akte_id : null,
+				'beschreibung' => 'Bescheidbestaetigungsdownload',
+				'request_data' => $_SERVER['QUERY_STRING'],
+				'execute_time' => date('c'),
+				'execute_user' => getAuthUID()
+			]);
+		}
+
+		$this->output->set_content_type($akte->mimetype);
+		$this->output->set_output(base64_decode($akte->inhalt));
+	}
+}

application/controllers/Cis/MyLv.php

@@ -0,0 +1,36 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ *
+ */
+class MyLv extends Auth_Controller
+{
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'index' => ['basis/cis:r'],
+			'Info' => [self::PERM_LOGGED]
+		]);
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * @return void
+	 */
+	public function index()
+	{
+		$this->load->view('Cis/MyLv');
+	}
+
+	public function Info($studien_semester,$lvid)
+	{
+		$this->load->view('Cis/LvInfo',['lvid'=> $lvid, 'studien_semester' => $studien_semester]);
+	}
+}

application/controllers/Cis/Profil.php

@@ -0,0 +1,737 @@
+<?php
+
+if (!defined('BASEPATH'))
+	exit('No direct script access allowed');
+
+class Profil extends Auth_Controller
+{
+
+	/**
+	 * Constructor
+	 */
+
+	public function __construct()
+	{
+		parent::__construct([
+			'index' => ['basis/cis:r'],
+			'foto_sperre_function' => ['basis/cis:r'],
+			'getView' => ['basis/cis:r'],
+			'View' => ['basis/cis:r'],
+			'isMitarbeiter' => ['basis/cis:r'],
+			'isStudent' => ['basis/cis:r'],
+			'getZustellAdresse' => ['basis/cis:r'],
+			'getZustellKontakt' => ['basis/cis:r'],
+			'getAllNationen' => ['basis/cis:r'],
+			'getGemeinden' => ['basis/cis:r'],
+
+		]);
+
+		$this->load->model('ressource/mitarbeiter_model', 'MitarbeiterModel');
+		$this->load->model('crm/Student_model', 'StudentModel');
+		$this->load->model('person/Benutzer_model', 'BenutzerModel');
+		$this->load->model('person/Person_model', 'PersonModel');
+		$this->load->model('person/Adresse_model', 'AdresseModel');
+		$this->load->model('person/Benutzerfunktion_model', 'BenutzerfunktionModel');
+		$this->load->model('person/Benutzergruppe_model', 'BenutzergruppeModel');
+		$this->load->model('ressource/Betriebsmittelperson_model', 'BetriebsmittelpersonModel');
+		$this->load->model('person/Kontakt_model', 'KontaktModel');
+		$this->load->model('person/Profil_update_model', 'ProfilUpdateModel');
+		$this->load->model('content/DmsVersion_model', 'DmsVersionModel');
+
+
+		//? put the uid and pid inside the controller for reusability
+		$this->uid = getAuthUID();
+		$this->pid = getAuthPersonID();
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+
+	/**
+	 * index loads the Profil view
+	 * @access public
+	 * @return void 
+	 */
+	public function index()
+	{
+		$this->load->view('Cis/Profil');
+	}
+
+	/**
+	 * redirects to the index function (needed to allow calling this URI)
+	 * @access public
+	 * @return void 
+	 */
+	public function View($uid)
+	{
+		$this->load->view('Cis/Profil');
+	}
+
+	/**
+	 * checks whether a specific userID is a mitarbeiter or not (foreword declaration of the function isMitarbeiter in Mitarbeiter_model.php)
+	 * @access public
+	 * @param  $uid the userID used to check if it is a mitarbeiter
+	 * @return boolean 
+	 */
+	public function isStudent($uid)
+	{
+		$result = $this->StudentModel->isStudent($uid);
+		if (isError($result)) {
+			show_error("error when calling Student_model function isStudent with uid " . $uid);
+		}
+		$result = getData($result);
+		echo json_encode($result);
+	}
+
+	/**
+	 * checks whether a specific userID is a mitarbeiter or not (foreword declaration of the function isMitarbeiter in Mitarbeiter_model.php)
+	 * @access public
+	 * @param  $uid the userID used to check if it is a mitarbeiter
+	 * @return boolean 
+	 */
+	public function isMitarbeiter($uid)
+	{
+		$result = $this->MitarbeiterModel->isMitarbeiter($uid);
+		if (isError($result)) {
+			show_error("error when calling Mitarbeiter_model function isMitarbeiter with uid " . $uid);
+		}
+		$result = getData($result);
+		echo json_encode($result);
+	}
+
+	/**
+	 * gets the adressen that are marked as zustell from the currenlty logged in user
+	 * @access public
+	 * @return array a list of adresse_id's 
+	 */
+	public function getZustellAdresse()
+	{
+		$this->AdresseModel->addSelect(["adresse_id"]);
+		$adressen_res = $this->AdresseModel->loadWhere(['person_id' => $this->pid, 'zustelladresse' => true]);
+		$adressen_res = hasData($adressen_res) ? getData($adressen_res) : null;
+		$adressen_res = array_map(function ($item) {
+			return $item->adresse_id;
+		}, $adressen_res);
+		echo json_encode($adressen_res);
+	}
+
+	/**
+	 * gets the kontakte that are marked as zustell from the currenlty logged in user
+	 * @access public
+	 * @return array a list of kontakt_id's 
+	 */
+	public function getZustellKontakt()
+	{
+		$this->KontaktModel->addSelect(["kontakt_id"]);
+		$kontakt_res = $this->KontaktModel->loadWhere(['person_id' => $this->pid, 'zustellung' => true]);
+		$kontakt_res = hasData($kontakt_res) ? getData($kontakt_res) : null;
+		$kontakt_res = array_map(function ($item) {
+			return $item->kontakt_id;
+		}, $kontakt_res);
+		echo json_encode($kontakt_res);
+	}
+
+	/**
+	 * function that returns the data used for the corresponding view
+	 * the client side parses the @param $uid and calls this function to get the data to the correct view 
+	 * @access public
+	 * @param  boolean $uid the userID used to identify which information should be retrieved for which view 
+	 * @return stdClass all the data corresponding to a view of a user
+	 */
+	public function getView($uid)
+	{
+		$res = new stdClass();
+
+		// if parsing the URL did not found a UID then the UID of the logged in user is used
+		if ($uid == "Profil" || $uid == $this->uid) {
+			$isMitarbeiter = $this->MitarbeiterModel->isMitarbeiter($this->uid);
+			if (isError($isMitarbeiter)) {
+				show_error("error while checking if UID: " . $this->uid . " is a mitarbeiter");
+			}
+			$isMitarbeiter = getData($isMitarbeiter);
+			if ($isMitarbeiter) {
+				$res->view = "MitarbeiterProfil";
+				$res->data = $this->mitarbeiterProfil();
+				$res->data->pid = $this->pid;
+			} else {
+				$res->view = "StudentProfil";
+				$res->data = $this->studentProfil();
+				$res->data->pid = $this->pid;
+			}
+		}
+		// UID is availabe when accessing Profil/View/:uid
+		else {
+			$this->PersonModel->addSelect(["person_id"]);
+			$pid = $this->PersonModel->getByUid($uid);
+			if (isError($pid)) {
+				show_error("error while trying to update table public.tbl_person while searching for a person with UID: " . $uid);
+			}
+			$pid = hasData($pid) ? getData($pid)[0] : null;
+			if (!$pid) {
+				show_error("Person with UID: " . $uid . " does not exist");
+			}
+			$isMitarbeiter = $this->MitarbeiterModel->isMitarbeiter($uid);
+			if (isError($isMitarbeiter)) {
+				show_error("error while checking if UID: " . $uid . " is a mitarbeiter");
+			}
+			$isMitarbeiter = getData($isMitarbeiter);
+			if ($isMitarbeiter) {
+				$res->view = "ViewMitarbeiterProfil";
+				$res->data = $this->viewMitarbeiterProfil($uid);
+
+			} else {
+				$res->view = "ViewStudentProfil";
+				$res->data = $this->viewStudentProfil($uid);
+			}
+		}
+		echo json_encode($res);
+	}
+
+	/**
+	 * update column foto_sperre in public.tbl_person
+	 * @access public
+	 * @param  boolean $value  new value for the column
+	 * @return boolean the new value added to the column in public.tbl_person
+	 */
+	public function foto_sperre_function($value)
+	{
+		$res = $this->PersonModel->update($this->pid, ["foto_sperre" => $value]);
+		if (isError($res)) {
+			show_error("error while trying to update table public.tbl_person");
+		}
+		$this->PersonModel->addSelect("foto_sperre");
+		$res = $this->PersonModel->load($this->pid);
+		if (isError($res)) {
+			show_error("error while trying to query table public.tbl_person");
+		}
+		$res = hasData($res) ? getData($res)[0] : null;
+		echo json_encode($res);
+	}
+
+	/**
+	 * gets all nations in the table bis.tbl_nation
+	 *
+	 * @access public
+	 * @return array all the nations in table bis.tbl_nation
+	 */
+	public function getAllNationen()
+	{
+		$this->load->model('codex/Nation_model', "NationModel");
+		$this->NationModel->addSelect(["nation_code as code", "langtext"]);
+		$nation_res = $this->NationModel->load();
+		if (isError($nation_res)) {
+			show_error("error while trying to query table codex.tbl_nation");
+		}
+		$nation_res = hasData($nation_res) ? getData($nation_res) : null;
+		echo json_encode($nation_res);
+	}
+
+	/**
+	 * gets specific gemeinden which are related to the ZIP and the Nation passed in the body of the get request
+	 * @access public
+	 * @var    $_GET function uses GET request payload
+	 * @return boolean the new value added to the column in public.tbl_person
+	 */
+	public function getGemeinden()
+	{
+		/** @var $nation value parsed out of the body of the get request */
+		$nation = $this->input->get('nation', true);
+		/** @var $zip value parsed out of the body of the get request and converted to a php integer with json_decode */
+		$zip = json_decode($this->input->get('zip', true));
+
+		$this->load->model('codex/Gemeinde_model', "GemeindeModel");
+		$this->GemeindeModel->addDistinct();
+		$this->GemeindeModel->addSelect(["name"]);
+		if ($nation == "A") {
+				if (isset($zip) && $zip > 999 && $zip < 32000) {
+
+						$gemeinde_res = $this->GemeindeModel->loadWhere(['plz' => $zip]);
+						if (isError($gemeinde_res)) {
+								show_error("error while trying to query bis.tbl_gemeinde");
+						}
+						$gemeinde_res = hasData($gemeinde_res) ? getData($gemeinde_res) : null;
+						$gemeinde_res = array_map(function ($obj) {
+								return $obj->name;
+						}, $gemeinde_res);
+						echo json_encode($gemeinde_res);
+
+				} else {
+						echo json_encode(error("ortschaftskennziffer code was not valid"));
+				}
+		} else {
+				echo json_encode(error("Nation was not 'A' (Austria)"));
+		}
+	}
+
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Private methods
+
+	/**
+	 * function that returns the data used for viewing another mitarbeiter profile
+	 * @access private 
+	 * @param  integer $uid the userID to retrieve the mitarbeiter data
+	 * @return stdClass restricted mitarbeiter data
+	 */
+	private function viewMitarbeiterProfil($uid)
+	{
+		$mailverteiler_res = $this->getMailverteiler($uid);
+		$benutzer_funktion_res = $this->getBenutzerFunktion($uid);
+		$benutzer_res = $this->getBenutzerAlias($uid);
+		$person_res = $this->getPersonInfo($uid);
+		$mitarbeiter_res = $this->getMitarbeiterInfo($uid);
+		$telefon_res = $this->getTelefonInfo($uid);
+
+		$res = new stdClass();
+		$res->username = $uid;
+
+		//? Person Info
+		foreach ($person_res as $key => $val) {
+			$res->$key = $val;
+		}
+
+		//? Mitarbeiter Info
+		foreach ($mitarbeiter_res as $key => $val) {
+			$res->$key = $val;
+
+		}
+
+		$intern_email = array();
+		$intern_email["type"] = "intern";
+		$intern_email["email"] = $uid . "@" . DOMAIN;
+		$extern_email = array();
+		$extern_email["type"] = "alias";
+		$extern_email["email"] = $benutzer_res->alias . "@" . DOMAIN;
+		$res->emails = array($intern_email, $extern_email);
+
+		$res->funktionen = $benutzer_funktion_res;
+		$res->mailverteiler = $mailverteiler_res;
+		$res->standort_telefon = isset($telefon_res) ? $telefon_res->kontakt : null;
+
+		return $res;
+	}
+
+	/**
+	 * function that returns the data used for viewing another student profile
+	 * @access private 
+	 * @param  integer $uid the userID to retrieve the student data
+	 * @return stdClass restricted student data
+	 */
+	private function viewStudentProfil($uid)
+	{
+		$mailverteiler_res = $this->getMailverteiler($uid);
+		$person_res = $this->getPersonInfo($uid);
+		$student_res = $this->getStudentInfo($uid);
+		$matr_res = $this->getMatrikelNummer($uid);
+
+		$res = new stdClass();
+		$res->username = $uid;
+
+		//? Person Information
+		foreach ($person_res as $key => $value) {
+			$res->$key = $value;
+		}
+
+		//? Student Information
+		foreach ($student_res as $key => $value) {
+			$res->$key = $value;
+		}
+
+		$intern_email = array();
+		$intern_email["type"] = "intern";
+		$intern_email["email"] = $uid . "@" . DOMAIN;
+
+		$res->emails = [$intern_email];
+		$res->matrikelnummer = $matr_res->matr_nr;
+		$res->mailverteiler = $mailverteiler_res;
+
+		return $res;
+	}
+
+	/**
+	 * function that returns the data used for the mitarbeiter profile
+	 * @access private 
+	 * @return stdClass mitarbeiter data
+	 */
+	private function mitarbeiterProfil()
+	{
+
+		$zutrittskarte_ausgegebenam = $this->getZutrittskarteDatum($this->uid);
+		$adresse_res = $this->getAdressenInfo($this->pid);
+		$kontakte_res = $this->getKontaktInfo($this->pid);
+		$mailverteiler_res = $this->getMailverteiler($this->uid);
+		$person_res = $this->getPersonInfo($this->uid, true);
+		$benutzer_funktion_res = $this->getBenutzerFunktion($this->uid);
+		$betriebsmittelperson_res = $this->getBetriebsmittelInfo($this->pid);
+		$profilUpdates = $this->getProfilUpdates($this->uid);
+		$telefon_res = $this->getTelefonInfo($this->uid);
+		$mitarbeiter_res = $this->getMitarbeiterInfo($this->uid);
+
+		$res = new stdClass();
+		$res->username = $this->uid;
+
+		//? Person Information
+		foreach ($person_res as $key => $value) {
+			$res->$key = $value;
+		}
+
+		//? Mitarbeiter Information
+		foreach ($mitarbeiter_res as $key => $value) {
+			$res->$key = $value;
+		}
+
+		$res->adressen = $adresse_res;
+		$res->zutrittsdatum = $zutrittskarte_ausgegebenam;
+		$res->kontakte = $kontakte_res;
+		$res->mittel = $betriebsmittelperson_res;
+		$res->mailverteiler = $mailverteiler_res;
+
+		$intern_email = array();
+		$intern_email["type"] = "intern";
+		$intern_email["email"] = $this->uid . "@" . DOMAIN;
+		$extern_email = array();
+		$extern_email["type"] = "alias";
+		$extern_email["email"] = $mitarbeiter_res->alias . "@" . DOMAIN;
+		$res->emails = [$intern_email, $extern_email];
+
+		$res->funktionen = $benutzer_funktion_res;
+		$res->standort_telefon = $telefon_res;
+		$res->profilUpdates = $profilUpdates;
+
+		return $res;
+	}
+
+	/**
+	 * function that returns the data used for the student profile
+	 * @access private 
+	 * @return stdClass student data
+	 */
+	private function studentProfil()
+	{
+		$betriebsmittelperson_res = $this->getBetriebsmittelInfo($this->pid);
+		$kontakte_res = $this->getKontaktInfo($this->pid);
+		$zutrittskarte_ausgegebenam = $this->getZutrittskarteDatum($this->uid);
+		$adresse_res = $this->getAdressenInfo($this->pid);
+		$mailverteiler_res = $this->getMailverteiler($this->uid);
+		$person_res = $this->getPersonInfo($this->uid, true);
+		$zutrittsgruppe_res = $this->getZutrittsgruppen($this->uid);
+		$student_res = $this->getStudentInfo($this->uid);
+		$matr_res = $this->getMatrikelNummer($this->uid);
+		$profilUpdates = $this->getProfilUpdates($this->uid);
+
+		$res = new stdClass();
+		$res->username = $this->uid;
+
+		//? Person Information
+		foreach ($person_res as $key => $value) {
+			$res->$key = $value;
+		}
+
+		//? Student Information
+		foreach ($student_res as $key => $value) {
+			$res->$key = trim($value);
+		}
+
+		$intern_email = array();
+		$intern_email["type"] = "intern";
+		$intern_email["email"] = $this->uid . "@" . DOMAIN;
+
+		$res->emails = [$intern_email];
+		$res->adressen = $adresse_res;
+		$res->zutrittsdatum = $zutrittskarte_ausgegebenam;
+		$res->kontakte = $kontakte_res;
+		$res->mittel = $betriebsmittelperson_res;
+		$res->matrikelnummer = $matr_res->matr_nr;
+		$res->zuttritsgruppen = $zutrittsgruppe_res;
+		$res->mailverteiler = $mailverteiler_res;
+		$res->profilUpdates = $profilUpdates;
+
+		return $res;
+	}
+
+	/**
+	 * gets all the mailverteiler using the tables: tbl_benutzer, tbl_benutzergruppe, tbl_gruppe
+	 * @access private
+	 * @param  integer $uid  the userID used to retrieve the mailverteiler 
+	 * @return array returns the mailvertailer corresponding to a userID 
+	 */
+	private function getMailverteiler($uid)
+	{
+		$this->PersonModel->addSelect('gruppe_kurzbz, beschreibung');
+		$this->PersonModel->addJoin('tbl_benutzer', 'person_id');
+		$this->PersonModel->addJoin('tbl_benutzergruppe', 'uid');
+		$this->PersonModel->addJoin('tbl_gruppe', 'gruppe_kurzbz');
+
+		$mailverteiler_res = $this->PersonModel->loadWhere(array('mailgrp' => true, 'uid' => $uid));
+		if (isError($mailverteiler_res)) {
+			show_error("was not able to query the table public.tbl_benutzer:" . getData($mailverteiler_res));
+		}
+		$mailverteiler_res = hasData($mailverteiler_res) ? getData($mailverteiler_res) : null;
+		$mailverteiler_res = array_map(function ($element) {
+			$element->mailto = "mailto:" . $element->gruppe_kurzbz . "@" . DOMAIN;
+			return $element;
+		}, $mailverteiler_res);
+		return $mailverteiler_res;
+	}
+
+	/**
+	 * gets all the Benutzerfunktionen of a corresponding user
+	 * @access private
+	 * @param  integer $uid  the userID used to retrieve the Benutzerfunktionen 
+	 * @return array returns the Benutzerfunktionen corresponding to a userID 
+	 */
+	private function getBenutzerFunktion($uid)
+	{
+		$this->BenutzerfunktionModel->addSelect(["tbl_benutzerfunktion.bezeichnung as Bezeichnung", "tbl_organisationseinheit.bezeichnung as Organisationseinheit", "datum_von as Gültig_von", "datum_bis as Gültig_bis", "wochenstunden as Wochenstunden"]);
+		$this->BenutzerfunktionModel->addJoin("tbl_organisationseinheit", "oe_kurzbz");
+
+		$benutzer_funktion_res = $this->BenutzerfunktionModel->loadWhere(array('uid' => $uid));
+		if (isError($benutzer_funktion_res)) {
+			show_error("was not able to query the table public.tbl_benutzerfunktion:" . getData($benutzer_funktion_res));
+		}
+		$benutzer_funktion_res = hasData($benutzer_funktion_res) ? getData($benutzer_funktion_res) : null;
+		return $benutzer_funktion_res;
+	}
+
+	/**
+	 * gets all the Betriebsmittel of a corresponding user
+	 * @access private
+	 * @param  integer $uid  the userID used to retrieve the Betriebsmittel 
+	 * @return array returns the Betriebsmittel corresponding to a userID 
+	 */
+	private function getBetriebsmittelInfo($pid)
+	{
+		$this->BetriebsmittelpersonModel->addSelect(["CONCAT(betriebsmitteltyp, ' ' ,beschreibung) as Betriebsmittel", "nummer as Nummer", "ausgegebenam as Ausgegeben_am"]);
+
+		//? betriebsmittel are not needed in a view
+		$betriebsmittelperson_res = $this->BetriebsmittelpersonModel->getBetriebsmittel($pid);
+		if (isError($betriebsmittelperson_res)) {
+			show_error("was not able to query the table public.tbl_betriebsmittelperson:" . getData($betriebsmittelperson_res));
+		}
+		$betriebsmittelperson_res = hasData($betriebsmittelperson_res) ? getData($betriebsmittelperson_res) : null;
+		return $betriebsmittelperson_res;
+	}
+
+	/**
+	 * gets the alias of a corresponding user
+	 * @access private
+	 * @param  integer $uid the userID used to get the alias
+	 * @return string the alias of the userID
+	 */
+	private function getBenutzerAlias($uid)
+	{
+		$this->BenutzerModel->addSelect(["alias"]);
+		$benutzer_res = $this->BenutzerModel->load([$uid]);
+		if (isError($benutzer_res)) {
+			show_error("was not able to query the table public.tbl_benutzer:" . getData($benutzer_res));
+		} else {
+			$benutzer_res = hasData($benutzer_res) ? getData($benutzer_res)[0] : null;
+		}
+
+		return $benutzer_res;
+	}
+
+	/**
+	 * gets the person information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the person information
+	 * @param  integer $geburtsInfo flag wether to add the columns gebort, gebdatum, foto_sperre or not
+	 * @return array all the person informaion corresponding to a userID
+	 */
+	private function getPersonInfo($uid, $geburtsInfo = null)
+	{
+		$selectClause = ["foto", "anrede", "titelpost as postnomen", "titelpre as titel", "vorname", "nachname"];
+		/** @param integer $geburtsInfo */
+		if ($geburtsInfo) {
+			array_push($selectClause, "gebort");
+			array_push($selectClause, "gebdatum");
+			array_push($selectClause, "foto_sperre");
+		}
+		$this->BenutzerModel->addSelect($selectClause);
+		$this->BenutzerModel->addJoin("tbl_person", "person_id");
+
+		$person_res = $this->BenutzerModel->load([$uid]);
+		if (isError($person_res)) {
+			show_error("was not able to query the table public.tbl_benutzer:" . getData($person_res));
+		} else {
+			$person_res = hasData($person_res) ? getData($person_res)[0] : null;
+		}
+
+		return $person_res;
+	}
+
+	/**
+	 * gets the mitarbeiter information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the mitarbeiter information
+	 * @return array all the mitarbeiter informaion corresponding to a userID
+	 */
+	private function getMitarbeiterInfo($uid)
+	{
+		$this->MitarbeiterModel->addSelect(["kurzbz", "telefonklappe", "alias", "ort_kurzbz"]);
+		$this->MitarbeiterModel->addJoin("tbl_benutzer", "tbl_benutzer.uid = tbl_mitarbeiter.mitarbeiter_uid");
+		$mitarbeiter_res = $this->MitarbeiterModel->load($uid);
+		if (isError($mitarbeiter_res)) {
+			show_error("was not able to query the table public.tbl_mitarbeiter:" . getData($mitarbeiter_res));
+		} else {
+			$mitarbeiter_res = hasData($mitarbeiter_res) ? getData($mitarbeiter_res)[0] : null;
+		}
+
+		return $mitarbeiter_res;
+	}
+
+	/**
+	 * gets the telefon information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the telefon information
+	 * @return array all the telefon informaion corresponding to a userID
+	 */
+	private function getTelefonInfo($uid)
+	{
+		$this->MitarbeiterModel->addSelect(["kontakt"]);
+		$this->MitarbeiterModel->addJoin("tbl_kontakt", "tbl_mitarbeiter.standort_id = tbl_kontakt.standort_id");
+		$this->MitarbeiterModel->addLimit(1);
+		$telefon_res = $this->MitarbeiterModel->loadWhere(["mitarbeiter_uid" => $uid, "kontakttyp" => "telefon"]);
+		if (isError($telefon_res)) {
+			show_error("was not able to query the table public.tbl_mitarbeiter:" . getData($telefon_res));
+		}
+		$telefon_res = hasData($telefon_res) ? getData($telefon_res)[0] : null;
+		return $telefon_res;
+	}
+
+	/**
+	 * gets the student information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the student information
+	 * @return array all the student informaion corresponding to a userID
+	 */
+	private function getStudentInfo($uid)
+	{
+		$this->StudentModel->addSelect(['tbl_studiengang.bezeichnung as studiengang', 'tbl_student.semester', 'tbl_student.verband', 'tbl_student.gruppe', 'tbl_student.matrikelnr as personenkennzeichen']);
+		$this->StudentModel->addJoin('tbl_studiengang', "tbl_studiengang.studiengang_kz=tbl_student.studiengang_kz");
+
+		$student_res = $this->StudentModel->load([$uid]);
+		if (isError($student_res)) {
+			show_error("was not able to query the table public.tbl_student:" . getData($student_res));
+		}
+		$student_res = hasData($student_res) ? getData($student_res)[0] : null;
+		return $student_res;
+	}
+
+	/**
+	 * gets the profil updates corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the profil updates
+	 * @return array all the profil updates corresponding to a userID
+	 */
+	private function getProfilUpdates($uid)
+	{
+		$profilUpdates = $this->ProfilUpdateModel->getProfilUpdatesWhere(['uid' => $uid]);
+		if (isError($profilUpdates)) {
+			show_error("was not able to query the table public.tbl_profil_update:" . getData($profilUpdates));
+		}
+		$profilUpdates = hasData($profilUpdates) ? getData($profilUpdates) : null;
+		return $profilUpdates;
+	}
+
+	/**
+	 * gets the Matrikelnummer corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the Matrikelnummer
+	 * @return integer the Matrikelnummer corresponding to a userID
+	 */
+	private function getMatrikelNummer($uid)
+	{
+		$this->BenutzerModel->addSelect(["matr_nr"]);
+		$this->BenutzerModel->addJoin("tbl_person", "person_id");
+
+		$matr_res = $this->BenutzerModel->load([$uid]);
+		if (isError($matr_res)) {
+			show_error("was not able to query the table public.tbl_benutzer:" . getData($matr_res));
+		}
+		$matr_res = hasData($matr_res) ? getData($matr_res)[0] : [];
+		return $matr_res;
+	}
+
+	/**
+	 * gets the Zutrittsgruppen corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the Zutrittsgruppen
+	 * @return array all the Zutrittsgruppen corresponding to a userID
+	 */
+	private function getZutrittsgruppen($uid)
+	{
+		$this->BenutzergruppeModel->addSelect(['bezeichnung']);
+		$this->BenutzergruppeModel->addJoin('tbl_gruppe', 'gruppe_kurzbz');
+
+		$zutrittsgruppe_res = $this->BenutzergruppeModel->loadWhere(array("uid" => $uid, "zutrittssystem" => true));
+		if (isError($zutrittsgruppe_res)) {
+			show_error("was not able to query the table public.tbl_benutzergruppe:" . getData($zutrittsgruppe_res));
+		}
+		$zutrittsgruppe_res = hasData($zutrittsgruppe_res) ? getData($zutrittsgruppe_res) : null;
+		return $zutrittsgruppe_res;
+	}
+
+	/**
+	 * gets the address information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the address information
+	 * @return array all the address information corresponding to a userID
+	 */
+	private function getAdressenInfo($pid)
+	{
+		$adresse_res = $this->AdresseModel->addSelect(["adresse_id", "strasse", "tbl_adressentyp.bezeichnung as typ", "plz", "ort", "zustelladresse", "gemeinde", "nation"]);
+		$adresse_res = $this->AdresseModel->addOrder("zustelladresse", "DESC");
+		$adresse_res = $this->AdresseModel->addJoin("tbl_adressentyp", "typ=adressentyp_kurzbz");
+
+		$adresse_res = $this->AdresseModel->loadWhere(["person_id" => $pid]);
+		if (isError($adresse_res)) {
+			show_error("was not able to query the table public.tbl_adresse:" . getData($adresse_res));
+		}
+		$adresse_res = hasData($adresse_res) ? getData($adresse_res) : null;
+		return $adresse_res;
+	}
+
+	/**
+	 * gets the kontakt information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the kontakt information
+	 * @return array all the kontakt information corresponding to a userID
+	 */
+	private function getKontaktInfo($pid)
+	{
+		$this->KontaktModel->addSelect(['kontakttyp', 'kontakt_id', 'kontakt', 'tbl_kontakt.anmerkung', 'tbl_kontakt.zustellung']);
+		$this->KontaktModel->addJoin('public.tbl_standort', 'standort_id', 'LEFT');
+		$this->KontaktModel->addJoin('public.tbl_firma', 'firma_id', 'LEFT');
+		$this->KontaktModel->addOrder('kontakttyp, kontakt, tbl_kontakt.updateamum, tbl_kontakt.insertamum');
+
+		$kontakte_res = $this->KontaktModel->loadWhere(['person_id' => $pid]);
+		if (isError($kontakte_res)) {
+			show_error("was not able to query the table public.tbl_kontakt:" . getData($kontakte_res));
+		}
+		$kontakte_res = hasData($kontakte_res) ? getData($kontakte_res) : null;
+		return $kontakte_res;
+	}
+
+	/**
+	 * gets the date of issue of the FH access card corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the date of issue of the FH access card
+	 * @return string the date of issue of the FH access card corresponding to a userID
+	 */
+	private function getZutrittskarteDatum($uid)
+	{
+		$zutrittskarte_ausgegebenam = $this->BetriebsmittelpersonModel->getBetriebsmittelByUid($uid, "Zutrittskarte");
+		if (isError($zutrittskarte_ausgegebenam)) {
+			show_error("was not able to query the table wavi.tbl_bentriebsmittelperson:" . getData($zutrittskarte_ausgegebenam));
+		}
+		$zutrittskarte_ausgegebenam = hasData($zutrittskarte_ausgegebenam) ? getData($zutrittskarte_ausgegebenam)[0]->ausgegebenam : null;
+
+		//? formats date from 01-01-2000 to 01.01.2000
+		$zutrittskarte_ausgegebenam = str_replace("-", ".", $zutrittskarte_ausgegebenam);
+		return $zutrittskarte_ausgegebenam;
+	}
+
+
+}

application/controllers/Cis/ProfilUpdate.php

@@ -0,0 +1,814 @@
+<?php
+
+if (!defined('BASEPATH'))
+	exit('No direct script access allowed');
+
+/**
+ *
+ */
+class ProfilUpdate extends Auth_Controller
+{
+
+	public static $STATUS_PENDING = NULL;
+	public static $STATUS_ACCEPTED = NULL;
+	public static $STATUS_REJECTED = NULL;
+
+	public static $TOPICS = [];
+
+
+	public function __construct()
+	{
+		parent::__construct([
+			'index' => ['student/stammdaten:r', 'mitarbeiter/stammdaten:r'],
+			'id' => ['student/stammdaten:r', 'mitarbeiter/stammdaten:r'],
+			'getProfilUpdateWithPermission' => ['student/stammdaten:r', 'mitarbeiter/stammdaten:r'],
+			'acceptProfilRequest' => ['student/stammdaten:rw', 'mitarbeiter/stammdaten:rw'],
+			'denyProfilRequest' => ['student/stammdaten:rw', 'mitarbeiter/stammdaten:rw'],
+			'show' => ['basis/cis:r'],
+
+			'insertProfilRequest' => ['basis/cis:rw'],
+			'updateProfilRequest' => ['basis/cis:rw'],
+			'deleteProfilRequest' => ['basis/cis:rw'],
+			'selectProfilRequest' => ['basis/cis:r'],
+			'insertFile' => ['basis/cis:rw'],
+			'getProfilRequestFiles' => ['basis/cis:r'],
+			'getStatus' => ['basis/cis:r'],
+			'getTopic' => ['basis/cis:r'],
+		]);
+
+		$this->load->config('cis');
+
+		$this->load->model('person/Profil_update_model', 'ProfilUpdateModel');
+		$this->load->model('person/Kontakt_model', 'KontaktModel');
+		$this->load->model('person/Adresse_model', 'AdresseModel');
+		$this->load->model('person/Adressentyp_model', 'AdressenTypModel');
+		$this->load->model('person/Person_model', 'PersonModel');
+		$this->load->model('ressource/mitarbeiter_model', 'MitarbeiterModel');
+		$this->load->model('crm/Student_model', 'StudentModel');
+		$this->load->model('person/Benutzer_model', 'BenutzerModel');
+		$this->load->model('system/Sprache_model', 'SpracheModel');
+		$this->load->model('person/Profil_update_status_model', 'ProfilUpdateStatusModel');
+		$this->load->model('person/Profil_update_topic_model', 'ProfilUpdateTopicModel');
+
+		// Load language phrases
+		$this->loadPhrases(
+			array(
+				'ui',
+				'global',
+				'person',
+				'profil',
+				'profilUpdate'
+			)
+		);
+
+		$this->load->library('DmsLib');
+		$this->load->library('PermissionLib');
+
+		//? put the uid and pid inside the controller for reusability
+		$this->uid = getAuthUID();
+		$this->pid = getAuthPersonID();
+
+		// setup the ProfilUpdate states
+		$this->ProfilUpdateStatusModel->addSelect(['status_kurzbz']);
+		$status_kurzbz = $this->ProfilUpdateStatusModel->load();
+		if (hasData($status_kurzbz)) {
+			list($status_pending, $status_accepted, $status_rejected) = getData($status_kurzbz);
+
+			self::$STATUS_PENDING = $status_pending->status_kurzbz;
+			self::$STATUS_ACCEPTED = $status_accepted->status_kurzbz;
+			self::$STATUS_REJECTED = $status_rejected->status_kurzbz;
+		}
+		// setup the ProfilUpdate topics
+		$this->ProfilUpdateTopicModel->addSelect(['topic_kurzbz']);
+		$topic_kurzbz = $this->ProfilUpdateTopicModel->load();
+
+		if (hasData($topic_kurzbz)) {
+			foreach (getData($topic_kurzbz) as $topic) {
+				self::$TOPICS[$topic->topic_kurzbz] = $topic->topic_kurzbz;
+			}
+		}
+	}
+
+
+	public function index()
+	{
+		$this->load->view('Cis/ProfilUpdate');
+	}
+
+	public function id($profil_update_id = null)
+	{
+		$this->load->view('Cis/ProfilUpdate', ['profil_update_id' => $profil_update_id]);
+	}
+
+	public function getStatus()
+	{
+		echo json_encode([self::$STATUS_PENDING => self::$STATUS_PENDING, self::$STATUS_ACCEPTED => self::$STATUS_ACCEPTED, self::$STATUS_REJECTED => self::$STATUS_REJECTED]);
+	}
+
+	public function getTopic()
+	{
+		echo json_encode(self::$TOPICS);
+	}
+
+	private function sendEmail_onProfilUpdate_response($uid, $topic, $status)
+	{
+		if($this->config->item('cis_send_profil_update_mails') === false)
+		{
+			return;
+		}
+
+		$this->load->helper('hlp_sancho_helper');
+		$email = $uid . "@" . DOMAIN;
+
+
+		function languageQuery($language)
+		{
+			return "select index from public.tbl_sprache where sprache = '" + $language + "'";
+		}
+		$this->ProfilUpdateStatusModel->addSelect(["bezeichnung_mehrsprachig[(" . languageQuery('German') . ")] as status_de", "bezeichnung_mehrsprachig[(" . languageQuery('English') . ")] as status_en"]);
+		$status_translation = $this->ProfilUpdateStatusModel->loadWhere(["status_kurzbz" => $status]);
+		if (isError($status_translation)) {
+			show_error($this->p->t('profilUpdate', 'ProfilUpdateStatusTranslationError'));
+		}
+		$status_translation = hasData($status_translation) ? getData($status_translation)[0] : null;
+		if (isset($status_translation)) {
+			$mail_res = sendSanchoMail("profil_update_response", ['topic' => $topic, 'status_de' => $status_translation->status_de, 'status_en' => $status_translation->status_en, 'href' => APP_ROOT . 'Cis/Profil'], $email, ("Profil Änderung " . $this->p->t('profilUpdate', 'pending')));
+			if (!$mail_res) {
+				show_error($this->p->t('profilUpdate', 'profilUpdate_email_error'));
+			}
+		}
+
+	}
+
+
+	private function sendEmail_onProfilUpdate_insertion($uid, $profil_update_id, $topic)
+	{
+		if($this->config->item('cis_send_profil_update_mails') === false)
+		{
+			return;
+		}
+
+		$this->load->helper('hlp_sancho_helper');
+		$emails = [];
+
+		$isMitarbeiter_res = $this->MitarbeiterModel->isMitarbeiter($uid);
+		if (isError($isMitarbeiter_res)) {
+			show_error($this->p->t('profilUpdate', 'profilUpdate_mitarbeiterCheck_error'));
+		}
+		$isMitarbeiter_res = getData($isMitarbeiter_res);
+
+		//! if the $uid is a mitarbeiter and student, only the hr is notified by email
+		if ($isMitarbeiter_res) {
+			//? user is not a student therefore he is a mitarbeiter, send email to Personalverwaltung
+			//? use constant variable MAIL_GST to mail to the personalverwaltung
+			$this->MitarbeiterModel->addSelect([TRUE]);
+			$this->MitarbeiterModel->addJoin("public.tbl_benutzer", "public.tbl_benutzer.uid = public.tbl_mitarbeiter.mitarbeiter_uid");
+			//? check if the the userID is a mitarbeiter and if the benutzer is active
+			$res = $this->MitarbeiterModel->loadWhere(["public.tbl_mitarbeiter.mitarbeiter_uid" => $uid, "public.tbl_benutzer.aktiv" => TRUE]);
+			if (isError($res)) {
+				show_error("was not able to query the mitarbeiter and benutzer by the uid: " . $uid);
+			}
+			if (hasData($res)) {
+				array_push($emails, MAIL_GST);
+			} else {
+				show_error($this->p->t('profilUpdate', 'profilUpdate_mitarbeiterCheck_error'));
+			}
+		} else {
+			//? if it is not a mitarbeiter, check whether it is a student and send email to studiengang
+			$isStudent_res = $this->StudentModel->isStudent($uid);
+			if (isError($isStudent_res)) {
+				show_error($this->p->t('profilUpdate', 'profilUpdate_studentCheck_error'));
+			}
+			$isStudent_res = getData($isStudent_res);
+			if ($isStudent_res) {
+				//? Send email to the Studiengangsassistentinnen
+				$this->StudentModel->addSelect(["public.tbl_studiengang.email"]);
+				$this->StudentModel->addJoin("public.tbl_benutzer", "public.tbl_benutzer.uid = public.tbl_student.student_uid");
+				$this->StudentModel->addJoin("public.tbl_prestudent", "public.tbl_benutzer.person_id = public.tbl_prestudent.person_id");
+				$this->StudentModel->addJoin("public.tbl_prestudentstatus", "public.tbl_prestudentstatus.prestudent_id = public.tbl_prestudent.prestudent_id");
+				$this->StudentModel->addJoin("public.tbl_studiengang", "public.tbl_studiengang.studiengang_kz = public.tbl_prestudent.studiengang_kz");
+				//* check if the benutzer itself is active
+				//* check if the student status is Student or Diplomand (active students)
+				$this->StudentModel->db->where_in("public.tbl_prestudentstatus.status_kurzbz", ['Student', 'Diplomand']);
+				$res = $this->StudentModel->loadWhere(["public.tbl_benutzer.aktiv" => TRUE, "public.tbl_student.student_uid" => $uid]);
+				if (isError($res)) {
+					show_error(getData($res));
+				} else {
+					$res = hasData($res) ? getData($res) : [];
+					foreach ($res as $emailObj) {
+						array_push($emails, $emailObj->email);
+					}
+				}
+			}
+		}
+		$mail_res = [];
+		//? sending email
+		foreach ($emails as $email) {
+			array_push($mail_res, sendSanchoMail("profil_update", ['uid' => $uid, 'topic' => $topic, 'href' => APP_ROOT . 'Cis/ProfilUpdate/id/' . $profil_update_id], $email, ("Profil Änderung von " . $uid)));
+		}
+		foreach ($mail_res as $m_res) {
+			if (!$m_res) {
+				show_error($this->p->t('profilUpdate', 'profilUpdate_email_error'));
+			}
+		}
+
+	}
+
+
+	public function show($dms_id)
+	{
+
+		$profil_update = $this->ProfilUpdateModel->loadWhere(['attachment_id' => $dms_id]);
+		$profil_update = hasData($profil_update) ? getData($profil_update)[0] : null;
+
+		//? checks if an profil update exists with the dms_id requested from the user
+		if ($profil_update) {
+			$is_mitarbeiter_profil_update = getData($this->MitarbeiterModel->isMitarbeiter($profil_update->uid));
+			$is_student_profil_update = getData($this->StudentModel->isStudent($profil_update->uid));
+
+			if (
+				$this->permissionlib->isBerechtigt('student/stammdaten:r') && $is_student_profil_update ||
+				$this->permissionlib->isBerechtigt('mitarbeiter/stammdaten:r') && $is_mitarbeiter_profil_update ||
+				$this->uid == $profil_update->uid
+			) {
+				// Get file to be downloaded from DMS
+				$newFilename = $this->uid . "/document_" . $dms_id;
+				$download = $this->dmslib->download($dms_id);
+				if (isError($download))
+					return $download;
+
+				// Download file
+				$this->outputFile(getData($download));
+
+
+			} else {
+				show_error($this->p->t('profilUpdate', 'profilUpdate_permission_error'));
+				return;
+			}
+
+		} else {
+			show_error($this->p->t('profilUpdate', 'profilUpdate_dms_error'));
+			return;
+		}
+
+	}
+
+
+	public function insertFile($replace)
+	{
+		$replace = json_decode($replace);
+
+		if (!count($_FILES)) {
+			echo json_encode([]);
+			return;
+		}
+
+		//? if replace is set it contains the profil_update_id in which the attachment_id has to be replaced
+		if (isset($replace)) {
+			$this->ProfilUpdateModel->addSelect(["attachment_id"]);
+			$profilUpdate = $this->ProfilUpdateModel->load([$replace]);
+			if (isError($profilUpdate)) {
+				return json_encode(error($this->p->t('profilUpdate', 'profilUpdate_loading_error')));
+			}
+			//? get the attachmentID
+			$dms_id = hasData($profilUpdate) ? getData($profilUpdate)[0]->attachment_id : null;
+
+			//? delete old dms_file of Profil Update
+			$this->deleteOldVersionFile($dms_id);
+		}
+
+
+		$files = $_FILES['files'];
+		$file_count = count($files['name']);
+
+		$res = [];
+
+		for ($i = 0; $i < $file_count; $i++) {
+			$_FILES['files']['name'] = $files['name'][$i];
+			$_FILES['files']['type'] = $files['type'][$i];
+			$_FILES['files']['tmp_name'] = $files['tmp_name'][$i];
+			$_FILES['files']['error'] = $files['error'][$i];
+			$_FILES['files']['size'] = $files['size'][$i];
+
+			$dms = [
+				"kategorie_kurzbz" => "profil_aenderung",
+				"version" => 0,
+				"name" => $_FILES['files']['name'],
+				"mimetype" => $_FILES['files']['type'],
+				"beschreibung" => $this->uid . " Profil Änderung",
+				"insertvon" => $this->uid,
+				"insertamum" => "NOW()",
+			];
+
+			$tmp_res = $this->dmslib->upload($dms, 'files', array("jpg", "png", "pdf"));
+
+			$tmp_res = hasData($tmp_res) ? getData($tmp_res) : null;
+			array_push($res, $tmp_res);
+		}
+
+		echo json_encode($res);
+	}
+
+
+	public function selectProfilRequest()
+	{
+		$_GET = json_decode($this->input->raw_input_stream, true);
+		$uid = $this->input->get('uid');
+		$id = $this->input->get('id');
+		$whereClause = ['uid' => $this->uid];
+
+		if (isset($uid))
+			$whereClause['uid'] = $uid;
+		if (isset($id))
+			$whereClause['id'] = $id;
+
+		$res = $this->ProfilUpdateModel->getProfilUpdatesWhere($whereClause);
+		$res = hasData($res) ? getData($res) : null;
+		echo json_encode($res);
+
+	}
+
+
+	public function getProfilRequestFiles()
+	{
+		$id = json_decode($this->input->raw_input_stream);
+
+		$this->ProfilUpdateModel->addSelect(["attachment_id"]);
+		$attachmentID = $this->ProfilUpdateModel->load([$id]);
+		if (isError($attachmentID)) {
+			return json_encode(error($this->p->t('profilUpdate', 'profilUpdate_loading_error')));
+		}
+		//? get the attachmentID
+		$dms_id = hasData($attachmentID) ? getData($attachmentID)[0]->attachment_id : null;
+
+		//? get the name to the file
+		$this->DmsVersionModel->addSelect(["name", "dms_id"]);
+		$attachment = $this->DmsVersionModel->load([$dms_id, 0]);
+		if (isError($attachment)) {
+			return json_encode(error($this->p->t('profilUpdate', 'profilUpdate_dmsVersion_error')));
+		}
+		$attachment = hasData($attachment) ? getData($attachment) : null;
+		//? returns {name:..., dms_id:...}
+		echo json_encode($attachment);
+	}
+
+	public function insertProfilRequest()
+	{
+
+		$json = json_decode($this->input->raw_input_stream);
+
+		$payload = $json->payload;
+		$identifier = property_exists($json->payload, "kontakt_id") ? "kontakt_id" : (property_exists($json->payload, "adresse_id") ? "adresse_id" : null);
+
+		$data = ["topic" => $json->topic, "uid" => $this->uid, "requested_change" => json_encode($payload), "insertamum" => "NOW()", "insertvon" => $this->uid, "status" => self::$STATUS_PENDING ?: 'Pending'];
+
+		//? insert fileID in the dataset if sent with post request
+		if (isset($json->fileID)) {
+			$data['attachment_id'] = $json->fileID;
+
+		}
+
+		//? loops over all updateRequests from a user to validate if the new request is valid
+		$res = $this->ProfilUpdateModel->getProfilUpdatesWhere(["uid" => $this->uid]);
+		if (isError($res)) {
+			show_error($this->p->t('profilUpdate', 'profilUpdate_loading_error'));
+		}
+		$res = hasData($res) ? getData($res) : null;
+
+		//? the user cannot delete a zustelladresse/kontakt
+		if (isset($payload->delete) && $payload->{$identifier == "kontakt_id" ? "zustellung" : "zustelladresse"}) {
+			echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_deleteZustellung_error')));
+			return;
+		}
+
+		//? if the user tries to delete a adresse, checks whether the adresse is a heimatadresse, if so an error is raised
+		if (isset($payload->delete) && $identifier == "adresse_id") {
+			$adr = $this->AdresseModel->load($payload->$identifier);
+			$adr = getData($adr)[0];
+			if ($adr->heimatadresse) {
+				echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_deleteZustellung_error')));
+				return;
+			}
+		}
+
+		if ($res) {
+			$pending_changes = array_filter($res, function ($element) {
+				return $element->status == (self::$STATUS_PENDING ?: "Pending");
+			});
+
+			foreach ($pending_changes as $update_request) {
+				$existing_change = $update_request->requested_change;
+
+				//? the user can add as many new kontakte/adressen as he likes
+				if (!isset($payload->add) && property_exists($existing_change, $identifier) && property_exists($payload, $identifier) && $existing_change->$identifier == $payload->$identifier) {
+					//? the kontakt_id / adresse_id of a change has to be unique 
+					echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_changeTwice_error')));
+					return;
+				}
+
+				//? if it is not updating any kontakt/adresse, the topic has to be unique
+				elseif (!$identifier && $update_request->topic == $json->topic) {
+					echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_changeTopicTwice_error', ['0' => $update_request->topic])));
+					return;
+				}
+			}
+		}
+
+		$insertID = $this->ProfilUpdateModel->insert($data);
+
+		if (isError($insertID)) {
+			show_error(getData($insertID));
+		} else {
+			$insertID = hasData($insertID) ? getData($insertID) : null;
+
+			//? sends emails to the correspondents of the $uid
+			$this->sendEmail_onProfilUpdate_insertion($this->uid, $insertID, $json->topic);
+			echo json_encode(success($insertID));
+		}
+	}
+
+	public function updateProfilRequest()
+	{
+		$json = json_decode($this->input->raw_input_stream);
+
+		$updateData = ["requested_change" => json_encode($json->payload), "updateamum" => "NOW()", "updatevon" => $this->uid];
+		if (isset($json->fileID)) {
+			$updateData['attachment_id'] = json_decode($json->fileID);
+		}
+		$updateID = $this->ProfilUpdateModel->update([$json->ID], $updateData);
+		//? insert fileID in the dataset if sent with post request
+
+		if (isError($updateID)) {
+			//catch error
+		} else {
+			$updateID = hasData($updateID) ? getData($updateID)[0] : null;
+			//TODO: should an email be sent to the responsable people when the user changes his profil update
+			echo json_encode(success($updateID));
+		}
+	}
+
+	public function deleteProfilRequest()
+	{
+
+		$json = json_decode($this->input->raw_input_stream);
+		$delete_res = $this->ProfilUpdateModel->delete([$json]);
+		echo json_encode($delete_res);
+	}
+
+
+	public function getProfilUpdateWithPermission($status = null)
+	{
+		// early return if no status has been passed as argument
+		if (!isset($status)) {
+			echo json_encode($this->ProfilUpdateModel->getProfilUpdateWithPermission());
+			return;
+		}
+
+		// get the sprache of the user
+		$sprachenIndex = $this->SpracheModel->loadWhere(["sprache" => getUserLanguage()]);
+		$sprachenIndex = hasData($sprachenIndex) ? getData($sprachenIndex)[0]->index : null;
+
+		if (isset($sprachenIndex) && isset($status)) {
+			// get the corresponding status kurz_bz primary key out of the translation
+			$status = $this->ProfilUpdateStatusModel->execReadOnlyQuery("select * from public.tbl_profil_update_status where ? = ANY(bezeichnung_mehrsprachig)", [$status]);
+			$status = hasData($status) ? getData($status)[0]->status_kurzbz : null;
+			$res = $this->ProfilUpdateModel->getProfilUpdateWithPermission(isset($status) ? ['status' => $status] : null);
+
+			echo json_encode($res);
+		}
+	}
+
+
+
+	private function getOE_from_student($student_uid)
+	{
+
+		//? returns the oe_einheit eines Studenten 
+		$query = "SELECT public.tbl_studiengang.oe_kurzbz
+		FROM public.tbl_student
+		JOIN public.tbl_studiengang ON tbl_student.studiengang_kz = public.tbl_studiengang.studiengang_kz
+		WHERE public.tbl_student.student_uid = ?;";
+
+		$res = $this->StudentModel->execReadOnlyQuery($query, [$student_uid]);
+		if (!isSuccess($res)) {
+			show_error($this->p->t('profilUpdate', 'profilUpdate_loadingOE_error'));
+		}
+		$res = hasData($res) ? getData($res) : [];
+		$res = array_map(
+			function ($item) {
+				return $item->oe_kurzbz;
+			},
+			$res
+		);
+		return $res;
+	}
+
+
+	public function acceptProfilRequest()
+	{
+		$_POST = json_decode($this->input->raw_input_stream, true);
+		$id = $this->input->post('profil_update_id', true);
+		$uid = $this->input->post('uid', true);
+
+		//? fetching person_id using UID
+		$personID = $this->PersonModel->getByUid($uid);
+		$personID = hasData($personID) ? getData($personID)[0]->person_id : null;
+		$status_message = $this->input->post('status_message', true);
+		$topic = $this->input->post('topic', true);
+
+		//! somehow the xss check converted boolean false to empty string
+		$requested_change = $this->input->post('requested_change');
+
+		//! check for required information
+		if (!isset($id) || !isset($uid) || !isset($personID) || !isset($requested_change) || !isset($topic)) {
+			return json_encode(error($this->p->t('profilUpdate', 'profilUpdate_requiredInformation_error')));
+		}
+
+		$is_mitarbeiter_profil_update = getData($this->MitarbeiterModel->isMitarbeiter($uid));
+		$is_student_profil_update = getData($this->StudentModel->isStudent($uid));
+
+
+		//? check if the permissions are set correctly
+		if (
+			$this->permissionlib->isBerechtigt('student/stammdaten', "suid", $this->getOE_from_student($uid)) && $is_student_profil_update ||
+			$this->permissionlib->isBerechtigt('mitarbeiter/stammdaten', "suid") && $is_mitarbeiter_profil_update
+		) {
+
+			if (is_array($requested_change) && array_key_exists("adresse_id", $requested_change)) {
+				$insertID = $this->handleAdresse($requested_change, $personID);
+				$insertID = hasData($insertID) ? getData($insertID) : null;
+				if (isset($insertID)) {
+					$requested_change['adresse_id'] = $insertID;
+					$update_res = $this->updateRequestedChange($id, $requested_change);
+					if (isError($update_res)) {
+						echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_address_error', [$insertID])));
+						return;
+					}
+				}
+
+			} else if (is_array($requested_change) && array_key_exists("kontakt_id", $requested_change)) {
+				$insertID = $this->handleKontakt($requested_change, $personID);
+				$insertID = hasData($insertID) ? getData($insertID) : null;
+				if (isset($insertID)) {
+					$requested_change['kontakt_id'] = $insertID;
+					$update_res = $this->updateRequestedChange($id, $requested_change);
+					if (isError($update_res)) {
+						echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_kontakt_error', [$insertID])));
+						return;
+					}
+				}
+
+
+			} else {
+				switch ($topic) {
+					// mapping phrasen to database columns to make the update with the correct column names
+					case self::$TOPICS['Titel']:
+						$topic = "titelpre";
+						break;
+					case self::$TOPICS['Postnomen']:
+						$topic = "titelpost";
+						break;
+					case self::$TOPICS['Vorname']:
+						$topic = "vorname";
+						break;
+					case self::$TOPICS['Nachname']:
+						$topic = "nachname";
+						break;
+					default:
+						show_error($this->p->t('profilUpdate', 'profilUpdate_topic_error', [$topic]));
+						return;
+				}
+
+				$result = $this->PersonModel->update($personID, [$topic => $requested_change["value"]]);
+				if (isError($result)) {
+					echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_insert_error')));
+					return;
+				}
+			}
+			$this->sendEmail_onProfilUpdate_response($uid, $topic, self::$STATUS_ACCEPTED);
+
+			echo json_encode($this->setStatusOnUpdateRequest($id, self::$STATUS_ACCEPTED, $status_message, $requested_change));
+		} else {
+			show_error($this->p->t('profilUpdate', 'profilUpdate_permission_error'));
+		}
+
+
+	}
+
+	public function denyProfilRequest()
+	{
+
+		$_POST = json_decode($this->input->raw_input_stream, true);
+		$id = $this->input->post('profil_update_id', true);
+		$uid = $this->input->post('uid', true);
+		$topic = $this->input->post('topic', true);
+		$status_message = $this->input->post('status_message', true);
+
+		$is_mitarbeiter_profil_update = getData($this->MitarbeiterModel->isMitarbeiter($uid));
+		$is_student_profil_update = getData($this->StudentModel->isStudent($uid));
+
+
+		if (
+			$this->permissionlib->isBerechtigt('student/stammdaten', "suid", $this->getOE_from_student($uid)) && $is_student_profil_update ||
+			$this->permissionlib->isBerechtigt('mitarbeiter/stammdaten', "suid") && $is_mitarbeiter_profil_update
+		) {
+			$this->sendEmail_onProfilUpdate_response($uid, $topic, self::$STATUS_REJECTED);
+			echo json_encode($this->setStatusOnUpdateRequest($id, self::$STATUS_REJECTED, $status_message));
+		} else {
+			show_error($this->p->t('profilUpdate', 'profilUpdate_permission_error'));
+		}
+
+
+	}
+
+	private function updateRequestedChange($id, $requested_change)
+	{
+		return $this->ProfilUpdateModel->update([$id], ['requested_change' => json_encode($requested_change)]);
+	}
+
+	private function setStatusOnUpdateRequest($id, $status, $status_message)
+	{
+		return $this->ProfilUpdateModel->update([$id], ["status" => $status, "status_timestamp" => "NOW()", "status_message" => $status_message]);
+	}
+
+	private function deleteOldVersionFile($dms_id)
+	{
+		if (!isset($dms_id)) {
+			return;
+		}
+
+		//? collect all the results of the deleted versions in an array 
+		$res = array();
+
+		//? delete all the different versions of the dms_file
+		$dmsVersions = $this->DmsVersionModel->loadWhere(["dms_id" => $dms_id]);
+		$dmsVersions = hasData($dmsVersions) ? getData($dmsVersions) : null;
+		if (isset($dmsVersions)) {
+			$zwischen_res = array_map(function ($item) {
+				return $item->version;
+			}, $dmsVersions);
+			foreach ($zwischen_res as $version) {
+				array_push($res, $this->DmsVersionModel->delete([$dms_id, $version]));
+			}
+		} else {
+			echo json_encode(error($this->p->t('profilUpdate', 'profilUpdate_dmsVersion_error')));
+		}
+
+		//? returns a result for each deleted dms_file
+		return $res;
+	}
+
+
+	private function handleKontakt($requested_change, $personID)
+	{
+		$kontakt_id = $requested_change["kontakt_id"];
+		//? removes the kontakt_id because we don't want to update the kontakt_id in the database
+		unset($requested_change["kontakt_id"]);
+
+
+		//! ADD
+		if (array_key_exists('add', $requested_change) && $requested_change['add']) {
+			//? removes add flag
+			unset($requested_change['add']);
+			$requested_change['person_id'] = $personID;
+			$requested_change['insertamum'] = "NOW()";
+			$requested_change['insertvon'] = getAuthUID();
+			$insertID = $this->KontaktModel->insert($requested_change);
+			$insert_kontakt_id = $insertID;
+			if (isError($insert_kontakt_id)) {
+				show_error($this->p->t('profilUpdate', 'profilUpdate_insertKontakt_error'));
+			}
+			$insert_kontakt_id = hasData($insert_kontakt_id) ? getData($insert_kontakt_id) : null;
+			if ($insert_kontakt_id) {
+				$this->handleDupplicateZustellKontakte($requested_change['zustellung'], $insert_kontakt_id);
+			}
+
+
+		}
+		//! DELETE
+		elseif (array_key_exists('delete', $requested_change) && $requested_change['delete']) {
+			$this->KontaktModel->delete($kontakt_id);
+		}
+		//! UPDATE
+		else {
+			$requested_change['updateamum'] = "NOW()";
+			$requested_change['updatevon'] = getAuthUID();
+
+			$update_kontakt_id = $this->KontaktModel->update($kontakt_id, $requested_change);
+
+			if (isError($update_kontakt_id)) {
+				show_error($this->p->t('profilUpdate', 'profilUpdate_updateKontakt_error'));
+			}
+			$update_kontakt_id = hasData($update_kontakt_id) ? getData($update_kontakt_id) : null;
+			if ($update_kontakt_id) {
+				$this->handleDupplicateZustellKontakte($requested_change['zustellung'], $update_kontakt_id);
+			}
+		}
+		return isset($insertID) ? $insertID : null;
+	}
+
+	private function handleAdresse($requested_change, $personID)
+	{
+
+		$this->AdressenTypModel->addSelect(["adressentyp_kurzbz"]);
+		$adr_kurzbz = $this->AdressenTypModel->loadWhere(["bezeichnung" => $requested_change['typ']]);
+		$adr_kurzbz = hasData($adr_kurzbz) ? getData($adr_kurzbz)[0]->adressentyp_kurzbz : null;
+		//? replace the address_typ with its correct kurzbz foreign key
+		$requested_change['typ'] = $adr_kurzbz;
+
+		$adresse_id = $requested_change["adresse_id"];
+		//? removes the adresse_id because we don't want to update the kontakt_id in the database
+		unset($requested_change["adresse_id"]);
+
+
+		//! ADD
+		if (array_key_exists('add', $requested_change) && $requested_change['add']) {
+
+			//? removes add flag
+			unset($requested_change['add']);
+			$requested_change['insertamum'] = "NOW()";
+			$requested_change['insertvon'] = getAuthUID();
+			$requested_change['person_id'] = $personID;
+			//TODO: zustelladresse, heimatadresse, rechnungsadresse und nation werden nicht beachtet
+			$insertID = $this->AdresseModel->insert($requested_change);
+			$insert_adresse_id = $insertID;
+			if (isError($insert_adresse_id)) {
+				show_error($this->p->t('profilUpdate', 'profilUpdate_insertAdresse_error'));
+			}
+			$insert_adresse_id = hasData($insert_adresse_id) ? getData($insert_adresse_id) : null;
+			if ($insert_adresse_id) {
+				$this->handleDupplicateZustellAdressen($requested_change['zustelladresse'], $insert_adresse_id);
+			}
+
+		}
+		//! DELETE
+		elseif (array_key_exists('delete', $requested_change) && $requested_change['delete']) {
+			$this->AdresseModel->delete($adresse_id);
+		}
+		//! UPDATE
+		else {
+			$requested_change['updateamum'] = "NOW()";
+			$requested_change['updatevon'] = getAuthUID();
+			$update_adresse_id = $this->AdresseModel->update($adresse_id, $requested_change);
+			if (isError($update_adresse_id)) {
+				show_error($this->p->t('profilUpdate', 'profilUpdate_updateAdresse_error'));
+			}
+			$update_adresse_id = hasData($update_adresse_id) ? getData($update_adresse_id) : null;
+			if ($update_adresse_id) {
+				$this->handleDupplicateZustellAdressen($requested_change['zustelladresse'], $update_adresse_id);
+			}
+		}
+		return isset($insertID) ? $insertID : null;
+	}
+
+
+	private function handleDupplicateZustellKontakte($zustellung, $kontakt_id)
+	{
+		if ($zustellung) {
+			$this->PersonModel->addSelect("public.tbl_kontakt.kontakt_id");
+			$this->PersonModel->addJoin("public.tbl_kontakt", "public.tbl_kontakt.person_id = public.tbl_person.person_id");
+			$zustellKontakteArray = $this->PersonModel->loadWhere(["public.tbl_person.person_id" => $this->pid, "zustellung" => TRUE]);
+			if (!isSuccess($zustellKontakteArray)) {
+				return error($this->p->t('profilUpdate', 'profilUpdate_loadingZustellkontakte_error'));
+			}
+			$zustellKontakteArray = hasData($zustellKontakteArray) ? getData($zustellKontakteArray) : null;
+
+			if ($zustellung && count($zustellKontakteArray) > 0) {
+				$zustellKontakteArray = array_filter($zustellKontakteArray, function ($kontakt) use ($kontakt_id) {
+					return $kontakt->kontakt_id != $kontakt_id;
+				});
+				foreach ($zustellKontakteArray as $kontakt) {
+					$this->KontaktModel->update($kontakt->kontakt_id, ["zustellung" => FALSE]);
+				}
+
+			}
+		}
+	}
+
+	private function handleDupplicateZustellAdressen($zustellung, $adresse_id)
+	{
+		if ($zustellung) {
+			$this->PersonModel->addSelect("public.tbl_adresse.adresse_id");
+			$this->PersonModel->addJoin("public.tbl_adresse", "public.tbl_adresse.person_id = public.tbl_person.person_id");
+			$zustellAdressenArray = $this->PersonModel->loadWhere(["public.tbl_person.person_id" => $this->pid, "zustelladresse" => TRUE]);
+			if (!isSuccess($zustellAdressenArray)) {
+				return error($this->p->t('profilUpdate', 'profilUpdate_loadingZustellAdressen_error'));
+			}
+			$zustellAdressenArray = hasData($zustellAdressenArray) ? getData($zustellAdressenArray) : null;
+
+			if ($zustellung && count($zustellAdressenArray) > 0) {
+
+				$zustellAdressenArray = array_filter($zustellAdressenArray, function ($adresse) use ($adresse_id) {
+
+					return $adresse->adresse_id != $adresse_id;
+				});
+				foreach ($zustellAdressenArray as $adresse) {
+					$this->AdresseModel->update($adresse->adresse_id, ["zustelladresse" => FALSE]);
+				}
+
+			}
+		}
+	}
+
+
+}

application/controllers/Cis/Pub.php

@@ -0,0 +1,167 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+ 
+/**
+ *
+ */
+class Pub extends Auth_Controller
+{
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct(
+		    array(
+			'bild' => ['basis/cis:r']
+		    )
+		);
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * @param string	$source [person|akte]
+	 * @param integer	$id
+	 * @return void
+	 */
+	public function bild($source, $id)
+	{
+		$this->load->model('person/Person_model', 'PersonModel');
+
+		$person_id_user = '';
+		$serverzugriff = false;
+
+		// Wenn das Bild direkt aufgerufen wird, ist eine Authentifizierung erforderlich
+		// Wenn es vom Server selbst aufgerufen wird, ist keine Auth. notwendig
+		// (z.B. fuer die Erstellung von PDFs)
+		if ($_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) {
+			// Wenn Session gesetzt ist, keine Abfrage, da diese Personen noch keine UID haben
+			
+			if (isset($_SESSION['incoming/user'])) { // Von Incomingtool
+				$result = $this->PersonModel->loadWhere([
+					'zugangscode' => $_SESSION['incoming/user']
+				]);
+				if (hasData($result))
+					$person_id_user = current(getData($result))->person_id;
+			} elseif (isset($_SESSION['prestudent/user'])) { // Von Prestudententool
+				$result = $this->PersonModel->loadWhere([
+					'zugangscode' => $_SESSION['prestudent/user']
+				]);
+				if (hasData($result))
+					$person_id_user = current(getData($result))->person_id;
+			} elseif (isset($_SESSION['bewerbung/personId'])) { // Von Bewerbungstool
+				$person_id_user = $_SESSION['bewerbung/personId'];
+			} else {
+				$person_id_user = getAuthPersonId();
+			}
+		} else {
+			$serverzugriff = true;
+		}
+
+		// Default Bild (Dummy Profilbild)
+		$cTmpHEX = base64_encode(file_get_contents(FHCPATH . 'skin/images/profilbild_dummy.jpg'));
+
+		if ($source == 'person' && $id) {
+			$foto_gesperrt = false;
+			// Person laden und Fotosperre überprüfen
+			$result = $this->PersonModel->load($id);
+			if (hasData($result)) {
+				$person = current(getData($result));
+				if ($person->foto_sperre) {
+					// Wenn der User selbst darauf zugreift darf er das Bild sehen
+					$foto_gesperrt = ($person_id_user != $id);
+				} elseif (!$person_id_user && !$serverzugriff) {
+					$foto_gesperrt = true;
+				}
+
+				if ($person->foto && !$foto_gesperrt) {
+					$cTmpHEX = base64_decode($person->foto);
+				}
+			}
+		}
+		if($source == 'akte' && $id != '')
+		{
+			$this->load->model('crm/Akte_model', 'AkteModel');
+
+			$this->AkteModel->addJoin('public.tbl_person', 'person_id');
+			$result = $this->AkteModel->loadWhere([
+				'person_id' => $id,
+				'dokument_kurzbz' => 'Lichtbil'
+			]);
+
+			if (hasData($result)) {
+				$foto_gesperrt = false;
+
+				$akte = current(getData($result));
+				if ($akte->foto_sperre) {
+					// Wenn der User selbst darauf zugreift darf er das Bild sehen
+					$foto_gesperrt = ($person_id_user != $id);
+				} elseif (!$person_id_user && !$serverzugriff) {
+					$foto_gesperrt = true;
+				}
+
+				// Wenn das Foto nicht im Inhalt steht wird aus aus dem DMS geladen
+				if (!$akte->inhalt && $akte->dms_id) {
+					$this->load->model('content/Dms_model', 'DmsModel');
+					$this->load->model('content/DmsVersion_model', 'DmsVersionModel');
+
+					$this->DmsModel->addJoin('campus.tbl_dms_version', 'dms_id');
+					$this->DmsModel->addOrder('version', 'DESC');
+					$this->DmsModel->addLimit(1);
+					$result = $this->DmsModel->load($akte->dms_id);
+
+					if (!hasData($result))
+						die('Kein Dokument vorhanden');
+
+					$dms = current(getData($result));
+
+					$filename = DMS_PATH . $dms->filename;
+
+					$this->DmsVersionModel->update([
+						'dms_id' => $dms->dms_id,
+						'version' => $dms->version
+					], [
+						'letzterzugriff' => date('c')
+					]);
+
+					if (file_exists($filename)) {
+						$handle = fopen($filename, "r");
+						if ($handle) {
+							while (!feof($handle)) {
+								$akte->inhalt .= fread($handle, 8192);
+							}
+							fclose($handle);
+						} else {
+							echo 'Fehler: Datei konnte nicht geoeffnet werden';
+						}
+					} else {
+						echo 'Die Datei existiert nicht';
+					}
+				}
+
+				if ($akte->inhalt && !$foto_gesperrt) {
+					$cTmpHEX = $akte->inhalt;
+				}
+			}
+		}
+
+		// die bilder werden, sofern es funktioniert, in jpg umgewandelt da es sonst zu fehlern beim erstellen
+		// von pdfs kommen kann.
+
+		$im = @imagecreatefromstring(base64_decode($cTmpHEX));
+		if ($im) {
+			@ob_clean();
+			header("Content-type: image/jpeg");
+			exit(imagejpeg($im));
+		} else {
+			// bei manchen Bildern funktioniert die konvertierung nicht
+			// diese werden dann einfach so angezeigt.
+			@ob_clean();
+			header("Content-type: image/gif");
+			exit($cTmpHEX);
+		}
+	}
+}

application/controllers/Cis/Stundenplan.php

@@ -0,0 +1,30 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ *
+ */
+class Stundenplan extends Auth_Controller
+{
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'index' => ['basis/cis:r']
+		]);
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * @return void
+	 */
+	public function index()
+	{
+		$this->load->view('Cis/Stundenplan');
+	}
+}

application/controllers/Cis4.php

@@ -0,0 +1,41 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ *
+ */
+class Cis4 extends Auth_Controller
+{
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct(
+		    array(
+			'index' => 'basis/cis:r'
+		    )
+		);
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * @return void
+	 */
+	public function index()
+	{
+		$this->load->model('person/Person_model','PersonModel');
+		$personData = getData($this->PersonModel->getByUid(getAuthUID()))[0];
+		
+		$viewData = array(
+			'uid' => getAuthUID(),
+			'name' => $personData->vorname,
+			'person_id' => $personData->person_id
+		);
+
+		$this->load->view('CisVue/Dashboard.php',['viewData' => $viewData]);
+	}
+}

application/controllers/CisVue/Cms.php

@@ -0,0 +1,127 @@
+<?php
+
+if (!defined('BASEPATH'))
+	exit('No direct script access allowed');
+
+/**
+ *
+ */
+class Cms extends Auth_Controller
+{
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct(
+		    array(
+			'content' => 'basis/cis:r',
+			'getNews' => 'basis/cis:r',
+			'getNewsRowCount' => 'basis/cis:r',
+			'getRoomInformation' => 'basis/cis:r',
+			'news' => 'basis/cis:r'
+		    )
+		);
+
+		// Loads Libraries
+		$this->load->library('CmsLib');
+
+		// Loads phrases system
+		$this->loadPhrases([
+			'global'
+		]);
+
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * @param int		$content_id
+	 * @param int		$version
+	 * @param string	$sprache
+	 * @param boolean	$sichtbar
+	 *
+	 * @return void
+	 */
+	public function content($content_id, $version = null, $sprache = null, $sichtbar = true)
+	{
+		// return early if the content_id for the content is missing
+		if (!isset($content_id))
+			$this->terminateWithError("content_id is missing");
+
+		$content = $this->ContentModel->load($content_id);
+		if (isError($content))
+			$this->terminateWithError(getError($content));
+
+		$content = getData($content);
+		if (NULL === $content)
+			$this->terminateWithError("Content not found");
+
+		$content = current($content);
+
+		$this->load->view('CisVue/Cms/Content', ['content_id' => $content_id, 'template_kurzbz' => $content->template_kurzbz, 'version' => $version, 'sprache' => $sprache, 'sichtbar' => $sichtbar]);
+	}
+
+	/**
+	 * @param boolean			$infoscreen
+	 * @param string | null		$studiengang_kz
+	 * @param int | null		$semester
+	 * @param boolean			$mischen
+	 * @param string			$titel
+	 * @param boolean			$edit
+	 * @param boolean			$sichtbar
+	 *
+	 * @return void
+	 */
+	public function news($infoscreen = false, $studiengang_kz = null, $semester = null, $mischen = true, $titel = '', $edit = false, $sichtbar = true)
+	{
+		$this->load->view('CisVue/Cms/Content', ['infoscreen' => $infoscreen, 'studiengang_kz' => $studiengang_kz, 'semester' => $semester, 'mischen' => $mischen, 'titel' => $titel, 'edit' => $edit, 'sichtbar' => $sichtbar]);
+	}
+
+	public function getNews($infoscreen = false, $studiengang_kz = null, $semester = null, $mischen = true, $titel = '', $edit = false, $sichtbar = true)
+	{
+		$get_page = intval($this->input->get('page', true));
+		$get_page_size = intval($this->input->get('page_size', true));
+		if ($get_page) {
+			$page = $get_page;
+		}
+		if ($get_page_size) {
+			$page_size = $get_page_size;
+		} else {
+			$page_size = $this->page_size;
+		}
+		$news = $this->cmslib->getNews($infoscreen, $studiengang_kz, $semester, $mischen, $titel, $edit, $sichtbar, $page, $page_size);
+
+		if (isError($news)) {
+			$this->terminateWithJsonError(getError($news));
+		}
+		$news = hasData($news) ? getData($news) : null;
+		if ($news) {
+			echo json_encode($news);
+		} else {
+			show_error("News: No data found");
+		}
+
+	}
+
+	public function getNewsRowCount($infoscreen = false, $studiengang_kz = null, $semester = null, $mischen = true, $titel = '', $fachbereich_kurzbz = null, $maxalter = 0, $edit = false, $sichtbar = true, $page = 1, $page_size = 10)
+	{
+		list($studiengang_kz, $semester) = $this->cmslib->getStgAndSem($studiengang_kz, $semester);
+		$all = $edit;
+		$num_rows = $this->NewsModel->countNewsWithContent(getSprache(), $studiengang_kz, $semester, $fachbereich_kurzbz, $sichtbar, $maxalter, $page, $this->page_size, $all, $mischen);
+		if (isError($num_rows)) {
+			$this->terminateWithJsonError(getError($num_rows));
+		}
+		$num_rows = hasData($num_rows) ? getData($num_rows) : null;
+		if ($num_rows) {
+			echo json_encode($num_rows);
+		} else {
+			show_error("News number rows: No data found");
+		}
+	}
+
+	public function getRoomInformation($ort_kurzbz){
+		$this->load->view('CisVue/Cms/RoomInformation',['ort_kurzbz'=>$ort_kurzbz]);
+	}
+}

application/controllers/CisVue/Dashboard.php

@@ -0,0 +1,45 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ *
+ */
+class Dashboard extends Auth_Controller
+{
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct(
+			array(
+				'index' => 'dashboard/benutzer:r'
+			)
+		);
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * @return void
+	 */
+	public function index()
+	{
+
+		$this->load->model('person/Person_model','PersonModel');
+		$begruesung = $this->PersonModel->getFirstName(getAuthUID());
+		if(isError($begruesung))
+		{
+			show_error("name couldn't be loaded for username ".getAuthUID());
+		}
+		$begruesung = getData($begruesung);
+		$viewData = array(
+			'name' => $begruesung
+		);
+		
+		$this->load->view('CisVue/Dashboard.php', ['viewData' => $viewData]);
+
+	}
+}

application/controllers/Studentenverwaltung.php

@@ -0,0 +1,40 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class Studentenverwaltung extends Auth_Controller
+{
+	public function __construct()
+	{
+		$permissions = [];
+		$router = load_class('Router');
+		$permissions[$router->method] = ['admin:r', 'assistenz:r'];
+		parent::__construct($permissions);
+
+		// Load Libraries
+		$this->load->library('VariableLib', ['uid' => getAuthUID()]);
+	}
+
+	/**
+	 * @return void
+	 */
+	public function _remap()
+	{
+		$this->load->view('Studentenverwaltung', [
+			'permissions' => [
+				'student/bpk' => $this->permissionlib->isBerechtigt('student/bpk'),
+				'student/alias' => $this->permissionlib->isBerechtigt('student/alias'),
+				'basis/prestudent' => $this->permissionlib->isBerechtigt('basis/prestudent'),
+				'basis/prestudentstatus' => $this->permissionlib->isBerechtigt('basis/prestudentstatus'),
+				'assistenz_stgs' => $this->permissionlib->getSTG_isEntitledFor('assistenz'),
+				'admin' => $this->permissionlib->isBerechtigt('admin'),
+				'assistenz_schreibrechte' => $this->permissionlib->isBerechtigt('assistenz','suid'),
+				'student/keine_studstatuspruefung' => $this->permissionlib->isBerechtigt('student/keine_studstatuspruefung'),
+				'lehre/reihungstestAufsicht' => $this->permissionlib->isBerechtigt('lehre/reihungstestAufsicht')
+			],
+			'variables' => [
+				'semester_aktuell' => $this->variablelib->getVar('semester_aktuell')
+			]
+		]);
+	}
+}

application/controllers/api/frontend/fas/studstatus/Wiederholung.php

@@ -0,0 +1,163 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+
+/**
+ * This controller operates between (interface) the JS (FAS) and the AntragLib (back-end)
+ * This controller works with calls on the HTTP GET or POST and the output is always RDF
+ */
+class Wiederholung extends Auth_Controller
+{
+
+	/**
+	 * Calls the parent's constructor and loads the FilterCmptLib
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'getLvs' => ['student/studierendenantrag:r', 'student/noten:r'],
+			'moveLvsToZeugnis' => ['student/studierendenantrag:w', 'student/noten:w']
+		]);
+
+		// Libraries
+		$this->load->library('AntragLib');
+
+		// Load language phrases
+		$this->loadPhrases([
+			'global',
+			'studierendenantrag'
+		]);
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	public function getLvs($prestudent_id)
+	{
+		// header für no cache
+		$this->output->set_header("Cache-Control: no-cache");
+		$this->output->set_header("Cache-Control: post-check=0, pre-check=0", false);
+		$this->output->set_header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+		$this->output->set_header("Pragma: no-cache");
+		$this->output->set_header("Content-type: application/xhtml+xml");
+
+		$this->load->library('VariableLib', ['uid' => getAuthUID()]);
+		$sem_akt = $this->variablelib->getVar('semester_aktuell');
+
+
+		$result = $this->antraglib->getLvsForPrestudent($prestudent_id, $sem_akt);
+		if (isError($result))
+			return $result;
+		$lvs = $result->retval;
+
+		$rdf_url = 'http://www.technikum-wien.at/antragnote';
+
+		$this->load->view('lehre/Antrag/Wiederholung/getLvs.rdf.php', [
+			'url' => $rdf_url,
+			'lvs' => $lvs
+		]);
+	}
+
+	public function moveLvsToZeugnis()
+	{
+		$anzahl = $this->input->post('anzahl');
+		$student_uid = $this->input->post('student_uid');
+		$this->load->model('education/Studierendenantraglehrveranstaltung_model', 'StudierendenantraglehrveranstaltungModel');
+		$this->load->model('education/Zeugnisnote_model', 'ZeugnisnoteModel');
+
+		$errormsg = array();
+
+		for($i=0; $i<$anzahl; $i++)
+		{
+			$id = $this->input->post('studierendenantrag_lehrveranstaltung_id_' . $i);
+			$result =$this->StudierendenantraglehrveranstaltungModel->load($id);
+			if(isError($result))
+			{
+				$errormsg[] = getError($result);
+			}
+			elseif(!hasData($result))
+			{
+				$errormsg[] = $this->p->t('studierendenantrag', 'error_no_lv_in_application');
+			}
+			else
+			{
+				$antragLv = getData($result)[0];
+				$result= $this->ZeugnisnoteModel->load([
+					'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id,
+					'student_uid'=> $student_uid,
+					'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz
+				]);
+				if(isError($result))
+				{
+					$errormsg[] = getError($result);
+				}
+				else
+				{
+					if (hasData($result))
+					{
+						$result = $this->ZeugnisnoteModel->update(
+							[
+								'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id,
+								'student_uid'=> $student_uid,
+								'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz
+							],
+							[
+								'note'=> $antragLv->note,
+								'uebernahmedatum' => date('c'),
+								'benotungsdatum' => $antragLv->insertamum,
+								'updateamum' => date('c'),
+								'bemerkung'=>$antragLv->anmerkung,
+								'updatevon'=>getAuthUID()
+							]
+						);
+					}
+					else
+					{
+						$result = $this->ZeugnisnoteModel->insert([
+							'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id,
+							'student_uid'=> $student_uid,
+							'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz,
+							'note'=> $antragLv->note,
+							'uebernahmedatum' => date('c'),
+							'benotungsdatum' => $antragLv->insertamum,
+							'insertamum' => date('c'),
+							'bemerkung'=>$antragLv->anmerkung,
+							'insertvon'=>getAuthUID()
+						]);
+					}
+					if(isError($result))
+					{
+						$errormsg[] = getError($result);
+					}
+				}
+			}
+		}
+
+		if($errormsg)
+			$return = false;
+		else
+			$return = true;
+
+		$this->load->view('lehre/Antrag/Wiederholung/moveLvs.rdf.php', [
+			'return' => $return,
+			'errormsg' => $errormsg
+		]);
+	}
+}

application/controllers/api/frontend/v1/Ampeln.php

@@ -0,0 +1,145 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+
+class Ampeln extends FHCAPI_Controller
+{
+
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'open' => self::PERM_LOGGED,
+			'all' => self::PERM_LOGGED,
+			'confirm' => self::PERM_LOGGED,
+			'alleAmpeln' => self::PERM_LOGGED,
+		]);
+
+		$this->load->model('content/Ampel_model', 'AmpelModel');
+		$this->load->model('system/Sprache_model', 'SpracheModel');
+
+		$this->uid = getAuthUID();
+		$this->pid = getAuthPersonID();
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * confirms ampel and inserts ampel_id in public.tbl_ampel_benutzer_bestaetigt
+	 * @access public
+	 *
+	 */
+	public function confirm($ampel_id)
+	{
+		$this->load->library('form_validation');
+		$this->form_validation->set_data(['ampel_id'=> $ampel_id]);
+		$this->form_validation->set_rules('ampel_id', 'Ampel ID', 'required|integer');
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		// load Ampel_benutzer_bestaetigt_model to confirm the ampel
+		$this->load->model('content/Ampel_Benutzer_Bestaetigt_model', 'AmpelBenutzerBestaetigtModel');
+		$insert_into_result = $this->AmpelBenutzerBestaetigtModel->insert(["ampel_id"=> $ampel_id, "uid"=> $this->uid]);
+
+		$insert_into_result = $this->getDataOrTerminateWithError($insert_into_result);
+
+		$this->terminateWithSuccess($insert_into_result);
+	}
+	
+	/**
+	 * queries active and not confirmed ampeln by the user
+	 * @access public
+	 *
+	 */
+	public function open()
+	{
+		$userAmpeln = array();
+
+		// fetch active ampeln
+		$activeAmpeln = $this->AmpelModel->openActive($this->uid, false);
+		
+		$activeAmpeln = $this->getDataOrTerminateWithError($activeAmpeln);
+
+		foreach ($activeAmpeln as $ampel) {
+			// only include non confirmed active ampeln in the result
+			if (!$ampel->bestaetigt) {
+				// check if the user was assigned to the ampel
+				$zugeteilt = $this->AmpelModel->isZugeteilt($this->uid, $ampel->benutzer_select);
+
+				$zugeteilt = $this->getDataOrTerminateWithError($zugeteilt);
+
+				if($zugeteilt) $userAmpeln[] = $ampel;
+			}
+		}
+		
+		$this->terminateWithSuccess($userAmpeln);
+	}
+
+	/**
+	 * queries all ampeln of the user
+	 * @access public
+	 *
+	 */
+	public function all()
+	{
+		$userAmpeln = array();
+		
+		$ampel_result = $this->AmpelModel->active(false, $this->uid);
+		
+		$ampel_result = $this->getDataOrTerminateWithError($ampel_result);
+		
+		foreach ($ampel_result as $ampel) {
+			// check if the ampel was assigned to the user
+			$zugeteilt = $this->AmpelModel->isZugeteilt($this->uid, $ampel->benutzer_select);
+
+			$zugeteilt = $this->getDataOrTerminateWithError($zugeteilt);
+
+			if ($zugeteilt) $userAmpeln[] = $ampel;
+		}
+
+		$this->terminateWithSuccess($userAmpeln);
+	}
+
+	/**
+	 * queries all ampeln that were assigned to the user until start of first work day
+	 * @access public
+	 *
+	 */
+	public function alleAmpeln()
+	{
+
+		//fetch all ampeln
+		$alle_ampeln = $this->AmpelModel->alleAmpeln($this->uid);
+
+		$alle_ampeln = $this->getDataOrTerminateWithError($alle_ampeln);
+
+		$alle_ampeln = array_map(function ($ampel) {
+			// check if ampel is confirmed by user
+			$confirmedByUser = $this->AmpelModel->isConfirmed($ampel->ampel_id, $this->uid);
+			$ampel->bestaetigt = $confirmedByUser;
+			return $ampel;
+		}, $alle_ampeln);
+
+		$this->terminateWithSuccess($alle_ampeln);
+	}
+}
+

application/controllers/api/frontend/v1/Bookmark.php

@@ -0,0 +1,109 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class Bookmark extends FHCAPI_Controller
+{
+
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'getBookmarks' => self::PERM_LOGGED,
+            'delete' => self::PERM_LOGGED,
+            'insert' => self::PERM_LOGGED,
+        ]);
+
+		$this->load->model('dashboard/Bookmark_model', 'BookmarkModel');
+
+		$this->uid = getAuthUID();
+		$this->pid = getAuthPersonID();
+
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	
+    /**
+	 * gets the bookmarks associated to a user 
+	 * @access public
+	 * @return void
+	 */
+	public function getBookmarks()
+	{
+        $bookmarks = $this->BookmarkModel->loadWhere(["uid"=>$this->uid]);
+
+        $bookmarks = $this->getDataOrTerminateWithError($bookmarks);
+
+        $this->terminateWithSuccess($bookmarks);
+    }
+
+    /**
+	 * deletes bookmark from associated user 
+	 * @access public
+	 * @return void
+	 */
+    public function delete($bookmark_id)
+	{
+        $bookmark = $this->BookmarkModel->load($bookmark_id);
+
+        $bookmark = current($this->getDataOrTerminateWithError($bookmark));
+
+        // only delete bookmark if the user is the owner of the bookmark
+        if($bookmark->uid == $this->uid || $this->permissionlib->isBerechtigt('admin')){
+
+            $delete_result = $this->BookmarkModel->delete($bookmark_id);
+
+            $delete_result = $this->getDataOrTerminateWithError($delete_result);
+
+            $this->terminateWithSuccess($delete_result);
+        }else{
+            $this->_outputAuthError(['delete' => ['admin:rw']]);
+        }
+    }
+
+    /**
+	 * inserts new bookmark into the bookmark table 
+	 * @access public
+	 * @return void
+	 */
+    public function insert()
+	{
+        // form validation
+        $this->load->library('form_validation');
+        $this->form_validation->set_rules('url', 'URL', 'required|valid_url|max_length[511]');
+        $this->form_validation->set_rules('title', 'Title', 'required|max_length[255]');
+        if($this->form_validation->run() == FALSE) $this->terminateWithValidationErrors($this->form_validation->error_array());
+
+        $url = $this->input->post('url',true);
+        $title = $this->input->post('title',true);
+        $tag = $this->input->post('tag', true);
+
+        $insert_into_result = $this->BookmarkModel->insert(['uid'=>$this->uid, 'url'=>$url, 'title'=>$title,'tag'=>$tag, 'insertvon'=>$this->uid, 'updateamum'=>NULL, 'updatevon'=>NULL]);
+
+        $insert_into_result = $this->getDataOrTerminateWithError($insert_into_result);
+
+        $this->terminateWithSuccess($insert_into_result);
+
+    }
+}
+

application/controllers/api/frontend/v1/Cms.php

@@ -0,0 +1,195 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the SearchBarLib (back-end)
+ * Provides data to the ajax get calls about the searchbar component
+ * This controller works with JSON calls on the HTTP GET and the output is always JSON
+ */
+class Cms extends FHCAPI_Controller
+{
+	
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		// NOTE(chris): additional permission checks will be done in SearchBarLib
+		parent::__construct([
+			'ContentID' => self::PERM_LOGGED,
+			'getOrtKurzbzContent' => self::PERM_LOGGED,
+            'content' => self::PERM_LOGGED,
+			'news' => self::PERM_LOGGED,
+			'getNewsRowCount' => self::PERM_LOGGED,
+			'getNews' => self::PERM_LOGGED,
+
+		]);
+
+		$this->load->model('content/News_model', 'NewsModel');
+
+		// setting up the papgination_size
+		$this->page_size = 10;
+
+		$this->load->library('CmsLib');
+
+		// Loads phrases system
+		$this->loadPhrases([
+			'global'
+		]);
+
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Private methods
+
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+    /**
+	 * fetches the content with the content_id and additional parameters
+	 */
+    public function content()
+	{
+		// form validation
+		$this->load->library('form_validation');
+		$this->form_validation->set_data($_GET);
+		$this->form_validation->set_rules('content_id','Content ID','required|is_natural');
+		if($this->form_validation->run() == FALSE) $this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		// getting the get parameters
+        $content_id = $this->input->get("content_id",TRUE);
+        $version = $this->input->get("version",TRUE);
+        $sprache = $this->input->get("sprache",TRUE);
+        $sichtbar = $this->input->get("sichtbar",TRUE);
+
+		$content = $this->cmslib->getContent($content_id, $version, $sprache, $sichtbar);
+		$content = $this->getDataOrTerminateWithError($content);
+
+		$this->terminateWithSuccess($content);
+	}
+
+	/**
+	 * Gets a JSON body via HTTP POST and provides the parameters
+	 */
+	public function ContentID()
+	{
+		// form validation
+		$this->load->library('form_validation');
+		$this->form_validation->set_data($_GET);
+		$this->form_validation->set_rules('ort_kurzbz', 'Ort', 'required');
+		if ($this->form_validation->run() == FALSE) $this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$ort_kurzbz = $this->input->get('ort_kurzbz',TRUE);
+		
+		$content_id = $this->OrtModel->getContentID($ort_kurzbz);
+
+		$content_id = current($this->getDataOrTerminateWithError($content_id))->content_id;
+		
+		$this->terminateWithSuccess($content_id);
+	}
+
+	//todo: there is the method news and getNews but only one should exist
+	public function news()
+	{
+
+		// form validation
+		$this->load->library('form_validation');
+		$this->form_validation->set_data($_GET);
+		$this->form_validation->set_rules('limit','Limit','required|is_natural_no_zero');
+		if($this->form_validation->run() == FALSE) $this->terminateWithValidationErrors($this->form_validation->error_array());
+		
+		$this->load->model('content/news_model', 'NewsModel');
+		
+		$limit =  $this->input->get('limit',TRUE);
+		
+		//query the news
+		$news = $this->NewsModel->getAll($limit);
+
+		//get the data or terminate with error
+		$news = $this->getDataOrTerminateWithError($news);
+		
+		// collect the content of the news
+		foreach($news as $news_element){
+			$this->addMeta("content_id",$news_element->content_id);
+			
+			//todo: quick fix, for query builder error when fetching content
+			$this->NewsModel->resetQuery();
+			$content = $this->cmslib->getContent($news_element->content_id);
+
+			$content = getData($content);
+			
+			$news_element->content_obj = $content;
+		}
+		$withContent = function($news) {
+			return $news->content_obj != null;
+		};
+		
+		$newsWithContent = array_filter($news, $withContent);
+
+		$this->terminateWithSuccess($newsWithContent);
+        
+	}
+
+	public function getNewsRowCount($infoscreen = false, $studiengang_kz = null, $semester = null, $mischen = true, $titel = '', $fachbereich_kurzbz = null, $maxalter = 0, $edit = false, $sichtbar = true, $page = 1, $page_size = 10)
+	{
+		list($studiengang_kz, $semester) = $this->cmslib->getStgAndSem($studiengang_kz, $semester);
+		$all = $edit;
+		
+		$this->load->model('content/News_model','NewsModel');
+
+		$num_rows = $this->NewsModel->countNewsWithContent(getSprache(), $studiengang_kz, $semester, $fachbereich_kurzbz, $sichtbar, $maxalter, $page, $page_size, $all, $mischen);
+		
+		$num_rows = $this->getDataOrTerminateWithError($num_rows);
+		
+		$this->terminateWithSuccess($num_rows);
+		
+	}
+
+
+	public function getNews($infoscreen = false, $studiengang_kz = null, $semester = null, $mischen = true, $titel = '', $edit = false, $sichtbar = true)
+	{
+		//form validation
+		$this->load->library('form_validation');
+		$this->form_validation->set_data($_GET);
+		$this->form_validation->set_rules('page','Page','required|is_natural');
+		$this->form_validation->set_rules('page_size', 'PageSize', 'is_natural');
+		if($this->form_validation->run() == FALSE) $this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		// getting the GET parameters
+		$page = intval($this->input->get('page', true));
+		$page_size = intval($this->input->get('page_size', true));
+
+		// default value for the page_size is 10
+		$page_size = $page_size ?? 10;
+		
+		$news = $this->cmslib->getNews($infoscreen, $studiengang_kz, $semester, $mischen, $titel, $edit, $sichtbar, $page, $page_size);
+
+		$news = $this->getDataOrTerminateWithError($news);
+
+		$this->addMeta('test', $this->p->t('global', 'studiengangsleitung'));
+		$this->addMeta('phrases', json_decode($this->p->getJson()));
+		$this->terminateWithSuccess($news);
+
+	}
+
+	
+}
+

application/controllers/api/frontend/v1/Filter.php

@@ -0,0 +1,231 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the FilterCmptLib (back-end)
+ * Provides data to the ajax get calls about the filter component
+ * Listens to ajax post calls to change the filter data
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Filter extends FHCAPI_Controller
+{
+	const FILTER_UNIQUE_ID = 'filterUniqueId'; // Name of the filter cmpt unique id (mandatory)
+	const FILTER_TYPE = 'filterType'; // The filter type (PHP filter definition) used (mandatory)
+	const FILTER_ID = 'filterId'; // The id of the used filter (optional)
+
+	/**
+	 * Calls the parent's constructor and loads the FilterCmptLib
+	 */
+	public function __construct()
+	{
+		// NOTE: FilterCmpt has its own permissions checks
+		parent::__construct([
+			'getFilter' => self::PERM_LOGGED,
+			'removeFilterField' => self::PERM_LOGGED,
+			'addFilterField' => self::PERM_LOGGED,
+			'applyFilterFields' => self::PERM_LOGGED,
+			'removeCustomFilter' => self::PERM_LOGGED,
+			'saveCustomFilter' => self::PERM_LOGGED,
+			'reloadDataset' => self::PERM_LOGGED
+		]);
+
+		// Loads the FiltersModel
+		$this->load->model('system/Filters_model', 'FiltersModel');
+
+		// Loads the FilterCmptLib with HTTP GET/POST parameters
+		$this->_startFilterCmptLib();
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Retrieves data about the current filter from the session and will be written on the output in JSON format
+	 */
+	public function getFilter()
+	{
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$session = $this->filtercmptlib->getSession();
+		if (is_object($session)) {
+			// If stdClass it is an retval object
+			$session = $this->getDataOrTerminateWithError($session);
+		}
+		$this->terminateWithSuccess($session);
+	}
+
+	/**
+	 * Remove an applied filter (SQL where condition) from the current filter
+	 */
+	public function removeFilterField()
+	{
+		$this->form_validation->set_rules('filterField', 'filterField', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$result = $this->filtercmptlib->removeFilterField($this->input->post('filterField'));
+
+		if (!$result)
+			$this->terminateWithError('Error occurred', self::ERROR_TYPE_GENERAL);
+
+		$this->terminateWithSuccess('Field removed');
+	}
+
+	/**
+	 * Add a filter (SQL where clause) to be applied to the current filter
+	 */
+	public function addFilterField()
+	{
+		$this->form_validation->set_rules('filterField', 'filterField', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$result = $this->filtercmptlib->addFilterField($this->input->post('filterField'));
+
+		if (!$result)
+			$this->terminateWithError('Error occurred', self::ERROR_TYPE_GENERAL);
+
+		$this->terminateWithSuccess('Field added');
+	}
+
+	/**
+	 * Apply the filter changes
+	 */
+	public function applyFilterFields()
+	{
+		$this->form_validation->set_rules('filterFields', 'filterFields', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$result = $this->filtercmptlib->applyFilterFields($this->input->post('filterFields'));
+
+		if (!$result)
+			$this->terminateWithError('Error occurred', self::ERROR_TYPE_GENERAL);
+
+		$this->terminateWithSuccess('Applied');
+	}
+
+	/**
+	 * Save the current filter as a custom filter for this user with the given description
+	 */
+	public function saveCustomFilter()
+	{
+		$this->form_validation->set_rules('customFilterName', 'customFilterName', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$result = $this->filtercmptlib->saveCustomFilter($this->input->post('customFilterName'));
+
+		if (!$result)
+			$this->terminateWithError('Error occurred', self::ERROR_TYPE_GENERAL);
+
+		$this->terminateWithSuccess('Saved');
+	}
+
+	/**
+	 * Remove a custom filter by its filterId
+	 */
+	public function removeCustomFilter()
+	{
+		$this->form_validation->set_rules('filterId', 'filterId', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$result = $this->filtercmptlib->removeCustomFilter($this->input->post('filterId'));
+
+		if (!$result)
+			$this->terminateWithError('Error occurred', self::ERROR_TYPE_GENERAL);
+
+		$this->terminateWithSuccess('Removed');
+	}
+
+	/**
+	 * Reloads the dataset
+	 */
+	public function reloadDataset()
+	{
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$this->filtercmptlib->reloadDataset();
+
+		$this->terminateWithSuccess('Success');
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Private methods
+
+	/**
+	 * Loads the FilterCmptLib with the FILTER_UNIQUE_ID parameter
+	 * If the parameter FILTER_UNIQUE_ID is not given then the execution of the controller is terminated and
+	 * an error message is printed
+	 */
+	private function _startFilterCmptLib()
+	{
+		$filterUniqueId = null;
+		$filterType = null;
+		$filterId = null;
+
+		$validations = [
+			[
+				'field' => self::FILTER_UNIQUE_ID,
+				'label' => self::FILTER_UNIQUE_ID,
+				'rules' => 'required'
+			],
+			[
+				'field' => self::FILTER_TYPE,
+				'label' => self::FILTER_TYPE,
+				'rules' => 'required'
+			],
+		];
+
+		$this->load->library('form_validation');
+
+		if ($this->input->method() == 'get')
+			$this->form_validation->set_data($this->input->get());
+		$this->form_validation->set_rules($validations);
+
+		if ($this->form_validation->run()) {
+			$filterUniqueId = $this->input->post_get(self::FILTER_UNIQUE_ID);
+			$filterType = $this->input->post_get(self::FILTER_TYPE);
+			$filterId = $this->input->post_get(self::FILTER_ID);
+
+			// Loads the FilterCmptLib that contains all the used logic
+			$this->load->library(
+				'FilterCmptLib',
+				array(
+					'filterUniqueId' => $filterUniqueId,
+					'filterType' => $filterType,
+					'filterId' => $filterId
+				)
+			);
+
+			// Start the component
+			$this->filtercmptlib->start();
+		}
+	}
+}
+

application/controllers/api/frontend/v1/Lehre.php

@@ -0,0 +1,85 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+
+class Lehre extends FHCAPI_Controller
+{
+	
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'lvStudentenMail' => self::PERM_LOGGED,
+			'LV' => self::PERM_LOGGED,
+		]);
+
+		
+
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+    /**
+	 * constructs the emails of the groups from a lehrveranstaltung
+	 */
+    public function lvStudentenMail()
+	{
+        $lehreinheit_id = $this->input->get("lehreinheit_id",TRUE);
+        
+        // return early if the required parameter is missing
+        if(!isset($lehreinheit_id))
+        {
+            $this->terminateWithError('Missing required parameter', self::ERROR_TYPE_GENERAL);
+        }
+
+        $this->load->model('education/Lehreinheit_model', 'LehreinheitModel');
+        
+        $studentenMails = $this->LehreinheitModel->getStudentenMail($lehreinheit_id);
+
+        $studentenMails = $this->getDataOrTerminateWithError($studentenMails);
+
+		//convert array of objects into array of strings
+		$studentenMails = array_map(function($element){
+			return $element->mail;
+		}, $studentenMails);
+
+        $this->terminateWithSuccess($studentenMails);
+	}
+
+	public function LV($studiensemester_kurzbz, $lehrveranstaltung_id)
+	{
+		$this->load->model('education/Lehrveranstaltung_model', 'LehrveranstaltungModel');
+
+		$result = $this->LehrveranstaltungModel->getLvsByStudentWithGrades(getAuthUID(), $studiensemester_kurzbz, getUserLanguage(), $lehrveranstaltung_id);
+
+		$result = current($this->getDataOrTerminateWithError($result));
+		
+		$this->terminateWithSuccess($result);
+	}
+	
+
+	
+
+	
+}
+

application/controllers/api/frontend/v1/LvMenu.php

@@ -0,0 +1,532 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+
+use CI3_Events as Events;
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the SearchBarLib (back-end)
+ * Provides data to the ajax get calls about the searchbar component
+ * This controller works with JSON calls on the HTTP GET and the output is always JSON
+ */
+class LvMenu extends FHCAPI_Controller
+{
+    
+
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'getLvMenu' => self::PERM_LOGGED
+		]);
+
+		$this->load->model("ressource/Mitarbeiter_model");
+		$this->load->model("education/Lehreinheit_model");
+		$this->load->model("education/Lehrveranstaltung_model");
+		$this->load->model("organisation/Studiengang_model");
+		$this->load->model("accounting/Vertrag_model");
+		$this->load->model("system/Variable_model");
+		$this->load->model("person/Benutzergruppe_model");
+		$this->load->model("education/Lvangebot_model");
+		$this->load->model("ressource/Lehretools_model");
+
+		$this->load->library("PermissionLib", null, 'PermissionLib');
+
+		$this->load->library("PhrasesLib");
+		$this->loadPhrases(array('global', 'lehre'));
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * 
+	 */
+	public function getLvMenu($lvid, $studiensemester_kurzbz)
+	{
+
+		// return early if parameters are missing
+		if(!isset($lvid) || !isset($studiensemester_kurzbz))
+			$this->terminateWithError('Missing parameters', self::ERROR_TYPE_GENERAL);
+
+		// get the sprache
+		$sprache = getUserLanguage();
+
+		// get the user
+		if (!$user=getAuthUID())
+		    $this->terminateWithError($this->p->t('global', 'nichtAngemeldet'));
+
+		// check if is_lector
+		$is_lector = false;
+		$mares = $this->Mitarbeiter_model->isMitarbeiter($user);
+		if(hasData($mares))
+		{
+		    $is_lector = getData($mares);
+		}
+
+		// definition of user_is_allowed_to_upload
+		$user_is_allowed_to_upload=false;
+		$angezeigtes_stsem = $studiensemester_kurzbz;
+
+		// load lehrveranstaltung
+		$lvres = $this->Lehrveranstaltung_model->load($lvid);
+		if(!hasData($lvres)) 
+		{
+		    $this->terminateWithError('LV ' . $lvid . ' not found.');
+		}
+		$lv = (getData($lvres))[0];
+
+		// define studiengang_kz / semester / lehrverzeichnis
+		$studiengang_kz = $lv->studiengang_kz;
+		$semester = $lv->semester;
+		$short = $lv->lehreverzeichnis;
+
+		// load studiengang
+		$stgres = $this->Studiengang_model->load($lv->studiengang_kz);
+		if(!hasData($stgres))
+		{
+		    $this->terminateWithError('Stg ' . $lv->studiengang_kz . ' nof found.');
+		}
+		$stg = (getData($stgres))[0];
+		$kurzbz = strtoupper($stg->typ . $stg->kurzbz);
+
+		$short_name = $lv->bezeichnung;
+		$short_short_name = $lv->lehreverzeichnis;
+
+		// angemeldet
+		$angemeldet = true;
+		if(defined('CIS_LEHRVERANSTALTUNG_WENNANGEMELDET_DETAILS_ANZEIGEN') && CIS_LEHRVERANSTALTUNG_WENNANGEMELDET_DETAILS_ANZEIGEN && !$is_lector)
+		{
+			$angemeldet = false;
+
+			$lesres = $this->Lehreinheit_model->getLehreinheitenForStudentAndStudienSemester(
+			    $lvid, $user, $angezeigtes_stsem
+			);
+
+			if(hasData($lesres) && count(getData($lesres)) > 0)
+				$angemeldet = true;
+		}
+
+		// lehrfach
+		$lehrfach_id='';
+		
+		if(defined('CIS_LEHRVERANSTALTUNG_LEHRFACH_ANZEIGEN') && CIS_LEHRVERANSTALTUNG_LEHRFACH_ANZEIGEN)
+		{
+			// Wenn der eingeloggte User zu einer der Lehreinheiten zugeteilt ist
+			// wird zusätzlich das Lehrfach der Lehreinheit angezeigt.
+			if($is_lector )
+			{
+				$result = $this->Lehreinheit_model->getLehrfachIdMitarbeiter($angezeigtes_stsem,$user,$lvid);
+			}
+			else
+			{
+				$result = $this->Lehreinheit_model->getLehrfachIdStudierender($angezeigtes_stsem,$user,$lvid);
+			}
+
+			// Wenn die LV mehrere verschiedenen Lehrfaecher hat, und der User zu mehreren davon zugeteilt ist
+			// wird das Lehrfach nicht angezeigt damit es nicht zu verwirrungen kommt.
+			if( ($lehrfaecher = getData($result)) && count($lehrfaecher)==1 && ($lehrfach = $lehrfaecher[0]))
+			{
+				$lehrfach_id=$lehrfach->lehrfach_id;
+			}
+		}
+
+		// lektor der lv
+		$lektor_der_lv=false;
+
+		$leinfores = $this->Lehreinheit_model->getLehreinheitInfo($lvid,$angezeigtes_stsem,$lehrfach_id);
+		$db_result = hasData($leinfores) ? getData($leinfores) : array();
+
+		foreach($db_result as $row_lector)
+		{
+
+			// Lektor wird erst angezeigt wenn der Auftrag erteilt wurde
+			if (defined('CIS_LV_LEKTORINNENZUTEILUNG_VERTRAGSPRUEFUNG_VON')
+				&& CIS_LV_LEKTORINNENZUTEILUNG_VERTRAGSPRUEFUNG_VON != '')
+			{
+				if (!$this->Vertrag_model->isVertragErteiltLV($lvid, $angezeigtes_stsem, $row_lector->uid))
+				{
+					continue;
+				}
+			}
+
+
+			if($user == $row_lector->uid)
+			{
+				$lektor_der_lv=true;
+				$user_is_allowed_to_upload=true;
+			}
+
+			// style of the link
+			if($row_lector->lvleiter === true)
+				$style='style="font-weight: bold"';
+			else
+				$style='';
+
+		}
+
+		//Berechtigungen auf Fachbereichsebene
+		$lehrfach_oe_kurzbz_arr = array();
+		$fbres = $this->Lehrveranstaltung_model->getBerechtigungenAufFachberechsebene($lvid, $angezeigtes_stsem);
+		$fbs = (hasData($fbres)) ? getData($fbres) : array();
+		foreach($fbs as $row)
+		{
+			$lehrfach_oe_kurzbz_arr[] = $row->oe_kurzbz;
+			if($this->PermissionLib->isBerechtigt('lehre', null, $row->oe_kurzbz) 
+			    || $this->PermissionLib->isBerechtigt('assistenz', null, $stg->oe_kurzbz))
+			{
+				$user_is_allowed_to_upload=true;
+			}
+		}
+
+		// FH-Core Menu Logic 
+		// ##########################################################################################
+
+		$menu = array();
+
+		$this->fhc_menu_lvinfo($menu, $lvid, $studiengang_kz, $lektor_der_lv, $is_lector, $lehrfach_oe_kurzbz_arr);
+		
+		$this->fhc_menu_feedback($menu, $angemeldet, $lvid);
+		
+		$this->fhc_menu_gesamtnote($menu, $angemeldet, $lvid, $lv, $is_lector, $angezeigtes_stsem);
+		
+		$this->fhc_menu_emailStudierende($menu, $user, $angemeldet, $lvid, $angezeigtes_stsem);
+		
+		$this->fhc_menu_abmeldung($menu, $user, $is_lector, $lvid, $angezeigtes_stsem);
+		
+		$this->fhc_menu_lehretools($menu, $lvid, $angezeigtes_stsem, $sprache);
+		
+		$this->fhc_menu_anrechnungStudent($menu, $lvid, $angezeigtes_stsem);
+		
+		$this->fhc_menu_anrechnungLector($menu, $angezeigtes_stsem);
+		
+
+		// Addons Menu Logic
+		// ##########################################################################################		
+
+		$params = [
+			'sprache'=>$sprache,
+			//'p'=>$p,
+			'ci_p'=> $this->p,
+			//'db'=>$db,
+			'user'=>$user,
+			'is_lector'=>$is_lector,
+			'user_is_allowed_to_upload'=>$user_is_allowed_to_upload,
+			//'rechte'=>$rechte,
+			'angezeigtes_stsem'=>$angezeigtes_stsem,
+			//'lehreinheit'=>$lehreinheit,
+			'lv_obj'=>$lv,
+			'lv'=>$lv,
+			'lvid'=>$lvid,
+			'studiengang_kz'=>$studiengang_kz,
+			'semester'=>$semester,
+			'short'=>$short,
+			'stg_obj'=>$stg,
+			'kurzbz'=>$kurzbz,
+			'short_name'=>$short_name,
+			'short_short_name'=>$short_short_name,
+			//'dir_name'=>$dir_name,
+			'angemeldet'=>$angemeldet,
+			'lehrfach_id'=>$lehrfach_id,
+			'lektor_der_lv'=>$lektor_der_lv,
+			'lehrfach_oe_kurzbz_arr'=>$lehrfach_oe_kurzbz_arr,
+		];
+		
+		Events::trigger('lvMenuBuild', 
+						// passing $menu per reference
+						function & () use (&$menu) {
+							return $menu;
+						},
+						$params
+		);
+
+		// Menu sortieren
+		// ##########################################################################################
+		
+		foreach ($menu as $key => $row){
+
+			// removes menu points that are not needed in the c4 lvUebersicht
+			if( !array_key_exists('c4_link',$row) || !array_key_exists('c4_icon',$row)){
+				unset($menu[$key]);
+				continue;
+			}
+			
+			// fills pos array to sort the menu 
+			$pos[$key] = $row['position'];
+
+		}
+
+		array_multisort($pos, SORT_ASC, SORT_NUMERIC, $menu);
+
+		// HTTP response
+		// ##########################################################################################
+		
+		$this->terminateWithSuccess($menu);
+
+	}
+
+
+	private function fhc_menu_digitale_anwesenheiten(&$menu, $angemeldet, $studiengang_kz, $semester, $lvid, $angezeigtes_stsem){
+		
+		// DIGITALE ANWESENHEITEN
+		if (defined('CIS_LEHRVERANSTALTUNG_ANWESENHEIT_ANZEIGEN') && CIS_LEHRVERANSTALTUNG_ANWESENHEIT_ANZEIGEN && $angemeldet) {
+
+			$menu[] = array
+			(
+				'id' => 'core_menu_digitale_anwesenheitslisten',
+				'position' => '50',
+				'name' => $this->p->t('lehre', 'digiAnw'),
+				'c4_icon' => base_url('skin/images/button_kreuzerltool.png'),
+				'c4_link' => base_url("index.ci.php/extensions/FHC-Core-Anwesenheiten/?stg_kz=$studiengang_kz&sem=$semester&lvid=$lvid&sem_kurzbz=$angezeigtes_stsem&nav=false"),
+				'c4_linkList' => []
+			);
+		}
+	}
+
+	private function fhc_menu_lvinfo(&$menu, $lvid, $studiengang_kz, $lektor_der_lv, $is_lector, $lehrfach_oe_kurzbz_arr){
+		
+		// LVINFO
+		if(!defined('CIS_LEHRVERANSTALTUNG_LVINFO_ANZEIGEN') || CIS_LEHRVERANSTALTUNG_LVINFO_ANZEIGEN)
+		{
+			$c4_linkList=array();
+			
+			// Bearbeiten Button anzeigen wenn Lektor der LV und bearbeiten fuer Lektoren aktiviert ist
+			// Oder Berechtigung zum Bearbeiten eingetragen ist
+			if((!defined('CIS_LEHRVERANSTALTUNG_LVINFO_LEKTOR_EDIT') && $lektor_der_lv)
+			|| (defined('CIS_LEHRVERANSTALTUNG_LVINFO_LEKTOR_EDIT') && CIS_LEHRVERANSTALTUNG_LVINFO_LEKTOR_EDIT==true && $lektor_der_lv)
+			|| $this->PermissionLib->isBerechtigt('lehre/lvinfo',$studiengang_kz)
+			|| $this->PermissionLib->isBerechtigtMultipleOe('lehre/lvinfo', $lehrfach_oe_kurzbz_arr)
+			)
+			{
+				$c4_linkList[]= [$this->p->t('lehre', 'lvInfoBearbeiten'), 'ects/index.php?lvid='.$lvid];
+			}
+			elseif ($is_lector)
+			{
+				$c4_linkList[]= ["Bearbeiten der LV-Infos derzeit gesperrt",'#'];
+			}
+
+			$menu[]=array
+			(
+				'id'=>'core_menu_lvinfo',
+				'position'=>'10',
+				'name'=>$this->p->t('lehre', 'lehrveranstaltungsinformation'),
+				'icon'=>'../../../skin/images/button_lvinfo.png',
+				'link'=>'',
+				'c4_icon'=> base_url('skin/images/button_lvinfo.png'),
+				'c4_link'=>'',
+				'c4_linkList'=>$c4_linkList
+			);
+		}
+	}
+
+	private function fhc_menu_feedback(&$menu, $angemeldet, $lvid){
+		//FEEDBACK
+		if((!defined('CIS_LEHRVERANSTALTUNG_FEEDBACK_ANZEIGEN') || CIS_LEHRVERANSTALTUNG_FEEDBACK_ANZEIGEN) && $angemeldet)
+		{
+			$menu[]=array
+			(
+				'id'=>'core_menu_feedback',
+				'position'=>'60',
+				'name'=>$this->p->t('lehre', 'feedback'),
+				'c4_icon'=> base_url('skin/images/button_feedback.png'),
+				'c4_link'=> base_url('feedback.php?lvid='.$lvid),
+			);
+		}
+	}
+
+	private function fhc_menu_gesamtnote(&$menu, $angemeldet, $lvid, $lv_obj, $is_lector, $angezeigtes_stsem){
+		//Gesamtnote
+		if($is_lector && ((!defined('CIS_LEHRVERANSTALTUNG_GESAMTNOTE_ANZEIGEN') || CIS_LEHRVERANSTALTUNG_GESAMTNOTE_ANZEIGEN) && $angemeldet))
+		{
+			if($lv_obj->benotung)
+			{
+				$menu[]=array
+				(
+					'id'=>'core_menu_gesamtnote',
+					'position'=>'80',
+					'name'=>$this->p->t('lehre', 'gesamtnote'),
+					'c4_icon'=> base_url('skin/images/button_endnote.png'),
+					'c4_link'=> base_url('cis/private/lehre/benotungstool/lvgesamtnoteverwalten.php?lvid='.urlencode($lvid).'&stsem='.urlencode($angezeigtes_stsem))
+					//'c4_link'=> base_url('benotungstool/lvgesamtnoteverwalten.php?lvid='.urlencode($lvid).'&stsem='.urlencode($angezeigtes_stsem))
+				);
+			}
+			else
+			{
+				$menu[]=array
+				(
+					'id'=>'core_menu_gesamtnote',
+					'position'=>'80',
+					'name'=>$this->p->t('lehre', 'gesamtnote'),
+					'c4_icon'=>base_url('skin/images/button_endnote.png'),
+					'c4_link'=>'#',
+					'c4_linkList'=>[[$this->p->t('lehre', 'noteneingabedeaktiviert'),'#']],
+				);
+			}
+		}
+	}
+
+	
+
+	private function fhc_menu_emailStudierende(&$menu, $user, $angemeldet, $lvid, $angezeigtes_stsem){
+		// Email an Studierende
+		if((!defined('CIS_LEHRVERANSTALTUNG_MAILSTUDIERENDE_ANZEIGEN') || CIS_LEHRVERANSTALTUNG_MAILSTUDIERENDE_ANZEIGEN) && $angemeldet)
+		{
+			$mailto='mailto:';
+			$c4_linkList=array();
+			
+			$studentMailsRes = $this->Lehrveranstaltung_model->getStudentEMail($lvid, $angezeigtes_stsem);
+			
+			// get the data of the database result and map the array of objects to their object property
+			$studentMails = $this->getDataOrTerminateWithError($studentMailsRes, 'No student mails found');
+			
+
+			$nomail='';
+			$variablesres = $this->Variable_model->getVariables($user);
+			$variables = (hasData($variablesres)) ? getData($variablesres) : array();
+
+			foreach ($studentMails as $row)
+			{
+				if($row->gruppe_kurzbz != '')
+				{
+					$bngrp_uids = $this->Benutzergruppe_model->getUids($row->gruppe_kurzbz, $angezeigtes_stsem);
+					if(count($bngrp_uids) > 0)
+					{
+						if(!$row->mailgrp)
+						{
+							$nomail = $row->gruppe_kurzbz . ' ';
+						}
+						else
+						{
+							$mailto .= mb_strtolower($row->gruppe_kurzbz . '@' 
+								. DOMAIN . $variables['emailadressentrennzeichen']);
+						}
+					}
+				}
+				else
+				{
+					$mailto .= mb_strtolower($row->stg_typ . $row->stg_kurzbz 
+						. $row->semester . trim($row->verband) . trim($row->gruppe) 
+						. '@' . DOMAIN . $variables['emailadressentrennzeichen']);
+				}
+			}
+
+			if($nomail != '') 
+			{
+				$c4_linkList[] = array(
+					$this->p->t('lehre', 'keinMailverteiler', array('nomail' => $nomail)), 
+					'#'
+				);
+				$link_onclick = 'alert(\''.$this->p->t('lehre', 'keinMailverteiler', array('nomail' => $nomail)) . '\');';
+			}
+			else
+			{
+				$link_onclick = '';
+			}
+			
+			
+			$menu[]=array
+			(
+				'id'=>'core_menu_mailanstudierende',
+				'position'=>'100',
+				'name'=>$this->p->t('lehre', 'mail'),
+				'c4_icon'=>base_url('skin/images/button_feedback.png'),
+				'c4_icon2' => 'fa-regular fa-envelope',
+				'c4_link'=>$mailto,
+				'c4_linkList'=>$c4_linkList,
+				'link_onclick'=>$link_onclick
+			);
+		} 
+	}
+
+	
+
+	private function fhc_menu_abmeldung(&$menu, $user, $is_lector, $lvid, $angezeigtes_stsem){
+		if(!defined('CIS_LEHRVERANSTALTUNG_ABMELDUNG_ANZEIGEN') || CIS_LEHRVERANSTALTUNG_ABMELDUNG_ANZEIGEN)
+		{
+			if(!$is_lector)
+			{
+				$gruppen = $this->Lvangebot_model->AbmeldungMoeglich($lvid, $angezeigtes_stsem, $user);
+				if(count($gruppen) > 0)
+				{
+					$menu[]=array
+					(
+						'id'=>'core_menu_abmeldung',
+						'position'=>'120',
+						'name'=>$this->p->t('lehre', 'abmelden'),
+						'c4_icon'=>base_url('skin/images/button_studiupload.png'),
+						'c4_link'=>base_url('abmeldung.php?lvid='.urlencode($lvid).'&stsem='.urlencode($angezeigtes_stsem)),
+					);
+
+				}
+			}
+		}
+	}
+
+	private function fhc_menu_lehretools(&$menu, $lvid, $angezeigtes_stsem, $sprache){
+		//Anzeigen von zusaetzlichen Lehre-Tools
+		$lehretools = $this->Lehretools_model->getTools($lvid, $angezeigtes_stsem, $sprache);
+		foreach($lehretools as $row)
+		{
+			$menu[] = array(
+				'id' => 'core_menu_lehretools_' . $row->lehre_tools_id,
+				'position' => '1000',
+				'name' => $row->bezeichnung,
+				'c4_icon' => base_url('cms/dms.php?id='.$row->logo_dms_id),
+				'c4_link' => $row->basis_url,
+			);
+		}
+	}
+
+    private function fhc_menu_anrechnungStudent(&$menu, $lvid, $angezeigtes_stsem){
+		// Anerkennung nachgewiesener Kenntnisse (Anrechnung) - Anzeige fuer Studenten
+		if((!defined('CIS_LEHRVERANSTALTUNG_ANRECHNUNG_ANZEIGEN') || CIS_LEHRVERANSTALTUNG_ANRECHNUNG_ANZEIGEN)
+			&& $this->PermissionLib->isBerechtigt('student/anrechnung_beantragen'))
+		{
+			$menu[]=array
+			(
+				'id' => 'core_menu_anerkennungNachgewiesenerKenntnisse',
+				'position' => '128',
+				'name' => $this->p->t('lehre', 'anrechnung'),
+				'c4_icon' => base_url('skin/images/button_listen.png'),
+				'c4_icon2' => 'fa-regular fa-folder-open',
+				'c4_link' => base_url('cis.php/lehre/anrechnung/RequestAnrechnung?studiensemester='.urlencode($angezeigtes_stsem).'&lv_id='.urlencode($lvid))
+			);
+		}
+    }
+
+    private function fhc_menu_anrechnungLector(&$menu, $angezeigtes_stsem){
+		// Anerkennung nachgewiesener Kenntnisse (Anrechnung) - Anzeige fuer LektorInnen
+		if((!defined('CIS_LEHRVERANSTALTUNG_ANRECHNUNG_ANZEIGEN') || CIS_LEHRVERANSTALTUNG_ANRECHNUNG_ANZEIGEN)
+			&& $this->PermissionLib->isBerechtigt('lehre/anrechnung_empfehlen'))
+		{
+			$menu[]=array
+			(
+				'id' => 'core_menu_anerkennungNachgewiesenerKenntnisse_empfehlen',
+				'position' => '128',
+				'name' => $this->p->t('lehre', 'anrechnungen'),
+				'c4_icon'=> base_url('skin/images/button_listen.png'),
+				'c4_icon2' => 'fa-regular fa-folder-open',
+				'c4_link' => base_url('cis.php/lehre/anrechnung/ReviewAnrechnungUebersicht?studiensemester='.urlencode($angezeigtes_stsem))
+			);
+		}
+    }
+}

application/controllers/api/frontend/v1/Navigation.php

@@ -0,0 +1,101 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the NavigationLib (back-end)
+ * Provides data to the ajax get calls about the filter
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Navigation extends FHCAPI_Controller
+{
+	const NAVIGATION_PAGE_PARAM = 'navigation_page'; // Navigation page parameter name
+
+	/**
+	 * Loads the NavigationLib where the used logic lies
+	 */
+	public function __construct()
+    {
+        parent::__construct([
+        	'menu' => self::PERM_LOGGED,
+        	'header' => self::PERM_LOGGED
+        ]);
+
+		$this->_loadNavigationLib(); // Loads the NavigationLib with parameters
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * This function creates the left Menu for each Page
+	 * @param NAVIGATION_PAGE_PARAM GET Parameter witch holds the currently called Page
+	 * @return JSON object with the Menu Entries
+	 */
+	public function menu()
+	{
+		$menuArray = $this->navigationlib->getMenuArray($this->input->get(self::NAVIGATION_PAGE_PARAM));
+
+		$this->terminateWithSuccess($menuArray);
+	}
+
+	/**
+	 * This function creates the Top Menu for each Page
+	 * @param NAVIGATION_PAGE_PARAM GET Parameter witch holds the currently called Page
+	 * @return JSON object with the Menu Entries
+	 */
+	public function header()
+	{
+		$headerArray = $this->navigationlib->getHeaderArray($this->input->get(self::NAVIGATION_PAGE_PARAM));
+
+		$this->terminateWithSuccess($headerArray);
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Private methods
+
+	/**
+	 * Loads the NavigationLib with the NAVIGATION_PAGE_PARAM parameter
+	 * If the parameter NAVIGATION_PAGE_PARAM is not given then the execution of the controller is terminated and
+	 * an error message is printed
+	 */
+	private function _loadNavigationLib()
+	{
+		// If the parameter NAVIGATION_PAGE_PARAM is present in the HTTP GET or POST
+		if (isset($_GET[self::NAVIGATION_PAGE_PARAM]) || isset($_POST[self::NAVIGATION_PAGE_PARAM]))
+		{
+			// If it is present in the HTTP GET
+			if (isset($_GET[self::NAVIGATION_PAGE_PARAM]))
+			{
+				$navigationPage = $this->input->get(self::NAVIGATION_PAGE_PARAM); // is retrieved from the HTTP GET
+			}
+			elseif (isset($_POST[self::NAVIGATION_PAGE_PARAM])) // Else if it is present in the HTTP POST
+			{
+				$navigationPage = $this->input->post(self::NAVIGATION_PAGE_PARAM); // is retrieved from the HTTP POST
+			}
+
+			// Loads the NavigationLib that contains all the used logic
+			$this->load->library('NavigationLib', array(self::NAVIGATION_PAGE_PARAM => $navigationPage));
+		}
+		else // Otherwise an error will be written in the output
+		{
+			show_error('Parameter "' . self::NAVIGATION_PAGE_PARAM . '" not provided!');
+		}
+	}
+}

application/controllers/api/frontend/v1/Ort.php

@@ -0,0 +1,95 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the SearchBarLib (back-end)
+ * Provides data to the ajax get calls about the searchbar component
+ * This controller works with JSON calls on the HTTP GET and the output is always JSON
+ */
+class Ort extends FHCAPI_Controller
+{
+	
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		// NOTE(chris): additional permission checks will be done in SearchBarLib
+		parent::__construct([
+			'ContentID' => self::PERM_LOGGED,
+			'getOrtKurzbzContent' => self::PERM_LOGGED,
+		]);
+
+		$this->load->model('ressource/Ort_model', 'OrtModel');
+
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Gets a JSON body via HTTP POST and provides the parameters
+	 */
+	public function ContentID()
+	{
+		// if error
+		//$this->terminateWithError(SearchBarLib::ERROR_WRONG_JSON, self::ERROR_TYPE_GENERAL);
+		
+		$ort_kurzbz = $this->input->get('ort_kurzbz',TRUE);
+		
+		if(!$ort_kurzbz){
+			$this->terminateWithError("missing ort_kurzbz parameter", self::ERROR_TYPE_GENERAL);
+		}
+
+		$result = $this->OrtModel->getContentID($ort_kurzbz);
+		
+		if(isError($result)){
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+
+		$result = hasData($result) ? current(getData($result)) : null;
+		
+		$this->terminateWithSuccess($result->content_id ?? NULL);
+	}
+
+	/**
+	 * @param int		$version
+	 * @param string	$sprache
+	 * @param boolean	$sichtbar
+	 *
+	 * @return $content
+	 */
+	public function getOrtKurzbzContent($version = null, $sprache = null, $sichtbar = true)
+	{
+		$content_id = $this->input->get("content_id",TRUE);
+
+		$this->load->library('CmsLib');
+
+		$content = $this->cmslib->getContent($content_id, $version, $sprache, $sichtbar);
+
+		if (isError($content))
+			$this->terminateWithError(getError($content), self::ERROR_TYPE_GENERAL);
+
+		$content = hasData($content) ? getData($content) : null;
+
+		$this->terminateWithSuccess($content);
+	}
+}
+

application/controllers/api/frontend/v1/Phrasen.php

@@ -0,0 +1,84 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the PhrasesLib (back-end)
+ * Provides data to the ajax get calls about the Phrasen plugin
+ * This controller works with JSON calls on the HTTP GET and the output is always JSON
+ */
+class Phrasen extends FHCAPI_Controller
+{
+	public function __construct()
+	{
+		parent::__construct([
+			'loadModule' => self::PERM_ANONYMOUS,
+			'setLanguage' => self::PERM_ANONYMOUS,
+			'getLanguage' => self::PERM_ANONYMOUS,
+			'getAllLanguages' => self::PERM_ANONYMOUS,
+		]);
+
+		$this->load->helper('hlp_language');
+	}
+	
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * @param string $module
+	 */
+	public function loadModule($module)
+	{
+		$this->load->library('PhrasesLib', [$module], 'pj');
+		$this->terminateWithSuccess(json_decode($this->pj->getJSON()));
+	}
+
+	public function setLanguage()
+	{
+		$postParams = $this->getPostJSON();
+		$language = $postParams->language;
+		$categories = $postParams->categories;
+
+		setUserLanguage($language);
+
+		$this->load->library('PhrasesLib', array($categories, $language), 'p');
+
+		$phrases = $this->p->setPhrases($categories, $language);
+		$this->terminateWithSuccess($phrases);
+	}
+
+	// gets the langauge of the currently logged in user session and otherwhise the system language
+	public function getLanguage()
+	{
+		$lang = getUserLanguage();
+		$this->terminateWithSuccess($lang);
+	}
+
+	// gets all languages that are set as active in the database
+	public function getAllLanguages()
+	{
+		$langs = getDBActiveLanguages();
+		$langs = $this->getDataOrTerminateWithError($langs);
+		$langs = array_map(function($lang){
+			return $lang->sprache;
+		}, $langs);
+		$this->terminateWithSuccess($langs);
+	}
+
+}

application/controllers/api/frontend/v1/Profil.php

@@ -0,0 +1,695 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class Profil extends FHCAPI_Controller
+{
+
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'getView' => self::PERM_LOGGED,
+            'fotoSperre' => self::PERM_LOGGED,
+			'getGemeinden' => self::PERM_LOGGED,
+			'getAllNationen' => self::PERM_LOGGED,
+			'isMitarbeiter' => self::PERM_LOGGED,
+			
+		]);
+		
+		$this->load->library('PermissionLib');
+
+		$this->load->model('ressource/mitarbeiter_model', 'MitarbeiterModel');
+		$this->load->model('crm/Student_model', 'StudentModel');
+		$this->load->model('person/Benutzer_model', 'BenutzerModel');
+		$this->load->model('person/Person_model', 'PersonModel');
+		$this->load->model('person/Adresse_model', 'AdresseModel');
+		$this->load->model('person/Benutzerfunktion_model', 'BenutzerfunktionModel');
+		$this->load->model('person/Benutzergruppe_model', 'BenutzergruppeModel');
+		$this->load->model('ressource/Betriebsmittelperson_model', 'BetriebsmittelpersonModel');
+		$this->load->model('person/Kontakt_model', 'KontaktModel');
+		$this->load->model('person/Profil_update_model', 'ProfilUpdateModel');
+		$this->load->model('content/DmsVersion_model', 'DmsVersionModel');
+
+
+		//? put the uid and pid inside the controller for reusability
+		$this->uid = getAuthUID();
+		$this->pid = getAuthPersonID();
+
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	
+    /**
+	 * function that returns the data used for the corresponding view
+	 * the client side parses the @param $uid and calls this function to get the data to the correct view 
+	 * @access public
+	 * @param  boolean $uid the userID used to identify which information should be retrieved for which view 
+	 * @return stdClass all the data corresponding to a view of a user
+	 */
+	public function getView($uid)
+	{
+		$res = new stdClass();
+		$editAllowed = getAuthUID() == $uid || $this->permissionlib->isBerechtigt('admin');
+
+		// if parsing the URL did not found a UID then the UID of the logged in user is used
+		if ($uid == "Profil" || $uid == $this->uid) {
+			$isMitarbeiter = $this->MitarbeiterModel->isMitarbeiter($this->uid);
+			if (isError($isMitarbeiter)) {
+				show_error("error while checking if UID: " . $this->uid . " is a mitarbeiter");
+			}
+			$isMitarbeiter = getData($isMitarbeiter);
+			if ($isMitarbeiter) {
+				$res->view = "MitarbeiterProfil";
+				$res->data = $this->mitarbeiterProfil();
+				$res->data->pid = $this->pid;
+			} else {
+				$res->view = "StudentProfil";
+				$res->data = $this->studentProfil();
+				$res->data->pid = $this->pid;
+			}
+			// editing your own profil - true
+			$editAllowed = true;
+		}
+		// UID is availabe when accessing Profil/View/:uid
+		else {
+			$this->PersonModel->addSelect(["person_id"]);
+			$pid = $this->PersonModel->getByUid($uid);
+			if (isError($pid)) {
+				show_error("error while trying to update table public.tbl_person while searching for a person with UID: " . $uid);
+			}
+			$pid = hasData($pid) ? getData($pid)[0] : null;
+			if (!$pid) {
+				show_error("Person with UID: " . $uid . " does not exist");
+			}
+			$isMitarbeiter = $this->MitarbeiterModel->isMitarbeiter($uid);
+			if (isError($isMitarbeiter)) {
+				show_error("error while checking if UID: " . $uid . " is a mitarbeiter");
+			}
+			$isMitarbeiter = getData($isMitarbeiter);
+			if ($isMitarbeiter) {
+				$res->view = "ViewMitarbeiterProfil";
+				$res->data = $this->viewMitarbeiterProfil($uid);
+
+			} else {
+				$res->view = "ViewStudentProfil";
+				$res->data = $this->viewStudentProfil($uid);
+			}
+		}
+		$res->data->editAllowed = $editAllowed;
+		$this->terminateWithSuccess($res);
+	}
+
+    /**
+	 * update column foto_sperre in public.tbl_person
+	 * @access public
+	 * @param  boolean $value  new value for the column
+	 * @return boolean the new value added to the column in public.tbl_person
+	 */
+	public function fotoSperre($value)
+	{
+        if(!isset($value)){
+            $this->terminateWithError("Missing parameter", self::ERROR_TYPE_GENERAL);
+        }
+
+		$res = $this->PersonModel->update($this->pid, ["foto_sperre" => $value]);
+		if (isError($res)) {
+			show_error("error while trying to update table public.tbl_person");
+		}
+		$this->PersonModel->addSelect("foto_sperre");
+		$res = $this->PersonModel->load($this->pid);
+		if (isError($res)) {
+			show_error("error while trying to query table public.tbl_person");
+		}
+
+        $res = $this->getDataOrTerminateWithError($res);
+		
+        $this->terminateWithSuccess(current($res));
+	}
+
+	/**
+	 * gets all nations in the table bis.tbl_nation
+	 *
+	 * @access public
+	 * @return array all the nations in table bis.tbl_nation
+	 */
+	public function getAllNationen()
+	{
+		// load the nationen from the database
+		$this->load->model('codex/Nation_model', "NationModel");
+		$this->NationModel->addSelect(["nation_code as code", "langtext"]);
+		$nation_res = $this->NationModel->load();
+
+		if (isError($nation_res)) {
+			$this->terminateWithError("error while trying to query table codex.tbl_nation", self::ERROR_TYPE_GENERAL);
+		}
+		
+		$nation_res = $this->getDataOrTerminateWithError($nation_res);
+
+		$this->terminateWithSuccess($nation_res);
+	}
+
+	public function getGemeinden($nation, $zip)
+	{
+		if(!isset($nation) || !isset($zip)){
+			echo json_encode(error("Missing parameters"));
+			return;
+		}
+		
+		$this->load->model('codex/Gemeinde_model', "GemeindeModel");
+		
+
+		$gemeinde_res = $this->GemeindeModel->getGemeindeByPlz($zip);
+		
+		if (isError($gemeinde_res)) {
+			$this->terminateWithError(getError($gemeinde_res),self::ERROR_TYPE_GENERAL);
+		}
+		$gemeinde_res = $this->getDataOrTerminateWithError($gemeinde_res);
+		
+		/* $gemeinde_res = array_map(function ($obj) {
+			return $obj->ortschaftsname;
+		}, $gemeinde_res); */
+
+		$this->terminateWithSuccess($gemeinde_res);	
+		
+	}
+
+
+    // -----------------------------------------------------------------------------------------------------------------
+	// Private methods
+
+	/**
+	 * function that returns the data used for viewing another mitarbeiter profile
+	 * @access private 
+	 * @param  integer $uid the userID to retrieve the mitarbeiter data
+	 * @return stdClass restricted mitarbeiter data
+	 */
+	private function viewMitarbeiterProfil($uid)
+	{
+		$mailverteiler_res = $this->getMailverteiler($uid);
+		$benutzer_funktion_res = $this->getBenutzerFunktion($uid);
+		$benutzer_res = $this->getBenutzerAlias($uid);
+		$person_res = $this->getPersonInfo($uid);
+		$mitarbeiter_res = $this->getMitarbeiterInfo($uid);
+		$telefon_res = $this->getTelefonInfo($uid);
+
+		$res = new stdClass();
+		$res->username = $uid;
+
+		//? Person Info
+		foreach ($person_res as $key => $val) {
+			$res->$key = $val;
+		}
+
+		//? Mitarbeiter Info
+		foreach ($mitarbeiter_res as $key => $val) {
+			$res->$key = $val;
+
+		}
+
+		$intern_email = array();
+		$intern_email["type"] = "intern";
+		$intern_email["email"] = $uid . "@" . DOMAIN;
+		$extern_email = array();
+		$extern_email["type"] = "alias";
+		$extern_email["email"] = $benutzer_res->alias . "@" . DOMAIN;
+		$res->emails = array($intern_email, $extern_email);
+
+		$res->funktionen = $benutzer_funktion_res;
+		$res->mailverteiler = $mailverteiler_res;
+		$res->standort_telefon = isset($telefon_res) ? $telefon_res->kontakt : null;
+
+		return $res;
+	}
+
+	/**
+	 * function that returns the data used for viewing another student profile
+	 * @access private 
+	 * @param  integer $uid the userID to retrieve the student data
+	 * @return stdClass restricted student data
+	 */
+	private function viewStudentProfil($uid)
+	{
+		$mailverteiler_res = $this->getMailverteiler($uid);
+		$person_res = $this->getPersonInfo($uid);
+		$student_res = $this->getStudentInfo($uid);
+		$matr_res = $this->getMatrikelNummer($uid);
+
+		$res = new stdClass();
+		$res->username = $uid;
+
+		//? Person Information
+		foreach ($person_res as $key => $value) {
+			$res->$key = $value;
+		}
+
+		//? Student Information
+		foreach ($student_res as $key => $value) {
+			$res->$key = $value;
+		}
+
+		$intern_email = array();
+		$intern_email["type"] = "intern";
+		$intern_email["email"] = $uid . "@" . DOMAIN;
+
+		$res->emails = [$intern_email];
+		$res->matrikelnummer = $matr_res->matr_nr;
+		$res->mailverteiler = $mailverteiler_res;
+
+		return $res;
+	}
+
+	/**
+	 * checks whether a specific userID is a mitarbeiter or not (foreword declaration of the function isMitarbeiter in Mitarbeiter_model.php)
+	 * @access public
+	 * @param  $uid the userID used to check if it is a mitarbeiter
+	 * @return boolean 
+	 */
+	public function isMitarbeiter($uid)
+	{
+
+		if(!$uid) $this->terminateWithError("No uid provided", self::ERROR_TYPE_GENERAL);
+		
+		
+		$result = $this->MitarbeiterModel->isMitarbeiter($uid);
+		
+		if (isError($result)) {
+			$this->terminateWithError("error when calling Mitarbeiter_model function isMitarbeiter with uid " . $uid, self::ERROR_TYPE_GENERAL);
+		}
+
+		$result = $this->getDataOrTerminateWithError($result);
+		
+		$this->terminateWithSuccess($result);
+	}
+
+	/**
+	 * function that returns the data used for the mitarbeiter profile
+	 * @access private 
+	 * @return stdClass mitarbeiter data
+	 */
+	private function mitarbeiterProfil()
+	{
+
+		$zutrittskarte_ausgegebenam = $this->getZutrittskarteDatum($this->uid);
+		$adresse_res = $this->getAdressenInfo($this->pid);
+		$kontakte_res = $this->getKontaktInfo($this->pid);
+		$mailverteiler_res = $this->getMailverteiler($this->uid);
+		$person_res = $this->getPersonInfo($this->uid, true);
+		$benutzer_funktion_res = $this->getBenutzerFunktion($this->uid);
+		$betriebsmittelperson_res = $this->getBetriebsmittelInfo($this->pid);
+		$profilUpdates = $this->getProfilUpdates($this->uid);
+		$telefon_res = $this->getTelefonInfo($this->uid);
+		$mitarbeiter_res = $this->getMitarbeiterInfo($this->uid);
+
+		$res = new stdClass();
+		$res->username = $this->uid;
+
+		//? Person Information
+		foreach ($person_res as $key => $value) {
+			$res->$key = $value;
+		}
+
+		//? Mitarbeiter Information
+		foreach ($mitarbeiter_res as $key => $value) {
+			$res->$key = $value;
+		}
+
+		$res->adressen = $adresse_res;
+		$res->zutrittsdatum = $zutrittskarte_ausgegebenam;
+		$res->kontakte = $kontakte_res;
+		$res->mittel = $betriebsmittelperson_res;
+		$res->mailverteiler = $mailverteiler_res;
+
+		$intern_email = array();
+		$intern_email["type"] = "intern";
+		$intern_email["email"] = $this->uid . "@" . DOMAIN;
+		$extern_email = array();
+		$extern_email["type"] = "alias";
+		$extern_email["email"] = $mitarbeiter_res->alias . "@" . DOMAIN;
+		$res->emails = [$intern_email, $extern_email];
+
+		$res->funktionen = $benutzer_funktion_res;
+		$res->standort_telefon = $telefon_res;
+		$res->profilUpdates = $profilUpdates;
+
+		return $res;
+	}
+
+	/**
+	 * function that returns the data used for the student profile
+	 * @access private 
+	 * @return stdClass student data
+	 */
+	private function studentProfil()
+	{
+		$betriebsmittelperson_res = $this->getBetriebsmittelInfo($this->pid);
+		$kontakte_res = $this->getKontaktInfo($this->pid);
+		$zutrittskarte_ausgegebenam = $this->getZutrittskarteDatum($this->uid);
+		$adresse_res = $this->getAdressenInfo($this->pid);
+		$mailverteiler_res = $this->getMailverteiler($this->uid);
+		$person_res = $this->getPersonInfo($this->uid, true);
+		$zutrittsgruppe_res = $this->getZutrittsgruppen($this->uid);
+		$student_res = $this->getStudentInfo($this->uid);
+		$matr_res = $this->getMatrikelNummer($this->uid);
+		$profilUpdates = $this->getProfilUpdates($this->uid);
+
+		$res = new stdClass();
+		$res->username = $this->uid;
+
+		//? Person Information
+		foreach ($person_res as $key => $value) {
+			$res->$key = $value;
+		}
+
+		//? Student Information
+		foreach ($student_res as $key => $value) {
+			$res->$key = trim($value);
+		}
+
+		$intern_email = array();
+		$intern_email["type"] = "intern";
+		$intern_email["email"] = $this->uid . "@" . DOMAIN;
+
+		$res->emails = [$intern_email];
+		$res->adressen = $adresse_res;
+		$res->zutrittsdatum = $zutrittskarte_ausgegebenam;
+		$res->kontakte = $kontakte_res;
+		$res->mittel = $betriebsmittelperson_res;
+		$res->matrikelnummer = $matr_res->matr_nr;
+		$res->zuttritsgruppen = $zutrittsgruppe_res;
+		$res->mailverteiler = $mailverteiler_res;
+		$res->profilUpdates = $profilUpdates;
+
+		return $res;
+	}
+
+
+    /**
+	 * gets all the mailverteiler using the tables: tbl_benutzer, tbl_benutzergruppe, tbl_gruppe
+	 * @access private
+	 * @param  integer $uid  the userID used to retrieve the mailverteiler 
+	 * @return array returns the mailvertailer corresponding to a userID 
+	 */
+	private function getMailverteiler($uid)
+	{
+		$this->PersonModel->addSelect('gruppe_kurzbz, beschreibung');
+		$this->PersonModel->addJoin('tbl_benutzer', 'person_id');
+		$this->PersonModel->addJoin('tbl_benutzergruppe', 'uid');
+		$this->PersonModel->addJoin('tbl_gruppe', 'gruppe_kurzbz');
+
+		$mailverteiler_res = $this->PersonModel->loadWhere(array('mailgrp' => true, 'uid' => $uid));
+		if (isError($mailverteiler_res)) {
+			show_error("was not able to query the table public.tbl_benutzer:" . getData($mailverteiler_res));
+		}
+		$mailverteiler_res = hasData($mailverteiler_res) ? getData($mailverteiler_res) : null;
+		$mailverteiler_res = array_map(function ($element) {
+			$element->mailto = "mailto:" . $element->gruppe_kurzbz . "@" . DOMAIN;
+			return $element;
+		}, $mailverteiler_res);
+		return $mailverteiler_res;
+	}
+
+	/**
+	 * gets all the Benutzerfunktionen of a corresponding user
+	 * @access private
+	 * @param  integer $uid  the userID used to retrieve the Benutzerfunktionen 
+	 * @return array returns the Benutzerfunktionen corresponding to a userID 
+	 */
+	private function getBenutzerFunktion($uid)
+	{
+		$this->BenutzerfunktionModel->addSelect(["tbl_benutzerfunktion.bezeichnung as Bezeichnung", "tbl_organisationseinheit.bezeichnung as Organisationseinheit", "datum_von as Gültig_von", "datum_bis as Gültig_bis", "wochenstunden as Wochenstunden"]);
+		$this->BenutzerfunktionModel->addJoin("tbl_organisationseinheit", "oe_kurzbz");
+
+		$benutzer_funktion_res = $this->BenutzerfunktionModel->loadWhere(array('uid' => $uid));
+		if (isError($benutzer_funktion_res)) {
+			show_error("was not able to query the table public.tbl_benutzerfunktion:" . getData($benutzer_funktion_res));
+		}
+		$benutzer_funktion_res = hasData($benutzer_funktion_res) ? getData($benutzer_funktion_res) : null;
+		return $benutzer_funktion_res;
+	}
+
+	/**
+	 * gets all the Betriebsmittel of a corresponding user
+	 * @access private
+	 * @param  integer $uid  the userID used to retrieve the Betriebsmittel 
+	 * @return array returns the Betriebsmittel corresponding to a userID 
+	 */
+	private function getBetriebsmittelInfo($pid)
+	{
+		$this->BetriebsmittelpersonModel->addSelect(["CONCAT(betriebsmitteltyp, ' ' ,beschreibung) as Betriebsmittel", "nummer as Nummer", "ausgegebenam as Ausgegeben_am"]);
+
+		//? betriebsmittel are not needed in a view
+		$betriebsmittelperson_res = $this->BetriebsmittelpersonModel->getBetriebsmittel($pid);
+		if (isError($betriebsmittelperson_res)) {
+			show_error("was not able to query the table public.tbl_betriebsmittelperson:" . getData($betriebsmittelperson_res));
+		}
+		$betriebsmittelperson_res = hasData($betriebsmittelperson_res) ? getData($betriebsmittelperson_res) : null;
+		return $betriebsmittelperson_res;
+	}
+
+	/**
+	 * gets the alias of a corresponding user
+	 * @access private
+	 * @param  integer $uid the userID used to get the alias
+	 * @return string the alias of the userID
+	 */
+	private function getBenutzerAlias($uid)
+	{
+		$this->BenutzerModel->addSelect(["alias"]);
+		$benutzer_res = $this->BenutzerModel->load([$uid]);
+		if (isError($benutzer_res)) {
+			show_error("was not able to query the table public.tbl_benutzer:" . getData($benutzer_res));
+		} else {
+			$benutzer_res = hasData($benutzer_res) ? getData($benutzer_res)[0] : null;
+		}
+
+		return $benutzer_res;
+	}
+
+	/**
+	 * gets the person information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the person information
+	 * @param  integer $geburtsInfo flag wether to add the columns gebort, gebdatum, foto_sperre or not
+	 * @return array all the person informaion corresponding to a userID
+	 */
+	private function getPersonInfo($uid, $geburtsInfo = null)
+	{
+		$selectClause = ["foto", "foto_sperre", "anrede", "titelpost as postnomen", "titelpre as titel", "vorname", "nachname"];
+		/** @param integer $geburtsInfo */
+		if ($geburtsInfo) {
+			array_push($selectClause, "gebort");
+			array_push($selectClause, "gebdatum");
+		}
+		$this->BenutzerModel->addSelect($selectClause);
+		$this->BenutzerModel->addJoin("tbl_person", "person_id");
+
+		$person_res = $this->BenutzerModel->load([$uid]);
+		if (isError($person_res)) {
+			show_error("was not able to query the table public.tbl_benutzer:" . getData($person_res));
+		} else {
+			$person_res = hasData($person_res) ? getData($person_res)[0] : null;
+		}
+
+		if( ($person_res->foto === null) || (($this->uid !== $uid) && ($person_res->foto_sperre !== false)) )
+		{
+			$dummy_foto = base64_encode(file_get_contents(DOC_ROOT.'skin/images/profilbild_dummy.jpg'));
+			$person_res->foto = $dummy_foto;
+		}
+
+		return $person_res;
+	}
+
+	/**
+	 * gets the mitarbeiter information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the mitarbeiter information
+	 * @return array all the mitarbeiter informaion corresponding to a userID
+	 */
+	private function getMitarbeiterInfo($uid)
+	{
+		$this->MitarbeiterModel->addSelect(["kurzbz", "telefonklappe", "alias", "ort_kurzbz"]);
+		$this->MitarbeiterModel->addJoin("tbl_benutzer", "tbl_benutzer.uid = tbl_mitarbeiter.mitarbeiter_uid");
+		$mitarbeiter_res = $this->MitarbeiterModel->load($uid);
+		if (isError($mitarbeiter_res)) {
+			show_error("was not able to query the table public.tbl_mitarbeiter:" . getData($mitarbeiter_res));
+		} else {
+			$mitarbeiter_res = hasData($mitarbeiter_res) ? getData($mitarbeiter_res)[0] : null;
+		}
+
+		return $mitarbeiter_res;
+	}
+
+	/**
+	 * gets the telefon information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the telefon information
+	 * @return array all the telefon informaion corresponding to a userID
+	 */
+	private function getTelefonInfo($uid)
+	{
+		$this->MitarbeiterModel->addSelect(["kontakt"]);
+		$this->MitarbeiterModel->addJoin("tbl_kontakt", "tbl_mitarbeiter.standort_id = tbl_kontakt.standort_id");
+		$this->MitarbeiterModel->addLimit(1);
+		$telefon_res = $this->MitarbeiterModel->loadWhere(["mitarbeiter_uid" => $uid, "kontakttyp" => "telefon"]);
+		if (isError($telefon_res)) {
+			show_error("was not able to query the table public.tbl_mitarbeiter:" . getData($telefon_res));
+		}
+		$telefon_res = hasData($telefon_res) ? getData($telefon_res)[0] : null;
+		return $telefon_res;
+	}
+
+	/**
+	 * gets the student information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the student information
+	 * @return array all the student informaion corresponding to a userID
+	 */
+	private function getStudentInfo($uid)
+	{
+		$this->StudentModel->addSelect(['tbl_studiengang.bezeichnung as studiengang', 'tbl_student.semester', 'tbl_student.verband', 'tbl_student.gruppe', 'tbl_student.matrikelnr as personenkennzeichen']);
+		$this->StudentModel->addJoin('tbl_studiengang', "tbl_studiengang.studiengang_kz=tbl_student.studiengang_kz");
+
+		$student_res = $this->StudentModel->load([$uid]);
+		if (isError($student_res)) {
+			show_error("was not able to query the table public.tbl_student:" . getData($student_res));
+		}
+		$student_res = hasData($student_res) ? getData($student_res)[0] : null;
+		return $student_res;
+	}
+
+	/**
+	 * gets the profil updates corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the profil updates
+	 * @return array all the profil updates corresponding to a userID
+	 */
+	private function getProfilUpdates($uid)
+	{
+		$profilUpdates = $this->ProfilUpdateModel->getProfilUpdatesWhere(['uid' => $uid]);
+		if (isError($profilUpdates)) {
+			show_error("was not able to query the table public.tbl_profil_update:" . getData($profilUpdates));
+		}
+		$profilUpdates = hasData($profilUpdates) ? getData($profilUpdates) : null;
+		return $profilUpdates;
+	}
+
+	/**
+	 * gets the Matrikelnummer corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the Matrikelnummer
+	 * @return integer the Matrikelnummer corresponding to a userID
+	 */
+	private function getMatrikelNummer($uid)
+	{
+		$this->BenutzerModel->addSelect(["matr_nr"]);
+		$this->BenutzerModel->addJoin("tbl_person", "person_id");
+
+		$matr_res = $this->BenutzerModel->load([$uid]);
+		if (isError($matr_res)) {
+			show_error("was not able to query the table public.tbl_benutzer:" . getData($matr_res));
+		}
+		$matr_res = hasData($matr_res) ? getData($matr_res)[0] : [];
+		return $matr_res;
+	}
+
+	/**
+	 * gets the Zutrittsgruppen corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the Zutrittsgruppen
+	 * @return array all the Zutrittsgruppen corresponding to a userID
+	 */
+	private function getZutrittsgruppen($uid)
+	{
+		$this->BenutzergruppeModel->addSelect(['bezeichnung']);
+		$this->BenutzergruppeModel->addJoin('tbl_gruppe', 'gruppe_kurzbz');
+
+		$zutrittsgruppe_res = $this->BenutzergruppeModel->loadWhere(array("uid" => $uid, "zutrittssystem" => true));
+		if (isError($zutrittsgruppe_res)) {
+			show_error("was not able to query the table public.tbl_benutzergruppe:" . getData($zutrittsgruppe_res));
+		}
+		$zutrittsgruppe_res = hasData($zutrittsgruppe_res) ? getData($zutrittsgruppe_res) : null;
+		return $zutrittsgruppe_res;
+	}
+
+	/**
+	 * gets the address information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the address information
+	 * @return array all the address information corresponding to a userID
+	 */
+	private function getAdressenInfo($pid)
+	{
+		$adresse_res = $this->AdresseModel->addSelect(["adresse_id", "strasse", "tbl_adressentyp.bezeichnung as typ", "plz", "ort", "zustelladresse", "gemeinde", "nation"]);
+		$adresse_res = $this->AdresseModel->addOrder("zustelladresse", "DESC");
+		$adresse_res = $this->AdresseModel->addJoin("tbl_adressentyp", "typ=adressentyp_kurzbz");
+
+		$adresse_res = $this->AdresseModel->loadWhere(["person_id" => $pid]);
+		if (isError($adresse_res)) {
+			show_error("was not able to query the table public.tbl_adresse:" . getData($adresse_res));
+		}
+		$adresse_res = hasData($adresse_res) ? getData($adresse_res) : null;
+		return $adresse_res;
+	}
+
+	/**
+	 * gets the kontakt information corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the kontakt information
+	 * @return array all the kontakt information corresponding to a userID
+	 */
+	private function getKontaktInfo($pid)
+	{
+		$this->KontaktModel->addSelect(['kontakttyp', 'kontakt_id', 'kontakt', 'tbl_kontakt.anmerkung', 'tbl_kontakt.zustellung']);
+		$this->KontaktModel->addJoin('public.tbl_standort', 'standort_id', 'LEFT');
+		$this->KontaktModel->addJoin('public.tbl_firma', 'firma_id', 'LEFT');
+		$this->KontaktModel->addOrder('kontakttyp, kontakt, tbl_kontakt.updateamum, tbl_kontakt.insertamum');
+
+		$kontakte_res = $this->KontaktModel->loadWhere(['person_id' => $pid]);
+		if (isError($kontakte_res)) {
+			show_error("was not able to query the table public.tbl_kontakt:" . getData($kontakte_res));
+		}
+		$kontakte_res = hasData($kontakte_res) ? getData($kontakte_res) : null;
+		return $kontakte_res;
+	}
+
+	/**
+	 * gets the date of issue of the FH access card corresponding to a user
+	 * @access private
+	 * @param  integer $uid the userID used to get the date of issue of the FH access card
+	 * @return string the date of issue of the FH access card corresponding to a userID
+	 */
+	private function getZutrittskarteDatum($uid)
+	{
+		$zutrittskarte_ausgegebenam = $this->BetriebsmittelpersonModel->getBetriebsmittelByUid($uid, "Zutrittskarte");
+		if (isError($zutrittskarte_ausgegebenam)) {
+			show_error("was not able to query the table wavi.tbl_bentriebsmittelperson:" . getData($zutrittskarte_ausgegebenam));
+		}
+		$zutrittskarte_ausgegebenam = hasData($zutrittskarte_ausgegebenam) ? getData($zutrittskarte_ausgegebenam)[0]->ausgegebenam : null;
+
+		//? formats date from 01-01-2000 to 01.01.2000
+		$zutrittskarte_ausgegebenam = str_replace("-", ".", $zutrittskarte_ausgegebenam);
+		return $zutrittskarte_ausgegebenam;
+	}
+}
+

application/controllers/api/frontend/v1/ProfilUpdate.php

@@ -0,0 +1,837 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class ProfilUpdate extends FHCAPI_Controller
+{
+
+    public static $STATUS_PENDING = NULL;
+	public static $STATUS_ACCEPTED = NULL;
+	public static $STATUS_REJECTED = NULL;
+
+	public static $TOPICS = [];
+
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+            'getStatus' => self::PERM_LOGGED,
+            'getTopic' => self::PERM_LOGGED,
+			'getProfilRequestFiles' => self::PERM_LOGGED,
+			'getProfilUpdateWithPermission' => ['student/stammdaten:r', 'mitarbeiter/stammdaten:r'],
+			'denyProfilRequest' => ['student/stammdaten:rw', 'mitarbeiter/stammdaten:rw'],
+			'acceptProfilRequest' => ['student/stammdaten:rw', 'mitarbeiter/stammdaten:rw'],
+			'selectProfilRequest' => self::PERM_LOGGED,
+			'insertProfilRequest' => self::PERM_LOGGED,
+			'updateProfilRequest' => self::PERM_LOGGED,
+			'deleteProfilRequest' => self::PERM_LOGGED,
+			'insertFile' => self::PERM_LOGGED,
+			'show' => self::PERM_LOGGED,
+			]);
+
+		$this->load->config('cis');
+
+		// Load language phrases
+		$this->loadPhrases(
+			array(
+				'ui',
+				'global',
+				'person',
+				'profil',
+				'profilUpdate'
+			)
+		);
+
+        $this->load->model('person/Profil_update_model', 'ProfilUpdateModel');
+		$this->load->model('person/Kontakt_model', 'KontaktModel');
+		$this->load->model('person/Adresse_model', 'AdresseModel');
+		$this->load->model('person/Adressentyp_model', 'AdressenTypModel');
+		$this->load->model('person/Person_model', 'PersonModel');
+		$this->load->model('ressource/mitarbeiter_model', 'MitarbeiterModel');
+		$this->load->model('crm/Student_model', 'StudentModel');
+		$this->load->model('person/Benutzer_model', 'BenutzerModel');
+		$this->load->model('system/Sprache_model', 'SpracheModel');
+		$this->load->model('person/Profil_update_status_model', 'ProfilUpdateStatusModel');
+		$this->load->model('person/Profil_update_topic_model', 'ProfilUpdateTopicModel');
+
+		$this->load->library('DmsLib');
+		$this->load->library('PermissionLib');
+
+		//? put the uid and pid inside the controller for reusability
+		$this->uid = getAuthUID();
+		$this->pid = getAuthPersonID();
+
+		// setup the ProfilUpdate states
+		$this->ProfilUpdateStatusModel->addSelect(['status_kurzbz']);
+		$status_kurzbz = $this->ProfilUpdateStatusModel->load();
+		if (hasData($status_kurzbz)) {
+			list($status_pending, $status_accepted, $status_rejected) = getData($status_kurzbz);
+
+			self::$STATUS_PENDING = $status_pending->status_kurzbz;
+			self::$STATUS_ACCEPTED = $status_accepted->status_kurzbz;
+			self::$STATUS_REJECTED = $status_rejected->status_kurzbz;
+		}
+		// setup the ProfilUpdate topics
+		$this->ProfilUpdateTopicModel->addSelect(['topic_kurzbz']);
+		$topic_kurzbz = $this->ProfilUpdateTopicModel->load();
+
+		if (hasData($topic_kurzbz)) {
+			foreach (getData($topic_kurzbz) as $topic) {
+				self::$TOPICS[$topic->topic_kurzbz] = $topic->topic_kurzbz;
+			}
+		}
+
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+    public function getStatus()
+	{
+		$this->terminateWithSuccess([self::$STATUS_PENDING => self::$STATUS_PENDING, self::$STATUS_ACCEPTED => self::$STATUS_ACCEPTED, self::$STATUS_REJECTED => self::$STATUS_REJECTED]);
+	}
+
+
+    public function getTopic()
+	{
+        if(!count(self::$TOPICS)){
+            $this->terminateWithError('No topics found');
+        }
+		$this->terminateWithSuccess(self::$TOPICS);
+	}
+
+	public function show($dms_id)
+	{
+
+		$profil_update = $this->ProfilUpdateModel->loadWhere(['attachment_id' => $dms_id]);
+		$profil_update = hasData($profil_update) ? getData($profil_update)[0] : null;
+
+		//? checks if an profil update exists with the dms_id requested from the user
+		if ($profil_update) {
+			$is_mitarbeiter_profil_update = getData($this->MitarbeiterModel->isMitarbeiter($profil_update->uid));
+			$is_student_profil_update = getData($this->StudentModel->isStudent($profil_update->uid));
+
+			if (
+				$this->permissionlib->isBerechtigt('student/stammdaten:r') && $is_student_profil_update ||
+				$this->permissionlib->isBerechtigt('mitarbeiter/stammdaten:r') && $is_mitarbeiter_profil_update ||
+				$this->uid == $profil_update->uid
+			) {
+				// Get file to be downloaded from DMS
+				$download = $this->dmslib->download($dms_id);
+				$download = $this->getDataOrTerminateWithError($download);
+				// Download file
+				$this->outputFile($download);
+
+
+			} else {
+				$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_permission_error'));
+			}
+
+		} else {
+			$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_dms_error'));
+		}
+
+	}
+
+	public function selectProfilRequest()
+	{
+
+		$uid = $this->input->get('uid',true);
+		$id = $this->input->get('id',true);
+		$whereClause = ['uid' => $this->uid];
+		
+		if (isset($uid))
+			$whereClause['uid'] = $uid;
+		if (isset($id))
+			$whereClause['id'] = $id;
+
+		$res = $this->ProfilUpdateModel->getProfilUpdatesWhere($whereClause);
+		$res = $this->getDataOrTerminateWithError($res);
+		$this->terminateWithSuccess($res);
+
+	}
+
+	public function insertProfilRequest()
+	{
+
+		$payload = $this->input->post('payload');
+		$topic = $this->input->post('topic',true);
+		$fileID = $this->input->post('fileID',true);
+
+		if(!isset($payload) || !isset($topic)){
+			$this->terminateWithError("required parameters are missing");
+		}
+
+		$identifier = array_key_exists("kontakt_id", $payload) ? "kontakt_id" : (array_key_exists("adresse_id", $payload) ? "adresse_id" : null);
+		
+		$data = ["topic" => $topic, "uid" => $this->uid, "requested_change" => json_encode($payload), "insertamum" => "NOW()", "insertvon" => $this->uid, "status" => self::$STATUS_PENDING ?: 'Pending'];
+
+		//? insert fileID in the dataset if sent with post request
+		if (isset($fileID)) {
+			$data['attachment_id'] = $fileID;
+		}
+
+		//? loops over all updateRequests from a user to validate if the new request is valid
+		$res = $this->ProfilUpdateModel->getProfilUpdatesWhere(["uid" => $this->uid]);
+		$res = $this->getDataOrTerminateWithError($res);
+
+		//? the user cannot delete a zustelladresse/kontakt
+		if (isset($payload["delete"]) && $payload[$identifier == "kontakt_id" ? "zustellung" : "zustelladresse"]) {
+			$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_deleteZustellung_error'));
+		}
+
+		//? if the user tries to delete a adresse, checks whether the adresse is a heimatadresse, if so an error is raised
+		if (isset($payload["delete"]) && $identifier == "adresse_id") {
+			$adr = $this->AdresseModel->load($payload[$identifier]);
+			$adr = $this->getDataOrTerminateWithError($adr)[0];
+			if ($adr->heimatadresse) {
+				$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_deleteZustellung_error'));
+			}
+		}
+
+		if ($res) {
+			$pending_changes = array_filter($res, function ($element) {
+				return $element->status == (self::$STATUS_PENDING ?: "Pending");
+			});
+			foreach ($pending_changes as $update_request) {
+				$existing_change = $update_request->requested_change;
+				//? the user can add as many new kontakte/adressen as he likes
+				if (!isset($payload["add"]) && property_exists($existing_change, $identifier) && array_key_exists($identifier,$payload) && $existing_change->$identifier == $payload[$identifier]) {
+					//? the kontakt_id / adresse_id of a change has to be unique 
+					$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_changeTwice_error'));
+				}
+
+				//? if it is not updating any kontakt/adresse, the topic has to be unique
+				elseif (!$identifier && $update_request->topic == $topic) {
+					$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_changeTopicTwice_error', ['0' => $update_request->topic]));
+				}
+			}
+		}
+
+		$insertID = $this->ProfilUpdateModel->insert($data);
+
+		if (isError($insertID)) {
+			$this->terminateWithError(getError($insertID));
+		} else {
+			
+			$insertID = hasData($insertID) ? getData($insertID) : null;
+			//? sends emails to the correspondents of the $uid
+			$this->sendEmail_onProfilUpdate_insertion($this->uid, $insertID, $topic);
+			$this->terminateWithSuccess(success($insertID));
+		}
+	}
+
+	public function updateProfilRequest()
+	{
+		$topic = $this->input->post('topic', true);
+		$payload = $this->input->post('payload', true);
+		$ID = $this->input->post('ID', true);
+		$fileID = $this->input->post('fileID', true);//optional
+
+		if(!isset($topic) || !isset($payload) || !isset($ID)){
+			$this->terminateWithError("required parameters are missing");
+		}
+
+		$updateData = ["requested_change" => json_encode($payload), "updateamum" => "NOW()", "updatevon" => $this->uid];
+		if (isset($fileID)) {
+			$updateData['attachment_id'] = json_decode($fileID);
+		}
+		$updateID = $this->ProfilUpdateModel->update([$ID], $updateData);
+		//? insert fileID in the dataset if sent with post request
+
+		if (isError($updateID)) {
+			$this->terminateWithError(getError($updateID));
+		}
+		
+		$updateID = $this->getDataOrTerminateWithError($updateID)[0];
+		
+		$this->terminateWithSuccess(success($updateID));
+	}
+
+	public function deleteProfilRequest()
+	{
+
+		$requestID = $this->input->post('requestID', true);
+		$result = $this->ProfilUpdateModel->delete([$requestID]);
+		if (isError($result)) {
+			$this->terminateWithError(getError($result));
+		}
+		$this->terminateWithSuccess($result);
+	}
+
+	public function getProfilRequestFiles($id)
+	{
+		 if(!$id){
+			$this->terminateWithError("parameter id is missing");
+		 }
+
+		$this->ProfilUpdateModel->addSelect(["attachment_id"]);
+		$attachmentID = $this->ProfilUpdateModel->load([$id]);
+		if (isError($attachmentID)) {
+			$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_loading_error'),self::ERROR_TYPE_GENERAL);
+		}
+		//? get the attachmentID
+		$dms_id = $this->getDataOrTerminateWithError($attachmentID)[0]->attachment_id;
+
+		//? get the name to the file
+		$this->DmsVersionModel->addSelect(["name", "dms_id"]);
+		$attachment = $this->DmsVersionModel->load([$dms_id, 0]);
+		if (isError($attachment)) {
+			$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_dmsVersion_error'),self::ERROR_TYPE_GENERAL);
+		}
+		$attachment = $this->getDataOrTerminateWithError($attachment);
+		//? returns {name:..., dms_id:...}
+		$this->terminateWithSuccess($attachment);
+	}
+
+	public function denyProfilRequest()
+	{
+		$id = $this->input->post('profil_update_id', true);
+		$uid = $this->input->post('uid', true);
+		$topic = $this->input->post('topic', true);
+		$status_message = $this->input->post('status_message', true); //optional
+
+		if(!isset($id) || !isset($uid) || !isset($topic)){
+			$this->terminateWithError("parameter id, uid, topic or status_message is missing");
+		}
+
+		$is_mitarbeiter = $this->MitarbeiterModel->isMitarbeiter($uid);
+		$is_mitarbeiter = $this->getDataOrTerminateWithError($is_mitarbeiter);
+		
+		$is_student = $this->StudentModel->isStudent($uid);
+		$is_student = $this->getDataOrTerminateWithError($is_student);
+
+		if (
+			$is_student && $this->permissionlib->isBerechtigt('student/stammdaten', "suid", $this->getOE_from_student($uid)) ||
+			$is_mitarbeiter && $this->permissionlib->isBerechtigt('mitarbeiter/stammdaten', "suid") 
+		) {
+			$this->sendEmail_onProfilUpdate_response($uid, $topic, self::$STATUS_REJECTED);
+			$this->terminateWithSuccess($this->setStatusOnUpdateRequest($id, self::$STATUS_REJECTED, $status_message));
+		} else {
+			$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_permission_error'),self::ERROR_TYPE_GENERAL);
+		}
+	}
+
+	public function acceptProfilRequest()
+	{
+		$id = $this->input->post('profil_update_id', true);
+		$uid = $this->input->post('uid', true);
+		$topic = $this->input->post('topic', true);
+		$requested_change = $this->input->post('requested_change');
+		$status_message = $this->input->post('status_message', true); //optional
+
+		//? fetching person_id using UID
+		$personID = $this->PersonModel->getByUid($uid);
+		$personID = $this->getDataOrTerminateWithError($personID)[0]->person_id;
+
+		//! check for required information
+		if (!isset($id) || !isset($uid) || !isset($personID) || !isset($requested_change) || !isset($topic)) {
+			$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_requiredInformation_error'));
+		}
+
+		$is_mitarbeiter = $this->MitarbeiterModel->isMitarbeiter($uid);
+		$is_mitarbeiter = $this->getDataOrTerminateWithError($is_mitarbeiter);
+
+		$is_student = $this->StudentModel->isStudent($uid);
+		$is_student = $this->getDataOrTerminateWithError($is_student);
+
+
+		//? check if the permissions are set correctly
+		if (
+			$is_student && $this->permissionlib->isBerechtigt('student/stammdaten', "suid", $this->getOE_from_student($uid)) ||
+			$is_mitarbeiter && $this->permissionlib->isBerechtigt('mitarbeiter/stammdaten', "suid") 
+		) {
+
+			if (is_array($requested_change) && array_key_exists("adresse_id", $requested_change)) {
+				$insertID = $this->handleAdresse($requested_change, $personID);
+				$insertID = getData($insertID);
+				if (isset($insertID)) {
+					$requested_change['adresse_id'] = $insertID;
+					$update_res = $this->updateRequestedChange($id, $requested_change);
+					if (isError($update_res)) {
+						$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_address_error', [$insertID]));
+					}
+				}
+
+			} else if (is_array($requested_change) && array_key_exists("kontakt_id", $requested_change)) {
+				$insertID = $this->handleKontakt($requested_change, $personID);
+				$insertID = getData($insertID);
+				if (isset($insertID)) {
+					$requested_change['kontakt_id'] = $insertID;
+					$update_res = $this->updateRequestedChange($id, $requested_change);
+					if (isError($update_res)) {
+						$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_kontakt_error', [$insertID]));
+					}
+				}
+
+
+			} else {
+				switch ($topic) {
+					// mapping phrasen to database columns to make the update with the correct column names
+					case self::$TOPICS['Titel']:
+						$topic = "titelpre";
+						break;
+					case self::$TOPICS['Postnomen']:
+						$topic = "titelpost";
+						break;
+					case self::$TOPICS['Vorname']:
+						$topic = "vorname";
+						break;
+					case self::$TOPICS['Nachname']:
+						$topic = "nachname";
+						break;
+					default:
+						$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_topic_error', [$topic]));
+				}
+
+				$result = $this->PersonModel->update($personID, [$topic => $requested_change["value"]]);
+				if (isError($result)) $this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_insert_error'));
+			
+			}
+			$this->sendEmail_onProfilUpdate_response($uid, $topic, self::$STATUS_ACCEPTED);
+
+			$this->terminateWithSuccess($this->setStatusOnUpdateRequest($id, self::$STATUS_ACCEPTED, $status_message, $requested_change));
+		} else {
+			$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_permission_error'));
+		}
+
+
+	}
+
+	public function insertFile($replace)
+	{
+		$replace = json_decode($replace);
+		
+		if (!count($_FILES)) {
+			$this->terminateWithError("No file available for upload");
+		}
+
+		//? if replace is set it contains the profil_update_id in which the attachment_id has to be replaced
+		if (isset($replace)) {
+			
+			$this->ProfilUpdateModel->addSelect(["attachment_id"]);
+			$profilUpdate = $this->ProfilUpdateModel->load([$replace]);
+			if (isError($profilUpdate)) {
+				$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_loading_error'));
+			}
+			//? get the attachmentID
+			$dms_id = $this->getDataOrTerminateWithError($profilUpdate)[0]->attachment_id;
+
+			//? delete old dms_file of Profil Update
+			$deleteOldFile_result = $this->deleteOldVersionFile($dms_id);
+			if(!$deleteOldFile_result){
+				$this->terminateWithError("error while deleting the old file");
+			}
+		}
+
+
+		$files = $_FILES['files'];
+		$file_count = count($files['name']);
+
+		$res = [];
+
+		for ($i = 0; $i < $file_count; $i++) {
+			$_FILES['files']['name'] = $files['name'][$i];
+			$_FILES['files']['type'] = $files['type'][$i];
+			$_FILES['files']['tmp_name'] = $files['tmp_name'][$i];
+			$_FILES['files']['error'] = $files['error'][$i];
+			$_FILES['files']['size'] = $files['size'][$i];
+
+			$dms = [
+				"kategorie_kurzbz" => "profil_aenderung",
+				"version" => 0,
+				"name" => $_FILES['files']['name'],
+				"mimetype" => $_FILES['files']['type'],
+				"beschreibung" => $this->uid . " Profil Änderung",
+				"insertvon" => $this->uid,
+				"insertamum" => "NOW()",
+			];
+
+			$tmp_res = $this->dmslib->upload($dms, 'files', array("jpg", "png", "pdf"));
+			
+			if(isError($tmp_res)){
+				$this->addError(getError($tmp_res));
+			}
+
+			$tmp_res = $this->getDataOrTerminateWithError($tmp_res);
+			array_push($res, $tmp_res);
+		}
+
+		$this->terminateWithSuccess($res);
+	}
+
+	public function getProfilUpdateWithPermission($status = null)
+	{
+		// early return if no status has been passed as argument
+		if (!isset($status)) {
+			echo json_encode($this->ProfilUpdateModel->getProfilUpdateWithPermission());
+			return;
+		}
+
+		// get the sprache of the user
+		$sprachenIndex = $this->SpracheModel->loadWhere(["sprache" => getUserLanguage()]);
+		$sprachenIndex = hasData($sprachenIndex) ? getData($sprachenIndex)[0]->index : null;
+
+		if (isset($sprachenIndex) && isset($status)) {
+			// get the corresponding status kurz_bz primary key out of the translation
+			$status = $this->ProfilUpdateStatusModel->execReadOnlyQuery("select * from public.tbl_profil_update_status where ? = ANY(bezeichnung_mehrsprachig)", [$status]);
+			$status = hasData($status) ? getData($status)[0]->status_kurzbz : null;
+			$res = $this->ProfilUpdateModel->getProfilUpdateWithPermission(isset($status) ? ['status' => $status] : null);
+
+			echo json_encode($res);
+		}
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Private methods
+
+
+	private function sendEmail_onProfilUpdate_insertion($uid, $profil_update_id, $topic)
+	{
+		if($this->config->item('cis_send_profil_update_mails') === false)
+		{
+			return;
+		}
+
+		$this->load->helper('hlp_sancho_helper');
+		$emails = [];
+
+		$is_mitarbeiter = $this->MitarbeiterModel->isMitarbeiter($uid);
+		if (isError($is_mitarbeiter)) {
+			$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_mitarbeiterCheck_error'));
+		}
+		$is_mitarbeiter = $this->getDataOrTerminateWithError($is_mitarbeiter);
+
+		//! if the $uid is a mitarbeiter and student, only the hr is notified by email
+		if ($is_mitarbeiter) {
+			//? user is not a student therefore he is a mitarbeiter, send email to Personalverwaltung
+			//? use constant variable MAIL_GST to mail to the personalverwaltung
+			$this->MitarbeiterModel->addSelect([TRUE]);
+			$this->MitarbeiterModel->addJoin("public.tbl_benutzer", "public.tbl_benutzer.uid = public.tbl_mitarbeiter.mitarbeiter_uid");
+			//? check if the the userID is a mitarbeiter and if the benutzer is active
+			$res = $this->MitarbeiterModel->loadWhere(["public.tbl_mitarbeiter.mitarbeiter_uid" => $uid, "public.tbl_benutzer.aktiv" => TRUE]);
+			if (isError($res)) {
+				$this->terminateWithError("was not able to query the mitarbeiter and benutzer by the uid: " . $uid);
+			}
+			if (hasData($res)) {
+				array_push($emails, MAIL_GST);
+			} else {
+				$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_mitarbeiterCheck_error'));
+			}
+		} else {
+			//? if it is not a mitarbeiter, check whether it is a student and send email to studiengang
+			$is_student = $this->StudentModel->isStudent($uid);
+			if (isError($is_student)) {
+				$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_studentCheck_error'));
+			}
+			$is_student = $this->getDataOrTerminateWithError($is_student);
+			if ($is_student) {
+				//? Send email to the Studiengangsassistentinnen
+				$this->StudentModel->addSelect(["public.tbl_studiengang.email"]);
+				$this->StudentModel->addJoin("public.tbl_benutzer", "public.tbl_benutzer.uid = public.tbl_student.student_uid");
+				$this->StudentModel->addJoin("public.tbl_prestudent", "public.tbl_benutzer.person_id = public.tbl_prestudent.person_id");
+				$this->StudentModel->addJoin("public.tbl_prestudentstatus", "public.tbl_prestudentstatus.prestudent_id = public.tbl_prestudent.prestudent_id");
+				$this->StudentModel->addJoin("public.tbl_studiengang", "public.tbl_studiengang.studiengang_kz = public.tbl_prestudent.studiengang_kz");
+				//* check if the benutzer itself is active
+				//* check if the student status is Student or Diplomand (active students)
+				$this->StudentModel->db->where_in("public.tbl_prestudentstatus.status_kurzbz", ['Student', 'Diplomand']);
+				$res = $this->StudentModel->loadWhere(["public.tbl_benutzer.aktiv" => TRUE, "public.tbl_student.student_uid" => $uid]);
+				if (isError($res)) {
+					$this->terminateWithError(getError($res));
+				} else {
+					$res = $this->getDataOrTerminateWithError($res);
+					foreach ($res as $emailObj) {
+						array_push($emails, $emailObj->email);
+					}
+				}
+			}
+		}
+		$mail_res = [];
+		//? sending email
+		foreach ($emails as $email) {
+			array_push($mail_res, sendSanchoMail("profil_update", ['uid' => $uid, 'topic' => $topic, 'href' => APP_ROOT . 'Cis/ProfilUpdate/id/' . $profil_update_id], $email, ("Profil Änderung von " . $uid)));
+		}
+		foreach ($mail_res as $m_res) {
+			if (!$m_res) {
+				$this->addError($this->p->t('profilUpdate', 'profilUpdate_email_error'));
+			}
+		}
+
+	}
+	
+	private function sendEmail_onProfilUpdate_response($uid, $topic, $status)
+	{
+		if($this->config->item('cis_send_profil_update_mails') === false)
+		{
+			return;
+		}
+
+		$this->load->helper('hlp_sancho_helper');
+		$email = $uid . "@" . DOMAIN;
+
+
+		function languageQuery($language)
+		{
+			return "select index from public.tbl_sprache where sprache = '" + $language + "'";
+		}
+
+		$this->ProfilUpdateStatusModel->addSelect(["bezeichnung_mehrsprachig[(" . languageQuery('German') . ")] as status_de", "bezeichnung_mehrsprachig[(" . languageQuery('English') . ")] as status_en"]);
+		
+		$status_translation = $this->ProfilUpdateStatusModel->loadWhere(["status_kurzbz" => $status]);
+		
+		if (isError($status_translation)) {
+			$this->terminateWithError($this->p->t('profilUpdate', 'ProfilUpdateStatusTranslationError'));
+		}
+
+		$status_translation = hasData($status_translation) ? getData($status_translation)[0] : null;
+
+		if (isset($status_translation)) {
+			$mail_res = sendSanchoMail("profil_update_response", ['topic' => $topic, 'status_de' => $status_translation->status_de, 'status_en' => $status_translation->status_en, 'href' => APP_ROOT . 'Cis/Profil'], $email, ("Profil Änderung " . $this->p->t('profilUpdate', 'pending')));
+			if (!$mail_res) {
+				$this->addError($this->p->t('profilUpdate', 'profilUpdate_email_error'));
+			}
+		}
+	}
+
+	private function setStatusOnUpdateRequest($id, $status, $status_message)
+	{
+		return $this->ProfilUpdateModel->update([$id], ["status" => $status, "status_timestamp" => "NOW()", "status_message" => $status_message]);
+	}
+	
+	private function updateRequestedChange($id, $requested_change)
+	{
+		return $this->ProfilUpdateModel->update([$id], ['requested_change' => json_encode($requested_change)]);
+	}
+	
+	private function deleteOldVersionFile($dms_id)
+	{
+		// starting the transaction
+		$this->db->trans_start();
+		
+		
+		if (!isset($dms_id)) {
+			return;
+		}
+
+		//? delete the file from the profilUpdate first
+		$profilUpdateFileDelete = $this->ProfilUpdateModel->removeFileFromProfilUpdate($dms_id);
+		if(isError($profilUpdateFileDelete)){
+			$this->terminateWithError(getError($profilUpdateFileDelete));
+		}
+		
+		//? delete all the different versions of the dms_file
+		$dmsVersions = $this->DmsVersionModel->loadWhere(["dms_id" => $dms_id]);
+		$dmsVersions = $this->getDataOrTerminateWithError($dmsVersions);
+		
+		
+		
+		$dms_versions = array_map(function ($item) {
+			return $item->version;
+		}, $dmsVersions);
+
+
+		$test_array = array();
+		foreach ($dms_versions as $version) {
+			
+			$delete_result = $this->dmslib->removeVersion($dms_id, $version);
+			array_push($test_array, $delete_result);
+			
+			if(isError($delete_result)){
+				$this->addError(getError($delete_result));
+			}
+		}
+
+		// transaction complete
+		$this->db->trans_complete();
+		
+		if ($this->db->trans_status() === FALSE)
+		{
+			return false;
+		}
+		else
+		{
+			return true;
+		}
+		
+	}
+	
+	
+	private function getOE_from_student($student_uid)
+	{
+		//? returns the oe_einheit eines Studenten 
+		$query = "SELECT public.tbl_studiengang.oe_kurzbz
+		FROM public.tbl_student
+		JOIN public.tbl_studiengang ON tbl_student.studiengang_kz = public.tbl_studiengang.studiengang_kz
+		WHERE public.tbl_student.student_uid = ?;";
+
+		$res = $this->StudentModel->execReadOnlyQuery($query, [$student_uid]);
+		$res = $this->getDataOrTerminateWithError($res, $this->p->t('profilUpdate', 'profilUpdate_loadingOE_error'));	
+		$res = array_map(
+			function ($item) {
+				return $item->oe_kurzbz;
+			},
+			$res
+		);
+		return $res;
+	}
+
+	private function handleAdresse($requested_change, $personID)
+	{
+		$this->AdressenTypModel->addSelect(["adressentyp_kurzbz"]);
+		$adr_kurzbz = $this->AdressenTypModel->loadWhere(["bezeichnung" => $requested_change['typ']]);
+		$adr_kurzbz = $this->getDataOrTerminateWithError($adr_kurzbz)[0]->adressentyp_kurzbz;
+
+		//? replace the address_typ with its correct kurzbz foreign key
+		$requested_change['typ'] = $adr_kurzbz;
+
+		$adresse_id = $requested_change["adresse_id"];
+
+		//? removes the adresse_id because we don't want to update the kontakt_id in the database
+		unset($requested_change["adresse_id"]);
+
+		//! ADD
+		if (array_key_exists('add', $requested_change) && $requested_change['add']) {
+
+			//? removes add flag
+			unset($requested_change['add']);
+			$requested_change['insertamum'] = "NOW()";
+			$requested_change['insertvon'] = getAuthUID();
+			$requested_change['person_id'] = $personID;
+			//TODO: zustelladresse, heimatadresse, rechnungsadresse und nation werden nicht beachtet
+			$insertID = $this->AdresseModel->insert($requested_change);
+			$insert_adresse_id = $insertID;
+			$insert_adresse_id = $this->getDataOrTerminateWithError($insert_adresse_id, $this->p->t('profilUpdate', 'profilUpdate_insertAdresse_error'));
+			if ($insert_adresse_id) {
+				$this->handleDupplicateZustellAdressen($requested_change['zustelladresse'], $insert_adresse_id);
+			}
+		}
+		//! DELETE
+		elseif (array_key_exists('delete', $requested_change) && $requested_change['delete']) {
+			$result = $this->AdresseModel->delete($adresse_id);
+			if (isError($result)) {
+				$this->terminateWithError(getError($result));
+			}
+		}
+		//! UPDATE
+		else {
+			$requested_change['updateamum'] = "NOW()";
+			$requested_change['updatevon'] = getAuthUID();
+			$update_adresse_id = $this->AdresseModel->update($adresse_id, $requested_change);
+			$update_adresse_id = $this->getDataOrTerminateWithError($update_adresse_id, $this->p->t('profilUpdate', 'profilUpdate_updateAdresse_error'));
+			$this->handleDupplicateZustellAdressen($requested_change['zustelladresse'], $update_adresse_id);
+
+		}
+		return $insertID ?? null;
+	}
+
+	private function handleKontakt($requested_change, $personID)
+	{
+		$kontakt_id = $requested_change["kontakt_id"];
+		//? removes the kontakt_id because we don't want to update the kontakt_id in the database
+		unset($requested_change["kontakt_id"]);
+
+		//! ADD
+		if (array_key_exists('add', $requested_change) && $requested_change['add']) {
+			//? removes add flag
+			unset($requested_change['add']);
+			$requested_change['person_id'] = $personID;
+			$requested_change['insertamum'] = "NOW()";
+			$requested_change['insertvon'] = getAuthUID();
+			$insertID = $this->KontaktModel->insert($requested_change);
+			$insert_kontakt_id = $insertID;
+			$insert_kontakt_id = $this->getDataOrTerminateWithError($insert_kontakt_id, $this->p->t('profilUpdate', 'profilUpdate_insertKontakt_error'));
+			if ($insert_kontakt_id) {
+				$this->handleDupplicateZustellKontakte($requested_change['zustellung'], $insert_kontakt_id);
+			}
+		}
+		//! DELETE
+		elseif (array_key_exists('delete', $requested_change) && $requested_change['delete']) {
+			$result = $this->KontaktModel->delete($kontakt_id);
+			if (isError($result)) {
+				$this->terminateWithError(getError($result));
+			}
+		}
+		//! UPDATE
+		else {
+			$requested_change['updateamum'] = "NOW()";
+			$requested_change['updatevon'] = getAuthUID();
+			$update_kontakt_id = $this->KontaktModel->update($kontakt_id, $requested_change);
+			$update_kontakt_id = $this->getDataOrTerminateWithError($update_kontakt_id, $this->p->t('profilUpdate', 'profilUpdate_updateKontakt_error'));
+			if ($update_kontakt_id) {
+				$this->handleDupplicateZustellKontakte($requested_change['zustellung'], $update_kontakt_id);
+			}
+		}
+		return isset($insertID) ? $insertID : null;
+	}
+
+	private function handleDupplicateZustellAdressen($zustellung, $adresse_id)
+	{
+		if ($zustellung) {
+			$this->PersonModel->addSelect("public.tbl_adresse.adresse_id");
+			$this->PersonModel->addJoin("public.tbl_adresse", "public.tbl_adresse.person_id = public.tbl_person.person_id");
+			$zustellAdressenArray = $this->PersonModel->loadWhere(["public.tbl_person.person_id" => $this->pid, "zustelladresse" => TRUE]);
+			if (isError($zustellAdressenArray)) {
+				$this->terminateWithError($this->p->t('profilUpdate', 'profilUpdate_loadingZustellAdressen_error'));
+			}
+			$zustellAdressenArray = $this->getDataOrTerminateWithError($zustellAdressenArray);
+	
+			if (count($zustellAdressenArray) > 0) {
+	
+				$zustellAdressenArray = array_filter($zustellAdressenArray, function ($adresse) use ($adresse_id) {
+	
+					return $adresse->adresse_id != $adresse_id;
+				});
+	
+				// remove the zustelladresse from all other zustelladressen
+				foreach ($zustellAdressenArray as $adresse) {
+					$this->AdresseModel->update($adresse->adresse_id, ["zustelladresse" => FALSE]);
+				}
+	
+			}
+		}
+	}
+
+	private function handleDupplicateZustellKontakte($zustellung, $kontakt_id)
+	{
+		if ($zustellung) {
+			$this->PersonModel->addSelect("public.tbl_kontakt.kontakt_id");
+			$this->PersonModel->addJoin("public.tbl_kontakt", "public.tbl_kontakt.person_id = public.tbl_person.person_id");
+			$zustellKontakteArray = $this->PersonModel->loadWhere(["public.tbl_person.person_id" => $this->pid, "zustellung" => TRUE]);
+			if (!isSuccess($zustellKontakteArray)) {
+				return error($this->p->t('profilUpdate', 'profilUpdate_loadingZustellkontakte_error'));
+			}
+			$zustellKontakteArray = hasData($zustellKontakteArray) ? getData($zustellKontakteArray) : null;
+
+			if ($zustellung && count($zustellKontakteArray) > 0) {
+				$zustellKontakteArray = array_filter($zustellKontakteArray, function ($kontakt) use ($kontakt_id) {
+					return $kontakt->kontakt_id != $kontakt_id;
+				});
+				foreach ($zustellKontakteArray as $kontakt) {
+					$this->KontaktModel->update($kontakt->kontakt_id, ["zustellung" => FALSE]);
+				}
+
+			}
+		}
+	}
+	
+}
+
+

application/controllers/api/frontend/v1/Searchbar.php

@@ -0,0 +1,69 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the SearchBarLib (back-end)
+ * Provides data to the ajax get calls about the searchbar component
+ * This controller works with JSON calls on the HTTP GET and the output is always JSON
+ */
+class Searchbar extends FHCAPI_Controller
+{
+	const SEARCHSTR_PARAM = 'searchstr';
+	const TYPES_PARAM = 'types';
+
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		// NOTE(chris): additional permission checks will be done in SearchBarLib
+		parent::__construct([
+			'search' => self::PERM_LOGGED
+		]);
+
+		// Load the library SearchBarLib
+		$this->load->library('SearchBarLib');
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Gets a JSON body via HTTP POST and provides the parameters
+	 */
+	public function search()
+	{
+		$this->load->library('form_validation');
+
+		// Checks if the searchstr and the types parameters are in the POSTed JSON
+		$this->form_validation->set_rules(self::SEARCHSTR_PARAM, null, 'required');
+		$this->form_validation->set_rules(self::TYPES_PARAM . '[]', null, 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithError(SearchBarLib::ERROR_WRONG_JSON, self::ERROR_TYPE_GENERAL);
+
+		// Convert to json the result from searchbarlib->search
+		$result = $this->searchbarlib->search($this->input->post(self::SEARCHSTR_PARAM), $this->input->post(self::TYPES_PARAM));
+		if (property_exists($result, 'error'))
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		$this->terminateWithSuccess($result);
+	}
+}
+

application/controllers/api/frontend/v1/Stundenplan.php

@@ -0,0 +1,564 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class Stundenplan extends FHCAPI_Controller
+{
+
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+
+		parent::__construct([
+			'getRoomplan' => self::PERM_LOGGED,
+            'Stunden' => self::PERM_LOGGED,
+            'Reservierungen' => self::PERM_LOGGED,
+			'getStundenplan' => self::PERM_LOGGED,
+			'getLehreinheitStudiensemester' => self::PERM_LOGGED,
+		]);
+
+        $this->load->library('LogLib');
+        $this->loglib->setConfigs(array(
+			'classIndex' => 5,
+			'functionIndex' => 5,
+			'lineIndex' => 4,
+			'dbLogType' => 'API', // required
+			'dbExecuteUser' => 'RESTful API'
+		));
+
+        $this->load->library('form_validation');
+
+		//load models
+		$this->load->model('ressource/Stundenplan_model', 'StundenplanModel');
+		$this->load->model('ressource/Reservierung_model', 'ReservierungModel');
+
+
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+    /**
+     * fetches Stunden layout from database
+     * @access public
+     *
+     */
+    public function Stunden()
+	{
+		$this->load->model('ressource/Stunde_model', 'StundeModel');
+
+		$stunden = $this->StundeModel->load();
+
+        $stunden = $this->getDataOrTerminateWithError($stunden);
+
+		$this->terminateWithSuccess($stunden);
+	}
+
+    /**
+     * fetches room events from a certain date
+     * @access public
+     *
+     */
+	public function getRoomplan()
+	{
+        // form validation
+        $this->load->library('form_validation');
+        $this->form_validation->set_data($_GET);
+        $this->form_validation->set_rules('ort_kurzbz',"Ort","required");
+        $this->form_validation->set_rules('start_date',"start_date","required");
+        $this->form_validation->set_rules('end_date',"end_date","required");
+        if($this->form_validation->run() === FALSE) $this->terminateWithValidationErrors($this->form_validation->error_array());
+
+        // storing the get parameter in local variables
+        $ort_kurzbz = $this->input->get('ort_kurzbz', TRUE);
+        $start_date = $this->input->get('start_date', TRUE);
+        $end_date = $this->input->get('end_date', TRUE);
+
+		$roomplan_data = $this->StundenplanModel->stundenplanGruppierung($this->StundenplanModel->getRoomQuery($ort_kurzbz, $start_date, $end_date));
+
+        $roomplan_data = $this->getDataOrTerminateWithError($roomplan_data);
+
+		$this->expand_object_information($roomplan_data);
+
+		$this->terminateWithSuccess($roomplan_data);
+
+	}
+
+	/**
+	 * fetches stundenplan events from a UID and start/end date
+	 * @access public
+	 *
+	 */
+	//TODO: getStundenplan fuer Mitarbeiter anpassen
+	public function getStundenplan(){
+
+		$this->load->model('ressource/Mitarbeiter_model','MitarbeiterModel');
+		$this->load->model('organisation/Studiensemester_model','StudiensemesterModel');
+		$this->load->model('education/Studentlehrverband_model', 'StudentlehrverbandModel');
+		$this->load->model('person/Benutzergruppe_model','BenutzergruppeModel');
+
+		// form validation
+		$this->load->library('form_validation');
+		$this->form_validation->set_data($_GET);
+		$this->form_validation->set_rules('start_date', "start_date", "required");
+		$this->form_validation->set_rules('end_date', "end_date", "required");
+		if ($this->form_validation->run() === FALSE)
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		// storing the get parameter in local variables
+		$start_date = $this->input->get('start_date', TRUE);
+		$end_date = $this->input->get('end_date', TRUE);
+
+		$student_uid = getAuthUID();
+		if(is_null($student_uid))
+		{
+			$this->terminateWithError("No UID");
+		}
+
+		$is_mitarbeiter = getData($this->MitarbeiterModel->isMitarbeiter($student_uid));
+		if($is_mitarbeiter)
+		{
+			$this->terminateWithError("Not possible to look at the Student Calendar as a Mitarbeiter");
+		}
+		
+		$semester_range = $this->studienSemesterErmitteln($start_date,$end_date);
+
+		$this->sortStudienSemester($semester_range);
+
+		$this->applyLoadUeberSemesterHaelfte($semester_range);
+		
+		// getting the gruppen_kurzbz of the student in the different studiensemester
+		$benutzer_gruppen = $this->fetchBenutzerGruppenFromStudiensemester($semester_range);
+		
+		// getting the student_lehrverbaende of the student in the different studiensemester
+		$student_lehrverband = $this->fetchStudentlehrverbandFromStudiensemester($semester_range);
+		
+		$stundenplan_query = $this->StundenplanModel->getStundenplanQuery($start_date, $end_date, $semester_range, $benutzer_gruppen, $student_lehrverband);
+		if(!$stundenplan_query)
+		{
+			$this->terminateWithSuccess([]);
+		}
+		$stundenplan_data = $this->StundenplanModel->stundenplanGruppierung($stundenplan_query);
+		$stundenplan_data = $this->getDataOrTerminateWithError($stundenplan_data) ?? [];
+
+		$this->expand_object_information($stundenplan_data);
+
+		$this->terminateWithSuccess($stundenplan_data);
+	}
+
+	// gets the reservierungen of a room if the ort_kurzbz parameter is supplied otherwise gets the reservierungen of the stundenplan of a student
+    public function Reservierungen($ort_kurzbz = null)
+	{
+		//form validation
+		$this->load->library('form_validation');
+		$this->form_validation->set_data($_GET);
+		$this->form_validation->set_rules('start_date', "StartDate", "required");
+		$this->form_validation->set_rules('end_date', "EndDate", "required");
+		if($this->form_validation->run() == FALSE) $this->terminateWithValidationErrors($this->form_validation->error_array());
+
+        // storing the get parameter in local variables
+        $start_date = $this->input->get('start_date', TRUE);
+        $end_date = $this->input->get('end_date', TRUE);
+
+		// querying the reservierungen
+		$reservierungen = $this->ReservierungModel->getReservierungen($start_date, $end_date, $ort_kurzbz);
+
+        $reservierungen = $this->getDataOrTerminateWithError($reservierungen) ?? [];
+
+		$this->expand_object_information($reservierungen);
+
+		$this->terminateWithSuccess($reservierungen);
+
+	}
+
+	public function getLehreinheitStudiensemester($lehreinheit_id){
+		$this->load->model('education/Lehreinheit_model', 'LehreinheitModel');
+		$this->LehreinheitModel->addSelect(["studiensemester_kurzbz"]);
+		$result = $this->LehreinheitModel->load($lehreinheit_id);
+		$result = current($this->getDataOrTerminateWithError($result))->studiensemester_kurzbz;
+		$this->terminateWithSuccess($result);
+	}
+
+	// ################# Private Functions
+
+	private function expand_object_information($data){
+
+		foreach ($data as $item)
+		{
+
+			$lektor_obj_array = array();
+			$gruppe_obj_array = array();
+
+			// load lektor object
+			foreach ($item->lektor as $lv_lektor)
+			{
+				$this->StundenplanModel->addLimit(1);
+				$lektor_object = $this->StundenplanModel->execReadOnlyQuery("
+				SELECT mitarbeiter_uid, vorname, nachname, kurzbz
+				FROM public.tbl_mitarbeiter
+				JOIN public.tbl_benutzer benutzer ON benutzer.uid = mitarbeiter_uid
+				JOIN public.tbl_person person ON person.person_id = benutzer.person_id
+				WHERE kurzbz = ?", [$lv_lektor]);
+				if (isError($lektor_object)) {
+					$this->show_error(getError($lektor_object));
+				}
+				$lektor_object = $this->getDataOrTerminateWithError($lektor_object);
+				if(count($lektor_object) == 0)
+				{
+					$this->terminateWithError("No lektor object");
+				}
+				$lektor_object = current($lektor_object);
+				// only provide needed information of the mitarbeiter object
+				$lektor_obj_array[] = $lektor_object;
+			}
+
+			// load gruppe object
+			foreach ($item->gruppe as $lv_gruppe)
+			{
+				$lv_gruppe = strtr($lv_gruppe, ['(' => '', ')' => '', '"' => '']);
+				$lv_gruppe_array = explode(",", $lv_gruppe);
+				list($gruppe, $verband, $semester, $studiengang_kz, $gruppen_kuerzel) = $lv_gruppe_array;
+
+				$lv_gruppe_object = new stdClass();
+				$lv_gruppe_object->gruppe = $gruppe;
+				$lv_gruppe_object->verband = $verband;
+				$lv_gruppe_object->semester = $semester;
+				$lv_gruppe_object->studiengang_kz = $studiengang_kz;
+				$lv_gruppe_object->kuerzel = $gruppen_kuerzel;
+
+				$gruppe_obj_array[] = $lv_gruppe_object;
+			}
+
+			$item->gruppe = $gruppe_obj_array;
+			$item->lektor = $lektor_obj_array;
+
+		}
+	}
+
+	// function used to sort an array of studiensemester strings
+	private function sortStudienSemester(&$semester_range){
+		usort(
+			$semester_range,
+			function($first,$second)
+			{
+				$sem_first = null;
+				$year_first = null;
+				$match_first = null;
+
+				$sem_second = null;
+				$year_second = null;
+				$match_second = null;
+
+				preg_match('/([WS]+)([0-9]+)/',$first,$match_first);
+				preg_match('/([WS]+)([0-9]+)/',$second,$match_second);
+				
+				$sem_first = $match_first[1];
+				$year_first = intval($match_first[2]);
+
+				$sem_second = $match_second[1];
+				$year_second = intval($match_second[2]);
+
+				if($year_first < $year_second)
+				{
+					return -1;
+				}
+				else if($year_first > $year_second)
+				{
+					return 1;
+				}
+				else if($year_first == $year_second && $sem_first > $sem_second)
+				{
+					return 1;
+				}
+				else if($year_first == $year_second && $sem_first < $sem_second)
+				{
+					return -1;
+				}
+				return 0;
+			} 
+		);
+	}
+
+	
+
+	private function fetchBenutzerGruppenFromStudiensemester($semester_range){
+		$student_uid = getAuthUID();
+		$benutzer_gruppen = [];
+		// for each studiensemester fetch the benutzer gruppen and add them to an associate $bentuzer_gruppen array
+		/*
+		[
+			['WS2023'] => [['gruppe1_SS2023','gruppe2_SS2023'],['gruppe1_WS2023','gruppe2_WS2023']],
+			['SS2024'] => [['gruppe1_WS2023','gruppe2_WS2023'],['gruppe1_SS2024','gruppe2_SS2024']],
+			['WS2024'] => [['gruppe1_SS2024','gruppe2_SS2024'],['gruppe1_WS2024','gruppe2_WS2024']],
+		]
+		*/ 
+		foreach($semester_range as $semester_key => $semester_array)
+		{
+			$benutzer_gruppen[$semester_key] = [];
+			// each semester could have ajoint semesters that need to be checked
+			foreach($semester_array as $semester=>$semester_date_range)
+			{
+				// for each active semester query the benutzer_gruppen associated to the semester
+				$benutzer_query = $this->BenutzergruppeModel->execReadOnlyQuery("
+				SELECT * FROM tbl_benutzergruppe where uid = ? AND studiensemester_kurzbz = ?",[$student_uid, $semester]);
+				$benutzer_query_result = $this->getDataOrTerminateWithError($benutzer_query);
+				array_push(
+					$benutzer_gruppen[$semester_key],
+					 array_map(
+						function($item)
+						{
+							return "'".$item->gruppe_kurzbz. "'";
+						},
+						$benutzer_query_result
+					)
+				);
+			}
+		}
+		
+		// merge the gruppen of each studiensemester together for the original studiensemester
+		/*
+		[
+			['WS2023'] => ['gruppe1_SS2023','gruppe2_SS2023','gruppe1_WS2023','gruppe2_WS2023'],
+			['SS2024'] => ['gruppe1_WS2023','gruppe2_WS2023','gruppe1_SS2024','gruppe2_SS2024'],
+			['WS2024'] => ['gruppe1_SS2024','gruppe2_SS2024','gruppe1_WS2024','gruppe2_WS2024'],
+		]
+		*/ 
+		$benutzer_gruppen = array_map(
+			function($gruppe)
+			{
+				$merged_gruppe = [];
+				foreach($gruppe as $gruppen_array)
+				{
+					$merged_gruppe = array_merge($merged_gruppe, $gruppen_array);
+				}
+				return $merged_gruppe;
+			},
+			$benutzer_gruppen
+		);
+
+		return $benutzer_gruppen;
+	}
+
+	private function fetchStudentlehrverbandFromStudiensemester($semester_range){
+		$student_uid = getAuthUID();
+		$student_lehrverband = [];
+		// for each studiensemester fetch the studentlehrverbaende and add them to an associate $student_lehrverband array
+		/*
+		[
+			['WS2023'] => [ [ ['stg_kz'=>298,'semester'=>1,'verband'=>"A",'gruppe'=>""] ] ],
+			['SS2024'] => [ [ ['stg_kz'=>298,'semester'=>1,'verband'=>"A",'gruppe'=>""] ], [ ['stg_kz'=>298,'semester'=>2,'verband'=>"A",'gruppe'=>""] ] ],
+			['WS2024'] => [ [ ['stg_kz'=>298,'semester'=>2,'verband'=>"A",'gruppe'=>""] ], [ ['stg_kz'=>298,'semester'=>3,'verband'=>"A",'gruppe'=>""] ] ],
+		]
+		*/ 
+		foreach($semester_range as $semester_key => $semester_array)
+		{
+			$student_lehrverband[$semester_key] = [];
+			foreach($semester_array as $semester=>$semester_date_range)
+			{
+				// for each active semester query the student_lehrverband associated to the semester
+				$lehrverband_query = $this->BenutzergruppeModel->execReadOnlyQuery("
+				SELECT * FROM tbl_studentlehrverband where student_uid = ? AND studiensemester_kurzbz = ?", [$student_uid, $semester]);
+				$lehrverband_query_result = $this->getDataOrTerminateWithError($lehrverband_query);
+				array_push($student_lehrverband[$semester_key], array_map(
+					function ($item)
+					{
+						$result = new stdClass();
+						$result->studiengang_kz = $item->studiengang_kz;
+						$result->semester = $item->semester;
+						$result->verband = $item->verband;
+						$result->gruppe = $item->gruppe;
+						return $result;
+					},
+					$lehrverband_query_result)); 
+			}
+		}
+
+		// merge the studentlehrverband of each studiensemester together for the original studiensemester
+		/*
+		[
+			['WS2023'] => [ ['stg_kz'=>298,'semester'=>1,'verband'=>"A",'gruppe'=>""] ],
+			['SS2024'] => [ ['stg_kz'=>298,'semester'=>1,'verband'=>"A",'gruppe'=>""], ['stg_kz'=>298,'semester'=>2,'verband'=>"A",'gruppe'=>""] ],
+			['WS2024'] => [ ['stg_kz'=>298,'semester'=>2,'verband'=>"A",'gruppe'=>""], ['stg_kz'=>298,'semester'=>3,'verband'=>"A",'gruppe'=>""] ],
+		]
+		*/
+		$student_lehrverband = array_map(
+			function($studentlehrverband)
+			{	
+				$merged_studentlehrverband = [];
+				foreach($studentlehrverband as $studentlehrverband_array)
+				{
+					$merged_studentlehrverband = array_merge($merged_studentlehrverband, $studentlehrverband_array);
+				}
+				return $merged_studentlehrverband;
+			},
+			$student_lehrverband
+		);
+
+		return $student_lehrverband;
+	}
+
+	private function applyLoadUeberSemesterHaelfte(&$semester_range){
+		/*
+		@var($semester_collection)
+		convert the array of studiensemester into an associative array with the studiensemester as the key 
+		and the values of each key are the studiensemester needed for the query associated to that studiensemester
+		example:
+
+		#INPUT:
+		['WS2023','SS2024','WS2024']
+		#OUTPUT:
+		[
+			'WS2023' => ['SS2023','WS2023']
+			'SS2024' => ['WS2023','SS2024']
+			'WS2024' => ['SS2024','WS2024']
+		]
+		*/
+		$semester_collection = [];
+		foreach($semester_range as $studiensemester)
+		{
+			$previous_studiensemester = $this->StudiensemesterModel->getPreviousFrom($studiensemester);
+			$previous_studiensemester = $this->getDataOrTerminateWithError($previous_studiensemester);
+			if (count($previous_studiensemester) == 0) {
+				$this->terminateWithError("No previous semester");
+			}
+			$previous_studiensemester = current($previous_studiensemester)->studiensemester_kurzbz;
+			$semester_collection[$studiensemester] = [$previous_studiensemester, $studiensemester];
+		}
+
+		/*
+		@var($studienSemesterDateRanges)
+		fetches for each studiensemester the start and end date, (SS) summer studiensemester are extended by 1 month to cover the summerbreak
+		based on the LVPLAN_LOAD_UEBER_SEMESTERHAELFTE constant it will load both the semester and the previous semester with the full date range 
+		or the semester with the full date range and the previous semester with the half date range:
+
+		#INPUT:
+		[
+			'WS2023' => ['SS2023','WS2023']
+			'SS2024' => ['WS2023','SS2024']
+			'WS2024' => ['SS2024','WS2024']
+		]
+		#OUTPUT: depends whether LVPLAN_LOAD_UEBER_SEMESTERHAELFTE is true or false
+		~ if LVPLAN_LOAD_UEBER_SEMESTERHAELFTE == true
+		[
+			"SS2024": [
+				"WS2023": [
+					"start"=> "2024-02-03",
+					"ende"=> "2024-08-31"
+				],
+				"SS2024": [
+					"start"=> "2024-02-03",
+					"ende"=> "2024-08-31"
+				]
+			]
+		]
+		~ if LVPLAN_LOAD_UEBER_SEMESTERHAELFTE == false
+		[
+			"SS2024": [
+				"WS2023": [
+					"start"=> "2024-02-03",
+					"ende"=> "2024-05-17"
+				],
+				"SS2024": [
+					"start"=> "2024-02-03",
+					"ende"=> "2024-08-31"
+				]
+			]
+		]
+		*/
+		$studienSemesterDateRanges=[]; 
+		foreach($semester_collection as $semester_original => $semester_adjoint)
+		{
+			$semester_start_ende = $this->StudiensemesterModel->getStartEndeFromStudiensemester($semester_original);
+			$semester_start_ende = current($this->getDataOrTerminateWithError($semester_start_ende)); 
+				
+			// initialize empty arrays to add key value pairs
+			$studienSemesterDateRanges[$semester_original] = [];
+
+			// check if the studiensemester is a summer semester and add 1 month to bridge the school summer break
+			$match = null;
+			preg_match("/^(SS)([0-9]+)/",$semester_original,$match);
+			if(count($match) >0)
+			{
+				$one_month = new DateInterval('P1M');
+				$one_day = DateInterval::createFromDateString('1 days');
+				$summer_studiensemester_end_date = DateTime::createFromFormat('Y-m-d',$semester_start_ende->ende);
+				$summer_studiensemester_end_date->add($one_month);
+				$summer_studiensemester_end_date->sub($one_day);
+				$semester_start_ende->ende = date_format($summer_studiensemester_end_date,'Y-m-d');
+			}
+			if (defined('LVPLAN_LOAD_UEBER_SEMESTERHAELFTE') && LVPLAN_LOAD_UEBER_SEMESTERHAELFTE === true)
+			{
+				foreach($semester_adjoint as $adjoint)
+				{
+					$studienSemesterDateRanges[$semester_original][$adjoint]=$semester_start_ende;
+				}
+			}
+			else
+			{
+				//TODO: half of a DateInterval might not be correctly calculated
+				// calculate the half of the studiensemester
+				$studiensemester_start_date = DateTime::createFromFormat('Y-m-d',$semester_start_ende->start);
+				$studiensemester_end_date = DateTime::createFromFormat('Y-m-d',$semester_start_ende->ende);
+				$studiensemester_time_difference = $studiensemester_start_date->diff($studiensemester_end_date);
+				$half_dateNumber = ceil($studiensemester_time_difference->d/2)+ceil(($studiensemester_time_difference->m*30)/2);
+				$half_dateInterval = new DateInterval('P'.strval($half_dateNumber) .'D');
+				$studiensemester_half = date_format($studiensemester_start_date->add($half_dateInterval),'Y-m-d');
+				
+				$first_half = new stdClass();
+				$first_half->start = $semester_start_ende->start;
+				$first_half->ende = $studiensemester_half;
+
+				$studienSemesterDateRanges[$semester_original][$semester_adjoint[0]] = $first_half;
+				$studienSemesterDateRanges[$semester_original][$semester_adjoint[1]] = $semester_start_ende;
+			}
+			$semester_range = $studienSemesterDateRanges;
+		}
+	}
+
+	private function studienSemesterErmitteln($start_date,$end_date){
+		
+		// gets all studiensemester from the student from start_date to end_date
+		$semester_range = $this->StudiensemesterModel->getByDate($start_date,$end_date);
+		$semester_range = array_map( 
+			function($sem)
+			{
+				return $sem->studiensemester_kurzbz;
+			},
+			$this->getDataOrTerminateWithError($semester_range)
+		);
+
+		// if no studiensemester is found for the given timespan, get the nearest studiensemester
+		if(count($semester_range) == 0)
+		{
+			$aktuelle_studiensemester = $this->StudiensemesterModel->getNearest();
+			$aktuelle_studiensemester = $this->getDataOrTerminateWithError($aktuelle_studiensemester);
+			if (count($aktuelle_studiensemester) == 0) {
+				$this->terminateWithError("No aktuelles semester");
+			}
+			$aktuelle_studiensemester = current($aktuelle_studiensemester)->studiensemester_kurzbz;
+			// push aktuelles semester in active semester array
+			array_push($semester_range, $aktuelle_studiensemester);
+
+		}
+		return $semester_range;
+	}
+
+}

application/controllers/api/frontend/v1/Udf.php

@@ -0,0 +1,133 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the UDFLib (back-end)
+ * Provides data to the ajax get calls about the Udf component
+ * Listens to ajax post calls to change the Udf data
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Udf extends FHCAPI_Controller
+{
+	/**
+	 * Calls the parent's constructor and prepares the UDFLib
+	 */
+	public function __construct()
+	{
+		// NOTE: UdfLib has its own permissions checks
+		parent::__construct([
+			'load' => self::PERM_LOGGED,
+			'save' => self::PERM_LOGGED
+		]);
+
+		// Libraries
+		$this->load->library('form_validation');
+		$this->load->library('UDFLib');
+		
+		// Models
+		$this->load->model($this->getTargetModelPath(), 'TargetModel');
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Load all UDFs for a dataset
+	 *
+	 * @return void
+	 */
+	public function load()
+	{
+		$pks = $this->TargetModel->getPks();
+		foreach ($pks as $id)
+			$this->form_validation->set_rules($id, $id, 'required');
+		
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+
+		$id = [];
+		foreach ($pks as $pk)
+			$id[$pk] = $this->input->post($pk);
+		if (!is_array($this->TargetModel->getPk()))
+			$id = current($id);
+
+		$result = $this->udflib->getFieldArray($this->TargetModel, $id);
+
+		$fields = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($fields);
+	}
+
+	/**
+	 * Saves UDFs to a dataset
+	 *
+	 * @return void
+	 */
+	public function save()
+	{
+		$pks = $this->TargetModel->getPks();
+		foreach ($pks as $id)
+			$this->form_validation->set_rules($id, $id, 'required');
+
+		$result = $this->udflib->getCiValidations($this->TargetModel, $this->input->post());
+		
+		$fieldValidations = $this->getDataOrTerminateWithError($result);
+
+		$this->form_validation->set_rules($fieldvalidations);
+
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+
+		$id = [];
+		$fields = $this->input->post();
+		foreach ($pks as $pk) {
+			$id[$pk] = $fields[$pk];
+			unset($fields[$pk]);
+		}
+		if (!is_array($this->TargetModel->getPk()))
+			$id = current($id);
+
+		$result = $this->TargetModel->update($id, $fields);
+
+		$this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess(array_fill_keys(array_keys($fields), ''));
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Private methods
+
+	/**
+	 * Get the path to the target model from the url
+	 *
+	 * @return string
+	 */
+	private function getTargetModelPath()
+	{
+		$ci_model_path = array_slice($this->uri->rsegments, 2);
+		if ($ci_model_path)
+			$ci_model_path[] = ucfirst(array_pop($ci_model_path)) . '_model';
+		return implode(DIRECTORY_SEPARATOR, $ci_model_path);
+	}
+}

application/controllers/api/frontend/v1/betriebsmittel/BetriebsmittelP.php

@@ -0,0 +1,387 @@
+<?php
+
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+use \DateTime as DateTime;
+
+class BetriebsmittelP extends FHCAPI_Controller
+{
+	private $person_id = null;
+
+	public function __construct()
+	{
+		parent::__construct([
+			'getAllBetriebsmittel' => ['admin:r', 'assistenz:r'],
+			'addNewBetriebsmittel' => self::PERM_LOGGED,
+			'updateBetriebsmittel' => self::PERM_LOGGED,
+			'loadBetriebsmittel' => ['admin:r', 'assistenz:r'],
+			'deleteBetriebsmittel' => self::PERM_LOGGED,
+			'getTypenBetriebsmittel' => ['admin:r', 'assistenz:r'],
+			'loadInventarliste' => ['admin:r', 'assistenz:r']
+		]);
+
+		//Load Models
+		$this->load->model('ressource/Betriebsmittel_model', 'BetriebsmittelModel');
+		$this->load->model('ressource/Betriebsmittelperson_model', 'BetriebsmittelpersonModel');
+
+		// Additional Permission Checks
+		if ($this->router->method == 'addNewBetriebsmittel') {
+			$this->person_id = current(array_slice($this->uri->rsegments, 2));
+			
+			$this->checkPermissionsForPerson(
+				$this->person_id,
+				['admin:rw', 'mitarbeiter:rw', 'basis/betriebsmittel:rw'],
+				['admin:rw', 'assistenz:rw', 'basis/betriebsmittel:rw']
+			);
+		} elseif ($this->router->method == 'updateBetriebsmittel' || $this->router->method == 'deleteBetriebsmittel') {
+			$betriebsmittelperson_id = current(array_slice($this->uri->rsegments, 2));
+			$result = $this->BetriebsmittelpersonModel->load($betriebsmittelperson_id);
+			if (!hasData($result))
+				show_404();
+			$this->person_id = current(getData($result))->person_id;
+			
+			$this->checkPermissionsForPerson(
+				$this->person_id,
+				['admin:rw', 'mitarbeiter:rw', 'basis/betriebsmittel:rw'],
+				['admin:rw', 'assistenz:rw', 'basis/betriebsmittel:rw']
+			);
+		}
+
+		// Load Libraries
+		$this->load->library('VariableLib', ['uid' => getAuthUID()]);
+		$this->load->library('form_validation');
+
+		// Load language phrases
+		$this->loadPhrases([
+			'ui',
+			'wawi'
+		]);
+	}
+
+	public function getAllBetriebsmittel($type_id, $id)
+	{
+		$result = $this->BetriebsmittelpersonModel->getBetriebsmittelData($id, $type_id);
+
+		if (isError($result)) {
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+
+		$this->terminateWithSuccess((getData($result) ?: []));
+	}
+
+	protected function validateNewOrUpdate()
+	{
+		$this->form_validation->set_rules('betriebsmitteltyp', 'Typ', 'required', [
+			'required' => $this->p->t('ui', 'error_fieldRequired')
+		]);
+
+		$this->form_validation->set_rules('kaution', 'Kaution', 'numeric|less_than_equal_to[9999.99]', [
+			'numeric' => $this->p->t('ui', 'error_fieldNotNumeric')
+		]);
+
+		$this->form_validation->set_rules('ausgegebenam', 'Ausgegeben am', 'required|is_valid_date', [
+			'required' => $this->p->t('ui', 'error_fieldRequired')
+		]);
+
+		if ($this->input->post('ausgegebenam') && $this->input->post('retouram')) {
+			$this->form_validation->set_rules('retouram', 'Retour am', [
+				'is_valid_date',
+				['is_not_before_ausgegebenam', function ($value) {
+					return (new DateTime($value) >= new DateTime($this->input->post('ausgegebenam')));
+				}]
+			], [
+				'is_not_before_ausgegebenam' => $this->p->t('wawi', 'error_retourdatumVorAusgabe')
+			]);
+		} else {
+			$this->form_validation->set_rules('retouram', 'Retour am', 'is_valid_date');
+		}
+
+		$this->form_validation->set_rules('anmerkung', 'Anmerkung', 'max_length[256]');
+
+		if ($this->input->post('betriebsmitteltyp') == 'Inventar') {
+			// Inventar
+			$this->form_validation->set_rules('betriebsmittel_id', 'Inventarnummer', 'required');
+		} elseif ($this->input->post('betriebsmitteltyp') == 'Zutrittskarte') {
+			// Zutrittskarte
+			if ($this->input->post('nummer') === null && $this->input->post('nummer') === null) {
+				$this->form_validation->set_rules('nummer', 'Nummer', 'required', [
+					'required' => $this->p->t('wawi', 'error_zutrittskarteOhneNummer')
+				]);
+				$this->form_validation->set_rules('nummer2', 'Nummer2', 'required', [
+					'required' => $this->p->t('wawi', 'error_zutrittskarteOhneNummer')
+				]);
+			} else {
+				if ($this->input->post('nummer') === null) {
+					$result = $this->BetriebsmittelpersonModel->loadViewWhere([
+						'betriebsmitteltyp' => $this->input->post('betriebsmitteltyp'),
+						'nummer2' => $this->input->post('nummer2'),
+						'person_id !=' => $this->person_id,
+						'retouram IS NULL' => null
+					]);
+					if (hasData($result))
+						$this->form_validation->set_rules('nummer2', 'Nummer2', 'is_array', [
+							'is_array' => $this->p->t('wawi', 'error_bmZutrittskarteOccupied', (array)current(getData($result)))
+						]);
+				} else {
+					$result = $this->BetriebsmittelpersonModel->loadViewWhere([
+						'betriebsmitteltyp' => $this->input->post('betriebsmitteltyp'),
+						'nummer' => $this->input->post('nummer'),
+						'person_id !=' => $this->person_id,
+						'retouram IS NULL' => null
+					]);
+					if (hasData($result))
+						$this->form_validation->set_rules('nummer', 'Nummer', 'is_array', [
+							'is_array' => $this->p->t('wawi', 'error_bmZutrittskarteOccupied', (array)current(getData($result)))
+						]);
+				}
+			}
+		}
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+	}
+
+	public function addNewBetriebsmittel($person_id)
+	{
+		$this->form_validation->set_rules('uid', 'UID', [
+			['uid_in_person', function ($value) use ($person_id) {
+				if ($value === null)
+					return true;
+				$this->load->model('person/Benutzer_model', 'BenutzerModel');
+				$result = $this->BenutzerModel->loadWhere([
+					'uid' => $value,
+					'person_id' => $person_id
+				]);
+
+				return hasData($result);
+			}]
+		], [
+			'uid_in_person' => $this->p->t('person', 'error_uidNotInPerson')
+		]);
+		$this->validateNewOrUpdate();
+
+		$betriebsmitteltyp = $this->input->post('betriebsmitteltyp');
+		$nummer = $this->input->post('nummer');
+		$nummer2 = $this->input->post('nummer2');
+		$beschreibung = $this->input->post('beschreibung');
+		$betriebsmittel_id = $this->input->post('betriebsmittel_id');
+		$anmerkung = $this->input->post('anmerkung');
+		$kaution = $this->input->post('kaution');
+		$ausgegebenam = $this->input->post('ausgegebenam');
+		$retouram = $this->input->post('retouram');
+		$uid = $this->input->post('uid');
+
+		// NOTE(chris): transform_kartennummer
+		if ($betriebsmitteltyp == 'Zutrittskarte' && $nummer)
+			$nummer = is_numeric($nummer) ? ltrim($nummer, "0") : hexdec(implode("", array_reverse(str_split(trim($nummer)))));
+
+		$this->db->trans_start();
+
+		if ($betriebsmitteltyp != 'Inventar') {
+			$this->BetriebsmittelModel->addOrder('updateamum', 'DESC');
+			if ($betriebsmitteltyp == 'Zutrittskarte' && $nummer === null) {
+				$result = $this->BetriebsmittelModel->loadWhere([
+					'betriebsmitteltyp' => $betriebsmitteltyp,
+					'nummer2' => $nummer2
+				]);
+			} else {
+				$result = $this->BetriebsmittelModel->loadWhere([
+					'betriebsmitteltyp' => $betriebsmitteltyp,
+					'nummer' => $nummer
+				]);
+			}
+			$data = $this->getDataOrTerminateWithError($result);
+
+			if ($data) {
+				$data = current($data);
+				if ($data->nummer !== $nummer || $data->nummer2 !== $nummer2 || $data->beschreibung !== $beschreibung) {
+					$result = $this->BetriebsmittelModel->update($data->betriebsmittel_id, [
+						'nummer' => $nummer,
+						'nummer2' => $nummer2,
+						'beschreibung' => $beschreibung,
+						'updateamum' => date('c'),
+						'updatevon' => getAuthUID()
+					]);
+					$this->getDataOrTerminateWithError($result);
+				}
+				$betriebsmittel_id = $data->betriebsmittel_id;
+			} else {
+				$result = $this->BetriebsmittelModel->insert([
+					'betriebsmitteltyp' => $betriebsmitteltyp,
+					'nummer' => $nummer,
+					'nummer2' => $nummer2,
+					'beschreibung' => $beschreibung,
+					'reservieren' => false,
+					'ort_kurzbz' => null,
+					'insertamum' => date('c'),
+					'insertvon' => getAuthUID(),
+				]);
+				$betriebsmittel_id = $this->getDataOrTerminateWithError($result);
+			}
+		}
+
+		$result = $this->BetriebsmittelpersonModel->insert([
+			'person_id' => $person_id,
+			'betriebsmittel_id' => $betriebsmittel_id,
+			'anmerkung' => $anmerkung,
+			'kaution' => $kaution,
+			'ausgegebenam' => $ausgegebenam,
+			'retouram' => $retouram,
+			'uid' => $uid,
+			'insertamum' => date('c'),
+			'insertvon' => getAuthUID()
+		]);
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->db->trans_complete();
+
+		$this->terminateWithSuccess(true);
+	}
+
+	public function updateBetriebsmittel($betriebsmittelperson_id)
+	{
+		$this->validateNewOrUpdate();
+
+		$betriebsmitteltyp = $this->input->post('betriebsmitteltyp');
+		$nummer = $this->input->post('nummer');
+		$nummer2 = $this->input->post('nummer2');
+		$beschreibung = $this->input->post('beschreibung');
+		$betriebsmittel_id = $this->input->post('betriebsmittel_id');
+		$anmerkung = $this->input->post('anmerkung');
+		$kaution = $this->input->post('kaution');
+		$ausgegebenam = $this->input->post('ausgegebenam');
+		$retouram = $this->input->post('retouram');
+
+		// NOTE(chris): transform_kartennummer
+		if ($betriebsmitteltyp == 'Zutrittskarte' && $nummer)
+			$nummer = is_numeric($nummer) ? ltrim($nummer, "0") : hexdec(implode("", array_reverse(str_split(trim($nummer)))));
+
+		$this->db->trans_start();
+
+		if ($betriebsmitteltyp != 'Inventar') {
+			$found = false;
+			if ($nummer !== null && $betriebsmittel_id !== null) {
+				$result = $this->BetriebsmittelModel->load($betriebsmittel_id);
+				$data = $this->getDataOrTerminateWithError($result);
+				if ($data && current($data)->nummer == $nummer) {
+					$found = true;
+				}
+			}
+
+			if (!$found) {
+				$this->BetriebsmittelModel->addOrder('updateamum', 'DESC');
+				if ($betriebsmitteltyp == 'Zutrittskarte' && $nummer === null) {
+					$result = $this->BetriebsmittelModel->loadWhere([
+						'betriebsmitteltyp' => $betriebsmitteltyp,
+						'nummer2' => $nummer2
+					]);
+				} else {
+					$result = $this->BetriebsmittelModel->loadWhere([
+						'betriebsmitteltyp' => $betriebsmitteltyp,
+						'nummer' => $nummer
+					]);
+				}
+				$data = $this->getDataOrTerminateWithError($result);
+			}
+
+			if ($data) {
+				$data = current($data);
+				if ($data->nummer !== $nummer || $data->nummer2 !== $nummer2 || $data->beschreibung !== $beschreibung) {
+					$result = $this->BetriebsmittelModel->update($data->betriebsmittel_id, [
+						'nummer' => $nummer,
+						'nummer2' => $nummer2,
+						'beschreibung' => $beschreibung,
+						'updateamum' => date('c'),
+						'updatevon' => getAuthUID()
+					]);
+					$this->getDataOrTerminateWithError($result);
+				}
+				$betriebsmittel_id = $data->betriebsmittel_id;
+			} else {
+				$result = $this->BetriebsmittelModel->insert([
+					'betriebsmitteltyp' => $betriebsmitteltyp,
+					'nummer' => $nummer,
+					'nummer2' => $nummer2,
+					'beschreibung' => $beschreibung,
+					'reservieren' => false,
+					'ort_kurzbz' => null,
+					'insertamum' => date('c'),
+					'insertvon' => getAuthUID(),
+				]);
+				$betriebsmittel_id = $this->getDataOrTerminateWithError($result);
+			}
+		}
+
+		$result = $this->BetriebsmittelpersonModel->update($betriebsmittelperson_id, [
+			'betriebsmittel_id' => $betriebsmittel_id,
+			'anmerkung' => $anmerkung,
+			'kaution' => $kaution,
+			'ausgegebenam' => $ausgegebenam,
+			'retouram' => $retouram,
+			'updateamum' => date('c'),
+			'updatevon' => getAuthUID()
+		]);
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->db->trans_complete();
+
+		$this->terminateWithSuccess(true);
+	}
+
+	public function loadBetriebsmittel($betriebsmittelperson_id)
+	{
+		$result = $this->BetriebsmittelpersonModel->getBetriebsmittelData($betriebsmittelperson_id, 'betriebsmittelperson_id');
+
+		if (isError($result)) {
+			$this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+
+		if (!hasData($result)) {
+			$this->terminateWithError($this->p->t('ui', 'error_missingId', ['id' => 'Betriebsmittelperson_id']), self::ERROR_TYPE_GENERAL);
+		}
+
+		$this->terminateWithSuccess(current(getData($result)));
+	}
+
+	public function deleteBetriebsmittel($betriebsmittelperson_id)
+	{
+		$result = $this->BetriebsmittelpersonModel->delete(
+			array('betriebsmittelperson_id' => $betriebsmittelperson_id,
+			)
+		);
+
+		if (isError($result)) {
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		if (!hasData($result)) {
+			return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id' => 'Betriebsmittelperson_id']), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->outputJsonSuccess(current(getData($result)));
+	}
+
+	public function getTypenBetriebsmittel()
+	{
+		$this->load->model('ressource/Betriebsmitteltyp_model', 'BetriebsmitteltypModel');
+
+		$this->BetriebsmitteltypModel->addOrder('beschreibung', 'ASC');
+		$result = $this->BetriebsmitteltypModel->load(); // load All
+
+		if (isError($result)) {
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(getData($result) ?: []);
+	}
+
+	public function loadInventarliste($searchString)
+	{
+		$result = $this->BetriebsmittelModel->loadInventarliste($searchString);
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+}
+
+

application/controllers/api/frontend/v1/checkperson/CheckPerson.php

@@ -0,0 +1,141 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class CheckPerson extends FHCAPI_Controller
+{
+	public function __construct()
+	{
+		parent::__construct([
+			'updatePersonUnrulyStatus' => array('basis/mitarbeiter:rw', 'student/antragfreigabe:rw', 'student/studierendenantrag:rw'),
+			'filterPerson' => array('basis/mitarbeiter:rw', 'student/antragfreigabe:rw', 'student/studierendenantrag:rw'),
+			'checkUnruly' => array('basis/mitarbeiter:r', 'student/antragfreigabe:r', 'student/studierendenantrag:r', 'infocenter:r'),
+			'checkDuplicate' => array('infocenter:r'),
+		]);
+
+		$this->_ci =& get_instance();
+		$this->_ci->load->model('person/Person_model', 'PersonModel');
+	}
+
+	public function updatePersonUnrulyStatus()
+	{
+		$data = json_decode($this->input->raw_input_stream, true);
+
+		$person_id = $data['person_id'];
+		$unruly = $data['unruly'];
+
+		$result = $this->_ci->PersonModel->updateUnruly($person_id, $unruly);
+
+		if(isError($result)) {
+			$this->terminateWithError($result);
+		} else if (isSuccess($result)) {
+			$this->terminateWithSuccess($result);
+		}
+
+	}
+
+	public function checkDuplicate() {
+
+		$person_id = $this->input->post('person_id');
+
+		$result = $this->_ci->PersonModel->checkDuplicate($person_id);
+
+		if (isSuccess($result))
+			$this->terminateWithSuccess($result);
+		else
+			$this->terminateWithError('Error when searching for person');
+
+	}
+
+	// performs strict check over vorname, nachname, gebdatum
+	public function checkUnruly() {
+
+		$vorname = $this->input->post('vorname');
+		$nachname = $this->input->post('nachname');
+		$gebdatum = $this->input->post('gebdatum');
+
+		$result = $this->_ci->PersonModel->checkUnruly($vorname, $nachname, $gebdatum);
+
+		if (isSuccess($result))
+			$this->terminateWithSuccess($result);
+		else
+			$this->terminateWithError('Error when searching for person');
+	}
+
+	// filters nachname on similarity and vorname/gebdatum are optional
+	public function filterPerson() {
+		$payload = json_decode($this->input->raw_input_stream, TRUE);
+
+		$nachnameString = '';
+		$vornameString = '';
+		$filterUnruly = true;
+		$birthdateString = '';
+
+		if(array_key_exists( 'nachname', $payload) ) {
+			$nachnameString = $payload['nachname'];
+		}
+
+		if(array_key_exists('vorname', $payload)) {
+			$vornameString = $payload['vorname'];
+		}
+
+		if(array_key_exists('unruly', $payload)){
+			$filterUnruly = $payload['unruly'];
+		}
+
+		if(array_key_exists('gebdatum', $payload)) {
+			// TODO: enable if gebdatum filter for unrulys is desired
+//				$birthdateString = $payload['gebdatum'];
+		}
+
+		$parametersArray = array($nachnameString);
+		$where ="p.nachname~* ? ";
+		if (mb_strlen($nachnameString) == 2)
+		{
+			$where = "p.nachname=? ";
+		}
+
+		if(isset($vornameString) && $vornameString != '')
+		{
+			$where.= " AND p.vorname~*?";
+			$parametersArray[] = $vornameString;
+		}
+
+		if(isset($birthdateString) && $birthdateString != '')
+		{
+			$where.=" AND p.gebdatum=?";
+			$parametersArray[] = $birthdateString;
+		}
+
+		if(isset($filterUnruly))
+		{
+			$where.=" AND p.unruly=?";
+			$parametersArray[] = $filterUnruly;
+		}
+
+		$result = $this->_ci->PersonModel->checkUnrulyWhere($where, $parametersArray);
+
+		if (isSuccess($result))
+			$this->terminateWithSuccess($result);
+		else
+			$this->terminateWithError('Error when searching for person');
+
+
+	}
+}

application/controllers/api/frontend/v1/education/Lehrveranstaltung.php

@@ -0,0 +1,65 @@
+<?php
+/**
+ * FH-Complete
+ *
+ * @package		FHC-API
+ * @author		FHC-Team
+ * @copyright	Copyright (c) 2016, fhcomplete.org
+ * @license		GPLv3
+ * @link		http://fhcomplete.org
+ * @since		Version 1.0
+ * @filesource
+ */
+// ------------------------------------------------------------------------
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+
+class Lehrveranstaltung extends FHCAPI_Controller
+{
+	/**
+	 * Lehrveranstaltung API constructor.
+	 */
+	public function __construct()
+	{
+		parent::__construct(array(
+			'getTemplateLvTree' => array(
+			    'lehre/lehrveranstaltung:rw'
+			)
+		));
+
+		// Load model LehrveranstaltungModel
+		$this->load->model('education/Lehrveranstaltung_model', 'LehrveranstaltungModel');
+	}
+
+	/**
+	 * Get all Templates and union with all Lehrveranstaltungen of given Studiensemester and Oes of given Berechtigung,
+	 * that are assigned to a template. This data structure can be used for nested tabulators' data tree.
+	 *
+	 * @param null|string $studiensemester_kurzbz
+	 * @param null|string $berechtigung
+	 * @return array|stdClass|null
+	 */
+	public function getTemplateLvTree()
+	{
+		$studiensemester_kurzbz = $this->input->get('studiensemester_kurzbz');
+		$berechtigung = $this->input->get('berechtigung');
+
+		if ($berechtigung)
+		{
+			$oe_permissions = $this->permissionlib->getOE_isEntitledFor($berechtigung);
+			if(!$oe_permissions) $oe_permissions = [];
+
+			$result = $this->LehrveranstaltungModel->getTemplateLvTree($studiensemester_kurzbz, $oe_permissions);
+		}
+		else
+		{
+			$result = $this->LehrveranstaltungModel->getTemplateLvTree($studiensemester_kurzbz);
+		}
+
+		if (isError($result)) {
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_DB);
+		}
+
+		$this->terminateWithSuccess((getData($result) ?: []));
+	}
+}

application/controllers/api/frontend/v1/notiz/NotizPerson.php

@@ -0,0 +1,51 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+use \DateTime as DateTime;
+
+class NotizPerson extends Notiz_Controller
+{
+	public function __construct()
+	{
+		parent::__construct([
+			'getUid' => ['admin:r', 'assistenz:r'],
+			'getNotizen' => ['admin:r', 'assistenz:r'],
+			'loadNotiz' => ['admin:r', 'assistenz:r'],
+			'addNewNotiz' => ['admin:rw', 'assistenz:rw'],
+			'updateNotiz' => ['admin:rw', 'assistenz:rw'],
+			'deleteNotiz' => ['admin:rw', 'assistenz:rw'],
+			'loadDokumente' => ['admin:r', 'assistenz:r'],
+			'getMitarbeiter' => ['admin:r', 'assistenz:r'],
+			'isBerechtigt' => ['admin:r', 'assistenz:r'],
+		]);
+	}
+
+	public function isBerechtigt($id, $typeId)
+	{
+		if($typeId != "person_id")
+		{
+			return $this->terminateWithError($this->p->t('ui', 'error_typeNotizIdIncorrect'), self::ERROR_TYPE_GENERAL);
+		}
+
+		//TODO define permission
+		if (!$this->permissionlib->isBerechtigt('admin', 'suid') && !$this->permissionlib->isBerechtigt('assistenz', 'suid'))
+		{
+			$result =  $this->p->t('lehre', 'error_keineSchreibrechte');
+
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+
+		return $this->outputJsonSuccess(true);
+	}
+
+	public function loadDokumente()
+	{
+		$notiz_id = $this->input->post('notiz_id');
+
+		// TODO(chris): make CI variant of endpoint
+		$this->NotizModel->addSelect($this->NotizModel->escape(base_url('content/notizdokdownload.php?id=')) . ' || campus.tbl_dms_version.dms_id AS preview');
+		
+		return parent::loadDokumente();
+	}
+}

application/controllers/api/frontend/v1/organisation/Studiensemester.php

@@ -0,0 +1,118 @@
+<?php
+/**
+ * FH-Complete
+ *
+ * @package		FHC-API
+ * @author		FHC-Team
+ * @copyright	Copyright (c) 2016, fhcomplete.org
+ * @license		GPLv3
+ * @link		http://fhcomplete.org
+ * @since		Version 1.0
+ * @filesource
+ */
+// ------------------------------------------------------------------------
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+
+class Studiensemester extends FHCAPI_Controller
+{
+	/**
+	 * Studiensemester API constructor.
+	 */
+	public function __construct()
+	{
+		parent::__construct(
+			array(
+				'getAll' => self::PERM_LOGGED,
+				'getAktNext' => self::PERM_LOGGED
+			)
+		);
+		// Load model StudiensemesterModel
+		$this->load->model('organisation/studiensemester_model', 'StudiensemesterModel');
+	}
+
+	/**
+	 * Get all Studiensemester.
+	 *
+	 * @param null|string $order Sorting order for the Studiensemester, 'asc' or 'desc'. Defaults to 'asc'.
+	 * @param null|string $start Start date of the displayed Studiensemester in the format 'YYYY-MM-DD'.
+	 * 	If provided, only Studiensemester starting from this date onwards will be returned.
+	 *  eg. '2020-09-01' will start with WS2020.
+	 */
+	public function getAll()
+	{
+		$order = $this->input->get('order');
+		$start = $this->input->get('start');
+
+		if (strcasecmp($order, 'DESC') == 0)
+		{
+			$this->StudiensemesterModel->addOrder('ende', 'DESC');
+		}
+		else
+		{
+			$this->StudiensemesterModel->addOrder('ende', 'ASC');
+		}
+
+		if ($start)
+		{
+			$result = $this->StudiensemesterModel->loadWhere([
+				'start >= ' => $start
+			]);
+		}
+		else
+		{
+			$result = $this->StudiensemesterModel->load();
+		}
+
+		if (isError($result)) {
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_DB);
+		}
+
+		$this->terminateWithSuccess((getData($result) ?: []));
+	}
+
+	/**
+	 * @return void
+	 */
+	public function getAktNext()
+	{
+		$semester = $this->input->get('semester');
+
+		$result = null;
+
+		if (!is_numeric($semester))
+		{
+			$result = $this->StudiensemesterModel->loadWhere(array('start <=' => 'NOW()', 'ende >=' => 'NOW()'));
+		}
+
+		if (!hasData($result))
+		{
+			$this->StudiensemesterModel->addOrder('ende');
+			$this->StudiensemesterModel->addLimit(1);
+
+			$whereArray = array('ende >=' => 'NOW()');
+
+			if (is_numeric($semester))
+			{
+				if ($semester % 2 == 0)
+				{
+					$ss = 'SS';
+				}
+				else
+				{
+					$ss = 'WS';
+				}
+
+				$whereArray['SUBSTRING(studiensemester_kurzbz FROM 1 FOR 2) ='] = $ss;
+			}
+
+			$result = $this->StudiensemesterModel->loadWhere($whereArray);
+		}
+
+		if (isError($result)) {
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_DB);
+		}
+
+		$this->terminateWithSuccess((getData($result) ?: ''));
+	}
+}

application/controllers/api/frontend/v1/studstatus/Abmeldung.php

@@ -0,0 +1,187 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+use \REST_Controller as REST_Controller;
+use \Studierendenantrag_model as Studierendenantrag_model;
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the AntragLib (back-end)
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Abmeldung extends FHCAPI_Controller
+{
+
+	/**
+	 * Calls the parent's constructor and loads the AntragLib
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'getDetailsForNewAntrag' => self::PERM_LOGGED,
+			'getDetailsForAntrag' => self::PERM_LOGGED,
+			'createAntrag' => self::PERM_LOGGED,
+			'cancelAntrag' => self::PERM_LOGGED
+		]);
+
+		// Libraries
+		$this->load->library('AntragLib');
+
+		// Load language phrases
+		$this->loadPhrases([
+			'studierendenantrag'
+		]);
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Retrieves data of the current studiengang for the current user
+	 */
+
+	public function getDetailsForNewAntrag($prestudent_id)
+	{
+		if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, true))
+			$this->terminateWithError('Forbidden', self::ERROR_TYPE_AUTH, REST_Controller::HTTP_FORBIDDEN);
+
+		$result = $this->antraglib->getPrestudentAbmeldeBerechtigt($prestudent_id);
+		$result = $this->getDataOrTerminateWithError($result);
+		
+		if (!$result) {
+			$this->terminateWithError(
+				$this->p->t('studierendenantrag', 'error_no_student'),
+				self::ERROR_TYPE_AUTH,
+				REST_Controller::HTTP_FORBIDDEN
+			);
+		} elseif ($result == -3) {
+			$this->terminateWithError(
+				$this->p->t('studierendenantrag', 'error_stg_blacklist'),
+				self::ERROR_TYPE_AUTH,
+				REST_Controller::HTTP_FORBIDDEN
+			);
+		} elseif ($result == -1) {
+			$result = $this->antraglib->getDetailsForLastAntrag(
+                $prestudent_id,
+                [
+                    Studierendenantrag_model::TYP_ABMELDUNG,
+                    Studierendenantrag_model::TYP_ABMELDUNG_STGL
+                ]
+            );
+
+			$data = $this->getDataOrTerminateWithError($result);
+			
+			$data->canCancel = (
+				$data->status == Studierendenantragstatus_model::STATUS_CREATED &&
+				$this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id)
+			);
+
+			$this->terminateWithSuccess($data);
+		}
+
+		$result = $this->antraglib->getDetailsForNewAntrag($prestudent_id);
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	public function getDetailsForAntrag($studierendenantrag_id)
+	{
+		if (!$this->antraglib->isEntitledToShowAntrag($studierendenantrag_id))
+			return show_404();
+
+		$result = $this->antraglib->getDetailsForAntrag($studierendenantrag_id);
+		
+		$data = $this->getDataOrTerminateWithError($result);
+
+		if ($data->typ !== Studierendenantrag_model::TYP_ABMELDUNG_STGL && $data->typ !== Studierendenantrag_model::TYP_ABMELDUNG)
+			return show_404();
+
+		$data->canCancel = (
+			$data->status == Studierendenantragstatus_model::STATUS_CREATED &&
+			$this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id)
+		);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	public function createAntrag()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('studiensemester', 'Studiensemester', 'required');
+		$this->form_validation->set_rules('prestudent_id', 'Prestudent ID', 'required');
+		$this->form_validation->set_rules('grund', 'Grund', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$grund = $this->input->post('grund');
+		$studiensemester = $this->input->post('studiensemester');
+		$prestudent_id = $this->input->post('prestudent_id');
+
+		$result = $this->antraglib->getPrestudentAbmeldeBerechtigt($prestudent_id);
+		$result = $this->getDataOrTerminateWithError($result);
+		if (!$result)
+			$this->terminateWithError($this->p->t('studierendenantrag', 'error_no_student'), self::ERROR_TYPE_GENERAL);
+		elseif ($result == -3)
+			$this->terminateWithError($this->p->t('studierendenantrag', 'error_stg_blacklist'), self::ERROR_TYPE_GENERAL);
+		elseif ($result < 0)
+			$this->terminateWithError($this->p->t('studierendenantrag', 'error_antrag_exists'), self::ERROR_TYPE_GENERAL);
+
+		$result = $this->antraglib->createAbmeldung($prestudent_id, $studiensemester, getAuthUID(), $grund);
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$result = $this->antraglib->getDetailsForAntrag($data);
+		if (!hasData($result))
+			return $this->terminateWithSuccess(true);
+
+		$data = getData($result);
+		$data->canCancel = (boolean)$this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	public function cancelAntrag()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('antrag_id', 'Antrag ID', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$antrag_id = $this->input->post('antrag_id');
+
+		if (!$this->antraglib->isEntitledToCancelAntrag($antrag_id))
+			$this->terminateWithError('Forbidden', self::ERROR_TYPE_AUTH, REST_Controller::HTTP_FORBIDDEN);
+
+		$result = $this->antraglib->cancelAntrag($antrag_id, getAuthUID());
+		$this->getDataOrTerminateWithError($result);
+
+		$result = $this->antraglib->getDetailsForAntrag($antrag_id);
+		if (!hasData($result))
+			$this->terminateWithSuccess($antrag_id);
+		
+		$data = getData($result);
+		
+		$this->terminateWithSuccess($data);
+	}
+}

application/controllers/api/frontend/v1/studstatus/Leitung.php

@@ -0,0 +1,429 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+use \stdClass as stdClass;
+use \Studierendenantrag_model as Studierendenantrag_model;
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the AntragLib (back-end)
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Leitung extends FHCAPI_Controller
+{
+
+	/**
+	 * Calls the parent's constructor and loads the AntragLib
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'getActiveStgs' => ['student/antragfreigabe:r', 'student/studierendenantrag:r'],
+			'getAntraege' => ['student/antragfreigabe:r', 'student/studierendenantrag:r'],
+			'getHistory' => ['student/antragfreigabe:r', 'student/studierendenantrag:r'],
+			'getPrestudents' => 'student/studierendenantrag:w',
+			'approveAntrag' => 'student/antragfreigabe:w',
+			'rejectAntrag' => 'student/antragfreigabe:w',
+			'reopenAntrag' => 'student/studierendenantrag:w',
+			'pauseAntrag' => ['student/antragfreigabe:w', 'student/studierendenantrag:w'],
+			'unpauseAntrag' => ['student/antragfreigabe:w', 'student/studierendenantrag:w'],
+			'objectAntrag' => ['student/antragfreigabe:w', 'student/studierendenantrag:w'],
+			'approveObjection' => ['student/antragfreigabe:w', 'student/studierendenantrag:w'],
+			'denyObjection' => ['student/antragfreigabe:w', 'student/studierendenantrag:w']
+		]);
+
+		// Libraries
+		$this->load->library('AntragLib');
+
+		// Load language phrases
+		$this->loadPhrases([
+			'studierendenantrag',
+			'lehre'
+		]);
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	public function getActiveStgs()
+	{
+		$studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/antragfreigabe') ?: [];
+		$studiengaenge = array_merge($studiengaenge, $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag') ?: []);
+		
+		$result = $this->StudierendenantragModel->loadStgsWithAntraege($studiengaenge);
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	public function getAntraege($studiengang = null, $extra = null)
+	{
+		if ($studiengang && $studiengang == 'todo') {
+			$studiengang = $extra;
+			$extra = true;
+		} else {
+			$extra = false;
+		}
+
+		$studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/antragfreigabe');
+		if(!is_array($studiengaenge))
+			$studiengaenge = [];
+
+
+		$stgsNeuanlage = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag');
+		if(!is_array($stgsNeuanlage))
+			$stgsNeuanlage = [];
+
+		$studiengaenge = array_unique(array_merge($studiengaenge, $stgsNeuanlage));
+
+		if ($studiengang) {
+			if (!in_array($studiengang, $studiengaenge))
+				$this->terminateWithError(
+					'Forbidden',
+					self::ERROR_TYPE_AUTH,
+					REST_Controller::HTTP_FORBIDDEN
+				);
+			$studiengaenge = [$studiengang];
+		}
+
+		$antraege = [];
+		if ($studiengaenge) {
+			$result = $extra
+				? $this->StudierendenantragModel->loadActiveForStudiengaenge($studiengaenge)
+				: $this->StudierendenantragModel->loadForStudiengaenge($studiengaenge);
+
+			$antraege = $this->getDataOrTerminateWithError($result);
+		}
+
+		$this->terminateWithSuccess($antraege ?: []);
+	}
+
+	public function getHistory($studierendenantrag_id)
+	{
+		if (!$this->antraglib->isEntitledToSeeHistoryForAntrag($studierendenantrag_id))
+			$this->terminateWithError(
+				'Forbidden',
+				self::ERROR_TYPE_AUTH,
+				REST_Controller::HTTP_FORBIDDEN
+			);
+
+		$result = $this->antraglib->getAntragHistory($studierendenantrag_id);
+		$data = $this->getDataOrTerminateWithError($result);
+		
+		$this->terminateWithSuccess($data ?: []);
+	}
+
+	public function getPrestudents()
+	{
+		$query = $this->input->post('query');
+
+		$studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag');
+
+		$result = $this->antraglib->getAktivePrestudentenInStgs($studiengaenge, $query);
+		$result = $this->getDataOrTerminateWithError($result);
+
+		return $this->terminateWithSuccess($result ?: []);
+	}
+
+	public function approveAntrag()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules(
+			'studierendenantrag_id',
+			'Studierenden Antrag',
+			[
+				'required',
+				['isEntitledToApproveAntrag', [$this->antraglib, 'isEntitledToApproveAntrag']],
+			],
+			[
+				'isEntitledToApproveAntrag' => $this->p->t('studierendenantrag', 'error_no_right')
+			]
+		);
+		$this->form_validation->set_rules(
+			'typ',
+			'Typ',
+			'required|in_list[' . implode(',', [
+				Studierendenantrag_model::TYP_ABMELDUNG,
+				Studierendenantrag_model::TYP_ABMELDUNG_STGL,
+				Studierendenantrag_model::TYP_UNTERBRECHUNG,
+				Studierendenantrag_model::TYP_WIEDERHOLUNG
+			]) . ']'
+		);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
+		switch ($this->input->post('typ')) {
+			case Studierendenantrag_model::TYP_ABMELDUNG:
+			case Studierendenantrag_model::TYP_ABMELDUNG_STGL:
+				$result = $this->antraglib->approveAbmeldung([$studierendenantrag_id], getAuthUID());
+				break;
+			case Studierendenantrag_model::TYP_UNTERBRECHUNG:
+				$result = $this->antraglib->approveUnterbrechung([$studierendenantrag_id], getAuthUID());
+				break;
+			case Studierendenantrag_model::TYP_WIEDERHOLUNG:
+				$result = $this->antraglib->approveWiederholung($studierendenantrag_id, getAuthUID());
+				break;
+		}
+		$this->getDataOrTerminateWithError($result);
+
+		return $this->terminateWithSuccess($studierendenantrag_id);
+	}
+
+	public function rejectAntrag()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules(
+			'studierendenantrag_id',
+			'Studierenden Antrag',
+			[
+				'required',
+				['isEntitledToRejectAntrag', [$this->antraglib, 'isEntitledToRejectAntrag']],
+			],
+			[
+				'isEntitledToRejectAntrag' => $this->p->t('studierendenantrag', 'error_no_right')
+			]
+		);
+		$this->form_validation->set_rules('grund', 'Grund', 'required');
+		$this->form_validation->set_rules(
+			'typ',
+			'Typ',
+			'required|in_list[' . implode(',', [
+				Studierendenantrag_model::TYP_UNTERBRECHUNG
+			]) . ']'
+		);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
+		$grund = $this->input->post('grund');
+
+		$result = $this->antraglib->rejectUnterbrechung([$studierendenantrag_id], getAuthUID(), $grund);
+		$this->getDataOrTerminateWithError($result);
+
+		return $this->terminateWithSuccess($studierendenantrag_id);
+	}
+
+	public function reopenAntrag()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules(
+			'studierendenantrag_id',
+			'Studierenden Antrag',
+			[
+				'required',
+				['isEntitledToReopenAntrag', [$this->antraglib, 'isEntitledToReopenAntrag']],
+			],
+			[
+				'isEntitledToReopenAntrag' => $this->p->t('studierendenantrag', 'error_no_right')
+			]
+		);
+		$this->form_validation->set_rules(
+			'typ',
+			'Typ',
+			'required|in_list[' . implode(',', [
+				Studierendenantrag_model::TYP_WIEDERHOLUNG
+			]) . ']'
+		);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
+
+		$result = $this->antraglib->reopenWiederholung($studierendenantrag_id, getAuthUID());
+		$this->getDataOrTerminateWithError($result);
+
+		return $this->terminateWithSuccess($studierendenantrag_id);
+	}
+
+	public function pauseAntrag()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules(
+			'studierendenantrag_id',
+			'Studierenden Antrag',
+			[
+				'required',
+				['isEntitledToPauseAntrag', [$this->antraglib, 'isEntitledToPauseAntrag']],
+				['antragCanBeManualPaused', [$this->antraglib, 'antragCanBeManualPaused']]
+			],
+			[
+				'isEntitledToPauseAntrag' => $this->p->t('studierendenantrag', 'error_no_right'),
+				'antragCanBeManualPaused' => $this->p->t(
+					'studierendenantrag',
+					'error_not_pauseable',
+					['id' => $this->input->post('studierendenantrag_id')]
+				)
+			]
+		);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
+
+		$result = $this->antraglib->pauseAntrag($studierendenantrag_id, getAuthUID());
+		$this->getDataOrTerminateWithError($result);
+
+		return $this->terminateWithSuccess($studierendenantrag_id);
+	}
+
+	public function unpauseAntrag()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules(
+			'studierendenantrag_id',
+			'Studierenden Antrag',
+			[
+				'required',
+				['isEntitledToUnpauseAntrag', [$this->antraglib, 'isEntitledToUnpauseAntrag']],
+				['antragCanBeManualUnpaused', [$this->antraglib, 'antragCanBeManualUnpaused']]
+			],
+			[
+				'isEntitledToUnpauseAntrag' => $this->p->t('studierendenantrag', 'error_no_right'),
+				'antragCanBeManualUnpaused' => $this->p->t(
+					'studierendenantrag',
+					'error_not_paused',
+					['id' => $this->input->post('studierendenantrag_id')]
+				)
+			]
+		);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
+
+		$result = $this->antraglib->unpauseAntrag($studierendenantrag_id, getAuthUID());
+		$this->getDataOrTerminateWithError($result);
+
+		return $this->terminateWithSuccess($studierendenantrag_id);
+	}
+
+	public function objectAntrag()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules(
+			'studierendenantrag_id',
+			'Studierenden Antrag',
+			[
+				'required',
+				['isEntitledToObjectAntrag', [$this->antraglib, 'isEntitledToObjectAntrag']],
+				['canBeObjected', function ($a) {
+					return $this->antraglib->hasType($a, Studierendenantrag_model::TYP_ABMELDUNG_STGL);
+				}]
+			],
+			[
+				'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'),
+				'canBeObjected' => $this->p->t(
+					'studierendenantrag',
+					'error_no_objection'
+				)
+			]
+		);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
+
+		$result = $this->antraglib->objectAbmeldung($studierendenantrag_id, getAuthUID());
+		$this->getDataOrTerminateWithError($result);
+
+		return $this->terminateWithSuccess($studierendenantrag_id);
+	}
+
+	public function approveObjection()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules(
+			'studierendenantrag_id',
+			'Studierenden Antrag',
+			[
+				'required',
+				['isEntitledToObjectAntrag', [$this->antraglib, 'isEntitledToObjectAntrag']],
+				['isObjected', function ($a) {
+					return $this->antraglib->hasStatus($a, Studierendenantragstatus_model::STATUS_OBJECTED);
+				}]
+			],
+			[
+				'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'),
+				'isObjected' => $this->p->t(
+					'studierendenantrag',
+					'error_not_objected'
+				)
+			]
+		);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
+		
+		$result = $this->antraglib->cancelAntrag($studierendenantrag_id, getAuthUID());
+		$this->getDataOrTerminateWithError($result);
+
+		return $this->terminateWithSuccess($studierendenantrag_id);
+	}
+
+	public function denyObjection()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules(
+			'studierendenantrag_id',
+			'Studierenden Antrag',
+			[
+				'required',
+				['isEntitledToObjectAntrag', [$this->antraglib, 'isEntitledToObjectAntrag']],
+				['isObjected', function ($a) {
+					return $this->antraglib->hasStatus($a, Studierendenantragstatus_model::STATUS_OBJECTED);
+				}]
+			],
+			[
+				'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'),
+				'isObjected' => $this->p->t(
+					'studierendenantrag',
+					'error_not_objected'
+				)
+			]
+		);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
+		$grund = $this->input->post('grund');
+
+		$result = $this->antraglib->denyObjectionAbmeldung($studierendenantrag_id, getAuthUID(), $grund);
+		$this->getDataOrTerminateWithError($result);
+
+		return $this->terminateWithSuccess($studierendenantrag_id);
+	}
+}

application/controllers/api/frontend/v1/studstatus/Unterbrechung.php

@@ -1,4 +1,20 @@
 <?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
 
 if (! defined('BASEPATH')) exit('No direct script access allowed');
 
@@ -6,23 +22,28 @@ use \Studierendenantrag_model as Studierendenantrag_model;
 use \DateTime as DateTime;
 
 /**
- *
+ * This controller operates between (interface) the JS (GUI) and the AntragLib (back-end)
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
  */
-class Unterbrechung extends FHC_Controller
+class Unterbrechung extends FHCAPI_Controller
 {
 
 	/**
-	 * Calls the parent's constructor and loads the FilterCmptLib
+	 * Calls the parent's constructor and loads the AntragLib
 	 */
 	public function __construct()
 	{
-		parent::__construct();
+		parent::__construct([
+			'getDetailsForNewAntrag' => self::PERM_LOGGED,
+			'getDetailsForAntrag' => self::PERM_LOGGED,
+			'createAntrag' => self::PERM_LOGGED,
+			'cancelAntrag' => self::PERM_LOGGED
+		]);
 
 		// Configs
 		$this->load->config('studierendenantrag');
 
 		// Libraries
-		$this->load->library('AuthLib');
 		$this->load->library('AntragLib');
 
 		// Load language phrases
@@ -38,74 +59,62 @@ class Unterbrechung extends FHC_Controller
 
 	public function getDetailsForNewAntrag($prestudent_id)
 	{
-		if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, false)) {
-			$this->output->set_status_header(403);
-			return $this->outputJsonError('Forbidden');
-		}
+		if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, false))
+			$this->terminateWithError('Forbidden', self::ERROR_TYPE_AUTH, REST_Controller::HTTP_FORBIDDEN);
+
 		$result = $this->antraglib->getPrestudentUnterbrechungsBerechtigt($prestudent_id);
-		if (isError($result)) {
-			$this->output->set_status_header(500);
-			return $this->outputJsonError(getError($result));
-		}
-		$result = $result->retval;
+		$result = $this->getDataOrTerminateWithError($result);
+
 		if (!$result) {
-			$this->output->set_status_header(403);
-			return $this->outputJsonError($this->p->t('studierendenantrag', 'error_no_student'));
-		}
-		elseif ($result == -1)
-		{
+			$this->terminateWithError(
+				$this->p->t('studierendenantrag', 'error_no_student'),
+				self::ERROR_TYPE_AUTH,
+				REST_Controller::HTTP_FORBIDDEN
+			);
+		} elseif ($result == -1) {
 			$result = $this->antraglib->getDetailsForLastAntrag($prestudent_id, Studierendenantrag_model::TYP_UNTERBRECHUNG);
-			if (isError($result)) {
-				return $this->outputJsonError(getError($result));
-			}
+			
+			$data = $this->getDataOrTerminateWithError($result);
 
-			return $this->outputJsonSuccess(getData($result));
-		}
-		elseif ($result == -2)
-		{
+			return $this->terminateWithSuccess($data);
+		} elseif ($result == -2) {
 			$result = $this->antraglib->getDetailsForLastAntrag($prestudent_id);
-			if (isError($result)) {
-				return $this->outputJsonError(getError($result));
-			}
 
-			$result = getData($result);
-			$this->output->set_status_header(400);
-			return $this->outputJsonError($this->p->t('studierendenantrag', 'error_antrag_pending', [
+			$data = $this->getDataOrTerminateWithError($result);
+
+			return $this->terminateWithError($this->p->t('studierendenantrag', 'error_antrag_pending', [
                 'typ' => $this->p->t('studierendenantrag', 'antrag_typ_' . $result->typ)
             ]));
+		} elseif ($result == -3) {
+			$this->terminateWithError(
+				$this->p->t('studierendenantrag', 'error_stg_blacklist'),
+				self::ERROR_TYPE_AUTH,
+				REST_Controller::HTTP_FORBIDDEN
+			);
 		}
-		elseif ($result == -3)
-		{
-			$this->output->set_status_header(403);
-			return $this->outputJsonError($this->p->t('studierendenantrag', 'error_stg_blacklist'));
-		}
+
 		$result = $this->antraglib->getDetailsForNewAntrag($prestudent_id);
-		if (isError($result)) {
-			return $this->outputJsonError(getError($result));
-		}
 
-		$data = getData($result);
+		$data = $this->getDataOrTerminateWithError($result);
 
-		$data->studiensemester = $this->antraglib->getSemesterForUnterbrechung($data->studiensemester_kurzbz);
+		$data->studiensemester = $this->antraglib->getSemesterForUnterbrechung($prestudent_id, null);
 
-		$this->outputJsonSuccess($data);
+		$this->terminateWithSuccess($data);
 	}
 
 	public function getDetailsForAntrag($studierendenantrag_id)
 	{
-		if (!$this->antraglib->isEntitledToShowAntrag($studierendenantrag_id))	return show_404();
+		if (!$this->antraglib->isEntitledToShowAntrag($studierendenantrag_id))
+			return show_404();
 
 		$result = $this->antraglib->getDetailsForAntrag($studierendenantrag_id);
-		if (isError($result)) {
-			return $this->outputJsonError(getError($result));
-		}
 
-		$data = getData($result);
+		$data = $this->getDataOrTerminateWithError($result);
 
 		if ($data->typ !== Studierendenantrag_model::TYP_UNTERBRECHUNG)
 			return show_404();
 
-		$this->outputJsonSuccess($data);
+		$this->terminateWithSuccess($data);
 	}
 
 	public function createAntrag()
@@ -125,9 +134,8 @@ class Unterbrechung extends FHC_Controller
 			]
 		);
 
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
+		if (!$this->form_validation->run()) {
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
 		}
 
 		$grund = $this->input->post('grund');
@@ -136,26 +144,18 @@ class Unterbrechung extends FHC_Controller
 		$datum_wiedereinstieg = $this->input->post('datum_wiedereinstieg');
 		$dms_id = null;
 
-		$result = $this->antraglib->getPrestudentUnterbrechungsBerechtigt($prestudent_id);
-		if (isError($result)) {
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
-		$result = $result->retval;
-		if (!$result)
-		{
-			return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_no_student')]);
-		}
-		elseif ($result == -3)
-		{
-			return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_stg_blacklist')]);
-		}
-		elseif ($result < 0)
-		{
-			return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_antrag_exists')]);
-		}
+		$result = $this->antraglib->getPrestudentUnterbrechungsBerechtigt($prestudent_id, $studiensemester, $datum_wiedereinstieg);
 
-		if(isset($_FILES['attachment']) && (!isset($_FILES['attachment']['error']) || $_FILES['attachment']['error'] != UPLOAD_ERR_NO_FILE))
-		{
+		$result = $this->getDataOrTerminateWithError($result);
+		
+		if (!$result)
+			$this->terminateWithError($this->p->t('studierendenantrag', 'error_no_student'), self::ERROR_TYPE_GENERAL);
+		elseif ($result == -3)
+			$this->terminateWithError($this->p->t('studierendenantrag', 'error_stg_blacklist'), self::ERROR_TYPE_GENERAL);
+		elseif ($result < 0)
+			$this->terminateWithError($this->p->t('studierendenantrag', 'error_antrag_exists'), self::ERROR_TYPE_GENERAL);
+		
+		if (isset($_FILES['attachment']) && (!isset($_FILES['attachment']['error']) || $_FILES['attachment']['error'] != UPLOAD_ERR_NO_FILE)) {
 			$this->load->library('DmsLib');
 
 			$dms = $this->config->item('unterbrechung_dms');
@@ -167,53 +167,46 @@ class Unterbrechung extends FHC_Controller
 
 			$allowed_filetypes = $this->config->item('unterbrechung_dms_filetypes') ?: ['*'];
 			$result = $this->dmslib->upload($dms, 'attachment', $allowed_filetypes);
-			if(isError($result))
-			{
-				return $this->outputJsonError(['db' => getError($result)]);
-			}
-			$dms_id = getData($result)['dms_id'];
+
+			$data = $this->getDataOrTerminateWithError($result);
+			
+			$dms_id = $data['dms_id'];
 		}
 
 		$result = $this->antraglib->createUnterbrechung($prestudent_id, $studiensemester, getAuthUID(), $grund, $datum_wiedereinstieg, $dms_id);
-		if(isError($result))
-		{
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
 
-		$antragId = getData($result);
+		$antragId = $this->getDataOrTerminateWithError($result);
+		
 		$result = $this->antraglib->getDetailsForAntrag($antragId);
 
-		if(!hasData($result))
-			return $this->outputJsonSuccess($antragId);
-		$this->outputJsonSuccess(getData($result));
+		if (!hasData($result))
+			$this->terminateWithSuccess($antragId);
+
+		$this->terminateWithSuccess(getData($result));
 	}
 
 	public function cancelAntrag()
 	{
 		$this->load->library('form_validation');
 
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
 		$this->form_validation->set_rules('antrag_id', 'Antrag ID', 'required');
 
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
+		if (!$this->form_validation->run()) {
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
 		}
 
 		$antrag_id = $this->input->post('antrag_id');
 
 		$result = $this->antraglib->cancelAntrag($antrag_id, getAuthUID());
-		if (isError($result))
-		{
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
+
+		$this->getDataOrTerminateWithError($result);
 
 		$result = $this->antraglib->getDetailsForAntrag($antrag_id);
 
 		if (!hasData($result))
-			return $this->outputJsonSuccess($antrag_id);
-		$this->outputJsonSuccess(getData($result));
+			return $this->terminateWithSuccess($antrag_id);
+	
+		$this->terminateWithSuccess(getData($result));
 	}
 
 	public function isValidDate($date)

application/controllers/api/frontend/v1/studstatus/Wiederholung.php

@@ -0,0 +1,258 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+use \REST_Controller as REST_Controller;
+use \Studierendenantragstatus_model as Studierendenantragstatus_model;
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the AntragLib (back-end)
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Wiederholung extends FHCAPI_Controller
+{
+
+	/**
+	 * Calls the parent's constructor and loads the FilterCmptLib
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'getDetailsForNewAntrag' => self::PERM_LOGGED,
+			'createAntrag' => self::PERM_LOGGED,
+			'cancelAntrag' => self::PERM_LOGGED,
+			'getLvs' => self::PERM_LOGGED,
+			'saveLvs' => ['student/studierendenantrag:w']
+		]);
+
+		// Libraries
+		$this->load->library('AntragLib');
+
+		// Load language phrases
+		$this->loadPhrases([
+			'global',
+			'studierendenantrag'
+		]);
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Retrieves data of the current studiengang for the current user
+	 */
+
+	public function getDetailsForNewAntrag($prestudent_id)
+	{
+		if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, false))
+			$this->terminateWithError('Forbidden', self::ERROR_TYPE_AUTH, REST_Controller::HTTP_FORBIDDEN);
+
+		$result = $this->antraglib->getPrestudentWiederholungsBerechtigt($prestudent_id);
+		$result = $this->getDataOrTerminateWithError($result);
+
+		if (!$result) {
+			$this->terminateWithError(
+				$this->p->t('studierendenantrag', 'error_no_student_no_failed_exam'),
+				self::ERROR_TYPE_AUTH,
+				REST_Controller::HTTP_FORBIDDEN
+			);
+		} elseif ($result == -1) {
+			$result = $this->antraglib->getDetailsForLastAntrag($prestudent_id, Studierendenantrag_model::TYP_WIEDERHOLUNG);
+			$data = $this->getDataOrTerminateWithError($result);
+
+			$result = $this->antraglib->getFailedExamForPrestudent($prestudent_id, $data->datum, $data->studiensemester_kurzbz);
+			// NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt()
+			$pruefungsdata = current(getData($result));
+
+			$data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz;
+			$data->lvbezeichnung = $pruefungsdata->lvbezeichnung;
+			$data->pruefungsdatum = $pruefungsdata->datum;
+
+			$this->terminateWithSuccess($data);
+		} elseif ($result == -2) {
+			$result = $this->antraglib->getDetailsForLastAntrag($prestudent_id);
+			$result = $this->getDataOrTerminateWithError($result);
+
+			$this->terminateWithError(
+				$this->p->t('studierendenantrag', 'error_antrag_pending', [
+					'typ' => $this->p->t('studierendenantrag', 'antrag_typ_' . $result->typ)
+				]),
+				self::ERROR_TYPE_GENERAL,
+				REST_Controller::HTTP_BAD_REQUEST
+			);
+		} elseif ($result == -3) {
+			$this->terminateWithError(
+				$this->p->t('studierendenantrag', 'error_stg_blacklist'),
+				self::ERROR_TYPE_GENERAL,
+				REST_Controller::HTTP_BAD_REQUEST
+			);
+		}
+
+		$result = $this->antraglib->getDetailsForNewAntrag($prestudent_id);
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$result = $this->antraglib->getFailedExamForPrestudent($prestudent_id);
+		// NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt()
+		$pruefungsdata = current(getData($result));
+
+		$data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz;
+		$data->lvbezeichnung = $pruefungsdata->lvbezeichnung;
+		$data->pruefungsdatum = $pruefungsdata->datum;
+
+		$this->terminateWithSuccess($data);
+	}
+
+	public function createAntrag()
+	{
+		$this->createAntragWithStatus(true);
+	}
+
+	public function cancelAntrag()
+	{
+		$this->createAntragWithStatus(false);
+	}
+
+	protected function createAntragWithStatus($repeat)
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('prestudent_id', 'Prestudent ID', 'required');
+		$this->form_validation->set_rules('studiensemester', 'Studiensemester', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$prestudent_id = $this->input->post('prestudent_id');
+		$studiensemester = $this->input->post('studiensemester');
+
+		$result = $this->antraglib->getPrestudentWiederholungsBerechtigt($prestudent_id);
+		$result = $this->getDataOrTerminateWithError($result);
+
+		if (!$result) {
+			$this->terminateWithError($this->p->t('studierendenantrag', 'error_no_student'), self::ERROR_TYPE_GENERAL);
+		} elseif ($result == -1) {
+			$result = $this->PrestudentstatusModel->getLastStatus($prestudent_id);
+			$result = $this->getDataOrTerminateWithError($result);
+			if (!$result)
+				$this->terminateWithError($this->p->t('studierendenantrag', 'error_no_prestudentstatus', [
+					'prestudent_id' => $prestudent_id
+				]), self::ERROR_TYPE_GENERAL);
+			if (!in_array(current($result)->status_kurzbz, $this->config->item('antrag_prestudentstatus_whitelist')))
+				$this->terminateWithError($this->p->t('studierendenantrag', 'error_no_student'), self::ERROR_TYPE_GENERAL);
+		} elseif ($result == -2) {
+			$this->terminateWithError($this->p->t('studierendenantrag', 'error_antrag_exists'), self::ERROR_TYPE_GENERAL);
+		} elseif ($result == -3) {
+			$this->terminateWithError($this->p->t('studierendenantrag', 'error_stg_blacklist'), self::ERROR_TYPE_GENERAL);
+		}
+
+		$result = $this->antraglib->createWiederholung($prestudent_id, $studiensemester, getAuthUID(), $repeat);
+		$antragId = $this->getDataOrTerminateWithError($result);
+
+		$result = $this->antraglib->getDetailsForAntrag($antragId);
+
+		if (!hasData($result))
+			$this->terminateWithSuccess(true);
+
+		$data = getData($result);
+
+		$result = $this->antraglib->getFailedExamForPrestudent($prestudent_id);
+		// NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt()
+		$pruefungsdata = current(getData($result));
+
+		$data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz;
+		$data->lvbezeichnung = $pruefungsdata->lvbezeichnung;
+		$data->pruefungsdatum = $pruefungsdata->datum;
+
+		$this->terminateWithSuccess($data);
+	}
+
+
+	public function getLvs($antrag_id)
+	{
+		$result = $this->antraglib->getLvsForAntrag($antrag_id);
+		if (isError($result)) {
+			$error = getError($result);
+			if ($error == 'Forbidden')
+				$this->terminateWithError(
+					$error,
+					self::ERROR_TYPE_AUTH,
+					REST_Controller::HTTP_FORBIDDEN
+				);
+			$this->terminateWithError(
+				$error,
+				self::ERROR_TYPE_GENERAL
+			);
+		}
+		$lvs = getData($result);
+
+		$this->terminateWithSuccess($lvs);
+	}
+
+	public function saveLvs()
+	{
+		$forbiddenLvs = $this->input->post('forbiddenLvs');
+		$mandatoryLvs = $this->input->post('mandatoryLvs');
+		$antragsLvs = array_merge($forbiddenLvs, $mandatoryLvs);
+
+		if (!$antragsLvs)
+			$this->terminateWithError($this->p->t('studierendenantrag', 'error_no_lv'), self::ERROR_TYPE_GENERAL);
+
+		$insert = array_map(function ($lv) {
+			return [
+				'studierendenantrag_id' => $lv['studierendenantrag_id'],
+				'lehrveranstaltung_id' => $lv['lehrveranstaltung_id'],
+				'note' => $lv['zugelassen']
+                    ? ($lv['zugelassen'] == 1 ? 0 : $this->config->item('wiederholung_note_angerechnet'))
+                    : $this->config->item('wiederholung_note_nicht_zugelassen'),
+				'anmerkung' => $lv['anmerkung'],
+				'insertvon' => getAuthUID(),
+				'studiensemester_kurzbz' => $lv['studiensemester_kurzbz']
+			];
+		}, $antragsLvs);
+
+		$antrag_ids = array_unique(array_map(function ($lv) {
+			return $lv['studierendenantrag_id'];
+		}, $insert));
+
+		foreach ($antrag_ids as $antrag_id) {
+			$result = $this->StudierendenantragModel->loadIdAndStatusWhere([
+				'studierendenantrag_id' => $antrag_id
+			]);
+			$antrag = $this->getDataOrTerminateWithError($result);
+			if (!$antrag)
+				$this->terminateWithError(
+					$this->p->t('studierendenantrag', 'error_no_antrag_found', ['id' => $antrag_id]),
+					self::ERROR_TYPE_GENERAL
+				);
+			$antrag = current($antrag);
+
+			if ($antrag->status != Studierendenantragstatus_model::STATUS_CREATED
+				&& $antrag->status != Studierendenantragstatus_model::STATUS_LVSASSIGNED)
+				$this->terminateWithError(
+					$this->p->t('studierendenantrag', 'error_antrag_locked'),
+					self::ERROR_TYPE_GENERAL
+				);
+		}
+
+		$result = $this->antraglib->saveLvs($insert);
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+}

application/controllers/api/frontend/v1/stv/Address.php

@@ -0,0 +1,66 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the back-end
+ * Provides data to the ajax get calls about addresses
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Address extends FHCAPI_Controller
+{
+	public function __construct()
+	{
+		parent::__construct([
+			'getNations' => self::PERM_LOGGED,
+			'getPlaces' => self::PERM_LOGGED
+		]);
+	}
+
+	public function getNations()
+	{
+		$this->load->model('codex/Nation_model', 'NationModel');
+
+		$this->NationModel->addOrder('kurztext');
+
+		$result = $this->NationModel->load();
+		$data = $this->getDataOrTerminateWithError($result);
+		
+		$this->terminateWithSuccess($data);
+	}
+
+	public function getPlaces($plz)
+	{
+		$this->load->model('codex/Gemeinde_model', 'GemeindeModel');
+
+		$this->load->library('form_validation');
+		
+		$this->form_validation->set_data(['address.plz' => $plz]);
+
+		$this->form_validation->set_rules('address.plz', 'PLZ', 'numeric|less_than[10000]');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$result = $this->GemeindeModel->getGemeindeByPlz($plz);
+		$data = $this->getDataOrTerminateWithError($result);
+		
+		$this->terminateWithSuccess($data);
+	}
+}

application/controllers/api/frontend/v1/stv/Config.php

@@ -0,0 +1,233 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+
+use CI3_Events as Events;
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the back-end
+ * Provides data to the ajax get calls about the StV Config
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Config extends FHCAPI_Controller
+{
+
+
+	public function __construct()
+	{
+		// TODO(chris): permissions
+		parent::__construct([
+			'student' => ['admin:r', 'assistenz:r'],
+			'students' => ['admin:r', 'assistenz:r']
+		]);
+
+
+		// Load Phrases
+		$this->loadPhrases([
+			'global',
+			'person',
+			'lehre',
+			'stv',
+			'konto'
+		]);
+	}
+
+	public function student()
+	{
+		$result = [];
+		$result['details'] = [
+			'title' => $this->p->t('stv', 'tab_details'),
+			'component' => './Stv/Studentenverwaltung/Details/Details.js'
+		];
+		$result['notes'] = [
+			'title' => $this->p->t('stv', 'tab_notes'),
+			'component' => './Stv/Studentenverwaltung/Details/Notizen.js'
+		];
+		$result['contact'] = [
+			'title' => $this->p->t('stv', 'tab_contact'),
+			'component' => './Stv/Studentenverwaltung/Details/Kontakt.js',
+			'config' => [
+				'showBankaccount' => $this->permissionlib->isBerechtigt('mitarbeiter/bankdaten')
+					|| $this->permissionlib->isBerechtigt('student/bankdaten')
+			]
+		];
+		$result['prestudent'] = [
+			'title' => $this->p->t('stv', 'tab_prestudent'),
+			'component' => './Stv/Studentenverwaltung/Details/Prestudent.js'
+		];
+		$result['status'] = [
+			'title' => 'Status',
+			'component' => './Stv/Studentenverwaltung/Details/MultiStatus.js'
+		];
+		$result['banking'] = [
+			'title' => $this->p->t('stv', 'tab_banking'),
+			'component' => './Stv/Studentenverwaltung/Details/Konto.js',
+			'config' => [
+				'showZahlungsbestaetigung' => (defined('ZAHLUNGSBESTAETIGUNG_ANZEIGEN') && ZAHLUNGSBESTAETIGUNG_ANZEIGEN),
+				'showBuchungsnr' => $this->permissionlib->isBerechtigt('admin'),
+				'showMahnspanne' => (!defined('FAS_KONTO_SHOW_MAHNSPANNE') || FAS_KONTO_SHOW_MAHNSPANNE===true),
+				'showCreditpoints' => (defined('FAS_KONTO_SHOW_CREDIT_POINTS') && FAS_KONTO_SHOW_CREDIT_POINTS == 'true'),
+				'columns' => $this->kontoColumns(),
+				'additionalCols' => []
+			]
+		];
+		$result['resources'] = [
+			'title' => $this->p->t('stv', 'tab_resources'),
+			'component' => './Stv/Studentenverwaltung/Details/Betriebsmittel.js'
+		];
+		/* TODO(chris): Ausgeblendet für Testing
+		$result['grades'] = [
+			'title' => $this->p->t('stv', 'tab_grades'),
+			'component' => './Stv/Studentenverwaltung/Details/Noten.js'
+		];
+		*/
+
+		Events::trigger('stv_conf_student', function & () use (&$result) {
+			return $result;
+		});
+
+		$this->terminateWithSuccess($result);
+	}
+
+	public function students()
+	{
+		$result = [];
+		$result['banking'] = [
+			'title' => $this->p->t('stv', 'tab_banking'),
+			'component' => './Stv/Studentenverwaltung/Details/Konto.js',
+			'config' => [
+				'showZahlungsbestaetigung' => (defined('ZAHLUNGSBESTAETIGUNG_ANZEIGEN') && ZAHLUNGSBESTAETIGUNG_ANZEIGEN),
+				'showBuchungsnr' => $this->permissionlib->isBerechtigt('admin'),
+				'showMahnspanne' => (!defined('FAS_KONTO_SHOW_MAHNSPANNE') || FAS_KONTO_SHOW_MAHNSPANNE===true),
+				'showCreditpoints' => (defined('FAS_KONTO_SHOW_CREDIT_POINTS') && FAS_KONTO_SHOW_CREDIT_POINTS == 'true'),
+				'columns' => $this->kontoColumnsMultiPerson(),
+				'additionalCols' => []
+			]
+		];
+		$result['status'] = [
+			'title' => 'Status',
+			'component' => './Stv/Studentenverwaltung/Details/MultiStatus.js',
+			'config' => [
+				'changeStatusToAbbrecherStgl' => $this->permissionlib->isBerechtigt('admin'),
+				'changeStatusToAbbrecherStud' => $this->permissionlib->isBerechtigt('admin'),
+				'changeStatusToUnterbrecher' => $this->permissionlib->isBerechtigt('admin'),
+				'changeStatusToDiplomand' => $this->permissionlib->isBerechtigt('admin'),
+				'changeStatusToAbsolvent' => $this->permissionlib->isBerechtigt('admin')
+			]
+		];
+
+		Events::trigger('stv_conf_students', function & () use (&$result) {
+			return $result;
+		});
+
+		$this->terminateWithSuccess($result);
+	}
+
+	protected function kontoColumns()
+	{
+		return [
+			'buchungsdatum' => [
+				'field' => "buchungsdatum",
+				'title' => $this->p->t('konto', 'buchungsdatum')
+			],
+			'buchungstext' => [
+				'field' => "buchungstext",
+				'title' => $this->p->t('konto', 'buchungstext')
+			],
+			'betrag' => [
+				'field' => "betrag",
+				'title' => $this->p->t('konto', 'betrag')
+			],
+			'studiensemester_kurzbz' => [
+				'field' => "studiensemester_kurzbz",
+				'title' => $this->p->t('lehre', 'studiensemester')
+			],
+			'buchungstyp_kurzbz' => [
+				'field' => "buchungstyp_kurzbz",
+				'title' => $this->p->t('konto', 'buchungstyp'),
+				'visible' => false
+			],
+			'buchungsnr' => [
+				'field' => "buchungsnr",
+				'title' => $this->p->t('konto', 'buchungsnr'),
+				'visible' => false
+			],
+			'insertvon' => [
+				'field' => "insertvon",
+				'title' => $this->p->t('global', 'insertvon'),
+				'visible' => false
+			],
+			'insertamum' => [
+				'field' => "insertamum",
+				'title' => $this->p->t('global', 'insertamum'),
+				'visible' => false
+			],
+			'kuerzel' => [
+				'field' => "kuerzel",
+				'title' => $this->p->t('lehre', 'studiengang'),
+				'visible' => false
+			],
+			'anmerkung' => [
+				'field' => "anmerkung",
+				'title' => $this->p->t('global', 'anmerkung')
+			],
+			'actions' => [
+				'title' => $this->p->t('global', 'actions'),
+				'frozen' => true
+			]
+		];
+	}
+	protected function kontoColumnsMultiPerson()
+	{
+		return [
+			'person_id' => [
+				'field' => "person_id",
+				'title' => $this->p->t('person', 'person_id')
+			],
+			'anrede' => [
+				'field' => "anrede",
+				'title' => $this->p->t('person', 'anrede'),
+				'visible' => false
+			],
+			'titelpost' => [
+				'field' => "titelpost",
+				'title' => $this->p->t('person', 'titelpost'),
+				'visible' => false
+			],
+			'titelpre' => [
+				'field' => "titelpre",
+				'title' => $this->p->t('person', 'titelpre'),
+				'visible' => false
+			],
+			'vorname' => [
+				'field' => "vorname",
+				'title' => $this->p->t('person', 'vorname')
+			],
+			'vornamen' => [
+				'field' => "vornamen",
+				'title' => $this->p->t('person', 'vornamen'),
+				'visible' => false
+			],
+			'nachname' => [
+				'field' => "nachname",
+				'title' => $this->p->t('person', 'nachname')
+			]
+		] + $this->kontoColumns();
+	}
+}

application/controllers/api/frontend/v1/stv/Favorites.php

@@ -0,0 +1,71 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the back-end
+ * Provides data to the ajax get calls about favorite verbände
+ * Listens to ajax post calls to change the favorite verbände data
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Favorites extends FHCAPI_Controller
+{
+	public function __construct()
+	{
+		parent::__construct([
+			'index' => self::PERM_LOGGED,
+			'set' => self::PERM_LOGGED
+		]);
+
+		// Load models
+		$this->load->model('system/Variable_model', 'VariableModel');
+
+		// TODO(chris): variable table might be to small to store favorites!
+	}
+
+	public function index()
+	{
+		$result = $this->VariableModel->getVariables(getAuthUID(), ['stv_favorites']);
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		if (!$data)
+			$this->terminateWithSuccess(null);
+		else
+			$this->terminateWithSuccess($data['stv_favorites']);
+	}
+
+	public function set()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('favorites', 'Favorites', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$favorites = $this->input->post('favorites');
+
+		$result = $this->VariableModel->setVariable(getAuthUID(), 'stv_favorites', $favorites);
+
+		$this->getDataOrTerminateWithError($result);
+		
+		$this->terminateWithSuccess(true);
+	}
+}

application/controllers/api/frontend/v1/stv/Filter.php

@@ -0,0 +1,84 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the back-end
+ * Provides data to the ajax get calls about the Studiengang filter
+ * Listens to ajax post calls to change the Studiengang filter data
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Filter extends FHCAPI_Controller
+{
+	/**
+	 * Calls the parent's constructor and prepares libraries and phrases
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'getStg' => self::PERM_LOGGED,
+			'setStg' => self::PERM_LOGGED
+		]);
+
+		// Load models
+		$this->load->model('system/Variable_model', 'VariableModel');
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Get current setting
+	 *
+	 * @return void
+	 */
+	public function getStg()
+	{
+		$result = $this->VariableModel->getVariables(getAuthUID(), ['kontofilterstg']);
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data['kontofilterstg'] == 'true');
+	}
+
+	/**
+	 * Set current setting
+	 *
+	 * @return void
+	 */
+	public function setStg()
+	{
+		$this->load->library('form_validation');
+
+		$studiengang_kz = $this->input->post('studiengang_kz');
+
+		if ($studiengang_kz === null) {
+			$this->form_validation->set_rules('studiengang_kz', 'Studiengang', 'required');
+
+			if (!$this->form_validation->run())
+				$this->terminateWithValidationErrors($this->form_validation->error_array());
+		}
+
+		$result = $this->VariableModel->setVariable(getAuthUID(), 'kontofilterstg', $studiengang_kz ? 'true' : 'false');
+
+		$this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess(true);
+	}
+}

application/controllers/api/frontend/v1/stv/Kontakt.php

@@ -0,0 +1,754 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+use \DateTime as DateTime;
+
+class Kontakt extends FHCAPI_Controller
+{
+	public function __construct()
+	{
+		parent::__construct([
+			'getAdressen' => ['admin:r', 'assistenz:r'],
+			'addNewAddress' => ['admin:rw', 'assistenz:rw'],
+			'addNewContact' => ['admin:rw', 'assistenz:rw'],
+			'addNewBankverbindung' => ['mitarbeiter/bankdaten:rw', 'student/bankdaten:rw'],
+			'updateAddress' => ['admin:rw', 'assistenz:rw'],
+			'updateContact' => ['admin:rw', 'assistenz:rw'],
+			'updateBankverbindung' => ['mitarbeiter/bankdaten:rw', 'student/bankdaten:rw'],
+			'loadAddress' => ['admin:r', 'assistenz:r'],
+			'loadContact' => ['admin:r', 'assistenz:r'],
+			'loadBankverbindung' => ['mitarbeiter/bankdaten:r', 'student/bankdaten:r'],
+			'deleteAddress' => ['admin:rw', 'assistenz:rw'],
+			'deleteContact' => ['admin:rw','assistenz:rw'],
+			'deleteBankverbindung' => ['mitarbeiter/bankdaten:rw','astudent/bankdaten:rw'],
+			'getAdressentypen' => ['admin:r', 'assistenz:r'],
+			'getKontakttypen' => ['admin:r', 'assistenz:r'],
+			'getFirmen' => ['admin:r', 'assistenz:r'],
+			'getStandorte' => ['admin:r', 'assistenz:r'],
+			'getStandorteByFirma' => ['admin:r', 'assistenz:r'],
+			'getKontakte' => ['admin:r', 'assistenz:r'],
+			'getBankverbindung' => ['mitarbeiter/bankdaten:r', 'student/bankdaten:r']
+		]);
+
+		// Load Libraries
+		$this->load->library('VariableLib', ['uid' => getAuthUID()]);
+		$this->load->library('form_validation');
+
+		// Load language phrases
+		$this->loadPhrases([
+			'ui',
+			'person'
+		]);
+
+		// Load models
+		$this->load->model('person/Adresse_model', 'AdresseModel');
+		$this->load->model('organisation/standort_model', 'StandortModel');
+		$this->load->model('ressource/firma_model', 'FirmaModel');
+		$this->load->model('person/Kontakt_model', 'KontaktModel');
+
+		// Extra Permissionchecks
+		$permsMa = [];
+		$permsStud = [];
+		switch ($this->router->method) {
+			case 'getBankverbindung':
+			case 'loadBankverbindung':
+				$permsMa = ['mitarbeiter/bankdaten:r'];
+				$permsStud = ['student/bankdaten:r'];
+				break;
+			case 'addNewBankverbindung':
+			case 'updateBankverbindung':
+			case 'deleteBankverbindung':
+				$permsMa = ['mitarbeiter/bankdaten:rw'];
+				$permsStud = ['student/bankdaten:rw'];
+				break;
+			case 'getAdressen':
+			case 'getKontakte':
+			case 'loadAddress':
+			case 'loadContact':
+				$permsMa = $permsStud = ['admin:r', 'assistenz:r'];
+				break;
+			case 'addNewAddress':
+			case 'addNewContact':
+			case 'updateAddress':
+			case 'updateContact':
+			case 'deleteAddress':
+			case 'deleteContact':
+				$permsMa = $permsStud = ['admin:rw', 'assistenz:rw'];
+				break;
+		}
+		if ($this->router->method == 'getAdressen'
+			|| $this->router->method == 'getKontakte'
+			|| $this->router->method == 'getBankverbindung'
+			|| $this->router->method == 'addNewAddress'
+			|| $this->router->method == 'addNewContact'
+			|| $this->router->method == 'addNewBankverbindung'
+		) {
+			$person_id = current(array_slice($this->uri->rsegments, 2));
+			
+			$this->checkPermissionsForPerson($person_id, $permsMa, $permsStud);
+		} elseif ($this->router->method == 'loadAddress'
+			|| $this->router->method == 'loadContact'
+			|| $this->router->method == 'loadBankverbindung'
+			|| $this->router->method == 'updateAddress'
+			|| $this->router->method == 'updateContact'
+			|| $this->router->method == 'updateBankverbindung'
+			|| $this->router->method == 'deleteAddress'
+			|| $this->router->method == 'deleteContact'
+			|| $this->router->method == 'deleteBankverbindung'
+		) {
+			$id = current(array_slice($this->uri->rsegments, 2));
+
+			$model = 'person/Adresse_model';
+			if ($this->router->method == 'loadContact'
+				|| $this->router->method == 'updateContact'
+				|| $this->router->method == 'deleteContact'
+			) {
+				$model = 'person/Kontakt_model';
+			} elseif ($this->router->method == 'loadBankverbindung'
+				|| $this->router->method == 'updateBankverbindung'
+				|| $this->router->method == 'deleteBankverbindung'
+			) {
+				$model = 'person/Bankverbindung_model';
+			}
+
+			$this->load->model($model, 'TempModel');
+			$result = $this->TempModel->load($id);
+			$data = $this->getDataOrTerminateWithError($result);
+			if (!$result)
+				show_404();
+
+			$person_id = current($data)->person_id;
+			
+			$this->checkPermissionsForPerson($person_id, $permsMa, $permsStud);
+		}
+	}
+	public function getAdressen($person_id)
+	{
+		$this->AdresseModel->addSelect('public.tbl_adresse.*');
+		$this->AdresseModel->addSelect('t.*');
+		$this->AdresseModel->addSelect('f.firma_id');
+		$this->AdresseModel->addSelect('f.name as firmenname');
+		$this->AdresseModel->addJoin('public.tbl_adressentyp t', 'ON (t.adressentyp_kurzbz = public.tbl_adresse.typ)');
+		$this->AdresseModel->addJoin('public.tbl_firma f', 'ON (f.firma_id = public.tbl_adresse.firma_id)', 'LEFT');
+
+		$result = $this->AdresseModel->loadWhere(
+			array('person_id' => $person_id)
+		);
+		if (isError($result)) {
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		$this->terminateWithSuccess((getData($result) ?: []));
+	}
+
+	public function addNewAddress($person_id)
+	{
+		$this->form_validation->set_rules('plz', 'PLZ', 'required|numeric', [
+			'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'PLZ']),
+			'numeric' => $this->p->t('ui', 'error_fieldNotNumeric', ['field' => 'PLZ'])
+		]);
+
+		if(isset($_POST['gemeinde']) && isset($_POST['ort']))
+		$this->form_validation->set_rules('plz', 'Postleitzahl', 'callback_validateLocationCombination', [
+			'validateLocationCombination' => $this->p->t('ui', 'error_location_combination')
+		]);
+
+		if ($this->form_validation->run() == false)
+		{
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+		}
+
+		$uid = getAuthUID();
+		$co_name = isset($_POST['co_name']) ? $_POST['co_name'] : null;
+		$strasse = isset($_POST['strasse']) ? $_POST['strasse'] : null;
+		$ort = isset($_POST['ort']) ? $_POST['ort'] : null;
+		$gemeinde = isset($_POST['gemeinde']) ? $_POST['gemeinde'] : null;
+		$nation = isset($_POST['nation']) ? $_POST['nation'] : null;
+		$name = isset($_POST['name']) ? $_POST['name'] : null;
+		$typ = isset($_POST['typ']) ? $_POST['typ'] : null;
+		$anmerkung = isset($_POST['anmerkung']) ? $_POST['anmerkung'] : null;
+
+		if(isset($_POST['firma']))
+		{
+			$firma_id = $_POST['firma']['firma_id'];
+		}
+		else
+			$firma_id = null;
+
+		$result = $this->AdresseModel->insert(
+			[
+				'person_id' => $person_id,
+				'strasse' =>  $strasse,
+				'insertvon' => $uid,
+				'insertamum' => date('c'),
+				'plz' => $_POST['plz'],
+				'ort' => $ort,
+				'gemeinde' => $gemeinde,
+				'nation' => $nation,
+				'heimatadresse' => $_POST['heimatadresse'],
+				'zustelladresse' => $_POST['zustelladresse'],
+				'co_name' => $co_name,
+				'typ' => $typ,
+				'firma_id' => $firma_id,
+				'name' => $name,
+				'rechnungsadresse' => $_POST['rechnungsadresse'],
+				'anmerkung' => $anmerkung
+
+			]
+		);
+		if (isError($result))
+		{
+			return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->outputJsonSuccess(true);
+	}
+
+	public function updateAddress($address_id)
+	{
+		$uid = getAuthUID();
+		$this->form_validation->set_rules('plz', 'PLZ', 'required|numeric', [
+			'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'PLZ']),
+			'numeric' => $this->p->t('ui', 'error_fieldNotNumeric', ['field' => 'PLZ'])
+		]);
+
+		if(isset($_POST['gemeinde']) && isset($_POST['ort']))
+			$this->form_validation->set_rules('plz', 'Postleitzahl', 'callback_validateLocationCombination', [
+				'validateLocationCombination' => $this->p->t('ui', 'error_location_combination')
+			]);
+
+		if ($this->form_validation->run() == false)
+		{
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+		}
+
+		$this->load->model('person/Adresse_model', 'AdresseModel');
+
+		if(!$address_id)
+		{
+			return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Adresse_id']), self::ERROR_TYPE_GENERAL);
+		}
+
+		if(isset($_POST['firma']))
+		{
+			$firma_id = $_POST['firma']['firma_id'];
+		}
+		elseif(isset($_POST['firma_id']))
+		{
+			$firma_id = $_POST['firma_id'];
+		}
+		else
+			$firma_id = null;
+
+		$person_id = isset($_POST['person_id']) ? $_POST['person_id'] : null;
+		$co_name = isset($_POST['co_name']) ? $_POST['co_name'] : null;
+		$strasse = isset($_POST['strasse']) ? $_POST['strasse'] : null;
+		$ort = isset($_POST['ort']) ? $_POST['ort'] : null;
+		$gemeinde = isset($_POST['gemeinde']) ? $_POST['gemeinde'] : null;
+		$nation = isset($_POST['nation']) ? $_POST['nation'] : null;
+		$name = isset($_POST['name']) ? $_POST['name'] : null;
+		$typ = isset($_POST['typ']) ? $_POST['typ'] : null;
+		$anmerkung = isset($_POST['anmerkung']) ? $_POST['anmerkung'] : null;
+
+		$result = $this->AdresseModel->update(
+			[
+				'adresse_id' => $address_id
+			],
+			[	'person_id' => $person_id,
+				'strasse' =>  $strasse,
+				'updatevon' => $uid,
+				'updateamum' => date('c'),
+				'plz' => $_POST['plz'],
+				'ort' => $ort,
+				'gemeinde' => $gemeinde,
+				'nation' => $nation,
+				'heimatadresse' => $_POST['heimatadresse'],
+				'zustelladresse' => $_POST['zustelladresse'],
+				'co_name' => $co_name,
+				'typ' => $typ,
+				'firma_id' => $firma_id,
+				'name' => $name,
+				'rechnungsadresse' => $_POST['rechnungsadresse'],
+				'anmerkung' => $anmerkung
+			]
+		);
+
+		if (isError($result))
+		{
+			return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->outputJsonSuccess(true);
+	}
+
+	public function loadAddress($adresse_id)
+	{
+		$this->load->model('person/Adresse_model', 'AdresseModel');
+
+		$this->AdresseModel->addSelect('public.tbl_adresse.*');
+		$this->AdresseModel->addSelect('t.*');
+		$this->AdresseModel->addSelect('f.firma_id');
+		$this->AdresseModel->addSelect('f.name as firmenname');
+		$this->AdresseModel->addJoin('public.tbl_adressentyp t', 'ON (t.adressentyp_kurzbz = public.tbl_adresse.typ)');
+		$this->AdresseModel->addJoin('public.tbl_firma f', 'ON (f.firma_id = public.tbl_adresse.firma_id)', 'LEFT');
+
+		$this->AdresseModel->addLimit(1);
+
+		$result = $this->AdresseModel->loadWhere(
+			array('adresse_id' => $adresse_id)
+		);
+		if (isError($result)) {
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+
+		if (!hasData($result))
+		{
+			return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Adresse_id']), self::ERROR_TYPE_GENERAL);
+		}
+		$this->terminateWithSuccess(current(getData($result)) ? : null);
+	}
+
+	public function deleteAddress($adresse_id)
+	{
+		$this->load->model('person/Adresse_model', 'AdresseModel');
+		$result = $this->AdresseModel->load([
+			'adresse_id'=> $adresse_id,
+		]);
+		if(isError($result))
+		{
+			return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		$result = current(getData($result));
+
+		if($result->heimatadresse)
+
+			$this->terminateWithError($this->p->t('person', 'error_deleteHomeAdress'), self::ERROR_TYPE_GENERAL);
+
+		$result = $this->AdresseModel->delete(
+			array('adresse_id' => $adresse_id)
+		);
+
+		if (isError($result))
+		{
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		if (!hasData($result))
+		{
+			return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Adresse_id']), self::ERROR_TYPE_GENERAL);
+		}
+
+		return $this->terminateWithSuccess(current(getData($result)) ? : null);
+	}
+
+	public function getAdressentypen()
+	{
+		$this->load->model('person/Adressentyp_model', 'AdressentypModel');
+
+		$result = $this->AdressentypModel->load();
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		$this->terminateWithSuccess(getData($result) ?: []);
+	}
+
+	public function getFirmen($searchString)
+	{
+		$this->load->model('ressource/firma_model', 'FirmaModel');
+
+		$result = $this->FirmaModel->searchFirmen($searchString);
+		if (isError($result)) {
+			$this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		$this->terminateWithSuccess($result ?: []);
+	}
+
+	public function getStandorte($searchString)
+	{
+		$this->load->model('organisation/standort_model', 'StandortModel');
+
+		$result = $this->StandortModel->searchStandorte($searchString);
+		if (isError($result)) {
+			$this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		$this->terminateWithSuccess($result ?: []);
+	}
+
+	public function getStandorteByFirma($firma_id)
+	{
+		$this->load->model('organisation/standort_model', 'StandortModel');
+
+		$result = $this->StandortModel->getStandorteByFirma($firma_id);
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	public function getKontakte($person_id)
+	{
+		$this->KontaktModel->addSelect("public.tbl_kontakt.*,
+			TO_CHAR (CASE 
+					WHEN public.tbl_kontakt.updateamum >= public.tbl_kontakt.insertamum 
+					THEN public.tbl_kontakt.updateamum 
+					ELSE public.tbl_kontakt.insertamum 
+				END::timestamp, 'DD.MM.YYYY HH24:MI:SS') AS lastUpdate, st.bezeichnung, f.name");
+		$this->StandortModel->addJoin('public.tbl_standort st', 'ON (public.tbl_kontakt.standort_id = st.standort_id)', 'LEFT');
+		$this->FirmaModel->addJoin('public.tbl_firma f', 'ON (f.firma_id = st.firma_id)', 'LEFT');
+		$result = $this->KontaktModel->loadWhere(
+			array('person_id' => $person_id)
+		);
+
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		$this->terminateWithSuccess((getData($result) ?: []));
+	}
+
+	public function getKontakttypen()
+	{
+		$this->load->model('person/Kontakttyp_model', 'KontakttypModel');
+
+		$result = $this->KontakttypModel->load();
+		if (isError($result)) {
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		else
+		{
+			$this->terminateWithSuccess(getData($result) ?: []);
+		}
+	}
+
+	public function loadContact($kontakt_id)
+	{
+		$this->load->model('person/Kontakt_model', 'KontaktModel');
+
+		$this->KontaktModel->addSelect('*, public.tbl_kontakt.*');
+		$this->KontaktModel->addSelect('st.kurzbz');
+		$this->KontaktModel->addJoin('public.tbl_standort st', 'ON (public.tbl_kontakt.standort_id = st.standort_id)', 'LEFT');
+		$this->FirmaModel->addJoin('public.tbl_firma f', 'ON (f.firma_id = st.firma_id)', 'LEFT');
+
+		$this->KontaktModel->addLimit(1);
+
+		$result = $this->KontaktModel->loadWhere(
+			array('kontakt_id' => $kontakt_id)
+		);
+		if (isError($result)) {
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		if (!hasData($result))
+		{
+			return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Kontakt_id']), self::ERROR_TYPE_GENERAL);
+		}
+		//	$this->outputJsonSuccess(current(getData($result)));
+		$this->terminateWithSuccess(current(getData($result)));
+	}
+
+	public function addNewContact($person_id)
+	{
+		if(($_POST['kontakttyp'] == 'email' && isset($_POST['kontakt'])))
+		{
+			$this->form_validation->set_rules('kontakt', 'Kontakt', 'required|valid_email', [
+				'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'Kontakt']),
+				'valid_email' => $this->p->t('ui', 'error_fieldNoValidEmail', ['field' => 'Kontakt'])
+			]);
+		}
+		else
+		{
+			$this->form_validation->set_rules('kontakt', 'Kontakt', 'required', [
+				'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'Kontakt'])
+			]);
+		}
+
+		if ($this->form_validation->run() == false)
+		{
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+		}
+
+		$this->load->model('person/Kontakt_model', 'KontaktModel');
+
+		$uid = getAuthUID();
+
+		$kontakttyp = $this->input->post('kontakttyp');
+		$anmerkung = $this->input->post('anmerkung');
+		$kontakt = $this->input->post('kontakt');
+		$ext_id = $this->input->post('ext_id');
+		$standort_id = $this->input->post('standort_id');
+
+		$result = $this->KontaktModel->insert(
+			[
+				'person_id' => $person_id,
+				'kontakttyp' =>  $kontakttyp,
+				'anmerkung' => $anmerkung,
+				'kontakt' => $kontakt,
+				'zustellung' => $_POST['zustellung'],
+				'insertvon' => $uid,
+				'insertamum' => date('c'),
+				'standort_id' => $standort_id,
+				'ext_id' => $ext_id
+			]
+		);
+
+		if (isError($result))
+		{
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		return $this->outputJsonSuccess(true);
+	}
+
+	public function updateContact($kontakt_id)
+	{
+		$this->load->model('person/Kontakt_model', 'KontaktModel');
+
+		if(!$kontakt_id)
+		{
+			return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Kontakt_id']), self::ERROR_TYPE_GENERAL);
+		}
+
+		if(($_POST['kontakttyp'] == 'email' && isset($_POST['kontakt'])))
+		{
+			$this->form_validation->set_rules('kontakt', 'Kontakt', 'required|valid_email', [
+				'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'Kontakt']),
+				'valid_email' => $this->p->t('ui', 'error_fieldNoValidEmail', ['field' => 'Kontakt'])
+			]);
+		}
+		else
+		{
+			$this->form_validation->set_rules('kontakt', 'Kontakt', 'required', [
+				'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'Kontakt'])
+			]);
+		}
+
+		if ($this->form_validation->run() == false)
+		{
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+		}
+
+/*		if(isset($_POST['standort']))
+		{
+			$standort_id = $_POST['standort']['standort_id'];
+		}
+		else
+			$standort_id = null;*/
+
+		$uid = getAuthUID();
+		$kontakttyp = $this->input->post('kontakttyp');
+		$anmerkung = $this->input->post('anmerkung');
+		$kontakt = $this->input->post('kontakt');
+		$ext_id = $this->input->post('ext_id');
+		$person_id = $this->input->post('person_id');
+		$standort_id = $this->input->post('standort_id');
+
+		//return $this->terminateWithError("in update " . $standort_id, self::ERROR_TYPE_GENERAL);
+
+		$result = $this->KontaktModel->update(
+			[
+				'kontakt_id' => $kontakt_id
+			],
+			[
+				'person_id' => $person_id,
+				'kontakttyp' =>  $kontakttyp,
+				'anmerkung' => $anmerkung,
+				'kontakt' => $kontakt,
+				'zustellung' => $_POST['zustellung'],
+				'insertvon' => 	$uid,
+				'insertamum' => date('c'),
+				'standort_id' => $standort_id,
+				'ext_id' => $ext_id
+			]
+		);
+
+		if (isError($result))
+		{
+			return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->outputJsonSuccess(true);
+	}
+
+	public function deleteContact($kontakt_id)
+	{
+		$this->load->model('person/Kontakt_model', 'KontaktModel');
+
+		$result = $this->KontaktModel->delete(
+			array('kontakt_id' => $kontakt_id)
+		);
+
+		if (isError($result))
+		{
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		elseif (!hasData($result))
+		{
+			return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Kontakt_id']), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(current(getData($result)) ? : null);
+	}
+
+	public function getBankverbindung($person_id)
+	{
+		$this->load->model('person/Bankverbindung_model', 'BankverbindungModel');
+
+		$this->BankverbindungModel->addSelect('*');
+
+		$result = $this->BankverbindungModel->loadWhere(
+			array('person_id' => $person_id)
+		);
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		$this->terminateWithSuccess((getData($result) ?: []));
+	}
+
+	public function addNewBankverbindung($person_id)
+	{
+		$this->form_validation->set_rules('iban', 'IBAN', 'required', [
+			'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'IBAN'])
+		]);
+
+		$this->form_validation->set_rules('typ', 'TYP', 'required', [
+			'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'TYP'])
+		]);
+
+		if ($this->form_validation->run() == false)
+		{
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+		}
+
+		$this->load->model('person/Bankverbindung_model', 'BankverbindungModel');
+
+		$ext_id = $this->input->post('ext_id');
+		$oe_kurzbz = $this->input->post('oe_kurzbz');
+		$orgform_kurzbz = $this->input->post('orgform_kurzbz');
+		$name = $this->input->post('name');
+		$anschrift = $this->input->post('anschrift');
+		$bic = $this->input->post('bic');
+		$blz  = $this->input->post('blz');
+		$kontonr = $this->input->post('kontonr');
+
+		$result = $this->BankverbindungModel->insert(
+			[
+				'person_id' => $person_id,
+				'name' => $name,
+				'anschrift' => $anschrift,
+				'bic' => $bic,
+				'iban' => $_POST['iban'],
+				'blz' => $blz,
+				'kontonr' => $kontonr,
+				'insertvon' => 'uid',
+				'insertamum' => date('c'),
+				'typ' => $_POST['typ'],
+				'verrechnung' => $_POST['verrechnung'],
+				'ext_id' => $ext_id,
+				'oe_kurzbz' => $oe_kurzbz,
+				'orgform_kurzbz' => $orgform_kurzbz
+			]
+		);
+		if (isError($result))
+		{
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		return $this->outputJsonSuccess(true);
+	}
+
+	public function loadBankverbindung($bankverbindung_id)
+	{
+		$this->load->model('person/Bankverbindung_model', 'BankverbindungModel');
+
+		$this->BankverbindungModel->addSelect('*');
+
+		$this->BankverbindungModel->addLimit(1);
+
+		$result = $this->BankverbindungModel->loadWhere(
+			array('bankverbindung_id' => $bankverbindung_id)
+		);
+		if (isError($result))
+		{
+			$this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+
+		if (!hasData($result))
+		{
+			return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Bankverbindung_id']), self::ERROR_TYPE_GENERAL);
+		}
+		$this->terminateWithSuccess(current(getData($result)));
+	}
+
+	public function updateBankverbindung($bankverbindung_id)
+	{
+		$this->form_validation->set_rules('iban', 'IBAN', 'required', [
+			'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'IBAN'])
+		]);
+
+		$this->form_validation->set_rules('typ', 'TYP', 'required', [
+			'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'TYP'])
+		]);
+
+		if ($this->form_validation->run() == false)
+		{
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+		}
+
+		$this->load->model('person/Bankverbindung_model', 'BankverbindungModel');
+
+		if(!$bankverbindung_id)
+		{
+			return $this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=> 'Bankverbindung_id']), self::ERROR_TYPE_GENERAL);
+		}
+
+		$uid = getAuthUID();
+
+		$result = $this->BankverbindungModel->update(
+			[
+				'bankverbindung_id' => $bankverbindung_id
+			],
+			[
+				'person_id' => $_POST['person_id'],
+				'name' => $_POST['name'],
+				'anschrift' => $_POST['anschrift'],
+				'bic' => $_POST['bic'],
+				'iban' => $_POST['iban'],
+				'blz' => $_POST['blz'],
+				'kontonr' => $_POST['kontonr'],
+				'updatevon' => $uid,
+				'updateamum' => date('c'),
+				'typ' => $_POST['typ'],
+				'verrechnung' => $_POST['verrechnung'],
+				'ext_id' => $_POST['ext_id'],
+				'oe_kurzbz' => $_POST['oe_kurzbz'],
+				'orgform_kurzbz' => $_POST['orgform_kurzbz']
+			]
+		);
+
+		if (isError($result))
+		{
+			return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->outputJsonSuccess(true);
+	}
+
+	public function deleteBankverbindung($bankverbindung_id)
+	{
+		$this->load->model('person/Bankverbindung_model', 'BankverbindungModel');
+
+		$result = $this->BankverbindungModel->delete(
+			array('bankverbindung_id' => $bankverbindung_id)
+		);
+
+		if (isError($result))
+		{
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		if (!hasData($result))
+		{
+			$this->outputJson($result);
+		}
+		return $this->terminateWithSuccess(current(getData($result)) ? : null);
+	}
+
+	public function validateLocationCombination()
+	{
+		$this->load->model('codex/Gemeinde_model', 'GemeindeModel');
+
+		return $this->GemeindeModel->checkLocation($_POST['plz'], $_POST['gemeinde'], $_POST['ort']);
+	}
+}

application/controllers/api/frontend/v1/stv/Konto.php

@@ -0,0 +1,495 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+
+use CI3_Events as Events;
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the back-end
+ * Provides data to the ajax get calls about a Konto
+ * Listens to ajax post calls to change the Konto data
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Konto extends FHCAPI_Controller
+{
+	/**
+	 * Calls the parent's constructor and prepares libraries and phrases
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'get' => 'student/stammdaten:r',
+			'getBuchungstypen' => self::PERM_LOGGED,
+			'checkDoubles' => ['admin:r', 'assistenz:r'],
+			'insert' => ['admin:w', 'assistenz:w'],
+			'counter' => ['admin:w', 'assistenz:w'],
+			'update' => ['admin:w', 'assistenz:w'],
+			'delete' => ['admin:w', 'assistenz:w']
+		]);
+
+		// Load models
+		$this->load->model('crm/Konto_model', 'KontoModel');
+
+		// Load language phrases
+		$this->loadPhrases([
+			'konto'
+		]);
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Get details for a prestudent
+	 *
+	 * @return void
+	 */
+	public function get()
+	{
+		$this->load->library('form_validation');
+
+		$person_id = $this->input->post('person_id');
+		if (!$person_id || !is_array($person_id)) {
+			$this->form_validation->set_rules('person_id', 'Person ID', 'required');
+
+			if (!$this->form_validation->run())
+				$this->terminateWithValidationErrors($this->form_validation->error_array());
+		}
+
+
+		$studiengang_kz = $this->input->post('studiengang_kz');
+
+		if ($this->input->post('only_open')) {
+			$result = $this->KontoModel->getOffeneBuchungen($person_id, $studiengang_kz);
+		} else {
+			$result = $this->KontoModel->getAlleBuchungen($person_id, $studiengang_kz);
+		}
+
+		$result = $this->getDataOrTerminateWithError($result);
+
+		// sort into tree
+		$childs = [];
+		$data = [];
+		foreach ($result as $entry) {
+			if ($entry->buchungsnr_verweis) {
+				if (isset($data[$entry->buchungsnr_verweis])) {
+					if (!isset($data[$entry->buchungsnr_verweis]->_children))
+						$data[$entry->buchungsnr_verweis]->_children = [];
+					$data[$entry->buchungsnr_verweis]->_children[] = $entry;
+				} else {
+					if (!isset($childs[$entry->buchungsnr_verweis]))
+						$childs[$entry->buchungsnr_verweis] = [];
+					$childs[$entry->buchungsnr_verweis][] = $entry;
+				}
+			} else {
+				$data[$entry->buchungsnr] = $entry;
+				if (isset($childs[$entry->buchungsnr]))
+					$entry->_children = $childs[$entry->buchungsnr];
+			}
+		}
+
+		$this->terminateWithSuccess(array_values($data));
+	}
+
+	/**
+	 * Get list of Buchungstypen
+	 *
+	 * @return void
+	 */
+	public function getBuchungstypen()
+	{
+		$this->load->model('crm/Buchungstyp_model', 'BuchungstypModel');
+
+		$result = $this->BuchungstypModel->load();
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	/**
+	 * Check double Buchungen
+	 *
+	 * @return void
+	 */
+	public function checkDoubles()
+	{
+		if (!defined('FAS_DOPPELTE_BUCHUNGSTYPEN_CHECK') || !FAS_DOPPELTE_BUCHUNGSTYPEN_CHECK)
+			$this->terminateWithSuccess(false);
+
+		$this->load->library('form_validation');
+
+		$person_ids = $this->input->post('person_id');
+
+		if (!$person_ids || !is_array($person_ids)) {
+			$person_ids = [$person_ids];
+			$this->form_validation->set_rules('person_id', 'Person ID', 'required');
+		}
+		$this->form_validation->set_rules('studiensemester_kurzbz', 'Studiensemester', 'required');
+		$this->form_validation->set_rules('buchungstyp_kurzbz', 'Buchungstyp', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+
+		$buchungstypen = unserialize(FAS_DOPPELTE_BUCHUNGSTYPEN_CHECK);
+		$buchung = $this->input->post('buchungstyp_kurzbz');
+		
+		if (!isset($buchungstypen[$buchung]))
+			$this->terminateWithSuccess(false);
+
+		$result = $this->KontoModel->checkDoubleBuchung($person_ids, $this->input->post('studiensemester_kurzbz'), $buchungstypen[$buchung]);
+
+		$result = $this->getDataOrTerminateWithError($result);
+
+		if (!$result)
+			$this->terminateWithSuccess(false);
+
+		$persons = array_map(function ($row) {
+			return $row->nachname . ' ' . $row->vorname;
+		}, $result);
+		
+		$result = $this->p->t('konto', 'confirm_overwrite') . "\n";
+		if (count($persons) > 10) {
+			$result .= "-" . implode("\n-", array_slice($persons, 0, 10)) . "\n";
+			
+			if (count($persons) == 11) {
+				$result .= "\n" . $this->p->t('konto', 'confirm_overwrite_1_add_pers');
+			} else {
+				$result .= "\n" . $this->p->t('konto', 'confirm_overwrite_x_add_pers', [
+					'x' => count($persons) - 10
+				]);
+			}
+		} else {
+			$result .= "-" . implode("\n-", $persons) . "\n";
+		}
+		$result .= $this->p->t('konto', 'confirm_overwrite_proceed');
+
+		$this->addError($result, 'confirm');
+
+		$this->terminateWithSuccess(true);
+	}
+
+
+	/**
+	 * Save Buchung
+	 *
+	 * @return void
+	 */
+	public function insert()
+	{
+		$this->load->library('form_validation');
+
+		$person_ids = $this->input->post('person_id');
+
+		if (!$person_ids || !is_array($person_ids)) {
+			$person_ids = [$person_ids];
+			$this->form_validation->set_rules('person_id', 'Person ID', 'required');
+		}
+		$this->form_validation->set_rules('betrag', 'Betrag', 'numeric');
+		$this->form_validation->set_rules('buchungsdatum', 'Buchungsdatum', 'is_valid_date');
+		$this->form_validation->set_rules('buchungstext', 'Buchungstext', 'max_length[256]');
+		$this->form_validation->set_rules('mahnspanne', 'Mahnspanne', 'integer');
+		$this->form_validation->set_rules('buchungstyp_kurzbz', 'Buchungstyp', 'required|max_length[32]');
+		$this->form_validation->set_rules('studiensemester_kurzbz', 'Studiensemester', 'required|max_length[16]');
+		$this->form_validation->set_rules('studiengang_kz', 'Studiengang', 'required|has_permissions_for_stg[admin:rw,assistenz:rw]');
+		$this->form_validation->set_rules('credit_points', 'Credit Points', 'numeric');
+
+		Events::trigger('konto_insert_validation', $this->form_validation);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+
+		$allowed = [
+			'betrag',
+			'buchungsdatum',
+			'buchungstext',
+			'mahnspanne',
+			'buchungstyp_kurzbz',
+			'studiensemester_kurzbz',
+			'studiengang_kz',
+			'credit_points',
+			'anmerkung'
+		];
+		$data = [
+			'insertamum' => date('c'),
+			'insertvon' => getAuthUID()
+		];
+		foreach ($allowed as $field)
+			if ($this->input->post($field) !== null)
+				$data[$field] = $this->input->post($field);
+
+		if (defined('FAS_BUCHUNGSTYP_FIXE_KOSTENSTELLE') && isset(unserialize(FAS_BUCHUNGSTYP_FIXE_KOSTENSTELLE)[$data['buchungstyp_kurzbz']])) {
+			$data['kostenstelle'] = unserialize(FAS_BUCHUNGSTYP_FIXE_KOSTENSTELLE)[$data['buchungstyp_kurzbz']];
+		}
+
+		$result = [];
+		foreach ($person_ids as $person_id) {
+			$id = $this->KontoModel->insert(array_merge($data, ['person_id' => $person_id]));
+			if (isError($id)) {
+				$this->addError(getError($id), self::ERROR_TYPE_DB);
+			} else {
+				$kontodata = $this->KontoModel->withAdditionalInfo()->load(getData($id));
+				if (isError($kontodata))
+					$this->addError(getError($kontodata), self::ERROR_TYPE_DB);
+				else
+					$result[] = current(getData($kontodata));
+			}
+		}
+
+		if ($result)
+			$this->terminateWithSuccess($result);
+
+		$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
+	}
+
+	/**
+	 * Save Counter Buchung
+	 *
+	 * @return void
+	 */
+	public function counter()
+	{
+		$this->load->library('form_validation');
+
+		$buchungsnrs = $this->input->post('buchungsnr');
+
+		if (!$buchungsnrs || !is_array($buchungsnrs)) {
+			$buchungsnrs = $buchungsnrs ? [$buchungsnrs] : [];
+			$this->form_validation->set_rules('buchungsnr', 'Buchungsnr', 'required');
+		}
+		$this->form_validation->set_rules('buchungsdatum', 'Buchungsdatum', 'is_valid_date');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$data = [];
+		$rules = [];
+		foreach ($buchungsnrs as $k => $buchungsnr) {
+			$result = $this->KontoModel->load($buchungsnr);
+			if (isError($result)) {
+				$rules[] = [
+					'field' => 'buchung[' . $k . ']',
+					'label' => 'Buchung #' . $buchungsnr,
+					'rules' => 'required',
+					'errors' => [
+						'required' => getError($result)
+					]
+				];
+			} elseif (!hasData($result)) {
+				$rules[] = [
+					'field' => 'buchung[' . $k . ']',
+					'label' => 'Buchung #' . $buchungsnr,
+					'rules' => 'required'
+				];
+			} else {
+				$data[$k] = get_object_vars(current(getData($result)));
+				$rules[] = [
+					'field' => 'buchung[' . $k . '][buchungsnr]',
+					'label' => 'Buchung # ' . $buchungsnr,
+					'rules' => 'required|numeric'
+				];
+				$rules[] = [
+					'field' => 'buchung[' . $k . '][studiengang_kz]',
+					'label' => 'Buchung # ' . $buchungsnr,
+					'rules' => 'required|has_permissions_for_stg[admin:rw,assistenz:rw]'
+				];
+				$rules[] = [
+					'field' => 'buchung[' . $k . '][buchungsnr_verweis]',
+					'label' => 'Buchung # ' . $buchungsnr,
+					'rules' => 'regex_match[/^$/]',
+					'errors' => [
+						'regex_match' => $this->p->t('konto', 'error_counter_level')
+					]
+				];
+			}
+		}
+		
+		$this->form_validation->reset_validation();
+		$this->form_validation->set_data(['buchung' => $data]);
+		$this->form_validation->set_rules($rules);
+		
+		Events::trigger('konto_counter_validation', $this->form_validation);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$buchungsdatum = $this->input->post('buchungsdatum');
+
+		$newItems = [];
+		foreach ($data as $buchung) {
+			$result = $this->KontoModel->getDifferenz($buchung['buchungsnr']);
+			if (isError($result)) {
+				$this->addError(getError($result), self::ERROR_TYPE_GENERAL);
+				continue;
+			}
+			$betrag = $result->retval;
+			if ($betrag === null) {
+				$this->addError($this->p->t(
+					'konto',
+					'error_missing',
+					$buchung
+				), self::ERROR_TYPE_GENERAL);
+				continue;
+			}
+
+
+			$result = $this->KontoModel->insert([
+				'person_id' => $buchung['person_id'],
+				'studiengang_kz' => $buchung['studiengang_kz'],
+				'studiensemester_kurzbz' => $buchung['studiensemester_kurzbz'],
+				'buchungstext' => $buchung['buchungstext'],
+				'buchungstyp_kurzbz' => $buchung['buchungstyp_kurzbz'],
+				'credit_points' => $buchung['credit_points'],
+				'zahlungsreferenz' => $buchung['zahlungsreferenz'],
+				'betrag' => $betrag,
+				'buchungsdatum' => $buchungsdatum,
+				'mahnspanne' => '0',
+				'buchungsnr_verweis' => $buchung['buchungsnr'],
+				'insertamum' => date('c'),
+				'insertvon' => getAuthUID(),
+				'anmerkung' => ''
+			]);
+			if (isError($result)) {
+				$this->addError(getError($result), self::ERROR_TYPE_GENERAL);
+				continue;
+			}
+
+			$newItems = null;
+			// TODO(chris): get as tree?
+			/*$result = $this->KontoModel->withAdditionalInfo()->load($result->retval);
+			if (!hasData($result))
+				$newItems = null;
+			elseif ($newItems !== null)
+				$newItems[] = current(getData($result));*/
+		}
+
+		$this->terminateWithSuccess($newItems);
+	}
+
+	/**
+	 * Save Buchung
+	 *
+	 * @return void
+	 */
+	public function update()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('buchungsnr', 'Buchungsnr', 'required');
+		$this->form_validation->set_rules('betrag', 'Betrag', 'numeric');
+		$this->form_validation->set_rules('buchungsdatum', 'Buchungsdatum', 'is_valid_date');
+		$this->form_validation->set_rules('buchungstext', 'Buchungstext', 'max_length[256]');
+		$this->form_validation->set_rules('mahnspanne', 'Mahnspanne', 'integer');
+		$this->form_validation->set_rules('buchungstyp_kurzbz', 'Buchungstyp', 'required|max_length[32]');
+		$this->form_validation->set_rules('studiensemester_kurzbz', 'Studiensemester', 'required|max_length[16]');
+		$this->form_validation->set_rules('studiengang_kz', 'Studiengang', 'required|has_permissions_for_stg[admin:rw,assistenz:rw]');
+		$this->form_validation->set_rules('credit_points', 'Credit Points', 'numeric');
+
+		Events::trigger('konto_update_validation', $this->form_validation);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+
+		$id = $this->input->post('buchungsnr');
+		$allowed = [
+			'betrag',
+			'buchungsdatum',
+			'buchungstext',
+			'mahnspanne',
+			'buchungstyp_kurzbz',
+			'studiensemester_kurzbz',
+			'studiengang_kz',
+			'credit_points',
+			'anmerkung'
+		];
+		$data = [
+			'updateamum' => date('c'),
+			'updatevon' => getAuthUID()
+		];
+		foreach ($allowed as $field)
+			if ($this->input->post($field) !== null)
+				$data[$field] = $this->input->post($field);
+
+		$result = $this->KontoModel->update($id, $data);
+
+		$this->getDataOrTerminateWithError($result);
+
+		$result = null;
+		// TODO(chris): get as tree?
+		/*$result = $this->KontoModel->withAdditionalInfo()->load($id);
+		
+		#$result = $this->getDataOrTerminateWithError($result);
+		if (isError($result))
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		$result = $result->retval;*/
+
+		$this->terminateWithSuccess($result);
+	}
+
+	/**
+	 * Delete Buchung
+	 *
+	 * @return void
+	 */
+	public function delete()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('buchungsnr', 'Buchungsnr', 'required');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+
+		$buchungsnr = $this->input->post('buchungsnr');
+
+		$result = $this->KontoModel->load($buchungsnr);
+
+		$result = $this->getDataOrTerminateWithError($result);
+
+		if (!$result)
+			$this->terminateWithError($this->p->t('konto', 'error_missing', [
+				'buchungsnr' => $buchungsnr
+			]));
+
+		$_POST['studiengang_kz'] = current($result)->studiengang_kz;
+
+		$this->form_validation->set_rules('studiengang_kz', 'Studiengang', 'has_permissions_for_stg[admin:rw,assistenz:rw]');
+
+		Events::trigger('konto_delete_validation', $this->form_validation);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+
+		Events::trigger('konto_delete', $buchungsnr);
+		
+		$result = $this->KontoModel->delete($buchungsnr);
+		if (isError($result)) {
+			if (getCode($result) != 42)
+				$this->terminateWithError(getError($result));
+			$this->terminateWithError($this->p->t('konto', 'error_delete_level'));
+		}
+
+		$this->terminateWithSuccess();
+	}
+}

application/controllers/api/frontend/v1/stv/Lists.php

@@ -0,0 +1,147 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the back-end
+ * Provides data to the ajax get calls about generally used lists
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Lists extends FHCAPI_Controller
+{
+	public function __construct()
+	{
+		parent::__construct([
+			'getStudiensemester' => self::PERM_LOGGED,
+			'getStgs' => self::PERM_LOGGED,
+			'getSprachen' => self::PERM_LOGGED,
+			'getGeschlechter' => self::PERM_LOGGED,
+			'getAusbildungen' => self::PERM_LOGGED,
+			'getOrgforms' => self::PERM_LOGGED,
+			'getStati' => self::PERM_LOGGED
+		]);
+	}
+
+	public function getStudiensemester()
+	{
+		$this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel');
+
+		$this->StudiensemesterModel->addOrder('ende');
+
+		$result = $this->StudiensemesterModel->load();
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	public function getStgs()
+	{
+		$this->load->model('organisation/Studiengang_model', 'StudiengangModel');
+
+		$this->StudiengangModel->addSelect('*');
+		$this->StudiengangModel->addSelect('UPPER(typ || kurzbz) AS kuerzel');
+
+		$this->StudiengangModel->addOrder('typ');
+		$this->StudiengangModel->addOrder('kurzbz');
+
+		$result = $this->StudiengangModel->load();
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	public function getSprachen()
+	{
+		$this->load->model('system/Sprache_model', 'SpracheModel');
+
+		$this->SpracheModel->addOrder('sprache');
+
+		$result = $this->SpracheModel->load();
+		$data = $this->getDataOrTerminateWithError($result);
+		
+		$this->terminateWithSuccess($data);
+	}
+
+	public function getGeschlechter()
+	{
+		$this->load->model('person/Geschlecht_model', 'GeschlechtModel');
+
+		$this->GeschlechtModel->addOrder('sort');
+		$this->GeschlechtModel->addOrder('geschlecht');
+
+		$this->GeschlechtModel->addSelect('*');
+		#$this->GeschlechtModel->addTranslatedSelect("bezeichnung_mehrsprachig", "bezeichnung");
+		$this->GeschlechtModel->addSelect("bezeichnung_mehrsprachig[(SELECT index FROM public.tbl_sprache WHERE sprache=" . $this->GeschlechtModel->escape(DEFAULT_LANGUAGE) . " LIMIT 1)] AS bezeichnung");
+
+		$result = $this->GeschlechtModel->load();
+		$data = $this->getDataOrTerminateWithError($result);
+		
+		$this->terminateWithSuccess($data);
+	}
+
+	public function getAusbildungen()
+	{
+		$this->load->model('codex/Ausbildung_model', 'AusbildungModel');
+
+		$this->AusbildungModel->addOrder('ausbildungcode');
+
+		$result = $this->AusbildungModel->load();
+		$data = $this->getDataOrTerminateWithError($result);
+		
+		$this->terminateWithSuccess($data);
+	}
+
+	public function getOrgforms()
+	{
+		$this->load->model('codex/Orgform_model', 'OrgformModel');
+
+		$this->OrgformModel->addOrder('bezeichnung');
+
+		$result = $this->OrgformModel->loadWhere(['rolle' => true]);
+		$data = $this->getDataOrTerminateWithError($result);
+		
+		$this->terminateWithSuccess($data);
+	}
+
+	public function getStati()
+	{
+		$lang = getUserLanguage();
+		$this->load->model('crm/Status_model', 'StatusModel');
+
+		$this->StatusModel->addSelect('*');
+		#$this->StatusModel->addTranslatedSelect('bezeichnung_mehrsprachig', 'bezeichnung');
+		$this->StatusModel->addSelect(
+			'bezeichnung_mehrsprachig[(
+				SELECT index
+				FROM public.tbl_sprache
+				WHERE sprache=' . $this->StatusModel->escape($lang) . '
+				LIMIT 1
+			)] AS bezeichnung',
+			false
+		);
+		#$this->StatusModel->addOrder('ext_id');
+
+		$result = $this->StatusModel->load();
+		$data = $this->getDataOrTerminateWithError($result);
+		
+		$this->terminateWithSuccess($data);
+	}
+}

application/controllers/api/frontend/v1/stv/Notiz.php

@@ -0,0 +1,384 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+use \DateTime as DateTime;
+
+class Notiz extends Notiz_Controller
+{
+	public function __construct()
+	{
+		parent::__construct([
+			'getUid' => ['admin:r', 'assistenz:r'],
+			'getNotizen' => ['admin:r', 'assistenz:r'],
+			'loadNotiz' => ['admin:r', 'assistenz:r'], // TODO(manu): self::PERM_LOGGED
+			'addNewNotiz' => ['admin:rw', 'assistenz:rw'], // TODO(manu): self::PERM_LOGGED
+			'updateNotiz' => ['admin:rw', 'assistenz:rw'], // TODO(manu): self::PERM_LOGGED
+			'deleteNotiz' => ['admin:r', 'assistenz:r'],
+			'loadDokumente' => ['admin:r', 'assistenz:r'],
+			'getMitarbeiter' => ['admin:r', 'assistenz:r']
+		]);
+
+		//Load Models
+		$this->load->model('person/Notiz_model', 'NotizModel');
+		$this->load->model('person/Notizzuordnung_model', 'NotizzuordnungModel');
+
+		// Load Libraries
+		$this->load->library('VariableLib', ['uid' => getAuthUID()]);
+
+		// Load language phrases
+		$this->loadPhrases([
+			'ui'
+		]);
+	}
+
+/*	public function getUid()
+	{
+		$this->terminateWithSuccess(getAuthUID());
+	}*/
+
+
+	public function getNotizen($id, $type)
+	{
+
+		//check if valid type
+		$result = $this->NotizzuordnungModel->isValidType($type);
+		if(isError($result))
+			$this->terminateWithError($result->retval, self::ERROR_TYPE_GENERAL);
+
+		//$this->terminateWithError(" after check type not valid", self::ERROR_TYPE_GENERAL);
+		$result = $this->NotizModel->getNotizWithDocEntries($id, $type);
+
+		if (isError($result)) {
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(getData($result) ?: []);
+
+		//	return $this->terminateWithError("type not valid", self::ERROR_TYPE_GENERAL);
+
+	}
+
+/*	public function loadNotiz()
+	{
+		$_POST = json_decode(utf8_encode($this->input->raw_input_stream), true);
+
+		$notiz_id = $this->input->post('notiz_id');
+
+		//$this->load->model('person/Notiz_model', 'NotizModel');
+		$this->NotizModel->addJoin('public.tbl_notiz_dokument', 'notiz_id', 'LEFT');
+		$this->NotizModel->addSelect('*');
+		$this->NotizModel->addSelect("TO_CHAR(CASE WHEN public.tbl_notiz.updateamum >= public.tbl_notiz.insertamum 
+			THEN public.tbl_notiz.updateamum ELSE public.tbl_notiz.insertamum END::timestamp, 'DD.MM.YYYY HH24:MI:SS') AS lastUpdate");
+		$this->NotizModel->addLimit(1);
+
+		$result = $this->NotizModel->loadWhere(
+			array('notiz_id' => $notiz_id)
+		);
+		if (isError($result))
+		{
+			$this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		elseif (!hasData($result))
+		{
+			$this->terminateWithError($this->p->t('ui', 'error_missingId', ['id'=>'Notiz_id']), self::ERROR_TYPE_GENERAL);
+		}
+		else
+		{
+			$this->terminateWithSuccess(current(getData($result)));
+		}
+	}
+
+
+	public function updateNotiz()
+	{
+		$this->load->library('form_validation');
+		$this->load->library('DmsLib');
+
+		if (isset($_POST['data']))
+		{
+			$data = json_decode($_POST['data']);
+			unset($_POST['data']);
+			foreach ($data as $k => $v) {
+				$_POST[$k] = $v;
+			}
+		}
+
+		$notiz_id = $this->input->post('notiz_id');
+
+		if(!$notiz_id)
+		{
+			$this->terminateWithError($this->p->t('ui','error_missingId',['id'=>'Notiz_id']), self::ERROR_TYPE_GENERAL);
+		}
+
+		//Form Validation
+		$this->form_validation->set_rules('titel', 'Titel', 'required', [
+			'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'Titel'])
+		]);
+
+		$this->form_validation->set_rules('text', 'Text', 'required', [
+			'required' => $this->p->t('ui', 'error_fieldRequired', ['field' => 'Text'])
+		]);
+
+		if ($this->form_validation->run() == false)
+		{
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+		}
+
+		//update Notiz
+		$uid = getAuthUID();
+		$titel = $this->input->post('titel');
+		$text = $this->input->post('text');
+		$verfasser_uid = $this->input->post('verfasser');
+		$bearbeiter_uid = isset($_POST['bearbeiter']) ? $_POST['bearbeiter'] : $uid;
+		$erledigt = $this->input->post('erledigt');
+		$start = $this->input->post('start');
+		$ende = $this->input->post('ende');
+
+		$result = $this->NotizModel->update(
+			[
+				'notiz_id' => $notiz_id
+			],
+			[
+				'titel' =>  $titel,
+				'updatevon' => $uid,
+				'updateamum' => date('c'),
+				'text' => $text,
+				'verfasser_uid' => $verfasser_uid,
+				'bearbeiter_uid' => $bearbeiter_uid,
+				'start' => $start,
+				'ende' => $ende,
+				'erledigt' => $erledigt
+			]
+		);
+		if (isError($result))
+		{
+			return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+
+		//update(1) laden aller bereits mit dieser notiz_id verknüpften DMS-Einträge
+		$this->load->model('person/Notizdokument_model', 'NotizdokumentModel');
+		$this->NotizdokumentModel->addJoin('campus.tbl_dms_version', 'dms_id');
+		$dms_uploaded = null;
+
+		$result = $this->NotizdokumentModel->loadWhere(array('notiz_id' => $notiz_id));
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		elseif (!hasData($result))
+		{
+			$dms_id_arr = null;
+		}
+		else
+		{
+			$result = getData($result);
+			foreach($result as $doc) {
+				$dms_id_arr[] = array(
+					'name' => $doc->name,
+					'dms_id' => $doc->dms_id
+				);
+			}
+		}
+
+		foreach ($_FILES as $k => $file)
+		{
+			//update(2) alle neuen files (alle außer type application/x.fhc-dms+json) anhängen
+			if($file["type"] == 'application/x.fhc-dms+json')
+			{
+				$dms_uploaded[] = array(
+					'name' => $file["name"]
+				);
+			}
+			else
+			{
+				$dms = array(
+					'kategorie_kurzbz'  => 'notiz',
+					'version'           => 0,
+					'name'              => $file["name"],
+					'mimetype'          => $file["type"],
+					'insertamum'        => date('c'),
+					'insertvon'         => $uid
+				);
+
+				//Todo(manu) check if filetypes weiter eingeschränkt werden sollen
+				//Todo(manu)check name files: nicht gleiches file 2mal hochladen
+				$result = $this->dmslib->upload($dms, $k, array('*'));
+
+				if (isError($result))
+				{
+					return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+				}
+				$dms_id = $result->retval['dms_id'];
+
+				$result = $this->NotizdokumentModel->insert(array('notiz_id' => $notiz_id, 'dms_id' => $dms_id));
+				if (isError($result))
+				{
+					return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+				}
+			}
+		}
+
+		//update(3) check if Dateien gelöscht wurden
+		if(count($dms_uploaded) != count($dms_id_arr))
+		{
+			if (count($dms_uploaded) == 0)
+			{
+				$filesDeleted = $dms_id_arr;
+			}
+			else
+			{
+				$upload_new_names = array_column($dms_uploaded, "name");
+
+				$filesDeleted = array_filter($dms_id_arr, function ($file) use ($upload_new_names) {
+					return !in_array($file["name"], $upload_new_names);
+				});
+			}
+
+			foreach ($filesDeleted as $file)
+			{
+				$result = $this->dmslib->removeAll($file['dms_id']);
+
+				if (isError($result))
+				{
+					return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+				}
+				else
+					$this->outputJson($result);
+			}
+		}
+		return $this->terminateWithSuccess($result);
+	}*/
+
+
+/*	public function deleteNotiz()
+	{
+		$_POST = json_decode(utf8_encode($this->input->raw_input_stream), true);
+		$notiz_id = $this->input->post('notiz_id');
+		$type = $this->input->post('type_id');
+		$id = $this->input->post('id');
+
+		//dms_id auslesen aus notizdokument wenn vorhanden
+		$dms_id_arr = [];
+		$this->load->model('person/Notizdokument_model', 'NotizdokumentModel');
+
+		$result = $this->NotizdokumentModel->loadWhere(array('notiz_id' => $notiz_id));
+
+		if (isError($result))
+		{
+			return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+
+		if(hasData($result))
+		{
+			$result = getData($result);
+			foreach ($result as $doc) {
+				$dms_id_arr[] = $doc->dms_id;
+			}
+		}
+
+		if($dms_id_arr)
+		{
+			$this->load->library('DmsLib');
+			foreach($dms_id_arr as $dms_id)
+			{
+				$result = $this->dmslib->removeAll($dms_id);
+
+				if (isError($result))
+				{
+					return $this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+				}
+
+				$this->outputJson($result);
+			}
+		}
+
+		//delete Notizzuordnung
+		if($type == "software_id")
+		{
+			// Loads extension Model
+			$this->load->model('extensions/FHC-Core-Softwarebereitstellung/Softwarenotizzuordnung_model', 'ExtensionnotizzuordnungModel');
+			$result = $this->ExtensionnotizzuordnungModel->delete([
+				'notiz_id' => $notiz_id,
+				'id' => strval($id)
+				],
+				[
+				'type_id' => $type
+			]);
+
+		}
+		else
+		{
+			//notizzuordnungsid!
+			$result = $this->NotizzuordnungModel->delete(['notiz_id' => $notiz_id, $type => $id]);
+		}
+
+
+		$this->load->model('person/Notiz_model', 'NotizModel');
+		//$this->NotizModel->addJoin('public.tbl_notizzuordnung', 'notiz_id');
+
+		//TODO (erweitern um Type_id) für Extensions, damit auch Notizzuordnung gelöscht werden kann
+
+		//Löschen von Notiz
+		$result = $this->NotizModel->delete(
+			array('notiz_id' => $notiz_id)
+		);
+
+		if (isError($result))
+		{
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		if(!hasData($result))
+		{
+			return $this->terminateWithError($this->p->t('ui','error_missingId', ['id'=> 'Notiz_id']), self::ERROR_TYPE_GENERAL);
+		}
+
+		return $this->terminateWithSuccess(current(getData($result)));
+	}*/
+
+/*	public function loadDokumente()
+	{
+		$_POST = json_decode(utf8_encode($this->input->raw_input_stream), true);
+		$notiz_id = $this->input->post('notiz_id');
+
+		$this->NotizModel->addSelect('campus.tbl_dms_version.*');
+
+		$this->NotizModel->addJoin('public.tbl_notiz_dokument', 'ON (public.tbl_notiz_dokument.notiz_id = public.tbl_notiz.notiz_id)');
+		$this->NotizModel->addJoin('campus.tbl_dms_version', 'ON (public.tbl_notiz_dokument.dms_id = campus.tbl_dms_version.dms_id)');
+
+		$result = $this->NotizModel->loadWhere(
+			array('public.tbl_notiz.notiz_id' => $notiz_id)
+		);
+		if (isError($result)) {
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+
+		if(!hasData($result))
+		{
+			return $this->terminateWithError($this->p->t('ui','error_missingId', ['id'=> 'Notiz_id']), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(getData($result));
+	}*/
+
+/*	public function getMitarbeiter($searchString)
+	{
+		$this->load->model('ressource/Mitarbeiter_model', 'MitarbeiterModel');
+		$result = $this->MitarbeiterModel->searchMitarbeiter($searchString);
+		if (isError($result)) {
+			$this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess($result);
+	}*/
+
+	public function isBerechtigt($id, $typeId)
+	{
+		if(!$this->permissionlib->isBerechtigt('admin', 'suid') && !$this->permissionlib->isBerechtigt('assistenz', 'suid'))
+		{
+			$result =  $this->p->t('lehre','error_keineSchreibrechte');
+
+			return $this->terminateWithError($result, self::ERROR_TYPE_GENERAL);
+		}
+		return success("berechtigt in überschreibender Funktion");
+/*		return $this->terminateWithError('keine Berechtigung bro', self::ERROR_TYPE_GENERAL);*/
+	}
+
+}

application/controllers/api/frontend/v1/stv/Prestudent.php

@@ -0,0 +1,299 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+use \DateTime as DateTime;
+
+class Prestudent extends FHCAPI_Controller
+{
+	public function __construct()
+	{
+		parent::__construct([
+			'get' => ['admin:r', 'assistenz:r'],
+			'updatePrestudent' =>  ['admin:rw', 'assistenz:rw'],
+			'getHistoryPrestudents' => ['admin:r', 'assistenz:r'],
+			'getBezeichnungZGV' => ['admin:r', 'assistenz:r'],
+			'getBezeichnungDZgv' => ['admin:r', 'assistenz:r'],
+			'getBezeichnungMZgv' => ['admin:r', 'assistenz:r'],
+			'getAusbildung' => ['admin:r', 'assistenz:r'],
+			'getAufmerksamdurch' => ['admin:r', 'assistenz:r'],
+			'getBerufstaetigkeit' => ['admin:r', 'assistenz:r'],
+			'getTypenStg' => ['admin:r', 'assistenz:r'],
+			'getStudienplaene' => ['admin:r', 'assistenz:r'],
+			'getStudiengang' => ['admin:r', 'assistenz:r']
+		]);
+
+		if ($this->router->method == 'updatePrestudent') {
+			$prestudent_id = current(array_slice($this->uri->rsegments, 2));
+			$this->checkPermissionsForPrestudent($prestudent_id, ['admin:rw', 'assistenz:rw']);
+		} elseif ($this->router->method == 'get'
+			|| $this->router->method == 'getStudienplaene'
+			|| $this->router->method == 'getStudiengang'
+		) {
+			$prestudent_id = current(array_slice($this->uri->rsegments, 2));
+			$this->checkPermissionsForPrestudent($prestudent_id, ['admin:r', 'assistenz:r']);
+		} elseif ($this->router->method == 'getHistoryPrestudents') {
+			$person_id = current(array_slice($this->uri->rsegments, 2));
+			$this->checkPermissionsForPerson($person_id, ['admin:r', 'assistenz:r'], ['admin:r', 'assistenz:r']);
+		}
+
+		// Load Libraries
+		$this->load->library('VariableLib', ['uid' => getAuthUID()]);
+
+		// Load language phrases
+		$this->loadPhrases([
+			'ui', 'studierendenantrag', 'lehre'
+		]);
+	}
+
+	public function get($prestudent_id)
+	{
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+
+		$this->PrestudentModel->addSelect('*');
+		$result = $this->PrestudentModel->loadWhere(['prestudent_id' => $prestudent_id]);
+
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		if(!hasData($result))
+		{
+			return show_404();
+		}
+		$this->terminateWithSuccess(current(getData($result)));
+	}
+
+	public function updatePrestudent($prestudent_id)
+	{
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+
+		// UDF
+		$this->load->library('UDFLib');
+		
+		$result = $this->udflib->getCiValidations($this->PrestudentModel, $this->input->post());
+		$udf_field_validations = $this->getDataOrTerminateWithError($result);
+
+		//Form validation
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules($udf_field_validations);
+
+		$this->form_validation->set_rules('priorisierung', 'Priorisierung', 'numeric', [
+			'numeric' => $this->p->t('ui', 'error_fieldNotNumeric', ['field' => 'Priorisierung'])
+		]);
+
+		if ($this->form_validation->run() == false)
+		{
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+		}
+
+		$uid = getAuthUID();
+
+		$array_allowed_props_prestudent = [
+			'aufmerksamdurch_kurzbz',
+			'studiengang_kz',
+			'gsstudientyp_kurzbz',
+			'person_id',
+			'berufstaetigkeit_code',
+			'ausbildungcode',
+			'zgv_code',
+			'zgvort',
+			'zgvdatum',
+			'zgvnation',
+			'zgvmas_code',
+			'zgvmaort',
+			'zgvmadatum',
+			'zgvmanation',
+			'facheinschlberuf',
+			'bismelden',
+			'anmerkung',
+			'dual',
+			'zgvdoktor_code',
+			'zgvdoktorort',
+			'zgvdoktordatum',
+			'zgvdoktornation',
+			'aufnahmegruppe_kurzbz',
+			'priorisierung',
+			'foerderrelevant',
+			'zgv_erfuellt',
+			'zgvmas_erfuellt',
+			'zgvdoktor_erfuellt',
+			'mentor',
+			'aufnahmeschluessel',
+			'standort_code'
+		];
+
+		// add UDFs
+		$result = $this->udflib->getDefinitionForModel($this->PrestudentModel);
+
+		$definitions = $this->getDataOrTerminateWithError($result);
+
+		foreach ($definitions as $def)
+			$array_allowed_props_prestudent[] = $def['name'];
+
+		$update_prestudent = array();
+		foreach ($array_allowed_props_prestudent as $prop)
+		{
+			$val = $this->input->post($prop);
+			if ($val !== null || $prop == 'foerderrelevant') {
+				$update_prestudent[$prop] = $val;
+			}
+		}
+
+		$update_prestudent['updateamum'] = date('c');
+		$update_prestudent['updatevon'] = $uid;
+
+		if (count($update_prestudent))
+		{
+			$result = $this->PrestudentModel->update(
+				$prestudent_id,
+				$update_prestudent
+			);
+			$this->getDataOrTerminateWithError($result);
+
+			return $this->terminateWithSuccess(true);
+		}
+		return $this->terminateWithSuccess(false);
+	}
+
+	public function getHistoryPrestudents($person_id)
+	{
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+
+		$result = $this->PrestudentModel->getHistoryPrestudents($person_id);
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		$this->terminateWithSuccess(getData($result) ?: []);
+	}
+
+	public function getBezeichnungZGV()
+	{
+		$this->load->model('codex/Zgv_model', 'ZgvModel');
+
+		$this->ZgvModel->addOrder('zgv_code');
+
+		$result = $this->ZgvModel->load();
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(getData($result) ?: []);
+	}
+
+	public function getBezeichnungDZgv()
+	{
+		$this->load->model('codex/Zgvdoktor_model', 'ZgvdoktorModel');
+
+		$this->ZgvdoktorModel->addOrder('zgvdoktor_code');
+
+		$result = $this->ZgvdoktorModel->load();
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(getData($result) ?: []);
+	}
+
+	public function getBezeichnungMZgv()
+	{
+		$this->load->model('codex/Zgvmaster_model', 'ZgvmasterModel');
+
+		$this->ZgvmasterModel->addOrder('zgvmas_code');
+
+		$result = $this->ZgvmasterModel->load();
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(getData($result) ?: []);
+	}
+
+	public function getAusbildung()
+	{
+		$this->load->model('codex/Ausbildung_model', 'AusbildungModel');
+
+		$this->AusbildungModel->addOrder('ausbildungcode');
+
+		$result = $this->AusbildungModel->load();
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(getData($result) ?: []);
+	}
+
+	public function getAufmerksamdurch()
+	{
+		$this->load->model('codex/Aufmerksamdurch_model', 'AufmerksamdurchModel');
+
+		$this->AufmerksamdurchModel->addOrder('aufmerksamdurch_kurzbz');
+
+		$result = $this->AufmerksamdurchModel->load();
+		if (isError($result))
+		{
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(getData($result) ?: []);
+	}
+
+	public function getBerufstaetigkeit()
+	{
+		$this->load->model('codex/Berufstaetigkeit_model', 'BerufstaetigkeitModel');
+
+		$this->BerufstaetigkeitModel->addOrder('berufstaetigkeit_code');
+
+		$result = $this->BerufstaetigkeitModel->load();
+		if (isError($result)) {
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(getData($result) ?: []);
+	}
+
+	public function getTypenStg()
+	{
+		$this->load->model('education/Gsstudientyp_model', 'GsstudientypModel');
+
+		$this->GsstudientypModel->addOrder('gsstudientyp_kurzbz');
+
+		$result = $this->GsstudientypModel->load();
+		if (isError($result)) {
+			$this->terminateWithError(getError($result), self::ERROR_TYPE_GENERAL);
+		}
+		return $this->terminateWithSuccess(getData($result) ?: []);
+	}
+
+	public function getStudienplaene($prestudent_id)
+	{
+		$this->load->model('organisation/Studienplan_model', 'StudienplanModel');
+		$result = $this->StudienplanModel->getStudienplaeneByPrestudents($prestudent_id);
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		return $this->terminateWithSuccess($data);
+	}
+
+	/**
+	 * Gets details for the Studiengang of the Prestudent
+	 *
+	 * @param integer					$prestudent_id
+	 *
+	 * @return stdClass
+	 */
+	public function getStudiengang($prestudent_id)
+	{
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+
+		$this->PrestudentModel->addSelect('stg.*');
+
+		$this->PrestudentModel->addJoin('public.tbl_studiengang stg', 'studiengang_kz');
+
+		$result = $this->PrestudentModel->load($prestudent_id);
+
+		$stg = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess(current($stg));
+	}
+}

application/controllers/api/frontend/v1/stv/Student.php

@@ -0,0 +1,562 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+use \DateTime as DateTime;
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the back-end
+ * Provides data to the ajax get calls about a Student
+ * Listens to ajax post calls to change the Student data
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Student extends FHCAPI_Controller
+{
+	/**
+	 * Calls the parent's constructor and prepares libraries and phrases
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'get' => ['admin:r', 'assistenz:r'],
+			'save' => ['admin:rw', 'assistenz:rw'],
+			'check' => ['admin:rw', 'assistenz:rw'],
+			'add' => ['admin:rw', 'assistenz:rw'] // TODO(chris): extra permissions
+		]);
+
+		// Load Libraries
+		$this->load->library('VariableLib', ['uid' => getAuthUID()]);
+
+		if ($this->router->method == 'get'
+			|| $this->router->method == 'save'
+		) {
+			$prestudent_id = current(array_slice($this->uri->rsegments, 2));
+			if ($this->router->method == 'get')
+				$this->checkPermissionsForPrestudent($prestudent_id, ['admin:r', 'assistenz:r']);
+			else
+				$this->checkPermissionsForPrestudent($prestudent_id, ['admin:rw', 'assistenz:rw']);
+		}
+
+		// Load language phrases
+		$this->loadPhrases([
+			'ui'
+		]);
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Get details for a prestudent
+	 *
+	 * @param string			$prestudent_id
+	 * @return void
+	 */
+	public function get($prestudent_id)
+	{
+		$studiensemester_kurzbz = $this->variablelib->getVar('semester_aktuell');
+
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+
+		$this->PrestudentModel->addSelect('p.*');
+		$this->PrestudentModel->addSelect('s.student_uid');
+		$this->PrestudentModel->addSelect('matrikelnr');
+		$this->PrestudentModel->addSelect('b.aktiv');
+		$this->PrestudentModel->addSelect('v.semester');
+		$this->PrestudentModel->addSelect('v.verband');
+		$this->PrestudentModel->addSelect('v.gruppe');
+		$this->PrestudentModel->addSelect('b.alias');
+
+		if (defined('ACTIVE_ADDONS') && strpos(ACTIVE_ADDONS, 'bewerbung') !== false) {
+			$this->PrestudentModel->addSelect(
+				"(
+					SELECT kontakt 
+					FROM public.tbl_kontakt 
+					WHERE kontakttyp='email' 
+					AND person_id=p.person_id 
+					AND zustellung 
+					ORDER BY kontakt_id 
+					LIMIT 1
+				) AS email_privat",
+				false
+			);
+		}
+
+		$this->PrestudentModel->addJoin('public.tbl_student s', 'prestudent_id', 'LEFT');
+		$this->PrestudentModel->addJoin('public.tbl_benutzer b', 'student_uid = uid', 'LEFT');
+		$this->PrestudentModel->addJoin(
+			'public.tbl_studentlehrverband v',
+			'b.uid = v.student_uid AND v.studiensemester_kurzbz = ' . $this->PrestudentModel->escape($studiensemester_kurzbz),
+			'LEFT'
+		);
+		$this->PrestudentModel->addJoin('public.tbl_person p', 'p.person_id = tbl_prestudent.person_id');
+
+		$result = $this->PrestudentModel->loadWhere(['prestudent_id' => $prestudent_id]);
+		
+		$student = $this->getDataOrTerminateWithError($result);
+		
+		if (!$student)
+			return show_404();
+
+		$this->terminateWithSuccess(current($student));
+	}
+
+	/**
+	 * Saves data to a prestudent
+	 *
+	 * @param string			$prestudent_id
+	 * @return void
+	 */
+	public function save($prestudent_id)
+	{
+		$studiensemester_kurzbz = $this->variablelib->getVar('semester_aktuell');
+
+		$this->load->model('person/Person_model', 'PersonModel');
+		$this->load->model('crm/Student_model', 'StudentModel');
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+		$this->load->model('education/Studentlehrverband_model', 'StudentlehrverbandModel');
+
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('gebdatum', 'Geburtsdatum', 'is_valid_date');
+
+		$this->form_validation->set_rules('semester', 'Semester', 'integer');
+
+		$this->load->library('UDFLib');
+		
+		$result = $this->udflib->getCiValidations($this->PersonModel, $this->input->post());
+
+		//TODO(Manu) check with Chris: input number not allowed
+		$udf_field_validations = $this->getDataOrTerminateWithError($result);
+
+		$this->form_validation->set_rules($udf_field_validations);
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$result = $this->StudentModel->loadWhere(['prestudent_id' => $prestudent_id]);
+		
+		$student = $this->getDataOrTerminateWithError($result);
+
+		$uid = $student ? current($student)->student_uid : null;
+
+		$result = $this->PrestudentModel->loadWhere(['prestudent_id' => $prestudent_id]);
+
+		$person = $this->getDataOrTerminateWithError($result);
+
+		$person_id = $person ? current($person)->person_id : null;
+
+		
+		$array_allowed_props_lehrverband = ['verband', 'semester', 'gruppe'];
+		$update_lehrverband = array();
+		foreach ($array_allowed_props_lehrverband as $prop) {
+			$val = $this->input->post($prop);
+			if ($val !== null) {
+				$update_lehrverband[$prop] = $val;
+			}
+		}
+
+		$array_allowed_props_person = [
+			'anrede',
+			'bpk',
+			'titelpre',
+			'titelpost',
+			'nachname',
+			'vorname',
+			'vornamen',
+			'wahlname',
+			'gebdatum',
+			'gebort',
+			'geburtsnation',
+			'svnr',
+			'ersatzkennzeichen',
+			'staatsbuergerschaft',
+			'matr_nr',
+			'sprache',
+			'geschlecht',
+			'familienstand',
+			'foto',
+			'anmerkung',
+			'homepage'
+		];
+		
+		// add UDFs
+		$result = $this->udflib->getDefinitionForModel($this->PersonModel);
+
+		$definitions = $this->getDataOrTerminateWithError($result);
+
+		foreach ($definitions as $def)
+			$array_allowed_props_person[] = $def['name'];
+
+		$update_person = array();
+		foreach ($array_allowed_props_person as $prop) {
+			$val = $this->input->post($prop);
+			if ($val !== null) {
+				$update_person[$prop] = $val;
+			}
+		}
+
+		$array_allowed_props_student = ['matrikelnr'];
+		$update_student = array();
+		foreach ($array_allowed_props_student as $prop) {
+			$val = $this->input->post($prop);
+			if ($val !== null) {
+				$update_student[$prop] = $val;
+			}
+		}
+
+		// Check PKs
+		if (count($update_lehrverband) + count($update_student) && $uid === null) {
+			// TODO(chris): phrase
+			$this->terminateWithValidationErrors(['' => "Kein/e StudentIn vorhanden!"]);
+		}
+		if (count($update_person) && $person_id === null) {
+			// TODO(chris): phrase
+			$this->terminateWithValidationErrors(['' => "Keine Person vorhanden!"]);
+		}
+
+		// Do Updates
+		if (count($update_lehrverband)) {
+			$result = $this->StudentlehrverbandModel->update([
+				'studiensemester_kurzbz' => $studiensemester_kurzbz,
+				'student_uid' => $uid
+			], $update_lehrverband);
+			$this->getDataOrTerminateWithError($result);
+		}
+
+		if (count($update_person)) {
+			$result = $this->PersonModel->update(
+				$person_id,
+				$update_person
+			);
+			$this->getDataOrTerminateWithError($result);
+		}
+
+
+		if (count($update_student)) {
+			$result = $this->StudentModel->update(
+				[$uid],
+				$update_student
+			);
+			$this->getDataOrTerminateWithError($result);
+		}
+
+		$this->terminateWithSuccess(array_fill_keys(array_merge(
+			array_keys($update_lehrverband),
+			array_keys($update_person),
+			array_keys($update_student)
+		), ''));
+	}
+
+	public function check()
+	{
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('gebdatum', 'Geburtsdatum', 'is_valid_date');
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		$vorname = $this->input->post('vorname');
+		$nachname = $this->input->post('nachname');
+		$gebdatum = $this->input->post('gebdatum');
+
+		if (!$vorname && !$nachname && !$gebdatum)
+			$this->terminateWithValidationErrors(['At least one of vorname, nachname or gebdatum must be set']);
+
+		$this->load->model('person/Person_model', 'PersonModel');
+
+		if ($gebdatum)
+			$this->PersonModel->db->where('gebdatum', (new DateTime($gebdatum))->format('Y-m-d'));
+		if ($vorname && $nachname) {
+			$this->PersonModel->db->or_group_start();
+			$this->PersonModel->db->where('LOWER(nachname)', 'LOWER(' . $this->PersonModel->db->escape($nachname) . ')', false);
+			$this->PersonModel->db->where('LOWER(vorname)', 'LOWER(' . $this->PersonModel->db->escape($vorname) . ')', false);
+			$this->PersonModel->db->group_end();
+		} elseif ($nachname) {
+			$this->PersonModel->db->or_where('LOWER(nachname)', 'LOWER(' . $this->PersonModel->escape($nachname) . ')', false);
+		}
+
+		$result = $this->PersonModel->load();
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	public function add()
+	{
+		if (!$this->input->post('person_id')) {
+			if (!isset($_POST['address']) || !is_array($_POST['address']))
+				$_POST['address'] = [];
+			$_POST['address']['func'] = 1;
+		}
+		if ($this->input->post('incoming')) {
+			$_POST['ausbildungssemester'] = 0;
+		}
+
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('nachname', 'Nachname', 'callback_requiredIfNotPersonId', [
+			'requiredIfNotPersonId' => $this->p->t('ui', 'error_required')
+		]);
+		$this->form_validation->set_rules('geschlecht', 'Geschlecht', 'callback_requiredIfNotPersonId', [
+			'requiredIfNotPersonId' => $this->p->t('ui', 'error_required')
+		]);
+		$this->form_validation->set_rules('gebdatum', 'Geburtsdatum', 'callback_isValidDate', [
+			'isValidDate' => $this->p->t('ui', 'error_invalid_date')
+		]);
+		$this->form_validation->set_rules('address[func]', 'Address', 'required|integer|less_than[2]|greater_than[-2]');
+		$this->form_validation->set_rules('address[plz]', 'PLZ', 'callback_requiredIfAddressFunc', [
+			'requiredIfAddressFunc' => $this->p->t('ui', 'error_required')
+		]);
+		$this->form_validation->set_rules('address[gemeinde]', 'Gemeinde', 'callback_requiredIfAddressFunc', [
+			'requiredIfAddressFunc' => $this->p->t('ui', 'error_required')
+		]);
+		$this->form_validation->set_rules('address[ort]', 'Ort', 'callback_requiredIfAddressFunc', [
+			'requiredIfAddressFunc' => $this->p->t('ui', 'error_required')
+		]);
+		$this->form_validation->set_rules('address[address]', 'Adresse', 'callback_requiredIfAddressFunc', [
+			'requiredIfAddressFunc' => $this->p->t('ui', 'error_required')
+		]);
+		$this->form_validation->set_rules('email', 'E-Mail', 'valid_email');
+		$this->form_validation->set_rules('studiengang_kz', 'Studiengang', 'required');
+		$this->form_validation->set_rules('studiensemester_kurzbz', 'Studiensemester', 'required');
+		$this->form_validation->set_rules('ausbildungssemester', 'Ausbildungssemester', 'required|integer|less_than[9]|greater_than[-1]');
+		// TODO(chris): validate studienplan with studiengang, semester and orgform?
+		// TODO(chris): validate person_id, studiengang_kz, studiensemester_kurzbz, orgform_kurzbz, nation, gemeinde, ort, geschlecht?
+
+		if (!$this->form_validation->run())
+			$this->terminateWithValidationErrors($this->form_validation->error_array());
+
+		// TODO(chris): This should be in a library
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+		$this->load->model('crm/Prestudentstatus_model', 'PrestudentstatusModel');
+
+		$this->db->trans_start();
+
+		$result = $this->addInteressent();
+
+		$this->db->trans_complete();
+
+		if ($this->db->trans_status() === FALSE)
+			$this->terminateWithError('TODO(chris): TEXT', self::ERROR_TYPE_GENERAL);
+
+		$this->terminateWithSuccess($result);
+	}
+
+	protected function addInteressent()
+	{
+		// Person anlegen wenn nötig
+		$person_id = $this->input->post('person_id');
+		if (!$person_id) {
+			$this->load->model('person/Person_model', 'PersonModel');
+			
+			$data = [
+				'nachname' => $this->input->post('nachname'),
+				'insertamum' => date('c'),
+				'insertvon' => getAuthUID(),
+				'zugangscode' => uniqid(),
+				'aktiv' => true
+			];
+			if ($this->input->post('anrede'))
+				$data['anrede'] = $this->input->post('anrede');
+			if ($this->input->post('titelpre'))
+				$data['titelpre'] = $this->input->post('titelpre');
+			if ($this->input->post('titelpost'))
+				$data['titelpost'] = $this->input->post('titelpost');
+			if ($this->input->post('vorname'))
+				$data['vorname'] = $this->input->post('vorname');
+			if ($this->input->post('vornamen'))
+				$data['vornamen'] = $this->input->post('vornamen');
+			if ($this->input->post('wahlname'))
+				$data['wahlname'] = $this->input->post('wahlname');
+			if ($this->input->post('geschlecht'))
+				$data['geschlecht'] = $this->input->post('geschlecht');
+			if ($this->input->post('gebdatum'))
+				$data['gebdatum'] = (new DateTime($this->input->post('datum_obj')))->format('Y-m-d');
+			if ($this->input->post('geburtsnation'))
+				$data['geburtsnation'] = $this->input->post('geburtsnation');
+			if ($this->input->post('staatsbuergerschaft'))
+				$data['staatsbuergerschaft'] = $this->input->post('staatsbuergerschaft');
+
+			$result = $this->PersonModel->insert($data);
+			$person_id = $this->getDataOrTerminateWithError($result);
+		}
+
+		// Addresse anlegen
+		$anlegen = $this->input->post('address[func]');
+		if ($anlegen) {
+			$this->load->model('person/Adresse_model', 'AdresseModel');
+
+			$data = [
+				'nation' => $this->input->post('address[nation]'),
+				'strasse' => $this->input->post('address[address]'),
+				'plz' => $this->input->post('address[plz]'),
+				'ort' => $this->input->post('address[ort]'),
+				'gemeinde' => $this->input->post('address[gemeinde]'),
+				'typ' => 'h',
+				'zustelladresse' => true,
+			];
+			if ($anlegen < 0) { // Überschreiben
+				$this->AdresseModel->addOrder('zustelladresse', 'DESC');
+				$this->AdresseModel->addOrder('sort');
+				$result = $this->AdresseModel->loadWhere([
+					'person_id' => $person_id
+				]);
+				$address = $this->getDataOrTerminateWithError($result);
+				if ($address) {
+					$address = current($address);
+
+					$data['updateamum'] = date('c');
+					$data['updatevon'] = getAuthUID();
+
+					$result = $this->AdresseModel->update($address->adresse_id, $data);
+					$this->getDataOrTerminateWithError($result);
+				} else {
+					//Wenn keine Adrese vorhanden ist dann eine neue Anlegen
+					$anlegen = 1;
+					$data['heimatadresse'] = true;
+				}
+			}
+			if ($anlegen > 0) {
+				$data['person_id'] = $person_id;
+				$data['insertamum'] = date('c');
+				$data['insertvon'] = getAuthUID();
+				if (!isset($data['heimatadresse']))
+					$data['heimatadresse'] = !$this->input->post('person_id');
+				
+				$result = $this->AdresseModel->insert($data);
+				$this->getDataOrTerminateWithError($result);
+			}
+		}
+		
+		// Kontaktdaten
+		$kontaktdaten = [];
+		foreach (['email', 'telefon', 'mobil'] as $k) {
+			$v = $this->input->post($k);
+			if ($v)
+				$kontaktdaten[$k] = $v;
+		}
+		if (count($kontaktdaten)) {
+			$this->load->model('person/Kontakt_model', 'KontaktModel');
+
+			foreach ($kontaktdaten as $typ => $kontakt) {
+				$data = [
+					'person_id' => $person_id,
+					'kontakttyp' => $typ,
+					'kontakt' => $kontakt,
+					'zustellung' => true,
+					'insertamum' => date('c'),
+					'insertvon' => getAuthUID()
+				];
+				$result = $this->KontaktModel->insert($data);
+				$this->getDataOrTerminateWithError($result);
+			}
+		}
+
+		// Prestudent anlegen
+		$data = [
+			'aufmerksamdurch_kurzbz' => 'k.A.',
+			'person_id' => $person_id,
+			'studiengang_kz' => $this->input->post('studiengang_kz'),
+			'ausbildungcode' => $this->input->post('letzteausbildung'),
+			'anmerkung' => $this->input->post('anmerkungen'),
+			'reihungstestangetreten' => false,
+			'bismelden' => true
+		];
+		$ausbildungsart = $this->input->post('ausbildungsart');
+		if ($ausbildungsart)
+			$data['anmerkung'] .= ' Ausbildungsart:' . $ausbildungsart;
+		// Incomings und ausserordentliche sind bei Meldung nicht förderrelevant
+		$incoming = $this->input->post('incoming');
+		if ($incoming || substr($data['studiengang_kz'], 0, 1) == '9')
+			$data['foerderrelevant'] = false;
+		// Wenn die Person schon im System erfasst ist, dann die ZGV des Datensatzes uebernehmen
+		$this->PrestudentModel->addOrder('zgvmas_code');
+		$this->PrestudentModel->addOrder('zgv_code', 'DESC');
+		$this->PrestudentModel->addLimit(1);
+		$result = $this->PrestudentModel->loadWhere([
+			'person_id' => $person_id
+		]);
+		$prestudent = $this->getDataOrTerminateWithError($result);
+		if ($prestudent) {
+			$prestudent = current($prestudent);
+			if ($prestudent->zgv_code) {
+				$data['zgv_code'] = $prestudent->zgv_code;
+				$data['zgvort'] = $prestudent->zgvort;
+				$data['zgvdatum'] = $prestudent->zgvdatum;
+
+				$data['zgvmas_code'] = $prestudent->zgvmas_code;
+				$data['zgvmaort'] = $prestudent->zgvmaort;
+				$data['zgvmadatum'] = $prestudent->zgvmadatum;
+			}
+		}
+		// Prestudent speichern
+		$result = $this->PrestudentModel->insert($data);
+		$prestudent_id = $this->getDataOrTerminateWithError($result);
+
+		// Prestudent Rolle Anlegen
+		$data = [
+			'prestudent_id' => $prestudent_id,
+			'status_kurzbz' => $incoming ? 'Incoming' : 'Interessent',
+			'studiensemester_kurzbz' => $this->input->post('studiensemester_kurzbz'),
+			'ausbildungssemester' => $this->input->post('ausbildungssemester') ?: 0,
+			'orgform_kurzbz' => $this->input->post('orgform_kurzbz') ?: null,
+			'studienplan_id' => $this->input->post('studienplan_id') ?: null,
+			'datum' => date('Y-m-d'),
+			'insertamum' => date('c'),
+			'insertvon' => getAuthUID()
+		];
+		$result = $this->PrestudentstatusModel->insert($data);
+		$this->getDataOrTerminateWithError($result);
+
+		if ($incoming) {
+			// TODO(chris): IMPLEMENT!
+			//Matrikelnummer und UID generieren
+			//Benutzerdatensatz anlegen
+			//Studentendatensatz anlegen
+			//StudentLehrverband anlegen
+		}
+
+		// TODO(chris): DEBUG
+		/*$result = $this->PrestudentModel->loadWhere([
+			'pestudent_id' => 1
+		]);
+		if (isError($result)) {
+			return $result;
+		}*/
+
+		$this->terminateWithSuccess(true);
+	}
+
+	public function requiredIfNotPersonId($value)
+	{
+		if (isset($_POST['person_id']))
+			return true;
+		return !!$value;
+	}
+	
+	public function requiredIfAddressFunc($value)
+	{
+		if (!$_POST['address']['func'])
+			return true;
+		return !!$value;
+	}
+}

application/controllers/api/frontend/v1/stv/Students.php

@@ -0,0 +1,743 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the back-end
+ * Provides data to the ajax get calls about listing students
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Students extends FHCAPI_Controller
+{
+	private $allowedStgs = [];
+
+
+	public function __construct()
+	{
+		$permissions = [];
+		$router = load_class('Router');
+		$permissions[$router->method] = ['admin:r', 'assistenz:r'];
+		parent::__construct($permissions);
+
+		$this->allowedStgs = $this->permissionlib->getSTG_isEntitledFor('admin') ?: [];
+		$this->allowedStgs = array_merge($this->allowedStgs, $this->permissionlib->getSTG_isEntitledFor('assistenz') ?: []);
+		
+		if (!$this->allowedStgs) {
+			$this->_outputAuthError([$router->method => ['admin:r', 'assistenz:r']]);
+			exit;
+		}
+
+		// Load Libraries
+		$this->load->library('VariableLib', ['uid' => getAuthUID()]);
+	}
+
+	/**
+	 * Remap calls:
+	 * /													=> return []
+	 * /inout												=> return []
+	 * /inout/incoming										=> getIncoming
+	 * /inout/outgoing										=> getOutgoing
+	 * /inout/gemeinsamestudien								=> getGemeinsamestudien
+	 * /(studiengang_kz)									=> getStudents
+	 * /(studiengang_kz)/prestudent							=> getPrestudents
+	 * /(studiengang_kz)/prestudent/*						=> getPrestudents
+	 * /(studiengang_kz)/(semester)							=> getStudents
+	 * /(studiengang_kz)/(semester)/grp/(gruppe_kurzbz)		=> getStudents
+	 * /(studiengang_kz)/(semester)/(verband)				=> getStudents
+	 * /(studiengang_kz)/(semester)/(verband)/(gruppe)		=> getStudents
+	 * /(studiengang_kz)/(org_form)							=> getStudents
+	 * /(studiengang_kz)/(org_form)/prestudent				=> getPrestudents
+	 * /(studiengang_kz)/(org_form)/prestudent/*			=> getPrestudents
+	 * /(studiengang_kz)/(org_form)/(semester)				=> getStudents
+	 * /(studiengang_kz)/(org_form)/(semester)/grp/(gruppe_kurzbz)
+	 * 														=> getStudents
+	 * /(studiengang_kz)/(org_form)/(semester)/(verband)	=> getStudents
+	 * /(studiengang_kz)/(org_form)/(semester)/(verband)/(gruppe)
+	 * 														=> getStudents
+	 * /uid/(student_uid)									=> getStudent
+	 * /prestudent/(prestudent_id)							=> getPrestudent
+	 * /person/(person_id)									=> getPerson
+	 *
+	 * @param string		$method
+	 * @param array			$params				(optional)
+	 *
+	 * @return void
+	 */
+	public function _remap($method, $params = [])
+	{
+		if ($method == '' || $method == 'index')
+			return $this->terminateWithSuccess([]);
+
+		if ($method == 'inout') {
+			if (!count($params))
+				return $this->terminateWithSuccess([]);
+			switch ($params[0]) {
+				case 'incoming':
+					return $this->getIncoming();
+				case 'outgoing':
+					return $this->getOutgoing();
+				case 'gemeinsamestudien':
+					return $this->getGemeinsamestudien();
+				default:
+					return show_404();
+			}
+		}
+
+		$count = count($params);
+		if (!$count)
+			return $this->getStudents($method);
+
+		if ($method == 'uid' && $count == 1)
+			return $this->getStudent($params[0]);
+
+		if ($method == 'prestudent' && $count == 1)
+			return $this->getPrestudent($params[0]);
+
+		if ($method == 'person' && $count == 1)
+			return $this->getPerson($params[0]);
+
+		if (is_numeric($params[0])) {
+			$sem = $params[0];
+			if ($count == 3 && $params[1] == 'grp') {
+				$g = $params[2];
+				$ver = null;
+				$grp = null;
+			} else {
+				$g = null;
+				$ver = $count > 1 ? $params[1] : null;
+				$grp = $count > 2 ? $params[2] : null;
+			}
+			return $this->getStudents($method, $sem, $ver, $grp, $g);
+		} elseif ($params[0] == 'prestudent') {
+			if ($count == 1)
+				return $this->getPrestudents($method);
+			if ($count == 2)
+				return $this->getPrestudents($method, $params[1]);
+			return $this->getPrestudents($method, $params[1], $params[$count-1]);
+		} else {
+			$org = $params[0];
+			if ($count > 1 && $params[1] == 'prestudent') {
+				if ($count == 2)
+					return $this->getPrestudents($method, null, null, $org);
+				if ($count == 3)
+					return $this->getPrestudents($method, $params[2], null, $org);
+				return $this->getPrestudents($method, $params[2], $params[$count-1], $org);
+			}
+			$sem = $count > 1 ? $params[1] : null;
+			if ($count == 4 && $params[2] == 'grp') {
+				$g = $params[3];
+				$ver = null;
+				$grp = null;
+			} else {
+				$g = null;
+				$ver = $count > 2 ? $params[2] : null;
+				$grp = $count > 3 ? $params[3] : null;
+			}
+
+			return $this->getStudents($method, $sem, $ver, $grp, $g, $org);
+		}
+		
+		show_404();
+	}
+
+	/**
+	 * @return void
+	 */
+	protected function getIncoming()
+	{
+		// TODO(chris): IMPLEMENT!
+		$this->terminateWithSuccess([]);
+	}
+
+	/**
+	 * @return void
+	 */
+	protected function getOutgoing()
+	{
+		// TODO(chris): IMPLEMENT!
+		$this->terminateWithSuccess([]);
+	}
+
+	/**
+	 * @return void
+	 */
+	protected function getGemeinsamestudien()
+	{
+		// TODO(chris): IMPLEMENT!
+		$this->terminateWithSuccess([]);
+	}
+
+	/**
+	 * @param integer		$studiengang_kz
+	 * @param string		$studiensemester_kurzbz			(optional)
+	 * @param string		$filter							(optional)
+	 * @param string		$orgform_kurzbz					(optional)
+	 *
+	 * @return void
+	 */
+	protected function getPrestudents($studiengang_kz, $studiensemester_kurzbz = null, $filter = null, $orgform_kurzbz = null)
+	{
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+
+		$stdsemEsc = $studiensemester_kurzbz ? $this->PrestudentModel->escape($studiensemester_kurzbz) : 'NULL';
+
+		$selectRT = "
+			SELECT 1 
+			FROM public.tbl_rt_person 
+			JOIN public.tbl_reihungstest r ON (rt_id = reihungstest_id) 
+			WHERE person_id=p.person_id 
+			AND studienplan_id IN (
+				SELECT studienplan_id 
+				FROM lehre.tbl_studienplan 
+				JOIN lehre.tbl_studienordnung o USING(studienordnung_id) 
+				WHERE o.studiengang_kz=tbl_prestudent.studiengang_kz
+			) 
+			AND r.studiensemester_kurzbz=" . $stdsemEsc;
+
+		
+		$where = ['tbl_prestudent.studiengang_kz' => $studiengang_kz];
+
+		if ($orgform_kurzbz) {
+			$where['ps.orgform_kurzbz'] = $orgform_kurzbz;
+		}
+
+		switch ($filter) {
+			case "interessenten":
+				$where['ps.status_kurzbz'] = 'Interessent';
+				break;
+			case "bewerbungnichtabgeschickt":
+				$where['ps.status_kurzbz'] = 'Interessent';
+				$where['bewerbung_abgeschicktamum'] = null;
+				break;
+			case "bewerbungabgeschickt":
+				$where['ps.status_kurzbz'] = 'Interessent';
+				$where['bewerbung_abgeschicktamum IS NOT NULL'] = null;
+				$where['bestaetigtam'] = null;
+				break;
+			case "statusbestaetigt":
+				$where['ps.status_kurzbz'] = 'Interessent';
+				$where['bestaetigtam IS NOT NULL'] = null;
+				break;
+			case "statusbestaetigtrtnichtangemeldet":
+				$where['ps.status_kurzbz'] = 'Interessent';
+				$where['bestaetigtam IS NOT NULL'] = null;
+				$this->PrestudentModel->db->where('NOT EXISTS(' . $selectRT . ')', null, false);
+				break;
+			case "statusbestaetigtrtangemeldet":
+				$where['ps.status_kurzbz'] = 'Interessent';
+				$where['bestaetigtam IS NOT NULL'] = null;
+				$this->PrestudentModel->db->where('EXISTS(' . $selectRT . ')', null, false);
+				break;
+			case "zgv":
+				$this->load->model('organisation/Studiengang_model', 'StudiengangModel');
+
+				$result = $this->StudiengangModel->load($studiengang_kz);
+
+				$stg = $this->getDataOrTerminateWithError($result);
+				if (!$stg)
+					$this->terminateWithValidationErrors(['' => 'Studiengang does not exist']); // TODO(chris): phrase
+				$stg = current($stg);
+
+				$where['ps.status_kurzbz'] = 'Interessent';
+				
+				if ($stg->typ == 'm') {
+					$where['zgvmas_code IS NOT NULL'] = null;
+					if (defined('ZGV_ERFUELLT_ANZEIGEN') && ZGV_ERFUELLT_ANZEIGEN)
+						$where['zgvmas_erfuellt'] = true;
+				} elseif ($stg->typ == 'p') {
+					$where['zgvdoktor_code IS NOT NULL'] = null;
+					if (defined('ZGV_DOKTOR_ANZEIGEN') && ZGV_DOKTOR_ANZEIGEN)
+						$where['zgvdoktor_erfuellt'] = true;
+				} else {
+					$where['zgv_code IS NOT NULL'] = null;
+					if (defined('ZGV_ERFUELLT_ANZEIGEN') && ZGV_ERFUELLT_ANZEIGEN)
+						$where['zgv_erfuellt'] = true;
+				}
+				break;
+			case "reihungstestangemeldet":
+				$where['ps.status_kurzbz'] = 'Interessent';
+				$this->PrestudentModel->db->where('EXISTS(' . $selectRT . ')', null, false);
+				break;
+			case "reihungstestnichtangemeldet":
+				$where['ps.status_kurzbz'] = 'Interessent';
+				$this->PrestudentModel->db->where('NOT EXISTS(' . $selectRT . ')', null, false);
+				break;
+			case "bewerber":
+				$where['ps.status_kurzbz'] = 'Bewerber';
+				break;
+			case "bewerberrtnichtangemeldet":
+				$where['ps.status_kurzbz'] = 'Bewerber';
+				$this->PrestudentModel->db->where('NOT EXISTS(' . $selectRT . ')', null, false);
+				break;
+			case "bewerberrtangemeldet":
+				$where['ps.status_kurzbz'] = 'Bewerber';
+				$this->PrestudentModel->db->where('EXISTS(' . $selectRT . ')', null, false);
+				break;
+			case "bewerberrtangemeldetteilgenommen":
+				$where['ps.status_kurzbz'] = 'Bewerber';
+				$this->PrestudentModel->db->where('EXISTS(' . $selectRT . ')', null, false);
+				$where['reihungstestangetreten'] = true;
+				break;
+			case "bewerberrtangemeldetnichtteilgenommen":
+				$where['ps.status_kurzbz'] = 'Bewerber';
+				$this->PrestudentModel->db->where('EXISTS(' . $selectRT . ')', null, false);
+				$where['reihungstestangetreten'] = false;
+				break;
+			case "aufgenommen":
+				$where['ps.status_kurzbz'] = 'Aufgenommener';
+				break;
+			case "warteliste":
+				$where['ps.status_kurzbz'] = 'Wartender';
+				break;
+			case "absage":
+				$where['ps.status_kurzbz'] = 'Abgewiesener';
+				break;
+			case "incoming":
+				// NOTE(chris): in FAS it was not filtered for studiengang_kz
+				$where['ps.status_kurzbz'] = 'Incoming';
+				break;
+			case "absolvent":
+				$where['ps.status_kurzbz'] = 'Absolvent';
+				break;
+			case "diplomand":
+				$where['ps.status_kurzbz'] = 'Diplomand';
+				break;
+			default:
+				if (!$studiensemester_kurzbz) {
+					// TODO(chris): this does not work with $orgform_kurzbz != null
+					$where['ps.status_kurzbz'] = null;
+				} else {
+					$this->PrestudentModel->db->where_in('ps.status_kurzbz', [
+						'Interessent',
+						'Bewerber',
+						'Aufgenommener',
+						'Wartender',
+						'Abgewiesener'
+					]);
+				}
+				break;
+		}
+
+		/*
+			$this->PrestudentModel->addJoin('public.tbl_studiengang stg', 'studiengang_kz', 'LEFT');
+			$this->PrestudentModel->addJoin('public.tbl_person p', 'person_id');
+			$this->PrestudentModel->addJoin('public.tbl_prestudentstatus pls', '
+				pls.status_kurzbz=public.get_rolle_prestudent(tbl_prestudent.prestudent_id, NULL) 
+				AND pls.prestudent_id=tbl_prestudent.prestudent_id 
+				AND pls.studiensemester_kurzbz=public.get_stdsem_prestudent(tbl_prestudent.prestudent_id, NULL) 
+				AND pls.ausbildungssemester=public.get_absem_prestudent(tbl_prestudent.prestudent_id, NULL)', 'LEFT');
+			$this->PrestudentModel->addJoin('lehre.tbl_studienplan sp', 'studienplan_id', 'LEFT');
+			$this->PrestudentModel->addJoin('public.tbl_prestudentstatus ps', '
+				ps.status_kurzbz=public.get_rolle_prestudent(tbl_prestudent.prestudent_id, ' . $stdsemEsc . ') 
+				AND ps.prestudent_id=tbl_prestudent.prestudent_id 
+				AND ps.studiensemester_kurzbz=public.get_stdsem_prestudent(tbl_prestudent.prestudent_id, ' . $stdsemEsc . ') 
+				AND ps.ausbildungssemester=public.get_absem_prestudent(tbl_prestudent.prestudent_id, ' . $stdsemEsc . ')', 'LEFT');*/
+		$this->prepareQuery($studiensemester_kurzbz);
+		
+		$this->PrestudentModel->addSelect("
+			CASE WHEN ps.status_kurzbz IN ('Aufgenommener', 'Bewerber', 'Wartender', 'interessent') 
+			THEN ps.ausbildungssemester::text 
+			ELSE ''::text END AS semester", false);
+		$this->PrestudentModel->addSelect("'' AS verband");
+		$this->PrestudentModel->addSelect("'' AS gruppe");
+		$this->addSelectPrioRel();
+
+		$this->addFilter($studiensemester_kurzbz);
+
+		$result = $this->PrestudentModel->loadWhere($where);
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	/**
+	 * @param integer		$studiengang_kz
+	 * @param integer		$semester						(optional)
+	 * @param string		$verband						(optional)
+	 * @param integer		$gruppe							(optional)
+	 * @param string		$gruppe_kurzbz					(optional)
+	 * @param string		$orgform_kurzbz					(optional)
+	 *
+	 * @return void
+	 */
+	protected function getStudents($studiengang_kz, $semester = null, $verband = null, $gruppe = null, $gruppe_kurzbz = null, $orgform_kurzbz = null)
+	{
+		$studiensemester_kurzbz = $this->variablelib->getVar('semester_aktuell');
+		
+
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+
+		/*
+			$this->PrestudentModel->addJoin('public.tbl_studiengang stg', 'studiengang_kz', 'LEFT');
+			$this->PrestudentModel->addJoin('public.tbl_person p', 'person_id');
+			$this->PrestudentModel->addJoin('public.tbl_student s', 'prestudent_id');
+			$this->PrestudentModel->addJoin('public.tbl_prestudentstatus pls', '
+				pls.status_kurzbz=public.get_rolle_prestudent(tbl_prestudent.prestudent_id, NULL) 
+				AND pls.prestudent_id=tbl_prestudent.prestudent_id 
+				AND pls.studiensemester_kurzbz=public.get_stdsem_prestudent(tbl_prestudent.prestudent_id, NULL) 
+				AND pls.ausbildungssemester=public.get_absem_prestudent(tbl_prestudent.prestudent_id, NULL)', 'LEFT');
+			$this->PrestudentModel->addJoin('lehre.tbl_studienplan sp', 'studienplan_id', 'LEFT');
+			$this->PrestudentModel->addJoin('public.tbl_benutzer b', 's.student_uid=b.uid');
+			$this->PrestudentModel->addJoin(
+				'public.tbl_studentlehrverband v',
+				'v.student_uid=s.student_uid AND v.studiensemester_kurzbz=' . $this->PrestudentModel->escape($studiensemester_kurzbz)
+			);*/
+		$this->prepareQuery($studiensemester_kurzbz, '');
+
+		$this->PrestudentModel->addSelect('v.semester');
+		$this->PrestudentModel->addSelect('v.verband');
+		$this->PrestudentModel->addSelect('v.gruppe');
+		$this->PrestudentModel->addSelect("'' AS priorisierung_relativ");
+
+
+		$where = [];
+
+		if ($gruppe_kurzbz !== null) {
+			$this->PrestudentModel->addJoin('public.tbl_benutzergruppe g', 'uid');
+			$where['g.gruppe_kurzbz'] = $gruppe_kurzbz;
+			$where['g.studiensemester_kurzbz'] = $studiensemester_kurzbz;
+		} else {
+			$where['v.studiengang_kz'] = $studiengang_kz;
+
+			if ($semester !== null)
+				$where['v.semester'] = $semester;
+
+			if ($verband !== null)
+				$where['v.verband'] = $verband;
+
+			if ($gruppe !== null)
+				$where['v.gruppe'] = $gruppe;
+	
+			if (!$verband && !$gruppe && $orgform_kurzbz !== null) {
+				$this->PrestudentModel->db->where(
+					"(
+						SELECT orgform_kurzbz 
+						FROM public.tbl_prestudentstatus 
+						WHERE prestudent_id=tbl_prestudent.prestudent_id 
+						AND studiensemester_kurzbz=" . $this->PrestudentModel->escape($studiensemester_kurzbz) . " 
+						ORDER BY datum DESC, insertamum DESC, ext_id DESC LIMIT 1
+					) =",
+					$this->PrestudentModel->escape($orgform_kurzbz),
+					false
+				);
+			}
+
+		}
+
+		$this->addFilter($studiensemester_kurzbz);
+
+		$result = $this->PrestudentModel->loadWhere($where);
+		
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	/**
+	 * @param string		$prestudent_id
+	 *
+	 * @return void
+	 */
+	protected function getPrestudent($prestudent_id)
+	{
+		$studiensemester_kurzbz = $this->variablelib->getVar('semester_aktuell');
+
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+
+		/*
+			$this->PrestudentModel->addJoin('public.tbl_studiengang stg', 'studiengang_kz', 'LEFT');
+			$this->PrestudentModel->addJoin('public.tbl_person p', 'person_id');
+			$this->PrestudentModel->addJoin('public.tbl_student s', 'prestudent_id', 'LEFT');
+			$this->PrestudentModel->addJoin('public.tbl_prestudentstatus pls', '
+				pls.status_kurzbz=public.get_rolle_prestudent(tbl_prestudent.prestudent_id, NULL) 
+				AND pls.prestudent_id=tbl_prestudent.prestudent_id 
+				AND pls.studiensemester_kurzbz=public.get_stdsem_prestudent(tbl_prestudent.prestudent_id, NULL) 
+				AND pls.ausbildungssemester=public.get_absem_prestudent(tbl_prestudent.prestudent_id, NULL)', 'LEFT');
+			$this->PrestudentModel->addJoin('lehre.tbl_studienplan sp', 'studienplan_id', 'LEFT');
+			$this->PrestudentModel->addJoin('public.tbl_benutzer b', 's.student_uid=b.uid', 'LEFT');
+			$this->PrestudentModel->addJoin(
+				'public.tbl_studentlehrverband v',
+				'v.student_uid=s.student_uid AND v.studiensemester_kurzbz=' . $this->PrestudentModel->escape($studiensemester_kurzbz),
+				'LEFT'
+			);*/
+		$this->prepareQuery($studiensemester_kurzbz);
+
+		$this->PrestudentModel->addSelect("COALESCE(v.semester::text, CASE WHEN public.get_rolle_prestudent(tbl_prestudent.prestudent_id, NULL) IN ('Aufgenommener', 'Bewerber', 'Wartender', 'interessent') THEN public.get_absem_prestudent(tbl_prestudent.prestudent_id, NULL)::text ELSE ''::text END) AS semester", false);
+		$this->PrestudentModel->addSelect('v.verband');
+		$this->PrestudentModel->addSelect('v.gruppe');
+		$this->addSelectPrioRel();
+
+		$this->addFilter($studiensemester_kurzbz);
+
+		$result = $this->PrestudentModel->loadWhere([
+			'tbl_prestudent.prestudent_id' => $prestudent_id
+		]);
+
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	/**
+	 * @param string		$student_uid
+	 *
+	 * @return void
+	 */
+	protected function getStudent($student_uid)
+	{
+		$studiensemester_kurzbz = $this->variablelib->getVar('semester_aktuell');
+
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+
+		/*
+			$this->PrestudentModel->addJoin('public.tbl_studiengang stg', 'studiengang_kz', 'LEFT');
+			$this->PrestudentModel->addJoin('public.tbl_person p', 'person_id');
+			$this->PrestudentModel->addJoin('public.tbl_student s', 'prestudent_id');
+			$this->PrestudentModel->addJoin('public.tbl_prestudentstatus pls', '
+				pls.status_kurzbz=public.get_rolle_prestudent(tbl_prestudent.prestudent_id, NULL) 
+				AND pls.prestudent_id=tbl_prestudent.prestudent_id 
+				AND pls.studiensemester_kurzbz=public.get_stdsem_prestudent(tbl_prestudent.prestudent_id, NULL) 
+				AND pls.ausbildungssemester=public.get_absem_prestudent(tbl_prestudent.prestudent_id, NULL)', 'LEFT');
+			$this->PrestudentModel->addJoin('lehre.tbl_studienplan sp', 'studienplan_id', 'LEFT');
+			$this->PrestudentModel->addJoin('public.tbl_benutzer b', 's.student_uid=b.uid');
+			$this->PrestudentModel->addJoin(
+				'public.tbl_studentlehrverband v',
+				'v.student_uid=s.student_uid AND v.studiensemester_kurzbz=' . $this->PrestudentModel->escape($studiensemester_kurzbz),
+				'LEFT'
+			);*/
+		$this->prepareQuery($studiensemester_kurzbz);
+
+		$this->PrestudentModel->addSelect('v.semester');
+		$this->PrestudentModel->addSelect('v.verband');
+		$this->PrestudentModel->addSelect('v.gruppe');
+		$this->addSelectPrioRel();
+
+		$this->addFilter($studiensemester_kurzbz);
+
+		$result = $this->PrestudentModel->loadWhere([
+			's.student_uid' => $student_uid
+		]);
+		
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	/**
+	 * @param integer		$person_id
+	 *
+	 * @return void
+	 */
+	protected function getPerson($person_id)
+	{
+		$studiensemester_kurzbz = $this->variablelib->getVar('semester_aktuell');
+
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+
+		/*
+			$this->PrestudentModel->addJoin('public.tbl_person p', 'person_id');
+			$this->PrestudentModel->addJoin('public.tbl_student s', 'prestudent_id');
+			$this->PrestudentModel->addJoin('public.tbl_benutzer b', 's.student_uid=b.uid');
+			$this->PrestudentModel->addJoin(
+				'public.tbl_studentlehrverband v',
+				'v.student_uid=s.student_uid AND v.studiensemester_kurzbz=' . $this->PrestudentModel->escape($studiensemester_kurzbz),
+				'LEFT'
+			);*/
+		$this->prepareQuery($studiensemester_kurzbz);
+
+		$this->PrestudentModel->addSelect('v.semester');
+		$this->PrestudentModel->addSelect('v.verband');
+		$this->PrestudentModel->addSelect('v.gruppe');
+		$this->addSelectPrioRel();
+
+		$this->addFilter($studiensemester_kurzbz);
+
+		$result = $this->PrestudentModel->loadWhere([
+			'p.person_id' => $person_id
+		]);
+		
+		$data = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($data);
+	}
+
+	/**
+	 * @param string|null	$studiensemester_kurzbz
+	 * @param string		$type
+	 *
+	 * @return void
+	 */
+	protected function prepareQuery($studiensemester_kurzbz, $type = 'LEFT')
+	{
+		$stdsemEsc = $studiensemester_kurzbz ? $this->PrestudentModel->escape($studiensemester_kurzbz) : 'NULL';
+
+
+		$this->PrestudentModel->addJoin('public.tbl_studiengang stg', 'studiengang_kz', 'LEFT');
+		$this->PrestudentModel->addJoin('public.tbl_person p', 'person_id');
+		$this->PrestudentModel->addJoin('public.tbl_student s', 'prestudent_id', $type);
+		$this->PrestudentModel->addJoin('public.tbl_prestudentstatus pls', '
+			pls.status_kurzbz=public.get_rolle_prestudent(tbl_prestudent.prestudent_id, NULL) 
+			AND pls.prestudent_id=tbl_prestudent.prestudent_id 
+			AND pls.studiensemester_kurzbz=public.get_stdsem_prestudent(tbl_prestudent.prestudent_id, NULL) 
+			AND pls.ausbildungssemester=public.get_absem_prestudent(tbl_prestudent.prestudent_id, NULL)', 'LEFT');
+		$this->PrestudentModel->addJoin('lehre.tbl_studienplan sp', 'studienplan_id', 'LEFT');
+		$this->PrestudentModel->addJoin('public.tbl_benutzer b', 's.student_uid=b.uid', 'LEFT');
+		$this->PrestudentModel->addJoin(
+			'public.tbl_studentlehrverband v',
+			'v.student_uid=s.student_uid AND v.studiensemester_kurzbz' . ($studiensemester_kurzbz ? '=' . $stdsemEsc : ' IS NULL'),
+			$type
+		);
+		$this->PrestudentModel->addJoin('public.tbl_prestudentstatus ps', '
+			ps.status_kurzbz=public.get_rolle_prestudent(tbl_prestudent.prestudent_id, ' . $stdsemEsc . ') 
+			AND ps.prestudent_id=tbl_prestudent.prestudent_id 
+			AND ps.studiensemester_kurzbz=public.get_stdsem_prestudent(tbl_prestudent.prestudent_id, ' . $stdsemEsc . ') 
+			AND ps.ausbildungssemester=public.get_absem_prestudent(tbl_prestudent.prestudent_id, ' . $stdsemEsc . ')', 'LEFT');
+
+
+		$this->PrestudentModel->addSelect("b.uid");
+		$this->PrestudentModel->addSelect('titelpre');
+		$this->PrestudentModel->addSelect('nachname');
+		$this->PrestudentModel->addSelect('vorname');
+		$this->PrestudentModel->addSelect('wahlname');
+		$this->PrestudentModel->addSelect('vornamen');
+		$this->PrestudentModel->addSelect('titelpost');
+		$this->PrestudentModel->addSelect('svnr');
+		$this->PrestudentModel->addSelect('ersatzkennzeichen');
+		$this->PrestudentModel->addSelect('gebdatum');
+		$this->PrestudentModel->addSelect('geschlecht');
+
+		// semester
+		// verband
+		// gruppe
+
+		$this->PrestudentModel->addSelect('UPPER(stg.typ || stg.kurzbz) AS studiengang');
+		$this->PrestudentModel->addSelect('tbl_prestudent.studiengang_kz');
+		$this->PrestudentModel->addSelect("s.matrikelnr");
+		$this->PrestudentModel->addSelect('p.person_id');
+		$this->PrestudentModel->addSelect('pls.status_kurzbz AS status');
+		$this->PrestudentModel->addSelect('pls.datum AS status_datum');
+		$this->PrestudentModel->addSelect('pls.bestaetigtam AS status_bestaetigung');
+		$this->PrestudentModel->addSelect(
+			"(SELECT kontakt FROM public.tbl_kontakt WHERE kontakttyp='email' AND person_id=p.person_id AND zustellung LIMIT 1) AS mail_privat",
+			false
+		);
+		$this->PrestudentModel->addSelect("
+			CASE WHEN b.uid IS NOT NULL AND b.uid<>'' 
+			THEN b.uid || " . $this->PrestudentModel->escape(DOMAIN) . " 
+			ELSE '' END AS mail_intern", false);
+		$this->PrestudentModel->addSelect('p.anmerkung AS anmerkungen');
+		$this->PrestudentModel->addSelect('tbl_prestudent.anmerkung');
+		$this->PrestudentModel->addSelect('pls.orgform_kurzbz');
+		$this->PrestudentModel->addSelect('aufmerksamdurch_kurzbz');
+		$this->PrestudentModel->addSelect(
+			"(SELECT rt_gesamtpunkte AS punkte FROM public.tbl_prestudent WHERE prestudent_id=ps.prestudent_id) AS punkte",
+			false
+		);
+		$this->PrestudentModel->addSelect('tbl_prestudent.aufnahmegruppe_kurzbz');
+		$this->PrestudentModel->addSelect('tbl_prestudent.dual');
+		$this->PrestudentModel->addSelect('p.matr_nr');
+		$this->PrestudentModel->addSelect('sp.bezeichnung AS studienplan_bezeichnung');
+		$this->PrestudentModel->addSelect('tbl_prestudent.prestudent_id');
+
+		// priorisierung_relativ
+
+		$this->PrestudentModel->addSelect('mentor');
+		$this->PrestudentModel->addSelect('b.aktiv AS bnaktiv');
+
+		/*$this->PrestudentModel->addSelect('tbl_prestudent.reihungstest_id');
+		$this->PrestudentModel->addSelect('tbl_prestudent.anmeldungreihungstest');
+		$this->PrestudentModel->addSelect('tbl_prestudent.gsstudientyp_kurzbz');
+		$this->PrestudentModel->addSelect('tbl_prestudent.priorisierung');
+		$this->PrestudentModel->addSelect('p.zugangscode');
+		$this->PrestudentModel->addSelect('p.bpk');*/
+
+		$this->PrestudentModel->db->where_in('tbl_prestudent.studiengang_kz', $this->allowedStgs);
+
+		$this->PrestudentModel->addOrder('nachname');
+		$this->PrestudentModel->addOrder('vorname');
+	}
+
+	/**
+	 * @return void
+	 */
+	protected function addSelectPrioRel()
+	{
+		$this->PrestudentModel->addSelect("(
+			SELECT count(*)
+			FROM (
+				SELECT *, public.get_rolle_prestudent(tbl_prestudent.prestudent_id, NULL) AS laststatus
+				FROM PUBLIC.tbl_prestudent pss
+				JOIN PUBLIC.tbl_prestudentstatus USING (prestudent_id)
+				WHERE person_id = p.person_id
+				AND studiensemester_kurzbz = (
+					SELECT studiensemester_kurzbz
+					FROM PUBLIC.tbl_prestudentstatus
+					WHERE prestudent_id = tbl_prestudent.prestudent_id
+					AND status_kurzbz = 'Interessent'
+					LIMIT 1
+				)
+				AND status_kurzbz = 'Interessent'
+			) prest
+			WHERE laststatus NOT IN ('Abbrecher', 'Abgewiesener', 'Absolvent')
+			AND priorisierung <= tbl_prestudent.priorisierung
+		) || ' (' || tbl_prestudent.priorisierung || ')' AS priorisierung_relativ", false);
+	}
+
+	/**
+	 * Adds additional filters to the query
+	 *
+	 * @param string		$studiensemester_kurzbz
+	 *
+	 * @return void
+	 */
+	protected function addFilter($studiensemester_kurzbz)
+	{
+		$filter = $this->input->get('filter');
+		if (isset($filter['konto_count_0'])) {
+			$bt = $this->PrestudentModel->escape($filter['konto_count_0']);
+			$stdsem = $this->PrestudentModel->escape($studiensemester_kurzbz);
+
+			$this->PrestudentModel->db->where('(
+				SELECT count(*) 
+				FROM public.tbl_konto 
+				WHERE person_id=tbl_prestudent.person_id 
+				AND buchungstyp_kurzbz=' . $bt . ' 
+				AND studiensemester_kurzbz=' . $stdsem . '
+			) =', 0);
+			$this->PrestudentModel->db->where('get_rolle_prestudent(tbl_prestudent.prestudent_id, NULL) !=', 'Incoming');
+		}
+		if (isset($filter['konto_missing_counter'])) {
+			$bt = $this->PrestudentModel->escape($filter['konto_missing_counter']);
+			$stg = '';
+			if ($this->variablelib->getVar('kontofilterstg') == 'true')
+				$stg = ' AND studiengang_kz=tbl_prestudent.studiengang_kz';
+
+			$bt = $bt == 'alle' ? '' : ' AND buchungstyp_kurzbz=' . $bt;
+
+			$this->PrestudentModel->db->where('(
+				SELECT sum(betrag) 
+				FROM public.tbl_konto 
+				WHERE person_id=tbl_prestudent.person_id' .
+				$bt .
+				$stg . '
+			) !=', 0);
+		}
+	}
+}

application/controllers/api/frontend/v1/stv/Verband.php

@@ -0,0 +1,493 @@
+<?php
+/**
+ * Copyright (C) 2024 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * This controller operates between (interface) the JS (GUI) and the back-end
+ * Provides data to the ajax get calls about verbände
+ * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ */
+class Verband extends FHCAPI_Controller
+{
+	public function __construct()
+	{
+		$permissions = [];
+		$router = load_class('Router');
+		$permissions[$router->method] = ['admin:r', 'assistenz:r'];
+		parent::__construct($permissions);
+
+		// Load Models
+		$this->load->model('organisation/Studiengang_model', 'StudiengangModel');
+	}
+	
+	/**
+	 * Remap calls:
+	 * /
+	 * /(studiengang_kz)									=> getStudiengang
+	 * /(studiengang_kz)/(semester)							=> getSemester
+	 * /(studiengang_kz)/(semester)/(verband)				=> getVerband
+	 * /(studiengang_kz)/(org_form)							=> getStudiengang
+	 * /(studiengang_kz)/(org_form)/(semester)				=> getSemester
+	 * /(studiengang_kz)/(org_form)/(semester)/(verband)	=> getVerband
+	 *
+	 * @param string		$method
+	 * @param array			$params				(optional)
+	 *
+	 * @return void
+	 */
+	public function _remap($method, $params = [])
+	{
+		if ($method == '' || $method == 'index')
+			return $this->getBase();
+
+		// NOTE(chris): Test if access is allowed ($method is the Studiengang)
+		if (!$this->permissionlib->isBerechtigt('assistenz', 's', $method)
+			&& !$this->permissionlib->isBerechtigt('admin', 's', $method)
+		) {
+			return $this->_outputAuthError([$method => ['admin:r', 'assistenz:r']]);
+		}
+
+		$count = count($params);
+		if (!$count)
+			return $this->getStudiengang($method);
+
+		if ($count == 1) {
+			if (is_numeric($params[0]))
+				return $this->getSemester($method, $params[0]);
+			elseif ($params[0] == 'prestudent')
+				return $this->terminateWithSuccess($this->getStdSem($method . '/prestudent/', $method));
+			else
+				return $this->getStudiengang($method, $params[0]);
+		}
+		if ($count == 2) {
+			if (is_numeric($params[0]))
+				return $this->getVerband($method, $params[0], $params[1]);
+			elseif ($params[1] == 'prestudent')
+				return $this->terminateWithSuccess($this->getStdSem($method . '/' . $params[0] . '/prestudent/', $method));
+			else
+				return $this->getSemester($method, $params[1], $params[0]);
+		}
+		if ($count == 3 && !is_numeric($params[0]) && is_numeric($params[1]) && !is_numeric($params[2]))
+			return $this->getVerband($method, $params[1], $params[2], $params[0]);
+
+		show_404();
+	}
+
+	/**
+	 * @return void
+	 */
+	protected function getBase()
+	{
+		$this->StudiengangModel->addJoin('public.tbl_lehrverband v', 'studiengang_kz');
+		
+		$this->StudiengangModel->addDistinct();
+		$this->StudiengangModel->addSelect("v.studiengang_kz AS link");
+		$this->StudiengangModel->addSelect(
+			"CONCAT(kurzbzlang, ' (', UPPER(CONCAT(typ, kurzbz)), ') - ', tbl_studiengang.bezeichnung) AS name",
+			false
+		);
+		$this->StudiengangModel->addSelect('erhalter_kz');
+		$this->StudiengangModel->addSelect('typ');
+		$this->StudiengangModel->addSelect('kurzbz');
+		$this->StudiengangModel->addSelect('studiengang_kz');
+		$this->StudiengangModel->addSelect('studiengang_kz AS stg_kz');
+		
+		$this->StudiengangModel->addOrder('erhalter_kz');
+		$this->StudiengangModel->addOrder('typ');
+		$this->StudiengangModel->addOrder('kurzbz');
+
+		$stgs = $this->permissionlib->getSTG_isEntitledFor('admin') ?: [];
+		$stgs = array_merge($stgs, $this->permissionlib->getSTG_isEntitledFor('assistenz') ?: []);
+
+		if (!$stgs)
+			$this->terminateWithSuccess([]);
+
+		$this->StudiengangModel->db->where_in('studiengang_kz', $stgs);
+
+		$result = $this->StudiengangModel->loadWhere(['v.aktiv' => true]);
+
+		$list = $this->getDataOrTerminateWithError($result);
+
+		if ($this->permissionlib->isBerechtigt('inout/uebersicht'))
+			$list[] = [
+				'name' => 'International',
+				'link' => 'inout',
+				'children' => [
+					[
+						'name' => 'Incoming',
+						'link' => 'inout/incoming',
+						'leaf' => true
+					],
+					[
+						'name' => 'Outgoing',
+						'link' => 'inout/outgoing',
+						'leaf' => true
+					],
+					[
+						'name' => 'Gemeinsame Studien',
+						'link' => 'inout/gemeinsamestudien',
+						'leaf' => true
+					]
+				]
+			];
+		$this->terminateWithSuccess($list);
+	}
+
+	/**
+	 * @param integer		$studiengang_kz
+	 * @param string		$orgform			(optional)
+	 *
+	 * @return void
+	 */
+	protected function getStudiengang($studiengang_kz, $org_form = null)
+	{
+		$link = $studiengang_kz . '/';
+		if ($org_form !== null)
+			$link .= $org_form . '/';
+
+		$this->StudiengangModel->addJoin('public.tbl_lehrverband v', 'studiengang_kz');
+		
+		$this->StudiengangModel->addDistinct();
+		$this->StudiengangModel->addSelect("CONCAT(" . $this->StudiengangModel->escape($link) . ", semester) AS link", false);
+		$this->StudiengangModel->addSelect("CONCAT(UPPER(CONCAT(typ, kurzbz)), '-', semester, (SELECT CASE WHEN bezeichnung IS NULL OR bezeichnung='' THEN ''::TEXT ELSE CONCAT(' (', bezeichnung, ')') END FROM public.tbl_lehrverband WHERE studiengang_kz=v.studiengang_kz AND semester=v.semester ORDER BY verband, gruppe LIMIT 1)) AS name", false);
+
+		$this->StudiengangModel->addSelect('semester');
+		$this->StudiengangModel->addSelect($this->StudiengangModel->escape($studiengang_kz) . '::integer AS stg_kz', false);
+		
+		$this->StudiengangModel->addOrder('semester');
+
+		if ($org_form !== null) {
+			$this->StudiengangModel->db->group_start();
+			$this->StudiengangModel->db->where('v.semester', 0);
+			$this->StudiengangModel->db->or_where('v.orgform_kurzbz', $org_form);
+			$this->StudiengangModel->db->group_end();
+		}
+
+		$result = $this->StudiengangModel->loadWhere([
+			'v.studiengang_kz' => $studiengang_kz,
+			'v.aktiv' => true
+		]);
+		$list = $this->getDataOrTerminateWithError($result);
+
+		array_unshift($list, [
+			'name' => 'PreStudent',
+			'link' => $link . 'prestudent',
+			'children' => $this->getStdSem($link . 'prestudent/', $studiengang_kz)
+		]);
+
+		if ($org_form === null) {
+			// NOTE(chris): if mischform show orgforms
+			$result = $this->StudiengangModel->load($studiengang_kz);
+			$result = $this->getDataOrTerminateWithError($result);
+			if ($result) {
+				if (current($result)->mischform) {
+					$this->load->model('organisation/Studienordnung_model', 'StudienordnungModel');
+
+					$this->StudienordnungModel->addDistinct();
+					$this->StudienordnungModel->addSelect("CONCAT(studiengang_kz, '/', p.orgform_kurzbz) AS link");
+					$this->StudienordnungModel->addSelect("p.orgform_kurzbz AS name");
+
+					$this->StudienordnungModel->addJoin('lehre.tbl_studienplan p', 'studienordnung_id');
+
+					$result = $this->StudienordnungModel->loadWhere([
+						'aktiv' => true,
+						'studiengang_kz' => $studiengang_kz,
+						'p.orgform_kurzbz !=' => 'DDP'
+					]);
+					$result = $this->getDataOrTerminateWithError($result);
+
+					$list = array_merge($list, $result);
+				}
+			}
+
+		}
+		$this->terminateWithSuccess($list);
+	}
+
+	/**
+	 * @param integer		$studiengang_kz
+	 * @param integer		$semester
+	 * @param string		$orgform
+	 *
+	 * @return void
+	 */
+	protected function getSemester($studiengang_kz, $semester, $org_form = null)
+	{
+		$link = $studiengang_kz . '/';
+		if ($org_form !== null)
+			$link .= $org_form . '/';
+		$link .= $semester . '/';
+
+
+		$this->load->model('organisation/Gruppe_model', 'GruppeModel');
+
+		$this->GruppeModel->addDistinct();
+		$this->GruppeModel->addSelect("CONCAT(" . $this->GruppeModel->escape($link . 'grp/') . ", gruppe_kurzbz) AS link", false);
+		$this->GruppeModel->addSelect("CONCAT(gruppe_kurzbz, ' (', bezeichnung, ')') AS name", false);
+		$this->GruppeModel->addSelect("TRUE AS leaf", false);
+
+		$this->GruppeModel->addSelect('sort');
+		$this->GruppeModel->addSelect('gruppe_kurzbz');
+		$this->GruppeModel->addSelect($this->GruppeModel->escape($studiengang_kz) . '::integer AS stg_kz', false);
+
+		$this->GruppeModel->addOrder('sort');
+		$this->GruppeModel->addOrder('gruppe_kurzbz');
+
+		$where = [
+			'studiengang_kz' => $studiengang_kz,
+			'semester' => $semester,
+			'lehre' => true,
+			'sichtbar' => true,
+			'aktiv' => true,
+			'direktinskription' => false
+		];
+
+		if ($org_form !== null)
+			$where['orgform_kurzbz'] = $org_form;
+
+		$result = $this->GruppeModel->loadWhere($where);
+
+		$list = $this->getDataOrTerminateWithError($result);
+
+		$this->StudiengangModel->addJoin('public.tbl_lehrverband v', 'studiengang_kz');
+		
+		$this->StudiengangModel->addSelect("CONCAT(" . $this->StudiengangModel->escape($link) . ", verband) AS link", false);
+		$this->StudiengangModel->addSelect("CONCAT(UPPER(CONCAT(typ, kurzbz)), '-', semester, verband, (SELECT CASE WHEN bezeichnung IS NULL OR bezeichnung='' THEN ''::TEXT ELSE CONCAT(' (', bezeichnung, ')') END FROM public.tbl_lehrverband WHERE studiengang_kz=v.studiengang_kz AND semester=v.semester AND verband=v.verband ORDER BY gruppe LIMIT 1)) AS name", false);
+		$this->StudiengangModel->addSelect("CASE WHEN MAX(gruppe)='' OR MAX(gruppe)=' ' THEN TRUE ELSE FALSE END AS leaf");
+
+		$this->StudiengangModel->addSelect('verband');
+		$this->StudiengangModel->addSelect($this->StudiengangModel->escape($studiengang_kz) . '::integer AS stg_kz', false);
+		
+		$this->StudiengangModel->addOrder('verband');
+
+		$this->StudiengangModel->addGroupBy('link, name, verband');
+		
+		$where = [
+			'v.studiengang_kz' => $studiengang_kz,
+			'v.semester' => $semester,
+			'v.verband !=' => '',
+			'v.aktiv' => true
+		];
+
+		if ($org_form !== null && $semester) // NOTE(chris): on semester 0 show all?
+			$where['v.orgform_kurzbz'] = $org_form;
+
+		$result = $this->StudiengangModel->loadWhere($where);
+		$result = $this->getDataOrTerminateWithError($result);
+
+		$list = array_merge($list, $result);
+
+		$this->terminateWithSuccess($list);
+	}
+
+	/**
+	 * @param integer		$studiengang_kz
+	 * @param integer		$semester
+	 * @param integer		$verband
+	 * @param string		$orgform
+	 *
+	 * @return void
+	 */
+	protected function getVerband($studiengang_kz, $semester, $verband, $org_form = null)
+	{
+		$link = $studiengang_kz . '/';
+		if ($org_form !== null)
+			$link .= $org_form . '/';
+		$link .= $semester . '/'. $verband . '/';
+
+
+		$this->StudiengangModel->addJoin('public.tbl_lehrverband v', 'studiengang_kz');
+		
+		$this->StudiengangModel->addDistinct();
+		$this->StudiengangModel->addSelect("CONCAT(" . $this->StudiengangModel->escape($link) . ", gruppe) AS link", false);
+		$this->StudiengangModel->addSelect("CONCAT(UPPER(CONCAT(typ, kurzbz)), '-', semester, verband, gruppe, (SELECT CASE WHEN bezeichnung IS NULL OR bezeichnung='' THEN ''::TEXT ELSE CONCAT(' (', bezeichnung, ')') END FROM public.tbl_lehrverband WHERE studiengang_kz=v.studiengang_kz AND semester=v.semester AND verband=v.verband AND gruppe=v.gruppe ORDER BY gruppe LIMIT 1)) AS name", false);
+		$this->StudiengangModel->addSelect("TRUE AS leaf", false);
+
+		$this->StudiengangModel->addSelect('gruppe');
+		$this->StudiengangModel->addSelect($this->StudiengangModel->escape($studiengang_kz) . '::integer AS stg_kz', false);
+		
+		$this->StudiengangModel->addOrder('gruppe');
+
+		$where = [
+			'v.studiengang_kz' => $studiengang_kz,
+			'v.semester' => $semester,
+			'v.verband' => $verband,
+			'v.gruppe !=' => '',
+			'v.aktiv' => true
+		];
+
+		if ($org_form !== null && $semester) // NOTE(chris): on semester 0 show all?
+			$where['v.orgform_kurzbz'] = $org_form;
+
+		$result = $this->StudiengangModel->loadWhere($where);
+
+		$list = $this->getDataOrTerminateWithError($result);
+
+		$this->terminateWithSuccess($list);
+	}
+
+	/**
+	 * @param string		$link
+	 * @param integer		$studiengang_kz
+	 *
+	 * @return array
+	 */
+	protected function getStdSem($link, $studiengang_kz)
+	{
+		$this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel');
+
+		$this->load->model('system/Variable_model', 'VariableModel');
+		$result = $this->VariableModel->getVariables(getAuthUID(), ['number_displayed_past_studiensemester']);
+		$data = $this->getDataOrTerminateWithError($result);
+		$number_displayed_past_studiensemester = $data['number_displayed_past_studiensemester'] ?? null;
+
+		$this->StudiensemesterModel->addPlusMinus(null, $number_displayed_past_studiensemester);
+		$this->StudiensemesterModel->addOrder('ende');
+		$result = $this->StudiensemesterModel->load();
+
+		$studiensemester = $this->getDataOrTerminateWithError($result);
+		$result = [];
+
+		$studiengang_kz = (int)$studiengang_kz;
+
+		foreach ($studiensemester as $sem) {
+			$semlink = $link . $sem->studiensemester_kurzbz;
+			$intlink = $semlink . '/interessenten';
+			$result[] = [
+				'name' => $sem->studiensemester_kurzbz,
+				'link' => $semlink,
+				'stg_kz' => $studiengang_kz,
+				'children' => [
+					[
+						'name' => 'Interessenten',
+						'link' => $intlink,
+						'stg_kz' => $studiengang_kz,
+						'children' => [
+							[
+								'name' => 'Bewerbung nicht abgeschickt',
+								'link' => $intlink . '/bewerbungnichtabgeschickt',
+								'stg_kz' => $studiengang_kz,
+								'leaf' => true
+							],
+							[
+								'name' => 'Bewerbung abgeschickt, Status unbestätigt',
+								'link' => $intlink . '/bewerbungabgeschickt',
+								'stg_kz' => $studiengang_kz,
+								'leaf' => true
+							],
+							[
+								'name' => 'ZGV erfüllt',
+								'link' => $intlink . '/zgv',
+								'stg_kz' => $studiengang_kz,
+								'leaf' => true
+							],
+							[
+								'name' => 'Status bestätigt',
+								'link' => $intlink . '/statusbestaetigt',
+								'stg_kz' => $studiengang_kz,
+								'children' => [
+									[
+										'name' => 'Nicht zum Reihungstest angemeldet',
+										'link' => $intlink . '/statusbestaetigtrtnichtangemeldet',
+										'leaf' => true
+									],
+									[
+										'name' => 'Reihungstest angemeldet',
+										'link' => $intlink . '/statusbestaetigtrtangemeldet',
+										'leaf' => true
+									]
+								]
+							],
+							[
+								'name' => 'Nicht zum Reihungstest angemeldet',
+								'link' => $intlink . '/reihungstestnichtangemeldet',
+								'stg_kz' => $studiengang_kz,
+								'leaf' => true
+							],
+							[
+								'name' => 'Reihungstest angemeldet',
+								'link' => $intlink . '/reihungstestangemeldet',
+								'stg_kz' => $studiengang_kz,
+								'leaf' => true
+							]
+						]
+					],
+					[
+						'name' => 'Bewerber',
+						'link' => $semlink . '/bewerber',
+						'stg_kz' => $studiengang_kz,
+						'children' => [
+							[
+								'name' => 'Nicht zum Reihungstest angemeldet',
+								'link' => $intlink . '/bewerberrtnichtangemeldet',
+								'stg_kz' => $studiengang_kz,
+								'leaf' => true
+							],
+							[
+								'name' => 'Reihungstest angemeldet',
+								'link' => $intlink . '/bewerberrtangemeldet',
+								'stg_kz' => $studiengang_kz,
+								'children' => [
+									[
+										'name' => 'Teilgenommen',
+										'link' => $intlink . '/bewerberrtangemeldetteilgenommen',
+										'stg_kz' => $studiengang_kz,
+										'leaf' => true
+									],
+									[
+										'name' => 'Nicht teilgenommen',
+										'link' => $intlink . '/bewerberrtangemeldetnichtteilgenommen',
+										'stg_kz' => $studiengang_kz,
+										'leaf' => true
+									]
+								]
+							]
+						]
+					],
+					[
+						'name' => 'Aufgenommen',
+						'link' => $semlink . '/aufgenommen',
+						'stg_kz' => $studiengang_kz,
+						'leaf' => true
+					],
+					[
+						'name' => 'Warteliste',
+						'link' => $semlink . '/warteliste',
+						'stg_kz' => $studiengang_kz,
+						'leaf' => true
+					],
+					[
+						'name' => 'Absage',
+						'link' => $semlink . '/absage',
+						'stg_kz' => $studiengang_kz,
+						'leaf' => true
+					],
+					[
+						'name' => 'Incoming',
+						'link' => $semlink . '/incoming',
+						'stg_kz' => $studiengang_kz,
+						'leaf' => true
+					]
+				]
+			];
+		}
+
+		return $result;
+	}
+}

application/controllers/api/v1/person/Person.php

@@ -264,4 +264,4 @@ class Person extends API_Controller
 
 		return success('Input data are valid');
 	}
-}
+}

application/controllers/codex/Bismeldestichtag.php

@@ -0,0 +1,140 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * Overview on Bismeldestichtage
+ */
+class Bismeldestichtag extends Auth_Controller
+{
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct(
+			array(
+				'index' => 'admin:r',
+				'getStudiensemester' => 'admin:r',
+				'getBismeldestichtage' => 'admin:r',
+				'addBismeldestichtag' => 'admin:rw',
+				'deleteBismeldestichtag' => 'admin:rw'
+			)
+		);
+
+		// Load models
+		$this->load->model('codex/Bismeldestichtag_model', 'BismeldestichtagModel');
+		$this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel');
+
+		// Loads phrases system
+		$this->loadPhrases(
+			array(
+				'bismeldestichtag'
+			)
+		);
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Everything has a beginning
+	 */
+	public function index()
+	{
+		$this->load->view('codex/bismeldestichtag.php');
+	}
+
+	public function getStudiensemester()
+	{
+		// load semester list
+		$semList = array();
+		$this->StudiensemesterModel->addSelect('studiensemester_kurzbz');
+		$this->StudiensemesterModel->addOrder('start', 'DESC');
+		$semRes = $this->StudiensemesterModel->load();
+
+		if (hasData($semRes))
+		{
+			$semList = getData($semRes);
+		}
+
+		// load current semester
+		$currSem = null;
+		$semRes = $this->StudiensemesterModel->getAkt();
+
+		if (hasData($semRes))
+		{
+			$currSem = getData($semRes)[0]->studiensemester_kurzbz;
+		}
+
+		// output data
+		$this->outputJsonSuccess(
+			array('semList' => $semList, 'currSem' => $currSem)
+		);
+	}
+
+	public function getBismeldestichtage()
+	{
+		$this->BismeldestichtagModel->addSelect(
+			'meldestichtag_id, meldestichtag,
+			tbl_bismeldestichtag.studiensemester_kurzbz, sem.start AS semester_start,
+			tbl_bismeldestichtag.insertamum, tbl_bismeldestichtag.insertvon, tbl_bismeldestichtag.updateamum, tbl_bismeldestichtag.updatevon'
+		);
+		$this->BismeldestichtagModel->addJoin('public.tbl_studiensemester sem', 'studiensemester_kurzbz', 'LEFT');
+		$this->BismeldestichtagModel->addOrder('semester_start');
+		$this->BismeldestichtagModel->addOrder('meldestichtag', 'DESC');
+		$this->BismeldestichtagModel->addOrder('meldestichtag_id', 'DESC');
+		$this->outputJson($this->BismeldestichtagModel->load());
+	}
+
+	public function addBismeldestichtag()
+	{
+		// get request data
+		$request = $this->getPostJSON();
+
+		// check request data
+		if (!property_exists($request, 'meldestichtag') || isEmptyString($request->meldestichtag))
+			$this->terminateWithJsonError('Error occured: Meldestichtag missing');
+		if (!property_exists($request, 'studiensemester_kurzbz') || isEmptyString($request->studiensemester_kurzbz))
+			$this->terminateWithJsonError('Error occured: Studiensemester missing');
+
+		$meldestichtag = $request->meldestichtag;
+		$studiensemester_kurzbz = $request->studiensemester_kurzbz;
+
+		// check if Bismeldestichtag already exists
+		$this->BismeldestichtagModel->addSelect('1');
+		$bismeldestichtagRes = $this->BismeldestichtagModel->loadWhere(
+			array('meldestichtag' => $meldestichtag, 'studiensemester_kurzbz' => $studiensemester_kurzbz)
+		);
+
+		// return success if already exists
+		if (hasData($bismeldestichtagRes))
+			$this->outputJsonSuccess('Bismeldestichtag already exists');
+		else
+		{
+			// insert new if Stichtag does not exist
+			$this->outputJson($this->BismeldestichtagModel->insert(
+				array(
+					'meldestichtag' => $request->meldestichtag,
+					'studiensemester_kurzbz' => $request->studiensemester_kurzbz,
+					'insertvon' => getAuthUID()
+				)
+			));
+		}
+	}
+
+	public function deleteBismeldestichtag()
+	{
+		// get request data
+		$request = $this->getPostJSON();
+
+		// check request data
+		if (!property_exists($request, 'meldestichtag_id'))
+			$this->terminateWithJsonError('Error occured: Meldestichtag Id missing');
+
+		$meldestichtag_id = $request->meldestichtag_id;
+
+		// deletetion
+		$this->outputJson($this->BismeldestichtagModel->delete($meldestichtag_id));
+	}
+}

application/controllers/codex/UHSTAT1.php

@@ -5,8 +5,12 @@ if (! defined("BASEPATH")) exit("No direct script access allowed");
 class UHSTAT1 extends FHC_Controller
 {
 	const BERECHTIGUNG_UHSTAT_VERWALTEN = 'student/uhstat1daten_verwalten';
+	const LOGIN_SESSION_INDEX = 'bewerbung/user';
 	const PERSON_ID_SESSION_INDEX = 'bewerbung/personId';
 	const CODEX_OESTERREICH = 'A';
+	const CODEX_UNKNOWN_YEAR = 9999;
+	const CODEX_UNKNOWN_NATION = 'XXX';
+	const CODEX_UNKNOWN_BILDUNGMAX = 999;
 	const LOWER_BOUNDARY_YEARS = 160;
 	const UPPER_BOUNDARY_YEARS = 20;
 
@@ -210,7 +214,9 @@ class UHSTAT1 extends FHC_Controller
 		else
 			return true;
 
-		if (!isset($bildungsstaat)) return true;
+		// if no Bildungsstaat or Bildungmax unknown - valid
+		if (!isset($bildungsstaat) || $bildungmax == self::CODEX_UNKNOWN_BILDUNGMAX) return true;
+
 
 		// find out if abschluss is in Austria
 		$this->AbschlussModel->addSelect("in_oesterreich");
@@ -219,8 +225,11 @@ class UHSTAT1 extends FHC_Controller
 		if (hasData($abschlussRes))
 		{
 			$in_oesterreich = getData($abschlussRes)[0]->in_oesterreich;
-			// invalid if abschluss in Austria, but not Bildungsstaat, or abschluss not in Austria, but Bildungsstaat in Austria
-			return ($in_oesterreich && $bildungsstaat == self::CODEX_OESTERREICH) || (!$in_oesterreich && $bildungsstaat != self::CODEX_OESTERREICH);
+
+			// valid if Bildungsstaat and Abschluss in Austria, or Bildungsstaat and Abschluss not in Austria
+			// (or Abschluss not in Austria and Bildungsstaat unknown)
+			return ($in_oesterreich && $bildungsstaat == self::CODEX_OESTERREICH)
+				|| (!$in_oesterreich && ($bildungsstaat != self::CODEX_OESTERREICH || $bildungsstaat == self::CODEX_UNKNOWN_NATION));
 		}
 
 		return false;
@@ -363,7 +372,11 @@ class UHSTAT1 extends FHC_Controller
 
 		// get realistic birth years, dated back from current year
 		$currYear = date("Y");
-		$formMetaData['jahre'] = range($currYear - self::UPPER_BOUNDARY_YEARS, $currYear - self::LOWER_BOUNDARY_YEARS);
+		$yearRange = range($currYear - self::UPPER_BOUNDARY_YEARS, $currYear - self::LOWER_BOUNDARY_YEARS);
+		$formMetaData['jahre'] = array_combine($yearRange, $yearRange);
+
+		// add "unknown" option
+		$formMetaData['jahre'][self::CODEX_UNKNOWN_YEAR] = 'unbekannt';
 
 		return success($formMetaData);
 	}
@@ -411,7 +424,10 @@ class UHSTAT1 extends FHC_Controller
 	private function _getValidPersonId($berechtigungsArt)
 	{
 		// if coming from bewerbungstool - person id is in session (person must be logged in bewerbungstool)
-		if (isset($_SESSION[self::PERSON_ID_SESSION_INDEX]) && is_numeric($_SESSION[self::PERSON_ID_SESSION_INDEX]))
+		if (isset($_SESSION[self::PERSON_ID_SESSION_INDEX])
+			&& is_numeric($_SESSION[self::PERSON_ID_SESSION_INDEX])
+			&& isset($_SESSION[self::LOGIN_SESSION_INDEX])
+		)
 			return $_SESSION[self::PERSON_ID_SESSION_INDEX];
 
 		// if person id passed directly...

application/controllers/components/Antrag/Abmeldung.php

@@ -1,218 +0,0 @@
-<?php
-
-if (! defined('BASEPATH')) exit('No direct script access allowed');
-
-use \Studierendenantrag_model as Studierendenantrag_model;
-
-/**
- *
- */
-class Abmeldung extends FHC_Controller
-{
-
-	/**
-	 * Calls the parent's constructor and loads the FilterCmptLib
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-
-		// Libraries
-		$this->load->library('AuthLib');
-		$this->load->library('AntragLib');
-
-		// Load language phrases
-		$this->loadPhrases([
-			'studierendenantrag'
-		]);
-	}
-
-	//------------------------------------------------------------------------------------------------------------------
-	// Public methods
-
-	/**
-	 * Retrieves data of the current studiengang for the current user
-	 */
-
-	public function getDetailsForNewAntrag($prestudent_id)
-	{
-		if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, true)) {
-			$this->output->set_status_header(403);
-			return $this->outputJsonError('Forbidden');
-		}
-		$result = $this->antraglib->getPrestudentAbmeldeBerechtigt($prestudent_id);
-		if (isError($result)) {
-			$this->output->set_status_header(500);
-			return $this->outputJsonError(getError($result));
-		}
-		$result = $result->retval;
-		if (!$result) {
-			$this->output->set_status_header(403);
-			return $this->outputJsonError($this->p->t('studierendenantrag', 'error_no_student'));
-		}
-		elseif ($result == -3)
-		{
-			$this->output->set_status_header(403);
-			return $this->outputJsonError($this->p->t('studierendenantrag', 'error_stg_blacklist'));
-		}
-		elseif ($result == -1)
-		{
-			$result = $this->antraglib->getDetailsForLastAntrag(
-                $prestudent_id,
-                [
-                    Studierendenantrag_model::TYP_ABMELDUNG,
-                    Studierendenantrag_model::TYP_ABMELDUNG_STGL
-                ]
-            );
-			if (isError($result)) {
-				return $this->outputJsonError(getError($result));
-			}
-
-			$data = getData($result);
-			
-			$data->canCancel = (
-				$data->status == Studierendenantragstatus_model::STATUS_CREATED &&
-				$this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id)
-			);
-
-			return $this->outputJsonSuccess($data);
-		}
-
-		$result = $this->antraglib->getDetailsForNewAntrag($prestudent_id);
-		if (isError($result)) {
-			return $this->outputJsonError(getError($result));
-		}
-
-		$this->outputJsonSuccess(getData($result));
-	}
-
-	public function getDetailsForAntrag($studierendenantrag_id)
-	{
-		if (!$this->antraglib->isEntitledToShowAntrag($studierendenantrag_id))	return show_404();
-
-		$result = $this->antraglib->getDetailsForAntrag($studierendenantrag_id);
-		if (isError($result)) {
-			return $this->outputJsonError(getError($result));
-		}
-
-		$data = getData($result);
-
-		if ($data->typ !== Studierendenantrag_model::TYP_ABMELDUNG_STGL && $data->typ !== Studierendenantrag_model::TYP_ABMELDUNG)
-			return show_404();
-
-		$data->canCancel = (
-			$data->status == Studierendenantragstatus_model::STATUS_CREATED &&
-			$this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id)
-		);
-
-		$this->outputJsonSuccess($data);
-	}
-
-	public function createAntrag()
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules('studiensemester', 'Studiensemester', 'required');
-		$this->form_validation->set_rules('prestudent_id', 'Prestudent ID', 'required');
-		$this->form_validation->set_rules('grund', 'Grund', 'required');
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$grund = $this->input->post('grund');
-		$studiensemester = $this->input->post('studiensemester');
-		$prestudent_id = $this->input->post('prestudent_id');
-
-		$result = $this->antraglib->getPrestudentAbmeldeBerechtigt($prestudent_id);
-		if (isError($result)) {
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
-		$result = $result->retval;
-		if (!$result)
-		{
-			return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_no_student')]);
-		}
-		elseif ($result == -3)
-		{
-			return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_stg_blacklist')]);
-		}
-		elseif ($result < 0)
-		{
-			return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_antrag_exists')]);
-		}
-
-		$result = $this->antraglib->createAbmeldung($prestudent_id, $studiensemester, getAuthUID(), $grund);
-		if (isError($result))
-		{
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
-
-		$result = $this->antraglib->getDetailsForAntrag(getData($result));
-		if (!hasData($result))
-		return $this->outputJsonSuccess(true);
-
-		$data = getData($result);
-		$data->canCancel = (boolean)$this->antraglib->isEntitledToCancelAntrag($data->studierendenantrag_id);
-
-		$this->outputJsonSuccess($data);
-	}
-
-	public function cancelAntrag()
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules('antrag_id', 'Antrag ID', 'required');
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$antrag_id = $this->input->post('antrag_id');
-		if(!$this->antraglib->isEntitledToCancelAntrag($antrag_id))
-		{
-			$this->output->set_status_header(403);
-
-			return $this->outputJsonError('Forbidden');
-		}
-
-		$result = $this->antraglib->cancelAntrag($antrag_id, getAuthUID());
-		if(isError($result))
-		{
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
-
-		$result = $this->antraglib->getDetailsForAntrag($antrag_id);
-
-		if (!hasData($result))
-			return $this->outputJsonSuccess($antrag_id);
-		$this->outputJsonSuccess(getData($result));
-	}
-
-	public function getStudiengaengeAssistenz()
-	{
-		$this->load->library('PermissionLib');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-		$query = $this->input->post('query');
-
-		$studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag');
-
-		$result = $this->antraglib->getAktivePrestudentenInStgs($studiengaenge, $query);
-		if (isError($result)) {
-			return $this->outputJsonError(getError($result));
-		}
-		$result = getData($result);
-		if (!$result) {
-			return $this->outputJsonSuccess([]);
-		}
-
-		return $this->outputJsonSuccess($result);
-	}
-}

application/controllers/components/Antrag/Leitung.php

@@ -1,413 +0,0 @@
-<?php
-
-if (! defined('BASEPATH')) exit('No direct script access allowed');
-
-use \stdClass as stdClass;
-
-/**
- *
- */
-class Leitung extends FHC_Controller
-{
-
-	/**
-	 * Calls the parent's constructor and loads the FilterCmptLib
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-
-		// Libraries
-		$this->load->library('AuthLib');
-		$this->load->library('AntragLib');
-
-		// Load language phrases
-		$this->loadPhrases([
-			'studierendenantrag'
-		]);
-	}
-
-
-	//------------------------------------------------------------------------------------------------------------------
-	// Public methods
-
-	public function getActiveStgs()
-	{
-		$studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/antragfreigabe');
-		$stgsNeuanlage = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag');
-
-		$stgs = [];
-
-		if ($studiengaenge) {
-			$result = $this->StudierendenantragModel->loadForStudiengaenge($studiengaenge);
-
-			if (isError($result))
-				return $this->outputJson($result);
-			$antraege = getData($result) ?: [];
-
-			foreach ($antraege as $antrag) {
-				if (!isset($stgs[$antrag->studiengang_kz])) {
-					$stgs[$antrag->studiengang_kz] = new stdClass();
-					$stgs[$antrag->studiengang_kz]->bezeichnung = $antrag->bezeichnung;
-					$stgs[$antrag->studiengang_kz]->orgform = $antrag->orgform;
-					$stgs[$antrag->studiengang_kz]->studiengang_kz = $antrag->studiengang_kz;
-				}
-			}
-		}
-
-		if ($stgsNeuanlage) {
-			$result = $this->StudierendenantragModel->loadForStudiengaenge($stgsNeuanlage);
-
-			if (isError($result))
-				return $this->outputJson($result);
-			$antraege = getData($result) ?: [];
-
-			foreach ($antraege as $antrag) {
-				if (!isset($stgs[$antrag->studiengang_kz])) {
-					$stgs[$antrag->studiengang_kz] = new stdClass();
-					$stgs[$antrag->studiengang_kz]->bezeichnung = $antrag->bezeichnung;
-					$stgs[$antrag->studiengang_kz]->orgform = $antrag->orgform;
-					$stgs[$antrag->studiengang_kz]->studiengang_kz = $antrag->studiengang_kz;
-				}
-			}
-		}
-
-		$this->outputJsonSuccess($stgs);
-	}
-
-	public function getAntraege($studiengang = null)
-	{
-
-		if($studiengang)
-			$studiengaenge = [$studiengang];
-		else {
-			$studiengaenge =$this->permissionlib->getSTG_isEntitledFor('student/antragfreigabe');
-			if(!is_array($studiengaenge))
-				$studiengaenge = [];
-
-
-			$stgsNeuanlage = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag');
-			if(!is_array($stgsNeuanlage))
-				$stgsNeuanlage = [];
-
-			$studiengaenge = array_unique(array_merge($studiengaenge, $stgsNeuanlage));
-		}
-
-
-		$antraege = [];
-		if ($studiengaenge) {
-			$result = $this->StudierendenantragModel->loadForStudiengaenge($studiengaenge);
-			if (isError($result)) {
-				$this->output->set_status_header(500);
-				return $this->outputJson('Internal Server Error');
-			}
-			if(hasData($result))
-			{
-			    $antraege = getData($result);
-			}
-		}
-
-		$this->outputJson($antraege);
-	}
-
-	public function reopenAntrag()
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules(
-			'studierendenantrag_id',
-			'Studierenden Antrag',
-			'required|callback_isEntitledToReopenAntrag',
-			[
-				'isEntitledToReopenAntrag' => $this->p->t('studierendenantrag', 'error_no_right')
-			]
-		);
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
-
-		$result = $this->antraglib->reopenWiederholung($studierendenantrag_id, getAuthUID());
-
-		if (isError($result))
-			return $this->outputJsonError(['studierendenantrag_id' => getError($result)]);
-
-		$this->outputJsonSuccess($studierendenantrag_id);
-	}
-
-	public function objectAntrag()
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules(
-			'studierendenantrag_id',
-			'Studierenden Antrag',
-			'required|callback_isEntitledToObjectAntrag|callback_canBeObjected',
-			[
-				'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'),
-				'canBeObjected' => $this->p->t('studierendenantrag', 'error_no_objection')
-			]
-		);
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
-
-		$result = $this->antraglib->objectAbmeldung($studierendenantrag_id, getAuthUID());
-
-		if (isError($result))
-			return $this->outputJsonError(['studierendenantrag_id' => getError($result)]);
-
-		$this->outputJsonSuccess($studierendenantrag_id);
-	}
-
-	public function objectionDeny()
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules(
-			'studierendenantrag_id',
-			'Studierenden Antrag',
-			'required|callback_isEntitledToObjectAntrag|callback_isObjected',
-			[
-				'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'),
-				'isObjected' => $this->p->t('studierendenantrag', 'error_not_objected')
-			]
-		);
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
-		$grund = $this->input->post('grund');
-
-		$result = $this->antraglib->denyObjectionAbmeldung($studierendenantrag_id, getAuthUID(), $grund);
-
-		if (isError($result))
-			return $this->outputJsonError(['studierendenantrag_id' => getError($result)]);
-
-		$this->outputJsonSuccess($studierendenantrag_id);
-	}
-
-	public function objectionApprove()
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules(
-			'studierendenantrag_id',
-			'Studierenden Antrag',
-			'required|callback_isEntitledToObjectAntrag|callback_isObjected',
-			[
-				'isEntitledToObjectAntrag' => $this->p->t('studierendenantrag', 'error_no_right'),
-				'isObjected' => $this->p->t('studierendenantrag', 'error_not_objected')
-			]
-		);
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
-
-		$result = $this->antraglib->cancelAntrag($studierendenantrag_id, getAuthUID());
-
-		if (isError($result))
-			return $this->outputJsonError(['studierendenantrag_id' => getError($result)]);
-
-		$this->outputJsonSuccess($studierendenantrag_id);
-	}
-
-	public function isEntitledToReopenAntrag($studierendenantrag_id)
-	{
-		return $this->antraglib->isEntitledToReopenAntrag($studierendenantrag_id);
-	}
-
-	public function isEntitledToObjectAntrag($studierendenantrag_id)
-	{
-		return $this->antraglib->isEntitledToObjectAntrag($studierendenantrag_id);
-	}
-
-	public function isEntitledToRejectAntrag($studierendenantrag_id)
-	{
-		return $this->antraglib->isEntitledToRejectAntrag($studierendenantrag_id);
-	}
-
-	public function canBeObjected($studierendenantrag_id)
-	{
-		return $this->antraglib->hasType($studierendenantrag_id, Studierendenantrag_model::TYP_ABMELDUNG_STGL);
-	}
-
-	public function isObjected($studierendenantrag_id)
-	{
-		return $this->antraglib->hasStatus($studierendenantrag_id, Studierendenantragstatus_model::STATUS_OBJECTED);
-	}
-
-
-	public function approveAbmeldung()
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules(
-			'studierendenantrag_id',
-			'Studierenden Antrag',
-			'required|callback_isEntitledToApproveAntrag',
-			[
-				'isEntitledToApproveAntrag' => $this->p->t('studierendenantrag', 'error_no_right')
-			]
-		);
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
-
-		$result = $this->antraglib->approveAbmeldung([$studierendenantrag_id], getAuthUID());
-		if (isError($result))
-		{
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
-
-		return $this->outputJsonSuccess($studierendenantrag_id);
-	}
-
-	public function approveAbmeldungStgl()
-	{
-		return $this->approveAbmeldung();
-	}
-
-	public function approveUnterbrechung()
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules(
-			'studierendenantrag_id',
-			'Studierenden Antrag',
-			'required|callback_isEntitledToApproveAntrag',
-			[
-				'isEntitledToApproveAntrag' => $this->p->t('studierendenantrag', 'error_no_right')
-			]
-		);
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
-
-		$result = $this->antraglib->approveUnterbrechung([$studierendenantrag_id], getAuthUID());
-		if (isError($result))
-		{
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
-
-		return $this->outputJsonSuccess($studierendenantrag_id);
-	}
-
-	public function rejectUnterbrechung()
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules(
-			'studierendenantrag_id',
-			'Studierenden Antrag',
-			'required|callback_isEntitledToRejectAntrag',
-			[
-				'isEntitledToRejectAntrag' => $this->p->t('studierendenantrag', 'error_no_right')
-			]
-		);
-		$this->form_validation->set_rules('grund', 'Grund', 'required');
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
-		$grund = $this->input->post('grund');
-
-		$result = $this->antraglib->rejectUnterbrechung([$studierendenantrag_id], getAuthUID(), $grund);
-		if (isError($result))
-		{
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
-
-		return $this->outputJsonSuccess($studierendenantrag_id);
-	}
-
-	public function approveWiederholung()
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules(
-			'studierendenantrag_id',
-			'Studierenden Antrag',
-			'required|callback_isEntitledToApproveAntrag',
-			[
-				'isEntitledToApproveAntrag' => $this->p->t('studierendenantrag', 'error_no_right')
-			]
-		);
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$studierendenantrag_id = $this->input->post('studierendenantrag_id');
-
-		$result = $this->antraglib->approveWiederholung($studierendenantrag_id, getAuthUID());
-		if (isError($result))
-		{
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
-
-		return $this->outputJsonSuccess($studierendenantrag_id);
-	}
-
-	public function isEntitledToApproveAntrag($studierendenantrag_id)
-	{
-		return $this->antraglib->isEntitledToApproveAntrag($studierendenantrag_id);
-	}
-
-	public function getHistory($studierendenantrag_id)
-	{
-		if (!$this->antraglib->isEntitledToSeeHistoryForAntrag($studierendenantrag_id)) {
-			$this->output->set_status_header(403);
-			return $this->outputJson('Forbidden');
-		}
-
-		$result = $this->antraglib->getAntragHistory($studierendenantrag_id);
-		if (isError($result)) {
-			return $this->outputJsonError(getError($result));
-		}
-
-		$this->outputJsonSuccess(getData($result) ?: []);
-	}
-}

application/controllers/components/Antrag/Wiederholung.php

@@ -1,372 +0,0 @@
-<?php
-
-if (! defined('BASEPATH')) exit('No direct script access allowed');
-
-use \REST_Controller as REST_Controller;
-
-/**
- *
- */
-class Wiederholung extends FHC_Controller
-{
-
-	/**
-	 * Calls the parent's constructor and loads the FilterCmptLib
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-
-		// Configs
-		$this->load->config('studierendenantrag');
-
-		// Libraries
-		$this->load->library('AuthLib');
-		$this->load->library('PermissionLib');
-		$this->load->library('AntragLib');
-
-		$requiredPermissions = [
-			'saveLvs' => ['student/studierendenantrag:w'],
-			'getLvsAsRdf' => ['student/studierendenantrag:r', 'student/noten:r'],
-			'moveLvsToZeugnis' => ['student/studierendenantrag:w', 'student/noten:w']
-		];
-
-		if (isset($requiredPermissions[$this->router->method])) {
-			if (!$this->permissionlib->isEntitled($requiredPermissions, $this->router->method)) {
-				$this->output->set_status_header(REST_Controller::HTTP_FORBIDDEN);
-				$this->outputJson('Forbidden');
-				exit;
-			}
-		}
-
-		// Load language phrases
-		$this->loadPhrases([
-			'global',
-			'studierendenantrag'
-		]);
-	}
-
-
-	//------------------------------------------------------------------------------------------------------------------
-	// Public methods
-
-	/**
-	 * Retrieves data of the current studiengang for the current user
-	 */
-
-	public function getDetailsForNewAntrag($prestudent_id)
-	{
-		if (!$this->antraglib->isEntitledToCreateAntragFor($prestudent_id, false)) {
-			$this->output->set_status_header(REST_Controller::HTTP_FORBIDDEN);
-			return $this->outputJsonError('Forbidden');
-		}
-		$result = $this->antraglib->getPrestudentWiederholungsBerechtigt($prestudent_id);
-		if (isError($result)) {
-			$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
-			return $this->outputJsonError(getError($result));
-		}
-		$result = $result->retval;
-		if (!$result) {
-			$this->output->set_status_header(REST_Controller::HTTP_FORBIDDEN);
-			return $this->outputJsonError($this->p->t('studierendenantrag', 'error_no_student_no_failed_exam'));
-		}
-		elseif ($result == -1)
-		{
-			$result = $this->antraglib->getDetailsForLastAntrag($prestudent_id, Studierendenantrag_model::TYP_WIEDERHOLUNG);
-			if (isError($result)) {
-				return $this->outputJsonError(getError($result));
-			}
-
-			$data = getData($result);
-
-			$result = $this->antraglib->getFailedExamForPrestudent($prestudent_id);
-			// NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt()
-			$pruefungsdata = current(getData($result));
-
-			$data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz;
-			$data->lvbezeichnung = $pruefungsdata->lvbezeichnung;
-			$data->pruefungsdatum = $pruefungsdata->datum;
-
-			return $this->outputJsonSuccess($data);
-		}
-		elseif ($result == -2)
-		{
-			$result = $this->antraglib->getDetailsForLastAntrag($prestudent_id);
-			if (isError($result)) {
-				return $this->outputJsonError(getError($result));
-			}
-
-			$result = getData($result);
-			$this->output->set_status_header(REST_Controller::HTTP_BAD_REQUEST);
-			return $this->outputJsonError($this->p->t('studierendenantrag', 'error_antrag_pending', [
-                'typ' => $this->p->t('studierendenantrag', 'antrag_typ_' . $result->typ)
-            ]));
-		}
-		elseif ($result == -3)
-		{
-			$this->output->set_status_header(REST_Controller::HTTP_BAD_REQUEST);
-			return $this->outputJsonError($this->p->t('studierendenantrag', 'error_stg_blacklist'));
-		}
-
-		$result = $this->antraglib->getDetailsForNewAntrag($prestudent_id);
-		if (isError($result)) {
-			return $this->outputJsonError(getError($result));
-		}
-
-		$data = getData($result);
-
-		$result = $this->antraglib->getFailedExamForPrestudent($prestudent_id);
-		// NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt()
-		$pruefungsdata = current(getData($result));
-
-		$data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz;
-		$data->lvbezeichnung = $pruefungsdata->lvbezeichnung;
-		$data->pruefungsdatum = $pruefungsdata->datum;
-
-		$this->outputJsonSuccess($data);
-	}
-
-	public function createAntrag()
-	{
-		$this->createAntragWithStatus(true);
-	}
-
-	public function cancelAntrag()
-	{
-		$this->createAntragWithStatus(false);
-	}
-
-	protected function createAntragWithStatus($repeat)
-	{
-		$this->load->library('form_validation');
-
-		$_POST = json_decode($this->input->raw_input_stream, true);
-
-		$this->form_validation->set_rules('prestudent_id', 'Prestudent ID', 'required');
-		$this->form_validation->set_rules('studiensemester', 'Studiensemester', 'required');
-
-		if ($this->form_validation->run() == false)
-		{
-			return $this->outputJsonError($this->form_validation->error_array());
-		}
-
-		$prestudent_id = $this->input->post('prestudent_id');
-		$studiensemester = $this->input->post('studiensemester');
-
-		$result = $this->antraglib->getPrestudentWiederholungsBerechtigt($prestudent_id);
-		if (isError($result)) {
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
-		$result = $result->retval;
-		if (!$result)
-		{
-			return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_no_student')]);
-		}
-		elseif ($result == -2)
-		{
-			return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_antrag_exists')]);
-		}
-		elseif ($result == -3)
-		{
-			return $this->outputJsonError(['db' => $this->p->t('studierendenantrag', 'error_stg_blacklist')]);
-		}
-
-		$result = $this->antraglib->createWiederholung($prestudent_id, $studiensemester, getAuthUID(), $repeat);
-		if(isError($result))
-		{
-			return $this->outputJsonError(['db' => getError($result)]);
-		}
-
-		$antragId = getData($result);
-		$result = $this->antraglib->getDetailsForAntrag($antragId);
-
-		if(!hasData($result))
-			return $this->outputJsonSuccess(true);
-
-		$data = getData($result);
-
-		$result = $this->antraglib->getFailedExamForPrestudent($prestudent_id);
-		// NOTE(chris): error handling for this function should already happenden in antraglib->getPrestudentWiederholungsBerechtigt()
-		$pruefungsdata = current(getData($result));
-
-		$data->studiensemester_kurzbz = $pruefungsdata->studiensemester_kurzbz;
-		$data->lvbezeichnung = $pruefungsdata->lvbezeichnung;
-		$data->pruefungsdatum = $pruefungsdata->datum;
-
-		$this->outputJsonSuccess($data);
-	}
-
-
-	public function getLvs($antrag_id)
-	{
-		$result = $this->antraglib->getLvsForAntrag($antrag_id);
-		if (isError($result)) {
-			$error = getError($result);
-			if ($error == 'Forbidden')
-				$this->output->set_status_header(REST_Controller::HTTP_FORBIDDEN);
-			return $this->outputJsonError(getError($result));
-		}
-		$lvs = getData($result);
-
-		$this->outputJsonSuccess($lvs);
-	}
-
-	public function saveLvs()
-	{
-		$result = $this->getPostJSON();
-		$antragsLvs = array_merge($result->forbiddenLvs, $result->mandatoryLvs);
-
-		$insert = array_map(function ($lv) {
-			return [
-				'studierendenantrag_id' => $lv->studierendenantrag_id,
-				'lehrveranstaltung_id' => $lv->lehrveranstaltung_id,
-				'note' => $lv->zugelassen
-                    ? ($lv->zugelassen == 1 ? 0 : $this->config->item('wiederholung_note_angerechnet'))
-                    : $this->config->item('wiederholung_note_nicht_zugelassen'),
-				'anmerkung' => $lv->anmerkung,
-				'insertvon' => getAuthUID(),
-				'studiensemester_kurzbz' => $lv->studiensemester_kurzbz
-			];
-		}, $antragsLvs);
-
-		$antrag_ids = array_unique(array_map(function ($lv) {
-			return $lv['studierendenantrag_id'];
-		}, $insert));
-
-		foreach ($antrag_ids as $antrag_id) {
-			$result = $this->StudierendenantragModel->loadIdAndStatusWhere([
-				'studierendenantrag_id' => $antrag_id
-			]);
-			if (isError($result))
-				return $this->outputJsonError(getError($result));
-			if (!hasData($result))
-				return $this->outputJsonError($this->p->t('studierendenantrag', 'error_no_antrag_found', ['id' => $antrag_id]));
-			$antrag = current(getData($result));
-			if ($antrag->status != Studierendenantragstatus_model::STATUS_CREATED && $antrag->status != Studierendenantragstatus_model::STATUS_LVSASSIGNED)
-				return $this->outputJsonError($this->p->t('studierendenantrag', 'error_antrag_locked'));
-		}
-
-		if(!$antragsLvs)
-			return $this->outputJsonError($this->p->t('studierendenantrag', 'error_no_lv'));
-
-		$result = $this->antraglib->saveLvs($insert);
-
-		if (isError($result))
-			return $this->outputJsonError(getError($result));
-
-		$this->outputJsonSuccess(getData($result));
-	}
-
-	public function getLvsAsRdf($prestudent_id)
-	{
-		// header für no cache
-		$this->output->set_header("Cache-Control: no-cache");
-		$this->output->set_header("Cache-Control: post-check=0, pre-check=0", false);
-		$this->output->set_header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
-		$this->output->set_header("Pragma: no-cache");
-		$this->output->set_header("Content-type: application/xhtml+xml");
-
-		$this->load->library('VariableLib', ['uid' => getAuthUID()]);
-		$sem_akt = $this->variablelib->getVar('semester_aktuell');
-
-
-		$result = $this->antraglib->getLvsForPrestudent($prestudent_id, $sem_akt);
-		if (isError($result)) {
-			return $this->outputJsonError(getError($result));
-		}
-
-		$lvs = getData($result) ?: [];
-		$rdf_url = 'http://www.technikum-wien.at/antragnote';
-
-		$this->load->view('lehre/Antrag/Wiederholung/getLvs.rdf.php', [
-			'url' => $rdf_url,
-			'lvs' => $lvs
-		]);
-	}
-
-	public function moveLvsToZeugnis()
-	{
-		$anzahl = $this->input->post('anzahl');
-		$student_uid = $this->input->post('student_uid');
-		$this->load->model('education/Studierendenantraglehrveranstaltung_model', 'StudierendenantraglehrveranstaltungModel');
-		$this->load->model('education/Zeugnisnote_model', 'ZeugnisnoteModel');
-
-		$errormsg = array();
-
-		for($i=0; $i<$anzahl; $i++)
-		{
-			$id = $this->input->post('studierendenantrag_lehrveranstaltung_id_' . $i);
-			$result =$this->StudierendenantraglehrveranstaltungModel->load($id);
-			if(isError($result))
-			{
-				$errormsg[] = getError($result);
-			}
-			elseif(!hasData($result))
-			{
-				$errormsg[] = $this->p->t('studierendenantrag', 'error_no_lv_in_application');
-			}
-			else
-			{
-				$antragLv = getData($result)[0];
-				$result= $this->ZeugnisnoteModel->load([
-					'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id,
-					'student_uid'=> $student_uid,
-					'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz
-				]);
-				if(isError($result))
-				{
-					$errormsg[] = getError($result);
-				}
-				else
-				{
-					if (hasData($result))
-					{
-						$result = $this->ZeugnisnoteModel->update(
-							[
-								'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id,
-								'student_uid'=> $student_uid,
-								'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz
-							],
-							[
-								'note'=> $antragLv->note,
-								'uebernahmedatum' => date('c'),
-								'benotungsdatum' => $antragLv->insertamum,
-								'updateamum' => date('c'),
-								'bemerkung'=>$antragLv->anmerkung,
-								'updatevon'=>getAuthUID()
-							]
-						);
-					}
-					else
-					{
-						$result = $this->ZeugnisnoteModel->insert([
-							'lehrveranstaltung_id'=> $antragLv->lehrveranstaltung_id,
-							'student_uid'=> $student_uid,
-							'studiensemester_kurzbz' => $antragLv->studiensemester_kurzbz,
-							'note'=> $antragLv->note,
-							'uebernahmedatum' => date('c'),
-							'benotungsdatum' => $antragLv->insertamum,
-							'insertamum' => date('c'),
-							'bemerkung'=>$antragLv->anmerkung,
-							'insertvon'=>getAuthUID()
-						]);
-					}
-					if(isError($result))
-					{
-						$errormsg[] = getError($result);
-					}
-				}
-			}
-		}
-
-		if($errormsg)
-			$return = false;
-		else
-			$return = true;
-
-		$this->load->view('lehre/Antrag/Wiederholung/moveLvs.rdf.php', [
-			'return' => $return,
-			'errormsg' => $errormsg
-		]);
-	}
-}

application/controllers/components/Cis/Mylv.php

@@ -0,0 +1,213 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * 
+ */
+class Mylv extends Auth_Controller
+{
+
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'Student' => ['student/anrechnung_beantragen:r','user:r'], // TODO(chris): permissions?
+			'Studiensemester' => ['student/anrechnung_beantragen:r','user:r'], // TODO(chris): permissions?
+			'Lvs' => ['student/anrechnung_beantragen:r','user:r'], // TODO(chris): permissions?
+			'Info' => ['student/anrechnung_beantragen:r','user:r'], // TODO(chris): permissions?
+			'Pruefungen' => ['student/anrechnung_beantragen:r','user:r'] // TODO(chris): permissions?
+		]);
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 */
+	public function Student()
+	{
+		$this->load->model('education/Lehrveranstaltung_model', 'LehrveranstaltungModel');
+
+		$result = $this->LehrveranstaltungModel->getLvsByStudentWithGrades(getAuthUID());
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$this->outputJsonSuccess(getData($result));
+	}
+
+	/**
+	 */
+	public function Studiensemester()
+	{
+		$this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel');
+
+		$result = $this->StudiensemesterModel->getWhereStudentHasLvs(getAuthUID());
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$this->outputJsonSuccess(getData($result));
+	}
+
+	/**
+	 */
+	public function Lvs($studiensemester_kurzbz)
+	{
+		$this->load->model('education/Lehrveranstaltung_model', 'LehrveranstaltungModel');
+
+		$result = $this->LehrveranstaltungModel->getLvsByStudentWithGrades(getAuthUID(), $studiensemester_kurzbz, getUserLanguage());
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$this->outputJsonSuccess(getData($result));
+	}
+
+	/**
+	 */
+	public function Info($studiensemester_kurzbz, $lehrveranstaltung_id)
+	{
+		$this->load->model('education/Lehrveranstaltung_model', 'LehrveranstaltungModel');
+		$result = $this->LehrveranstaltungModel->load($lehrveranstaltung_id);
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+		$lv = current(getData($result) ?: []);
+
+		if (!$lv)
+			return $this->outputJsonError('Could\'t find Lehrveranstaltung with id: ' . $lehrveranstaltung_id);
+
+
+		$this->load->model('education/Lehreinheitmitarbeiter_model', 'LehreinheitmitarbeiterModel');
+
+		$result = $this->LehreinheitmitarbeiterModel->getForLv($lehrveranstaltung_id, $studiensemester_kurzbz);
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$lvinfo = [];
+		$lvinfo['lektoren'] = getData($result) ?: [];
+
+		$kollisionsfreie_user = unserialize(KOLLISIONSFREIE_USER);
+		$lvinfo['lektoren'] = array_values(array_filter($lvinfo['lektoren'], function ($v) use ($kollisionsfreie_user) {
+			return !in_array($v->uid, $kollisionsfreie_user);
+		}));
+
+		$lvinfo['lvLeitung'] = array_values(array_filter($lvinfo['lektoren'], function ($v) {
+			return $v->lehrfunktion_kurzbz == 'LV-Leitung';
+		}));
+
+
+		$this->load->model('organisation/Organisationseinheit_model', 'OrganisationseinheitModel');
+		$result = $this->OrganisationseinheitModel->getWithType($lv->oe_kurzbz);
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$lvinfo['oe'] = current(getData($result) ?: []);
+
+
+		$this->load->model('person/Benutzerfunktion_model', 'BenutzerfunktionModel');
+		$result = $this->BenutzerfunktionModel->getBenutzerFunktionenDetailed('Leitung', $lv->oe_kurzbz);
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$lvinfo['oeLeitung'] = getData($result) ?: [];
+
+
+		$result = $this->LehrveranstaltungModel->getKoordinator($lehrveranstaltung_id, $studiensemester_kurzbz);
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$lvinfo['koordinator'] = getData($result) ?: [];
+
+		if (defined('ACTIVE_ADDONS') && in_array('lvinfo', explode(';', ACTIVE_ADDONS)) && file_exists(FHCPATH . 'addons/lvinfo/include/lvinfo.class.php'))
+		{
+			require_once(FHCPATH . 'addons/lvinfo/include/lvinfo.class.php');
+			$lvinfoObj = new lvinfo();
+			$lvinfoObj->loadLVinfo($lehrveranstaltung_id, $studiensemester_kurzbz, null, true);
+			if (is_array($lvinfoObj->result))
+			{
+				$oldP = property_exists($this, 'p') ? $this->p : null;
+				$result = [];
+				$lvinfos = $lvinfoObj->result;
+				$lvinfoSet = new lvinfo();
+				$lvinfoSet->load_lvinfo_set($studiensemester_kurzbz);
+				foreach ($lvinfos as $lvi)
+				{
+					$this->p = null;
+					$this->loadPhrases('ui', $lvi->sprache);
+					$result[$lvi->sprache] = [];
+					foreach ($lvinfoSet->result as $set)
+					{
+						$key = $set->lvinfo_set_kurzbz;
+						if (!isset($lvi->data[$key]))
+							continue;
+						$info = [
+							'header' => $set->lvinfo_set_bezeichnung[$lvi->sprache]
+						];
+						if (isset($set->einleitungstext[$lvi->sprache]))
+							$info['subheader'] = $set->einleitungstext[$lvi->sprache];
+						switch ($set->lvinfo_set_typ)
+						{
+							case 'boolean':
+								$info['body'] = $this->p->t('ui', $lvi->data[$key] === true ? 'ja' : 'nein');
+								break;
+							case 'array':
+								$info['body'] = array_map('htmlspecialchars', $lvi->data[$key]);
+								break;
+							case 'editor':
+								$info['body'] = $lvi->data[$key];
+								break;
+							default:
+								$info['body'] = htmlspecialchars($lvi->data[$key]);
+						}
+						if ($info['body'])
+							$result[$lvi->sprache][] = $info;
+					}
+				}
+				if ($result)
+				{
+					$lvinfo['lvinfo'] = $result;
+					$lvinfo['lvinfoDefaultLang'] = getUserLanguage();
+
+					$this->load->model('system/Sprache_model', 'SpracheModel');
+					$result = $this->SpracheModel->loadMultiple(array_keys($result));
+					if (!isError($result))
+					{
+						$result = getData($result);
+						$lvinfo['sprachen'] = [];
+						foreach ($result as $sprache) {
+							$lvinfo['sprachen'][$sprache->sprache] = $sprache;
+						}
+					}
+				}
+				$this->p = $oldP;
+			}
+		}
+
+
+		$this->outputJsonSuccess($lvinfo);
+	}
+
+	/**
+	 */
+	public function Pruefungen($lehrveranstaltung_id)
+	{
+		$this->load->model('education/Pruefung_model', 'PruefungModel');
+
+		$result = $this->PruefungModel->getByStudentAndLv(getAuthUID(), $lehrveranstaltung_id, getUserLanguage());
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$this->outputJsonSuccess(getData($result));
+	}
+
+}

application/controllers/components/Cis/Stundenplan.php

@@ -0,0 +1,73 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * 
+ */
+class Stundenplan extends Auth_Controller
+{
+
+	/**
+	 * Object initialization
+	 */
+	public function __construct()
+	{
+		parent::__construct([
+			'index' => ['basis/cis'],
+			'Reservierungen' => ['basis/cis'],
+			'Stunden' => ['basis/cis'],
+		]);
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 */
+	public function index()
+	{
+		$this->load->model('ressource/Stundenplan_model', 'StundenplanModel');
+
+		/* $result = $this->StundenplanModel->loadForUid(getAuthUID());
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+ 		*/
+		$res = $this->StundenplanModel->stundenplanGruppierung($this->StundenplanModel->getStundenplanQuery(getAuthUID())); 
+		
+		$res = getData($res);
+		
+		$this->outputJsonSuccess($res);
+	}
+
+	/**
+	 */
+	public function Reservierungen()
+	{
+		$this->load->model('ressource/Reservierung_model', 'ReservierungModel');
+
+		$result = $this->ReservierungModel->loadForUid(getAuthUID());
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$this->outputJsonSuccess(getData($result));
+	}
+
+	/**
+	 */
+	public function Stunden()
+	{
+		$this->load->model('ressource/Stunde_model', 'StundeModel');
+
+		$result = $this->StundeModel->load();
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$this->outputJsonSuccess(getData($result));
+	}
+
+
+}

application/controllers/components/Filter.php

@@ -9,6 +9,7 @@ if (! defined('BASEPATH')) exit('No direct script access allowed');
  * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
  * NOTE: extends the FHC_Controller instead of the Auth_Controller because the FilterCmpt has its
  * 	own permissions check
+ * TODO(chris): deprecated
  */
 class Filter extends FHC_Controller
 {
@@ -26,6 +27,9 @@ class Filter extends FHC_Controller
 		// Loads authentication library and starts authentication
 		$this->load->library('AuthLib');
 
+		// Loads the FiltersModel
+		$this->load->model('system/Filters_model', 'FiltersModel');
+
 		// Loads the FilterCmptLib with HTTP GET/POST parameters
 		$this->_startFilterCmptLib();
 	}

application/controllers/components/Phrasen.php

@@ -3,7 +3,7 @@
 if (! defined('BASEPATH')) exit('No direct script access allowed');
 
 /**
- *
+ * TODO(chris): deprecated
  */
 class Phrasen extends FHC_Controller
 {

application/controllers/components/SearchBar.php

@@ -3,7 +3,7 @@
 if (! defined('BASEPATH')) exit('No direct script access allowed');
 
 /**
- *
+ * TODO(chris): deprecated
  */
 class SearchBar extends FHC_Controller
 {
@@ -17,11 +17,17 @@ class SearchBar extends FHC_Controller
 	{
 		parent::__construct();
 
-		// Loads the AuthLib and starts the authentication
+		// Loads the AuthLib _without_ starting the authentication
+		// NOTE:
+		// 	- A user must be authenticated via another controller to access this one
+		//	- It is loaded to be able to call the isLogged function later
 		$this->load->library('AuthLib');
 		
 		// Load the library SearchBarLib
 		$this->load->library('SearchBarLib');
+
+		// Checks if the user is authenticated, otherwise returns an error code in JSON format
+		if (!isLogged()) $this->terminateWithJsonError(SearchBarLib::ERROR_NOT_AUTH);
 	}
 
 	//------------------------------------------------------------------------------------------------------------------

application/controllers/components/stv/Noten.php

@@ -0,0 +1,168 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class Noten extends Auth_Controller
+{
+	public function __construct()
+	{
+		parent::__construct([
+			'get' => 'student/noten:r',
+			'getZeugnis' => 'student/noten:r',
+			'update' => ['admin:w', 'assistenz:w']
+		]);
+
+		// Load Libraries
+		$this->load->library('VariableLib', ['uid' => getAuthUID()]);
+	}
+
+	public function get()
+	{
+		$this->load->model('codex/Note_model', 'NoteModel');
+
+		$result = $this->NoteModel->addOrder('note');
+		
+		$result = $this->NoteModel->load();
+		if (isError($result)) {
+			$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
+		}
+		
+		return $this->outputJson($result);
+	}
+
+	public function getZeugnis($prestudent_id, $all = null)
+	{
+		$this->load->model('crm/Student_model', 'StudentModel');
+		$this->load->model('education/Zeugnisnote_model', 'ZeugnisnoteModel');
+
+		$result = $this->StudentModel->loadWhere([
+			'prestudent_id' => $prestudent_id
+		]);
+		if (isError($result)) {
+			$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
+			return $this->outputJson($result);
+		}
+		if (!hasData($result))
+			return $this->outputJsonSuccess(null);
+		
+		$student_uid = current(getData($result))->student_uid;
+
+		$studiensemester_kurzbz = ($all === null) ? $this->variablelib->getVar('semester_aktuell') : null;
+
+		$result = $this->ZeugnisnoteModel->getZeugnisnoten($student_uid, $studiensemester_kurzbz);
+		if (isError($result)) {
+			$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
+		}
+		
+		return $this->outputJson($result);
+	}
+
+	public function update()
+	{
+		$this->load->model('crm/Student_model', 'StudentModel');
+		$this->load->model('organisation/Studienplan_model', 'StudienplanModel');
+		$this->load->model('education/Lehrveranstaltung_model', 'LehrveranstaltungModel');
+		$this->load->model('education/Zeugnisnote_model', 'ZeugnisnoteModel');
+
+		$this->load->library('form_validation');
+
+		$_POST = json_decode(utf8_encode($this->input->raw_input_stream), true);
+		
+		if (empty($_POST) || !is_array(current($_POST))) {
+			$result = $this->hasPermissionUpdate($this->input->post('lehrveranstaltung_id'), $this->input->post('student_uid'));
+			if (isError($result)) {
+				$this->output->set_status_header(REST_Controller::HTTP_FORBIDDEN);
+				return $this->outputJson($result);
+			}
+
+			$this->form_validation->set_rules('lehrveranstaltung_id', 'Lehrverantaltung ID', 'required|numeric');
+			$this->form_validation->set_rules('student_uid', 'Student UID', 'required');
+			$this->form_validation->set_rules('studiensemester_kurzbz', 'Studiensemester Kurzbezeichnung', 'required');
+			$this->form_validation->set_rules('note', 'Note', 'required|numeric');
+			$post = [$_POST];
+		} else {
+			foreach ($_POST as $i => $data) {
+				$lvid = isset($data['lehrveranstaltung_id']) ? $data['lehrveranstaltung_id'] : null;
+				$uid = isset($data['student_uid']) ? $data['student_uid'] : null;
+				$result = $this->hasPermissionUpdate($lvid, $uid);
+				if (isError($result)) {
+					$this->output->set_status_header(REST_Controller::HTTP_FORBIDDEN);
+					return $this->outputJson($result);
+				}
+
+				$this->form_validation->set_rules($i . '[lehrveranstaltung_id]', '#' . $i . ' Lehrverantaltung ID', 'required|numeric');
+				$this->form_validation->set_rules($i . '[student_uid]', '#' . $i . ' Student UID', 'required');
+				$this->form_validation->set_rules($i . '[studiensemester_kurzbz]', '#' . $i . ' Studiensemester Kurzbezeichnung', 'required');
+				$this->form_validation->set_rules($i . '[note]', '#' . $i . ' Note', 'required|numeric');
+			}
+			$post = $_POST;
+		}
+		if ($this->form_validation->run() == false) {
+			$this->output->set_status_header(REST_Controller::HTTP_BAD_REQUEST);
+			return $this->outputJsonError($this->form_validation->error_array());
+		}
+
+		$final_result = success();
+		$this->ZeugnisnoteModel->db->trans_start();
+
+		foreach ($post as $i => $data) {
+			$note = $data['note'];
+			unset($data['note']);
+			$result = $this->ZeugnisnoteModel->update($data, [
+				'note' => $note,
+				'benotungsdatum' => date('c'),
+				'updateamum' => date('c'),
+				'updatevon' => getAuthUID()
+			]);
+			if (isError($result)) {
+				$final_result = $result;
+				break;
+			}
+		}
+
+		$this->ZeugnisnoteModel->db->trans_complete();
+
+		if (isError($final_result)) {
+			$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
+		}
+
+		$this->outputJson($final_result);
+	}
+
+	protected function hasPermissionUpdate($lehrveranstaltung_id, $student_uid)
+	{
+		// TODO(chris): error phrases!
+		if ($lehrveranstaltung_id === null || $student_uid === null)
+			return success();
+		$result = $this->StudentModel->load([$student_uid]);
+		if (isError($result))
+			return $result;
+		if (!hasData($result))
+			return error('Fehler beim Ermitteln des Studenten');
+		$student = current(getData($result));
+
+		if ($this->permissionlib->isBerechtigt('admin', 'suid', $student->studiengang_kz))
+			return success();
+		if ($this->permissionlib->isBerechtigt('assistenz', 'suid', $student->studiengang_kz))
+			return success();
+
+		$result = $this->StudienplanModel->getAllOesForLv($lehrveranstaltung_id);
+		if (isError($result))
+			return $result;
+		$oes = getData($result) ?: [];
+		$result = $this->LehrveranstaltungModel->getStg($lehrveranstaltung_id);
+		if (isError($result))
+			return $result;
+		if (hasData($result))
+			$oes[] = current(getData($result));
+
+		foreach ($oes as $oe) {
+			if ($this->permissionlib->isBerechtigt('admin', 'suid', $oe->oe_kurzbz))
+				return success();
+			if ($this->permissionlib->isBerechtigt('assistenz', 'suid', $oe->oe_kurzbz))
+				return success();
+		}
+
+		return error('Forbidden');
+	}
+}

application/controllers/components/stv/Studienplan.php

@@ -0,0 +1,43 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class Studienplan extends Auth_Controller
+{
+	public function __construct()
+	{
+		// TODO(chris): access!
+		parent::__construct([
+			'get' => self::PERM_LOGGED
+		]);
+	}
+
+	public function get()
+	{
+		$this->load->model('organisation/Studienplan_model', 'StudienplanModel');
+
+		$_POST = json_decode($this->input->raw_input_stream, true);
+		
+		$this->load->library('form_validation');
+		
+		$this->form_validation->set_rules('studiengang_kz', 'StudiengangKz', 'required|numeric');
+		$this->form_validation->set_rules('studiensemester_kurzbz', 'StudiensemesterKurbz', 'required');
+		$this->form_validation->set_rules('ausbildungssemester', 'Ausbildungssemester', 'numeric');
+
+		if ($this->form_validation->run() == false) {
+			$this->output->set_status_header(REST_Controller::HTTP_BAD_REQUEST);
+			return $this->outputJsonError($this->form_validation->error_array());
+		}
+
+		$studiengang_kz = $this->input->post('studiengang_kz');
+		$studiensemester_kurzbz = $this->input->post('studiensemester_kurzbz');
+		$ausbildungssemester = $this->input->post('ausbildungssemester') ?: null;
+		$orgform_kurzbz = $this->input->post('orgform_kurzbz') ?: null;
+
+		$result = $this->StudienplanModel->getStudienplaeneBySemester($studiengang_kz, $studiensemester_kurzbz, $ausbildungssemester, $orgform_kurzbz);
+		if (isError($result)) {
+			$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
+		}
+		$this->outputJson($result);
+	}
+}

application/controllers/components/stv/Studiensemester.php

@@ -0,0 +1,78 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class Studiensemester extends Auth_Controller
+{
+	public function __construct()
+	{
+		// TODO(chris): access!
+		parent::__construct([
+			'index' => self::PERM_LOGGED,
+			'now' => self::PERM_LOGGED,
+			'set' => self::PERM_LOGGED
+		]);
+	}
+
+	public function index()
+	{
+		$this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel');
+
+		$this->StudiensemesterModel->addOrder('start');
+
+		$result = $this->StudiensemesterModel->load();
+
+		if (isError($result)) {
+			$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
+		}
+		$this->outputJson($result);
+	}
+
+	public function now()
+	{
+		$this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel');
+
+		$result = $this->StudiensemesterModel->getNearest();
+
+		if (isError($result)) {
+			$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
+			$this->outputJson(getError($result));
+		}
+		$result = getData($result) ?: [];
+
+		if (count($result) != 1) {
+			$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
+			$this->outputJsonError(count($result) ? 'Mehrere Studiensemester aktiv' : 'Kein Studiensemester aktiv');
+		} else {
+			$this->outputJsonSuccess(current($result)->studiensemester_kurzbz);
+		}
+	}
+
+	public function set()
+	{
+		$this->load->library('AuthLib');
+		$this->load->library('form_validation');
+
+		$_POST = json_decode(utf8_encode($this->input->raw_input_stream), true);
+
+		$this->form_validation->set_rules('studiensemester', 'Studiensemester', 'required');
+
+		if ($this->form_validation->run() == false) {
+			$this->output->set_status_header(REST_Controller::HTTP_BAD_REQUEST);
+			return $this->outputJsonError($this->form_validation->error_array());
+		}
+
+		$stdsem = $this->input->post('studiensemester');
+
+		$this->load->model('system/Variable_model', 'VariableModel');
+
+		$result = $this->VariableModel->setVariable(getAuthUID(), 'semester_aktuell', $stdsem);
+
+		if (isError($result)) {
+			$this->output->set_status_header(REST_Controller::HTTP_INTERNAL_SERVER_ERROR);
+			return $this->outputJson($result);
+		}
+
+		$this->outputJsonSuccess(true);
+	}
+}

application/controllers/dashboard/Api.php

@@ -0,0 +1,76 @@
+<?php
+defined('BASEPATH') || exit('No direct script access allowed');
+
+class Api extends Auth_Controller
+{
+	public function __construct()
+	{
+		parent::__construct(
+			array(
+				'index'		=> 'dashboard/admin:rw',
+				'getNews'	=> 'dashboard/benutzer:r',
+                'getAmpeln'	=> 'dashboard/benutzer:r',
+			)
+		);
+
+		$this->load->library('AuthLib', null, 'AuthLib');
+
+		$this->_setAuthUID();
+	}
+
+	public function index()
+	{
+		echo 'Dashboard API Controller';
+	}
+
+	/**
+	 * Get News.
+	 */
+	public function getNews()
+	{
+		$limit =  $this->input->get('limit');
+
+		$this->load->model('content/News_model', 'NewsModel');
+
+		$result = $this->NewsModel->getAll($limit);
+
+		if (hasData($result))
+		{
+			$this->outputJson(getData($result), REST_Controller::HTTP_OK);
+		}
+		else
+		{
+			$this->terminateWithJsonError('fehler entdeckt');
+		}
+	}
+
+
+	/**
+	 * Get Ampeln.
+	 */
+	public function getAmpeln()
+	{
+
+		$this->load->model('content/Ampel_model', 'AmpelModel');
+		$result = $this->AmpelModel->getByUser($this->_uid);
+
+		if (hasData($result))
+		{
+			$this->outputJson(getData($result), REST_Controller::HTTP_OK);
+		}
+		else
+		{
+			$this->terminateWithJsonError('fehler entdeckt');
+		}
+	}
+
+	/**
+	 * Retrieve the UID of the logged user and checks if it is valid
+	 */
+	private function _setAuthUID()
+	{
+		$this->_uid = getAuthUID();
+
+		if (!$this->_uid) show_error('User authentification failed');
+	}
+}

application/controllers/dashboard/Config.php

@@ -0,0 +1,216 @@
+<?php
+defined('BASEPATH') || exit('No direct script access allowed');
+/**
+ * Description of Config
+ *
+ * @author bambi
+ */
+class Config extends Auth_Controller
+{
+	public function __construct()
+	{
+		parent::__construct(
+			array(
+				'index'							=> 'dashboard/benutzer:r',
+				'dummy'							=> 'dashboard/benutzer:r',
+				'genWidgetId'					=> 'dashboard/benutzer:rw',
+				'addWidgetsToPreset'			=> 'dashboard/admin:rw',
+				'removeWidgetFromPreset'		=> 'dashboard/admin:rw',
+				'addWidgetsToUserOverride'		=> 'dashboard/benutzer:rw',
+				'removeWidgetFromUserOverride'	=> 'dashboard/benutzer:rw',
+				'funktionen'					=> 'dashboard/admin:r',
+				'preset'						=> 'dashboard/admin:r',
+				'presetBatch'					=> 'dashboard/admin:r'
+			)
+		);
+		
+		$this->load->library('dashboard/DashboardLib', null, 'DashboardLib');
+		$this->load->library('AuthLib', null, 'AuthLib');
+		$this->load->model('ressource/Funktion_model', 'FunktionModel');
+	}
+	
+	public function index()
+	{
+		$dashboard_kurzbz = $this->input->get('db');
+		$uid = $this->AuthLib->getAuthObj()->username;
+
+		$dashboard = $this->DashboardLib->getDashboardByKurzbz($dashboard_kurzbz);
+		if(!$dashboard) {
+			http_response_code(404);
+			$this->terminateWithJsonError(array(
+				'error' => 'Dashboard ' . $dashboard_kurzbz . ' not found.'
+			));
+		}
+		
+		$mergedconfig = $this->DashboardLib->getMergedConfig($dashboard->dashboard_id, $uid);
+		$this->outputJsonSuccess($mergedconfig);
+	}
+	
+	public function genWidgetId()
+	{
+		$dashboard_kurzbz = $this->input->get('db');
+		$widgetid = $this->DashboardLib->generateWidgetId($dashboard_kurzbz);
+		$this->outputJsonSuccess(array(
+			'widgetid' => $widgetid
+		));
+	}
+	
+	public function addWidgetsToPreset()
+	{
+		$input = json_decode($this->input->raw_input_stream);
+		$dashboard_kurzbz = $input->db;
+		$funktion_kurzbz = $input->funktion_kurzbz;
+		
+		$preset = $this->DashboardLib->getPresetOrCreateEmptyPreset($dashboard_kurzbz, $funktion_kurzbz);
+		
+		$preset_decoded = json_decode($preset->preset, true);
+		
+		$this->DashboardLib->addWidgetsToWidgets($preset_decoded['widgets'], $dashboard_kurzbz, $funktion_kurzbz, $input->widgets);
+		
+		$preset->preset = json_encode($preset_decoded);
+				
+		$result = $this->DashboardLib->insertOrUpdatePreset($preset);
+		if (isError($result)) {
+			http_response_code(500);
+			$this->terminateWithJsonError('preset could not be saved');
+		}
+		
+		$this->outputJsonSuccess(array('msg' => 'preset successfully stored.', 'data' => $preset_decoded));
+	}
+	
+	public function removeWidgetFromPreset()
+	{
+		$input = json_decode($this->input->raw_input_stream);
+		$dashboard_kurzbz = $input->db;
+		$funktion_kurzbz = $input->funktion_kurzbz;
+		$widgetid = $input->widgetid;
+				
+		$preset = $this->DashboardLib->getPreset($dashboard_kurzbz, $funktion_kurzbz);
+		if ($preset === null) {
+			http_response_code(404);
+			$this->terminateWithJsonError('preset for dashboard ' . $dashboard_kurzbz . ' and funktion ' . $funktion_kurzbz . ' not found.');
+		}
+		
+		$preset_decoded = json_decode($preset->preset, true);
+		if (!$this->DashboardLib->removeWidgetFromWidgets($preset_decoded['widgets'], $funktion_kurzbz, $widgetid))
+		{
+			http_response_code(404);
+			$this->terminateWithJsonError('widgetid ' . $widgetid . ' not found');
+		}
+		
+		$preset->preset = json_encode($preset_decoded);
+		$result = $this->DashboardLib->insertOrUpdatePreset($preset);
+		if (isError($result))
+		{
+			http_response_code(500);
+			$this->terminateWithJsonError('failed to remove widget');
+		}
+		$this->outputJsonSuccess(array('msg' => 'preset successfully updated.'));
+	}
+
+	public function addWidgetsToUserOverride()
+	{
+		$input = json_decode($this->input->raw_input_stream);
+		$dashboard_kurzbz = $input->db;
+		$funktion_kurzbz = $input->funktion_kurzbz;
+		$uid = $this->AuthLib->getAuthObj()->username;
+		
+		$override = $this->DashboardLib->getOverrideOrCreateEmptyOverride($dashboard_kurzbz, $uid);
+		
+		$override_decoded = json_decode($override->override, true);
+
+		$this->DashboardLib->addWidgetsToWidgets($override_decoded['widgets'], $dashboard_kurzbz, $funktion_kurzbz, $input->widgets);
+		
+		$override->override = json_encode($override_decoded);
+				
+		$result = $this->DashboardLib->insertOrUpdateOverride($override);
+		if (isError($result)) {
+			http_response_code(500);
+			$this->terminateWithJsonError('override could not be saved');
+		}
+		
+		$this->outputJsonSuccess(array('msg' => 'override successfully stored.', 'data' => $override_decoded));
+	}
+	
+	public function removeWidgetFromUserOverride()
+	{
+		$input = json_decode($this->input->raw_input_stream);
+		$dashboard_kurzbz = $input->db;
+		$funktion_kurzbz = $input->funktion_kurzbz;
+		$uid = $this->AuthLib->getAuthObj()->username;
+		$widgetid = $input->widgetid;
+		
+		$override = $this->DashboardLib->getOverride($dashboard_kurzbz, $uid);
+		if (empty($override)) {
+			http_response_code(404);
+			$this->terminateWithJsonError('userconfig for dashboard ' . $dashboard_kurzbz . ' not found.');
+		}
+		
+		$override_decoded = json_decode($override->override, true);
+		
+		if (!$this->DashboardLib->removeWidgetFromWidgets($override_decoded['widgets'], $funktion_kurzbz, $widgetid))
+		{
+			http_response_code(404);
+			$this->terminateWithJsonError('widgetid ' . $widgetid . ' not found');
+		}
+		
+		$override->override = json_encode($override_decoded);
+		$result = $this->DashboardLib->insertOrUpdateOverride($override, $uid);
+		if (isError($result))
+		{
+			http_response_code(500);
+			$this->terminateWithJsonError('failed to remove widget');
+		}
+		$this->outputJsonSuccess(array('msg' => 'override successfully updated.'));
+	}
+	
+	public function funktionen()
+	{
+		$funktionen = $this->FunktionModel->load();
+
+		if (isError($funktionen)) {
+			http_response_code(404);
+			$this->terminateWithJsonError([
+				'error' => getError($funktionen)
+			]);
+		}
+		
+		return $this->outputJsonSuccess(getData($funktionen) ?: []);
+	}
+	
+	public function preset()
+	{
+		$db = $this->input->get('db');
+		$funktion = $this->input->get('funktion');
+
+		$conf = $this->DashboardLib->getPreset($db, $funktion);
+
+		if (!$conf)
+			return $this->outputJsonSuccess(['widgets' => [$funktion => []]]);
+
+		return $this->outputJsonSuccess(json_decode($conf->preset, true));
+	}
+	
+	public function presetBatch()
+	{
+		$db = $this->input->get('db');
+		$funktionen = $this->input->get('funktionen');
+		$result = [];
+
+		foreach ($funktionen as $funktion) {
+			$conf = $this->DashboardLib->getPreset($db, $funktion);
+			if ($conf)
+			{
+				$preset = json_decode($conf->preset, true);
+				if (!isset($preset['widgets']) || !isset($preset['widgets'][$funktion]))
+					$result[$funktion] = [];
+				else
+					$result[$funktion] = $preset['widgets'][$funktion];
+			}
+			else
+				$result[$funktion] = [];
+		}
+
+		return $this->outputJsonSuccess($result);
+	}
+}

application/controllers/dashboard/Dashboard.php

@@ -0,0 +1,86 @@
+<?php
+defined('BASEPATH') || exit('No direct script access allowed');
+/**
+ * Description of Widget
+ *
+ * @author chris
+ */
+class Dashboard extends Auth_Controller
+{
+	public function __construct()
+	{
+		parent::__construct(
+			array(
+				'index'							=> 'dashboard/admin:r',
+				'create'						=> 'dashboard/admin:rw',
+				'update'						=> 'dashboard/admin:rw',
+				'delete'						=> 'dashboard/admin:rw'
+			)
+		);
+		
+		$this->load->library('dashboard/DashboardLib', null, 'DashboardLib');
+		$this->load->model('dashboard/Dashboard_model', 'DashboardModel');
+	}
+	
+	public function index()
+	{
+		$result = $this->DashboardModel->load();
+
+		if (isError($result)) {
+			http_response_code(404);
+			$this->terminateWithJsonError([
+				'error' => getError($result)
+			]);
+		}
+		
+		return $this->outputJsonSuccess(getData($result) ?: []);
+	}
+	
+	public function create()
+	{
+		$input = $this->getPostJSON();
+
+		$result = $this->DashboardModel->insert($input);
+
+		if (isError($result)) {
+			http_response_code(404);
+			$this->terminateWithJsonError([
+				'error' => getError($result)
+			]);
+		}
+		
+		return $this->outputJsonSuccess(getData($result) ?: []);
+	}
+	
+	public function update()
+	{
+		$input = $this->getPostJSON();
+
+		$result = $this->DashboardModel->update($input->dashboard_id, $input);
+
+		if (isError($result)) {
+			http_response_code(404);
+			$this->terminateWithJsonError([
+				'error' => getError($result)
+			]);
+		}
+		
+		return $this->outputJsonSuccess(getData($result) ?: []);
+	}
+	
+	public function delete()
+	{
+		$input = $this->getPostJSON();
+
+		$result = $this->DashboardModel->delete($input->dashboard_id);
+
+		if (isError($result)) {
+			http_response_code(404);
+			$this->terminateWithJsonError([
+				'error' => getError($result)
+			]);
+		}
+		
+		return $this->outputJsonSuccess(getData($result) ?: []);
+	}
+}

application/controllers/dashboard/DashboardDemo.php

@@ -0,0 +1,58 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ */
+class DashboardDemo extends Auth_Controller
+{
+    private $_uid;  // uid of the logged user
+
+    /**
+     * Constructor
+     */
+    public function __construct()
+    {
+        // Set required permissions
+        parent::__construct(
+            array(
+                'index' => 'dashboard/benutzer:r',
+                'admin' => 'dashboard/admin:rw'
+            )
+        );
+
+        $this->load->library('AuthLib');
+        $this->load->library('WidgetLib');
+
+        $this->_setAuthUID(); // sets property uid
+
+        $this->setControllerId(); // sets the controller id
+    }
+
+    // -----------------------------------------------------------------------------------------------------------------
+    // Public methods
+	public function index()
+	{
+		$this->load->view('dashboard/dashboard_demo.php', []);
+	}
+
+    // -----------------------------------------------------------------------------------------------------------------
+    // Public methods
+    public function admin()
+    {
+        $this->load->view('dashboard/dashboard_demo_admin.php', []);
+    }
+
+    // -----------------------------------------------------------------------------------------------------------------
+    // Private methods
+
+    /**
+     * Retrieve the UID of the logged user and checks if it is valid
+     */
+    private function _setAuthUID()
+    {
+        $this->_uid = getAuthUID();
+
+        if (!$this->_uid) show_error('User authentification failed');
+    }
+}

application/controllers/dashboard/Widget.php

@@ -0,0 +1,109 @@
+<?php
+defined('BASEPATH') || exit('No direct script access allowed');
+/**
+ * Description of Widget
+ *
+ * @author chris
+ */
+class Widget extends Auth_Controller
+{
+	public function __construct()
+	{
+		parent::__construct(
+			array(
+				'index'							=> ['dashboard/benutzer:r', 'dashboard/admin:r'],
+				'getAll'						=> 'dashboard/admin:r',
+				'getWidgetsForDashboard'		=> ['dashboard/benutzer:rw', 'dashboard/admin:r'],
+				'setAllowed'					=> 'dashboard/admin:rw'
+			)
+		);
+		
+		$this->load->library('dashboard/DashboardLib', null, 'DashboardLib');
+		$this->load->model('dashboard/Widget_model', 'WidgetModel');
+		$this->load->model('dashboard/Dashboard_Widget_model', 'DashboardWidgetModel');
+	}
+	
+	public function index()
+	{
+		$widget_id = $this->input->get('id');
+
+		$widget = $this->WidgetModel->load($widget_id);
+
+		if (isError($widget) || !getData($widget))
+			return $this->outputJsonSuccess([
+				"widget_id" => 0,
+				"widget_kurzbz" => "notfound",
+				"arguments" => json_encode([
+					"className" => 'alert-danger',
+					"title" => 'Widget Not Found',
+					"msg" => 'The widget with the id ' . $widget_id . ' could not be found'
+				]),
+				"setup" => json_encode([
+					"name" => 'Widget Not Found',
+					"file" => 'DashboardWidget/Default.js',
+					"width" => 1,
+					"height" => 1
+				])
+			]);
+		return $this->outputJsonSuccess(current(getData($widget)));
+	}
+	
+	public function getAll()
+	{
+		$dashboard_id = $this->input->get('dashboard_id');
+		$result = $this->WidgetModel->getWithAllowedForDashboard($dashboard_id);
+
+		if (isError($result))
+			return $this->outputJsonError(getError($result));
+
+		$this->outputJsonSuccess(getData($result) ?: []);
+	}
+	
+	public function getWidgetsForDashboard()
+	{
+		$db = $this->input->get('db');
+		$result = $this->WidgetModel->getForDashboard($db);
+
+		if (isError($result)) {
+			http_response_code(404);
+			$this->terminateWithJsonError([
+				'error' => getError($result)
+			]);
+		}
+
+		$this->outputJsonSuccess(getData($result) ?: []);
+	}
+	
+	public function setAllowed()
+	{
+		$input = $this->getPostJSON();
+
+		$dashboard_id = $input->dashboard_id;
+		$widget_id = $input->widget_id;
+		$action = $input->action;
+
+		if ($action == 'add') {
+			$result = $this->DashboardWidgetModel->insert([
+				'dashboard_id' => $dashboard_id,
+				'widget_id' => $widget_id
+			]);
+		} elseif ($action == 'delete') {
+			$result = $this->DashboardWidgetModel->delete([
+				'dashboard_id' => $dashboard_id,
+				'widget_id' => $widget_id
+			]);
+		} else {
+			http_response_code(404); // TODO(chris): 400?
+			$this->terminateWithJsonError([
+				'error' => 'action value invalid'
+			]);
+		}
+		if (isError($result)) {
+			http_response_code(404);
+			$this->terminateWithJsonError([
+				'error' => getError($result)
+			]);
+		}
+		return $this->outputJsonSuccess(getData($result));
+	}
+}

application/controllers/jobs/AntragJob.php

@@ -19,6 +19,8 @@ class AntragJob extends JOB_Controller
 		// Loads SanchoHelper
 		$this->load->helper('hlp_sancho_helper');
 
+		$this->load->library('AntragLib');
+
 		// Load Model
 		$this->load->model('education/Studierendenantrag_model', 'StudierendenantragModel');
 		$this->load->model('education/Studierendenantragstatus_model', 'StudierendenantragstatusModel');
@@ -27,6 +29,10 @@ class AntragJob extends JOB_Controller
 		$this->load->model('crm/Student_model', 'StudentModel');
 		$this->load->model('organisation/Studiengang_model', 'StudiengangModel');
 		$this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel');
+
+		$this->loadPhrases([
+			'lehre'
+		]);
 	}
 
 	/**
@@ -96,7 +102,7 @@ class AntragJob extends JOB_Controller
 				}
 				$stgLeitungen[$leitung->uid]['stgs'][] = $antrag->studiengang_kz;
 
-				$result = $this->StudiengangModel->load($antrag->studiengang_kz);
+				$result = $this->StudierendenantragModel->getStgAndSem($antrag->studierendenantrag_id);
 				if (isError($result))
 				{
 					$this->logError(getError($result));
@@ -165,9 +171,23 @@ class AntragJob extends JOB_Controller
 			}
 
 			$data['table'] = $data['table_' . DEFAULT_LANGUAGE];
+			$data['leitungLink'] = APP_ROOT. 'index.ci.php/lehre/Studierendenantrag/leitung';
+
+			//Mail an Stgl und Assistenz
+			$to = $leitung['Details']->uid . '@' . DOMAIN;
+			$cc = $leitung['Details']->email;
 
 			// NOTE(chris): Sancho mail
-			if (sendSanchoMail("Sancho_Mail_Antrag_Stgl", $data, $leitung['Details']->uid . '@' . DOMAIN, 'Anträge - Aktion(en) erforderlich'))
+			if (sendSanchoMail(
+				"Sancho_Mail_Antrag_Stgl",
+				$data,
+				$to,
+				'Anträge - Aktion(en) erforderlich',
+				DEFAULT_SANCHO_HEADER_IMG,
+				DEFAULT_SANCHO_FOOTER_IMG,
+				'',
+				$cc
+			))
 				$count++;
 		}
 
@@ -209,8 +229,7 @@ class AntragJob extends JOB_Controller
 		$count = 0;
 		foreach ($antraege as $antrag)
 		{
-			$this->StudiengangModel->addJoin('public.tbl_prestudent ps','studiengang_kz');
-			$res = $this->StudiengangModel->loadWhere(['prestudent_id' => $antrag->prestudent_id]);
+			$res = $this->StudierendenantragModel->getStgAndSem($antrag->studierendenantrag_id);
 			$stg = '';
 			$orgform = '';
 			if (hasData($res)) {
@@ -282,7 +301,6 @@ class AntragJob extends JOB_Controller
 
 		$result = $this->PruefungModel->getAllPrestudentsWhereCommitteeExamFailed(
 			[
-				null,
 				Studierendenantragstatus_model::STATUS_REQUESTSENT_1,
 				Studierendenantragstatus_model::STATUS_REQUESTSENT_2
 			],
@@ -303,11 +321,64 @@ class AntragJob extends JOB_Controller
 
 			foreach ($prestudents as $prestudent)
 			{
-				$result = $this->prestudentlib->setAbbrecher($prestudent->prestudent_id, $prestudent->studiensemester_kurzbz, $insertvon);
-				if (isError($result))
+				$result = $this->StudierendenantragstatusModel->insert([
+					'studierendenantrag_id' => $prestudent->studierendenantrag_id,
+					'studierendenantrag_statustyp_kurzbz' => Studierendenantragstatus_model::STATUS_DEREGISTERED,
+					'insertvon' => 'AntragJob'
+				]);
+				if (isError($result)) {
 					$this->logError(getError($result));
-				else
-					$count++;
+				} else {
+					$deregisterStatus = getData($result);
+
+					$result = $this->antraglib->pauseAntrag(
+						$prestudent->studierendenantrag_id,
+						Studierendenantragstatus_model::INSERTVON_DEREGISTERED
+					);
+					if (isError($result))
+						$this->logError(getError($result));
+
+					$result = $this->prestudentlib->setAbbrecher($prestudent->prestudent_id, '', $insertvon);
+					if (isError($result)) {
+						$this->StudierendenantragstatusModel->delete($deregisterStatus);
+						$this->logError(getError($result));
+					} else {
+						$count++;
+						
+						$datum_kp = new DateTime($prestudent->datum);
+						$dataMail = array(
+							'name'=> trim($prestudent->vorname . ' '. $prestudent->nachname),
+							'vorname' => $prestudent->vorname,
+							'nachname' => $prestudent->nachname,
+							'pers_kz'=> $prestudent->matrikelnr,
+							'stg' => $prestudent->bezeichnung,
+							'lvbezeichnung' => $prestudent->lvbezeichnung,
+							'datum_kp' => $datum_kp->format('d.m.Y'),
+							'studiensemester'=> $prestudent->studiensemester_kurzbz,
+							'Orgform'=> $prestudent->orgform,
+							'prestudent_id' => $prestudent->prestudent_id,
+							'fristablauf' => $dateDeadline->format('d.m.Y')
+						);
+
+						$email = $this->StudentModel->getEmailFH($this->StudentModel->getUID($prestudent->prestudent_id));
+						// Mail to Student
+						if (!sendSanchoMail('Sancho_Mail_Antrag_W_DL_Stud', $dataMail, $email, 'Wiederholung: Frist abgelaufen')) {
+							$this->logWarning("Failed to send Notification to " . $email);
+						}
+
+						$result = $this->StudiengangModel->load($prestudent->studiengang_kz);
+						if (!hasData($result)) {
+							$this->logWarning('No Studiengang found');
+							continue;
+						}
+						$studiengang = current(getData($result));
+						$email = $studiengang->email;
+						// Mail to Assistenz
+						if (!sendSanchoMail('Sancho_Mail_Antrag_W_DL_Assist', $dataMail, $email, 'Wiederholung: Frist abgelaufen')) {
+							$this->logWarning("Failed to send Notification to " . $email);
+						}
+					}
+				}
 			}
 			$this->logInfo($count . " Students set to Abbrecher");
 		}
@@ -323,8 +394,6 @@ class AntragJob extends JOB_Controller
 	{
 		$this->logInfo('Start Job handleAbmeldungenStglDeadline');
 
-		$this->load->library('AntragLib');
-
 		$insertvon = $this->config->item('antrag_job_systemuser');
 		if (!$insertvon) {
 			$this->logError('Config "antrag_job_systemuser" nicht gesetzt');
@@ -342,11 +411,18 @@ class AntragJob extends JOB_Controller
 		$dateDeadline = new DateTime();
 		$dateDeadline->sub(DateInterval::createFromDateString($modifier_deadline));
 
+		$this->StudierendenantragModel->addSelect('tbl_studierendenantrag.studierendenantrag_id');
 		$this->StudierendenantragModel->addSelect('prestudent_id');
 		$this->StudierendenantragModel->addSelect('studiensemester_kurzbz');
 		$this->StudierendenantragModel->addSelect('s.insertamum');
+		$this->StudierendenantragModel->addSelect('s.insertvon');
+		$this->StudierendenantragModel->addJoin('public.tbl_student pts', 'prestudent_id');
+		$this->StudierendenantragModel->addSelect('pts.student_uid');
 
-		$this->StudierendenantragModel->db->where_in('public.get_rolle_prestudent(prestudent_id, studiensemester_kurzbz)', $this->config->item('antrag_prestudentstatus_whitelist'));
+		$this->StudierendenantragModel->db->where_in(
+			'public.get_rolle_prestudent(prestudent_id, studiensemester_kurzbz)',
+			$this->config->item('antrag_prestudentstatus_whitelist_abmeldung')
+		);
 
 		$result = $this->StudierendenantragModel->getWithLastStatusWhere([
             'typ' => Studierendenantrag_model::TYP_ABMELDUNG_STGL,
@@ -365,51 +441,80 @@ class AntragJob extends JOB_Controller
 
 			foreach ($antraege as $antrag)
 			{
-				$result = $this->prestudentlib->setAbbrecher(
-                    $antrag->prestudent_id,
-                    $antrag->studiensemester_kurzbz,
-                    $insertvon,
-                    'abbrecherStgl',
-                    $antrag->insertamum
-                );
+				$result = $this->StudierendenantragstatusModel->insert([
+					'studierendenantrag_id' => $antrag->studierendenantrag_id,
+					'studierendenantrag_statustyp_kurzbz' => Studierendenantragstatus_model::STATUS_DEREGISTERED,
+					'insertvon' => 'AntragJob'
+				]);
 				if (isError($result))
 					$this->logError(getError($result));
-				else
-				{
-					$count++;
-					$result = $this->PrestudentModel->load($antrag->prestudent_id);
-					if(!hasData($result)) {
-						$this->logWarning('No Prestudent found');
-						continue;
-					}
-					$prestudent = current(getData($result));
-					$result = $this->StudiengangModel->load($prestudent->studiengang_kz);
-					if(!hasData($result)) {
-						$this->logWarning('No Studiengang found');
-						continue;
-					}
-					$studiengang = current(getData($result));
-					$result = $this->PersonModel->loadPrestudent($antrag->prestudent_id);
-					if(!hasData($result))
-					{
-						$this->logWarning('No Person found');
-						continue;
-					}
-					$person = current(getData($result));
-					$email = $studiengang->email;
-					$dataMail = array(
-						'prestudent' => $antrag->prestudent_id,
-						'studiensemester' => $antrag->studiensemester_kurzbz,
-						'name' => trim($person->vorname . ' '. $person->nachname),
-					);
+				else {
+					$deregisterStatus = getData($result);
 
-					if(!sendSanchoMail('Sancho_Mail_Antrag_A_Assist', $dataMail, $email, 'Einspruchsfrist abgelaufen'))
-					{
-						$this->logWarning("Failed to send Notification to " . $email);
+					$result = $this->antraglib->pauseAntrag($antrag->studierendenantrag_id, Studierendenantragstatus_model::INSERTVON_DEREGISTERED);
+					if (isError($result))
+						$this->logError(getError($result));
+
+					$this->load->model('crm/Statusgrund_model', 'StatusgrundModel');
+					$result = $this->StatusgrundModel->loadWhere(['statusgrund_kurzbz' => 'abbrecherStgl']);
+					if (isError($result)) {
+						$this->logError(getError($result));
+						continue;
+					} elseif (!hasData($result)) {
+						$this->logError($this->p->t('lehre', 'error_noStatusgrund', ['statusgrund_kurzbz' => 'abbrecherStgl']));
+						continue;
+					}
+					
+					$statusgrund = current(getData($result));
+
+					$result = $this->prestudentlib->setAbbrecher(
+	                    $antrag->prestudent_id,
+	                    $antrag->studiensemester_kurzbz,
+	                    'AntragJob',
+	                    $statusgrund->statusgrund_id,
+	                    $antrag->insertamum,
+	                    null,
+	                    $antrag->insertvon ?: $insertvon
+	                );
+					if (isError($result)) {
+						$this->StudierendenantragstatusModel->delete($deregisterStatus);
+						$this->logError(getError($result));
+					} else {
+						$count++;
+						$result = $this->PrestudentModel->load($antrag->prestudent_id);
+						if(!hasData($result)) {
+							$this->logWarning('No Prestudent found');
+							continue;
+						}
+						$prestudent = current(getData($result));
+						$result = $this->StudiengangModel->load($prestudent->studiengang_kz);
+						if(!hasData($result)) {
+							$this->logWarning('No Studiengang found');
+							continue;
+						}
+						$studiengang = current(getData($result));
+						$result = $this->PersonModel->loadPrestudent($antrag->prestudent_id);
+						if(!hasData($result))
+						{
+							$this->logWarning('No Person found');
+							continue;
+						}
+						$person = current(getData($result));
+						$email = $studiengang->email;
+						$dataMail = array(
+							'prestudent' => 'UID: ' . $antrag->student_uid . ', PreStudentId: ' . $antrag->prestudent_id,
+							'studiensemester' => $antrag->studiensemester_kurzbz,
+							'name' => trim($person->vorname . ' '. $person->nachname),
+						);
+
+						if(!sendSanchoMail('Sancho_Mail_Antrag_A_Assist', $dataMail, $email, 'Einspruchsfrist abgelaufen'))
+						{
+							$this->logWarning("Failed to send Notification to " . $email);
+						}
 					}
 				}
 			}
-			$this->logInfo($count . " Students set to Abbrecher");
+			$this->logInfo($count . "/" . count($antraege) . " Students set to Abbrecher");
 		}
 		$this->logInfo('Ende Job handleAbmeldungenStglDeadline');
 	}
@@ -537,12 +642,6 @@ class AntragJob extends JOB_Controller
 					}
 				}
 
-				$this->load->model('crm/Prestudentstatus_model', 'PrestudentstatusModel');
-				$result = $this->PrestudentstatusModel->loadLastWithStgDetails($prestudent->prestudent_id, $prestudent->studiensemester_kurzbz);
-				if (hasData($result)) {
-					$ausbildungssemester = current(getData($result))->semester;
-				}
-
 				$dataMail = array(
 					'name'=> trim($prestudent->vorname . ' '. $prestudent->nachname),
 					'vorname' => $prestudent->vorname,
@@ -559,7 +658,7 @@ class AntragJob extends JOB_Controller
 					'fristablauf' => $fristende->format('d.m.Y'),
 					'pre_wiederholer_sem' => $next_sem,
 					'wiederholer_sem' => $sem_after_next_sem,
-					'sem' => $ausbildungssemester
+					'sem' => $prestudent->ausbildungssemester
 				);
 
 				// NOTE(chris): Sancho mail

application/controllers/jobs/ESIJob.php

@@ -0,0 +1,165 @@
+<?php
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+
+require_once('schedulers/ESIScheduler.php');
+
+/**
+ * Controller for initialising generateESI job
+ */
+class ESIJob extends JQW_Controller
+{
+	const ESI_PREFIX = 'urn:schac:personalUniqueCode:int:esi:at:';
+	const INSERT_VON = 'generateEsiJob';
+
+	/**
+	 * Controller initialization
+	 */
+	public function __construct()
+	{
+		parent::__construct();
+
+		// load models
+		$this->load->model('person/Person_model', 'PersonModel');
+		$this->load->model('person/Kennzeichen_model', 'KennzeichenModel');
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Initialises generateESI job, handles job queue, logs infos/errors
+	 */
+	public function generateESI()
+	{
+		//$jobType = 'DVUHSendPruefungsaktivitaeten';
+		$this->logInfo(ESIScheduler::JOB_TYPE_GENERATE_ESI.' job start');
+
+		// Gets the latest jobs
+		$lastJobs = $this->getLastJobs(ESIScheduler::JOB_TYPE_GENERATE_ESI);
+
+		if (isError($lastJobs))
+		{
+			$this->logError(getCode($lastJobs).': '.getError($lastJobs), ESIScheduler::JOB_TYPE_GENERATE_ESI);
+		}
+		else
+		{
+			$this->updateJobs(
+				getData($lastJobs), // Jobs to be updated
+				array(JobsQueueLib::PROPERTY_START_TIME), // Job properties to be updated
+				array(date('Y-m-d H:i:s')) // Job properties new values
+			);
+
+			$person_arr = $this->_getInputObjArray(getData($lastJobs));
+
+			foreach ($person_arr as $persobj)
+			{
+				if (!isset($persobj->person_id))
+					$this->logError("Error when generating ESI: invalid parameters");
+				else
+				{
+					$person_id = $persobj->person_id;
+
+					// check if there already is an active ESI
+					$this->KennzeichenModel->addSelect('1');
+					$activeKennzeichenRes = $this->KennzeichenModel->loadWhere(
+						array('person_id' => $person_id, 'kennzeichentyp_kurzbz' => ESIScheduler::KENNZEICHENTYP_KURZBZ, 'aktiv' => true)
+					);
+
+					if (hasData($activeKennzeichenRes))
+					{
+						$this->logError("Active ESI for person Id $person_id already exists");
+						continue;
+					}
+
+					// get Matrikelnr for person for which ESI should be generated
+					$this->PersonModel->addSelect('matr_nr');
+					$personRes = $this->PersonModel->load($person_id);
+
+					if (!hasData($personRes))
+					{
+						$this->logError("Person with Id $person_id not found");
+						continue;
+					}
+
+					$matr_nr = getData($personRes)[0]->matr_nr;
+
+					if (isEmptyString($matr_nr))
+					{
+						$this->logError("Matrikelnummer for person with Id $person_id is empty");
+						continue;
+					}
+
+					$esi = self::ESI_PREFIX.$matr_nr;
+
+					// check if ESI was already used
+					$this->KennzeichenModel->addSelect('1');
+					$existingKennzeichenRes = $this->KennzeichenModel->loadWhere(
+						array('person_id' => $person_id, 'kennzeichentyp_kurzbz' => ESIScheduler::KENNZEICHENTYP_KURZBZ, 'inhalt' => $esi)
+					);
+
+					if (hasData($existingKennzeichenRes))
+					{
+						$this->logError("ESI $esi for person Id $person_id already exists");
+						continue;
+					}
+
+					// if everything ok, save the esi for the person
+					$saveEsiResult = $this->KennzeichenModel->insert(
+						array(
+							'person_id' => $person_id,
+							'kennzeichentyp_kurzbz' => ESIScheduler::KENNZEICHENTYP_KURZBZ,
+							'inhalt' => $esi,
+							'aktiv' => true,
+							'insertvon' => self::INSERT_VON
+						)
+					);
+
+					if (isError($saveEsiResult))
+					{
+						$this->logError("Error when sending ESI, person Id $person_id ".getError($saveEsiResult));
+					}
+				}
+			}
+
+			// Update jobs properties values
+			$this->updateJobs(
+				getData($lastJobs), // Jobs to be updated
+				array(JobsQueueLib::PROPERTY_STATUS, JobsQueueLib::PROPERTY_END_TIME), // Job properties to be updated
+				array(JobsQueueLib::STATUS_DONE, date('Y-m-d H:i:s')) // Job properties new values
+			);
+
+			if (hasData($lastJobs)) $this->updateJobsQueue(ESIScheduler::JOB_TYPE_GENERATE_ESI, getData($lastJobs));
+		}
+
+		$this->logInfo(ESIScheduler::JOB_TYPE_GENERATE_ESI.' job stop');
+	}
+
+	// --------------------------------------------------------------------------------------------
+	// Private methods
+
+	/**
+	 * Extracts input data from jobs.
+	 * @param $jobs
+	 * @return array with jobinput
+	 */
+	private function _getInputObjArray($jobs)
+	{
+		$mergedUsersArray = array();
+
+		if (count($jobs) == 0) return $mergedUsersArray;
+
+		foreach ($jobs as $job)
+		{
+			$decodedInput = json_decode($job->input);
+			if ($decodedInput != null)
+			{
+				foreach ($decodedInput as $el)
+				{
+					$mergedUsersArray[] = $el;
+				}
+			}
+		}
+		return $mergedUsersArray;
+	}
+}

application/controllers/jobs/IssueResolver.php

@@ -9,8 +9,8 @@ class IssueResolver extends IssueResolver_Controller
 	{
 		parent::__construct();
 
-		// set fehler codes which can be resolved by the job
-		// structure: fehlercode => class (library) name for resolving
+		// set fehler codes which can be resolved by the job, with own resolver defined
+		// structure: fehlercode => class (library) name for resolving in "resolvers" folder
 		$this->_codeLibMappings = array(
 			'CORE_ZGV_0001' => 'CORE_ZGV_0001',
 			'CORE_ZGV_0002' => 'CORE_ZGV_0002',
@@ -30,7 +30,6 @@ class IssueResolver extends IssueResolver_Controller
 			'CORE_STG_0002' => 'CORE_STG_0002',
 			'CORE_STG_0003' => 'CORE_STG_0003',
 			'CORE_STG_0004' => 'CORE_STG_0004',
-			'CORE_STUDENTSTATUS_0001' => 'CORE_STUDENTSTATUS_0001',
 			'CORE_STUDENTSTATUS_0002' => 'CORE_STUDENTSTATUS_0002',
 			'CORE_STUDENTSTATUS_0003' => 'CORE_STUDENTSTATUS_0003',
 			'CORE_STUDENTSTATUS_0004' => 'CORE_STUDENTSTATUS_0004',
@@ -45,10 +44,17 @@ class IssueResolver extends IssueResolver_Controller
 			'CORE_STUDENTSTATUS_0013' => 'CORE_STUDENTSTATUS_0013',
 			'CORE_STUDENTSTATUS_0014' => 'CORE_STUDENTSTATUS_0014',
 			'CORE_STUDENTSTATUS_0015' => 'CORE_STUDENTSTATUS_0015',
+			'CORE_STUDENTSTATUS_0016' => 'CORE_STUDENTSTATUS_0016',
 			'CORE_PERSON_0001' => 'CORE_PERSON_0001',
 			'CORE_PERSON_0002' => 'CORE_PERSON_0002',
 			'CORE_PERSON_0003' => 'CORE_PERSON_0003',
 			'CORE_PERSON_0004' => 'CORE_PERSON_0004'
 		);
+
+		// fehler which are resolved by the job the same way as they are produced
+		// structure: fehlercode => class (library) name for resolving in "plausichecks" folder
+		$this->_codeProducerLibMappings = array(
+			'CORE_STUDENTSTATUS_0001' => 'AbbrecherAktiv',
+		);
 	}
 }

application/controllers/jobs/OneTimeMessages.php

@@ -51,7 +51,7 @@ class OneTimeMessages extends JOB_Controller
 			   FROM public.tbl_prestudent p
 			   JOIN public.tbl_prestudentstatus ps USING (prestudent_id)
  			   JOIN public.tbl_studiengang s USING (studiengang_kz)
-			  WHERE ps.status_kurzbz = \'Wartender\'
+			  WHERE get_rolle_prestudent(ps.prestudent_id, NULL) = \'Wartender\'
 			    AND ps.studiensemester_kurzbz = ?
 			    AND ps.datum <= NOW() - \''.$days.' days\'::interval
 			    AND s.typ = ?

application/controllers/jobs/ReihungstestJob.php

@@ -467,7 +467,7 @@ class ReihungstestJob extends JOB_Controller
 		$this->PrestudentstatusModel->addJoin('public.tbl_person', 'person_id');
 
 		$yesterdays_applicants_arr = $this->PrestudentstatusModel->loadWhere('
-			status_kurzbz = \'Interessent\' AND
+			status_kurzbz IN (\'Interessent\', \'Bewerber\') AND
 			typ = \'b\' AND
 			bestaetigtam = current_date - 1
 		');
@@ -730,33 +730,27 @@ class ReihungstestJob extends JOB_Controller
 			tbl_reihungstest.reihungstest_id,
 			tbl_studienplan.studienplan_id,
 			tbl_reihungstest.studiensemester_kurzbz,
-			tbl_studienordnung.studiengang_kz
+			tbl_studienordnung.studiengang_kz,
+			tbl_studienplan.orgform_kurzbz
 		FROM
 			public.tbl_reihungstest
-			JOIN public.tbl_rt_studienplan ON(tbl_rt_studienplan.reihungstest_id=tbl_reihungstest.reihungstest_id)
-			JOIN lehre.tbl_studienplan USING(studienplan_id)
-			JOIN lehre.tbl_studienordnung USING(studienordnung_id)
+				JOIN public.tbl_rt_studienplan ON(tbl_rt_studienplan.reihungstest_id=tbl_reihungstest.reihungstest_id)
+				JOIN lehre.tbl_studienplan USING(studienplan_id)
+				JOIN lehre.tbl_studienordnung USING(studienordnung_id)
 		WHERE
-			NOT EXISTS(
-				SELECT 1 FROM lehre.tbl_studienplan_semester
-				WHERE studienplan_id=tbl_rt_studienplan.studienplan_id
-					AND tbl_studienplan_semester.studiensemester_kurzbz=tbl_reihungstest.studiensemester_kurzbz
+			EXISTS (
+				SELECT studienplan_id
+				FROM lehre.tbl_studienordnung sordnung
+					JOIN lehre.tbl_studienplan USING (studienordnung_id)
+					JOIN lehre.tbl_studienplan_semester USING (studienplan_id)
+				WHERE sordnung.studiengang_kz = tbl_studienordnung.studiengang_kz
+					AND tbl_studienplan_semester.studiensemester_kurzbz = tbl_reihungstest.studiensemester_kurzbz
+					AND tbl_studienplan.studienplan_id NOT IN
+					(
+						SELECT studienplan_id FROM tbl_rt_studienplan WHERE reihungstest_id = tbl_reihungstest.reihungstest_id
+					)
 			)
-			AND tbl_reihungstest.datum >= now()
-			AND NOT EXISTS(
-				SELECT
-					1
-				FROM
-					public.tbl_rt_studienplan rtstp
-					JOIN lehre.tbl_studienplan stp USING(studienplan_id)
-					JOIN lehre.tbl_studienordnung sto USING(studienordnung_id)
-					JOIN lehre.tbl_studienplan_semester stpsem USING(studienplan_id)
-				WHERE
-					sto.studiengang_kz=tbl_studienordnung.studiengang_kz
-					AND rtstp.reihungstest_id=tbl_reihungstest.reihungstest_id
-					AND stpsem.studiensemester_kurzbz=tbl_reihungstest.studiensemester_kurzbz
-			)
-		";
+			AND tbl_reihungstest.datum >= now()";
 
 		$db = new DB_Model();
 		$result_rt = $db->execReadOnlyQuery($qry);
@@ -766,7 +760,9 @@ class ReihungstestJob extends JOB_Controller
 				// find an active studyplan for the same degree program with is valid in this semester
 				$result_stpl = $this->StudienplanModel->getStudienplaeneBySemester(
 					$row_rt->studiengang_kz,
-					$row_rt->studiensemester_kurzbz
+					$row_rt->studiensemester_kurzbz,
+					null,
+					$row_rt->orgform_kurzbz
 				);
 
 				if (hasData($result_stpl)) {
@@ -1027,7 +1023,7 @@ class ReihungstestJob extends JOB_Controller
 			{
 				$studiengang = $this->StudiengangModel->load($stg);
 				$mailcontent = '';
-
+				$content = false;
 				foreach ($orgform AS $art=>$value)
 				{
 					// Orgform nur dazu schreiben, wenn es mehr als Eine gibt
@@ -1048,6 +1044,7 @@ class ReihungstestJob extends JOB_Controller
 							$mailcontent .= '<tr><td style="font-family: verdana, sans-serif; border: 1px solid grey; padding: 3px">'.$bewerber.'</td></tr>';
 						}
 						$mailcontent .= '</tbody></table><br><br>';
+						$content = true;
 					}
 					if (isset($value['AufnahmeHoeherePrio']) && !isEmptyArray($value['AufnahmeHoeherePrio']))
 					{
@@ -1062,6 +1059,7 @@ class ReihungstestJob extends JOB_Controller
 							$mailcontent .= '<tr><td style="font-family: verdana, sans-serif; border: 1px solid grey; padding: 3px">'.$bewerber.'</td></tr>';
 						}
 						$mailcontent .= '</tbody></table>';
+						$content = true;
 					}
 					if (isset($value['AbgewiesenHoeherePrio']) && !isEmptyArray($value['AbgewiesenHoeherePrio']))
 					{
@@ -1075,6 +1073,7 @@ class ReihungstestJob extends JOB_Controller
 							$mailcontent .= '<tr><td style="font-family: verdana, sans-serif; border: 1px solid grey; padding: 3px">'.$bewerber.'</td></tr>';
 						}
 						$mailcontent .= '</tbody></table>';
+						$content = true;
 					}
 					if ($bcc != '' && isset($value['AbgewiesenWeilBewerber']) && !isEmptyArray($value['AbgewiesenWeilBewerber']))
 					{
@@ -1089,13 +1088,14 @@ class ReihungstestJob extends JOB_Controller
 							$mailcontent .= '<tr><td style="font-family: verdana, sans-serif; border: 1px solid grey; padding: 3px">'.$bewerber.'</td></tr>';
 						}
 						$mailcontent .= '</tbody></table>';
+						$content = true;
 					}
 				}
 
 				$mailcontent_data_arr['table'] = $mailcontent;
 
 				// Send email in Sancho design
-				if (!isEmptyString($mailcontent))
+				if (!isEmptyString($mailcontent) && $content === true)
 				{
 					sendSanchoMail(
 						'Sancho_ReihungstestteilnehmerJob',

application/controllers/jobs/schedulers/ESIScheduler.php

@@ -0,0 +1,108 @@
+<?php
+
+if (!defined('BASEPATH')) exit('No direct script access allowed');
+
+/**
+ * Scheduler for generating ESI (European Student Identifier)
+ */
+class ESIScheduler extends JQW_Controller
+{
+	const JOB_TYPE_GENERATE_ESI = 'generateESI';
+	const KENNZEICHENTYP_KURZBZ = 'esi';
+
+	private $_active_status_kurzbz = array('Student', 'Diplomand');
+
+	/**
+	 * Controller initialization
+	 */
+	public function __construct()
+	{
+		parent::__construct();
+
+		$this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel');
+	}
+
+	//------------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Creates jobs queue entries for generateESI job.
+	 * @param string $studiensemester_kurzbz semester for which ESIs should be generated
+	 */
+	public function generateESI($studiensemester_kurzbz = null)
+	{
+		// if no semester given, get current studiensemester
+		if (!isset($studiensemester_kurzbz))
+		{
+			$semRes = $this->StudiensemesterModel->getAkt();
+
+			if (hasData($semRes))
+			{
+				$studiensemester_kurzbz = getData($semRes)[0]->studiensemester_kurzbz;
+			}
+		}
+
+		if (isset($studiensemester_kurzbz))
+		{
+			$this->logInfo('Start job queue scheduler '.self::JOB_TYPE_GENERATE_ESI);
+
+			$qry = "
+				SELECT
+					DISTINCT person_id
+				FROM
+					public.tbl_person pers
+					JOIN public.tbl_prestudent ps USING (person_id)
+					JOIN public.tbl_prestudentstatus pss USING (prestudent_id)
+				WHERE
+					pss.studiensemester_kurzbz = ?
+					AND pers.matr_nr IS NOT NULL
+					AND pss.status_kurzbz IN ?
+					AND NOT EXISTS ( -- has no ESI yet
+						SELECT 1
+						FROM
+							public.tbl_kennzeichen
+						WHERE
+							person_id = pers.person_id
+							AND kennzeichentyp_kurzbz = ?
+							AND aktiv
+					)
+					AND NOT EXISTS ( -- making sure it's not an incoming
+						SELECT 1
+						FROM
+							public.tbl_prestudentstatus
+						WHERE
+							prestudent_id = ps.prestudent_id
+							AND status_kurzbz = 'Incoming'
+					)";
+
+			$db = new DB_Model();
+			$jobInputResult = $db->execReadOnlyQuery($qry, array($studiensemester_kurzbz, $this->_active_status_kurzbz, self::KENNZEICHENTYP_KURZBZ));
+
+			// If an error occured then log it
+			if (isError($jobInputResult))
+			{
+				$this->logError(getError($jobInputResult));
+			}
+			elseif (hasData($jobInputResult)) // if persons found
+			{
+				// Add the new job to the jobs queue
+				$addNewJobResult = $this->addNewJobsToQueue(
+					self::JOB_TYPE_GENERATE_ESI, // job type
+					$this->generateJobs( // gnerate the structure of the new job
+						JobsQueueLib::STATUS_NEW,
+						json_encode(getData($jobInputResult))
+					)
+				);
+
+				// If error occurred return it
+				if (isError($addNewJobResult)) $this->logError(getError($addNewJobResult));
+			}
+		}
+		else
+		{
+			$this->logError('Error when getting Studiensemester');
+		}
+
+		$this->logInfo('End job queue scheduler '.self::JOB_TYPE_GENERATE_ESI);
+	}
+}

application/controllers/lehre/Pruefungsprotokoll.php

@@ -6,58 +6,59 @@ if (! defined('BASEPATH')) exit('No direct script access allowed');
  */
 class Pruefungsprotokoll extends Auth_Controller
 {
-    private $_uid;  // uid of the logged user
+	private $_uid;  // uid of the logged user
 
-    /**
-     * Constructor
-     */
-    public function __construct()
-    {
-        // Set required permissions
-        parent::__construct(
-            array(
-                'index' => 'lehre/pruefungsbeurteilung:r',
-                'Protokoll' => 'lehre/pruefungsbeurteilung:r',
-                'saveProtokoll' => 'lehre/pruefungsbeurteilung:rw',
-            )
-        );
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		// Set required permissions
+		parent::__construct(
+			array(
+				'index' => 'lehre/pruefungsbeurteilung:r',
+				'Protokoll' => 'lehre/pruefungsbeurteilung:r',
+				'showProtokoll' => 'lehre/pruefungsbeurteilung:r',
+				'saveProtokoll' => 'lehre/pruefungsbeurteilung:rw',
+			)
+		);
 
-        // Load models
-        $this->load->model('education/Abschlusspruefung_model', 'AbschlusspruefungModel');
-        $this->load->model('education/Abschlussbeurteilung_model', 'AbschlussbeurteilungModel');
+		// Load models
+		$this->load->model('education/Abschlusspruefung_model', 'AbschlusspruefungModel');
+		$this->load->model('education/Abschlussbeurteilung_model', 'AbschlussbeurteilungModel');
 
-        $this->load->library('PermissionLib');
-        $this->load->library('AuthLib');
+		$this->load->library('PermissionLib');
+		$this->load->library('AuthLib');
 
-        // Load language phrases
-        $this->loadPhrases(
-            array(
-            	'ui',
-                'global',
-                'person',
-                'abschlusspruefung',
+		// Load language phrases
+		$this->loadPhrases(
+			array(
+				'ui',
+				'global',
+				'person',
+				'abschlusspruefung',
 				'password',
 				'lehre'
-            )
-        );
+			)
+		);
 
-        $this->_setAuthUID(); // sets property uid
+		$this->_setAuthUID(); // sets property uid
 
-        $this->setControllerId(); // sets the controller id
-    }
+		$this->setControllerId(); // sets the controller id
+	}
 
-    // -----------------------------------------------------------------------------------------------------------------
-    // Public methods
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
 	public function index()
 	{
 		$this->load->library('WidgetLib');
-		
+
 		// Protokolle anzeigen seit heute / letzte Woche / alle
 		$period = $this->input->post('period');
 		$period = (!is_null($period)) ? $period : 'today';
-		
+
 		$data = array('period' => $period);
-		
+
 		$this->load->view('lehre/pruefungsprotokollUebersicht.php', $data);
 	}
 
@@ -66,47 +67,15 @@ class Pruefungsprotokoll extends Auth_Controller
 	 */
 	public function Protokoll()
 	{
-		$abschlusspruefung_id = $this->input->get('abschlusspruefung_id');
+		$this->load->view('lehre/pruefungsprotokoll.php', $this->_getPruefungsprotokollData());
+	}
 
-		if (!is_numeric($abschlusspruefung_id))
-			show_error('invalid abschlusspruefung');
-
-		$abschlusspruefung_saved = false;
-		$abschlusspruefung = $this->_getAbschlusspruefungBerechtigt($abschlusspruefung_id);
-
-		if (isError($abschlusspruefung))
-			show_error(getError($abschlusspruefung));
-		else
-		{
-			$abschlusspruefung = getData($abschlusspruefung);
-			$abschlusspruefung_saved = isset($abschlusspruefung->protokoll) && isset($abschlusspruefung->abschlussbeurteilung_kurzbz);
-		}
-
-		$this->AbschlussbeurteilungModel->addOrder("sort", "ASC");
-		$this->AbschlussbeurteilungModel->addOrder("(CASE WHEN abschlussbeurteilung_kurzbz = 'ausgezeichnet' THEN 1
-														WHEN abschlussbeurteilung_kurzbz = 'gut' THEN 2
-														WHEN abschlussbeurteilung_kurzbz = 'bestanden' THEN 3
-														WHEN abschlussbeurteilung_kurzbz = 'angerechnet' THEN 4
-														ELSE 5
-														END
-													)");
-		$abschlussbeurteilung = $this->AbschlussbeurteilungModel->load();
-
-		if (isError($abschlussbeurteilung))
-			show_error(getError($abschlussbeurteilung));
-		else
-			$abschlussbeurteilung = getData($abschlussbeurteilung);
-
-		$language = getUserLanguage();
-
-		$data = array(
-			'abschlusspruefung' => $abschlusspruefung,
-			'abschlussbeurteilung' => $abschlussbeurteilung,
-			'abschlusspruefung_saved' => $abschlusspruefung_saved,
-			'language' => $language
-		);
-
-		$this->load->view('lehre/pruefungsprotokoll.php', $data);
+	/**
+	 * Show Pruefungsprotokoll.
+	 */
+	public function showProtokoll()
+	{
+		$this->load->view('lehre/pruefungsprotokoll.php', array_merge($this->_getPruefungsprotokollData(), array('readonly' => true)));
 	}
 
 	/**
@@ -168,18 +137,66 @@ class Pruefungsprotokoll extends Auth_Controller
 			$this->outputJsonError($this->p->t('ui', 'ungueltigeParameter'));
 	}
 
-    // -----------------------------------------------------------------------------------------------------------------
-    // Private methods
+	// -----------------------------------------------------------------------------------------------------------------
+	// Private methods
 
-    /**
-     * Retrieve the UID of the logged user and checks if it is valid
-     */
-    private function _setAuthUID()
-    {
-        $this->_uid = getAuthUID();
+	/**
+	 * Retrieve the UID of the logged user and checks if it is valid
+	 */
+	private function _setAuthUID()
+	{
+		$this->_uid = getAuthUID();
 
-        if (!$this->_uid) show_error('User authentification failed');
-    }
+		if (!$this->_uid) show_error('User authentification failed');
+	}
+
+	/**
+	 *
+	 * @param
+	 * @return object success or error
+	 */
+	private function _getPruefungsprotokollData()
+	{
+		$abschlusspruefung_id = $this->input->get('abschlusspruefung_id');
+
+		if (!is_numeric($abschlusspruefung_id))
+			show_error('invalid abschlusspruefung');
+
+		$abschlusspruefung_saved = false;
+		$abschlusspruefung = $this->_getAbschlusspruefungBerechtigt($abschlusspruefung_id);
+
+		if (isError($abschlusspruefung))
+			show_error(getError($abschlusspruefung));
+		else
+		{
+			$abschlusspruefung = getData($abschlusspruefung);
+			$abschlusspruefung_saved = isset($abschlusspruefung->protokoll) && isset($abschlusspruefung->abschlussbeurteilung_kurzbz);
+		}
+
+		$this->AbschlussbeurteilungModel->addOrder("sort", "ASC");
+		$this->AbschlussbeurteilungModel->addOrder("(CASE WHEN abschlussbeurteilung_kurzbz = 'ausgezeichnet' THEN 1
+														WHEN abschlussbeurteilung_kurzbz = 'gut' THEN 2
+														WHEN abschlussbeurteilung_kurzbz = 'bestanden' THEN 3
+														WHEN abschlussbeurteilung_kurzbz = 'angerechnet' THEN 4
+														ELSE 5
+														END
+													)");
+		$abschlussbeurteilung = $this->AbschlussbeurteilungModel->load();
+
+		if (isError($abschlussbeurteilung))
+			show_error(getError($abschlussbeurteilung));
+		else
+			$abschlussbeurteilung = getData($abschlussbeurteilung);
+
+		$language = getUserLanguage();
+
+		return array(
+			'abschlusspruefung' => $abschlusspruefung,
+			'abschlussbeurteilung' => $abschlussbeurteilung,
+			'abschlusspruefung_saved' => $abschlusspruefung_saved,
+			'language' => $language
+		);
+	}
 
 	/**
 	 * Retrieves an Abschlussprüfung, with permission check
@@ -187,7 +204,7 @@ class Pruefungsprotokoll extends Auth_Controller
 	 * @param $abschlusspruefung_id
 	 * @return object success or error
 	 */
-    private function _getAbschlusspruefungBerechtigt($abschlusspruefung_id)
+	private function _getAbschlusspruefungBerechtigt($abschlusspruefung_id)
 	{
 		$result = error('Error when getting Abschlusspruefung');
 

application/controllers/lehre/Studierendenantrag.php

@@ -21,6 +21,7 @@ class Studierendenantrag extends FHC_Controller
 
 		// Load Models
 		$this->load->model('education/Studierendenantrag_model', 'StudierendenantragModel');
+		$this->load->model('person/Person_model', 'PersonModel');
 
 		// Load language phrases
 		$this->loadPhrases([
@@ -81,42 +82,9 @@ class Studierendenantrag extends FHC_Controller
 
 	public function leitung()
 	{
-		$studiengaenge = $this->permissionlib->getSTG_isEntitledFor('student/antragfreigabe');
-		$stgsNeuanlage = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag');
+		$stgL = $this->permissionlib->getSTG_isEntitledFor('student/antragfreigabe') ?: [];
 
-		$stgL = [];
-		if ($studiengaenge) {
-			$result = $this->StudiengangModel->loadWithOrgform($studiengaenge);
-			if (isError($result))
-				return show_error(getError($result));
-			$antraege = getData($result) ?: [];
-
-			foreach ($antraege as $antrag) {
-				if (!isset($stgL[$antrag->studiengang_kz])) {
-					$stgL[$antrag->studiengang_kz] = new stdClass();
-					$stgL[$antrag->studiengang_kz]->bezeichnung = $antrag->bezeichnung;
-					$stgL[$antrag->studiengang_kz]->orgform = $antrag->orgform;
-					$stgL[$antrag->studiengang_kz]->studiengang_kz = $antrag->studiengang_kz;
-				}
-			}
-		}
-
-		$stgA = [];
-		if ($stgsNeuanlage) {
-			$result = $this->StudiengangModel->loadWithOrgform($stgsNeuanlage);
-			if (isError($result))
-				return show_error(getError($result));
-			$antraege = getData($result) ?: [];
-
-			foreach ($antraege as $antrag) {
-				if (!isset($stgA[$antrag->studiengang_kz])) {
-					$stgA[$antrag->studiengang_kz] = new stdClass();
-					$stgA[$antrag->studiengang_kz]->bezeichnung = $antrag->bezeichnung;
-					$stgA[$antrag->studiengang_kz]->orgform = $antrag->orgform;
-					$stgA[$antrag->studiengang_kz]->studiengang_kz = $antrag->studiengang_kz;
-				}
-			}
-		}
+		$stgA = $this->permissionlib->getSTG_isEntitledFor('student/studierendenantrag') ?: [];
 
 		$this->load->view('lehre/Antrag/Leitung/List', [
 			'stgA' => $stgA,
@@ -135,6 +103,7 @@ class Studierendenantrag extends FHC_Controller
 
 	public function abmeldungstgl($prestudent_id, $studierendenantrag_id = null)
 	{
+
 		$this->load->view('lehre/Antrag/Create', [
 			'prestudent_id' => $prestudent_id,
 			'studierendenantrag_id' => $studierendenantrag_id,
@@ -218,4 +187,4 @@ class Studierendenantrag extends FHC_Controller
 
 		return $strRequiredPermissions;
 	}
-}
+}

application/controllers/lehre/anrechnung/RequestAnrechnung.php

@@ -111,8 +111,13 @@ class requestAnrechnung extends Auth_Controller
 		$lehrveranstaltung_id = $this->input->post('lv_id');
 		$studiensemester_kurzbz = $this->input->post('studiensemester');
 		$bestaetigung = $this->input->post('bestaetigung');
-		$begruendung_ects = $this->input->post('begruendung_ects');
-		$begruendung_lvinhalt = $this->input->post('begruendung_lvinhalt');
+		$begruendung_ects = $this->config->item('explain_equivalence') === TRUE
+			? $this->input->post('begruendung_ects')
+			: NULL;
+		$begruendung_lvinhalt = $this->config->item('explain_equivalence') === TRUE
+			? $this->input->post('begruendung_lvinhalt')
+			: NULL;
+
 
 		// Validate data
 		if (empty($_FILES['uploadfile']['name']))
@@ -124,8 +129,8 @@ class requestAnrechnung extends Auth_Controller
 			isEmptyString($anmerkung) ||
 			isEmptyString($lehrveranstaltung_id) ||
 			isEmptyString($studiensemester_kurzbz) ||
-			isEmptyString($begruendung_ects) ||
-			isEmptyString($begruendung_lvinhalt))
+			($this->config->item('explain_equivalence') === TRUE && isEmptyString($begruendung_ects)) ||
+			($this->config->item('explain_equivalence') === TRUE && isEmptyString($begruendung_lvinhalt)))
 		{
 			return $this->outputJsonError($this->p->t('ui', 'errorFelderFehlen'));
 		}
@@ -152,10 +157,10 @@ class requestAnrechnung extends Auth_Controller
 			return $this->outputJsonError($this->p->t('anrechnung', 'antragBereitsGestellt'));
 		}
 		
-		// Exit if application is not for actual studysemester
-		if (!self::_applicationIsForActualSS($studiensemester_kurzbz))
+		// Exit if application is a past ( < actual ) studysemester
+		if (self::_applicationIsPastSS($studiensemester_kurzbz))
 		{
-			return $this->outputJsonError($this->p->t('anrechnung', 'antragNurImAktSS'));
+			return $this->outputJsonError($this->p->t('anrechnung', 'antragNichtFuerVerganganeSS'));
 		}
 		
 		// Upload document
@@ -168,7 +173,7 @@ class requestAnrechnung extends Auth_Controller
 		
 		// Hold just inserted DMS ID
 		$lastInsert_dms_id = $result->retval['dms_id'];
-		
+
 		// Save Anrechnung and Anrechnungstatus
 		$result = $this->AnrechnungModel->createAnrechnungsantrag(
 			$prestudent_id,
@@ -312,18 +317,21 @@ class requestAnrechnung extends Auth_Controller
 	}
 
 	/**
-	 * Check if applications' study semester is actual study semester.
+	 * Check if applications' study semester is < actual study semester.
 	 *
 	 * @param $studiensemester_kurzbz
 	 * @return bool
 	 */
-	private function _applicationIsForActualSS($studiensemester_kurzbz)
+	private function _applicationIsPastSS($studiensemester_kurzbz)
 	{
 		$this->load->model('organisation/Studiensemester_model', 'StudiensemesterModel');
 		$result = $this->StudiensemesterModel->getNearest();
-		$actual_ss = getData($result)[0]->studiensemester_kurzbz;
+		$actual_ss = getData($result)[0];
 
-		return $studiensemester_kurzbz == $actual_ss;
+		$result = $this->StudiensemesterModel->load($studiensemester_kurzbz);
+		$anrechnung_ss = getData($result)[0];
+
+		return $anrechnung_ss->ende < $actual_ss->start;
 	}
 
 	private function _LVhasBlockingGrades($studiensemester_kurzbz, $lehrveranstaltung_id)

application/controllers/lehre/lehrauftrag/LehrauftragAkzeptieren.php

@@ -35,6 +35,7 @@ class LehrauftragAkzeptieren extends Auth_Controller
 		$this->load->model('ressource/Mitarbeiter_model', 'MitarbeiterModel');
 		$this->load->model('codex/Bisverwendung_model', 'BisverwendungModel');
 		$this->load->model('person/Benutzer_model', 'BenutzerModel');
+		$this->load->model('vertragsbestandteil/Dienstverhaeltnis_model', 'DienstverhaeltnisModel');
 
 		// Load libraries
 		$this->load->library('WidgetLib');
@@ -94,9 +95,9 @@ class LehrauftragAkzeptieren extends Auth_Controller
 			'lektor' => true,
 			'aktiv' => true
 		));
-		
+
 		$is_external_lector = hasData($result) ? true : false;
-		
+
 		$view_data = array(
 			'studiensemester_selected' => $studiensemester_kurzbz,
 			'is_external_lector' => $is_external_lector
@@ -207,15 +208,41 @@ class LehrauftragAkzeptieren extends Auth_Controller
 	 */
 	public function checkInkludierteLehre()
 	{
-		$result = $this->BisverwendungModel->getLast($this->_uid, false);
-
-		if (hasData($result))
+		if(defined('DIENSTVERHAELTNIS_SUPPORT') && DIENSTVERHAELTNIS_SUPPORT)
 		{
-			$this->outputJsonSuccess(!is_null($result->retval[0]->inkludierte_lehre) && $result->retval[0]->inkludierte_lehre != 0);
+			// Bei neuer Vertragsstruktur wird nur anhand des echten DVs entschieden ob eine Anzeige
+			// des Stundensatzes erfolgt oder nicht.
+			$result = $this->DienstverhaeltnisModel->getDVByPersonUID($this->_uid, null, date('Y-m-d'));
+
+			if (hasData($result))
+			{
+				$data = getData($result);
+				foreach($data as $row)
+				{
+					if($row->vertragsart_kurzbz == 'echterdv')
+						$this->outputJsonSuccess(true);
+					else
+						$this->outputJsonSuccess(false);
+				}
+			}
+			else
+			{
+				$this->outputJsonError(getError($result));
+			}
 		}
 		else
 		{
-			$this->outputJsonError(getError($result));
+			// DEPRECATED
+			$result = $this->BisverwendungModel->getLast($this->_uid, false);
+
+			if (hasData($result))
+			{
+				$this->outputJsonSuccess(!is_null($result->retval[0]->inkludierte_lehre) && $result->retval[0]->inkludierte_lehre != 0);
+			}
+			else
+			{
+				$this->outputJsonError(getError($result));
+			}
 		}
 	}
 

application/controllers/lehre/lvplanung/LvTemplateUebersicht.php

@@ -0,0 +1,45 @@
+<?php
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class LvTemplateUebersicht extends Auth_Controller
+{
+	public function __construct()
+	{
+		// Set required permissions
+		parent::__construct(
+			array(
+				'index' => 'lehre/lehrveranstaltung:rw',
+			)
+		);
+
+		// Load libraries
+		$this->load->library('AuthLib');
+
+
+		// Load language phrases
+		$this->loadPhrases(
+			array(
+				'global',
+				'lehre'
+			)
+		);
+
+		$this->_setAuthUID();
+	}
+
+	public function index()
+	{
+		$this->load->view('lehre/lvplanung/lvTemplateUebersicht.php');
+	}
+
+
+	/**
+	 * Retrieve the UID of the logged user and checks if it is valid
+	 */
+	private function _setAuthUID()
+	{
+		$this->_uid = getAuthUID();
+
+		if (!$this->_uid) show_error('User authentification failed');
+	}
+}

application/controllers/person/Gruppenmanagement.php

@@ -29,6 +29,7 @@ class Gruppenmanagement extends Auth_Controller
 		$this->load->model('person/benutzer_model', 'BenutzerModel');
 		$this->load->model('ressource/mitarbeiter_model', 'MitarbeiterModel');
 		$this->load->model('person/benutzergruppe_model', 'BenutzergruppeModel');
+		$this->load->model('person/gruppe_manager_model', 'GruppemanagerModel');
 		$this->load->model('system/Log_model', 'LogModel');
 
 		$this->load->library('WidgetLib');
@@ -117,6 +118,27 @@ class Gruppenmanagement extends Auth_Controller
 			$result = error('Uid missing');
 		else
 		{
+			$this->GruppemanagerModel->addSelect('1');
+			$isManagerRes = $this->GruppemanagerModel->loadWhere(
+				array(
+					'uid' => $this->_uid,
+					'gruppe_kurzbz' => $gruppe_kurzbz
+				)
+			);
+
+			if (isError($isManagerRes))
+			{
+				$this->outputJsonError(getError($isManagerRes));
+				return;
+			}
+
+			if (!hasData($isManagerRes))
+			{
+				$this->outputJsonError($this->p->t('gruppenmanagement', 'nichtZumEditierenDerGruppeBerechtigt'));
+				return;
+			}
+
+			$this->BenutzergruppeModel->addSelect('1');
 			$benutzerExistsRes = $this->BenutzergruppeModel->loadWhere(
 				array(
 					'uid' => $uid,
@@ -170,6 +192,26 @@ class Gruppenmanagement extends Auth_Controller
 			$result = error('Uid missing');
 		else
 		{
+			$this->GruppemanagerModel->addSelect('1');
+			$isManagerRes = $this->GruppemanagerModel->loadWhere(
+				array(
+					'uid' => $this->_uid,
+					'gruppe_kurzbz' => $gruppe_kurzbz
+				)
+			);
+
+			if (isError($isManagerRes))
+			{
+				$this->outputJsonError(getError($isManagerRes));
+				return;
+			}
+
+			if (!hasData($isManagerRes))
+			{
+				$this->outputJsonError($this->p->t('gruppenmanagement', 'nichtZumEditierenDerGruppeBerechtigt'));
+				return;
+			}
+
 			$result = $this->BenutzergruppeModel->delete(
 				array(
 					'uid' => $uid,

application/controllers/public/js/Components.php

@@ -0,0 +1,43 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class Components extends FHC_Controller
+{
+	/**
+	 * @return void
+	 */
+	public function primevue(...$args)
+	{
+		$path = implode('/', $args);
+		$target = FHCPATH . 'vendor/npm-asset/primevue/' . $path;
+		if (!file_exists($target))
+			return show_404();
+		
+		$newUrl = str_repeat('../', count($args));
+
+		$ext = substr($path, -7) == '.min.js' ? '.esm.min.js' : '.esm.js';
+
+		$contents = file_get_contents($target);
+		
+		$contents = preg_replace_callback('/import([^;]*)from\s*[\'"]vue[\'"];/i', function ($matches) {
+			return 'let ' . str_replace(' as ', ': ', $matches[1]) . ' = Vue;';
+		}, $contents);
+		
+		$contents = preg_replace_callback('/(import[^;]*[\'"])(primevue[^\'"]+)([\'"])/i', function ($matches) use ($ext, $newUrl) {
+			if (is_file(FHCPATH . 'vendor/npm-asset/' . $matches[2])) {
+				$newUrl .= $matches[2];
+			} else {
+				$testfile = $matches[2] . '/index' . $ext;
+				if (file_exists(FHCPATH . 'vendor/npm-asset/' . $testfile))
+					$newUrl .= $testfile;
+				else
+					$newUrl .= $matches[2] . strrchr($matches[2], '/') . $ext;
+			}
+			return $matches[1] . $newUrl . $matches[3];
+		}, $contents);
+		
+		$this->output->set_content_type('text/javascript');
+		$this->output->set_output($contents);
+	}
+}

application/controllers/system/MigrateContract.php

@@ -0,0 +1,759 @@
+<?php
+/*
+ * Job zur einmaligen Migration der Mitarbeiterverträge aus der tbl_bisverwendung in die neue
+ * Vertragsstruktur im HR Schema
+ *
+ * Aufruf pro Person
+ * php index.ci.php system/MigrateContract/index/oesi
+ *
+ * Aufruf fuer Alle
+ * php index.ci.php system/MigrateContract/index
+ */
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class MigrateContract extends CLI_Controller
+{
+
+	private $matching_ba1_vertragsart;
+	private $OE_DEFAULT;
+
+	protected $configerrors;
+
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct();
+
+		$this->load->model('codex/bisverwendung_model', 'BisVerwendungModel');
+		$this->load->model('person/benutzerfunktion_model', 'BenutzerfunktionModel');
+
+		$this->load->config('migratecontract');
+
+		$this->OE_DEFAULT = $this->config->item('migratecontract_oe_default');
+		$this->matching_ba1_vertragsart = $this->config->item('migratecontract_matching_ba1_vertragsart');
+		$this->configerrors = array();
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+	public function checkConfig()
+	{
+	    echo "OE_DEFAULT: " . $this->OE_DEFAULT . "\n";
+	    echo "matching_ba1_vertragsart: " . print_r($this->matching_ba1_vertragsart, true);
+
+	    $this->checkOE_DEFAULT();
+	    $this->checkMatching_ba1_vertragsart();
+
+	    if( count($this->configerrors) > 0 )
+	    {
+		foreach($this->configerrors AS $configerror)
+		{
+		    echo $configerror . "\n";
+		}
+		die("Fehler in der Konfiguration. Abbruch!\n");
+	    }
+	    else
+	    {
+		echo "Konfiguration OK.\n";
+	    }
+	}
+
+	protected function checkOE_DEFAULT()
+	{
+	    $db = new DB_Model();
+	    $oesql = 'SELECT * FROM public.tbl_organisationseinheit WHERE oe_kurzbz = ?';
+	    $oeres = $db->execReadOnlyQuery($oesql, array($this->OE_DEFAULT));
+	    if( !hasData($oeres) )
+	    {
+		$this->configerrors[] = 'Default Organisationseinheit: "'
+		    . $this->OE_DEFAULT . '" nicht gefunden.';
+	    }
+	}
+
+	protected function checkMatching_ba1_vertragsart() {
+	    $db = new DB_Model();
+	    foreach( $this->matching_ba1_vertragsart AS $vertragsart_kurzbz )
+	    {
+		$vasql = 'SELECT * FROM hr.tbl_vertragsart WHERE vertragsart_kurzbz = ?';
+		$vares = $db->execReadOnlyQuery($vasql, array($vertragsart_kurzbz));
+		if( !hasData($vares) )
+		{
+		    $this->configerrors[] = 'Vertragsart "' . $vertragsart_kurzbz
+			. '" nicht gefunden.';
+		}
+	    }
+	}
+
+	/**
+	 * Everything has a beginning
+	 */
+	public function index($user = null)
+	{
+		$this->checkConfig();
+
+		if (!is_null($user))
+		{
+			$contracts = $this->_transformUser($user);
+
+			/*
+			Format:
+			$contracts['dv'][]['vbs'][]
+			*/
+			//$this->outputJson($contracts);
+			var_dump($contracts);
+			$this->_saveJSON($contracts);
+		}
+		else
+		{
+			$qry = "SELECT distinct mitarbeiter_uid FROM bis.tbl_bisverwendung";
+			$db = new DB_Model();
+
+			$resultUser = $db->execReadOnlyQuery($qry);
+			if (hasData($resultUser))
+			{
+				$users = getData($resultUser);
+				foreach($users as $user)
+				{
+					$contracts = $this->_transformUser($user->mitarbeiter_uid);
+					$this->_saveJSON($contracts);
+				}
+			}
+
+		}
+	}
+
+	private function _saveJSON($contracts)
+	{
+		$this->load->model('vertragsbestandteil/Dienstverhaeltnis_model','DienstverhaeltnisModel');
+		$this->load->model('vertragsbestandteil/Vertragsbestandteil_model','VertragsbestandteilModel');
+		$this->load->model('vertragsbestandteil/VertragsbestandteilStunden_model','VertragsbestandteilStundenModel');
+		$this->load->model('vertragsbestandteil/VertragsbestandteilZeitaufzeichnung_model','VertragsbestandteilZeitaufzeichnungModel');
+		$this->load->model('vertragsbestandteil/VertragsbestandteilFreitext_model','VertragsbestandteilFreitextModel');
+		$this->load->model('vertragsbestandteil/VertragsbestandteilFunktion_model','VertragsbestandteilFunktionModel');
+		$this->load->model('vertragsbestandteil/VertragsbestandteilKarenz_model','VertragsbestandteilKarenzModel');
+
+		$failed = false;
+		$this->db->trans_begin();
+
+		foreach($contracts['dv'] as $row_dv)
+		{
+			// Dienstvertrag erstellen
+			$resultDV = $this->DienstverhaeltnisModel->insert(
+				array(
+				'mitarbeiter_uid' => $row_dv['mitarbeiter_uid'],
+				'vertragsart_kurzbz' => $row_dv['vertragsart_kurzbz'],
+				'oe_kurzbz' => $row_dv['oe_kurzbz'],
+				'von' => $row_dv['von'],
+				'bis' => $row_dv['bis'],
+				'insertamum' => date('Y-m-d H:i:s'),
+				'insertvon' => 'MigrateContract'
+				)
+			);
+
+			if (isSuccess($resultDV) && hasData($resultDV))
+			{
+				$dv_id = getData($resultDV);
+
+				// Vertragsbetandteile erstellen
+				foreach($row_dv['vbs'] as $row_vbs)
+				{
+					$resultVBS = $this->VertragsbestandteilModel->insert(
+						array(
+						'dienstverhaeltnis_id' => $dv_id,
+						'vertragsbestandteiltyp_kurzbz' => $row_vbs['vertragsbestandteiltyp_kurzbz'],
+						'von' => $row_vbs['von'],
+						'bis' => $row_vbs['bis'],
+						'insertamum' => date('Y-m-d H:i:s'),
+						'insertvon' => 'MigrateContract'
+						)
+					);
+
+					if (isSuccess($resultVBS) && hasData($resultVBS))
+					{
+						$vbs_id = getData($resultVBS);
+						echo 'VBS:'.$vbs_id;
+
+						switch($row_vbs['vertragsbestandteiltyp_kurzbz'])
+						{
+							case 'stunden':
+								$resultVBS = $this->_insertVBSStunden($vbs_id, $row_vbs);
+								break;
+							case 'zeitaufzeichnung':
+								$resultVBS = $this->_insertVBSZeitaufzeichnung($vbs_id, $row_vbs);
+								break;
+							case 'funktion':
+								$resultVBS = $this->_insertVBSFunktion($vbs_id, $row_vbs);
+								break;
+							case 'freitext':
+								$resultVBS = $this->_insertVBSFreitext($vbs_id, $row_vbs);
+								break;
+							case 'karenz':
+								$resultVBS = $this->_insertVBSKarenz($vbs_id, $row_vbs);
+								break;
+						}
+
+						if (isError($resultVBS))
+						{
+							echo "FAILED:".getError($resultVBS);
+							$failed = true;
+						}
+					}
+					else
+					{
+						$failed = true;
+					}
+				}
+			}
+			else
+			{
+				$failed = true;
+			}
+		}
+
+		if(!$failed)
+		{
+			$this->db->trans_commit();
+		}
+		else
+		{
+			echo "ROLLBACK";
+			$this->db->trans_rollback();
+		}
+	}
+
+	private function _insertVBSKarenz($vbs_id, $row_vbs)
+	{
+		return $this->VertragsbestandteilKarenzModel->insert(
+			array(
+			'vertragsbestandteil_id' => $vbs_id,
+			'karenztyp_kurzbz' => $row_vbs['karenztyp_kurzbz']
+			)
+		);
+	}
+
+	private function _insertVBSFreitext($vbs_id, $row_vbs)
+	{
+		return $this->VertragsbestandteilFreitextModel->insert(
+			array(
+			'vertragsbestandteil_id' => $vbs_id,
+			'freitexttyp_kurzbz' => $row_vbs['freitexttyp_kurzbz'],
+			'titel' => $row_vbs['titel'],
+			'anmerkung' => $row_vbs['anmerkung']
+			)
+		);
+	}
+
+	private function _insertVBSFunktion($vbs_id, $row_vbs)
+	{
+		return $this->VertragsbestandteilFunktionModel->insert(
+			array(
+			'vertragsbestandteil_id' => $vbs_id,
+			'benutzerfunktion_id' => $row_vbs['benutzerfunktion_id']
+			)
+		);
+	}
+
+	private function _insertVBSZeitaufzeichnung($vbs_id, $row_vbs)
+	{
+		return $this->VertragsbestandteilZeitaufzeichnungModel->insert(
+			array(
+			'vertragsbestandteil_id' => $vbs_id,
+			'zeitaufzeichnung' => $row_vbs['zeitaufzeichnung'],
+			'azgrelevant' => $row_vbs['azgrelevant'],
+			'homeoffice' => $row_vbs['homeoffice']
+			)
+		);
+	}
+
+	private function _insertVBSStunden($vbs_id, $row_vbs)
+	{
+		return $this->VertragsbestandteilStundenModel->insert(
+			array(
+			'vertragsbestandteil_id' => $vbs_id,
+			'wochenstunden' => $row_vbs['wochenstunden'],
+			'teilzeittyp_kurzbz' => $row_vbs['teilzeittyp_kurzbz']
+			)
+		);
+	}
+
+	/**
+	 * Ermittelt die neue Vertragsstruktur fuer einen User
+	 */
+	private function _transformUser($user)
+	{
+		$contracts = array();
+		$this->BisVerwendungModel->addOrder('beginn');
+		$result_verwendung = $this->BisVerwendungModel->loadWhere(array("mitarbeiter_uid" => $user));
+
+		if (isError($result_verwendung))
+			die("Failed to load Verwendung");
+
+		if (hasData($result_verwendung))
+		{
+			$verwendung = getData($result_verwendung);
+
+			foreach ($verwendung as $row_verwendung)
+			{
+				$dv = $this->_getOrCreateDV($contracts, $row_verwendung);
+
+				// Ende des DV aktualisieren
+				if ($contracts['dv'][$dv]['bis'] < $row_verwendung->ende || $row_verwendung->ende == '')
+					$contracts['dv'][$dv]['bis'] = $row_verwendung->ende;
+
+				// Stundenbestandteil pruefen
+				$this->_addVertragsbestandteilStunden($contracts, $dv, $row_verwendung);
+
+				// Befristung
+				$this->_addVertragsbestandteilFreitextBefristung($contracts, $dv, $row_verwendung);
+
+				// All-In
+				$this->_addVertragsbestandteilFreitextAllIn($contracts, $dv, $row_verwendung);
+
+				// Zeitaufzeichnung
+				$this->_addVertragsbestandteilZeitaufzeichnung($contracts, $dv, $row_verwendung);
+
+				// Karenz
+				$this->_addVertragsbestandteilKarenz($contracts, $dv, $row_verwendung);
+
+				// Inkludierte Lehre
+				// Kuendigungsfrist
+				// Urlaubsanspruch
+			}
+
+			// Funktion
+			$this->_addVertragsbestandteilFunktion($contracts, $user);
+
+		}
+
+		return $contracts;
+	}
+
+	/**
+	 * Fuegt Karenzierungseintraege zu bestehenden Dienstverhaeltnissen hinzu
+	 */
+	private function _addVertragsbestandteilKarenz(&$contracts, $dv, $row_verwendung)
+	{
+		if ($row_verwendung->beschausmasscode == 5)
+		{
+			$dtstart = new DateTime($row_verwendung->beginn);
+			$dtende = new DateTime($row_verwendung->ende);
+			$interval = $dtende->diff($dtstart);
+			$dauer = $interval->format('%a');
+
+			// TODO: klären ob das so machbar ist
+			if ($dauer < 65)
+				$karenztyp = 'papamonat';
+			elseif ($dauer < 120)
+				$karenztyp = 'bildungskarenz';
+			else
+				$karenztyp = 'elternkarenz';
+
+			// VBS anlegen und Funktion zuweisen
+			$newVBSIndex = $this->_getNewVBSIndex($contracts, $dv);
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['vertragsbestandteiltyp_kurzbz'] = 'karenz';
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['von'] = $row_verwendung->beginn;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['bis'] = $row_verwendung->ende;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['karenztyp_kurzbz'] = $karenztyp;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['geplanter_geburtstermin'] = null;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['tatsaechlicher_geburtstermin'] = null;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['hint'] = 'Dauer:'.$dauer;
+		}
+	}
+
+	/**
+	 * Holt die Funktionen die Vertragsrelevant sind und verknüpft diese
+	 */
+	private function _addVertragsbestandteilFunktion(&$contracts, $user)
+	{
+		// Alle Funktionen holen die Vertragsrelevant sind
+		$this->BenutzerfunktionModel->addOrder('datum_von');
+		$this->BenutzerfunktionModel->addJoin('public.tbl_funktion','funktion_kurzbz');
+		$resultFunktionen = $this->BenutzerfunktionModel->loadWhere(array('uid' => $user, 'vertragsrelevant' => true));
+
+		if (isSuccess($resultFunktionen) && hasData($resultFunktionen))
+		{
+			$funktionen = getData($resultFunktionen);
+
+			foreach ($funktionen as  $row_funktion)
+			{
+				$funktion_added = 0;
+				$dv = '';
+
+				// Passendes DV suchen
+				foreach ($contracts['dv'] as $key_dv => $row_contract)
+				{
+					// Eine Funktion kann zu mehreren DV zugeordnet sein
+					// es werden daher alle durchsucht ob es reinfaellt und ggf mehrfach zugeordnet
+					if ((isset($row_funktion->datum_von) && $row_funktion->datum_von >= $row_contract['von'])
+					 && ($row_contract['bis'] == '' || $row_contract['bis'] >= $row_funktion->datum_von)
+					 && (
+							(
+							isset($row_funktion->datum_bis) && isset($row_contract['bis'])
+							&& $row_funktion->datum_bis <= $row_contract['bis']
+							)
+							|| $row_funktion->datum_bis == ''
+							|| (isset($row_funktion->datum_bis) && !isset($row_contract['bis']))
+						)
+					)
+					{
+
+						$dv = $key_dv;
+
+						// Startdatum und Endedatum ermitteln wenn die Funktion ueber das DV hinausgeht
+						// Wenn die Dauer laenger ist, wird beim Beginn/Ende des DV abgegrenzt
+						$dtstart_fkt = new DateTime($row_funktion->datum_von);
+						$dtstart_dv = new DateTime($row_contract['von']);
+						if ($dtstart_fkt < $dtstart_dv)
+							$startdatum = $row_contract['von'];
+						else
+							$startdatum = $row_funktion->datum_von;
+
+						$dtende_fkt = new DateTime($row_funktion->datum_bis);
+						$dtende_dv = new DateTime($row_contract['bis']);
+						if ($dtende_fkt < $dtende_dv)
+							$endedatum = $row_funktion->datum_bis;
+						else
+							$endedatum = $row_contract['bis'];
+
+						// VBS anlegen und Funktion zuweisen
+						$newVBSIndex = $this->_getNewVBSIndex($contracts, $dv);
+						$contracts['dv'][$dv]['vbs'][$newVBSIndex]['vertragsbestandteiltyp_kurzbz'] = 'funktion';
+						$contracts['dv'][$dv]['vbs'][$newVBSIndex]['von'] = $startdatum;
+						$contracts['dv'][$dv]['vbs'][$newVBSIndex]['bis'] = $endedatum;
+						$contracts['dv'][$dv]['vbs'][$newVBSIndex]['benutzerfunktion_id'] = $row_funktion->benutzerfunktion_id;
+						$contracts['dv'][$dv]['vbs'][$newVBSIndex]['hint'] = $row_funktion->funktion_kurzbz.' '.$row_funktion->datum_von.' - '.$row_funktion->datum_bis;
+						$funktion_added++;
+					}
+				}
+				if ($funktion_added == 0)
+				{
+					echo "\nFunktion nicht zugeordnet: ".$row_funktion->funktion_kurzbz.' '.$row_funktion->datum_von.' - '.$row_funktion->datum_bis;
+				}
+			}
+		}
+	}
+
+	/**
+	 * Prueft ob schon ein Vertragsbestandteil fuer Zeitaufzeichnung vorhanden ist das in den Zeitraum passt
+	 * bzw direkt anschließt. Wenn es direkt anschließend ist und die Art gleich sind wird die Laufzeit verlaengert
+	 * Ansonsten wird ein neuer VBS angelegt
+	 */
+	private function _addVertragsbestandteilZeitaufzeichnung(&$contracts, $dv, $row_verwendung)
+	{
+		if( is_null($row_verwendung->zeitaufzeichnungspflichtig) || is_null($row_verwendung->azgrelevant) )
+		{
+		    return;
+		}
+
+		if (isset($contracts['dv'][$dv]['vbs']))
+		{
+			foreach ($contracts['dv'][$dv]['vbs'] as $index_vbs=>$row_vbs)
+			{
+				if ($row_vbs['vertragsbestandteiltyp_kurzbz'] == 'zeitaufzeichnung')
+				{
+					if ($this->_isVBSAngrenzend($row_verwendung, $row_vbs)
+						&& $row_vbs['zeitaufzeichnung'] == $row_verwendung->zeitaufzeichnungspflichtig
+						&& $row_vbs['azgrelevant'] == $row_verwendung->azgrelevant
+						&& $row_vbs['homeoffice'] == $row_verwendung->homeoffice
+					)
+					{
+						// Zeitaufzeichnungsarten bleiben gleich - Ende des VBS verlaengern
+						$contracts['dv'][$dv]['vbs'][$index_vbs]['bis'] = $row_verwendung->ende;
+						return true;
+					}
+				}
+			}
+		}
+
+		// kein passender VBS gefunden - neuen anlegen
+		$newVBSIndex = $this->_getNewVBSIndex($contracts, $dv);
+		$contracts['dv'][$dv]['vbs'][$newVBSIndex]['vertragsbestandteiltyp_kurzbz'] = 'zeitaufzeichnung';
+		$contracts['dv'][$dv]['vbs'][$newVBSIndex]['von'] = $row_verwendung->beginn;
+		$contracts['dv'][$dv]['vbs'][$newVBSIndex]['bis'] = $row_verwendung->ende;
+		$contracts['dv'][$dv]['vbs'][$newVBSIndex]['zeitaufzeichnung'] = $row_verwendung->zeitaufzeichnungspflichtig;
+		$contracts['dv'][$dv]['vbs'][$newVBSIndex]['azgrelevant'] = $row_verwendung->azgrelevant;
+		$contracts['dv'][$dv]['vbs'][$newVBSIndex]['homeoffice'] = $row_verwendung->homeoffice;
+
+		return true;
+	}
+
+	/**
+	 * Fueg einen Freitextbestandteil fuer All-In zum DV hinzu
+	 */
+	private function _addVertragsbestandteilFreitextAllIn(&$contracts, $dv, $row_verwendung)
+	{
+		if ($row_verwendung->ba1code == 111) // All-In
+		{
+			$newVBSIndex = $this->_getNewVBSIndex($contracts, $dv);
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['vertragsbestandteiltyp_kurzbz'] = 'freitext';
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['von'] = $row_verwendung->beginn;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['bis'] = $row_verwendung->ende;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['freitexttyp_kurzbz'] = 'allin';
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['titel'] = 'allin';
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['anmerkung'] = 'allin';
+		}
+		return true;
+	}
+
+	/**
+	 * Fueg einen Freitextbestandteil fuer die Berfristung zum DV hinzu
+	 */
+	private function _addVertragsbestandteilFreitextBefristung(&$contracts, $dv, $row_verwendung)
+	{
+		if ($row_verwendung->ba2code == 1) // Befristung
+		{
+			$newVBSIndex = $this->_getNewVBSIndex($contracts, $dv);
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['vertragsbestandteiltyp_kurzbz'] = 'freitext';
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['von'] = $row_verwendung->beginn;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['bis'] = $row_verwendung->ende;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['freitexttyp_kurzbz'] = 'befristung';
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['titel'] = 'befristung';
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['anmerkung'] = 'befristung';
+		}
+		return true;
+	}
+
+	/**
+	 * Prueft ob schon ein Vertragsbestandteil mit diesem Stundenausmass vorhanden ist das in den Zeitraum passt
+	 * bzw direkt anschließt. Wenn es direkt anschließend ist und die Stunden gleich sind wird die Laufzeit verlaengert
+	 * Ansonsten wird ein neuer VBS angelegt
+	 */
+	private function _addVertragsbestandteilStunden(&$contracts, $dv, $row_verwendung)
+	{
+		// Nur anlegen wenn im aktuellen Eintrag auch Stunden eingetragen sind
+		if ($row_verwendung->vertragsstunden != '')
+		{
+			if (isset($contracts['dv'][$dv]['vbs']))
+			{
+				foreach ($contracts['dv'][$dv]['vbs'] as $index_vbs=>$row_vbs)
+				{
+					if ($row_vbs['vertragsbestandteiltyp_kurzbz'] == 'stunden' || ($row_vbs['vertragsbestandteiltyp_kurzbz'] == 'karenz' && $row_verwendung->vertragsstunden === '0.00'))
+					{
+						if ($this->_isVBSAngrenzend($row_verwendung, $row_vbs) && ((isset($row_vbs['wochenstunden']) && $row_vbs['wochenstunden'] == $row_verwendung->vertragsstunden) || $row_verwendung->vertragsstunden === '0.00'))
+						{
+							// stunden bleiben gleich - Ende des VBS verlaengern
+							$contracts['dv'][$dv]['vbs'][$index_vbs]['bis'] = $row_verwendung->ende;
+							return true;
+						}
+					}
+				}
+			}
+
+			// kein passender VBS gefunden - neuen anlegen
+			$newVBSIndex = $this->_getNewVBSIndex($contracts, $dv);
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['vertragsbestandteiltyp_kurzbz'] = 'stunden';
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['von'] = $row_verwendung->beginn;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['bis'] = $row_verwendung->ende;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['wochenstunden'] = $row_verwendung->vertragsstunden;
+			$contracts['dv'][$dv]['vbs'][$newVBSIndex]['teilzeittyp_kurzbz'] = null;
+		}
+		return true;
+	}
+
+	/**
+	 * Prueft ob die Verwendung direkt an den Vertragsbestandteil angrenzt
+	 * @return boolean true wenn ja, sonst false
+	 */
+	private function _isVBSAngrenzend($verwendung, $vbs)
+	{
+		// Beginn Minus 1 Tag
+		$dtstart = new DateTime($verwendung->beginn);
+		$dtstartMinus1 = $dtstart->sub(new DateInterval('P1D'))->format('Y-m-d');
+
+		if ($vbs['bis'] == ''
+			|| $vbs['bis'] == $dtstartMinus1)
+		{
+			return true;
+		}
+
+		return false;
+	}
+
+	/**
+	 * Create a new DV or Returns the Index of an existing
+	 */
+	private function _getOrCreateDV(&$contracts, $row_verwendung)
+	{
+		$unternehmen = $this->OE_DEFAULT;
+		$resultUnternehmen = $this->_getUnternehmen($row_verwendung);
+		if(hasData($resultUnternehmen))
+		{
+			$unternehmen = getData($resultUnternehmen)[0]->oe_kurzbz;
+		}
+		else
+		{
+			// Fallback Unternehmen wird verwendet falls keine Zuordnung ermittelt werden kann
+		}
+
+		if (isset($contracts['dv']) && is_array($contracts['dv']))
+		{
+			foreach($contracts['dv'] as $indexdv => $row_dv)
+			{
+				// Vertragsart ist die selbe und selbes Unternehmen
+				if ($row_dv['vertragsart_kurzbz'] == $this->matching_ba1_vertragsart[$row_verwendung->ba1code]
+					&& $row_dv['oe_kurzbz'] == $unternehmen
+				)
+				{
+
+					$dtstart = new DateTime($row_verwendung->beginn);
+
+					// Zeitraum passt zur Verwendung
+					if ($row_dv['von'] <= $row_verwendung->beginn // Beginn Datum Pruefen
+						&& ( // Ende innerhalb des DV
+							(isset($row_dv['bis']) && $row_verwendung->ende != '' && ($row_dv['bis'] == '' || $row_dv['bis'] >= $row_verwendung->ende)
+							)
+							|| // direkt angrenzend an dieses DV
+							(isset($row_dv['bis'])
+							&& ($row_dv['bis'] == ''
+								|| $row_dv['bis'] == $dtstart->sub(new DateInterval('P1D'))->format('Y-m-d')
+								)
+							)
+						)
+					)
+					{
+						return $indexdv;
+					}
+				}
+			}
+		}
+
+		$newDvIndex = $this->_getNewDVIndex($contracts);
+		$contracts['dv'][$newDvIndex]['mitarbeiter_uid'] = $row_verwendung->mitarbeiter_uid;
+		$contracts['dv'][$newDvIndex]['von'] = $row_verwendung->beginn;
+		$contracts['dv'][$newDvIndex]['bis'] = $row_verwendung->ende;
+		$contracts['dv'][$newDvIndex]['oe_kurzbz'] = $unternehmen;
+		$contracts['dv'][$newDvIndex]['vertragsart_kurzbz'] = $this->matching_ba1_vertragsart[$row_verwendung->ba1code];
+
+		return $newDvIndex;
+	}
+
+	/**
+	 * Ermittelt in welchem Unternehmen die Person zum betreffenden Zeitpunkt ist.
+	 */
+	private function _getUnternehmen($row_verwendung)
+	{
+
+		$resultUnternehmen = $this->_findUnternehmen($row_verwendung->mitarbeiter_uid, "'kstzuordnung', 'oezuordnung'", $row_verwendung->beginn);
+
+		// Wenn zeitlich keine passende Unternehmenszuordnung vorhanden ist, dann suchen ob generell eine Zuordnung ermittelt werden kann
+		if(!hasData($resultUnternehmen))
+		{
+			$resultUnternehmen = $this->_findUnternehmen($row_verwendung->mitarbeiter_uid, "'kstzuordnung', 'oezuordnung'");
+
+			// Falls nicht wird nach erweiterten Funktionen gesucht um die Zuordnung zu ermitteln.
+			if(!hasData($resultUnternehmen))
+			{
+				$resultUnternehmen = $this->_findUnternehmen($row_verwendung->mitarbeiter_uid, "'kstzuordnung', 'oezuordnung','hilfskraft','Leitung','fbk','fbl'");
+			}
+		}
+
+		return $resultUnternehmen;
+	}
+
+	/**
+	 * Detailsuche fuer die Ermittlung des Unternehmenszuordnung einer Person
+	 */
+	private function _findUnternehmen($uid, $fkt=null, $datum=null)
+	{
+		$db = new DB_Model();
+
+		$qry = "
+		WITH RECURSIVE meine_oes(oe_kurzbz, oe_parent_kurzbz, organisationseinheittyp_kurzbz) as
+		(
+			SELECT
+				oe_kurzbz, oe_parent_kurzbz, organisationseinheittyp_kurzbz
+			FROM
+				public.tbl_organisationseinheit
+			WHERE
+				oe_kurzbz=(SELECT
+						oe_kurzbz
+					FROM
+						public.tbl_benutzerfunktion
+					WHERE
+						uid=".$db->escape($uid);
+
+		if(!is_null($datum))
+			$qry.=" AND ".$db->escape($datum)." BETWEEN datum_von AND COALESCE(datum_bis, '2999-12-31')";
+
+		if(!is_null($fkt))
+			$qry.=" AND funktion_kurzbz in ($fkt)";
+
+		$qry.="
+					ORDER BY funktion_kurzbz, datum_von LIMIT 1)
+			UNION ALL
+			SELECT
+				o.oe_kurzbz, o.oe_parent_kurzbz, o.organisationseinheittyp_kurzbz
+			FROM
+				public.tbl_organisationseinheit o, meine_oes
+			WHERE
+				o.oe_kurzbz=meine_oes.oe_parent_kurzbz
+		)
+		SELECT
+			oe_kurzbz
+		FROM
+			meine_oes
+		WHERE
+			oe_parent_kurzbz is null
+		LIMIT 1
+		";
+
+		$resultUnternehmen = $db->execReadOnlyQuery($qry);
+		return $resultUnternehmen;
+	}
+
+	/**
+	 * Ermittelt den nächsten (freien) Index für den Vertragsbetandteil
+	 */
+	private function _getNewVBSIndex($contracts, $dv)
+	{
+		if (isset($contracts['dv'][$dv]['vbs']))
+			return max(array_keys($contracts['dv'][$dv]['vbs'])) + 1;
+		else
+			return 0;
+	}
+
+	/**
+	 * Ermittelt den nächsten (freien) Index für das Dienstverhältnis
+	 */
+	private function _getNewDVIndex($contracts)
+	{
+		if (isset($contracts['dv']) && is_array($contracts['dv']))
+			return max(array_keys($contracts['dv'])) + 1;
+		else
+			return 0;
+	}
+
+	/**
+	 * Habilitation wird aus der Tabelle bis.tbl_bisverwendung in die Tabelle public.tbl_mitarbeiter uebernommen
+	 * Sofern die Person einmal in den Verwendungen eine habiliation eingetragen hat wird diese in den MA-Datensatz übernommen
+	 * Da es in der regel öfter vorkommt dass das hakerl vergessen wurde beim Vertragswechsel als dass die person die habiliation verliert.
+	 */
+	public function migrateHabilitation()
+	{
+		$this->load->model('ressource/Mitarbeiter_model','MitarbeiterModel');
+		$db = new DB_Model();
+
+		$qry = "
+		SELECT
+			distinct mitarbeiter_uid
+		FROM
+			bis.tbl_bisverwendung
+		WHERE
+			habilitation=true";
+
+		$resultHabilitation = $db->execReadOnlyQuery($qry);
+
+		if (isSuccess($resultHabilitation) && hasData($resultHabilitation))
+		{
+			$habilitationen = getData($resultHabilitation);
+
+			foreach ($habilitationen as  $row_habilitationen)
+			{
+ 				$this->MitarbeiterModel->update($row_habilitationen->mitarbeiter_uid, array('habilitation'=>true));
+			}
+		}
+	}
+}

application/controllers/system/MigrateHourlyRate.php

@@ -0,0 +1,268 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class MigrateHourlyRate extends CLI_Controller
+{
+	CONST DEFAULT_DATE = '1970-01-01';
+	CONST STUNDENSTAZTYP_LEHRE = 'lehre';
+	CONST STUNDENSTAZTYP_KALKULATORISCH = 'kalkulatorisch';
+	
+	private $OE_DEFAULT;
+	private $_ci;
+
+	protected $configerrors;
+
+	public function __construct()
+	{
+		parent::__construct();
+
+		$this->_ci = & get_instance();
+		
+		$this->load->model('codex/Bisverwendung_model', 'BisVerwendungModel');
+		$this->load->model('person/Benutzerfunktion_model', 'BenutzerfunktionModel');
+		$this->load->model('ressource/Stundensatz_model', 'StundensatzModel');
+
+		$this->load->config('migratecontract');
+
+		$this->OE_DEFAULT = $this->config->item('migratecontract_oe_default');
+		$this->configerrors = array();
+	}
+
+	public function checkConfig()
+	{
+	    echo "OE_DEFAULT: " . $this->OE_DEFAULT . "\n";
+
+	    $this->checkOE_DEFAULT();
+
+	    if( count($this->configerrors) > 0 )
+	    {
+		foreach($this->configerrors AS $configerror)
+		{
+		    echo $configerror . "\n";
+		}
+		die("Fehler in der Konfiguration. Abbruch!\n");
+	    }
+	    else
+	    {
+		echo "Konfiguration OK.\n";
+	    }
+	}
+
+	public function index($user = null)
+	{
+		$this->checkConfig();
+
+		echo "Lehre Stundensaetze werden migriert.\n";
+		$mitarbeiterResult = $this->_getMitarbeiterStunden($user);
+		if (isError($mitarbeiterResult)) return $mitarbeiterResult;
+		if (!hasData($mitarbeiterResult)) return error('Keine Mitarbeiterstunden gefunden');
+
+		$mitarbeiterArray = getData($mitarbeiterResult);
+
+		foreach ($mitarbeiterArray as $mitarbeiter)
+		{
+			$this->_getUnternehmen($mitarbeiter);
+			$insertResult = $this->_addStundensatz($mitarbeiter, self::STUNDENSTAZTYP_LEHRE, self::DEFAULT_DATE);
+			if (isError($insertResult)) return $insertResult;
+		}
+		
+		if( $this->checkIfSAPSyncTableExists() )
+		{
+			echo "SAP Sync Tabelle gefunden. SAP Stundensaetze werden migriert.\n";
+			$sapResult = $this->_getSapStunden($user);
+			if (isError($sapResult)) return $sapResult;
+			if (!hasData($sapResult)) return error('Keinen kalkulatorischen Stundensaetze gefunden');
+
+			$mitarbeiterArray = getData($sapResult);
+
+			foreach ($mitarbeiterArray as $mitarbeiter)
+			{
+				$this->_getUnternehmen($mitarbeiter);
+				$insertResult = $this->_addStundensatz($mitarbeiter, self::STUNDENSTAZTYP_KALKULATORISCH, date_format(date_create($mitarbeiter->beginn), 'Y-m-d'));
+				if (isError($insertResult)) return $insertResult;
+			}
+		}
+		else
+		{
+		    echo "SAP Sync Tabelle nicht gefunden. Ignoriere SAP Stundensaetze.\n";
+		}
+	}
+
+	protected function checkOE_DEFAULT()
+	{
+	    $db = new DB_Model();
+	    $oesql = 'SELECT * FROM public.tbl_organisationseinheit WHERE oe_kurzbz = ?';
+	    $oeres = $db->execReadOnlyQuery($oesql, array($this->OE_DEFAULT));
+	    if( !hasData($oeres) )
+	    {
+		$this->configerrors[] = 'Default Organisationseinheit: "'
+		    . $this->OE_DEFAULT . '" nicht gefunden.';
+	    }
+	}
+
+	protected function checkIfSAPSyncTableExists()
+	{
+	    $dbModel = new DB_Model();
+	    $params = array(
+		DB_NAME,
+		'sync',
+		'tbl_sap_stundensatz'
+	    );
+
+	    $sql = "SELECT
+			    1 AS exists
+		    FROM
+			    information_schema.tables
+		    WHERE
+			    table_catalog = ? AND
+			    table_schema = ? AND
+			    table_name = ?";
+
+	    $res = $dbModel->execReadOnlyQuery($sql, $params);
+
+	    if( hasData($res) )
+	    {
+		return true;
+	    }
+	    else
+	    {
+		return false;
+	    }
+	}
+
+
+	private function _getSapStunden($user = null)
+	{
+		$dbModel = new DB_Model();
+		$params = array();
+		
+		$qry = "SELECT ss.mitarbeiter_uid as uid,
+						ss.sap_kalkulatorischer_stundensatz as stundensatz,
+						ss.insertamum as beginn
+				FROM sync.tbl_sap_stundensatz ss
+				WHERE ss.sap_kalkulatorischer_stundensatz IS NOT NULL";
+		
+		if (!is_null($user))
+		{
+			$qry .= " AND ss.mitarbeiter_uid = ? ";
+			$params[] = $user;
+		}
+		$qry .= " ORDER BY ss.mitarbeiter_uid";
+
+		return $dbModel->execReadOnlyQuery($qry, $params);
+	}
+	
+	private function _getMitarbeiterStunden($user = null)
+	{
+		$dbModel = new DB_Model();
+		$params = array();
+
+		$qry = "SELECT mitarbeiter.mitarbeiter_uid as uid,
+						stundensatz
+				FROM public.tbl_mitarbeiter mitarbeiter
+				WHERE mitarbeiter.stundensatz != 0.00
+					AND mitarbeiter.stundensatz IS NOT NULL";
+		
+		if (!is_null($user))
+		{
+			$qry .= " AND mitarbeiter.mitarbeiter_uid = ?";
+			$params[] = $user;
+		}
+		
+		$qry .= " ORDER BY mitarbeiter.mitarbeiter_uid";
+
+		return $dbModel->execReadOnlyQuery($qry, $params);
+	}
+
+	private function _addStundensatz($mitarbeiter, $stundensatztyp, $gueltig_von)
+	{
+		return $this->_ci->StundensatzModel->insert(
+			array(
+				'uid' => $mitarbeiter->uid,
+				'stundensatztyp' => $stundensatztyp,
+				'stundensatz' => $mitarbeiter->stundensatz,
+				'oe_kurzbz' => $mitarbeiter->unternehmen,
+				'gueltig_von' => $gueltig_von,
+				'insertamum' => date('Y-m-d H:i:s'),
+				'insertvon' => 'MigrateHours'
+			)
+		);
+	}
+
+	private function _getUnternehmen(&$mitarbeiter)
+	{
+		$bvResult = $this->_ci->BisVerwendungModel->getLast($mitarbeiter->uid);
+
+		$beginn = null;
+		if (hasData($bvResult))
+		{
+			$beginn = getData($bvResult)[0]->beginn;
+		}
+
+		$unternehmenResult = $this->_findUnternehmen($mitarbeiter->uid, "'kstzuordnung', 'oezuordnung'", $beginn);
+
+		if(!hasData($unternehmenResult)) //&& hasData($bvResult)
+		{
+			$unternehmenResult = $this->_findUnternehmen($mitarbeiter->uid, "'kstzuordnung', 'oezuordnung'");
+		}
+
+		$unternehmen = $this->OE_DEFAULT;
+
+		if (hasData($unternehmenResult))
+			$unternehmen = getData($unternehmenResult)[0]->oe_kurzbz;
+
+		$mitarbeiter->unternehmen = $unternehmen;
+	}
+
+	/**
+	 * Detailsuche fuer die Ermittlung des Unternehmenszuordnung einer Person
+	 */
+	private function _findUnternehmen($uid, $fkt=null, $datum=null)
+	{
+		$dbModel = new DB_Model();
+
+		$qry = "
+		WITH RECURSIVE meine_oes(oe_kurzbz, oe_parent_kurzbz, organisationseinheittyp_kurzbz) as 
+		(
+			SELECT 
+				oe_kurzbz, oe_parent_kurzbz, organisationseinheittyp_kurzbz
+			FROM 
+				public.tbl_organisationseinheit 
+			WHERE 
+				oe_kurzbz=(SELECT 
+						oe_kurzbz 
+					FROM 
+						public.tbl_benutzerfunktion 
+					WHERE 
+						uid=".$dbModel->escape($uid);
+
+		if(!is_null($datum))
+			$qry.=" AND ".$dbModel->escape($datum)." BETWEEN datum_von AND COALESCE(datum_bis, '2999-12-31')";
+
+		if(!is_null($fkt))
+			$qry.=" AND funktion_kurzbz in ($fkt)";
+
+		$qry.="
+					ORDER BY funktion_kurzbz, datum_von LIMIT 1)
+			UNION ALL
+			SELECT 
+				o.oe_kurzbz, o.oe_parent_kurzbz, o.organisationseinheittyp_kurzbz
+			FROM 
+				public.tbl_organisationseinheit o, meine_oes 
+			WHERE 
+				o.oe_kurzbz=meine_oes.oe_parent_kurzbz 
+		)
+		SELECT 
+			oe_kurzbz
+		FROM 
+			meine_oes 
+		WHERE 
+			oe_parent_kurzbz is null
+		LIMIT 1
+		";
+
+		return $dbModel->execReadOnlyQuery($qry);
+	}
+	
+}

application/controllers/system/MigrateSalary.php

@@ -0,0 +1,495 @@
+<?php
+/*
+ * Job zur einmaligen Import der Gehälter
+ *
+ * Aufruf (Encode / im Filenmae mit %2F):
+ * php index.ci.php system/MigrateSalary/import filename
+ *
+ */
+/*
+AUFBAU CSV:
+SVNR;Pers-Nr;Name;Dienstverhältnis;LA-Nr;Bezeichnung;2022-09-01;2022-10-01;2022-11-01;2022-12-01;2023-01-01;2023-02-01;2023-03-01
+XXXX XXXXXX;00;Name;5;1000;Gehalt;1.111,10;1.211,10;1.311,10;1.411,10;1.511,10;1.611,10;1.711,10
+*/
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class MigrateSalary extends CLI_Controller
+{
+	private $OE_DEFAULT = 'gst';
+	private $GEHALT_BEGINN_SPALTE = 6; // Beginnend mit 0 => G
+	private $INDEX_LOHNART = 4;
+	private $INDEX_BEZEICHNUNG = 5;
+
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct();
+
+		$this->load->model('vertragsbestandteil/Gehaltsbestandteil_model', 'GehaltsbestandteilModel');
+		$this->load->model('vertragsbestandteil/Dienstverhaeltnis_model','DienstverhaeltnisModel');
+		$this->load->model('vertragsbestandteil/Vertragsbestandteil_model','VertragsbestandteilModel');
+		$this->load->model('vertragsbestandteil/VertragsbestandteilStunden_model','VertragsbestandteilStundenModel');
+		$this->load->model('vertragsbestandteil/VertragsbestandteilFreitext_model','VertragsbestandteilFreitextModel');
+		$this->load->model('vertragsbestandteil/VertragsbestandteilFunktion_model','VertragsbestandteilFunktionModel');
+
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * Everything has a beginning
+	 */
+	public function import($file)
+	{
+
+		// CSV Laden
+		$file = urldecode($file);
+		if($handle = fopen($file, "r"))
+		{
+			$csvrow = -1;
+			$lastuser = '';
+			$monate = array();
+			$gehaltsarr = array();
+			$gehaltsindex = 0;
+
+			while (($data = fgetcsv($handle, null, ';')) !== FALSE)
+			{
+				$csvrow++;
+				// Kopfzeile ueberspringen
+				if($csvrow == 0)
+				{
+					for($i = $this->GEHALT_BEGINN_SPALTE; $i < count($data); $i++)
+					{
+						$monate[] = $data[$i];
+					}
+					continue;
+				}
+
+				// User zur SVNR ermitteln
+				$svnr = str_replace(' ', '',$data[0]);
+				$resultuser = $this->_getUser($svnr);
+
+				if(!hasData($resultuser))
+				{
+					echo getError($resultuser);
+					break;
+				}
+
+				$user = getData($resultuser)[0]->mitarbeiter_uid;
+				echo "\nUser:".$user;
+
+				if($user != $lastuser && $lastuser != '')
+				{
+					$this->_saveGehalt($lastuser, $gehaltsarr);
+					$gehaltsarr = array();
+					$gehaltsindex = 0;
+					$lastuser = $user;
+				}
+				else
+				{
+					$lastuser = $user;
+				}
+
+				// Gehalt Clustern
+
+				$monat = 0;
+				for ($i = $this->GEHALT_BEGINN_SPALTE; $i < count($data); $i++)
+				{
+					if (count($gehaltsarr) == 0 && $data[$i] != '')
+					{
+						$gehaltsarr[$gehaltsindex]['betrag'] = $data[$i];
+						$gehaltsarr[$gehaltsindex]['lohnart'] = $data[$this->INDEX_LOHNART];
+						$gehaltsarr[$gehaltsindex]['bezeichnung'] = $data[$this->INDEX_BEZEICHNUNG];
+						$gehaltsarr[$gehaltsindex]['beginn'] = $monate[$monat];
+					}
+					else
+					{
+						if ($data[$i] != ''
+							&& isset($gehaltsarr[$gehaltsindex]) && isset($gehaltsarr[$gehaltsindex]['betrag'])
+							&& $gehaltsarr[$gehaltsindex]['betrag'] == $data[$i])
+						{
+							// Gehalt bleibt gleich
+						}
+						else
+						{
+							if ($data[$i] != '')
+							{
+								// Gehalt hat sich geändert
+								if ($monat != 0 && isset($gehaltsarr[$gehaltsindex]))
+									$gehaltsarr[$gehaltsindex]['ende'] = $monate[$monat-1];
+
+								$gehaltsindex++;
+
+								$gehaltsarr[$gehaltsindex]['betrag'] = $data[$i];
+								$gehaltsarr[$gehaltsindex]['lohnart'] = $data[$this->INDEX_LOHNART];
+								$gehaltsarr[$gehaltsindex]['bezeichnung'] = $data[$this->INDEX_BEZEICHNUNG];
+								$gehaltsarr[$gehaltsindex]['beginn'] = $monate[$monat];
+							}
+							elseif(isset($gehaltsarr[$gehaltsindex]))
+							{
+								// Gehalt wurde beendet
+								if($monat!=0)
+									$gehaltsarr[$gehaltsindex]['ende'] = $monate[$monat-1];
+								$gehaltsindex++;
+							}
+						}
+					}
+
+					$monat++;
+				}
+
+				// Zeile zu Ende - Ende Datum setzen wenn nicht für alle Monate ein Eintrag vorhanden ist
+				if($monat < count($monate) && isset($gehaltsarr[$gehaltsindex]))
+					$gehaltsarr[$gehaltsindex]['ende'] = $monate[$monat-1];
+
+			}
+			$this->_saveGehalt($lastuser, $gehaltsarr);
+		}
+	}
+
+	/**
+	 * Ermittelt das passende Dienstverhaeltnis uns speichert den
+	 * Gehaltsbestandteil
+	 */
+	private function _saveGehalt($uid, $gehaltsarr)
+	{
+		$failed = false;
+		$this->db->trans_begin();
+
+		foreach($gehaltsarr as $row_gehalt)
+		{
+			//var_dump($row_gehalt);
+			$auszahlungen = 14;
+			$dvid = '';
+			$vbsid = '';
+			$typ = '';
+			$allin = false;
+
+			//DV und VBS Ermitteln
+			$dv = $this->DienstverhaeltnisModel->getDVByPersonUID($uid, $this->OE_DEFAULT, $row_gehalt['beginn']);
+
+			// Wenn keiner gefunden wird oder mit Monatsersteln nur ein externer gefunden wird, weitersuchen ob im Monat noch ein
+			// "richtiger" Vertrag startet
+			if (!hasData($dv) || getData($dv)[0]->vertragsart_kurzbz='externerLehrender')
+			{
+				$date = new DateTime($row_gehalt['beginn']);
+				$date->modify('last day of this month');
+				$last_day_this_month = $date->format('Y-m-d');
+
+				// Wenn mit Monatsersten kein DV gefunden wird, wird stattdessen mit Monatsletzten gesucht um DVs zu finden
+				// für Personen die erst später im Monat in ihr DV einsteigen
+				$dv = $this->DienstverhaeltnisModel->getDVByPersonUIDOverlapping($uid, $this->OE_DEFAULT, $row_gehalt['beginn'], $last_day_this_month);
+
+				if (!hasData($dv))
+				{
+					echo "\nKein passendes DV gefunden für User ".$uid." und Datum ".$row_gehalt['beginn']." -> ROLLBACK\n";
+					$failed = true;
+					break;
+				}
+				else
+				{
+					$resultdata = getData($dv);
+					foreach($resultdata as $dvdata)
+					{
+						// Externer DV wird in Monatsmitte zu echten DV - daher weitersuchen bei externenDVs da
+						// diese sowieso kein Gehalt zugeordnet haben
+						if($dvdata->vertragsart_kurzbz != 'externerLehrender')
+						{
+							$dvid = $dvdata->dienstverhaeltnis_id;
+							// Gehaltsstart wird auf den Start des DV korrigiert wenn nicht der Monatserste
+							// nur wenn das Beginndatum vor dem DV-Start liegt da sonst das Datum korrigiert wird
+							// wenn der Vertragsbestandteil wechselt
+							if($row_gehalt['beginn'] < $dvdata->von)
+								$row_gehalt['beginn'] = $dvdata->von;
+							break;
+						}
+					}
+				}
+			}
+			else
+			{
+				$resultdata = getData($dv);
+
+				if (count($resultdata) == 1)
+					$dvid = $resultdata[0]->dienstverhaeltnis_id;
+			}
+
+			if ($dvid == '')
+			{
+				echo "Kein oder mehrere DVs gefunden -> ROLLBACK";
+				$failed = true;
+				break;
+			}
+
+			$allin = $this->_isAllIn($dvid, $row_gehalt['beginn']);
+
+			$db = new DB_Model();
+
+			$resultVBS = $this->_getVBS($dvid, $row_gehalt['beginn']);
+
+			if (hasData($resultVBS))
+			{
+				$vbsid = getData($resultVBS)[0]->vertragsbestandteil_id;
+				$vbsbis = getData($resultVBS)[0]->bis;
+			}
+			else
+			{
+				echo "Vertragsbestandteil fuer $uid DV $dvid wurde nicht gefunden mit Beginn ".$row_gehalt['beginn']."-> ROLLBACK";
+				$failed = true;
+				break;
+			}
+
+			if ($row_gehalt['lohnart'] == 1000)
+			{
+				if($allin)
+					$typ = 'grundgehalt';
+				else
+					$typ = 'basisgehalt';
+			}
+			elseif ($row_gehalt['lohnart']==1041 // 14x
+				|| $row_gehalt['lohnart']==1042  // 12x
+				|| $row_gehalt['lohnart']==3410)  // USTDPausch
+			{
+				$typ = 'zusatzvereinbarung';
+
+				// Freitextbestandteil anlegen fuer die Zulage
+				// Gaehalt wird der Zuglage zugeordnet
+
+				$data = array(
+					'dienstverhaeltnis_id' => $dvid,
+					'von' => $row_gehalt['beginn'],
+					'vertragsbestandteiltyp_kurzbz' => 'freitext',
+					'insertamum' => date('Y-m-d H:i:s'),
+					'insertvon' => 'MigrateSalary'
+				);
+				if (isset($row_gehalt['ende']) && $row_gehalt['ende']!='')
+					$data['bis'] = $row_gehalt['ende'];
+
+				$resultVBS = $this->VertragsbestandteilModel->Insert($data);
+				if(!isSuccess($resultVBS))
+				{
+					echo "VBS kann nicht erstellt werden -> ROLLBACK";
+					$failed = true;
+					break;
+				}
+				$vbsid = getData($resultVBS);
+
+				$data = array(
+					'vertragsbestandteil_id' => $vbsid,
+					'freitexttyp_kurzbz' => 'zusatzvereinbarung',
+					'titel' => $row_gehalt['bezeichnung'],
+					'anmerkung' => $row_gehalt['bezeichnung'],
+				);
+				$resultVBSFreitext = $this->VertragsbestandteilFreitextModel->Insert($data);
+				if(!isSuccess($resultVBSFreitext))
+				{
+					echo "VBS Freitext Zusatz kann nicht erstellt werden -> ROLLBACK";
+					$failed = true;
+					break;
+				}
+			}
+			elseif ($row_gehalt['lohnart']==9999) // All-In Custom Lohnart nicht per Default vorhanden
+			{
+				$typ = 'zulage';
+
+				// Freitextbestandteil anlegen fuer die Zulage
+				// Gaehalt wird der Zuglage zugeordnet
+
+				$data = array(
+					'dienstverhaeltnis_id' => $dvid,
+					'von' => $row_gehalt['beginn'],
+					'vertragsbestandteiltyp_kurzbz' => 'freitext',
+					'insertamum' => date('Y-m-d H:i:s'),
+					'insertvon' => 'MigrateSalary'
+				);
+				if (isset($row_gehalt['ende']) && $row_gehalt['ende']!='')
+					$data['bis'] = $row_gehalt['ende'];
+
+				$resultVBS = $this->VertragsbestandteilModel->Insert($data);
+				if(!isSuccess($resultVBS))
+				{
+					echo "VBS AllIn kann nicht erstellt werden -> ROLLBACK";
+					$failed = true;
+					break;
+				}
+				$vbsid = getData($resultVBS);
+
+				$data = array(
+					'vertragsbestandteil_id' => $vbsid,
+					'freitexttyp_kurzbz' => 'allin',
+					'titel' => $row_gehalt['bezeichnung'],
+					'anmerkung' => $row_gehalt['bezeichnung'],
+				);
+				$resultVBSFreitext = $this->VertragsbestandteilFreitextModel->Insert($data);
+				if(!isSuccess($resultVBSFreitext))
+				{
+					echo "VBS Freitext AllIn Zusatz kann nicht erstellt werden -> ROLLBACK";
+					$failed = true;
+					break;
+				}
+			}
+			elseif($row_gehalt['lohnart']==5500) // ATZ
+			{
+				$typ = 'lohnausgleichatz';
+			}
+			else
+			{
+				$typ = 'unbekannt - '.$row_gehalt['lohnart'];
+				echo "\nGehaltstyp unbekannt Lohnart: ".$row_gehalt['lohnart']." -> ROLLBACK";
+				$failed = true;
+				break;
+			}
+
+			// Zulage 12x und Zulage 14x aus der Bezeichnung ermitteln
+			if(strstr($row_gehalt['bezeichnung'], '12x'))
+			{
+				$auszahlungen = 12;
+			}
+
+			// Format ist 7.777,77 und wird umformattiert in 7777.77
+			$betrag = str_replace('.','', $row_gehalt['betrag']);
+			$betrag = str_replace(',','.',$betrag);
+
+			$data = array(
+				'dienstverhaeltnis_id' => $dvid,
+				'vertragsbestandteil_id' => $vbsid,
+				'gehaltstyp_kurzbz' => $typ,
+				'von' => $row_gehalt['beginn'],
+				'grundbetrag' => $betrag,
+				'betrag_valorisiert' => $betrag,
+				'anmerkung' => $row_gehalt['bezeichnung'],
+				'valorisierung' => true,
+				'auszahlungen' => $auszahlungen,
+				'insertamum' => date('Y-m-d H:i:s'),
+				'insertvon' => 'MigrateSalary',
+				'updateamum' => date('Y-m-d H:i:s'),
+				'updatevon' => 'MigrateSalary'
+			);
+
+			if (isset($row_gehalt['ende']) && $row_gehalt['ende'] != '')
+			{
+				// Im Ende steht noch der Monatserste des letzten Monats
+				// Das muss geaendert werden auf den Monatsletzten oder das Ende des DVs
+				$date = new DateTime($row_gehalt['ende']);
+				$date->modify('last day of this month');
+				$last_day_this_month = $date->format('Y-m-d');
+
+				// Wenn das Dienstverhaeltnis in diesem Monat endet und nicht der Monatsletzte ist,
+				// dann muss hier das Ende Datum des DV stehen bzw das Ende
+				// oder das Ende des VBS falls die Person in der Monatsmitte Stunden wechselt
+				$data['bis'] = $last_day_this_month;
+
+				// Wenn der Vertragsbestandteil endet bevor das Gehalt endet, dann wir das Gehaltsende auf VBS Ende gesetzt
+				//echo "Ende des VBS: $vbsbis Ende des Gehalt: ".$data['bis'];
+				if ($vbsbis != '' && $vbsbis < $data['bis'])
+				{
+					$data['bis'] = $vbsbis;
+					//echo "Gehalt auf vbs ende gesetzt";
+				}
+			}
+
+			$ret = $this->GehaltsbestandteilModel->insert($data,
+				$this->GehaltsbestandteilModel->getEncryptedColumns()
+			);
+		}
+
+		if(!$failed)
+		{
+			$this->db->trans_commit();
+		}
+		else
+		{
+			echo "ROLLBACK";
+			$this->db->trans_rollback();
+		}
+	}
+
+	/**
+	 * Prueft ob ein AllIn Vertrag vorhanden ist
+	 */
+	private function _isAllIn($dvid, $datum)
+	{
+		$db = new DB_Model();
+
+		$qry = "
+			SELECT
+				*
+			FROM
+				hr.tbl_vertragsbestandteil
+				JOIN hr.tbl_vertragsbestandteil_freitext USING(vertragsbestandteil_id)
+			WHERE
+				dienstverhaeltnis_id=".$db->escape($dvid)."
+				AND vertragsbestandteiltyp_kurzbz='freitext'
+				AND ".$db->escape($datum)." BETWEEN von AND COALESCE(bis, '2999-12-31')
+				AND freitexttyp_kurzbz='allin'";
+
+		$resultAllIn = $db->execReadOnlyQuery($qry);
+
+		if (hasData($resultAllIn))
+			return true;
+		else
+			return false;
+	}
+
+	private function _getVBS($dvid, $datum)
+	{
+		$db = new DB_Model();
+
+		$qry = "
+			SELECT
+				*
+			FROM
+				hr.tbl_vertragsbestandteil
+			WHERE
+				dienstverhaeltnis_id=".$db->escape($dvid)."
+				AND vertragsbestandteiltyp_kurzbz='stunden'
+				AND ".$db->escape($datum)." BETWEEN von AND COALESCE(bis, '2999-12-31')";
+
+		$resultVBS = $db->execReadOnlyQuery($qry);
+
+		return $resultVBS;
+	}
+
+	/**
+	 * Ermittelt den User zu einer SVNR
+	 */
+	private function _getUser($svnr)
+	{
+		$db = new DB_Model();
+
+		$qry = "
+		SELECT
+			mitarbeiter_uid
+		FROM
+			public.tbl_person
+			JOIN public.tbl_benutzer using(person_id)
+			JOIN public.tbl_mitarbeiter ON(uid=mitarbeiter_uid)
+		WHERE
+			tbl_person.svnr = ". $db->escape($svnr)."
+			AND EXISTS(
+				SELECT
+					1
+				FROM
+					hr.tbl_dienstverhaeltnis
+				WHERE
+					mitarbeiter_uid=tbl_mitarbeiter.mitarbeiter_uid
+					AND oe_kurzbz=". $db->escape($this->OE_DEFAULT)."
+			)
+		ORDER BY tbl_benutzer.aktiv DESC
+		LIMIT 1;
+		";
+
+		$result = $db->execReadOnlyQuery($qry);
+
+		if (hasdata($result))
+		{
+			return $result;
+		}
+		else
+			return error('Kein Benutzer mit DV und SVNR:'.$svnr.' gefunden');
+	}
+}

application/controllers/system/Navigation.php

@@ -22,6 +22,7 @@ if (! defined('BASEPATH')) exit('No direct script access allowed');
  * This controller operates between (interface) the JS (GUI) and the NavigationLib (back-end)
  * Provides data to the ajax get calls about the filter
  * This controller works with JSON calls on the HTTP GET or POST and the output is always JSON
+ * TODO(chris): deprecated
  */
 class Navigation extends FHC_Controller
 {

application/controllers/system/TestSearch.php

@@ -1,44 +0,0 @@
-<?php
-
-if (! defined('BASEPATH')) exit('No direct script access allowed');
-
-/**
- * Test Search Vue Component
- */
-class TestSearch extends Auth_Controller
-{
-	/**
-	 * Constructor
-	 */
-	public function __construct()
-	{
-		parent::__construct(
-			array(
-				'index' => 'system/developer:r'
-			)
-		);
-
-		// Loads WidgetLib
-		$this->load->library('WidgetLib');
-
-		// Loads phrases system
-		$this->loadPhrases(
-			array(
-				'global',
-				'ui',
-				'filter'
-			)
-		);
-	}
-
-	// -----------------------------------------------------------------------------------------------------------------
-	// Public methods
-
-	/**
-	 * Everything has a beginning
-	 */
-	public function index()
-	{
-		$this->load->view('system/logs/testSearch.php');
-	}
-}

application/controllers/system/infocenter/InfoCenter.php

@@ -337,10 +337,13 @@ class InfoCenter extends Auth_Controller
 		$persondata = $this->_loadPersonData($person_id);
 
 		$checkPerson = $this->PersonModel->checkDuplicate($person_id);
-
 		if (isError($checkPerson)) show_error(getError($checkPerson));
 
-		$duplicate = array('duplicated' => getData($checkPerson));
+		$checkUnruly = $this->PersonModel->checkUnruly($persondata['stammdaten']->vorname, $persondata['stammdaten']->nachname, $persondata['stammdaten']->gebdatum);
+		if (isError($checkUnruly)) show_error(getError($checkUnruly));
+
+		$duplicate = array('duplicate' => getData($checkPerson));
+		$unruly = array('unruly' => getData($checkUnruly));
 
 		$prestudentdata = $this->_loadPrestudentData($person_id);
 
@@ -351,7 +354,8 @@ class InfoCenter extends Auth_Controller
 			$persondata,
 			$prestudentdata,
 			$dokumentdata,
-			$duplicate
+			$duplicate,
+			$unruly
 		);
 
 		$data[self::FHC_CONTROLLER_ID] = $this->getControllerId();
@@ -1285,67 +1289,28 @@ class InfoCenter extends Auth_Controller
 			$this->terminateWithJsonError($this->p->t('ui', 'fehlerBeimSpeichern'));
 
 		$kontakte = $this->input->post('kontakt');
-		foreach ($kontakte as $kontakt)
-		{
-			$kontaktExists = $this->KontaktModel->loadWhere(array(
-				'kontakt_id' => $kontakt['id'],
-				'person_id' => $person_id,
-			));
+		if($kontakte) {
 
-			if (hasData($kontaktExists))
-			{
-				$kontaktExists = getData($kontaktExists)[0];
+			foreach ($kontakte as $kontakt) {
+				$kontaktExists = $this->KontaktModel->loadWhere(array(
+					'kontakt_id' => $kontakt['id'],
+					'person_id' => $person_id,
+				));
 
-				if ($kontaktExists->kontakt === $kontakt['value'])
-					continue;
+				if (hasData($kontaktExists)) {
+					$kontaktExists = getData($kontaktExists)[0];
 
-				$update = $this->KontaktModel->update(
-					array
-					(
-						'kontakt_id' => $kontakt['id']
-					),
-					array
-					(
-						'kontakt' => isEmptyString($kontakt['value']) ? null : $kontakt['value'],
-						'updateamum' => date('Y-m-d H:i:s'),
-						'updatevon' => $this->_uid
-					)
-				);
+					if ($kontaktExists->kontakt === $kontakt['value'])
+						continue;
 
-				if (isError($update))
-					$this->terminateWithJsonError($this->p->t('ui', 'fehlerBeimSpeichern'));
-			}
-		}
-
-		$adressen = $this->input->post('adresse');
-
-		foreach ($adressen as $adresse)
-		{
-			$adresseExists = $this->AdresseModel->loadWhere(array(
-				'adresse_id' => $adresse['id'],
-				'person_id' => $person_id,
-			));
-
-			if (hasData($adresseExists))
-			{
-				$adresse = $adresse['value'];
-				$adresseExists = getData($adresseExists)[0];
-				if ($adresseExists->strasse !== $adresse['strasse'] ||
-					$adresseExists->plz !== $adresse['plz'] ||
-					$adresseExists->ort !== $adresse['ort'] ||
-					$adresseExists->nation !== $adresse['nation'])
-				{
-					$update = $this->AdresseModel->update(
+					$update = $this->KontaktModel->update(
 						array
 						(
-							'adresse_id' => $adresseExists->adresse_id
+							'kontakt_id' => $kontakt['id']
 						),
 						array
 						(
-							'strasse' => isEmptyString($adresse['strasse']) ? null : $adresse['strasse'],
-							'plz' => isEmptyString($adresse['plz']) ? null : $adresse['plz'],
-							'ort' => isEmptyString($adresse['ort']) ? null : $adresse['ort'],
-							'nation' => isEmptyString($adresse['nation']) ? null : $adresse['nation'],
+							'kontakt' => isEmptyString($kontakt['value']) ? null : $kontakt['value'],
 							'updateamum' => date('Y-m-d H:i:s'),
 							'updatevon' => $this->_uid
 						)
@@ -1354,7 +1319,48 @@ class InfoCenter extends Auth_Controller
 					if (isError($update))
 						$this->terminateWithJsonError($this->p->t('ui', 'fehlerBeimSpeichern'));
 				}
+			}
 
+		}
+
+		$adressen = $this->input->post('adresse');
+
+		if($adressen) {
+
+			foreach ($adressen as $adresse) {
+				$adresseExists = $this->AdresseModel->loadWhere(array(
+					'adresse_id' => $adresse['id'],
+					'person_id' => $person_id,
+				));
+
+				if (hasData($adresseExists)) {
+					$adresse = $adresse['value'];
+					$adresseExists = getData($adresseExists)[0];
+					if ($adresseExists->strasse !== $adresse['strasse'] ||
+						$adresseExists->plz !== $adresse['plz'] ||
+						$adresseExists->ort !== $adresse['ort'] ||
+						$adresseExists->nation !== $adresse['nation']) {
+						$update = $this->AdresseModel->update(
+							array
+							(
+								'adresse_id' => $adresseExists->adresse_id
+							),
+							array
+							(
+								'strasse' => isEmptyString($adresse['strasse']) ? null : $adresse['strasse'],
+								'plz' => isEmptyString($adresse['plz']) ? null : $adresse['plz'],
+								'ort' => isEmptyString($adresse['ort']) ? null : $adresse['ort'],
+								'nation' => isEmptyString($adresse['nation']) ? null : $adresse['nation'],
+								'updateamum' => date('Y-m-d H:i:s'),
+								'updatevon' => $this->_uid
+							)
+						);
+
+						if (isError($update))
+							$this->terminateWithJsonError($this->p->t('ui', 'fehlerBeimSpeichern'));
+					}
+
+				}
 			}
 		}
 
@@ -2383,4 +2389,4 @@ class InfoCenter extends Auth_Controller
 
 		$this->outputJsonSuccess("Success");
 	}
-}
+}

application/controllers/system/messages/FASMessages.php

@@ -37,7 +37,7 @@ class FASMessages extends Auth_Controller
 
 		// Loads the view to write a new message with a template
 		$this->load->view(
-			'system/messages/htmlWriteTemplate',
+			'system/messages/FAShtmlWriteTemplate',
 			$this->CLMessagesModel->prepareHtmlWriteTemplatePrestudents($prestudents)
 		);
  	}
@@ -53,7 +53,7 @@ class FASMessages extends Auth_Controller
 
 		// Loads the view to write a new message with a template
 		$this->load->view(
-			'system/messages/htmlWriteTemplate',
+			'system/messages/FAShtmlWriteTemplate',
 			$this->CLMessagesModel->prepareHtmlWriteTemplatePrestudents($prestudents, $message_id, $recipient_id)
 		);
  	}

application/core/Auth_Controller.php

@@ -7,6 +7,10 @@ if (!defined('BASEPATH')) exit('No direct script access allowed');
  */
 abstract class Auth_Controller extends FHC_Controller
 {
+	// Special Permissions
+	const PERM_ANONYMOUS = 'anonymous'; // Everyone
+	const PERM_LOGGED = 'logged_in'; // Every registered user
+
 	/**
 	 * Extends this controller if authentication is required
 	 */
@@ -14,17 +18,41 @@ abstract class Auth_Controller extends FHC_Controller
 	{
         parent::__construct();
 
-		// Loads authentication library and starts authentication
-		$this->load->library('AuthLib');
+		if (!is_array($requiredPermissions) || isEmptyArray($requiredPermissions))
+			show_error('The given permissions is not a valid array or it is an empty one');
+		
+		if (!isset($requiredPermissions[$this->router->method]))
+			show_error('The given permission array does not contain the given method or is not correctly set');
+		
+		$anonAllowed = false;
+		if ($requiredPermissions[$this->router->method] == self::PERM_ANONYMOUS)
+			$anonAllowed = true;
+		elseif (is_array($requiredPermissions[$this->router->method])
+			&& in_array(self::PERM_ANONYMOUS, $requiredPermissions[$this->router->method]))
+			$anonAllowed = true;
 
-		// Checks if the caller is allowed to access to this content
-		$this->_isAllowed($requiredPermissions);
+		if ($anonAllowed) {
+			// Loads authentication library without authentication
+			$this->load->library('AuthLib', [false]);
+
+			// Loads helper since it would only be called on authentication
+			$this->load->helper('hlp_authentication');
+		} else {
+			// Loads authentication library and starts authentication
+			$this->load->library('AuthLib');
+
+			// Checks if the caller is allowed to access to this content
+			$this->_isAllowed($requiredPermissions);
+		}
 	}
 
 	/**
 	 * Checks if the caller is allowed to access to this content with the given permissions
 	 * If it is not allowed will set the HTTP header with code 401
 	 * Wrapper for permissionlib->isEntitled
+	 *
+	 * @param array					$requiredPermissions
+	 * @return void
 	 */
 	private function _isAllowed($requiredPermissions)
 	{
@@ -34,28 +62,145 @@ abstract class Auth_Controller extends FHC_Controller
 		// Checks if this user is entitled to access to this content
 		if (!$this->permissionlib->isEntitled($requiredPermissions, $this->router->method))
 		{
-			$this->output->set_status_header(REST_Controller::HTTP_UNAUTHORIZED); // set the HTTP header as unauthorized
-
-			$this->load->library('EPrintfLib'); // loads the EPrintfLib to format the output
-
-			// Prints the main error message
-			$this->eprintflib->printError('You are not allowed to access to this content');
-			// Prints the called controller name
-			$this->eprintflib->printInfo('Controller name: '.$this->router->class);
-			// Prints the called controller method name
-			$this->eprintflib->printInfo('Method name: '.$this->router->method);
-			// Prints the required permissions needed to access to this method
-			$this->eprintflib->printInfo('Required permissions: '.$this->_rpsToString($requiredPermissions, $this->router->method));
-
+			$this->_outputAuthError($requiredPermissions);
 			exit; // immediately terminate the execution
 		}
 	}
 
+	/**
+	 * Checks for Permissions depending if the given person is a
+	 * Mitarbeiter and/or Student
+	 * and exits/outputs an error if they are not met.
+	 *
+	 * @param integer 				$person_id
+	 * @param array 				$permMa		Perms if the person is a Mitarbeiter
+	 * @param array 				$permStud	Perms if the person is a Student
+	 *
+	 * @return void
+	 */
+	protected function checkPermissionsForPerson($person_id, $permMa, $permStud)
+	{
+		$res = $this->hasPermissionsForPerson($person_id, $permMa, $permStud);
+		
+		if ($res) {
+			$perm = array_keys(array_flip(array_merge($res|1 ? $permMa : [], $res|2 ? $permStud : [])));
+			$this->_outputAuthError([$this->router->method => $perm]);
+		}
+	}
+
+	/**
+	 * Checks for Permissions depending on the Studiengang of a Prestudent
+	 * and exits/outputs an error if they are not met.
+	 *
+	 * @param integer 				$prestudent_id
+	 * @param array 				$permStud	Perms if the person is a Student
+	 *
+	 * @return void
+	 */
+	protected function checkPermissionsForPrestudent($prestudent_id, $permStud)
+	{
+		if (!$this->hasPermissionsForPrestudent($prestudent_id, $permStud)) {
+			$this->_outputAuthError([$this->router->method => $permStud]);
+		}
+	}
+
+	/**
+	 * Checks for Permissions depending if the given person is a
+	 * Mitarbeiter and/or Student
+	 * and returns the result.
+	 *
+	 * @param integer 				$person_id
+	 * @param array 				$permMa		Perms if the person is a Mitarbeiter
+	 * @param array 				$permStud	Perms if the person is a Student
+	 *
+	 * @return integer				0 if permission is granted
+	 */
+	protected function hasPermissionsForPerson($person_id, $permMa, $permStud)
+	{
+		$res = 3;
+		$this->load->model('person/Person_model', 'PersonModel');
+		$this->PersonModel->addJoin('public.tbl_benutzer', 'person_id');
+		$this->PersonModel->addJoin('public.tbl_mitarbeiter', 'uid = mitarbeiter_uid');
+		$result = $this->PersonModel->load($person_id);
+		if (hasData($result)) {
+			if ($this->permissionlib->isEntitled(['a' => $permMa], 'a'))
+				return 0;
+			$res = 1;
+		}
+		$this->PersonModel->addJoin('public.tbl_prestudent', 'person_id');
+		$result = $this->PersonModel->load($person_id);
+		if (hasData($result)) {
+			$permStudConverted = [];
+			foreach (getData($result) as $row) {
+				foreach ($permStud as $k => $v) {
+					if (!isset($permStudConverted[$k])) {
+						$permStudConverted[$k] = $this->permissionlib->convertAccessType($v);
+					}
+					if ($this->permissionlib->isBerechtigt($permStudConverted[$k][0], $permStudConverted[$k][1], $row->studiengang_kz))
+						return 0;
+				}
+			}
+			$res += 2;
+		}
+		return $res;
+	}
+
+	/**
+	 * Checks for Permissions depending on the Studiengang of a Prestudent
+	 * and returns the result.
+	 *
+	 * @param integer 				$prestudent_id
+	 * @param array 				$permStud	Perms if the person is a Student
+	 *
+	 * @return boolean
+	 */
+	protected function hasPermissionsForPrestudent($prestudent_id, $permStud)
+	{
+		$this->load->model('crm/Prestudent_model', 'PrestudentModel');
+		$result = $this->PrestudentModel->load($prestudent_id);
+		if (!hasData($result))
+			show_404();
+		$stg = current(getData($result))->studiengang_kz;
+		foreach ($permStud as $k => $v) {
+			$perm = $this->permissionlib->convertAccessType($v);
+			if ($this->permissionlib->isBerechtigt($perm[0], $perm[1], $stg))
+				return true;
+		}
+		return false;
+	}
+
+	/**
+	 * Outputs an error message and sets the HTTP Header.
+	 * This function is protected so that it can be overwritten.
+	 *
+	 * @param array					$requiredPermissions
+	 * @return void
+	 */
+	protected function _outputAuthError($requiredPermissions)
+	{
+		$this->output->set_status_header(REST_Controller::HTTP_UNAUTHORIZED); // set the HTTP header as unauthorized
+
+		$this->load->library('EPrintfLib'); // loads the EPrintfLib to format the output
+
+		// Prints the main error message
+		$this->eprintflib->printError('You are not allowed to access to this content');
+		// Prints the called controller name
+		$this->eprintflib->printInfo('Controller name: '.$this->router->class);
+		// Prints the called controller method name
+		$this->eprintflib->printInfo('Method name: '.$this->router->method);
+		// Prints the required permissions needed to access to this method
+		$this->eprintflib->printInfo('Required permissions: '.$this->_rpsToString($requiredPermissions, $this->router->method));
+	}
+
 	/**
 	 * Converts an array of permissions to a string that contains them as a comma separated list
 	 * Ex: "<permission 1>, <permission 2>, <permission 3>"
+	 *
+	 * @param array					$requiredPermissions
+	 * @param string				$method
+	 * @return void
 	 */
-	private function _rpsToString($requiredPermissions, $method)
+	final protected function _rpsToString($requiredPermissions, $method)
 	{
 		$strRequiredPermissions = ''; // string that contains all the required permissions needed to access to this method
 

application/core/CI3_Events.php

@@ -0,0 +1,65 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+
+class CI3_Events
+{
+	const PRIORITY_LOW = 200;
+	const PRIORITY_NORMAL = 100;
+	const PRIORITY_HIGH = 10;
+
+	private static $events = [];
+	private static $eventsSorted = [];
+
+	public static function on($event, $function, $priority = self::PRIORITY_NORMAL)
+	{
+		if (!isset(self::$events[$event]))
+			self::$events[$event] = [];
+
+		self::$events[$event][] = [$priority, $function];
+
+		if (!isset(self::$eventsSorted[$event]))
+			self::$eventsSorted[$event] = true;
+		else
+			self::$eventsSorted[$event] = false;
+	}
+
+	public static function trigger($event, ...$args)
+	{
+		if (!isset(self::$events[$event]))
+			return;
+
+		if (!self::$eventsSorted[$event]) {
+			usort(self::$events[$event], function ($a, $b) {
+				return $a[0] - $b[0];
+			});
+			self::$eventsSorted[$event] = true;
+		}
+		
+		foreach (self::$events[$event] as $conf) {
+			$conf[1](...$args);
+		}
+	}
+}
+
+/**
+ * NOTE(chris): Autoload Events config
+ */
+require_once(APPPATH.'config/Events.php');
+
+$active_addons_array = explode(";", ACTIVE_ADDONS);
+
+foreach (scandir(APPPATH.'config/extensions') as $dir)
+	if ($dir[0] != '.' && file_exists(APPPATH.'config/extensions/'.$dir.'/Events.php'))
+		require_once APPPATH.'config/extensions/'.$dir.'/Events.php';
+
+foreach (scandir(FHCPATH.'addons') as $dir)
+	if ($dir[0] != '.' && file_exists(FHCPATH.'addons/'.$dir.'/Events.php'))
+	{
+		// only includes the Events of the addon if the addon is one of the active addons in the cis config
+		if(in_array($dir,$active_addons_array))
+		{
+			require_once FHCPATH . 'addons/' . $dir . '/Events.php';
+		}
+	}
+		

application/core/DB_Model.php

@@ -1,5 +1,24 @@
 <?php
 
+/**
+ * Copyright (C) 2023 fhcomplete.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+use \stdClass as stdClass;
+
 if (!defined('BASEPATH')) exit('No direct script access allowed');
 
 /**
@@ -27,16 +46,28 @@ class DB_Model extends CI_Model
 	const PGSQL_INT8_TYPE = 'int8';
 	const PGSQL_FLOAT4_TYPE = 'float4';
 	const PGSQL_FLOAT8_TYPE = 'float8';
+	const PGSQL_BYTEA_TYPE = 'bytea';
+
+	// Name of the config entry containing an array of password that can be used to encrypt/decrypt
+	const CRYPT_CONF_PASSWORDS = 'encryption_passwords';
+	const CRYPT_CAST = 'cast';
+	const CRYPT_PASSWORD_NAME = 'passwordName';
+	const CRYPT_SELECT_TEMPLATE = 'PGP_SYM_DECRYPT(%s, \'%s\')::%s AS %s';
+	const CRYPT_WHERE_TEMPLATE = 'PGP_SYM_DECRYPT(%s, \'%s\')::%s';
+	const CRYPT_WRITE_TEMPLATE = 'PGP_SYM_ENCRYPT(\'%s\', \'%s\')';
 
 	protected $dbTable;  	// Name of the DB-Table for CI-Insert, -Update, ...
 	protected $pk;  	// Name of the PrimaryKey for DB-Update, Load, ...
 	protected $hasSequence;	// False if this table has a composite primary key that is not using a sequence
 				// True if this table has a primary key that uses a sequence
+	//protected $paginationOptions; // $page and $page_size together in an associative array
+	protected $page;
+	protected $page_size;
 
 	private $executedQueryMetaData;
 	private $executedQueryListFields;
 
-	private $debugMode;
+	private $debugMode; // Debug mode enable (true) or disabled (false)
 
 	/**
 	 * Constructor
@@ -46,20 +77,23 @@ class DB_Model extends CI_Model
 		// Call parent constructor
 		parent::__construct();
 
-		// Set properties
-		$this->hasSequence = true;
-
-		// Loads DB conns and confs
+		// Loads DB connections and configs
 		$this->load->database($dbtype);
 
+		// Loads the DB config to encrypt/decrypt data
+		$this->config->load('db_crypt');
+
+		// Set properties
+		$this->hasSequence = true;
+		$this->debugMode = isset($this->db->db_debug) && $this->db->db_debug === true;
+
+		// Loads UDF model
 		$this->load->model('system/UDF_model', 'UDFModel');
 
 		// Loads the UDF library
 		$this->load->library('UDFLib');
 		// Loads the logs library
 		$this->load->library('LogLib');
-
-		$this->debugMode = isset($this->db->db_debug) && $this->db->db_debug === true;
 	}
 
 	// ------------------------------------------------------------------------------------------
@@ -85,13 +119,20 @@ class DB_Model extends CI_Model
 	 * @param   array $data  DataArray for Insert
 	 * @return  array
 	 */
-	public function insert($data)
+	public function insert($data, $encryptedColumns = null)
 	{
 		// Check class properties
 		if (is_null($this->dbTable)) return error('The given database table name is not valid', EXIT_MODEL);
 
 		// If this table has UDF and the validation of them is ok
-		if (isError($validate = $this->_prepareUDFsWrite($data, $this->dbTable))) return $validate;
+		$validate = $this->_prepareUDFsWrite($data, $this->dbTable);
+		if (isError($validate)) return $validate;
+
+		// Add the pgp_sym_eccrypt postgresql function to the set clause if needed
+		$this->_addEncrypt($encryptedColumns, $data);
+
+		// Add the pgp_sym_eccrypt postgresql function to the set clause if needed
+		if (!empty($encryptedColumns)) $this->_addEncrypt($encryptedColumns, $data);
 
 		// DB-INSERT
 		$insert = $this->db->insert($this->dbTable, $data);
@@ -135,14 +176,15 @@ class DB_Model extends CI_Model
 	 * @param   array $data  DataArray for Insert
 	 * @return  array
 	 */
-	public function update($id, $data)
+	public function update($id, $data, $encryptedColumns = null)
 	{
 		// Check class properties
 		if (is_null($this->pk)) return error('The given primary key is not valid', EXIT_MODEL);
 		if (is_null($this->dbTable)) return error('The given database table name is not valid', EXIT_MODEL);
 
 		// If this table has UDF and the validation of them is ok
-		if (isError($validate = $this->_prepareUDFsWrite($data, $this->dbTable, $id))) return $validate;
+		$validate = $this->_prepareUDFsWrite($data, $this->dbTable, $id);
+		if (isError($validate)) return $validate;
 
 		$tmpId = $id;
 
@@ -161,6 +203,9 @@ class DB_Model extends CI_Model
 
 		$this->db->where($tmpId);
 
+		// Add the pgp_sym_eccrypt postgresql function to the set clause if needed
+		$this->_addEncrypt($encryptedColumns, $data);
+
 		// DB-UPDATE
 		$update = $this->db->update($this->dbTable, $data);
 
@@ -224,7 +269,7 @@ class DB_Model extends CI_Model
 	 * @param   string $id  ID (Primary Key) for SELECT ... WHERE
 	 * @return  array
 	 */
-	public function load($id = null)
+	public function load($id = null, $encryptedColumns = null)
 	{
 		// Check class properties
 		if (is_null($this->pk)) return error('The given primary key is not valid', EXIT_MODEL);
@@ -245,7 +290,7 @@ class DB_Model extends CI_Model
 			$tmpId = array($this->pk => $id);
 		}
 
-		return $this->loadWhere($tmpId);
+		return $this->loadWhere($tmpId, $encryptedColumns);
 	}
 
 	/**
@@ -253,11 +298,14 @@ class DB_Model extends CI_Model
 	 *
 	 * @return  array
 	 */
-	public function loadWhere($where = null)
+	public function loadWhere($where = null, $encryptedColumns = null)
 	{
 		// Check class properties
 		if (is_null($this->dbTable)) return error('The given database table name is not valid', EXIT_MODEL);
 
+		// Add the pgp_sym_decrypt postgresql function to the select and where clause if needed
+		$this->_addDecryptLoad($encryptedColumns, $where);
+
 		// Execute query
 		$result = $this->db->get_where($this->dbTable, $where);
 
@@ -265,7 +313,7 @@ class DB_Model extends CI_Model
 
 		if ($result)
 		{
-			return success($this->_toPhp($result));
+			return success($this->_toPhp($result, $encryptedColumns));
 		}
 		else
 		{
@@ -303,7 +351,8 @@ class DB_Model extends CI_Model
 			// NOTE: $this->db->list_fields($tables[$t]) doesn't work if there are two tables with
 			// the same name in two different schemas, use this workaround
 			$fields = array();
-			if (isSuccess($lstColumns = $this->_list_columns($schemaAndTable->schema, $schemaAndTable->table)))
+			$lstColumns = $this->_list_columns($schemaAndTable->schema, $schemaAndTable->table);
+			if (isSuccess($lstColumns))
 			{
 				$fields = $lstColumns->retval;
 			}
@@ -381,7 +430,8 @@ class DB_Model extends CI_Model
 					$tmpFilteredArray = array_filter(get_object_vars($sideTableObj));
 					if (isset($tmpFilteredArray) && count($tmpFilteredArray) > 0)
 					{
-						if (($k = $this->_findMainTable($mainTableObj, $returnArray)) === false)
+						$k = $this->_findMainTable($mainTableObj, $returnArray);
+						if ($k === false)
 						{
 							$mainTableObj->{$sideTableProperty} = array($sideTableObj);
 							$returnArray[$returnArrayCounter++] = $mainTableObj;
@@ -484,7 +534,7 @@ class DB_Model extends CI_Model
 		if (!is_numeric($start) || (is_numeric($start) && $start <= 0))
 			return error('The start parameter is not valid', EXIT_MODEL);
 
-		if (is_numeric($end) && $end > $start)
+		if (is_numeric($end))
 		{
 			$this->db->limit($start, $end);
 		}
@@ -758,14 +808,13 @@ class DB_Model extends CI_Model
 	/**
 	 * Like execQuery, but it allows only to perform queries to read data
 	 */
-	public function execReadOnlyQuery($query, $parametersArray = null)
+	public function execReadOnlyQuery($query, $parametersArray = null, $encryptedColumns = null)
 	{
 		$result = error('You are allowed to run only query for reading data'); //
 		$cleanedQuery = trim(preg_replace('/\t|\n|\r|;/', '', $query)); //
 
 		//
-		if (
-			(stripos($cleanedQuery, 'INSERT') > 0 || stripos($cleanedQuery, 'INSERT') == false)
+		if ((stripos($cleanedQuery, 'INSERT') > 0 || stripos($cleanedQuery, 'INSERT') == false)
 			&& (stripos($cleanedQuery, 'UPDATE') > 0 || stripos($cleanedQuery, 'UPDATE') == false)
 			&& (stripos($cleanedQuery, 'CREATE') > 0 || stripos($cleanedQuery, 'CREATE') == false)
 			&& (stripos($cleanedQuery, 'DELETE') > 0 || stripos($cleanedQuery, 'DELETE') == false)
@@ -775,12 +824,29 @@ class DB_Model extends CI_Model
 		{
 			$queryToExec = str_replace(';', '', $query); //
 
-			$result = $this->execQuery($queryToExec, $parametersArray);
+			$result = $this->execQuery($queryToExec, $parametersArray, $encryptedColumns);
 		}
 
 		return $result;
 	}
 
+	public function getDbTable()
+	{
+		return $this->dbTable;
+	}
+
+	public function getPk()
+	{
+		return $this->pk;
+	}
+
+	public function getPks()
+	{
+		if (is_array($this->pk))
+			return $this->pk;
+		return [$this->pk];
+	}
+
 	// ------------------------------------------------------------------------------------------
 	// Protected methods
 
@@ -790,13 +856,16 @@ class DB_Model extends CI_Model
 	 *			boolean if the query is of the write type (INSERT, UPDATE, DELETE...)
 	 *			array that represents DB data
 	 */
-	protected function execQuery($query, $parametersArray = null)
+	protected function execQuery($query, $parametersArray = null, $encryptedColumns = null)
 	{
 		$result = null;
 
 		// If the query is empty don't lose time
 		if (!isEmptyString($query))
 		{
+			// Add the pgp_sym_decrypt postgresql function to the given query
+			$this->_addDecryptQuery($encryptedColumns, $query);
+
 			// If there are parameters to bind to the query
 			if (is_array($parametersArray) && count($parametersArray) > 0)
 			{
@@ -812,7 +881,7 @@ class DB_Model extends CI_Model
 			// If no errors occurred
 			if ($resultDB)
 			{
-				$result = success($this->_toPhp($resultDB));
+				$result = success($this->_toPhp($resultDB, $encryptedColumns));
 			}
 			else
 			{
@@ -840,7 +909,8 @@ class DB_Model extends CI_Model
 		$result->schema = DB_Model::DEFAULT_SCHEMA;
 
 		// If a schema is specified
-		if (($pos = strpos($schemaAndTable, '.')) !==  false)
+		$pos = strpos($schemaAndTable, '.');
+		if ($pos !==  false)
 		{
 			$result->schema = substr($schemaAndTable, 0, $pos);
 			$result->table = substr($schemaAndTable, $pos + 1);
@@ -851,6 +921,207 @@ class DB_Model extends CI_Model
 
 	// ------------------------------------------------------------------------------------------
 	// Private methods
+	//
+	//
+
+	/**
+	 * To add the pgp_sym_encrypt function to the set clause where needed
+	 */
+	private function _addEncrypt($encryptedColumns, &$data)
+	{
+		// If encryptedColumns is not defined then exit
+		if (isEmptyArray($encryptedColumns)) return;
+
+		$tmpData = array(); // Temporary array used to copy not encrypted columns
+
+		// For each column that is going to be inserted/updated
+		foreach ($data as $column => $value)
+		{
+			// If the current column is in the list of the columns to be encrypted
+			// and contains the password name element
+			if (array_key_exists($column, $encryptedColumns)
+				&& array_key_exists(self::CRYPT_PASSWORD_NAME, $encryptedColumns[$column]))
+			{
+				// Password to encrypt data
+				$cryptConfPasswords = $this->config->item(self::CRYPT_CONF_PASSWORDS);
+				$encryptionPassword = $cryptConfPasswords[$encryptedColumns[$column][self::CRYPT_PASSWORD_NAME]];
+
+				// Add the encrypted column to the set clause without escaping
+				$this->db->set(
+					$column,
+					sprintf(
+						self::CRYPT_WRITE_TEMPLATE,
+						$value,
+						$encryptionPassword
+					),
+					false // no escaping
+				);
+			}
+			else // otherwise copy this element as it is
+			{
+				$tmpData[$column] = $value;
+			}
+		}
+
+		$data = $tmpData; // this array does not contain encrypted columns
+	}
+
+	/**
+	 * To add the pgp_sym_decrypt function to the given query
+	 */
+	private function _addDecryptQuery($encryptedColumns, &$query)
+	{
+		// If it is request to get encrypted columns
+		if (!isEmptyArray($encryptedColumns))
+		{
+			// For each requested encrypted column
+			foreach ($encryptedColumns as $encryptedColumn => $definition)
+			{
+				// If the requested encrypted column is well defined
+				if (!isEmptyArray($definition)
+					&& array_key_exists(self::CRYPT_CAST, $definition)
+					&& array_key_exists(self::CRYPT_PASSWORD_NAME, $definition))
+				{
+					// And if exists the wanted password to decrypt in the configs
+					if (array_key_exists($definition[self::CRYPT_PASSWORD_NAME], $this->config->item(self::CRYPT_CONF_PASSWORDS)))
+					{
+						// Password to decrypt data
+						$cryptConfPasswords = $this->config->item(self::CRYPT_CONF_PASSWORDS);
+						$decryptionPassword = $cryptConfPasswords[$definition[self::CRYPT_PASSWORD_NAME]];
+
+						// Find and replace all the occurrences of the provided encrypted columns
+						// with the postgresql decryption function
+						$query = preg_replace(
+							'/\b' . $encryptedColumn . '\b/',
+							sprintf(
+								self::CRYPT_WHERE_TEMPLATE,
+								$encryptedColumn,
+								$decryptionPassword,
+								$definition[self::CRYPT_CAST]
+							),
+							$query
+						);
+					}
+				}
+			}
+		}
+	}
+
+	/**
+	 * To add the pgp_sym_decrypt function to the select and where clause where needed
+	 */
+	private function _addDecryptLoad($encryptedColumns, &$where)
+	{
+		// If it is request to get encrypted columns
+		if (!isEmptyArray($encryptedColumns))
+		{
+			// For each requested encrypted column
+			foreach ($encryptedColumns as $encryptedColumn => $definition)
+			{
+				// If the requested encrypted column is well defined
+				if (!isEmptyArray($definition)
+					&& array_key_exists(self::CRYPT_CAST, $definition)
+					&& array_key_exists(self::CRYPT_PASSWORD_NAME, $definition))
+				{
+					// And if exists the wanted password to decrypt in the configs
+					if (array_key_exists($definition[self::CRYPT_PASSWORD_NAME], $this->config->item(self::CRYPT_CONF_PASSWORDS)))
+					{
+						// Password to decrypt data
+						$cryptConfPasswords = $this->config->item(self::CRYPT_CONF_PASSWORDS);
+						$decryptionPassword = $cryptConfPasswords[$definition[self::CRYPT_PASSWORD_NAME]];
+
+						// -----------------------------------------
+						// SELECT
+
+						// Add to the select clause the column to be decrypted
+						// NOTE: this is going to override any previously added column with the same name
+						$this->addSelect(
+							sprintf(
+								self::CRYPT_SELECT_TEMPLATE,
+								$encryptedColumn,
+								$decryptionPassword,
+								$definition[self::CRYPT_CAST],
+								$encryptedColumn
+							)
+						);
+
+						// -----------------------------------------
+						// WHERE
+
+						// If the where parameter is a valid array
+						if (!isEmptyArray($where))
+						{
+							$tmpWhere = array();
+
+							// For each condition of the where clause
+							foreach ($where as $column => $condition)
+							{
+								$operator = null; // operator not found in the column name
+
+								// Custom operators with 2 chars
+								if (strpos($column, '>=') != false
+									|| strpos($column, '<=') != false
+									|| strpos($column, '!=') != false
+									|| strpos($column, '<>') != false
+								)
+								{
+									$operator = ' '.substr(trim($column), -2).' ';
+								}
+								// Custom operators with 1 chars
+								elseif (strpos($column, '>') != false
+									|| strpos($column, '<') != false
+									|| strpos($column, '=') != false
+								)
+								{
+									$operator = ' '.substr(trim($column), -1).' ';
+								}
+								else // default operator
+								{
+									$operator = ' = ';
+								}
+
+								// If the column from the where clause is the same from the encrypted columns definition
+								if (trim($column) == $encryptedColumn
+									|| ($operator != null && substr(trim($column), 0, strlen(trim($column)) - 2) == $encryptedColumn)
+								)
+								{
+									// Then rename the column using the postgresql decryption function
+									$tmpWhere[sprintf(
+										self::CRYPT_WHERE_TEMPLATE,
+										$encryptedColumn,
+										$decryptionPassword,
+										$definition[self::CRYPT_CAST]
+									).$operator] = $condition;
+								}
+								else // otherwise copy the column as it is
+								{
+									$tmpWhere[$column] = $condition;
+								}
+							}
+
+							$where = $tmpWhere; // replace with the new where
+						}
+						// Otherwise if the where parameter is a valid string
+						elseif (!isEmptyString($where))
+						{
+							// Find and replace all the occurrences of the provided encrypted columns
+							// with the postgresql decryption function
+							$where = preg_replace(
+								'/\b' . $encryptedColumn . '\b/',
+								sprintf(
+									self::CRYPT_WHERE_TEMPLATE,
+									$encryptedColumn,
+									$decryptionPassword,
+									$definition[self::CRYPT_CAST]
+								),
+								$where
+							);
+						}
+					}
+				}
+			}
+		}
+	}
 
 	/**
 	 * Invalid ID
@@ -877,11 +1148,11 @@ class DB_Model extends CI_Model
 		{
 			if ($id != null)
 			{
-				$prepareUDFsWrite = $this->udflib->prepareUDFsWrite($data, $this->dbTable, $this->_getUDFsNoPerms($id));
+				$prepareUDFsWrite = $this->udflib->prepareUDFsWrite($data, $schemaAndTable, $this->_getUDFsNoPerms($id));
 			}
 			else
 			{
-				$prepareUDFsWrite = $this->udflib->prepareUDFsWrite($data, $this->dbTable);
+				$prepareUDFsWrite = $this->udflib->prepareUDFsWrite($data, $schemaAndTable);
 			}
 		}
 
@@ -895,7 +1166,7 @@ class DB_Model extends CI_Model
 	 * - A FALSE value on failure
 	 * - Otherwise an object filled with data on success
 	 */
-	private function _toPhp($result)
+	private function _toPhp($result, $encryptedColumns = null)
 	{
 		$udfs = false; // if UDFs are inside the given result set
 		$toPhp = $result; // if there is nothing to convert then return the result from DB
@@ -911,7 +1182,9 @@ class DB_Model extends CI_Model
 			// Looking for booleans, arrays and UDFs
 			foreach ($this->executedQueryMetaData as $eqmd)
 			{
-				// If array type, boolean type OR a UDF
+				// If array type, boolean type, numeric type
+				// Or bytea type
+				// Or UDF type
 				if (strpos($eqmd->type, DB_Model::PGSQL_ARRAY_TYPE) !== false
 					|| $eqmd->type == DB_Model::PGSQL_BOOLEAN_TYPE
 					|| $eqmd->type == DB_Model::PGSQL_INT2_TYPE
@@ -919,6 +1192,7 @@ class DB_Model extends CI_Model
 					|| $eqmd->type == DB_Model::PGSQL_INT8_TYPE
 					|| $eqmd->type == DB_Model::PGSQL_FLOAT4_TYPE
 					|| $eqmd->type == DB_Model::PGSQL_FLOAT8_TYPE
+					|| $eqmd->type == DB_Model::PGSQL_BYTEA_TYPE
 					|| $this->udflib->isUDFColumn($eqmd->name, $eqmd->type))
 				{
 					// If UDFs are inside this result set
@@ -981,6 +1255,21 @@ class DB_Model extends CI_Model
 						{
 							$resultElement->{$toBeConverted->name} = $this->pgFloatPhp($resultElement->{$toBeConverted->name});
 						}
+						// Byte A type
+						elseif ($toBeConverted->type == DB_Model::PGSQL_BYTEA_TYPE)
+						{
+							// If encrypted columns are defined
+							// and if the byte a column is defined as encrypted column
+							if (!isEmptyArray($encryptedColumns)
+								&& array_key_exists($toBeConverted->name, $encryptedColumns))
+							{
+								// keep the column
+							}
+							else // otherwise remove the column from the result
+							{
+								unset($resultElement->{$toBeConverted->name});
+							}
+						}
 					}
 				}
 			}
@@ -1073,5 +1362,51 @@ class DB_Model extends CI_Model
 
 		return $udfs;
 	}
+
+	/**
+	 * addPagination
+	 * adds a limit and an optional offset depending on the arguments passed to the function
+	 * @param   int $page	page to be queried
+	 * @param   int $page_size	page_size used to calculate the offset of the pagination
+	 * @param   int | null $num_rows	used to calculate the total amout of pages that are available with the $page and $page_size arguments
+	 * 
+	 * @return	void
+	 */
+	function addPagination( $page, $page_size, $num_rows=null)
+	{
+		if (isset($page) && is_numeric($page) && isset($page_size) && is_numeric($page_size) && $page > 0 && $page_size > 0) {
+			
+			if (isset($num_rows) && is_numeric($num_rows) && $num_rows > 0) {
+				$floatMaxPageCount = $num_rows / $page_size;
+				$maxPageCount = ceil($floatMaxPageCount);
+				if($page > $maxPageCount){
+					$page = $maxPageCount;
+				}
+			}
+			$offset = (($page-1) * $page_size); 
+			$this->addLimit($page_size, $offset);
+
+		} else {
+			$this->addLimit($page_size);
+		}
+	}
+
+	/**
+	 * getQueryNumRows
+	 * returns the number of rows of the current build query of the codeigniter query builder instance
+	 * @param   bool $reset	resets the select of the query 
+	 * 
+	 * @return	Result_object $num_rows
+	 */
+	function getNumRows($reset=false)
+	{
+		// returns the number of rows when executing the current query without reseting the select statement of the query
+		$num_rows = $this->db->count_all_results($this->dbTable,$reset);
+		if($num_rows){
+			return success($num_rows);
+		}else{
+			return error($this->db->error(), EXIT_DATABASE);
+		}
+	}
 }