diff --git a/Layout/default/ConstructionConsent/Form.php b/Layout/default/ConstructionConsent/Form.php index 2b8bfbd80..1a2ef0219 100644 --- a/Layout/default/ConstructionConsent/Form.php +++ b/Layout/default/ConstructionConsent/Form.php @@ -8,8 +8,12 @@
  • ">
  • ">Zustimmungserklärungsprojekte
  • ">Zustimmungserklärungen
    • +
  • $item->id])?>">name)?>
    • -
  • bearbeiten
    • + +
  • + Zustimmungserklärung +

    • Zustimmungserklärung

    @@ -37,7 +41,7 @@
    @@ -204,7 +208,7 @@
    Plan Vorschau
    - file && $item->file->file && $item->file->file->fileExists()) ? "src=".$item->file->file->asDataUrl()."" : "" ?> /> + file && $item->file->file && $item->file->file->fileExists()) ? "src=".$item->file->file->asDataUrl()."" : "" ?> />
    diff --git a/Layout/default/ConstructionConsent/Index.php b/Layout/default/ConstructionConsent/Index.php index d25ea17d5..68e9c1946 100644 --- a/Layout/default/ConstructionConsent/Index.php +++ b/Layout/default/ConstructionConsent/Index.php @@ -37,7 +37,7 @@ $pagination_entity_name = "Zustimmungserklärungen"; diff --git a/Layout/default/User/Form.php b/Layout/default/User/Form.php index f73cea8b6..60bd27061 100644 --- a/Layout/default/User/Form.php +++ b/Layout/default/User/Form.php @@ -257,6 +257,38 @@ $siteTitle = "Benutzer"; + +
    +
    + +

    Zustimmungserklärungen

    + + +
    + + id) { + $constructionConsent_projects = json_decode((new WorkerFlag($user->id, "constructionConsent_projects"))->value()); + if(!$constructionConsent_projects) { + $constructionConsent_projects = []; + } + } + + ?> + + Benutzer kann nur Zustimmungserklärungen in diesen Projekten sehen +
    + +
    +
    + +
    @@ -481,6 +513,11 @@ $siteTitle = "Benutzer"; placeholder: "", closeOnSelect: false }); + $("#constructionconsent_projects").select2({ + allowClear: true, + placeholder: "", + closeOnSelect: false + }); is("preorderfront") && !$user->is("preorderaddressreporting")) ): ?> //$("#preorder-network-container").hide(); diff --git a/application/ConstructionConsent/ConstructionConsent.php b/application/ConstructionConsent/ConstructionConsent.php index 1a31b94d0..4c5238e9b 100644 --- a/application/ConstructionConsent/ConstructionConsent.php +++ b/application/ConstructionConsent/ConstructionConsent.php @@ -437,6 +437,8 @@ class ConstructionConsent extends mfBaseModel { $project_id = $filter['project_id']; if(is_numeric($project_id)) { $where .= " AND ConstructionConsent.constructionconsentproject_id=$project_id"; + } else if (is_array($project_id)) { + $where .= " AND ConstructionConsent.constructionconsentproject_id IN (".implode(",", $project_id).")"; } } diff --git a/application/ConstructionConsent/ConstructionConsentController.php b/application/ConstructionConsent/ConstructionConsentController.php index 2bd0e5d8b..526ca58b2 100644 --- a/application/ConstructionConsent/ConstructionConsentController.php +++ b/application/ConstructionConsent/ConstructionConsentController.php @@ -10,7 +10,11 @@ class ConstructionConsentController extends mfBaseController { $this->me = $me; $this->layout()->set("me", $me); - if (!($me->is(["Admin","netowner","salespartner"]) && in_array($me->address_id, [1,209,5908,2187]))) $this->redirect("Dashboard"); + if ($this->me->is("Admin")) $this->constructionConsentProjects = array_column(ConstructionConsentProject::getAll(), 'id'); + else { + $constructionConsentProjects = json_decode((new WorkerFlag($this->me->id, "constructionConsent_projects"))->value() ?? '[]'); + empty($constructionConsentProjects) ? $this->redirect("Dashboard") : $this->constructionConsentProjects = $constructionConsentProjects; + } } protected function indexAction() : void { @@ -54,6 +58,7 @@ class ConstructionConsentController extends mfBaseController { //var_dump($_SESSION, $filter);exit; + $this->layout->set("allowed_projects", $this->constructionConsentProjects); $this->layout->set("filter", $filter); $filter = $this->getPreparedFilter($filter); @@ -93,7 +98,13 @@ class ConstructionConsentController extends mfBaseController { } } + if (isset($new_filter['project_id']) && !in_array($new_filter['project_id'], $this->constructionConsentProjects) && strlen($new_filter['project_id']) > 0) { + $this->redirect("ConstructionConsent"); + } + if (empty($new_filter['project_id'])) { + $new_filter['project_id'] = $this->constructionConsentProjects; + } return $new_filter; } @@ -108,7 +119,7 @@ class ConstructionConsentController extends mfBaseController { } $item = new ConstructionConsent($id); - if(!$item || !$item->id) { + if(!$item || !$item->id || !in_array($item->constructionconsentproject_id, $this->constructionConsentProjects)) { $this->layout()->setFlash("Zustimmungserklärung nicht gefunden", "error"); $this->redirect("ConstructionConsent"); } @@ -121,6 +132,7 @@ class ConstructionConsentController extends mfBaseController { if($this->request->project_id) { $this->layout()->set("project_id", $this->request->project_id); } + $this->layout()->set("allowed_projects", $this->constructionConsentProjects); } protected function editAction() : void { @@ -224,7 +236,10 @@ class ConstructionConsentController extends mfBaseController { $mode = "add"; } - //var_dump($r->get());exit; + if (!in_array($r->constructionconsentproject_id, $this->constructionConsentProjects)) { + $this->layout()->setFlash("Sie haben keine Berechtigung für dieses Projekt", "error"); + $this->redirect("ConstructionConsent"); + } $data = []; $data["constructionconsentproject_id"] = $r->constructionconsentproject_id; diff --git a/application/ConstructionConsentContact/ConstructionConsentContactController.php b/application/ConstructionConsentContact/ConstructionConsentContactController.php index afaf61e7d..7b413ee88 100644 --- a/application/ConstructionConsentContact/ConstructionConsentContactController.php +++ b/application/ConstructionConsentContact/ConstructionConsentContactController.php @@ -11,7 +11,11 @@ class ConstructionConsentContactController extends mfBaseController $this->me = $me; $this->layout()->set("me", $me); - if (!($me->is(["Admin","netowner","salespartner"]) && in_array($me->address_id, [1,209,5908]))) $this->redirect("Dashboard"); + if ($this->me->is("Admin")) $this->constructionConsentProjects = array_column(ConstructionConsentProject::getAll(), 'id'); + else { + $constructionConsentProjects = json_decode((new WorkerFlag($this->me->id, "constructionConsent_projects"))->value() ?? '[]'); + empty($constructionConsentProjects) ? $this->redirect("Dashboard") : $this->constructionConsentProjects = $constructionConsentProjects; + } } protected function saveAction() @@ -38,6 +42,11 @@ class ConstructionConsentContactController extends mfBaseController $this->redirect("ConstructionConsent"); } + if (!in_array($cc->constructionconsentproject_id, $this->constructionConsentProjects)) { + $this->layout()->setFlash("Sie sind nicht berechtigt, diese Zustimmungserklärung zu bearbeiten", "error"); + $this->redirect("ConstructionConsent"); + } + $data = []; $data["constructionconsent_id"] = $cc_id; $data["type"] = $r->type; @@ -88,6 +97,11 @@ class ConstructionConsentContactController extends mfBaseController $this->redirect("ConstructionConsent"); } + if (!in_array($cc->constructionconsentproject_id, $this->constructionConsentProjects)) { + $this->layout()->setFlash("Sie sind nicht berechtigt, diese Zustimmungserklärung zu bearbeiten", "error"); + $this->redirect("ConstructionConsent"); + } + $contact->delete(); $this->layout()->setFlash("Ansprechpartner wurde gelöscht.", "success"); diff --git a/application/ConstructionConsentJournal/ConstructionConsentJournalController.php b/application/ConstructionConsentJournal/ConstructionConsentJournalController.php index 98cab83af..c1b8566ca 100644 --- a/application/ConstructionConsentJournal/ConstructionConsentJournalController.php +++ b/application/ConstructionConsentJournal/ConstructionConsentJournalController.php @@ -9,7 +9,11 @@ class ConstructionConsentJournalController extends mfBaseController { $this->me = $me; $this->layout()->set("me",$me); - if (!($me->is(["Admin","netowner","salespartner"]) && in_array($me->address_id, [1,209,5908]))) $this->redirect("Dashboard"); + if ($this->me->is("Admin")) $this->constructionConsentProjects = array_column(ConstructionConsentProject::getAll(), 'id'); + else { + $constructionConsentProjects = json_decode((new WorkerFlag($this->me->id, "constructionConsent_projects"))->value() ?? '[]'); + empty($constructionConsentProjects) ? $this->redirect("Dashboard") : $this->constructionConsentProjects = $constructionConsentProjects; + } } protected function saveAction() { @@ -28,6 +32,11 @@ class ConstructionConsentJournalController extends mfBaseController { $this->redirect("ConstructionConsent"); } + if (!in_array($consent->constructionconsentproject_id, $this->constructionConsentProjects)) { + $this->layout()->setFlash("Sie sind nicht berechtigt, diese Zustimmungserklärung zu bearbeiten", "error"); + $this->redirect("ConstructionConsent"); + } + $text = trim(htmlentities($r->text)); if(!$text) { $this->layout()->setFlash("Bitte Text eingeben", "error"); diff --git a/application/ConstructionConsentOwner/ConstructionConsentOwnerController.php b/application/ConstructionConsentOwner/ConstructionConsentOwnerController.php index f258725dc..d29c253fc 100644 --- a/application/ConstructionConsentOwner/ConstructionConsentOwnerController.php +++ b/application/ConstructionConsentOwner/ConstructionConsentOwnerController.php @@ -11,7 +11,11 @@ class ConstructionConsentOwnerController extends mfBaseController $this->me = $me; $this->layout()->set("me", $me); - if (!($me->is(["Admin","netowner","salespartner"]) && in_array($me->address_id, [1,209,5908,2187]))) $this->redirect("Dashboard"); + if ($this->me->is("Admin")) $this->constructionConsentProjects = array_column(ConstructionConsentProject::getAll(), 'id'); + else { + $constructionConsentProjects = json_decode((new WorkerFlag($this->me->id, "constructionConsent_projects"))->value() ?? '[]'); + empty($constructionConsentProjects) ? $this->redirect("Dashboard") : $this->constructionConsentProjects = $constructionConsentProjects; + } } protected function uploadDocumentAction() { @@ -76,6 +80,11 @@ class ConstructionConsentOwnerController extends mfBaseController $this->redirect("ConstructionConsent"); } + if (!in_array($cc->constructionconsentproject_id, $this->constructionConsentProjects)) { + $this->layout()->setFlash("Sie sind nicht berechtigt, diese Zustimmungserklärung zu bearbeiten", "error"); + $this->redirect("ConstructionConsent"); + } + $data = []; $data["constructionconsent_id"] = $cc_id; $data["title"] = $r->title; @@ -128,6 +137,11 @@ class ConstructionConsentOwnerController extends mfBaseController $consent = $owner->consent; + if (!in_array($consent->constructionconsentproject_id, $this->constructionConsentProjects)) { + $this->layout()->setFlash("Sie sind nicht berechtigt, diese Zustimmungserklärung zu bearbeiten", "error"); + $this->redirect("ConstructionConsent"); + } + foreach($owner->files as $file) { $file->file->delete(); $file->delete(); diff --git a/application/ConstructionConsentProject/ConstructionConsentProject.php b/application/ConstructionConsentProject/ConstructionConsentProject.php index 00d4ac2ed..2a0ed4df3 100644 --- a/application/ConstructionConsentProject/ConstructionConsentProject.php +++ b/application/ConstructionConsentProject/ConstructionConsentProject.php @@ -152,21 +152,16 @@ class ConstructionConsentProject extends mfBaseModel { public static function count($filter) { $db = FronkDB::singleton(); - $where = self::getSqlFilter($filter); - $sql = "SELECT COUNT(*) as cnt FROM ConstructionConsentProject - LEFT JOIN ConstructionConsentNetwork ON (ConstructionConsentNetwork.constructionconsentproject_id = ConstructionConsentNetwork.id) - WHERE $where - GROUP BY ConstructionConsentProject.id - "; + $sql = "SELECT COUNT(*) AS cnt FROM ConstructionConsentProject WHERE $where"; - //mfLoghandler::singleton()->debug($sql); + $result = $db->query($sql); - $res = $db->query($sql); - if($db->num_rows($res)) { - $data = $db->fetch_object($res); - return $data->cnt; + if ($result && $db->num_rows($result) > 0) { + $data = $db->fetch_object($result); + return (int)$data->cnt; } + return 0; } @@ -217,6 +212,22 @@ class ConstructionConsentProject extends mfBaseModel { } } + if(array_key_exists("id", $filter)) { + if(is_numeric($filter["id"])) { + $where .= " AND ConstructionConsentProject.id = ".$filter["id"]; + } elseif(is_array($filter["id"])) { + $ids = []; + foreach($filter["id"] as $id) { + if(is_numeric($id)) { + $ids[] = $id; + } + } + if(count($ids)) { + $where .= " AND ConstructionConsentProject.id IN (".implode(",", $ids).")"; + } + } + } + if(array_key_exists("add-where", $filter)) { diff --git a/application/ConstructionConsentProject/ConstructionConsentProjectController.php b/application/ConstructionConsentProject/ConstructionConsentProjectController.php index 0086383c2..2769ba737 100644 --- a/application/ConstructionConsentProject/ConstructionConsentProjectController.php +++ b/application/ConstructionConsentProject/ConstructionConsentProjectController.php @@ -10,45 +10,39 @@ class ConstructionConsentProjectController extends mfBaseController { $this->me = $me; $this->layout()->set("me", $me); - if (!($me->is(["Admin","netowner","salespartner"]) && in_array($me->address_id, [1,209,5908,2187]))) $this->redirect("Dashboard"); + if ($this->me->is("Admin")) $this->constructionConsentProjects = array_column(ConstructionConsentProject::getAll(), 'id'); + else { + $constructionConsentProjects = json_decode((new WorkerFlag($this->me->id, "constructionConsent_projects"))->value() ?? '[]'); + empty($constructionConsentProjects) ? $this->redirect("Dashboard") : $this->constructionConsentProjects = $constructionConsentProjects; + } } protected function indexAction() : void { - $this->layout()->setTemplate("ConstructionConsentProject/Index"); + $sessionKey = MFAPPNAME . '-ConstructionConsentProject-filter'; if ($this->request->resetFilter) { - unset($_SESSION[MFAPPNAME . '-ConstructionConsentProject-filter']); + unset($_SESSION[$sessionKey]); } - $filter = []; - if (is_array($this->request->filter)) { - $filter = $this->request->filter; - $_SESSION[MFAPPNAME . '-ConstructionConsentProject-filter'] = $filter; - } else { - if (array_key_exists(MFAPPNAME . '-ConstructionConsentProject-filter', $_SESSION) && count($_SESSION[MFAPPNAME . '-ConstructionConsentProject-filter'])) { - $filter = $_SESSION[MFAPPNAME . '-ConstructionConsentProject-filter']; - } + $filter = is_array($this->request->filter) + ? $this->request->filter + : $_SESSION[$sessionKey] ?? []; + + if (isset($this->request->filter)) { + $_SESSION[$sessionKey] = $filter; } - $this->layout->set("filter", $filter); - $filter = $this->getPreparedFilter($filter); - - // pagination defaults - $pagination = []; - $pagination['start'] = 0; - $pagination['count'] = 25; - $pagination['maxItems'] = 0; - - if (is_numeric($this->request->s)) { - $pagination['start'] = intval($this->request->s); - } - //var_dump($filter);exit; - $pagination['maxItems'] = ConstructionConsentProject::count($filter); - - $projects = ConstructionConsentProject::getAll(); - $this->layout()->set("projects", $projects); - $this->layout()->set("pagination", $pagination); + $prepared = $this->getPreparedFilter($filter); + $prepared["id"] = $this->constructionConsentProjects; + $this->layout()->setTemplate("ConstructionConsentProject/Index"); + $this->layout()->set("filter", $filter); + $this->layout()->set("projects", ConstructionConsentProject::search($prepared)); + $this->layout()->set("pagination", [ + 'start' => (int)($this->request->s ?? 0), + 'count' => 25, + 'maxItems' => ConstructionConsentProject::count($prepared) + ]); } private function getPreparedFilter($filter) { diff --git a/application/User/UserController.php b/application/User/UserController.php index ce8d8916d..54dff8dee 100644 --- a/application/User/UserController.php +++ b/application/User/UserController.php @@ -286,6 +286,13 @@ class UserController extends mfBaseController $pn->delete(); } + $constructionConsentProjects = $user->getFlag("constructionConsent_projects"); + if (is_array($r->constructionconsent_projects) && count($r->constructionconsent_projects)) { + $constructionConsentProjects->value(json_encode($r->constructionconsent_projects)); + $constructionConsentProjects->save(); + } else { + $constructionConsentProjects->delete(); + } // employee number $enum = new WorkerFlag($user->id, "employee_number");