Added permissions to internal BuildingApi
This commit is contained in:
Frank Schubert
@@ -161,7 +161,7 @@
|
||||
<div class="col-lg-10">
|
||||
<select class="select2 form-control select2-multiple" name="addresstypes[]" id="addresstypes" multiple="multiple" data-placeholder="Choose ...">
|
||||
<?php foreach(TT_ROLES as $role): ?>
|
||||
<option value="<?=$role?>" <?=(array_key_exists($role, $address->types)) ? "selected='selected'" : ""?>><?=__($role)?></option>
|
||||
<option value="<?=$role?>" <?=(is_array($address->types) && array_key_exists($role, $address->types)) ? "selected='selected'" : ""?>><?=__($role)?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</div>
|
||||
|
||||
@@ -87,7 +87,9 @@
|
||||
<?php if($me->is(["Admin","netowner","salespartner"])): ?>
|
||||
<li><a href="<?=self::getUrl("Preordercampaign")?>"><i class="far fa-calendar-lines text-info"></i> Vorbestellung</a></li>
|
||||
<?php endif; ?>
|
||||
<li><a href="<?=self::getUrl("Order")?>"><i class="far fa-file-signature text-info"></i> Bestellungen</a></li>
|
||||
<?php if($me->is(["Admin","salespartner"])): ?>
|
||||
<li><a href="<?=self::getUrl("Order")?>"><i class="far fa-file-signature text-info"></i> Bestellungen</a></li>
|
||||
<?php endif; ?>
|
||||
</ul>
|
||||
</li>
|
||||
<?php endif; ?>
|
||||
|
||||
@@ -279,6 +279,7 @@ class PreorderApicontroller extends mfBaseApicontroller {
|
||||
$preorder_data['submit_request'] = $this->request_json;
|
||||
}
|
||||
$preorder_data['adb_hausnummer_id'] = $address->hausnummer_id;
|
||||
$preorder_data['partner_id'] = $this->me->address_id;
|
||||
|
||||
if($unit) {
|
||||
$preorder_data['adb_wohneinheit_id'] = $unit->wohneinheit_id;
|
||||
@@ -397,7 +398,12 @@ class PreorderApicontroller extends mfBaseApicontroller {
|
||||
return mfResponse::InternalServerError();
|
||||
}
|
||||
|
||||
return mfResponse::Ok(["code" => $preorder->ucode]);
|
||||
$return = ["code" => $preorder->ucode];
|
||||
if($addon_data) {
|
||||
$return["additionalData"] = $addon_data;
|
||||
}
|
||||
|
||||
return mfResponse::Ok($return);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -372,8 +372,27 @@ class BuildingController extends mfBaseController {
|
||||
|
||||
private function getFilteredBuildingsApi() {
|
||||
$buildings = [];
|
||||
$filter = $this->request->filter;
|
||||
$filter = [];
|
||||
if(is_array($this->request->filter)) {
|
||||
$filter = $this->request->filter;
|
||||
}
|
||||
|
||||
if(!$this->me->is("Admin")) {
|
||||
$my_networks = $this->me->myNetworks(['netowner','salespartner']);
|
||||
|
||||
$network_ids = [];
|
||||
foreach($my_networks as $net) {
|
||||
$network_ids[] = $net->id;
|
||||
}
|
||||
|
||||
if(array_key_exists("network_id", $filter)) {
|
||||
if(!in_array($filter['network_id'], $network_ids)) {
|
||||
$filter['network_id'] = $network_ids;
|
||||
}
|
||||
} else {
|
||||
$filter['network_id'] = $network_ids;
|
||||
}
|
||||
}
|
||||
|
||||
$results = BuildingModel::search($filter);
|
||||
|
||||
|
||||
@@ -54,7 +54,7 @@ class BuildingModel {
|
||||
return $model;
|
||||
}
|
||||
|
||||
public static function getFirst() {
|
||||
public static function getFirst($filter = []) {
|
||||
$db = FronkDB::singleton();
|
||||
|
||||
$where = self::getSqlFilter($filter);
|
||||
@@ -105,7 +105,7 @@ class BuildingModel {
|
||||
return 0;
|
||||
}
|
||||
|
||||
public static function search($filter, $limit = false) {
|
||||
public static function search($filter=[], $limit = false) {
|
||||
$items = [];
|
||||
$db = FronkDB::singleton();
|
||||
|
||||
|
||||
@@ -154,7 +154,7 @@ class PreorderController extends mfBaseController {
|
||||
//var_dump($products);exit;
|
||||
$this->layout()->set("products", $products);
|
||||
|
||||
$partners = AddressModel::search(['addresstype' => ['salespartner']]);
|
||||
$partners = AddressModel::search(['addresstype' => ['netowner','salespartner']]);
|
||||
$this->layout()->set("partners", $partners);
|
||||
}
|
||||
|
||||
|
||||
@@ -348,6 +348,8 @@ paths:
|
||||
Parameter missing or malformed
|
||||
'401':
|
||||
description: Unauthorized
|
||||
'403':
|
||||
description: Vorbestellung für diese Wohneinheit bereits vorhanden
|
||||
'404':
|
||||
description: Adresse oder Wohneinheit nicht gefunden
|
||||
# /preorder/{code}:
|
||||
|
||||
Reference in New Issue
Block a user