From abf6c5a9e8e3e6ecdda05baae4b912493750df35 Mon Sep 17 00:00:00 2001 From: Jos Groot Lipman Date: Sun, 15 Mar 2015 11:23:39 +0000 Subject: [PATCH] FSN#31698 Rapportgenerator 3D erbij en veld-autorisatie bij geen PRSSYS svn path=/Website/trunk/; revision=24450 --- APPL/API2/model_reports.inc | 79 ++++++++++++++++++++++++--------- APPL/API2/model_reportsx.inc | 27 ++++++++--- APPL/FAC/fac_report.asp | 2 +- APPL/FAC/fac_usrrapx_clone.asp | 2 +- APPL/SCF/scaffolding_search.inc | 18 ++++++-- 5 files changed, 96 insertions(+), 32 deletions(-) diff --git a/APPL/API2/model_reports.inc b/APPL/API2/model_reports.inc index 42009650ab..51a4fac324 100644 --- a/APPL/API2/model_reports.inc +++ b/APPL/API2/model_reports.inc @@ -28,16 +28,7 @@ function model_reports_template() this.REST_GET = function _GET(params, jsondata) { if (this.autfunction) - user.checkAutorisation(this.autfunction); // leesrechten is wel het minste - -// let op: fields bevat hier al alleen de zichtbare velden. -// zie has_functie_key voor de oplossing -// params.filter = params.filter || {}; -// params.filter.fclt_3d_locatie_key = user.alg_locatie_key({withcurrent:true}); -// params.filter.fclt_3d_gebouw_key = user.alg_gebouw_key({withcurrent:true}); -// params.filter.fclt_3d_verdieping_key = user.alg_verdieping_key({withcurrent:true}); -// params.filter.fclt_3d_user_key = user_key; -// // TODO: echte 3D erbij? + var authparams = user.checkAutorisation(this.autfunction); // leesrechten is wel het minste var groupbys = []; if (params.columns && params.groupby) @@ -129,19 +120,68 @@ function model_reports_template() } var query = api2.sqlfields(params, this); + params.filter.fclt_3d_user_key = user_key; // Die is gemakkelijk + var wheres = api2.sqlfilter(params, this); query.wheres = query.wheres.concat(wheres); - if (this.has_functie_key) + if (this.autfunction) + { + if ("fclt_3d_locatie_key" in this.fields && authparams.ALGreadlevel > -1) + { + wheres.push(" fclt_3d_locatie_key IN" + + "(SELECT alg_locatie_key FROM fac_v_my_locations " + + " WHERE niveau ="+authparams.ALGreadlevel + + " AND prs_perslid_key="+user_key+")"); + } + if ("fclt_3d_gebouw_key" in this.fields && authparams.ALGreadlevel > -1) + { + wheres.push(" fclt_3d_gebouw_key IN" + + "((SELECT alg_gebouw_key FROM fac_v_my_buildings " + + " WHERE niveau ="+authparams.ALGreadlevel + + " AND prs_perslid_key="+user_key+"))"); + } + if ("fclt_3d_afdeling_key" in this.fields && authparams.PRSreadlevel > 0) + { + wheres.push(" fclt_3d_afdeling_key IN" + + "(SELECT prs_afdeling_key FROM prs_v_afdeling_familie a" + + " WHERE a.prs_afdeling_elder_key IN" + + " (SELECT aa.prs_afdeling_elder_key" + + " FROM prs_v_afdeling_familie aa" + + " WHERE aa.prs_afdeling_key = " + user.prs_afdeling_key() + + " AND aa.niveau = " + authparams.PRSreadlevel + "))"); + } + if ("fclt_3d_discipline_key" in this.fields) + { + var disciplines = []; + var sql = "SELECT ins_discipline_key" + + " FROM fac_v_my_disciplines " + + " WHERE fac_functie_code = " + safe.quoted_sql(this.autfunction) + + " AND prs_perslid_key=" + user_key; + var oRs = Oracle.Execute(sql); + while (!oRs.Eof) + { + disciplines.push(oRs("ins_discipline_key").Value); + oRs.MoveNext(); + } + oRs.Close(); + if (!disciplines.length) + disciplines.push(-1); + + wheres.push("fclt_3d_discipline_key IN (" + disciplines.join(",") + ")"); + } + } + + if ("fac_functie_key" in this.fields) { var authparams = user.checkAutorisation("WEB_PRSSYS", true); if (!authparams) { query.wheres.push("(fac_functie_key IN" - + " (SELECT w.fac_functie_key" - + " FROM fac_v_webgebruiker W" - + " WHERE w.prs_perslid_key = " + user_key - + " ) OR fac_functie_key IS NULL)"); + + " (SELECT w.fac_functie_key" + + " FROM fac_v_webgebruiker W" + + " WHERE w.prs_perslid_key = " + user_key + + " ) OR fac_functie_key IS NULL)"); } } @@ -149,8 +189,7 @@ function model_reports_template() + " FROM " + query.tables.join(", ") + (query.wheres.length ? " WHERE " + query.wheres.join(" AND " ) : "") -// TODO: 3D en FCLT_KEY filtering en zo - if (groupbys.length && groupbys.length != query.selects.count) + if (groupbys.length) sql += " GROUP BY " + groupbys.join(", "); var order = []; @@ -179,7 +218,7 @@ function model_reports_template() // Voltooi model_reports_template voor een bepaald rapport function model_reports(fac_usrrap_key) { - var reportsx = new model_reportsx(fac_usrrap_key, { include: ["columns"] }); + var reportsx = new model_reportsx(fac_usrrap_key, { include: ["columns"], internal: true }); var usrrap = reportsx.data; user.auth_required_or_abort(usrrap); @@ -221,6 +260,8 @@ function model_reports(fac_usrrap_key) }; if (field.typ == "number" && field.dbs.match(/_key$/i)) // Vooral de FCLT_3D filters field.typ = "key"; + if (field.visible == 'H') + field.hidden = true; if (usrrap.columns[i].filter) { @@ -238,8 +279,6 @@ function model_reports(fac_usrrap_key) } } var fld = field.dbs.toLowerCase(); - if (fld == "fac_functie_key") - model.has_functie_key = true; if (fld == keyfield) fld = "id"; diff --git a/APPL/API2/model_reportsx.inc b/APPL/API2/model_reportsx.inc index 09a0ade2bd..69f86e37ce 100644 --- a/APPL/API2/model_reportsx.inc +++ b/APPL/API2/model_reportsx.inc @@ -25,11 +25,10 @@ function model_reportsx(usrrap_key, params) this.record_name = "report"; this.records_title = L("lcl_menu_fac_reports"); this.record_title = L("lcl_usrrap_report"); - this.autfunction = "WEB_PRSSYS"; this.fields = { "id" : { dbs: "fac_usrrap_key", typ: "key", label: "Key", filter: "exact" }, "name" : { dbs: "fac_usrrap_omschrijving", typ: "varchar", label: L("lcl_usrrap_report"), filter: "like", translate: true , len : 60}, - "description" : { dbs: "fac_usrrap_info", typ: "varchar", label: L("lcl_usrrap_info"), translate: true }, + "description" : { dbs: "fac_usrrap_info", typ: "varchar", label: L("lcl_usrrap_info"), filter: "like", translate: true }, "viewname" : { dbs: "fac_usrrap_view_name", typ: "varchar", label: L("lcl_usrrap_viewname"), filter: "like"}, "authorisation": { dbs: "fac_functie_key", typ: "key", label: L("lcl_usrrap_functie"), foreign: "fac_functie"}, "styling" : { dbs: "fac_usrrap_functie", typ: "key", label: L("lcl_usrrap_styling"), @@ -39,6 +38,8 @@ function model_reportsx(usrrap_key, params) "autorefresh" : { dbs: "fac_usrrap_autorefresh", typ: "check", label: L("lcl_usrrap_autorefresh")} }; this.list = { columns: ["id", "name", "viewname", "description"] }; + this.search = { autosearch: true }; + this.includes = {"columns": { model: model_reportcolumns, joinfield: "fac_usrrap_key" } @@ -81,7 +82,7 @@ function model_reportsx(usrrap_key, params) var wheres = api2.sqlfilter(params, this); query.wheres = query.wheres.concat(wheres); - authparams = user.checkAutorisation("WEB_PRSSYS", true); + var authparams = user.checkAutorisation("WEB_PRSSYS", true); if (!authparams) { query.wheres.push("(fac_functie_key IN" @@ -155,11 +156,25 @@ function model_reportsx(usrrap_key, params) return { key: the_key, warning: "" }; }; - - if (user.oslogin() != "_FACILITOR") + if (!params.internal) { - this.REST_POST = false; + if (user.oslogin() != "_FACILITOR") // Alleen _FACILITOR mag nieuwe rapporten toevoegen + { // (PRSSYS mag wel clonen) + this.REST_POST = false; + } + + if (!user.checkAutorisation("WEB_PRSSYS", true)) + { + for (var fld in this.fields) + { + if (fld != "id" && fld != "name" && fld != "description") + this.fields[fld].hidden = true; + } + this.list.columns = ["name", "description"]; + this.fields["id"].filter = false; + } } + if (usrrap_key > 0) { params.filter = { "id" : usrrap_key }; diff --git a/APPL/FAC/fac_report.asp b/APPL/FAC/fac_report.asp index 3f300a36f5..a29ebee593 100644 --- a/APPL/FAC/fac_report.asp +++ b/APPL/FAC/fac_report.asp @@ -25,7 +25,7 @@ } if (isEmptyObject(rapport.fields)) { - var reportsx = new model_reportsx(); + var reportsx = new model_reportsx(-1, { internal: true }); var rapportx = reportsx.REST_GET({ filter: { id: usrrap_key }})[0]; rapportx.columns = []; __DoLog("Automatische rapport conversie key {0}: {1}".format(usrrap_key, rapportx.name)); diff --git a/APPL/FAC/fac_usrrapx_clone.asp b/APPL/FAC/fac_usrrapx_clone.asp index d0a5bb742f..42a68491ca 100644 --- a/APPL/FAC/fac_usrrapx_clone.asp +++ b/APPL/FAC/fac_usrrapx_clone.asp @@ -33,7 +33,7 @@ var data = { "name" : "Clone: " + toDateTimeString(new Date) + " " + ol columns: [] } -var reportsx = new model_reportsx(); +var reportsx = new model_reportsx(-1, { internal: true }); reportsx._clone_report_cols(usrrap_key, data); var params = { internal: true }; // Zodat POST op kolommen wordt geaccepteerd var new_key = reportsx.REST_POST(params, { "report": data } ); diff --git a/APPL/SCF/scaffolding_search.inc b/APPL/SCF/scaffolding_search.inc index 5749414b49..eaa217fb80 100644 --- a/APPL/SCF/scaffolding_search.inc +++ b/APPL/SCF/scaffolding_search.inc @@ -84,6 +84,16 @@ function scaffolding_search(model, scf_params) <% + var defaults = api2.qs2json(); // TODO: Ook via scf_params + + for (var fld in model.fields) + { + var field = model.fields[fld]; + if (field.hidden && fld in defaults) + { + Response.Write(""); + } + } if (scf_params.transit) { %> <% } @@ -96,11 +106,11 @@ function scaffolding_search(model, scf_params) for (var fld in model.fields) { var field = model.fields[fld]; - if (field.visible == 'H') // Sommige FCLT_3D hebben een filter + if (field.hidden) continue; if (field.filter == 'like' || field.filter == 'exact') - scf_RWFIELDTR(field, fld, null); + scf_RWFIELDTR(field, fld, defaults[fld]); else if (field.filter == "range") { var org_label = field.label; @@ -112,7 +122,7 @@ function scaffolding_search(model, scf_params) } } if (model.soft_delete) - RWCHECKBOXTR("show_deleted", "fldcheck", L("lcl_scf_show_deleted"), 0); + RWCHECKBOXTR("show_deleted", "fldcheck", L("lcl_scf_show_deleted"), defaults["show_deleted"]); BLOCK_END(); var buttons = []; @@ -133,7 +143,7 @@ function scaffolding_search(model, scf_params) for (fld in model.fields) { var field = model.fields[fld]; - if (field.visible == 'H') // Hidden kun je ook niet aanzetten + if (field.hidden) // Hidden kun je ook niet aanzetten continue; var on = inArray(fld, scf_params.list.columns); Response.Write("