Scope moet uit filter komen, niet uit querystring
svn path=/Website/trunk/; revision=24397
This commit is contained in:
Jos Groot Lipman
@@ -44,7 +44,7 @@ model_contracts =
|
||||
|
||||
REST_GET: function _GET(params)
|
||||
{
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = { fe : "WEB_CNTUSE", fo : "WEB_CNTUSE", bo : "WEB_CNTMAN"} [scope]; /* gokje; fe hoefde vroeger geen rechten voor eigen contracten...*/
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); /* pessimistic */
|
||||
|
||||
|
||||
@@ -77,7 +77,7 @@ model_invoicelines =
|
||||
|
||||
REST_GET: function _GET(params)
|
||||
{
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = { fe : "WEB_FINUSE", fo : "WEB_FINFOF", bo : "WEB_FINBOF" } [scope];
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); // pessimistisch
|
||||
|
||||
|
||||
@@ -85,7 +85,7 @@ model_invoices =
|
||||
|
||||
REST_GET: function _GET(params)
|
||||
{
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = { fe : "WEB_FINUSE", fo : "WEB_FINFOF", bo : "WEB_FINBOF" } [scope];
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); // pessimistisch
|
||||
|
||||
|
||||
@@ -76,7 +76,7 @@ model_issues =
|
||||
|
||||
REST_GET: function _GET(params)
|
||||
{
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = { fe : "WEB_MLDUSE", fo : "WEB_MLDFOF", bo : "WEB_MLDBOF", mi : "WEB_MLDBAC" } [scope];
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); /* pessimistic */
|
||||
|
||||
@@ -413,7 +413,7 @@ model_issues =
|
||||
REST_PUT: function (params, jsondata, the_key) /* update call */
|
||||
{
|
||||
if (!jsondata.issue.id) jsondata.issue.id = the_key;
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = { fe : "WEB_MLDUSE", fo : "WEB_MLDFOF", bo : "WEB_MLDBOF", mi : "WEB_MLDBAC" } [scope];
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); /* pessimistic */
|
||||
|
||||
@@ -456,7 +456,7 @@ model_issues =
|
||||
|
||||
REST_POST: function (params, jsondata) /* new call */
|
||||
{
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = { fe : "WEB_MLDUSE", fo : "WEB_MLDFOF", bo : "WEB_MLDBOF", mi : "WEB_MLDBAC" } [scope];
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); /* pessimistic */
|
||||
|
||||
@@ -496,7 +496,7 @@ model_issues =
|
||||
REST_DELETE: function (params, jsondata, the_key) /* delete call */
|
||||
{
|
||||
// Een melding wordt niet verwijderd maar wordt afgesloten.
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = { fe : "WEB_MLDUSE", fo : "WEB_MLDFOF", bo : "WEB_MLDBOF", mi : "WEB_MLDBAC" } [scope];
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); /* pessimistic */
|
||||
|
||||
|
||||
@@ -38,7 +38,7 @@ model_orders =
|
||||
"contact" : { dbs: "prs_perslid_key", typ: "key", foreign: "prs_perslid", label: L("lcl_mld_behandelaar"), track: true, filter: "exact" },
|
||||
"supplier" : { dbs: "mld_uitvoerende_keys", typ: "key", foreign: "mld_uitvoerende", label: L("lcl_ord_company_uit"), track: true, filter: "exact" },
|
||||
"suppliercontact": { dbs: "prs_contactpersoon_key", typ: "key", foreign: "prs_contactpersoon", label: L("lcl_contact_pers"), track: true, filter: "exact" },
|
||||
"ordertype" : { dbs: "mld_typeopdr_key", typ: "key", foreign: "mld_typeopdr", label: L("lcl_descr"), track: true },
|
||||
"ordertype" : { dbs: "mld_typeopdr_key", typ: "key", foreign: "mld_typeopdr", label: L("lcl_mld_typeopdr"), track: true },
|
||||
"description" : { dbs: "mld_opdr_omschrijving", typ: "varchar", label: L("lcl_mld_opdr_description"), track: true, filter: "like" },
|
||||
"remark" : { dbs: "mld_opdr_opmerking", typ: "varchar", label: L("lcl_mld_inf_Opmerking"), track: true, filter: "like" },
|
||||
"account" : { dbs: "prs_kostenplaats_key", typ: "key", foreign: "prs_kostenplaats", label: L("lcl_mld_inf_Kostenplaats"), track: true, filter: "exact" },
|
||||
@@ -55,9 +55,10 @@ model_orders =
|
||||
"building" : { dbs: "alg_v_allonroerendgoed.alg_gebouw_key", typ: "key", foreign: "alg_gebouw", label: L("lcl_building"), track: true, filter: "exact" },
|
||||
"floor" : { dbs: "alg_v_allonroerendgoed.alg_verdieping_key", typ: "key", foreign: "alg_verdieping", label: L("lcl_floor"), track: true, filter: "exact" },
|
||||
"room" : { dbs: "alg_v_allonroerendgoed.alg_ruimte_key", typ: "key", foreign: "alg_ruimte", label: L("lcl_room"), track: true, filter: "exact" },
|
||||
"terrain" : { dbs: "alg_v_allonroerendgoed.alg_terreinsector_key", typ: "key", foreign: "alg_terreinsector", label: L("lcl_room"), track: true, filter: "exact" },
|
||||
"terrain" : { dbs: "alg_v_allonroerendgoed.alg_terreinsector_key", typ: "key", foreign: "alg_terreinsector", label: L("lcl_terra"), track: true, filter: "exact" },
|
||||
"contract" : { dbs: "cnt_contract_key", typ: "key", foreign: "cnt_contract", label: L("lcl_contract"), track: true, filter: "exact" }
|
||||
},
|
||||
// list: { columns: ["id", "name"], canGroup: true },
|
||||
includes: {
|
||||
"notes": {
|
||||
model: model_notes,
|
||||
@@ -73,7 +74,7 @@ model_orders =
|
||||
|
||||
REST_GET: function _GET(params)
|
||||
{
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = { fe : "WEB_MLDORD", fo : "WEB_ORDBOF", bo : "WEB_ORDBOF", mi : "WEB_MLDBAC" } [scope];
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); // pessimistisch
|
||||
|
||||
@@ -125,7 +126,7 @@ model_orders =
|
||||
_pre_analyze_fields: function (params, jsondata) /* analyseer inkomende jsondata voor POST */
|
||||
{
|
||||
// Basis validatie rechten.
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = { fe : "WEB_MLDORD", fo : "WEB_ORDBOF", bo : "WEB_ORDBOF", mi : "WEB_MLDBAC" } [scope];
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); // pessimistisch
|
||||
//
|
||||
|
||||
@@ -32,7 +32,7 @@ model_regions =
|
||||
|
||||
_check_authorization: function(params, method)
|
||||
{
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = (scope == "fe"? "WEB_ALGUSE" : "WEB_ALGMAN");
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); // pessimistisch
|
||||
|
||||
|
||||
@@ -73,7 +73,7 @@ model_reservations =
|
||||
impersonate_auth: "WEB_RESFOF",
|
||||
REST_GET: function _GET(params)
|
||||
{
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var scope = params.filter.scope || "fe";
|
||||
var autfunction = { fe : "WEB_RESUSE", fo : "WEB_RESFOF", bo : "WEB_RESBOF", mi : "WEB_RESBAC" } [scope];
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); // pessimistisch
|
||||
|
||||
|
||||
Reference in New Issue
Block a user