API2 init
svn path=/Website/trunk/; revision=22678
This commit is contained in:
Peter Feij
@@ -9,14 +9,12 @@
|
||||
Parameters:
|
||||
Context:
|
||||
|
||||
Notes: TODO: definitieve naamgeving bepalen
|
||||
TODO: autorisaties voor scope=fo|bo
|
||||
TODO on demand: PUT/POST/DELETE
|
||||
TODO floor referentie levert id/code ipv id/name. Waar zit dat??
|
||||
Notes: TODO on demand: PUT/POST/DELETE
|
||||
TODO test autorisatie-toepassing (MGE?)
|
||||
*/
|
||||
|
||||
%>
|
||||
<!-- #include file="../Shared/discxalg3d.inc"-->
|
||||
<!-- #include file="../Shared/discx3d.inc" -->
|
||||
<!-- #include file="../mld/mld.inc" -->
|
||||
<!-- #include file="model_objects.inc"-->
|
||||
<!-- #include file="model_notes.inc"-->
|
||||
@@ -57,7 +55,7 @@ model_issues =
|
||||
return "ins_deel_key IN (SELECT ins_deel_key FROM mld_melding_object WHERE mld_melding_object.mld_melding_key = mld_melding.mld_melding_key AND mld_melding_object_verwijder IS NULL)";
|
||||
}
|
||||
},
|
||||
"notes": { // TODO
|
||||
"notes": { // TODO later
|
||||
//model: model_notes,
|
||||
joinfield: "ins_deel_key",
|
||||
single_only: false,
|
||||
@@ -73,27 +71,34 @@ model_issues =
|
||||
{
|
||||
var scope = getQParamSafe("scope", "fe");
|
||||
var autfunction = { fe : "WEB_MLDUSE", fo : "WEB_MLDFOF", bo : "WEB_MLDBOF", mi : "WEB_MLDBAC" } [scope];
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true);
|
||||
// Hier kom je niet terecht als bovenstaande autorisatiecheck niet tot succes leidt.
|
||||
params.authparams = user.checkAutorisation(autfunction, null, null, true); /* pessimistic */
|
||||
|
||||
// TODO: Add authorization
|
||||
// Hier kom je niet meer terecht als bovenstaande autorisatiecheck niet tot succes leidt.
|
||||
|
||||
var alg3d = false;
|
||||
var prs3d = false;
|
||||
|
||||
var query = api2.sqlfields(params, model_issues );
|
||||
|
||||
if (scope == "fe")
|
||||
{
|
||||
query.wheres.push("prs_perslid_key=" + user_key);
|
||||
}
|
||||
else
|
||||
{
|
||||
// TODO: disc3d conditie voor de geldendende autfunction toevoegen
|
||||
// TODO: disc3d conditie voor de geldendende autfunction toevoegen
|
||||
// TODO: disc3d conditie voor de geldendende autfunction toevoegen
|
||||
// TODO: disc3d conditie voor de geldendende autfunction toevoegen
|
||||
}
|
||||
|
||||
if (!params.filter.id)
|
||||
{
|
||||
query.wheres.push("mld_melding_datum > SYSDATE - 30"); // ff beperken tot recente stuff
|
||||
/* You can't go any further back in time than the GUI could (ongeveer)*/
|
||||
if (S("mld_max_history") > 0)
|
||||
{
|
||||
query.wheres.push("mld_melding_datum > SYSDATE - "+ S("mld_max_history"));
|
||||
}
|
||||
if (!params.filter.status)
|
||||
{
|
||||
/* Limitation: if no status filter, then default to the active statusses (all except 1,6,5) */
|
||||
// Zou zo kunnen, params.filter.status = [0,2,3,4,7];, maar eigenlijk is dit logischer
|
||||
query.wheres.push("mld_melding_status IN (0,2,3,4,7)");
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
/* we need the prefix for the name */
|
||||
@@ -107,15 +112,49 @@ model_issues =
|
||||
query.tables.push("alg_v_allonroerendgoed");
|
||||
query.wheres.push("mld_alg_onroerendgoed_keys = alg_v_allonroerendgoed.alg_onroerendgoed_keys(+)");
|
||||
|
||||
|
||||
if (params.authparams.ALGreadlevel > -1)
|
||||
{
|
||||
/* required for 3D ALG scopeing */
|
||||
alg3d = true;
|
||||
__Log("ALGreadlevel="+params.authparams.ALGreadlevel);
|
||||
query.tables.push("alg_locatie"); /* opletten: outerjoin denk ik? */
|
||||
query.wheres.push("mld_alg_onroerendgoed_keys = alg_locatie.alg_locatie_key(+)");
|
||||
query.tables.push("alg_district");
|
||||
query.wheres.push("alg_locatie.alg_district_key = alg_district.alg_district_key(+)");
|
||||
}
|
||||
if (params.authparams.PRSreadlevel > -1)
|
||||
{
|
||||
/* required for 3D PRS scopeing */
|
||||
prs3d = true;
|
||||
__Log("PRSreadlevel="+params.authparams.PRSreadlevel);
|
||||
query.tables.push("prs_v_afdeling");
|
||||
query.wheres.push("mld_melding.prs_perslid_key = prs_v_afdeling.prs_afdeling_key");
|
||||
}
|
||||
|
||||
var wheres = api2.sqlfilter(params, model_issues);
|
||||
query.wheres = query.wheres.concat(wheres);
|
||||
|
||||
var sql = "SELECT " + query.selects.join(", ")
|
||||
+ " FROM " + query.tables.join(", ")
|
||||
+ " WHERE " + query.wheres.join(" AND " )
|
||||
+ " ORDER BY mld_melding_key";
|
||||
+ " WHERE " + query.wheres.join(" AND " );
|
||||
|
||||
// Over het resultaat moet nog de 3D rasp, altijd
|
||||
sql = discx3d (sql,
|
||||
"ins_tab_discipline.ins_discipline_key",
|
||||
(alg3d ? "alg_regio_key" : null),
|
||||
(alg3d ? "alg_district_key" : null),
|
||||
(alg3d ? "mld_melding.alg_locatie_key" : null),
|
||||
(alg3d ? "alg_v_allonroerendgoed.alg_gebouw_key" : null),
|
||||
(alg3d ? "alg_v_allonroerendgoed.alg_verdieping_key" : null),
|
||||
(alg3d ? "alg_v_allonroerendgoed.alg_ruimte_key" : null),
|
||||
(prs3d ? "prs_bedrijf_key" : null),
|
||||
(prs3d ? "prs_afdeling_key" : null),
|
||||
autfunction,
|
||||
"", /* no additional discipline restrictions */
|
||||
(alg3d && prs3d ? 2 : prs3d ? 1 : 0)
|
||||
);
|
||||
|
||||
sql += " ORDER BY mld_melding_key";
|
||||
|
||||
var json = api2.sql2json (params, sql, model_issues );
|
||||
|
||||
|
||||
Reference in New Issue
Block a user