<% /*
    $Revision$
    $Id$

    File:           model_floors.inc

    Description:    floor model.
    Parameters:
    Context:

    Notes:          Eerste opzet, (geaggregeerde) data als oppervlakte e.d. is voorstelbaar
*/

%>
<!-- #include file="../Shared/discxalg3d.inc"-->
<%
model_floors =
{
    table: "alg_verdieping",
    primary: "alg_verdieping_key",
    records_name: "floors",
    record_name: "floor",
    fields: {"id"      : { dbs: "alg_verdieping_key",          typ: "key",     filter: "exact" },
             "name"    : { dbs: "alg_verdieping_omschrijving", typ: "varchar"},
             "code"    : { dbs: "alg_verdieping_code",         typ: "varchar", filter: "exact"},
             "sequence": { dbs: "alg_verdieping_volgnr",       typ: "number",  filter: "exact"}, /* range zou ook kunnen */
             "building": { dbs: "alg_gebouw_key",              typ: "key",     foreign: "alg_gebouw"}
            },
    REST_GET: function _GET(params)
        {
            var urole = "fe"; // TODO: Moet echt niet ter zake doen
            var autfunction = urole == "fe"? "WEB_ALGUSE" : "WEB_ALGMAN";
            params.authparams = user.checkAutorisation(autfunction, null, null, true); // pessimistisch

            var query = api2.sqlfields(params, model_floors);
            query.wheres.push("alg_verdieping_verwijder IS NULL");

            if ( params.authparams.ALGreadlevel > -1 )
            {  // Er is een scope-beperking van kracht
                query.wheres.push("alg_verdieping_key IN "
                                   + "(SELECT alg_verdieping_key FROM fac_v_my_floors "
                                   +   "WHERE prs_perslid_key="+user_key
                                   +    " AND niveau=" + params.authparams.ALGreadlevel + ")");
            }

            var wheres = api2.sqlfilter(params, model_floors)
            query.wheres = query.wheres.concat(wheres);

            var sql = "SELECT " + query.selects.join(", ")
                    + "  FROM " + query.tables.join(", ")
                    + " WHERE " + query.wheres.join(" AND " )
                    + " ORDER BY alg_verdieping_omschrijving";

            var json = api2.sql2json (params, sql, model_floors);

            return json;
        },
    PUT: function (params) /* update floor */
    {
    },
    POST: function (params) /* new floor */
    {
    },
    DELETE: function (params, jsondata, the_key) /* delete floor */
    {
            var autfunction = "WEB_ALGMAN";
            // TODO: echte autorisatie
            params.authparams = user.checkAutorisation(autfunction, null, null, true); // pessimistisch
            if (params.authparams.ALGwritelevel)
            {
                var wheres = [" alg_verdieping_key = " + the_key];
                var sql = "UPDATE alg_verdieping SET alg_verdieping_verwijder = SYSDATE "
                        + " WHERE " + wheres.join(" AND " )
                        + " AND alg_verdieping_verwijder IS NULL";

                // Pas als het safe is: Oracle.Execute(sql);
            }
    }
}
%>