223 lines
9.3 KiB
PHP
223 lines
9.3 KiB
PHP
<% /*
|
|
$Revision$
|
|
$Id$
|
|
|
|
File: model_reportsx.inc
|
|
|
|
Description: rapport model voor het *definieren* van rapporten.
|
|
Zal rapporten niet uitvoeren dus. Daar is model_reports voor
|
|
Parameters:
|
|
Context:
|
|
|
|
Notes:
|
|
*/
|
|
%>
|
|
<!-- #include file="../Shared/json2.js" -->
|
|
<!-- #include file="./model_reportcolumns.inc" -->
|
|
<%
|
|
|
|
function model_reportsx(usrrap_key, params)
|
|
{
|
|
params = params || {};
|
|
this.table = "fac_usrrap";
|
|
this.primary = "fac_usrrap_key";
|
|
this.records_name = "reports";
|
|
this.record_name = "report";
|
|
this.records_title = L("lcl_menu_fac_reports");
|
|
this.record_title = L("lcl_usrrap_report");
|
|
|
|
this.fields = { "id" : { dbs: "fac_usrrap_key", typ: "key", label: "Key", filter: "exact" },
|
|
"name" : { dbs: "fac_usrrap_omschrijving", typ: "varchar", label: L("lcl_usrrap_report"), filter: "like", translate: true , len : 60},
|
|
"description" : { dbs: "fac_usrrap_info", typ: "varchar", label: L("lcl_usrrap_info"), filter: "like", translate: true },
|
|
"viewname" : { dbs: "fac_usrrap_view_name", typ: "varchar", label: L("lcl_usrrap_viewname"), filter: "like"},
|
|
"authorisation": { dbs: "fac_functie_key", typ: "key", label: L("lcl_usrrap_functie"), foreign: "fac_functie"},
|
|
"group" : { dbs: "fac_usrrap_groep", typ: "varchar", label: L("lcl_usrrap_groep"), filter: "like" },
|
|
"styling" : { dbs: "fac_usrrap_functie", typ: "key", label: L("lcl_usrrap_styling"),
|
|
LOV: L("lcl_usrrap_stylingLOV") }, // 0;on-gestylede;1;gestylede;2;procedure;3;procedure gestyled;8;Via tabelizer;16;mobile
|
|
|
|
"urllink" : { dbs: "fac_usrrap_urllink", typ: "varchar", label: L("lcl_usrrap_urllink")},
|
|
"autorefresh" : { dbs: "fac_usrrap_autorefresh", typ: "check", label: L("lcl_usrrap_autorefresh")}
|
|
};
|
|
this.list = { columns: ["id", "name", "description"] };
|
|
this.search = { autosearch: true,
|
|
filters: ["id", "name", "description"]
|
|
};
|
|
|
|
this.includes = {"columns": { model: new model_reportcolumns(usrrap_key, { internal: true }),
|
|
joinfield: "fac_usrrap_key"
|
|
}
|
|
};
|
|
|
|
this.is_safe_view = function(viewname)
|
|
{
|
|
if (viewname.match(/^..._V_UDR_.*/i))
|
|
return true;
|
|
if (viewname.substr(0, 4).toUpperCase() == customerId)
|
|
return true;
|
|
|
|
// AAXX en PCHX even hardcoded. Met 2015.2 komt echte setting
|
|
var regexp = "^(AAXX|PCHX)"; // S("fac_usrrap_safe_view_regexp")
|
|
|
|
if (regexp && new RegExp(regexp, 'i').test(viewname))
|
|
return true;
|
|
|
|
return false;
|
|
};
|
|
|
|
this._check_authorization = function(params, method)
|
|
{
|
|
params.message = "";
|
|
var autfunction = "WEB_PRSSYS";
|
|
params.authparams = user.checkAutorisation(autfunction); // pessimistisch
|
|
};
|
|
|
|
this._analyze_fields = function (dbfields, params, jsondata) /* analyseer inkomende data, common voor PUT en POST */
|
|
{
|
|
if (user.oslogin() != "_FACILITOR") // Die mag alles
|
|
{
|
|
user.auth_required_or_abort(this.is_safe_view(jsondata.viewname));
|
|
}
|
|
};
|
|
|
|
this._clone_report_cols = function(old_usrrap_key, new_model)
|
|
{
|
|
var oldrap = usrrap.fac_usrrap_info(old_usrrap_key); // Niet via 'model', die kan geen VIEW-rapporten aan
|
|
|
|
for (var i = 0; i < oldrap.columns.length; i++)
|
|
{
|
|
var column = oldrap.columns[i];
|
|
var newcol = { sequence: (i+1) * 10,
|
|
name: column.column_name,
|
|
datatype: column.datatype||"varchar",
|
|
caption: column.caption,
|
|
visible: column.visible,
|
|
filter: column.filter
|
|
}
|
|
new_model.columns.push(newcol);
|
|
}
|
|
__Log(new_model);
|
|
};
|
|
|
|
this.REST_GET = function _reportsx_GET(params, jsondata)
|
|
{
|
|
var query = api2.sqlfields(params, this);
|
|
|
|
var wheres = api2.sqlfilter(params, this);
|
|
query.wheres = query.wheres.concat(wheres);
|
|
|
|
var authparams = user.checkAutorisation("WEB_PRSSYS", true);
|
|
if (!authparams)
|
|
{
|
|
query.wheres.push("(fac_functie_key IN"
|
|
+ " (SELECT w.fac_functie_key"
|
|
+ " FROM fac_v_webgebruiker W"
|
|
+ " WHERE w.prs_perslid_key = " + user_key
|
|
+ " ) OR fac_functie_key IS NULL)");
|
|
}
|
|
if ((S("fac_usrrap_mode") & 1) != 1) // Als je niet mag clonen heb je niets aan UDR rapporten
|
|
{
|
|
query.wheres.push("UPPER(fac_usrrap_view_name) NOT LIKE '%\\_V\\_UDR%' ESCAPE '\\'");
|
|
}
|
|
var sql = "SELECT " + query.selects.join(", ")
|
|
+ " FROM " + query.tables.join(", ")
|
|
+ (query.wheres.length ? " WHERE " + query.wheres.join(" AND " ) : "")
|
|
+ " ORDER BY 2";
|
|
|
|
if (params.include && params.include.length)
|
|
sql += ", fac_usrrap_cols_volgnr";
|
|
|
|
var json = api2.sql2json (params, sql, this);
|
|
if (json.length == 1 && params.include && "columns" in params.include && json[0].columns.length == 0)
|
|
{
|
|
this.includes["columns"].model._view2columns(params.filter.id);
|
|
var json = api2.sql2json (params, sql, this );
|
|
}
|
|
if (json.length == 1 && "viewname" in json[0] && !this.is_safe_view(json[0].viewname))
|
|
this.fields["viewname"].readonly = true;
|
|
|
|
return json;
|
|
};
|
|
|
|
this.REST_PUT = function _reportsx_REST_PUT(params, jsondata, the_key) /* update report */
|
|
{
|
|
this._check_authorization(params, "PUT");
|
|
|
|
var dbfields = api2.update_fields(params, this, jsondata); // Build updater
|
|
this._analyze_fields(dbfields, params, jsondata);
|
|
|
|
var wheres = [" fac_usrrap_key = " + the_key];
|
|
var roomUpd = buildTrackingUpdate("fac_usrrap", wheres.join(" AND " ), dbfields, { noValidateToken: true });
|
|
|
|
var err = Oracle.Execute(roomUpd.sql, true);
|
|
if (err.friendlyMsg)
|
|
abort_with_warning(err.friendlyMsg);
|
|
|
|
var beztrack = api2.process_includes(params, this, jsondata, the_key);
|
|
|
|
return { key: the_key, warning: "" };
|
|
};
|
|
|
|
this.REST_POST = function _reportsx_REST_POST(params, jsondata) /* new report */
|
|
{
|
|
this._check_authorization(params, "POST");
|
|
|
|
var dbfields = api2.update_fields(params, this, jsondata); // Build updater
|
|
this._analyze_fields(dbfields, params, jsondata);
|
|
|
|
dbfields["xxx"] = {dbs: "fac_usrrap_key", typ: "key", seq: "fac_s_fac_usrrap_key" };
|
|
var rapIns = buildInsert("fac_usrrap", dbfields, { noValidateToken: true });
|
|
var rap_key = rapIns.sequences["fac_usrrap_key"];
|
|
|
|
var err = Oracle.Execute(rapIns.sql, true);
|
|
if (err.friendlyMsg)
|
|
abort_with_warning(err.friendlyMsg);
|
|
|
|
var beztrack = api2.process_includes(params, this, jsondata, rap_key);
|
|
|
|
return { key: rap_key, warning: "" };
|
|
};
|
|
|
|
this.REST_DELETE = function (params, the_key) /* delete report */
|
|
{
|
|
this._check_authorization(params, "DELETE");
|
|
var sql = "DELETE FROM fac_usrrap"
|
|
+ " WHERE fac_usrrap_key = " + the_key;
|
|
|
|
var err = Oracle.Execute(sql, true);
|
|
if (err.friendlyMsg)
|
|
abort_with_warning(err.friendlyMsg);
|
|
|
|
return { key: the_key, warning: "" };
|
|
};
|
|
|
|
if (!params.internal)
|
|
{
|
|
if (user.oslogin() == "_FACILITOR")
|
|
settings.overrule_setting("fac_usrrap_mode", 0xff); // _FACILITOR mag alles
|
|
else
|
|
{
|
|
// ooit iets als this.fields["viewname"].foreignsql = "SELECT object_name FROM user_objects WHERE objecttype = 'VIEW' AND <<safe>>";
|
|
// scaffolding.inc / scf_RWFIELDTR moet dan wel foreignsql gaan ondersteunen
|
|
}
|
|
|
|
if (!user.checkAutorisation("WEB_PRSSYS", true))
|
|
{ // Dit heeft betrekking op de zoekvelden van appl/fac/fac_reportx_show.asp?mode=search
|
|
// Omdat wij standaard linken naaar mode=list speelt dit zelden.
|
|
for (var fld in this.fields)
|
|
{
|
|
if (fld != "id" && fld != "name" && fld != "description")
|
|
this.fields[fld].hidden = true;
|
|
}
|
|
this.list.columns = ["name", "description"];
|
|
this.fields["id"].filter = false;
|
|
}
|
|
}
|
|
|
|
if (usrrap_key > 0)
|
|
{
|
|
params.filter = { "id" : usrrap_key };
|
|
this.data = this.REST_GET(params)[0];
|
|
}
|
|
|
|
}
|
|
%> |