171 lines
5.5 KiB
Plaintext
171 lines
5.5 KiB
Plaintext
<%@ LANGUAGE = JavaScript %>
|
|
<% /*
|
|
$Revision$
|
|
$Id$
|
|
|
|
File: prs_delete.asp
|
|
Description: Verwijderen prs-object
|
|
|
|
Parameters: key
|
|
level: "A" "B" "P" "K" "G" "KPN"
|
|
Context: Vanuit show-schermen en of vanuit overzichten
|
|
Result: JSON object
|
|
Note:
|
|
|
|
*/
|
|
var JSON_Result = true;
|
|
%>
|
|
<!--#include file="../Shared/common.inc"-->
|
|
<!--#include file="../Shared/json2.js" -->
|
|
<%
|
|
protectRequest.validateToken();
|
|
// TODO: Nauwkeuriger controleren
|
|
var prs_key_arr = getFParamIntArray("key");
|
|
var level = getFParam('level');
|
|
|
|
var authparams;
|
|
var canDelete;
|
|
var kDeleteFACMAN = false;
|
|
var bDeletePRSMAN = false;
|
|
var bDeleteRELMAN = false;
|
|
if (level == "K")
|
|
{
|
|
authparams = user.checkAutorisation("WEB_FINMSU", true); // Mandateren
|
|
canDelete = authparams && (authparams.ALGwritelevel < 9 && authparams.PRSwritelevel < 9);
|
|
if (!authparams || !canDelete)
|
|
{
|
|
authparams = user.checkAutorisation("WEB_FACMAN", true); // Ondermandateren
|
|
canDelete = authparams && authparams.PRSwritelevel < 9;
|
|
kDeleteFACMAN = canDelete;
|
|
}
|
|
}
|
|
else if (level == "D")
|
|
{
|
|
authparams = user.checkAutorisation("WEB_PRSMSU", true);
|
|
canDelete = authparams && (authparams.ALGwritelevel < 9 && authparams.PRSwritelevel < 9);
|
|
}
|
|
else if (level == "B")
|
|
{
|
|
authparams = user.checkAutorisation("WEB_PRSMAN", true);
|
|
bDeletePRSMAN = authparams && authparams.PRSwritelevel < 9;
|
|
|
|
authparams = user.checkAutorisation("WEB_RELMAN", true);
|
|
bDeleteRELMAN = authparams && authparams.PRSwritelevel < 9;
|
|
canDelete = (bDeletePRSMAN || bDeleteRELMAN);
|
|
}
|
|
else if (level == "C")
|
|
{
|
|
authparams = user.checkAutorisation("WEB_RELUSE", true);
|
|
canDelete = authparams && (authparams.ALGwritelevel < 9 && authparams.PRSwritelevel < 9);
|
|
}
|
|
else
|
|
{
|
|
authparams = user.checkAutorisation("WEB_PRSMAN", true);
|
|
canDelete = authparams && (authparams.ALGwritelevel < 9 && authparams.PRSwritelevel < 9);
|
|
}
|
|
|
|
var tobedeleted = 0;
|
|
var ingesloten = [];
|
|
for (var i = 0; i < prs_key_arr.length; i++)
|
|
{
|
|
if (canDelete)
|
|
{ // De rechten heb je
|
|
var hasverplichtingen = false;
|
|
var canDeleteK = true;
|
|
var canDeleteB = true;
|
|
if (level == "P")
|
|
{ // Heeft de persoon nog verplichtingen
|
|
var sql = "SELECT 'x' FROM prs_v_verplichting_keys WHERE prs_perslid_key = " + prs_key_arr[i];
|
|
oRs = Oracle.Execute(sql);
|
|
if (!oRs.eof)
|
|
{
|
|
hasverplichtingen = true;
|
|
}
|
|
}
|
|
if (level == "K" && kDeleteFACMAN)
|
|
{ // Ik heb alleen WEB_FACMAN schrijfrechten
|
|
// WEB_FACMAN mag alleen ondermantering aanpassen van kostenplaatsen waar hij verantwoordelijke voor is.
|
|
sql = "SELECT 1"
|
|
+ " FROM prs_perslidkostenplaats ppk,"
|
|
+ " prs_kostenplaats pk"
|
|
+ " WHERE prs_perslidkostenplaats_key = " + prs_key_arr[i]
|
|
+ " AND pk.prs_kostenplaats_key = ppk.prs_kostenplaats_key"
|
|
+ " AND pk.prs_perslid_key = " + user_key;
|
|
var oRs = Oracle.Execute(sql);
|
|
if (oRs.eof)
|
|
canDeleteK = false; // want geen eigen mandaat
|
|
}
|
|
if (level == "B")
|
|
{
|
|
sql = "SELECT nvl(prs_bedrijf_intern, 0) intern"
|
|
+ " FROM prs_bedrijf"
|
|
+ " WHERE prs_bedrijf_key = " + prs_key_arr[i];
|
|
var oRs = Oracle.Execute(sql);
|
|
if (oRs.eof || ((oRs("intern").value == 1) && !bDeletePRSMAN) || ((oRs("intern").value == 0) && !bDeleteRELMAN))
|
|
canDeleteB = false;
|
|
}
|
|
|
|
if ((level != "P" || !hasverplichtingen) && (level != "K" || canDeleteK) && (level != "B" || canDeleteB))
|
|
{
|
|
ingesloten.push(prs_key_arr[i]);
|
|
tobedeleted++;
|
|
}
|
|
}
|
|
}
|
|
// Als het geen multi-delete is en een persoon heeft nog verplichtingen dan kan een naukeurige melding gegeven worden.
|
|
if (prs_key_arr.length == 1 && level == "P" && hasverplichtingen)
|
|
shared.simpel_page(L("lcl_prs_person_verplichtingen"));
|
|
else
|
|
user.anything_todo_or_abort(tobedeleted > 0); // We klagen niet over enkele wel en enkele niet.
|
|
|
|
// We weten nu welke verwijderd mogen worden
|
|
var dienst_key = getFParamInt('dienst_key', '-1'); // prs_dienst heeft 2 ingangen (combinatie dienst /bedrijf key of dloc_key)
|
|
var bedrijf_key = getFParamInt('bedrijf_key', '-1');
|
|
|
|
var table = {A : "PRS_AFDELING",
|
|
B : "PRS_BEDRIJF",
|
|
P : "PRS_PERSLID",
|
|
C : "PRS_CONTACTPERSOON",
|
|
D : "PRS_BEDRIJFDIENSTLOCATIE",
|
|
G : "PRS_KOSTENPLAATSGRP",
|
|
K : "PRS_PERSLIDKOSTENPLAATS",
|
|
KPN : "PRS_KOSTENPLAATS"}[level];
|
|
|
|
if (table == "PRS_PERSLIDKOSTENPLAATS" || table == "PRS_KOSTENPLAATSGRP")
|
|
{
|
|
sql = "DELETE FROM " + table
|
|
+ " WHERE " + table + "_key IN (" + ingesloten.join(",") + ")";
|
|
}
|
|
else if (table == "PRS_BEDRIJFDIENSTLOCATIE")
|
|
{
|
|
sql = "DELETE FROM " + table
|
|
+ " WHERE PRS_DIENST_KEY = " + dienst_key
|
|
+ " AND PRS_BEDRIJF_KEY = " + bedrijf_key;
|
|
}
|
|
else
|
|
{
|
|
sql = "UPDATE " + table
|
|
+ " SET " + table + "_VERWIJDER = " + "SYSDATE"
|
|
+ " WHERE " + table + "_key IN (" + ingesloten.join(",") + ")";
|
|
}
|
|
|
|
result = {success: true, deleted: true};
|
|
var err = Oracle.Execute(sql, true);
|
|
if (err.friendlyMsg)
|
|
{
|
|
result.message = err.friendlyMsg;
|
|
result.deleted = false;
|
|
}
|
|
else
|
|
{
|
|
if (level == "P") // we hebben alleen nog maar tracking op personen
|
|
{
|
|
for (var i = 0; i < ingesloten.length; i++)
|
|
{
|
|
shared.trackaction("PRSDEL", ingesloten[i]);
|
|
}
|
|
}
|
|
}
|
|
|
|
Response.Write(JSON.stringify(result));
|
|
%> |