admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f7129dc022f9cbdcb443aae02ae1d449c2367d8e
Facilitor/APPL/API2/model_persons.inc
Jos Groot Lipman bc04e346e4 FSN#35817 Autorisaties via API2/Scaffolding 
svn path=/Website/trunk/; revision=28508
2016-03-17 08:30:49 +00:00

106 lines
4.7 KiB
PHP
Raw Blame History

<% /*
$Revision$
$Id$
File: model_persons.inc
Description: Perslid model.
Parameters:
Context:
- Notes: - We ondersteunen nog alleen opvragen van je eigen gegevens
- Standaard voegen we de gegevens van de hoofdwerkplek toe
- Ooit doen we er nog een include bij van alle werkplekken.
*/
%>
<!-- #include file="../Shared/discxalg3d.inc"-->
<!-- #include file="model_tracking.inc"-->
<!-- #include file="model_fac_gebruikersgroep.inc" -->
<%
function fnApiToken(oRs, field, model)
{
var hmac = protectHMAC.create(oRs("prs_perslid_oslogin").Value, { sleutel: oRs("prs_perslid_apikey").Value });
return hmac;
}
model_persons =
{
table: "prs_perslid",
primary: "prs_perslid_key",
records_name: "persons",
record_name: "person",
fields: {"id" : { dbs: "prs_perslid_key", typ: "key", filter: "exact"},
"lastname" : { dbs: "prs_perslid_naam", label: L("lcl_prs_person_name"), typ: "varchar", filter: "like"},
"firstname" : { dbs: "prs_perslid_voornaam", label: L("lcl_prs_person_voornaam"), typ: "varchar", filter: "like"},
"mail" : { dbs: "prs_perslid_email", label: L("lcl_prs_person_email"), typ: "varchar", filter: "exact"},
"login" : { dbs: "prs_perslid_oslogin", label: L("lcl_prs_person_login"), typ: "varchar", filter: "exact"},
"department": { dbs: "prs_afdeling_key", label: L("lcl_prs_organisatie"), typ: "key", foreign: "prs_afdeling"},
"location" : { dbs: "prs_v_werkplek_gegevens.alg_locatie_key", typ: "key", foreign: "alg_locatie", filter: "exact"},
"building" : { dbs: "prs_v_werkplek_gegevens.alg_gebouw_key", typ: "key", foreign: "alg_gebouw" },
"floor" : { dbs: "prs_v_werkplek_gegevens.alg_verdieping_key", typ: "key", foreign: "alg_verdieping" },
"room" : { dbs: "prs_v_werkplek_gegevens.alg_ruimte_key", typ: "key", foreign: "alg_ruimte" }
},
includes: { "tracking": {
model: new model_tracking(['perslid']),
joinfield: "fac_tracking_refkey"
},
"authorization": {
"model": new model_fac_gebruikersgroep(),
"joinfield": "user"
}
},
REST_GET: function _GET(params)
{
//var urole = "fe"; // TODO: Moet echt niet ter zake doen
//var autfunction = urole == "fe"? "WEB_ALGUSE" : "WEB_ALGMAN";
//params.authparams = user.checkAutorisation(autfunction, null, null, true); // pessimistisch
if (app_user_key > 0) // Alleen App's mogen dit opvragen. TODO: Ook echt authorisatie controleren?
{
if (user.prs_perslid_apikey() && user.oslogin())
{
this.fields["authtoken"] = { dbs: "prs_perslid_apikey", typ: "varchar", val: fnApiToken };
}
}
var query = api2.sqlfields(params, model_persons );
query.tables.push("prs_v_werkplek_gegevens");
query.tables.push("prs_v_hoofdperslidwerkplek");
query.wheres.push("prs_v_hoofdperslidwerkplek.prs_perslid_key(+) = prs_perslid.prs_perslid_key");
query.wheres.push("prs_v_hoofdperslidwerkplek.prs_werkplek_key = prs_v_werkplek_gegevens.prs_werkplek_key(+)");
if (!user.checkAutorisation("WEB_PRSSYS", true)) // PAS OP: Dit verwacht AAFM-API niet!!!
query.wheres.push("prs_perslid.prs_perslid_key = " + user_key); // Altijd fe vooralnog, TODO: Add authorization
else
query.wheres.push("prs_perslid.prs_perslid_verwijder IS NULL");
var wheres = api2.sqlfilter(params, model_persons);
query.wheres = query.wheres.concat(wheres);
var sql = "SELECT " + query.selects.join(", ")
+ " FROM " + query.tables.join(", ")
+ " WHERE " + query.wheres.join(" AND " )
+ " ORDER BY prs_perslid.prs_perslid_key";
if (query.orderbys.length)
sql += ", " + query.orderbys.join(", ");
var json = api2.sql2json (params, sql, model_persons );
return json;
},
PUT: function (params) /* update building */
{
// Nog niet ondersteund
},
POST: function (params) /* new building */
{
// Nog niet ondersteund
},
DELETE: function (params) /* delete building */
{
// Nog niet ondersteund
}
}
%>
View Git Blame Copy Permalink