feat(wiki): Betriebsrat-Berechtigung (r-wiki-br)
Neue Permission r-wiki-br ermöglicht eingeschränkte Wiki-Bearbeitung: - Neue Permission in main_permission (ID 30: r-wiki-br) - Neue Spalte betriebsrat_editable in knowledgecenter_categories_update - Checkbox "Für Betriebsrat bearbeitbar" in der Kategorie-Verwaltung (nur für r-wiki-Redakteure sichtbar und speicherbar) Berechtigungslogik: - r-wiki schlägt immer: Wer beide Rechte hat, verhält sich wie Redakteur - Betriebsrat sieht nur Kategorien mit betriebsrat_editable=1 - "Beitrag erstellen"-Button nur in freigegebenen Kategorien sichtbar - Neue Posts/Bearbeitungen auf betriebsrat_editable-Kategorien beschränkt - Settings-Tab und Kategorieverwaltung weiterhin r-wiki-only - Ajax-Endpoints (save_post_files, delete_post_file, upload_inline_image) prüfen Kategorie-Berechtigung serverseitig File Gallery: - Betriebsrat ist per kc_lock_path auf den Post-eigenen Ordner beschränkt - Redakteur kann frei navigieren (kein Lock) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -24,6 +24,37 @@ require_once($connEnv);
|
|||||||
|
|
||||||
db_connect();
|
db_connect();
|
||||||
|
|
||||||
|
// Prüft ob der aktuelle User Wiki-Schreibrechte hat (r-wiki oder r-wiki-br)
|
||||||
|
function ajax_has_wiki_edit(): bool
|
||||||
|
{
|
||||||
|
$mid = $GLOBALS['main_contact']['master_mandant_id'] ?? 0;
|
||||||
|
$uid = $GLOBALS['main_contact']['id'] ?? 0;
|
||||||
|
return get_permission_state('r-wiki', $mid, $uid) == 1
|
||||||
|
|| get_permission_state('r-wiki-br', $mid, $uid) == 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Betriebsrat darf einen Post nur bearbeiten, wenn er in einer freigegebenen Kategorie liegt.
|
||||||
|
// Gibt false zurück wenn Bearbeitung verboten, true wenn erlaubt.
|
||||||
|
function ajax_can_edit_post(int $postId): bool
|
||||||
|
{
|
||||||
|
$mid = $GLOBALS['main_contact']['master_mandant_id'] ?? 0;
|
||||||
|
$uid = $GLOBALS['main_contact']['id'] ?? 0;
|
||||||
|
if (get_permission_state('r-wiki', $mid, $uid) == 1) {
|
||||||
|
return true; // Redakteur darf immer
|
||||||
|
}
|
||||||
|
if (get_permission_state('r-wiki-br', $mid, $uid) != 1) {
|
||||||
|
return false; // Kein Wiki-Recht
|
||||||
|
}
|
||||||
|
// Betriebsrat: Post muss in betriebsrat_editable Kategorie liegen
|
||||||
|
$res = mysqli_query($GLOBALS['mysql_con'],
|
||||||
|
"SELECT COUNT(*) AS cnt
|
||||||
|
FROM knowledgecenter_category_post kcp
|
||||||
|
JOIN knowledgecenter_categories_update kcu ON kcu.id = kcp.category_id
|
||||||
|
WHERE kcp.post_id = $postId AND kcu.betriebsrat_editable = 1");
|
||||||
|
$row = mysqli_fetch_assoc($res);
|
||||||
|
return $row && (int)$row['cnt'] > 0;
|
||||||
|
}
|
||||||
|
|
||||||
// AJAX-Handler: Falls per POST eine Aktion übergeben wurde, diese verarbeiten und das Skript beenden.
|
// AJAX-Handler: Falls per POST eine Aktion übergeben wurde, diese verarbeiten und das Skript beenden.
|
||||||
if (isset($_POST["action"])) {
|
if (isset($_POST["action"])) {
|
||||||
header('Content-Type: application/json');
|
header('Content-Type: application/json');
|
||||||
@@ -243,6 +274,7 @@ function update_category_detail()
|
|||||||
{
|
{
|
||||||
$is_navigation_item = isset($_POST['is_navigation_item']) ? (int) $_POST['is_navigation_item'] : 0;
|
$is_navigation_item = isset($_POST['is_navigation_item']) ? (int) $_POST['is_navigation_item'] : 0;
|
||||||
$enable_post_color_pickers = isset($_POST['enable_post_color_pickers']) ? (int) $_POST['enable_post_color_pickers'] : 0;
|
$enable_post_color_pickers = isset($_POST['enable_post_color_pickers']) ? (int) $_POST['enable_post_color_pickers'] : 0;
|
||||||
|
$betriebsrat_editable = isset($_POST['betriebsrat_editable']) ? (int) $_POST['betriebsrat_editable'] : 0;
|
||||||
$color_hex = mysqli_real_escape_string($GLOBALS['mysql_con'], $_POST['color_hex'] ?? '');
|
$color_hex = mysqli_real_escape_string($GLOBALS['mysql_con'], $_POST['color_hex'] ?? '');
|
||||||
$categoryId = (int) ($_POST['id'] ?? 0);
|
$categoryId = (int) ($_POST['id'] ?? 0);
|
||||||
$languageId = (int) ($_POST['language_id'] ?? 0);
|
$languageId = (int) ($_POST['language_id'] ?? 0);
|
||||||
@@ -292,6 +324,7 @@ function update_category_detail()
|
|||||||
modified_at = NOW(),
|
modified_at = NOW(),
|
||||||
state = $state,
|
state = $state,
|
||||||
enable_post_color_pickers = $enable_post_color_pickers,
|
enable_post_color_pickers = $enable_post_color_pickers,
|
||||||
|
betriebsrat_editable = $betriebsrat_editable,
|
||||||
color_hex = '$color_hex'
|
color_hex = '$color_hex'
|
||||||
WHERE id = $categoryId";
|
WHERE id = $categoryId";
|
||||||
if (!mysqli_query($GLOBALS['mysql_con'], $mainUpdate)) {
|
if (!mysqli_query($GLOBALS['mysql_con'], $mainUpdate)) {
|
||||||
@@ -1583,6 +1616,10 @@ function save_post_files()
|
|||||||
echo json_encode(['error' => 'Ungültige Post-ID']);
|
echo json_encode(['error' => 'Ungültige Post-ID']);
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
if (!ajax_can_edit_post($postId)) {
|
||||||
|
echo json_encode(['error' => 'Keine Berechtigung']);
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
if (!empty($filesStr)) {
|
if (!empty($filesStr)) {
|
||||||
// Zerlege den String in einzelne Pfade (getrennt durch Komma und optional Leerzeichen)
|
// Zerlege den String in einzelne Pfade (getrennt durch Komma und optional Leerzeichen)
|
||||||
@@ -1650,7 +1687,7 @@ function delete_post_file()
|
|||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
$selectQuery = "SELECT path FROM knowledgecenter_post_files WHERE id = $fileId LIMIT 1";
|
$selectQuery = "SELECT path, post_id FROM knowledgecenter_post_files WHERE id = $fileId LIMIT 1";
|
||||||
$selectResult = mysqli_query($GLOBALS['mysql_con'], $selectQuery);
|
$selectResult = mysqli_query($GLOBALS['mysql_con'], $selectQuery);
|
||||||
if (!$selectResult || mysqli_num_rows($selectResult) === 0) {
|
if (!$selectResult || mysqli_num_rows($selectResult) === 0) {
|
||||||
echo json_encode(['error' => 'Datei-Eintrag nicht gefunden']);
|
echo json_encode(['error' => 'Datei-Eintrag nicht gefunden']);
|
||||||
@@ -1660,6 +1697,11 @@ function delete_post_file()
|
|||||||
$row = mysqli_fetch_assoc($selectResult);
|
$row = mysqli_fetch_assoc($selectResult);
|
||||||
$storedPath = trim((string) ($row['path'] ?? ''));
|
$storedPath = trim((string) ($row['path'] ?? ''));
|
||||||
|
|
||||||
|
if (!ajax_can_edit_post((int)($row['post_id'] ?? 0))) {
|
||||||
|
echo json_encode(['error' => 'Keine Berechtigung']);
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
$userdataRoot = realpath($_SERVER['DOCUMENT_ROOT'] . '/userdata');
|
$userdataRoot = realpath($_SERVER['DOCUMENT_ROOT'] . '/userdata');
|
||||||
if ($userdataRoot === false) {
|
if ($userdataRoot === false) {
|
||||||
echo json_encode(['error' => 'userdata-Verzeichnis nicht gefunden']);
|
echo json_encode(['error' => 'userdata-Verzeichnis nicht gefunden']);
|
||||||
|
|||||||
@@ -58,8 +58,10 @@ if (!$q || !($contactRow = mysqli_fetch_assoc($q))) {
|
|||||||
$contactId = (int) $contactRow['id'];
|
$contactId = (int) $contactRow['id'];
|
||||||
$masterMandantId = (int) $contactRow['master_mandant_id'];
|
$masterMandantId = (int) $contactRow['master_mandant_id'];
|
||||||
|
|
||||||
if (get_permission_state('r-wiki', $masterMandantId, $contactId) != 1) {
|
$hasRwiki = get_permission_state('r-wiki', $masterMandantId, $contactId) == 1;
|
||||||
respond_error('Keine Berechtigung (r-wiki).', 403);
|
$hasRwikiBr = get_permission_state('r-wiki-br', $masterMandantId, $contactId) == 1;
|
||||||
|
if (!$hasRwiki && !$hasRwikiBr) {
|
||||||
|
respond_error('Keine Berechtigung.', 403);
|
||||||
}
|
}
|
||||||
|
|
||||||
$postId = isset($_POST['post_id']) ? (int) $_POST['post_id'] : 0;
|
$postId = isset($_POST['post_id']) ? (int) $_POST['post_id'] : 0;
|
||||||
@@ -72,6 +74,18 @@ if (!$verifyQ || mysqli_num_rows($verifyQ) === 0) {
|
|||||||
respond_error('Beitrag existiert nicht.', 404);
|
respond_error('Beitrag existiert nicht.', 404);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Betriebsrat darf Bilder nur in freigegebene Kategorien hochladen
|
||||||
|
if (!$hasRwiki && $hasRwikiBr) {
|
||||||
|
$brRes = mysqli_query($GLOBALS['mysql_con'],
|
||||||
|
"SELECT COUNT(*) AS cnt FROM knowledgecenter_category_post kcp
|
||||||
|
JOIN knowledgecenter_categories_update kcu ON kcu.id = kcp.category_id
|
||||||
|
WHERE kcp.post_id = $postId AND kcu.betriebsrat_editable = 1");
|
||||||
|
$brRow = mysqli_fetch_assoc($brRes);
|
||||||
|
if (!$brRow || (int)$brRow['cnt'] === 0) {
|
||||||
|
respond_error('Keine Berechtigung für diesen Beitrag.', 403);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (!isset($_FILES['file']) || !is_array($_FILES['file'])) {
|
if (!isset($_FILES['file']) || !is_array($_FILES['file'])) {
|
||||||
respond_error('Keine Datei empfangen.');
|
respond_error('Keine Datei empfangen.');
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -829,7 +829,6 @@ if (isset($_GET[$c_form]) && !empty($_POST)) {
|
|||||||
// Helper-Funktion zur Berechtigungsprüfung
|
// Helper-Funktion zur Berechtigungsprüfung
|
||||||
function require_permission($permissionCode)
|
function require_permission($permissionCode)
|
||||||
{
|
{
|
||||||
// Hier nehmen wir an, dass $GLOBALS["main_contact"] korrekt gesetzt ist
|
|
||||||
if (
|
if (
|
||||||
get_permission_state(
|
get_permission_state(
|
||||||
$permissionCode,
|
$permissionCode,
|
||||||
@@ -842,6 +841,32 @@ function require_permission($permissionCode)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Prüft, ob der User voller Wiki-Redakteur ist (r-wiki)
|
||||||
|
function is_wiki_redakteur(): bool
|
||||||
|
{
|
||||||
|
return get_permission_state('r-wiki', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Prüft, ob der User Betriebsrat-Wiki-Recht hat (r-wiki-br)
|
||||||
|
function is_wiki_betriebsrat(): bool
|
||||||
|
{
|
||||||
|
return get_permission_state('r-wiki-br', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Prüft, ob der User irgendeins der Wiki-Bearbeitungsrechte hat
|
||||||
|
function has_wiki_edit_permission(): bool
|
||||||
|
{
|
||||||
|
return is_wiki_redakteur() || is_wiki_betriebsrat();
|
||||||
|
}
|
||||||
|
|
||||||
|
function require_wiki_edit_permission(): void
|
||||||
|
{
|
||||||
|
if (!has_wiki_edit_permission()) {
|
||||||
|
echo "Sie haben nicht die notwendigen Berechtigungen, um diese Seite zu sehen.";
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Switch-Case für die verschiedenen Aktionen
|
// Switch-Case für die verschiedenen Aktionen
|
||||||
$action = $_GET["action"] ?? "List";
|
$action = $_GET["action"] ?? "List";
|
||||||
switch ($action) {
|
switch ($action) {
|
||||||
@@ -850,6 +875,7 @@ switch ($action) {
|
|||||||
require_once(__DIR__ . '/../Installation/Installation.php');
|
require_once(__DIR__ . '/../Installation/Installation.php');
|
||||||
break;
|
break;
|
||||||
case "Categories":
|
case "Categories":
|
||||||
|
// Kategorieverwaltung nur für vollständige Redakteure
|
||||||
if (isset($_GET['detail'])) {
|
if (isset($_GET['detail'])) {
|
||||||
require_permission('r-wiki');
|
require_permission('r-wiki');
|
||||||
require_once(__DIR__ . '/../Views/categories_cardform.php');
|
require_once(__DIR__ . '/../Views/categories_cardform.php');
|
||||||
@@ -859,7 +885,8 @@ switch ($action) {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case "PostList":
|
case "PostList":
|
||||||
require_permission('r-wiki');
|
// Betriebsrat darf die Post-Liste sehen (gefiltert auf seine Kategorien)
|
||||||
|
require_wiki_edit_permission();
|
||||||
require_once(__DIR__ . '/../Views/post_listform.php');
|
require_once(__DIR__ . '/../Views/post_listform.php');
|
||||||
break;
|
break;
|
||||||
case "Post":
|
case "Post":
|
||||||
@@ -870,7 +897,8 @@ switch ($action) {
|
|||||||
require_once(__DIR__ . '/../Import/Import.php');
|
require_once(__DIR__ . '/../Import/Import.php');
|
||||||
break;
|
break;
|
||||||
case "NewPost":
|
case "NewPost":
|
||||||
require_permission('r-wiki');
|
// Betriebsrat darf neue Posts erstellen (nur in freigegebenen Kategorien)
|
||||||
|
require_wiki_edit_permission();
|
||||||
$_GET['new'] = 1;
|
$_GET['new'] = 1;
|
||||||
require_once(__DIR__ . '/../Views/post_cardform.php');
|
require_once(__DIR__ . '/../Views/post_cardform.php');
|
||||||
break;
|
break;
|
||||||
|
|||||||
@@ -1,15 +1,25 @@
|
|||||||
<script>
|
<script>
|
||||||
|
// Redakteur (r-wiki) darf frei navigieren; Betriebsrat ist auf den Post-Ordner beschränkt
|
||||||
|
var kcUserLockedToPostFolder = <?= (!is_wiki_redakteur() && is_wiki_betriebsrat()) ? 'true' : 'false' ?>;
|
||||||
|
|
||||||
function buildFileGalleryUrl(target, mode, ajaxFunction, nocache) {
|
function buildFileGalleryUrl(target, mode, ajaxFunction, nocache) {
|
||||||
var base = "/module/knowledgecenter_update/Plugins/filesgallery.php?";
|
var base = "/module/knowledgecenter_update/Plugins/filesgallery.php?";
|
||||||
var startPath = (typeof window.kcPostGalleryPath === "string")
|
var postPath = (typeof window.kcPostGalleryPath === "string")
|
||||||
? window.kcPostGalleryPath.replace(/^\/+|\/+$/g, "")
|
? window.kcPostGalleryPath.replace(/^\/+|\/+$/g, "")
|
||||||
: "";
|
: "";
|
||||||
|
|
||||||
|
// Redakteur: kein Lock (leerer kc_lock_path löscht den Session-Lock)
|
||||||
|
// Betriebsrat: immer auf Post-Ordner beschränken
|
||||||
|
var lockPath = kcUserLockedToPostFolder ? postPath : "";
|
||||||
|
|
||||||
var params = "input_id=" + encodeURIComponent(target) +
|
var params = "input_id=" + encodeURIComponent(target) +
|
||||||
"&mode=" + encodeURIComponent(mode) +
|
"&mode=" + encodeURIComponent(mode) +
|
||||||
"&saveajax=" + encodeURIComponent(ajaxFunction || "") +
|
"&saveajax=" + encodeURIComponent(ajaxFunction || "") +
|
||||||
"&kc_lock_path=" + encodeURIComponent(startPath) +
|
"&kc_lock_path=" + encodeURIComponent(lockPath) +
|
||||||
"&nocache=" + nocache;
|
"&nocache=" + nocache;
|
||||||
|
|
||||||
|
// Startverzeichnis: bei Betriebsrat immer Post-Ordner, bei Redakteur auch
|
||||||
|
var startPath = postPath;
|
||||||
if (startPath.length > 0) {
|
if (startPath.length > 0) {
|
||||||
return base + encodeURIComponent(startPath) + "&" + params;
|
return base + encodeURIComponent(startPath) + "&" + params;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -409,6 +409,15 @@ $parentCount = count($parentCategories);
|
|||||||
</label>
|
</label>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<?php $betriebsrat_editable = isset($category['betriebsrat_editable']) ? (int) $category['betriebsrat_editable'] : 0; ?>
|
||||||
|
<div class="aside_section">
|
||||||
|
<label for="betriebsratEditableCheckbox">
|
||||||
|
Für Betriebsrat bearbeitbar
|
||||||
|
<input type="checkbox" id="betriebsratEditableCheckbox" name="betriebsrat_editable" value="1"
|
||||||
|
<?= $betriebsrat_editable === 1 ? 'checked' : '' ?>>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
|
||||||
<?php if (!empty($categoryId)): ?>
|
<?php if (!empty($categoryId)): ?>
|
||||||
<?php
|
<?php
|
||||||
$formatter = new IntlDateFormatter(
|
$formatter = new IntlDateFormatter(
|
||||||
@@ -505,7 +514,7 @@ $parentCount = count($parentCategories);
|
|||||||
var state = $('#stateCheckbox').is(':checked') ? 1 : 0;
|
var state = $('#stateCheckbox').is(':checked') ? 1 : 0;
|
||||||
var isNavigationItem = $('#isNavigationItem').is(':checked') ? 1 : 0;
|
var isNavigationItem = $('#isNavigationItem').is(':checked') ? 1 : 0;
|
||||||
var enablePostColorPickers = $('#enablePostColorPickersCheckbox').is(':checked') ? 1 : 0;
|
var enablePostColorPickers = $('#enablePostColorPickersCheckbox').is(':checked') ? 1 : 0;
|
||||||
|
var betriebsratEditable = $('#betriebsratEditableCheckbox').is(':checked') ? 1 : 0;
|
||||||
|
|
||||||
$.post("/module/knowledgecenter_update/Ajax/Ajax.php", {
|
$.post("/module/knowledgecenter_update/Ajax/Ajax.php", {
|
||||||
action: "update_category_detail",
|
action: "update_category_detail",
|
||||||
@@ -517,7 +526,8 @@ $parentCount = count($parentCategories);
|
|||||||
state: state,
|
state: state,
|
||||||
is_navigation_item: isNavigationItem,
|
is_navigation_item: isNavigationItem,
|
||||||
enable_post_color_pickers: enablePostColorPickers,
|
enable_post_color_pickers: enablePostColorPickers,
|
||||||
color_hex: $('#color_hex').val()
|
color_hex: $('#color_hex').val(),
|
||||||
|
betriebsrat_editable: betriebsratEditable
|
||||||
}, function (response) {
|
}, function (response) {
|
||||||
if (!response.success) {
|
if (!response.success) {
|
||||||
showMessage("Fehler beim Speichern der Übersetzung (" + langCode + "): " + response.error, false);
|
showMessage("Fehler beim Speichern der Übersetzung (" + langCode + "): " + response.error, false);
|
||||||
|
|||||||
@@ -26,6 +26,10 @@ if (empty($GLOBALS['allowedRoles'])) {
|
|||||||
|
|
||||||
// Standard-Redirect-URL (zum Beispiel für Navigation)
|
// Standard-Redirect-URL (zum Beispiel für Navigation)
|
||||||
$redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=List';
|
$redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=List';
|
||||||
|
|
||||||
|
// Betriebsrat sieht nur Kategorien, die für ihn freigegeben sind
|
||||||
|
$_kcBrOnly = !is_wiki_redakteur() && is_wiki_betriebsrat();
|
||||||
|
$brCategoryFilter = $_kcBrOnly ? 'AND c.betriebsrat_editable = 1' : '';
|
||||||
?>
|
?>
|
||||||
<script>
|
<script>
|
||||||
(function () {
|
(function () {
|
||||||
@@ -38,18 +42,29 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis
|
|||||||
<form action="" id="<?= $formname = "categories_posts_listform" ?>" name="<?= $formname ?>" method="post">
|
<form action="" id="<?= $formname = "categories_posts_listform" ?>" name="<?= $formname ?>" method="post">
|
||||||
<div class="titlebar">
|
<div class="titlebar">
|
||||||
<div class="searchbar">
|
<div class="searchbar">
|
||||||
<?php if (get_permission_state('r-wiki', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
|
<?php if (has_wiki_edit_permission()) { ?>
|
||||||
<?= button("post_list", $translation->get("post_list"), $formname, "sendRequest('PostList', true)"); ?>
|
<?= button("post_list", $translation->get("post_list"), $formname, "sendRequest('PostList', true)"); ?>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
<?php if (get_permission_state('r-wiki', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
|
<?php if (is_wiki_redakteur()) { ?>
|
||||||
<?= button("category_list", $translation->get("category_list"), $formname, "sendRequest('Categories', true)"); ?>
|
<?= button("category_list", $translation->get("category_list"), $formname, "sendRequest('Categories', true)"); ?>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
<div id="changeCategoryGridView">
|
<div id="changeCategoryGridView">
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="titlebar-actions">
|
<div class="titlebar-actions">
|
||||||
<?php if (get_permission_state('r-wiki', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
|
<?php
|
||||||
<a href="?action=NewPost&InitialCategory=<?= $_GET["detail"] ?>"
|
// "Beitrag erstellen" für Redakteur immer, für Betriebsrat nur in freigegebenen Kategorien
|
||||||
|
$showCreateBtn = false;
|
||||||
|
if (is_wiki_redakteur()) {
|
||||||
|
$showCreateBtn = true;
|
||||||
|
} elseif ($_kcBrOnly && isset($_GET['detail'])) {
|
||||||
|
$brCatRes = mysqli_query($GLOBALS['mysql_con'],
|
||||||
|
"SELECT betriebsrat_editable FROM knowledgecenter_categories_update WHERE id = " . (int)$_GET['detail'] . " LIMIT 1");
|
||||||
|
$brCatRow = mysqli_fetch_assoc($brCatRes);
|
||||||
|
$showCreateBtn = $brCatRow && (int)$brCatRow['betriebsrat_editable'];
|
||||||
|
}
|
||||||
|
if ($showCreateBtn) { ?>
|
||||||
|
<a href="?action=NewPost&InitialCategory=<?= (int)($_GET["detail"] ?? 0) ?>"
|
||||||
title="<?= $translation->get("new_wiki_post") ?>" role="button" class="green">Beitrag erstellen +</a>
|
title="<?= $translation->get("new_wiki_post") ?>" role="button" class="green">Beitrag erstellen +</a>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
|
|
||||||
@@ -145,6 +160,7 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis
|
|||||||
AND ( cr.role_id IS NULL OR cr.role_id IN ($allowedRoles) )
|
AND ( cr.role_id IS NULL OR cr.role_id IN ($allowedRoles) )
|
||||||
AND ( ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts) )
|
AND ( ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts) )
|
||||||
AND ( cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche) )
|
AND ( cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche) )
|
||||||
|
$brCategoryFilter
|
||||||
GROUP BY
|
GROUP BY
|
||||||
c.id
|
c.id
|
||||||
ORDER BY
|
ORDER BY
|
||||||
@@ -298,6 +314,7 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis
|
|||||||
AND ( cr.role_id IS NULL OR cr.role_id IN ($allowedRoles) )
|
AND ( cr.role_id IS NULL OR cr.role_id IN ($allowedRoles) )
|
||||||
AND ( ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts) )
|
AND ( ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts) )
|
||||||
AND ( cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche) )
|
AND ( cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche) )
|
||||||
|
$brCategoryFilter
|
||||||
GROUP BY
|
GROUP BY
|
||||||
c.id
|
c.id
|
||||||
ORDER BY
|
ORDER BY
|
||||||
|
|||||||
@@ -148,14 +148,22 @@ $initialCategoryId = isset($_GET['InitialCategory']) ? (int) $_GET['InitialCateg
|
|||||||
$InitialProduct = isset($_GET['InitialProduct']) ? (int) $_GET['InitialProduct'] : 0;
|
$InitialProduct = isset($_GET['InitialProduct']) ? (int) $_GET['InitialProduct'] : 0;
|
||||||
|
|
||||||
if ($isNew) {
|
if ($isNew) {
|
||||||
require_permission('r-wiki');
|
require_wiki_edit_permission();
|
||||||
|
|
||||||
// Neuer Beitrag: Lege leere bzw. Standardwerte an
|
// Betriebsrat darf nur in Kategorien erstellen, die als betriebsrat_editable markiert sind
|
||||||
|
if (!is_wiki_redakteur() && $initialCategoryId > 0) {
|
||||||
|
$brCatRes = mysqli_query($GLOBALS['mysql_con'],
|
||||||
|
"SELECT betriebsrat_editable FROM knowledgecenter_categories_update WHERE id = $initialCategoryId LIMIT 1");
|
||||||
|
$brCatRow = mysqli_fetch_assoc($brCatRes);
|
||||||
|
if (!$brCatRow || !(int)$brCatRow['betriebsrat_editable']) {
|
||||||
|
echo "<p>Sie haben nicht die Berechtigung, in dieser Kategorie zu erstellen.</p>";
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$canEditPost = true; // Berechtigung schon oben geprüft
|
||||||
$postId = 0;
|
$postId = 0;
|
||||||
$post = [
|
$post = ['id' => 0];
|
||||||
'id' => 0,
|
|
||||||
// Weitere Felder kannst du hier ggf. ergänzen
|
|
||||||
];
|
|
||||||
$versionCount = 0;
|
$versionCount = 0;
|
||||||
$currentVersion = [
|
$currentVersion = [
|
||||||
'id' => 0,
|
'id' => 0,
|
||||||
@@ -178,6 +186,18 @@ if ($isNew) {
|
|||||||
echo "<p>Sie haben nicht die notwendigen Berechtigungen.</p>";
|
echo "<p>Sie haben nicht die notwendigen Berechtigungen.</p>";
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Schreibrechte: Redakteur darf alles; Betriebsrat nur in freigegebenen Kategorien
|
||||||
|
$canEditPost = is_wiki_redakteur();
|
||||||
|
if (!$canEditPost && is_wiki_betriebsrat()) {
|
||||||
|
$brEditRes = mysqli_query($GLOBALS['mysql_con'],
|
||||||
|
"SELECT COUNT(*) AS cnt
|
||||||
|
FROM knowledgecenter_category_post kcp
|
||||||
|
JOIN knowledgecenter_categories_update kcu ON kcu.id = kcp.category_id
|
||||||
|
WHERE kcp.post_id = $postId AND kcu.betriebsrat_editable = 1");
|
||||||
|
$brEditRow = mysqli_fetch_assoc($brEditRes);
|
||||||
|
$canEditPost = ($brEditRow && (int)$brEditRow['cnt'] > 0);
|
||||||
|
}
|
||||||
// Beitrag aus der Haupttabelle abrufen
|
// Beitrag aus der Haupttabelle abrufen
|
||||||
$sqlPost = "SELECT * FROM knowledgecenter_posts WHERE id = $postId LIMIT 1";
|
$sqlPost = "SELECT * FROM knowledgecenter_posts WHERE id = $postId LIMIT 1";
|
||||||
$resPost = mysqli_query($GLOBALS['mysql_con'], $sqlPost);
|
$resPost = mysqli_query($GLOBALS['mysql_con'], $sqlPost);
|
||||||
@@ -363,7 +383,7 @@ if ($resLinkedForm && mysqli_num_rows($resLinkedForm) > 0) {
|
|||||||
<a href="#tab-files"><?= $translation->get("files") ?> (<?php echo $fileCount; ?>)</a>
|
<a href="#tab-files"><?= $translation->get("files") ?> (<?php echo $fileCount; ?>)</a>
|
||||||
<a href="#tab-contacts"><?= $translation->get("Ansprechpartner") ?> (<?php echo $contactCount; ?>)</a>
|
<a href="#tab-contacts"><?= $translation->get("Ansprechpartner") ?> (<?php echo $contactCount; ?>)</a>
|
||||||
<a href="#tab-versions"><?= $translation->get("version_history") ?> (<?php echo $versionCount; ?>)</a>
|
<a href="#tab-versions"><?= $translation->get("version_history") ?> (<?php echo $versionCount; ?>)</a>
|
||||||
<?php if (get_permission_state('r-wiki', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
|
<?php if (is_wiki_redakteur()) { ?>
|
||||||
<a href="#tab-settings"><?= $translation->get("settings") ?></a>
|
<a href="#tab-settings"><?= $translation->get("settings") ?></a>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
</div>
|
</div>
|
||||||
@@ -431,7 +451,7 @@ if ($resLinkedForm && mysqli_num_rows($resLinkedForm) > 0) {
|
|||||||
require_once 'post_cardform_version_history.php';
|
require_once 'post_cardform_version_history.php';
|
||||||
?>
|
?>
|
||||||
</div>
|
</div>
|
||||||
<?php if (get_permission_state('r-wiki', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
|
<?php if (is_wiki_redakteur()) { ?>
|
||||||
<div id="tab-settings" class="tab-content">
|
<div id="tab-settings" class="tab-content">
|
||||||
<?php
|
<?php
|
||||||
require_once 'post_cardform_settings.php';
|
require_once 'post_cardform_settings.php';
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
<div class="titlebar_small">
|
<div class="titlebar_small">
|
||||||
<h2><?= $translation->get("files") ?></h2>
|
<h2><?= $translation->get("files") ?></h2>
|
||||||
<?php if (get_permission_state('r-wiki', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
|
<?php if (($canEditPost ?? false)) { ?>
|
||||||
<div class="post-action-btn-small green openFileGalleryMulti" title="Datei hinzufügen"
|
<div class="post-action-btn-small green openFileGalleryMulti" title="Datei hinzufügen"
|
||||||
data-ajax-function="saveFilesAjax" data-target="post_files">+
|
data-ajax-function="saveFilesAjax" data-target="post_files">+
|
||||||
</div>
|
</div>
|
||||||
@@ -111,7 +111,7 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Definiere den Lösch-Button
|
// Definiere den Lösch-Button
|
||||||
<?php if (get_permission_state('r-wiki', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
|
<?php if (($canEditPost ?? false)) { ?>
|
||||||
var deleteButton = "<span class='file-delete post-action-btn-small' data-file-id='" + file.id + "' onclick='deleteFile(" + file.id + ")'>✕</span>";
|
var deleteButton = "<span class='file-delete post-action-btn-small' data-file-id='" + file.id + "' onclick='deleteFile(" + file.id + ")'>✕</span>";
|
||||||
<?php } else {
|
<?php } else {
|
||||||
?>
|
?>
|
||||||
|
|||||||
Reference in New Issue
Block a user