diff --git a/module/knowledgecenter_update/Ajax/Ajax.php b/module/knowledgecenter_update/Ajax/Ajax.php index 5d08c5a..facdba2 100644 --- a/module/knowledgecenter_update/Ajax/Ajax.php +++ b/module/knowledgecenter_update/Ajax/Ajax.php @@ -133,6 +133,29 @@ if (isset($_POST["action"])) { $result = update_post_roles($postId, $roleIds); echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]); exit; + + case 'update_post_einrichts': + $postId = (int) ($_POST['post_id'] ?? 0); + $einrichtIds = json_decode($_POST['einrichts'], true) ?: []; + if ($postId <= 0) { + echo json_encode(['error' => 'Ungültige Post-ID']); + exit; + } + $result = update_post_einrichts($postId, $einrichtIds); + echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]); + exit; + + case 'update_post_fachbereiche': + $postId = (int) ($_POST['post_id'] ?? 0); + $fachbereichIds = json_decode($_POST['fachbereiche'], true) ?: []; + if ($postId <= 0) { + echo json_encode(['error' => 'Ungültige Post-ID']); + exit; + } + $result = update_post_fachbereiche($postId, $fachbereichIds); + echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]); + exit; + case 'update_post_products': $postId = (int) ($_POST['post_id'] ?? 0); $productIds = json_decode($_POST['products'] ?? '[]', true) ?: []; @@ -463,15 +486,56 @@ function update_category_roles($categoryId, $roleIds) } /** - * Kombinierte Funktion, die alle drei Link-Tabellen aktualisiert. + * Löscht alte Einrichtungs-Verknüpfungen und fügt neue ein. + */ +function update_category_einrichts($categoryId, $einrichtIds) +{ + $deleteQuery = "DELETE FROM knowledgecenter_category_einricht WHERE category_id = $categoryId"; + if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) { + return "Fehler beim Löschen der Einrichtungs-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']); + } + foreach ($einrichtIds as $einrichtId) { + $einrichtId = (int) $einrichtId; + $insertQuery = "INSERT INTO knowledgecenter_category_einricht (category_id, einricht_id, created_at) + VALUES ($categoryId, $einrichtId, NOW())"; + if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) { + return "Fehler beim Einfügen der Einrichtungs-ID $einrichtId: " . mysqli_error($GLOBALS['mysql_con']); + } + } + return true; +} + +/** + * Löscht alte Fachbereich-Verknüpfungen und fügt neue ein. + */ +function update_category_fachbereiche($categoryId, $fachbereichIds) +{ + $deleteQuery = "DELETE FROM knowledgecenter_category_fachbereich WHERE category_id = $categoryId"; + if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) { + return "Fehler beim Löschen der Fachbereich-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']); + } + foreach ($fachbereichIds as $fachbereichId) { + $fachbereichId = (int) $fachbereichId; + $insertQuery = "INSERT INTO knowledgecenter_category_fachbereich (category_id, fachbereich_id, created_at) + VALUES ($categoryId, $fachbereichId, NOW())"; + if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) { + return "Fehler beim Einfügen der Fachbereich-ID $fachbereichId: " . mysqli_error($GLOBALS['mysql_con']); + } + } + return true; +} + +/** + * Kombinierte Funktion, die alle fünf Link-Tabellen aktualisiert. */ function update_category_links() { $categoryId = (int) ($_POST['id'] ?? 0); - // Die Tagify-Daten werden als JSON-String gesendet $mandantIds = json_decode($_POST['mandants'], true) ?: []; $departmentIds = json_decode($_POST['departments'], true) ?: []; $roleIds = json_decode($_POST['roles'], true) ?: []; + $einrichtIds = json_decode($_POST['einrichts'] ?? '[]', true) ?: []; + $fachbereichIds = json_decode($_POST['fachbereiche'] ?? '[]', true) ?: []; $errors = []; @@ -490,8 +554,17 @@ function update_category_links() $errors[] = $result; } + $result = update_category_einrichts($categoryId, $einrichtIds); + if ($result !== true) { + $errors[] = $result; + } + + $result = update_category_fachbereiche($categoryId, $fachbereichIds); + if ($result !== true) { + $errors[] = $result; + } + if (empty($errors)) { - // Hier werden für jede Gruppe die vollständigen Datensätze (value und name) abgefragt $savedMandants = []; foreach ($mandantIds as $id) { $id = (int) $id; @@ -525,11 +598,35 @@ function update_category_links() } } + $savedEinrichts = []; + foreach ($einrichtIds as $id) { + $id = (int) $id; + $sql = "SELECT id, description FROM organigramm_einricht WHERE id = $id LIMIT 1"; + $res = mysqli_query($GLOBALS['mysql_con'], $sql); + if ($res && mysqli_num_rows($res) > 0) { + $row = mysqli_fetch_assoc($res); + $savedEinrichts[] = ['value' => $row['id'], 'name' => $row['description']]; + } + } + + $savedFachbereiche = []; + foreach ($fachbereichIds as $id) { + $id = (int) $id; + $sql = "SELECT id, description FROM organogramm_space WHERE id = $id LIMIT 1"; + $res = mysqli_query($GLOBALS['mysql_con'], $sql); + if ($res && mysqli_num_rows($res) > 0) { + $row = mysqli_fetch_assoc($res); + $savedFachbereiche[] = ['value' => $row['id'], 'name' => $row['description']]; + } + } + echo json_encode([ 'success' => true, 'mandants' => $savedMandants, 'departments' => $savedDepartments, - 'roles' => $savedRoles + 'roles' => $savedRoles, + 'einrichts' => $savedEinrichts, + 'fachbereiche' => $savedFachbereiche, ]); } else { echo json_encode(['error' => implode("; ", $errors)]); @@ -1406,6 +1503,46 @@ function update_post_roles($postId, $roleIds) return true; } +/** + * Löscht alte Einrichtungs-Verknüpfungen für einen Beitrag und fügt neue ein. + */ +function update_post_einrichts($postId, $einrichtIds) +{ + $deleteQuery = "DELETE FROM knowledgecenter_post_einricht WHERE post_id = $postId"; + if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) { + return "Fehler beim Löschen der Post-Einrichtungs-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']); + } + foreach ($einrichtIds as $einrichtId) { + $einrichtId = (int) $einrichtId; + $insertQuery = "INSERT INTO knowledgecenter_post_einricht (post_id, einricht_id, created_at) + VALUES ($postId, $einrichtId, NOW())"; + if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) { + return "Fehler beim Einfügen der Einrichtungs-ID $einrichtId: " . mysqli_error($GLOBALS['mysql_con']); + } + } + return true; +} + +/** + * Löscht alte Fachbereich-Verknüpfungen für einen Beitrag und fügt neue ein. + */ +function update_post_fachbereiche($postId, $fachbereichIds) +{ + $deleteQuery = "DELETE FROM knowledgecenter_post_fachbereich WHERE post_id = $postId"; + if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) { + return "Fehler beim Löschen der Post-Fachbereich-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']); + } + foreach ($fachbereichIds as $fachbereichId) { + $fachbereichId = (int) $fachbereichId; + $insertQuery = "INSERT INTO knowledgecenter_post_fachbereich (post_id, fachbereich_id, created_at) + VALUES ($postId, $fachbereichId, NOW())"; + if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) { + return "Fehler beim Einfügen der Fachbereich-ID $fachbereichId: " . mysqli_error($GLOBALS['mysql_con']); + } + } + return true; +} + /** * Löscht alte Produkt-Verknüpfungen und fügt neue in product_knowledgecenter_post_link ein. */ @@ -1662,15 +1799,17 @@ function search_posts() $limitPlusOne = $limit + 1; // um zusätzlich eine Zeile zu laden, falls mehr Ergebnisse existieren /** - * Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen) + * Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen, Einrichtungen, Fachbereiche) */ $currentUserId = $_POST["main_contact_id"] ?? 0; $userMandants = []; $userDepartments = []; $userRoles = []; + $userEinrichts = []; + $userFachbereiche = []; if ($currentUserId) { - $query = "SELECT main_mandant_id, main_department_id, main_role_id + $query = "SELECT main_mandant_id, main_department_id, main_role_id, main_einricht_id, main_bereich_id FROM main_contact_department WHERE main_contact_id = $currentUserId AND active = 1"; $result = mysqli_query($GLOBALS['mysql_con'], $query); @@ -1685,16 +1824,24 @@ function search_posts() if ($row['main_role_id'] != 0 && !in_array($row['main_role_id'], $userRoles)) { $userRoles[] = $row['main_role_id']; } + if ($row['main_einricht_id'] != 0 && !in_array($row['main_einricht_id'], $userEinrichts)) { + $userEinrichts[] = $row['main_einricht_id']; + } + if ($row['main_bereich_id'] != 0 && !in_array($row['main_bereich_id'], $userFachbereiche)) { + $userFachbereiche[] = $row['main_bereich_id']; + } } } /** - * Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als + * Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als * kommaseparierte Strings vor. */ $allowedMandants = !empty($userMandants) ? implode(',', $userMandants) : 'NULL'; $allowedDepartments = !empty($userDepartments) ? implode(',', $userDepartments) : 'NULL'; $allowedRoles = !empty($userRoles) ? implode(',', $userRoles) : 'NULL'; + $allowedEinrichts = !empty($userEinrichts) ? implode(',', $userEinrichts) : 'NULL'; + $allowedFachbereiche = !empty($userFachbereiche) ? implode(',', $userFachbereiche) : 'NULL'; @@ -1751,17 +1898,23 @@ function search_posts() AND (valid_from IS NULL OR valid_from <= NOW()) AND (valid_until IS NULL OR valid_until >= NOW()) ) - LEFT JOIN knowledgecenter_post_department AS pd + LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id - LEFT JOIN knowledgecenter_post_mandant AS pm + LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id - LEFT JOIN knowledgecenter_post_role AS pr + LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id + LEFT JOIN knowledgecenter_post_einricht AS pe + ON kp.id = pe.post_id + LEFT JOIN knowledgecenter_post_fachbereich AS pfb + ON kp.id = pfb.post_id WHERE 1=1 $searchCondition AND ( pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments) ) AND ( pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants) ) AND ( pr.role_id IS NULL OR pr.role_id IN ($allowedRoles) ) + AND ( pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts) ) + AND ( pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche) ) ORDER BY kp.modified_at DESC LIMIT $offset, $limitPlusOne "; diff --git a/module/knowledgecenter_update/Middleware/Middleware.php b/module/knowledgecenter_update/Middleware/Middleware.php index e85b1c4..4539635 100644 --- a/module/knowledgecenter_update/Middleware/Middleware.php +++ b/module/knowledgecenter_update/Middleware/Middleware.php @@ -1,15 +1,17 @@ = NOW()) ) - LEFT JOIN + LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id - LEFT JOIN + LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id - LEFT JOIN + LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id - WHERE + LEFT JOIN + knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id + LEFT JOIN + knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id + WHERE kcp.category_id = $categoryId AND pv.post_id IS NOT NULL AND ( pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments) ) AND ( pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants) ) AND ( pr.role_id IS NULL OR pr.role_id IN ($allowedRoles) ) + AND ( pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts) ) + AND ( pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche) ) GROUP BY kp.id ORDER BY @@ -263,19 +275,24 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis knowledgecenter_categories_update AS c LEFT JOIN knowledgecenter_category_translations AS t ON c.id = t.category_id AND t.language_id = $languageId - LEFT JOIN + LEFT JOIN knowledgecenter_category_department AS cd ON c.id = cd.category_id - LEFT JOIN + LEFT JOIN knowledgecenter_category_mandant AS cm ON c.id = cm.category_id - LEFT JOIN + LEFT JOIN knowledgecenter_category_role AS cr ON c.id = cr.category_id - WHERE - - c.id NOT IN (SELECT child_category_id FROM knowledgecenter_category_links) - AND c.state = 1 + LEFT JOIN + knowledgecenter_category_einricht AS ce ON c.id = ce.category_id + LEFT JOIN + knowledgecenter_category_fachbereich AS cf ON c.id = cf.category_id + WHERE + c.id NOT IN (SELECT child_category_id FROM knowledgecenter_category_links) + AND c.state = 1 AND ( cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments) ) AND ( cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants) ) AND ( cr.role_id IS NULL OR cr.role_id IN ($allowedRoles) ) + AND ( ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts) ) + AND ( cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche) ) GROUP BY c.id ORDER BY diff --git a/module/knowledgecenter_update/Views/category_posts_widget.php b/module/knowledgecenter_update/Views/category_posts_widget.php index 6493504..f282922 100644 --- a/module/knowledgecenter_update/Views/category_posts_widget.php +++ b/module/knowledgecenter_update/Views/category_posts_widget.php @@ -74,16 +74,20 @@ $sql = " AND kct_fb.language_id = ? -- Sichtbarkeiten (nur Einschränkungen existieren -> filtern, sonst sichtbar) - LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id - LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id - LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id + LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id + LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id + LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id + LEFT JOIN knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id + LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id - WHERE + WHERE pv.post_id IS NOT NULL AND pv.modified_at >= DATE_SUB(NOW(), INTERVAL 3 WEEK) - AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments)) - AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants)) - AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles)) + AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments)) + AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants)) + AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles)) + AND (pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts)) + AND (pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche)) GROUP BY kp.id ORDER BY pv.modified_at DESC diff --git a/module/knowledgecenter_update/Views/post_announcement_listform.php b/module/knowledgecenter_update/Views/post_announcement_listform.php index 48d6c49..b625457 100644 --- a/module/knowledgecenter_update/Views/post_announcement_listform.php +++ b/module/knowledgecenter_update/Views/post_announcement_listform.php @@ -51,14 +51,18 @@ $sql = " AND (v2.valid_from IS NULL OR v2.valid_from <= NOW()) AND (v2.valid_until IS NULL OR v2.valid_until >= NOW()) ) - LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id - LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id - LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id + LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id + LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id + LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id + LEFT JOIN knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id + LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id WHERE kcp.category_id = ? AND pv.post_id IS NOT NULL - AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments)) - AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants)) - AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles)) + AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments)) + AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants)) + AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles)) + AND (pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts)) + AND (pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche)) GROUP BY kp.id ORDER BY kp.created_at DESC "; @@ -99,18 +103,24 @@ JOIN knowledgecenter_categories_update AS c ON kcl.child_category_id = c.id LEFT JOIN knowledgecenter_category_translations AS t ON c.id = t.category_id AND t.language_id = $languageId -LEFT JOIN - knowledgecenter_category_department AS cd ON c.id = cd.category_id -LEFT JOIN - knowledgecenter_category_mandant AS cm ON c.id = cm.category_id -LEFT JOIN - knowledgecenter_category_role AS cr ON c.id = cr.category_id -WHERE +LEFT JOIN + knowledgecenter_category_department AS cd ON c.id = cd.category_id +LEFT JOIN + knowledgecenter_category_mandant AS cm ON c.id = cm.category_id +LEFT JOIN + knowledgecenter_category_role AS cr ON c.id = cr.category_id +LEFT JOIN + knowledgecenter_category_einricht AS ce ON c.id = ce.category_id +LEFT JOIN + knowledgecenter_category_fachbereich AS cf ON c.id = cf.category_id +WHERE kcl.parent_category_id = $categoryId AND c.state = 1 - AND (cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments)) - AND (cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants)) - AND (cr.role_id IS NULL OR cr.role_id IN ($allowedRoles)) + AND (cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments)) + AND (cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants)) + AND (cr.role_id IS NULL OR cr.role_id IN ($allowedRoles)) + AND (ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts)) + AND (cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche)) GROUP BY c.id ORDER BY diff --git a/module/knowledgecenter_update/Views/post_cardform.php b/module/knowledgecenter_update/Views/post_cardform.php index 9296ba3..4676c52 100644 --- a/module/knowledgecenter_update/Views/post_cardform.php +++ b/module/knowledgecenter_update/Views/post_cardform.php @@ -10,9 +10,11 @@ $currentUserId = $GLOBALS["main_contact"]["id"] ?? 0; $userMandants = []; $userDepartments = []; $userRoles = []; +$userEinrichts = []; +$userFachbereiche = []; if ($currentUserId) { - $query = "SELECT main_mandant_id, main_department_id, main_role_id + $query = "SELECT main_mandant_id, main_department_id, main_role_id, main_einricht_id, main_bereich_id FROM main_contact_department WHERE main_contact_id = $currentUserId AND active = 1"; $result = mysqli_query($GLOBALS['mysql_con'], $query); @@ -26,6 +28,12 @@ if ($currentUserId) { if (!in_array($row['main_role_id'], $userRoles)) { $userRoles[] = $row['main_role_id']; } + if ($row['main_einricht_id'] != 0 && !in_array($row['main_einricht_id'], $userEinrichts)) { + $userEinrichts[] = $row['main_einricht_id']; + } + if ($row['main_bereich_id'] != 0 && !in_array($row['main_bereich_id'], $userFachbereiche)) { + $userFachbereiche[] = $row['main_bereich_id']; + } } } @@ -53,34 +61,31 @@ function userHasAccessForPost($postId) return true; } } - global $allowedMandants, $allowedDepartments, $allowedRoles; + global $allowedMandants, $allowedDepartments, $allowedRoles, $allowedEinrichts, $allowedFachbereiche; - - // Baue den Query, der per LEFT JOIN die Verknüpfungen berücksichtigt. - // Für jeden Bereich wird ermittelt: - // - cntX: Gesamtzahl der Verknüpfungen in diesem Bereich für diesen Post. - // - matchX: Anzahl der Verknüpfungen, die in der erlaubten Liste liegen. - // Wenn cnt > 0 und match = 0, dann hat der User in diesem Bereich keinen Zugriff. - // Existieren keine Verknüpfungen (cnt = 0), gilt der Bereich als unbeschränkt. $sql = " - SELECT + SELECT COUNT(DISTINCT pd.department_id) AS cntDept, SUM(IF(pd.department_id IN (" . ($allowedDepartments ? $allowedDepartments : 'NULL') . "), 1, 0)) AS matchDept, COUNT(DISTINCT pm.mandant_id) AS cntMand, SUM(IF(pm.mandant_id IN (" . ($allowedMandants ? $allowedMandants : 'NULL') . "), 1, 0)) AS matchMand, COUNT(DISTINCT pr.role_id) AS cntRole, - SUM(IF(pr.role_id IN (" . ($allowedRoles ? $allowedRoles : 'NULL') . "), 1, 0)) AS matchRole + SUM(IF(pr.role_id IN (" . ($allowedRoles ? $allowedRoles : 'NULL') . "), 1, 0)) AS matchRole, + COUNT(DISTINCT pe.einricht_id) AS cntEinricht, + SUM(IF(pe.einricht_id IN (" . ($allowedEinrichts ? $allowedEinrichts : 'NULL') . "), 1, 0)) AS matchEinricht, + COUNT(DISTINCT pfb.fachbereich_id) AS cntFachbereich, + SUM(IF(pfb.fachbereich_id IN (" . ($allowedFachbereiche ? $allowedFachbereiche : 'NULL') . "), 1, 0)) AS matchFachbereich FROM knowledgecenter_posts AS p LEFT JOIN knowledgecenter_post_department AS pd ON p.id = pd.post_id LEFT JOIN knowledgecenter_post_mandant AS pm ON p.id = pm.post_id LEFT JOIN knowledgecenter_post_role AS pr ON p.id = pr.post_id + LEFT JOIN knowledgecenter_post_einricht AS pe ON p.id = pe.post_id + LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON p.id = pfb.post_id WHERE p.id = $postId GROUP BY p.id "; $res = mysqli_query($GLOBALS['mysql_con'], $sql); if (!$res || mysqli_num_rows($res) === 0) { - // Falls keine Verknüpfungen in allen Bereichen vorhanden sind, wird oft kein Datensatz zurückgegeben - // – das bedeutet, dass es keine Einschränkungen gibt, also Zugriff. return true; } $row = mysqli_fetch_assoc($res); @@ -95,6 +100,12 @@ function userHasAccessForPost($postId) if ($row['cntRole'] > 0 && $row['matchRole'] == 0) { $access = false; } + if ($row['cntEinricht'] > 0 && $row['matchEinricht'] == 0) { + $access = false; + } + if ($row['cntFachbereich'] > 0 && $row['matchFachbereich'] == 0) { + $access = false; + } return $access; } diff --git a/module/knowledgecenter_update/Views/post_cardform_settings.php b/module/knowledgecenter_update/Views/post_cardform_settings.php index de42b60..5a0ef83 100644 --- a/module/knowledgecenter_update/Views/post_cardform_settings.php +++ b/module/knowledgecenter_update/Views/post_cardform_settings.php @@ -115,7 +115,7 @@ while ($row = mysqli_fetch_assoc($result)) { } $selectedPostRoles = []; if ($postId != 0) { - $querySelected = "SELECT r.id, r.description + $querySelected = "SELECT r.id, r.description FROM knowledgecenter_post_role AS pr JOIN main_role AS r ON pr.role_id = r.id WHERE pr.post_id = $postId"; @@ -125,6 +125,44 @@ if ($postId != 0) { } } +// -------------------- Einrichtungen für Post -------------------- +$postEinrichtsData = []; +$query = "SELECT id, description FROM organigramm_einricht ORDER BY description ASC"; +$result = mysqli_query($GLOBALS['mysql_con'], $query); +while ($row = mysqli_fetch_assoc($result)) { + $postEinrichtsData[] = ['value' => $row['id'], 'name' => $row['description']]; +} +$selectedPostEinrichts = []; +if ($postId != 0) { + $querySelected = "SELECT e.id, e.description + FROM knowledgecenter_post_einricht AS pe + JOIN organigramm_einricht AS e ON pe.einricht_id = e.id + WHERE pe.post_id = $postId"; + $resultSelected = mysqli_query($GLOBALS['mysql_con'], $querySelected); + while ($row = mysqli_fetch_assoc($resultSelected)) { + $selectedPostEinrichts[] = ['value' => $row['id'], 'name' => $row['description']]; + } +} + +// -------------------- Fachbereiche für Post -------------------- +$postFachbereicheData = []; +$query = "SELECT id, description FROM organogramm_space ORDER BY description ASC"; +$result = mysqli_query($GLOBALS['mysql_con'], $query); +while ($row = mysqli_fetch_assoc($result)) { + $postFachbereicheData[] = ['value' => $row['id'], 'name' => $row['description']]; +} +$selectedPostFachbereiche = []; +if ($postId != 0) { + $querySelected = "SELECT s.id, s.description + FROM knowledgecenter_post_fachbereich AS pfb + JOIN organogramm_space AS s ON pfb.fachbereich_id = s.id + WHERE pfb.post_id = $postId"; + $resultSelected = mysqli_query($GLOBALS['mysql_con'], $querySelected); + while ($row = mysqli_fetch_assoc($resultSelected)) { + $selectedPostFachbereiche[] = ['value' => $row['id'], 'name' => $row['description']]; + } +} + // -------------------- Produkte für Post -------------------- $productsData = []; $query = "SELECT p.id, pt.title @@ -221,6 +259,16 @@ if (!empty($post['text_color'])) { …" /> +