From eb3aa756155d23990650e002e1815bf95124eb33 Mon Sep 17 00:00:00 2001 From: Moritz Weinmann Date: Mon, 22 Jun 2026 11:03:53 +0200 Subject: [PATCH] Add Einrichtung and Fachbereich as permission/filter types (knowledgecenter + tasks) - Create knowledgecenter_category_einricht, _fachbereich, knowledgecenter_post_einricht, knowledgecenter_post_fachbereich tables; extend task_target_rule with main_einricht_id and main_bereich_id columns - Middleware: load main_einricht_id/main_bereich_id from main_contact_department, expose $allowedEinrichts/$allowedFachbereiche globals (same pattern as existing 3 types) - Ajax: add update_category/post_einrichts/fachbereiche functions, extend update_category_links() and search filter query - Views: add einricht/fachbereich LEFT JOINs and WHERE filters in all 5 query sites (categories_posts_listform, category_posts_widget, post_announcement_listform, post_cardform userHasAccessForPost, Ajax search) - post_cardform_settings: add Einrichtungen/Fachbereiche tagify pickers with save/load - Tasks: add listEinrichts/listFachbereiche to repo+service, add UI selects in task_form, extend target-rule normalization and upsert builder, extend AssignmentResolverService scope loading and matchesAnyRule to include einricht/fachbereich matching Co-Authored-By: Claude Sonnet 4.6 --- module/knowledgecenter_update/Ajax/Ajax.php | 173 +++++++++++++++++- .../Middleware/Middleware.php | 18 +- .../Views/categories_posts_listform.php | 51 ++++-- .../Views/category_posts_widget.php | 18 +- .../Views/post_announcement_listform.php | 42 +++-- .../Views/post_cardform.php | 37 ++-- .../Views/post_cardform_settings.php | 113 +++++++++++- .../tasks/actions/admin/task_form_action.php | 14 ++ module/tasks/endpoints/admin/task_upsert.php | 35 ++-- module/tasks/pages/admin/task_form.php | 32 ++++ module/tasks/repo/TaskLookupRepository.php | 14 ++ .../service/AssignmentResolverService.php | 10 +- module/tasks/service/TaskLookupService.php | 2 + 13 files changed, 477 insertions(+), 82 deletions(-) diff --git a/module/knowledgecenter_update/Ajax/Ajax.php b/module/knowledgecenter_update/Ajax/Ajax.php index 5d08c5a..facdba2 100644 --- a/module/knowledgecenter_update/Ajax/Ajax.php +++ b/module/knowledgecenter_update/Ajax/Ajax.php @@ -133,6 +133,29 @@ if (isset($_POST["action"])) { $result = update_post_roles($postId, $roleIds); echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]); exit; + + case 'update_post_einrichts': + $postId = (int) ($_POST['post_id'] ?? 0); + $einrichtIds = json_decode($_POST['einrichts'], true) ?: []; + if ($postId <= 0) { + echo json_encode(['error' => 'Ungültige Post-ID']); + exit; + } + $result = update_post_einrichts($postId, $einrichtIds); + echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]); + exit; + + case 'update_post_fachbereiche': + $postId = (int) ($_POST['post_id'] ?? 0); + $fachbereichIds = json_decode($_POST['fachbereiche'], true) ?: []; + if ($postId <= 0) { + echo json_encode(['error' => 'Ungültige Post-ID']); + exit; + } + $result = update_post_fachbereiche($postId, $fachbereichIds); + echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]); + exit; + case 'update_post_products': $postId = (int) ($_POST['post_id'] ?? 0); $productIds = json_decode($_POST['products'] ?? '[]', true) ?: []; @@ -463,15 +486,56 @@ function update_category_roles($categoryId, $roleIds) } /** - * Kombinierte Funktion, die alle drei Link-Tabellen aktualisiert. + * Löscht alte Einrichtungs-Verknüpfungen und fügt neue ein. + */ +function update_category_einrichts($categoryId, $einrichtIds) +{ + $deleteQuery = "DELETE FROM knowledgecenter_category_einricht WHERE category_id = $categoryId"; + if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) { + return "Fehler beim Löschen der Einrichtungs-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']); + } + foreach ($einrichtIds as $einrichtId) { + $einrichtId = (int) $einrichtId; + $insertQuery = "INSERT INTO knowledgecenter_category_einricht (category_id, einricht_id, created_at) + VALUES ($categoryId, $einrichtId, NOW())"; + if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) { + return "Fehler beim Einfügen der Einrichtungs-ID $einrichtId: " . mysqli_error($GLOBALS['mysql_con']); + } + } + return true; +} + +/** + * Löscht alte Fachbereich-Verknüpfungen und fügt neue ein. + */ +function update_category_fachbereiche($categoryId, $fachbereichIds) +{ + $deleteQuery = "DELETE FROM knowledgecenter_category_fachbereich WHERE category_id = $categoryId"; + if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) { + return "Fehler beim Löschen der Fachbereich-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']); + } + foreach ($fachbereichIds as $fachbereichId) { + $fachbereichId = (int) $fachbereichId; + $insertQuery = "INSERT INTO knowledgecenter_category_fachbereich (category_id, fachbereich_id, created_at) + VALUES ($categoryId, $fachbereichId, NOW())"; + if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) { + return "Fehler beim Einfügen der Fachbereich-ID $fachbereichId: " . mysqli_error($GLOBALS['mysql_con']); + } + } + return true; +} + +/** + * Kombinierte Funktion, die alle fünf Link-Tabellen aktualisiert. */ function update_category_links() { $categoryId = (int) ($_POST['id'] ?? 0); - // Die Tagify-Daten werden als JSON-String gesendet $mandantIds = json_decode($_POST['mandants'], true) ?: []; $departmentIds = json_decode($_POST['departments'], true) ?: []; $roleIds = json_decode($_POST['roles'], true) ?: []; + $einrichtIds = json_decode($_POST['einrichts'] ?? '[]', true) ?: []; + $fachbereichIds = json_decode($_POST['fachbereiche'] ?? '[]', true) ?: []; $errors = []; @@ -490,8 +554,17 @@ function update_category_links() $errors[] = $result; } + $result = update_category_einrichts($categoryId, $einrichtIds); + if ($result !== true) { + $errors[] = $result; + } + + $result = update_category_fachbereiche($categoryId, $fachbereichIds); + if ($result !== true) { + $errors[] = $result; + } + if (empty($errors)) { - // Hier werden für jede Gruppe die vollständigen Datensätze (value und name) abgefragt $savedMandants = []; foreach ($mandantIds as $id) { $id = (int) $id; @@ -525,11 +598,35 @@ function update_category_links() } } + $savedEinrichts = []; + foreach ($einrichtIds as $id) { + $id = (int) $id; + $sql = "SELECT id, description FROM organigramm_einricht WHERE id = $id LIMIT 1"; + $res = mysqli_query($GLOBALS['mysql_con'], $sql); + if ($res && mysqli_num_rows($res) > 0) { + $row = mysqli_fetch_assoc($res); + $savedEinrichts[] = ['value' => $row['id'], 'name' => $row['description']]; + } + } + + $savedFachbereiche = []; + foreach ($fachbereichIds as $id) { + $id = (int) $id; + $sql = "SELECT id, description FROM organogramm_space WHERE id = $id LIMIT 1"; + $res = mysqli_query($GLOBALS['mysql_con'], $sql); + if ($res && mysqli_num_rows($res) > 0) { + $row = mysqli_fetch_assoc($res); + $savedFachbereiche[] = ['value' => $row['id'], 'name' => $row['description']]; + } + } + echo json_encode([ 'success' => true, 'mandants' => $savedMandants, 'departments' => $savedDepartments, - 'roles' => $savedRoles + 'roles' => $savedRoles, + 'einrichts' => $savedEinrichts, + 'fachbereiche' => $savedFachbereiche, ]); } else { echo json_encode(['error' => implode("; ", $errors)]); @@ -1406,6 +1503,46 @@ function update_post_roles($postId, $roleIds) return true; } +/** + * Löscht alte Einrichtungs-Verknüpfungen für einen Beitrag und fügt neue ein. + */ +function update_post_einrichts($postId, $einrichtIds) +{ + $deleteQuery = "DELETE FROM knowledgecenter_post_einricht WHERE post_id = $postId"; + if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) { + return "Fehler beim Löschen der Post-Einrichtungs-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']); + } + foreach ($einrichtIds as $einrichtId) { + $einrichtId = (int) $einrichtId; + $insertQuery = "INSERT INTO knowledgecenter_post_einricht (post_id, einricht_id, created_at) + VALUES ($postId, $einrichtId, NOW())"; + if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) { + return "Fehler beim Einfügen der Einrichtungs-ID $einrichtId: " . mysqli_error($GLOBALS['mysql_con']); + } + } + return true; +} + +/** + * Löscht alte Fachbereich-Verknüpfungen für einen Beitrag und fügt neue ein. + */ +function update_post_fachbereiche($postId, $fachbereichIds) +{ + $deleteQuery = "DELETE FROM knowledgecenter_post_fachbereich WHERE post_id = $postId"; + if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) { + return "Fehler beim Löschen der Post-Fachbereich-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']); + } + foreach ($fachbereichIds as $fachbereichId) { + $fachbereichId = (int) $fachbereichId; + $insertQuery = "INSERT INTO knowledgecenter_post_fachbereich (post_id, fachbereich_id, created_at) + VALUES ($postId, $fachbereichId, NOW())"; + if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) { + return "Fehler beim Einfügen der Fachbereich-ID $fachbereichId: " . mysqli_error($GLOBALS['mysql_con']); + } + } + return true; +} + /** * Löscht alte Produkt-Verknüpfungen und fügt neue in product_knowledgecenter_post_link ein. */ @@ -1662,15 +1799,17 @@ function search_posts() $limitPlusOne = $limit + 1; // um zusätzlich eine Zeile zu laden, falls mehr Ergebnisse existieren /** - * Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen) + * Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen, Einrichtungen, Fachbereiche) */ $currentUserId = $_POST["main_contact_id"] ?? 0; $userMandants = []; $userDepartments = []; $userRoles = []; + $userEinrichts = []; + $userFachbereiche = []; if ($currentUserId) { - $query = "SELECT main_mandant_id, main_department_id, main_role_id + $query = "SELECT main_mandant_id, main_department_id, main_role_id, main_einricht_id, main_bereich_id FROM main_contact_department WHERE main_contact_id = $currentUserId AND active = 1"; $result = mysqli_query($GLOBALS['mysql_con'], $query); @@ -1685,16 +1824,24 @@ function search_posts() if ($row['main_role_id'] != 0 && !in_array($row['main_role_id'], $userRoles)) { $userRoles[] = $row['main_role_id']; } + if ($row['main_einricht_id'] != 0 && !in_array($row['main_einricht_id'], $userEinrichts)) { + $userEinrichts[] = $row['main_einricht_id']; + } + if ($row['main_bereich_id'] != 0 && !in_array($row['main_bereich_id'], $userFachbereiche)) { + $userFachbereiche[] = $row['main_bereich_id']; + } } } /** - * Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als + * Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als * kommaseparierte Strings vor. */ $allowedMandants = !empty($userMandants) ? implode(',', $userMandants) : 'NULL'; $allowedDepartments = !empty($userDepartments) ? implode(',', $userDepartments) : 'NULL'; $allowedRoles = !empty($userRoles) ? implode(',', $userRoles) : 'NULL'; + $allowedEinrichts = !empty($userEinrichts) ? implode(',', $userEinrichts) : 'NULL'; + $allowedFachbereiche = !empty($userFachbereiche) ? implode(',', $userFachbereiche) : 'NULL'; @@ -1751,17 +1898,23 @@ function search_posts() AND (valid_from IS NULL OR valid_from <= NOW()) AND (valid_until IS NULL OR valid_until >= NOW()) ) - LEFT JOIN knowledgecenter_post_department AS pd + LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id - LEFT JOIN knowledgecenter_post_mandant AS pm + LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id - LEFT JOIN knowledgecenter_post_role AS pr + LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id + LEFT JOIN knowledgecenter_post_einricht AS pe + ON kp.id = pe.post_id + LEFT JOIN knowledgecenter_post_fachbereich AS pfb + ON kp.id = pfb.post_id WHERE 1=1 $searchCondition AND ( pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments) ) AND ( pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants) ) AND ( pr.role_id IS NULL OR pr.role_id IN ($allowedRoles) ) + AND ( pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts) ) + AND ( pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche) ) ORDER BY kp.modified_at DESC LIMIT $offset, $limitPlusOne "; diff --git a/module/knowledgecenter_update/Middleware/Middleware.php b/module/knowledgecenter_update/Middleware/Middleware.php index e85b1c4..4539635 100644 --- a/module/knowledgecenter_update/Middleware/Middleware.php +++ b/module/knowledgecenter_update/Middleware/Middleware.php @@ -1,15 +1,17 @@ = NOW()) ) - LEFT JOIN + LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id - LEFT JOIN + LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id - LEFT JOIN + LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id - WHERE + LEFT JOIN + knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id + LEFT JOIN + knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id + WHERE kcp.category_id = $categoryId AND pv.post_id IS NOT NULL AND ( pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments) ) AND ( pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants) ) AND ( pr.role_id IS NULL OR pr.role_id IN ($allowedRoles) ) + AND ( pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts) ) + AND ( pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche) ) GROUP BY kp.id ORDER BY @@ -263,19 +275,24 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis knowledgecenter_categories_update AS c LEFT JOIN knowledgecenter_category_translations AS t ON c.id = t.category_id AND t.language_id = $languageId - LEFT JOIN + LEFT JOIN knowledgecenter_category_department AS cd ON c.id = cd.category_id - LEFT JOIN + LEFT JOIN knowledgecenter_category_mandant AS cm ON c.id = cm.category_id - LEFT JOIN + LEFT JOIN knowledgecenter_category_role AS cr ON c.id = cr.category_id - WHERE - - c.id NOT IN (SELECT child_category_id FROM knowledgecenter_category_links) - AND c.state = 1 + LEFT JOIN + knowledgecenter_category_einricht AS ce ON c.id = ce.category_id + LEFT JOIN + knowledgecenter_category_fachbereich AS cf ON c.id = cf.category_id + WHERE + c.id NOT IN (SELECT child_category_id FROM knowledgecenter_category_links) + AND c.state = 1 AND ( cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments) ) AND ( cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants) ) AND ( cr.role_id IS NULL OR cr.role_id IN ($allowedRoles) ) + AND ( ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts) ) + AND ( cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche) ) GROUP BY c.id ORDER BY diff --git a/module/knowledgecenter_update/Views/category_posts_widget.php b/module/knowledgecenter_update/Views/category_posts_widget.php index 6493504..f282922 100644 --- a/module/knowledgecenter_update/Views/category_posts_widget.php +++ b/module/knowledgecenter_update/Views/category_posts_widget.php @@ -74,16 +74,20 @@ $sql = " AND kct_fb.language_id = ? -- Sichtbarkeiten (nur Einschränkungen existieren -> filtern, sonst sichtbar) - LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id - LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id - LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id + LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id + LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id + LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id + LEFT JOIN knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id + LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id - WHERE + WHERE pv.post_id IS NOT NULL AND pv.modified_at >= DATE_SUB(NOW(), INTERVAL 3 WEEK) - AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments)) - AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants)) - AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles)) + AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments)) + AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants)) + AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles)) + AND (pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts)) + AND (pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche)) GROUP BY kp.id ORDER BY pv.modified_at DESC diff --git a/module/knowledgecenter_update/Views/post_announcement_listform.php b/module/knowledgecenter_update/Views/post_announcement_listform.php index 48d6c49..b625457 100644 --- a/module/knowledgecenter_update/Views/post_announcement_listform.php +++ b/module/knowledgecenter_update/Views/post_announcement_listform.php @@ -51,14 +51,18 @@ $sql = " AND (v2.valid_from IS NULL OR v2.valid_from <= NOW()) AND (v2.valid_until IS NULL OR v2.valid_until >= NOW()) ) - LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id - LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id - LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id + LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id + LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id + LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id + LEFT JOIN knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id + LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id WHERE kcp.category_id = ? AND pv.post_id IS NOT NULL - AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments)) - AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants)) - AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles)) + AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments)) + AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants)) + AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles)) + AND (pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts)) + AND (pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche)) GROUP BY kp.id ORDER BY kp.created_at DESC "; @@ -99,18 +103,24 @@ JOIN knowledgecenter_categories_update AS c ON kcl.child_category_id = c.id LEFT JOIN knowledgecenter_category_translations AS t ON c.id = t.category_id AND t.language_id = $languageId -LEFT JOIN - knowledgecenter_category_department AS cd ON c.id = cd.category_id -LEFT JOIN - knowledgecenter_category_mandant AS cm ON c.id = cm.category_id -LEFT JOIN - knowledgecenter_category_role AS cr ON c.id = cr.category_id -WHERE +LEFT JOIN + knowledgecenter_category_department AS cd ON c.id = cd.category_id +LEFT JOIN + knowledgecenter_category_mandant AS cm ON c.id = cm.category_id +LEFT JOIN + knowledgecenter_category_role AS cr ON c.id = cr.category_id +LEFT JOIN + knowledgecenter_category_einricht AS ce ON c.id = ce.category_id +LEFT JOIN + knowledgecenter_category_fachbereich AS cf ON c.id = cf.category_id +WHERE kcl.parent_category_id = $categoryId AND c.state = 1 - AND (cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments)) - AND (cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants)) - AND (cr.role_id IS NULL OR cr.role_id IN ($allowedRoles)) + AND (cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments)) + AND (cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants)) + AND (cr.role_id IS NULL OR cr.role_id IN ($allowedRoles)) + AND (ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts)) + AND (cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche)) GROUP BY c.id ORDER BY diff --git a/module/knowledgecenter_update/Views/post_cardform.php b/module/knowledgecenter_update/Views/post_cardform.php index 9296ba3..4676c52 100644 --- a/module/knowledgecenter_update/Views/post_cardform.php +++ b/module/knowledgecenter_update/Views/post_cardform.php @@ -10,9 +10,11 @@ $currentUserId = $GLOBALS["main_contact"]["id"] ?? 0; $userMandants = []; $userDepartments = []; $userRoles = []; +$userEinrichts = []; +$userFachbereiche = []; if ($currentUserId) { - $query = "SELECT main_mandant_id, main_department_id, main_role_id + $query = "SELECT main_mandant_id, main_department_id, main_role_id, main_einricht_id, main_bereich_id FROM main_contact_department WHERE main_contact_id = $currentUserId AND active = 1"; $result = mysqli_query($GLOBALS['mysql_con'], $query); @@ -26,6 +28,12 @@ if ($currentUserId) { if (!in_array($row['main_role_id'], $userRoles)) { $userRoles[] = $row['main_role_id']; } + if ($row['main_einricht_id'] != 0 && !in_array($row['main_einricht_id'], $userEinrichts)) { + $userEinrichts[] = $row['main_einricht_id']; + } + if ($row['main_bereich_id'] != 0 && !in_array($row['main_bereich_id'], $userFachbereiche)) { + $userFachbereiche[] = $row['main_bereich_id']; + } } } @@ -53,34 +61,31 @@ function userHasAccessForPost($postId) return true; } } - global $allowedMandants, $allowedDepartments, $allowedRoles; + global $allowedMandants, $allowedDepartments, $allowedRoles, $allowedEinrichts, $allowedFachbereiche; - - // Baue den Query, der per LEFT JOIN die Verknüpfungen berücksichtigt. - // Für jeden Bereich wird ermittelt: - // - cntX: Gesamtzahl der Verknüpfungen in diesem Bereich für diesen Post. - // - matchX: Anzahl der Verknüpfungen, die in der erlaubten Liste liegen. - // Wenn cnt > 0 und match = 0, dann hat der User in diesem Bereich keinen Zugriff. - // Existieren keine Verknüpfungen (cnt = 0), gilt der Bereich als unbeschränkt. $sql = " - SELECT + SELECT COUNT(DISTINCT pd.department_id) AS cntDept, SUM(IF(pd.department_id IN (" . ($allowedDepartments ? $allowedDepartments : 'NULL') . "), 1, 0)) AS matchDept, COUNT(DISTINCT pm.mandant_id) AS cntMand, SUM(IF(pm.mandant_id IN (" . ($allowedMandants ? $allowedMandants : 'NULL') . "), 1, 0)) AS matchMand, COUNT(DISTINCT pr.role_id) AS cntRole, - SUM(IF(pr.role_id IN (" . ($allowedRoles ? $allowedRoles : 'NULL') . "), 1, 0)) AS matchRole + SUM(IF(pr.role_id IN (" . ($allowedRoles ? $allowedRoles : 'NULL') . "), 1, 0)) AS matchRole, + COUNT(DISTINCT pe.einricht_id) AS cntEinricht, + SUM(IF(pe.einricht_id IN (" . ($allowedEinrichts ? $allowedEinrichts : 'NULL') . "), 1, 0)) AS matchEinricht, + COUNT(DISTINCT pfb.fachbereich_id) AS cntFachbereich, + SUM(IF(pfb.fachbereich_id IN (" . ($allowedFachbereiche ? $allowedFachbereiche : 'NULL') . "), 1, 0)) AS matchFachbereich FROM knowledgecenter_posts AS p LEFT JOIN knowledgecenter_post_department AS pd ON p.id = pd.post_id LEFT JOIN knowledgecenter_post_mandant AS pm ON p.id = pm.post_id LEFT JOIN knowledgecenter_post_role AS pr ON p.id = pr.post_id + LEFT JOIN knowledgecenter_post_einricht AS pe ON p.id = pe.post_id + LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON p.id = pfb.post_id WHERE p.id = $postId GROUP BY p.id "; $res = mysqli_query($GLOBALS['mysql_con'], $sql); if (!$res || mysqli_num_rows($res) === 0) { - // Falls keine Verknüpfungen in allen Bereichen vorhanden sind, wird oft kein Datensatz zurückgegeben - // – das bedeutet, dass es keine Einschränkungen gibt, also Zugriff. return true; } $row = mysqli_fetch_assoc($res); @@ -95,6 +100,12 @@ function userHasAccessForPost($postId) if ($row['cntRole'] > 0 && $row['matchRole'] == 0) { $access = false; } + if ($row['cntEinricht'] > 0 && $row['matchEinricht'] == 0) { + $access = false; + } + if ($row['cntFachbereich'] > 0 && $row['matchFachbereich'] == 0) { + $access = false; + } return $access; } diff --git a/module/knowledgecenter_update/Views/post_cardform_settings.php b/module/knowledgecenter_update/Views/post_cardform_settings.php index de42b60..5a0ef83 100644 --- a/module/knowledgecenter_update/Views/post_cardform_settings.php +++ b/module/knowledgecenter_update/Views/post_cardform_settings.php @@ -115,7 +115,7 @@ while ($row = mysqli_fetch_assoc($result)) { } $selectedPostRoles = []; if ($postId != 0) { - $querySelected = "SELECT r.id, r.description + $querySelected = "SELECT r.id, r.description FROM knowledgecenter_post_role AS pr JOIN main_role AS r ON pr.role_id = r.id WHERE pr.post_id = $postId"; @@ -125,6 +125,44 @@ if ($postId != 0) { } } +// -------------------- Einrichtungen für Post -------------------- +$postEinrichtsData = []; +$query = "SELECT id, description FROM organigramm_einricht ORDER BY description ASC"; +$result = mysqli_query($GLOBALS['mysql_con'], $query); +while ($row = mysqli_fetch_assoc($result)) { + $postEinrichtsData[] = ['value' => $row['id'], 'name' => $row['description']]; +} +$selectedPostEinrichts = []; +if ($postId != 0) { + $querySelected = "SELECT e.id, e.description + FROM knowledgecenter_post_einricht AS pe + JOIN organigramm_einricht AS e ON pe.einricht_id = e.id + WHERE pe.post_id = $postId"; + $resultSelected = mysqli_query($GLOBALS['mysql_con'], $querySelected); + while ($row = mysqli_fetch_assoc($resultSelected)) { + $selectedPostEinrichts[] = ['value' => $row['id'], 'name' => $row['description']]; + } +} + +// -------------------- Fachbereiche für Post -------------------- +$postFachbereicheData = []; +$query = "SELECT id, description FROM organogramm_space ORDER BY description ASC"; +$result = mysqli_query($GLOBALS['mysql_con'], $query); +while ($row = mysqli_fetch_assoc($result)) { + $postFachbereicheData[] = ['value' => $row['id'], 'name' => $row['description']]; +} +$selectedPostFachbereiche = []; +if ($postId != 0) { + $querySelected = "SELECT s.id, s.description + FROM knowledgecenter_post_fachbereich AS pfb + JOIN organogramm_space AS s ON pfb.fachbereich_id = s.id + WHERE pfb.post_id = $postId"; + $resultSelected = mysqli_query($GLOBALS['mysql_con'], $querySelected); + while ($row = mysqli_fetch_assoc($resultSelected)) { + $selectedPostFachbereiche[] = ['value' => $row['id'], 'name' => $row['description']]; + } +} + // -------------------- Produkte für Post -------------------- $productsData = []; $query = "SELECT p.id, pt.title @@ -221,6 +259,16 @@ if (!empty($post['text_color'])) { …" /> +

Einrichtungen

+
+ +
+ +

Fachbereiche

+
+ +
+

get("products")?>

…" /> @@ -262,10 +310,14 @@ if (!empty($post['text_color'])) { var postMandantsData = ; var postDepartmentsData = ; var postRolesData = ; + var postEinrichtsData = ; + var postFachbereicheData = ; var selectedCategories = ; var selectedPostMandants = ; var selectedPostDepartments = ; var selectedPostRoles = ; + var selectedPostEinrichts = ; + var selectedPostFachbereiche = ; var productsData = ; var selectedProducts = ; @@ -370,6 +422,42 @@ if (!empty($post['text_color'])) { tagifyPostRoles.addTags(selectedPostRoles); } + // Einrichtungen für Post + var tagifyPostEinrichts = new Tagify(document.getElementById('postEinrichtTags'), { + whitelist: postEinrichtsData, + tagTextProp: 'name', + enforceWhitelist: true, + dropdown: { enabled: 0, maxItems: Infinity, searchKeys: ["name"] }, + templates: { + dropdownItem: function (tagData) { + return `
+ ${tagData.name} +
`; + } + } + }); + if (selectedPostEinrichts.length) { + tagifyPostEinrichts.addTags(selectedPostEinrichts); + } + + // Fachbereiche für Post + var tagifyPostFachbereiche = new Tagify(document.getElementById('postFachbereichTags'), { + whitelist: postFachbereicheData, + tagTextProp: 'name', + enforceWhitelist: true, + dropdown: { enabled: 0, maxItems: Infinity, searchKeys: ["name"] }, + templates: { + dropdownItem: function (tagData) { + return `
+ ${tagData.name} +
`; + } + } + }); + if (selectedPostFachbereiche.length) { + tagifyPostFachbereiche.addTags(selectedPostFachbereiche); + } + // Produkte für Post var tagifyPostProducts = new Tagify(document.getElementById('postProductTags'), { whitelist: productsData, @@ -400,6 +488,8 @@ if (!empty($post['text_color'])) { var selectedMandants = tagifyPostMandants.value.map(tag => tag.value); var selectedDepartments = tagifyPostDepartments.value.map(tag => tag.value); var selectedRoles = tagifyPostRoles.value.map(tag => tag.value); + var selectedEinrichts = tagifyPostEinrichts.value.map(tag => tag.value); + var selectedFachbereiche = tagifyPostFachbereiche.value.map(tag => tag.value); var selectedFormId = $("#postFormSelect").val(); var postBackgroundColor = $("#postBackgroundColor").val(); var postTextColor = $("#postTextColor").val(); @@ -435,6 +525,19 @@ if (!empty($post['text_color'])) { post_id: postId, roles: JSON.stringify(selectedRoles) }, "json"), + + $.post("/module/knowledgecenter_update/Ajax/Ajax.php", { + action: "update_post_einrichts", + post_id: postId, + einrichts: JSON.stringify(selectedEinrichts) + }, "json"), + + $.post("/module/knowledgecenter_update/Ajax/Ajax.php", { + action: "update_post_fachbereiche", + post_id: postId, + fachbereiche: JSON.stringify(selectedFachbereiche) + }, "json"), + $.post("/module/knowledgecenter_update/Ajax/Ajax.php", { action: "update_post_products", post_id: postId, @@ -451,17 +554,19 @@ if (!empty($post['text_color'])) { background_color: postBackgroundColor, text_color: postTextColor }, "json") - ).done(function (categoriesResponse, mandantsResponse, formResponse, departmentsResponse, rolesResponse, productsResponse, pdfInlineResponse, postColorsResponse) { + ).done(function (categoriesResponse, mandantsResponse, formResponse, departmentsResponse, rolesResponse, einrichtsResponse, fachbereicheResponse, productsResponse, pdfInlineResponse, postColorsResponse) { var catSuccess = categoriesResponse[0].success; var mandantsSuccess = mandantsResponse[0].success; var formSuccess = formResponse[0].success; var departmentsSuccess = departmentsResponse[0].success; var rolesSuccess = rolesResponse[0].success; + var einrichtsSuccess = einrichtsResponse[0].success; + var fachbereicheSuccess = fachbereicheResponse[0].success; var productsSuccess = productsResponse[0].success; var pdfInlineSuccess = pdfInlineResponse[0].success; var postColorsSuccess = postColorsResponse[0].success; - if (catSuccess && mandantsSuccess && formSuccess && departmentsSuccess && rolesSuccess && productsSuccess && pdfInlineSuccess && postColorsSuccess) { + if (catSuccess && mandantsSuccess && formSuccess && departmentsSuccess && rolesSuccess && einrichtsSuccess && fachbereicheSuccess && productsSuccess && pdfInlineSuccess && postColorsSuccess) { showMessage("Alle Daten erfolgreich gespeichert!", true); } else { var errorMsg = "Fehler beim Speichern:"; @@ -470,6 +575,8 @@ if (!empty($post['text_color'])) { if (!formSuccess) errorMsg += " Formular"; if (!departmentsSuccess) errorMsg += " Departments"; if (!rolesSuccess) errorMsg += " Rollen"; + if (!einrichtsSuccess) errorMsg += " Einrichtungen"; + if (!fachbereicheSuccess) errorMsg += " Fachbereiche"; if (!productsSuccess) errorMsg += " Produkte"; if (!pdfInlineSuccess) errorMsg += " PDF Inline Vorschau"; if (!postColorsSuccess) errorMsg += " Farben"; diff --git a/module/tasks/actions/admin/task_form_action.php b/module/tasks/actions/admin/task_form_action.php index 3aceb0b..ab48f75 100644 --- a/module/tasks/actions/admin/task_form_action.php +++ b/module/tasks/actions/admin/task_form_action.php @@ -196,6 +196,8 @@ function task_cert_normalize_target_selection(array $targetRules, array $targetO 'mandant_ids' => [], 'department_ids' => [], 'role_ids' => [], + 'einricht_ids' => [], + 'fachbereich_ids' => [], 'override_include_contact_ids' => [], 'override_exclude_contact_ids' => [], 'override_include_reason' => '', @@ -206,6 +208,8 @@ function task_cert_normalize_target_selection(array $targetRules, array $targetO $mandantId = (int) ($rule['main_mandant_id'] ?? 0); $departmentId = (int) ($rule['main_department_id'] ?? 0); $roleId = (int) ($rule['main_role_id'] ?? 0); + $einrichtId = (int) ($rule['main_einricht_id'] ?? 0); + $fachbereichId = (int) ($rule['main_bereich_id'] ?? 0); if ($mandantId > 0) { $selection['mandant_ids'][] = $mandantId; @@ -218,6 +222,14 @@ function task_cert_normalize_target_selection(array $targetRules, array $targetO if ($roleId > 0) { $selection['role_ids'][] = $roleId; } + + if ($einrichtId > 0) { + $selection['einricht_ids'][] = $einrichtId; + } + + if ($fachbereichId > 0) { + $selection['fachbereich_ids'][] = $fachbereichId; + } } foreach ($targetOverrides as $override) { @@ -246,6 +258,8 @@ function task_cert_normalize_target_selection(array $targetRules, array $targetO 'mandant_ids', 'department_ids', 'role_ids', + 'einricht_ids', + 'fachbereich_ids', 'override_include_contact_ids', 'override_exclude_contact_ids', ]; diff --git a/module/tasks/endpoints/admin/task_upsert.php b/module/tasks/endpoints/admin/task_upsert.php index 20f81bd..00ac87f 100644 --- a/module/tasks/endpoints/admin/task_upsert.php +++ b/module/tasks/endpoints/admin/task_upsert.php @@ -212,10 +212,14 @@ $buildTargetRules = static function (): array { $mandantIds = array_values(array_unique(TaskCertRequest::postIntArray('target_mandant_ids'))); $departmentIds = array_values(array_unique(TaskCertRequest::postIntArray('target_department_ids'))); $roleIds = array_values(array_unique(TaskCertRequest::postIntArray('target_role_ids'))); + $einrichtIds = array_values(array_unique(TaskCertRequest::postIntArray('target_einricht_ids'))); + $fachbereichIds = array_values(array_unique(TaskCertRequest::postIntArray('target_fachbereich_ids'))); $mandantValues = $mandantIds === [] ? [0] : $mandantIds; $departmentValues = $departmentIds === [] ? [0] : $departmentIds; $roleValues = $roleIds === [] ? [0] : $roleIds; + $einrichtValues = $einrichtIds === [] ? [0] : $einrichtIds; + $fachbereichValues = $fachbereichIds === [] ? [0] : $fachbereichIds; $rules = []; $count = 0; @@ -224,20 +228,27 @@ $buildTargetRules = static function (): array { foreach ($mandantValues as $mandantId) { foreach ($departmentValues as $departmentId) { foreach ($roleValues as $roleId) { - if ((int) $mandantId === 0 && (int) $departmentId === 0 && (int) $roleId === 0) { - continue; - } + foreach ($einrichtValues as $einrichtId) { + foreach ($fachbereichValues as $fachbereichId) { + if ((int) $mandantId === 0 && (int) $departmentId === 0 && (int) $roleId === 0 + && (int) $einrichtId === 0 && (int) $fachbereichId === 0) { + continue; + } - $rules[] = [ - 'main_mandant_id' => (int) $mandantId ?: null, - 'main_department_id' => (int) $departmentId ?: null, - 'main_role_id' => (int) $roleId ?: null, - 'active' => 1, - ]; + $rules[] = [ + 'main_mandant_id' => (int) $mandantId ?: null, + 'main_department_id' => (int) $departmentId ?: null, + 'main_role_id' => (int) $roleId ?: null, + 'main_einricht_id' => (int) $einrichtId ?: null, + 'main_bereich_id' => (int) $fachbereichId ?: null, + 'active' => 1, + ]; - $count++; - if ($count > $maxRules) { - throw new RuntimeException('Zu viele Regelkombinationen. Bitte Auswahl einschränken.'); + $count++; + if ($count > $maxRules) { + throw new RuntimeException('Zu viele Regelkombinationen. Bitte Auswahl einschränken.'); + } + } } } } diff --git a/module/tasks/pages/admin/task_form.php b/module/tasks/pages/admin/task_form.php index 0ac2106..5f2e016 100644 --- a/module/tasks/pages/admin/task_form.php +++ b/module/tasks/pages/admin/task_form.php @@ -60,6 +60,8 @@ $targetSelection = array_merge([ 'mandant_ids' => [], 'department_ids' => [], 'role_ids' => [], + 'einricht_ids' => [], + 'fachbereich_ids' => [], 'override_include_contact_ids' => [], 'override_exclude_contact_ids' => [], 'override_include_reason' => '', @@ -103,6 +105,8 @@ if ($quizQuestions === []) { $lookupMandants = is_array($lookup['mandants'] ?? null) ? $lookup['mandants'] : []; $lookupDepartments = is_array($lookup['departments'] ?? null) ? $lookup['departments'] : []; $lookupRoles = is_array($lookup['roles'] ?? null) ? $lookup['roles'] : []; +$lookupEinrichts = is_array($lookup['einrichts'] ?? null) ? $lookup['einrichts'] : []; +$lookupFachbereiche = is_array($lookup['fachbereiche'] ?? null) ? $lookup['fachbereiche'] : []; $lookupContacts = is_array($lookup['contacts'] ?? null) ? $lookup['contacts'] : []; $lookupKnowledgePosts = is_array($lookup['knowledge_posts'] ?? null) ? $lookup['knowledge_posts'] : []; $lookupTaskCategories = is_array($lookup['task_categories'] ?? null) ? $lookup['task_categories'] : []; @@ -174,6 +178,8 @@ $ensureLookupRows = static function (array $rows, array $selectedIds, string $la $lookupMandants = $ensureLookupRows($lookupMandants, (array) ($targetSelection['mandant_ids'] ?? []), 'description', 'Mandant'); $lookupDepartments = $ensureLookupRows($lookupDepartments, (array) ($targetSelection['department_ids'] ?? []), 'description', 'Abteilung'); $lookupRoles = $ensureLookupRows($lookupRoles, (array) ($targetSelection['role_ids'] ?? []), 'description', 'Rolle'); +$lookupEinrichts = $ensureLookupRows($lookupEinrichts, (array) ($targetSelection['einricht_ids'] ?? []), 'description', 'Einrichtung'); +$lookupFachbereiche = $ensureLookupRows($lookupFachbereiche, (array) ($targetSelection['fachbereich_ids'] ?? []), 'description', 'Fachbereich'); $lookupKnowledgePosts = $ensureLookupRows($lookupKnowledgePosts, (array) ($methodConfig['knowledge_post_ids'] ?? []), 'title', 'Beitrag'); $lookupTaskCategories = $ensureLookupRows($lookupTaskCategories, [(int) ($task['task_category_id'] ?? 0)], 'name', 'Kategorie'); $lookupContacts = $ensureLookupRows( @@ -801,6 +807,32 @@ $taskSyncRedirectUrl = $taskId > 0
+ +
+ + +
+ +
+ + +
diff --git a/module/tasks/repo/TaskLookupRepository.php b/module/tasks/repo/TaskLookupRepository.php index 9943376..59e90f0 100644 --- a/module/tasks/repo/TaskLookupRepository.php +++ b/module/tasks/repo/TaskLookupRepository.php @@ -38,6 +38,20 @@ class TaskLookupRepository ); } + public function listEinrichts(): array + { + return TaskCertDb::fetchAll( + 'SELECT id, description FROM organigramm_einricht ORDER BY description ASC' + ); + } + + public function listFachbereiche(): array + { + return TaskCertDb::fetchAll( + 'SELECT id, description FROM organogramm_space ORDER BY description ASC' + ); + } + public function listActiveContacts(): array { return TaskCertDb::fetchAll( diff --git a/module/tasks/service/AssignmentResolverService.php b/module/tasks/service/AssignmentResolverService.php index ff047a2..4e8dc1d 100644 --- a/module/tasks/service/AssignmentResolverService.php +++ b/module/tasks/service/AssignmentResolverService.php @@ -641,6 +641,8 @@ class AssignmentResolverService l.main_mandant_id, l.main_department_id, l.main_role_id, + l.main_einricht_id, + l.main_bereich_id, l.active FROM main_contact c LEFT JOIN main_contact_department l ON l.main_contact_id = c.id @@ -662,6 +664,8 @@ class AssignmentResolverService 'main_mandant_id' => (int) ($row['main_mandant_id'] ?: $row['master_mandant_id']), 'main_department_id' => (int) ($row['main_department_id'] ?? 0), 'main_role_id' => (int) ($row['main_role_id'] ?? 0), + 'main_einricht_id' => (int) ($row['main_einricht_id'] ?? 0), + 'main_bereich_id' => (int) ($row['main_bereich_id'] ?? 0), ]; } @@ -674,13 +678,17 @@ class AssignmentResolverService $ruleMandant = (int) ($rule['main_mandant_id'] ?? 0); $ruleDepartment = (int) ($rule['main_department_id'] ?? 0); $ruleRole = (int) ($rule['main_role_id'] ?? 0); + $ruleEinricht = (int) ($rule['main_einricht_id'] ?? 0); + $ruleFachbereich = (int) ($rule['main_bereich_id'] ?? 0); foreach ($scopeRows as $scope) { $mandantMatch = $ruleMandant === 0 || $ruleMandant === (int) $scope['main_mandant_id']; $departmentMatch = $ruleDepartment === 0 || $ruleDepartment === (int) $scope['main_department_id']; $roleMatch = $ruleRole === 0 || $ruleRole === (int) $scope['main_role_id']; + $einrichtMatch = $ruleEinricht === 0 || $ruleEinricht === (int) $scope['main_einricht_id']; + $fachbereichMatch = $ruleFachbereich === 0 || $ruleFachbereich === (int) $scope['main_bereich_id']; - if ($mandantMatch && $departmentMatch && $roleMatch) { + if ($mandantMatch && $departmentMatch && $roleMatch && $einrichtMatch && $fachbereichMatch) { return true; } } diff --git a/module/tasks/service/TaskLookupService.php b/module/tasks/service/TaskLookupService.php index 8cbd546..d218ed9 100644 --- a/module/tasks/service/TaskLookupService.php +++ b/module/tasks/service/TaskLookupService.php @@ -19,6 +19,8 @@ class TaskLookupService 'mandants' => $this->safeFetch('mandants', fn(): array => $this->lookupRepo->listMandants()), 'departments' => $this->safeFetch('departments', fn(): array => $this->lookupRepo->listDepartments()), 'roles' => $this->safeFetch('roles', fn(): array => $this->lookupRepo->listRoles()), + 'einrichts' => $this->safeFetch('einrichts', fn(): array => $this->lookupRepo->listEinrichts()), + 'fachbereiche' => $this->safeFetch('fachbereiche', fn(): array => $this->lookupRepo->listFachbereiche()), 'contacts' => $this->safeFetch('contacts', fn(): array => $this->lookupRepo->listActiveContacts()), 'knowledge_posts' => $this->safeFetch('knowledge_posts', fn(): array => $this->lookupRepo->listKnowledgePosts($languageId)), ];