Add Einrichtung and Fachbereich as permission/filter types (knowledgecenter + tasks)

- Create knowledgecenter_category_einricht, _fachbereich, knowledgecenter_post_einricht,
  knowledgecenter_post_fachbereich tables; extend task_target_rule with main_einricht_id
  and main_bereich_id columns
- Middleware: load main_einricht_id/main_bereich_id from main_contact_department,
  expose $allowedEinrichts/$allowedFachbereiche globals (same pattern as existing 3 types)
- Ajax: add update_category/post_einrichts/fachbereiche functions, extend
  update_category_links() and search filter query
- Views: add einricht/fachbereich LEFT JOINs and WHERE filters in all 5 query sites
  (categories_posts_listform, category_posts_widget, post_announcement_listform,
  post_cardform userHasAccessForPost, Ajax search)
- post_cardform_settings: add Einrichtungen/Fachbereiche tagify pickers with save/load
- Tasks: add listEinrichts/listFachbereiche to repo+service, add UI selects in task_form,
  extend target-rule normalization and upsert builder, extend AssignmentResolverService
  scope loading and matchesAnyRule to include einricht/fachbereich matching

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-06-22 11:03:53 +02:00
parent 8fa061afac
commit eb3aa75615
13 changed files with 477 additions and 82 deletions

View File

@@ -133,6 +133,29 @@ if (isset($_POST["action"])) {
$result = update_post_roles($postId, $roleIds);
echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]);
exit;
case 'update_post_einrichts':
$postId = (int) ($_POST['post_id'] ?? 0);
$einrichtIds = json_decode($_POST['einrichts'], true) ?: [];
if ($postId <= 0) {
echo json_encode(['error' => 'Ungültige Post-ID']);
exit;
}
$result = update_post_einrichts($postId, $einrichtIds);
echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]);
exit;
case 'update_post_fachbereiche':
$postId = (int) ($_POST['post_id'] ?? 0);
$fachbereichIds = json_decode($_POST['fachbereiche'], true) ?: [];
if ($postId <= 0) {
echo json_encode(['error' => 'Ungültige Post-ID']);
exit;
}
$result = update_post_fachbereiche($postId, $fachbereichIds);
echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]);
exit;
case 'update_post_products':
$postId = (int) ($_POST['post_id'] ?? 0);
$productIds = json_decode($_POST['products'] ?? '[]', true) ?: [];
@@ -463,15 +486,56 @@ function update_category_roles($categoryId, $roleIds)
}
/**
* Kombinierte Funktion, die alle drei Link-Tabellen aktualisiert.
* Löscht alte Einrichtungs-Verknüpfungen und fügt neue ein.
*/
function update_category_einrichts($categoryId, $einrichtIds)
{
$deleteQuery = "DELETE FROM knowledgecenter_category_einricht WHERE category_id = $categoryId";
if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) {
return "Fehler beim Löschen der Einrichtungs-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']);
}
foreach ($einrichtIds as $einrichtId) {
$einrichtId = (int) $einrichtId;
$insertQuery = "INSERT INTO knowledgecenter_category_einricht (category_id, einricht_id, created_at)
VALUES ($categoryId, $einrichtId, NOW())";
if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) {
return "Fehler beim Einfügen der Einrichtungs-ID $einrichtId: " . mysqli_error($GLOBALS['mysql_con']);
}
}
return true;
}
/**
* Löscht alte Fachbereich-Verknüpfungen und fügt neue ein.
*/
function update_category_fachbereiche($categoryId, $fachbereichIds)
{
$deleteQuery = "DELETE FROM knowledgecenter_category_fachbereich WHERE category_id = $categoryId";
if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) {
return "Fehler beim Löschen der Fachbereich-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']);
}
foreach ($fachbereichIds as $fachbereichId) {
$fachbereichId = (int) $fachbereichId;
$insertQuery = "INSERT INTO knowledgecenter_category_fachbereich (category_id, fachbereich_id, created_at)
VALUES ($categoryId, $fachbereichId, NOW())";
if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) {
return "Fehler beim Einfügen der Fachbereich-ID $fachbereichId: " . mysqli_error($GLOBALS['mysql_con']);
}
}
return true;
}
/**
* Kombinierte Funktion, die alle fünf Link-Tabellen aktualisiert.
*/
function update_category_links()
{
$categoryId = (int) ($_POST['id'] ?? 0);
// Die Tagify-Daten werden als JSON-String gesendet
$mandantIds = json_decode($_POST['mandants'], true) ?: [];
$departmentIds = json_decode($_POST['departments'], true) ?: [];
$roleIds = json_decode($_POST['roles'], true) ?: [];
$einrichtIds = json_decode($_POST['einrichts'] ?? '[]', true) ?: [];
$fachbereichIds = json_decode($_POST['fachbereiche'] ?? '[]', true) ?: [];
$errors = [];
@@ -490,8 +554,17 @@ function update_category_links()
$errors[] = $result;
}
$result = update_category_einrichts($categoryId, $einrichtIds);
if ($result !== true) {
$errors[] = $result;
}
$result = update_category_fachbereiche($categoryId, $fachbereichIds);
if ($result !== true) {
$errors[] = $result;
}
if (empty($errors)) {
// Hier werden für jede Gruppe die vollständigen Datensätze (value und name) abgefragt
$savedMandants = [];
foreach ($mandantIds as $id) {
$id = (int) $id;
@@ -525,11 +598,35 @@ function update_category_links()
}
}
$savedEinrichts = [];
foreach ($einrichtIds as $id) {
$id = (int) $id;
$sql = "SELECT id, description FROM organigramm_einricht WHERE id = $id LIMIT 1";
$res = mysqli_query($GLOBALS['mysql_con'], $sql);
if ($res && mysqli_num_rows($res) > 0) {
$row = mysqli_fetch_assoc($res);
$savedEinrichts[] = ['value' => $row['id'], 'name' => $row['description']];
}
}
$savedFachbereiche = [];
foreach ($fachbereichIds as $id) {
$id = (int) $id;
$sql = "SELECT id, description FROM organogramm_space WHERE id = $id LIMIT 1";
$res = mysqli_query($GLOBALS['mysql_con'], $sql);
if ($res && mysqli_num_rows($res) > 0) {
$row = mysqli_fetch_assoc($res);
$savedFachbereiche[] = ['value' => $row['id'], 'name' => $row['description']];
}
}
echo json_encode([
'success' => true,
'mandants' => $savedMandants,
'departments' => $savedDepartments,
'roles' => $savedRoles
'roles' => $savedRoles,
'einrichts' => $savedEinrichts,
'fachbereiche' => $savedFachbereiche,
]);
} else {
echo json_encode(['error' => implode("; ", $errors)]);
@@ -1406,6 +1503,46 @@ function update_post_roles($postId, $roleIds)
return true;
}
/**
* Löscht alte Einrichtungs-Verknüpfungen für einen Beitrag und fügt neue ein.
*/
function update_post_einrichts($postId, $einrichtIds)
{
$deleteQuery = "DELETE FROM knowledgecenter_post_einricht WHERE post_id = $postId";
if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) {
return "Fehler beim Löschen der Post-Einrichtungs-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']);
}
foreach ($einrichtIds as $einrichtId) {
$einrichtId = (int) $einrichtId;
$insertQuery = "INSERT INTO knowledgecenter_post_einricht (post_id, einricht_id, created_at)
VALUES ($postId, $einrichtId, NOW())";
if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) {
return "Fehler beim Einfügen der Einrichtungs-ID $einrichtId: " . mysqli_error($GLOBALS['mysql_con']);
}
}
return true;
}
/**
* Löscht alte Fachbereich-Verknüpfungen für einen Beitrag und fügt neue ein.
*/
function update_post_fachbereiche($postId, $fachbereichIds)
{
$deleteQuery = "DELETE FROM knowledgecenter_post_fachbereich WHERE post_id = $postId";
if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) {
return "Fehler beim Löschen der Post-Fachbereich-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']);
}
foreach ($fachbereichIds as $fachbereichId) {
$fachbereichId = (int) $fachbereichId;
$insertQuery = "INSERT INTO knowledgecenter_post_fachbereich (post_id, fachbereich_id, created_at)
VALUES ($postId, $fachbereichId, NOW())";
if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) {
return "Fehler beim Einfügen der Fachbereich-ID $fachbereichId: " . mysqli_error($GLOBALS['mysql_con']);
}
}
return true;
}
/**
* Löscht alte Produkt-Verknüpfungen und fügt neue in product_knowledgecenter_post_link ein.
*/
@@ -1662,15 +1799,17 @@ function search_posts()
$limitPlusOne = $limit + 1; // um zusätzlich eine Zeile zu laden, falls mehr Ergebnisse existieren
/**
* Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen)
* Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen, Einrichtungen, Fachbereiche)
*/
$currentUserId = $_POST["main_contact_id"] ?? 0;
$userMandants = [];
$userDepartments = [];
$userRoles = [];
$userEinrichts = [];
$userFachbereiche = [];
if ($currentUserId) {
$query = "SELECT main_mandant_id, main_department_id, main_role_id
$query = "SELECT main_mandant_id, main_department_id, main_role_id, main_einricht_id, main_bereich_id
FROM main_contact_department
WHERE main_contact_id = $currentUserId AND active = 1";
$result = mysqli_query($GLOBALS['mysql_con'], $query);
@@ -1685,16 +1824,24 @@ function search_posts()
if ($row['main_role_id'] != 0 && !in_array($row['main_role_id'], $userRoles)) {
$userRoles[] = $row['main_role_id'];
}
if ($row['main_einricht_id'] != 0 && !in_array($row['main_einricht_id'], $userEinrichts)) {
$userEinrichts[] = $row['main_einricht_id'];
}
if ($row['main_bereich_id'] != 0 && !in_array($row['main_bereich_id'], $userFachbereiche)) {
$userFachbereiche[] = $row['main_bereich_id'];
}
}
}
/**
* Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als
* Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als
* kommaseparierte Strings vor.
*/
$allowedMandants = !empty($userMandants) ? implode(',', $userMandants) : 'NULL';
$allowedDepartments = !empty($userDepartments) ? implode(',', $userDepartments) : 'NULL';
$allowedRoles = !empty($userRoles) ? implode(',', $userRoles) : 'NULL';
$allowedEinrichts = !empty($userEinrichts) ? implode(',', $userEinrichts) : 'NULL';
$allowedFachbereiche = !empty($userFachbereiche) ? implode(',', $userFachbereiche) : 'NULL';
@@ -1751,17 +1898,23 @@ function search_posts()
AND (valid_from IS NULL OR valid_from <= NOW())
AND (valid_until IS NULL OR valid_until >= NOW())
)
LEFT JOIN knowledgecenter_post_department AS pd
LEFT JOIN knowledgecenter_post_department AS pd
ON kp.id = pd.post_id
LEFT JOIN knowledgecenter_post_mandant AS pm
LEFT JOIN knowledgecenter_post_mandant AS pm
ON kp.id = pm.post_id
LEFT JOIN knowledgecenter_post_role AS pr
LEFT JOIN knowledgecenter_post_role AS pr
ON kp.id = pr.post_id
LEFT JOIN knowledgecenter_post_einricht AS pe
ON kp.id = pe.post_id
LEFT JOIN knowledgecenter_post_fachbereich AS pfb
ON kp.id = pfb.post_id
WHERE 1=1
$searchCondition
AND ( pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments) )
AND ( pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants) )
AND ( pr.role_id IS NULL OR pr.role_id IN ($allowedRoles) )
AND ( pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts) )
AND ( pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche) )
ORDER BY kp.modified_at DESC
LIMIT $offset, $limitPlusOne
";

View File

@@ -1,15 +1,17 @@
<?php
/**
* Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen)
* Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen, Einrichtungen, Fachbereiche)
*/
$currentUserId = $GLOBALS["main_contact"]["id"] ?? 0;
$userMandants = [];
$userDepartments = [];
$userRoles = [];
$userEinrichts = [];
$userFachbereiche = [];
if ($currentUserId) {
$query = "SELECT main_mandant_id, main_department_id, main_role_id
$query = "SELECT main_mandant_id, main_department_id, main_role_id, main_einricht_id, main_bereich_id
FROM main_contact_department
WHERE main_contact_id = $currentUserId AND active = 1";
$result = mysqli_query($GLOBALS['mysql_con'], $query);
@@ -24,21 +26,31 @@ if ($currentUserId) {
if ($row['main_role_id'] != 0 && !in_array($row['main_role_id'], $userRoles)) {
$userRoles[] = $row['main_role_id'];
}
if ($row['main_einricht_id'] != 0 && !in_array($row['main_einricht_id'], $userEinrichts)) {
$userEinrichts[] = $row['main_einricht_id'];
}
if ($row['main_bereich_id'] != 0 && !in_array($row['main_bereich_id'], $userFachbereiche)) {
$userFachbereiche[] = $row['main_bereich_id'];
}
}
}
/**
* Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als
* Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als
* kommaseparierte Strings vor.
*/
$allowedMandants = !empty($userMandants) ? implode(',', $userMandants) : 'NULL';
$allowedDepartments = !empty($userDepartments) ? implode(',', $userDepartments) : 'NULL';
$allowedRoles = !empty($userRoles) ? implode(',', $userRoles) : 'NULL';
$allowedEinrichts = !empty($userEinrichts) ? implode(',', $userEinrichts) : 'NULL';
$allowedFachbereiche = !empty($userFachbereiche) ? implode(',', $userFachbereiche) : 'NULL';
// Für den globalen Zugriff kannst Du auch die Variablen in $GLOBALS speichern:
$GLOBALS['allowedMandants'] = $allowedMandants;
$GLOBALS['allowedDepartments'] = $allowedDepartments;
$GLOBALS['allowedRoles'] = $allowedRoles;
$GLOBALS['allowedEinrichts'] = $allowedEinrichts;
$GLOBALS['allowedFachbereiche'] = $allowedFachbereiche;

View File

@@ -126,21 +126,27 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis
knowledgecenter_categories_update AS c ON kcl.child_category_id = c.id
LEFT JOIN
knowledgecenter_category_translations AS t ON c.id = t.category_id AND t.language_id = $languageId
LEFT JOIN
LEFT JOIN
knowledgecenter_category_department AS cd ON c.id = cd.category_id
LEFT JOIN
LEFT JOIN
knowledgecenter_category_mandant AS cm ON c.id = cm.category_id
LEFT JOIN
LEFT JOIN
knowledgecenter_category_role AS cr ON c.id = cr.category_id
WHERE
LEFT JOIN
knowledgecenter_category_einricht AS ce ON c.id = ce.category_id
LEFT JOIN
knowledgecenter_category_fachbereich AS cf ON c.id = cf.category_id
WHERE
kcl.parent_category_id = $categoryId
AND c.state = 1
AND ( cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments) )
AND ( cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants) )
AND ( cr.role_id IS NULL OR cr.role_id IN ($allowedRoles) )
GROUP BY
AND ( ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts) )
AND ( cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche) )
GROUP BY
c.id
ORDER BY
ORDER BY
kcl.sorting ASC
";
$resSubs = mysqli_query($GLOBALS['mysql_con'], $sqlSubs);
@@ -193,18 +199,24 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis
AND (v2.valid_from IS NULL OR v2.valid_from <= NOW())
AND (v2.valid_until IS NULL OR v2.valid_until >= NOW())
)
LEFT JOIN
LEFT JOIN
knowledgecenter_post_department AS pd ON kp.id = pd.post_id
LEFT JOIN
LEFT JOIN
knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id
LEFT JOIN
LEFT JOIN
knowledgecenter_post_role AS pr ON kp.id = pr.post_id
WHERE
LEFT JOIN
knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id
LEFT JOIN
knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id
WHERE
kcp.category_id = $categoryId
AND pv.post_id IS NOT NULL
AND ( pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments) )
AND ( pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants) )
AND ( pr.role_id IS NULL OR pr.role_id IN ($allowedRoles) )
AND ( pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts) )
AND ( pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche) )
GROUP BY
kp.id
ORDER BY
@@ -263,19 +275,24 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis
knowledgecenter_categories_update AS c
LEFT JOIN
knowledgecenter_category_translations AS t ON c.id = t.category_id AND t.language_id = $languageId
LEFT JOIN
LEFT JOIN
knowledgecenter_category_department AS cd ON c.id = cd.category_id
LEFT JOIN
LEFT JOIN
knowledgecenter_category_mandant AS cm ON c.id = cm.category_id
LEFT JOIN
LEFT JOIN
knowledgecenter_category_role AS cr ON c.id = cr.category_id
WHERE
c.id NOT IN (SELECT child_category_id FROM knowledgecenter_category_links)
AND c.state = 1
LEFT JOIN
knowledgecenter_category_einricht AS ce ON c.id = ce.category_id
LEFT JOIN
knowledgecenter_category_fachbereich AS cf ON c.id = cf.category_id
WHERE
c.id NOT IN (SELECT child_category_id FROM knowledgecenter_category_links)
AND c.state = 1
AND ( cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments) )
AND ( cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants) )
AND ( cr.role_id IS NULL OR cr.role_id IN ($allowedRoles) )
AND ( ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts) )
AND ( cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche) )
GROUP BY
c.id
ORDER BY

View File

@@ -74,16 +74,20 @@ $sql = "
AND kct_fb.language_id = ?
-- Sichtbarkeiten (nur Einschränkungen existieren -> filtern, sonst sichtbar)
LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id
LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id
LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id
LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id
LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id
LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id
LEFT JOIN knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id
LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id
WHERE
WHERE
pv.post_id IS NOT NULL
AND pv.modified_at >= DATE_SUB(NOW(), INTERVAL 3 WEEK)
AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments))
AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants))
AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles))
AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments))
AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants))
AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles))
AND (pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts))
AND (pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche))
GROUP BY kp.id
ORDER BY pv.modified_at DESC

View File

@@ -51,14 +51,18 @@ $sql = "
AND (v2.valid_from IS NULL OR v2.valid_from <= NOW())
AND (v2.valid_until IS NULL OR v2.valid_until >= NOW())
)
LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id
LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id
LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id
LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id
LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id
LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id
LEFT JOIN knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id
LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id
WHERE kcp.category_id = ?
AND pv.post_id IS NOT NULL
AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments))
AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants))
AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles))
AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments))
AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants))
AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles))
AND (pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts))
AND (pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche))
GROUP BY kp.id
ORDER BY kp.created_at DESC
";
@@ -99,18 +103,24 @@ JOIN
knowledgecenter_categories_update AS c ON kcl.child_category_id = c.id
LEFT JOIN
knowledgecenter_category_translations AS t ON c.id = t.category_id AND t.language_id = $languageId
LEFT JOIN
knowledgecenter_category_department AS cd ON c.id = cd.category_id
LEFT JOIN
knowledgecenter_category_mandant AS cm ON c.id = cm.category_id
LEFT JOIN
knowledgecenter_category_role AS cr ON c.id = cr.category_id
WHERE
LEFT JOIN
knowledgecenter_category_department AS cd ON c.id = cd.category_id
LEFT JOIN
knowledgecenter_category_mandant AS cm ON c.id = cm.category_id
LEFT JOIN
knowledgecenter_category_role AS cr ON c.id = cr.category_id
LEFT JOIN
knowledgecenter_category_einricht AS ce ON c.id = ce.category_id
LEFT JOIN
knowledgecenter_category_fachbereich AS cf ON c.id = cf.category_id
WHERE
kcl.parent_category_id = $categoryId
AND c.state = 1
AND (cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments))
AND (cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants))
AND (cr.role_id IS NULL OR cr.role_id IN ($allowedRoles))
AND (cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments))
AND (cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants))
AND (cr.role_id IS NULL OR cr.role_id IN ($allowedRoles))
AND (ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts))
AND (cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche))
GROUP BY
c.id
ORDER BY

View File

@@ -10,9 +10,11 @@ $currentUserId = $GLOBALS["main_contact"]["id"] ?? 0;
$userMandants = [];
$userDepartments = [];
$userRoles = [];
$userEinrichts = [];
$userFachbereiche = [];
if ($currentUserId) {
$query = "SELECT main_mandant_id, main_department_id, main_role_id
$query = "SELECT main_mandant_id, main_department_id, main_role_id, main_einricht_id, main_bereich_id
FROM main_contact_department
WHERE main_contact_id = $currentUserId AND active = 1";
$result = mysqli_query($GLOBALS['mysql_con'], $query);
@@ -26,6 +28,12 @@ if ($currentUserId) {
if (!in_array($row['main_role_id'], $userRoles)) {
$userRoles[] = $row['main_role_id'];
}
if ($row['main_einricht_id'] != 0 && !in_array($row['main_einricht_id'], $userEinrichts)) {
$userEinrichts[] = $row['main_einricht_id'];
}
if ($row['main_bereich_id'] != 0 && !in_array($row['main_bereich_id'], $userFachbereiche)) {
$userFachbereiche[] = $row['main_bereich_id'];
}
}
}
@@ -53,34 +61,31 @@ function userHasAccessForPost($postId)
return true;
}
}
global $allowedMandants, $allowedDepartments, $allowedRoles;
global $allowedMandants, $allowedDepartments, $allowedRoles, $allowedEinrichts, $allowedFachbereiche;
// Baue den Query, der per LEFT JOIN die Verknüpfungen berücksichtigt.
// Für jeden Bereich wird ermittelt:
// - cntX: Gesamtzahl der Verknüpfungen in diesem Bereich für diesen Post.
// - matchX: Anzahl der Verknüpfungen, die in der erlaubten Liste liegen.
// Wenn cnt > 0 und match = 0, dann hat der User in diesem Bereich keinen Zugriff.
// Existieren keine Verknüpfungen (cnt = 0), gilt der Bereich als unbeschränkt.
$sql = "
SELECT
SELECT
COUNT(DISTINCT pd.department_id) AS cntDept,
SUM(IF(pd.department_id IN (" . ($allowedDepartments ? $allowedDepartments : 'NULL') . "), 1, 0)) AS matchDept,
COUNT(DISTINCT pm.mandant_id) AS cntMand,
SUM(IF(pm.mandant_id IN (" . ($allowedMandants ? $allowedMandants : 'NULL') . "), 1, 0)) AS matchMand,
COUNT(DISTINCT pr.role_id) AS cntRole,
SUM(IF(pr.role_id IN (" . ($allowedRoles ? $allowedRoles : 'NULL') . "), 1, 0)) AS matchRole
SUM(IF(pr.role_id IN (" . ($allowedRoles ? $allowedRoles : 'NULL') . "), 1, 0)) AS matchRole,
COUNT(DISTINCT pe.einricht_id) AS cntEinricht,
SUM(IF(pe.einricht_id IN (" . ($allowedEinrichts ? $allowedEinrichts : 'NULL') . "), 1, 0)) AS matchEinricht,
COUNT(DISTINCT pfb.fachbereich_id) AS cntFachbereich,
SUM(IF(pfb.fachbereich_id IN (" . ($allowedFachbereiche ? $allowedFachbereiche : 'NULL') . "), 1, 0)) AS matchFachbereich
FROM knowledgecenter_posts AS p
LEFT JOIN knowledgecenter_post_department AS pd ON p.id = pd.post_id
LEFT JOIN knowledgecenter_post_mandant AS pm ON p.id = pm.post_id
LEFT JOIN knowledgecenter_post_role AS pr ON p.id = pr.post_id
LEFT JOIN knowledgecenter_post_einricht AS pe ON p.id = pe.post_id
LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON p.id = pfb.post_id
WHERE p.id = $postId
GROUP BY p.id
";
$res = mysqli_query($GLOBALS['mysql_con'], $sql);
if (!$res || mysqli_num_rows($res) === 0) {
// Falls keine Verknüpfungen in allen Bereichen vorhanden sind, wird oft kein Datensatz zurückgegeben
// das bedeutet, dass es keine Einschränkungen gibt, also Zugriff.
return true;
}
$row = mysqli_fetch_assoc($res);
@@ -95,6 +100,12 @@ function userHasAccessForPost($postId)
if ($row['cntRole'] > 0 && $row['matchRole'] == 0) {
$access = false;
}
if ($row['cntEinricht'] > 0 && $row['matchEinricht'] == 0) {
$access = false;
}
if ($row['cntFachbereich'] > 0 && $row['matchFachbereich'] == 0) {
$access = false;
}
return $access;
}

View File

@@ -115,7 +115,7 @@ while ($row = mysqli_fetch_assoc($result)) {
}
$selectedPostRoles = [];
if ($postId != 0) {
$querySelected = "SELECT r.id, r.description
$querySelected = "SELECT r.id, r.description
FROM knowledgecenter_post_role AS pr
JOIN main_role AS r ON pr.role_id = r.id
WHERE pr.post_id = $postId";
@@ -125,6 +125,44 @@ if ($postId != 0) {
}
}
// -------------------- Einrichtungen für Post --------------------
$postEinrichtsData = [];
$query = "SELECT id, description FROM organigramm_einricht ORDER BY description ASC";
$result = mysqli_query($GLOBALS['mysql_con'], $query);
while ($row = mysqli_fetch_assoc($result)) {
$postEinrichtsData[] = ['value' => $row['id'], 'name' => $row['description']];
}
$selectedPostEinrichts = [];
if ($postId != 0) {
$querySelected = "SELECT e.id, e.description
FROM knowledgecenter_post_einricht AS pe
JOIN organigramm_einricht AS e ON pe.einricht_id = e.id
WHERE pe.post_id = $postId";
$resultSelected = mysqli_query($GLOBALS['mysql_con'], $querySelected);
while ($row = mysqli_fetch_assoc($resultSelected)) {
$selectedPostEinrichts[] = ['value' => $row['id'], 'name' => $row['description']];
}
}
// -------------------- Fachbereiche für Post --------------------
$postFachbereicheData = [];
$query = "SELECT id, description FROM organogramm_space ORDER BY description ASC";
$result = mysqli_query($GLOBALS['mysql_con'], $query);
while ($row = mysqli_fetch_assoc($result)) {
$postFachbereicheData[] = ['value' => $row['id'], 'name' => $row['description']];
}
$selectedPostFachbereiche = [];
if ($postId != 0) {
$querySelected = "SELECT s.id, s.description
FROM knowledgecenter_post_fachbereich AS pfb
JOIN organogramm_space AS s ON pfb.fachbereich_id = s.id
WHERE pfb.post_id = $postId";
$resultSelected = mysqli_query($GLOBALS['mysql_con'], $querySelected);
while ($row = mysqli_fetch_assoc($resultSelected)) {
$selectedPostFachbereiche[] = ['value' => $row['id'], 'name' => $row['description']];
}
}
// -------------------- Produkte für Post --------------------
$productsData = [];
$query = "SELECT p.id, pt.title
@@ -221,6 +259,16 @@ if (!empty($post['text_color'])) {
<input type="text" id="postRoleTags" name="postRoles" placeholder="<?=$translation->get("roles")?>…" />
</div>
<h3>Einrichtungen</h3>
<div class="settings_container">
<input type="text" id="postEinrichtTags" name="postEinrichts" placeholder="Einrichtung hinzufügen…" />
</div>
<h3>Fachbereiche</h3>
<div class="settings_container">
<input type="text" id="postFachbereichTags" name="postFachbereiche" placeholder="Fachbereich hinzufügen…" />
</div>
<h3><?=$translation->get("products")?></h3>
<div class="settings_container">
<input type="text" id="postProductTags" name="postProducts" placeholder="<?=$translation->get("products")?>…" />
@@ -262,10 +310,14 @@ if (!empty($post['text_color'])) {
var postMandantsData = <?php echo json_encode($postMandantsData); ?>;
var postDepartmentsData = <?php echo json_encode($postDepartmentsData); ?>;
var postRolesData = <?php echo json_encode($postRolesData); ?>;
var postEinrichtsData = <?php echo json_encode($postEinrichtsData); ?>;
var postFachbereicheData = <?php echo json_encode($postFachbereicheData); ?>;
var selectedCategories = <?php echo json_encode($selectedCategories); ?>;
var selectedPostMandants = <?php echo json_encode($selectedPostMandants); ?>;
var selectedPostDepartments = <?php echo json_encode($selectedPostDepartments); ?>;
var selectedPostRoles = <?php echo json_encode($selectedPostRoles); ?>;
var selectedPostEinrichts = <?php echo json_encode($selectedPostEinrichts); ?>;
var selectedPostFachbereiche = <?php echo json_encode($selectedPostFachbereiche); ?>;
var productsData = <?php echo json_encode($productsData); ?>;
var selectedProducts = <?php echo json_encode($selectedProducts); ?>;
@@ -370,6 +422,42 @@ if (!empty($post['text_color'])) {
tagifyPostRoles.addTags(selectedPostRoles);
}
// Einrichtungen für Post
var tagifyPostEinrichts = new Tagify(document.getElementById('postEinrichtTags'), {
whitelist: postEinrichtsData,
tagTextProp: 'name',
enforceWhitelist: true,
dropdown: { enabled: 0, maxItems: Infinity, searchKeys: ["name"] },
templates: {
dropdownItem: function (tagData) {
return `<div ${this.getAttributes(tagData)} class="tagify__dropdown__item">
<span>${tagData.name}</span>
</div>`;
}
}
});
if (selectedPostEinrichts.length) {
tagifyPostEinrichts.addTags(selectedPostEinrichts);
}
// Fachbereiche für Post
var tagifyPostFachbereiche = new Tagify(document.getElementById('postFachbereichTags'), {
whitelist: postFachbereicheData,
tagTextProp: 'name',
enforceWhitelist: true,
dropdown: { enabled: 0, maxItems: Infinity, searchKeys: ["name"] },
templates: {
dropdownItem: function (tagData) {
return `<div ${this.getAttributes(tagData)} class="tagify__dropdown__item">
<span>${tagData.name}</span>
</div>`;
}
}
});
if (selectedPostFachbereiche.length) {
tagifyPostFachbereiche.addTags(selectedPostFachbereiche);
}
// Produkte für Post
var tagifyPostProducts = new Tagify(document.getElementById('postProductTags'), {
whitelist: productsData,
@@ -400,6 +488,8 @@ if (!empty($post['text_color'])) {
var selectedMandants = tagifyPostMandants.value.map(tag => tag.value);
var selectedDepartments = tagifyPostDepartments.value.map(tag => tag.value);
var selectedRoles = tagifyPostRoles.value.map(tag => tag.value);
var selectedEinrichts = tagifyPostEinrichts.value.map(tag => tag.value);
var selectedFachbereiche = tagifyPostFachbereiche.value.map(tag => tag.value);
var selectedFormId = $("#postFormSelect").val();
var postBackgroundColor = $("#postBackgroundColor").val();
var postTextColor = $("#postTextColor").val();
@@ -435,6 +525,19 @@ if (!empty($post['text_color'])) {
post_id: postId,
roles: JSON.stringify(selectedRoles)
}, "json"),
$.post("/module/knowledgecenter_update/Ajax/Ajax.php", {
action: "update_post_einrichts",
post_id: postId,
einrichts: JSON.stringify(selectedEinrichts)
}, "json"),
$.post("/module/knowledgecenter_update/Ajax/Ajax.php", {
action: "update_post_fachbereiche",
post_id: postId,
fachbereiche: JSON.stringify(selectedFachbereiche)
}, "json"),
$.post("/module/knowledgecenter_update/Ajax/Ajax.php", {
action: "update_post_products",
post_id: postId,
@@ -451,17 +554,19 @@ if (!empty($post['text_color'])) {
background_color: postBackgroundColor,
text_color: postTextColor
}, "json")
).done(function (categoriesResponse, mandantsResponse, formResponse, departmentsResponse, rolesResponse, productsResponse, pdfInlineResponse, postColorsResponse) {
).done(function (categoriesResponse, mandantsResponse, formResponse, departmentsResponse, rolesResponse, einrichtsResponse, fachbereicheResponse, productsResponse, pdfInlineResponse, postColorsResponse) {
var catSuccess = categoriesResponse[0].success;
var mandantsSuccess = mandantsResponse[0].success;
var formSuccess = formResponse[0].success;
var departmentsSuccess = departmentsResponse[0].success;
var rolesSuccess = rolesResponse[0].success;
var einrichtsSuccess = einrichtsResponse[0].success;
var fachbereicheSuccess = fachbereicheResponse[0].success;
var productsSuccess = productsResponse[0].success;
var pdfInlineSuccess = pdfInlineResponse[0].success;
var postColorsSuccess = postColorsResponse[0].success;
if (catSuccess && mandantsSuccess && formSuccess && departmentsSuccess && rolesSuccess && productsSuccess && pdfInlineSuccess && postColorsSuccess) {
if (catSuccess && mandantsSuccess && formSuccess && departmentsSuccess && rolesSuccess && einrichtsSuccess && fachbereicheSuccess && productsSuccess && pdfInlineSuccess && postColorsSuccess) {
showMessage("Alle Daten erfolgreich gespeichert!", true);
} else {
var errorMsg = "Fehler beim Speichern:";
@@ -470,6 +575,8 @@ if (!empty($post['text_color'])) {
if (!formSuccess) errorMsg += " Formular";
if (!departmentsSuccess) errorMsg += " Departments";
if (!rolesSuccess) errorMsg += " Rollen";
if (!einrichtsSuccess) errorMsg += " Einrichtungen";
if (!fachbereicheSuccess) errorMsg += " Fachbereiche";
if (!productsSuccess) errorMsg += " Produkte";
if (!pdfInlineSuccess) errorMsg += " PDF Inline Vorschau";
if (!postColorsSuccess) errorMsg += " Farben";