Add Einrichtung and Fachbereich as permission/filter types (knowledgecenter + tasks)
- Create knowledgecenter_category_einricht, _fachbereich, knowledgecenter_post_einricht, knowledgecenter_post_fachbereich tables; extend task_target_rule with main_einricht_id and main_bereich_id columns - Middleware: load main_einricht_id/main_bereich_id from main_contact_department, expose $allowedEinrichts/$allowedFachbereiche globals (same pattern as existing 3 types) - Ajax: add update_category/post_einrichts/fachbereiche functions, extend update_category_links() and search filter query - Views: add einricht/fachbereich LEFT JOINs and WHERE filters in all 5 query sites (categories_posts_listform, category_posts_widget, post_announcement_listform, post_cardform userHasAccessForPost, Ajax search) - post_cardform_settings: add Einrichtungen/Fachbereiche tagify pickers with save/load - Tasks: add listEinrichts/listFachbereiche to repo+service, add UI selects in task_form, extend target-rule normalization and upsert builder, extend AssignmentResolverService scope loading and matchesAnyRule to include einricht/fachbereich matching Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -133,6 +133,29 @@ if (isset($_POST["action"])) {
|
||||
$result = update_post_roles($postId, $roleIds);
|
||||
echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]);
|
||||
exit;
|
||||
|
||||
case 'update_post_einrichts':
|
||||
$postId = (int) ($_POST['post_id'] ?? 0);
|
||||
$einrichtIds = json_decode($_POST['einrichts'], true) ?: [];
|
||||
if ($postId <= 0) {
|
||||
echo json_encode(['error' => 'Ungültige Post-ID']);
|
||||
exit;
|
||||
}
|
||||
$result = update_post_einrichts($postId, $einrichtIds);
|
||||
echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]);
|
||||
exit;
|
||||
|
||||
case 'update_post_fachbereiche':
|
||||
$postId = (int) ($_POST['post_id'] ?? 0);
|
||||
$fachbereichIds = json_decode($_POST['fachbereiche'], true) ?: [];
|
||||
if ($postId <= 0) {
|
||||
echo json_encode(['error' => 'Ungültige Post-ID']);
|
||||
exit;
|
||||
}
|
||||
$result = update_post_fachbereiche($postId, $fachbereichIds);
|
||||
echo json_encode(is_bool($result) && $result ? ['success' => true] : ['error' => $result]);
|
||||
exit;
|
||||
|
||||
case 'update_post_products':
|
||||
$postId = (int) ($_POST['post_id'] ?? 0);
|
||||
$productIds = json_decode($_POST['products'] ?? '[]', true) ?: [];
|
||||
@@ -463,15 +486,56 @@ function update_category_roles($categoryId, $roleIds)
|
||||
}
|
||||
|
||||
/**
|
||||
* Kombinierte Funktion, die alle drei Link-Tabellen aktualisiert.
|
||||
* Löscht alte Einrichtungs-Verknüpfungen und fügt neue ein.
|
||||
*/
|
||||
function update_category_einrichts($categoryId, $einrichtIds)
|
||||
{
|
||||
$deleteQuery = "DELETE FROM knowledgecenter_category_einricht WHERE category_id = $categoryId";
|
||||
if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) {
|
||||
return "Fehler beim Löschen der Einrichtungs-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']);
|
||||
}
|
||||
foreach ($einrichtIds as $einrichtId) {
|
||||
$einrichtId = (int) $einrichtId;
|
||||
$insertQuery = "INSERT INTO knowledgecenter_category_einricht (category_id, einricht_id, created_at)
|
||||
VALUES ($categoryId, $einrichtId, NOW())";
|
||||
if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) {
|
||||
return "Fehler beim Einfügen der Einrichtungs-ID $einrichtId: " . mysqli_error($GLOBALS['mysql_con']);
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Löscht alte Fachbereich-Verknüpfungen und fügt neue ein.
|
||||
*/
|
||||
function update_category_fachbereiche($categoryId, $fachbereichIds)
|
||||
{
|
||||
$deleteQuery = "DELETE FROM knowledgecenter_category_fachbereich WHERE category_id = $categoryId";
|
||||
if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) {
|
||||
return "Fehler beim Löschen der Fachbereich-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']);
|
||||
}
|
||||
foreach ($fachbereichIds as $fachbereichId) {
|
||||
$fachbereichId = (int) $fachbereichId;
|
||||
$insertQuery = "INSERT INTO knowledgecenter_category_fachbereich (category_id, fachbereich_id, created_at)
|
||||
VALUES ($categoryId, $fachbereichId, NOW())";
|
||||
if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) {
|
||||
return "Fehler beim Einfügen der Fachbereich-ID $fachbereichId: " . mysqli_error($GLOBALS['mysql_con']);
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Kombinierte Funktion, die alle fünf Link-Tabellen aktualisiert.
|
||||
*/
|
||||
function update_category_links()
|
||||
{
|
||||
$categoryId = (int) ($_POST['id'] ?? 0);
|
||||
// Die Tagify-Daten werden als JSON-String gesendet
|
||||
$mandantIds = json_decode($_POST['mandants'], true) ?: [];
|
||||
$departmentIds = json_decode($_POST['departments'], true) ?: [];
|
||||
$roleIds = json_decode($_POST['roles'], true) ?: [];
|
||||
$einrichtIds = json_decode($_POST['einrichts'] ?? '[]', true) ?: [];
|
||||
$fachbereichIds = json_decode($_POST['fachbereiche'] ?? '[]', true) ?: [];
|
||||
|
||||
$errors = [];
|
||||
|
||||
@@ -490,8 +554,17 @@ function update_category_links()
|
||||
$errors[] = $result;
|
||||
}
|
||||
|
||||
$result = update_category_einrichts($categoryId, $einrichtIds);
|
||||
if ($result !== true) {
|
||||
$errors[] = $result;
|
||||
}
|
||||
|
||||
$result = update_category_fachbereiche($categoryId, $fachbereichIds);
|
||||
if ($result !== true) {
|
||||
$errors[] = $result;
|
||||
}
|
||||
|
||||
if (empty($errors)) {
|
||||
// Hier werden für jede Gruppe die vollständigen Datensätze (value und name) abgefragt
|
||||
$savedMandants = [];
|
||||
foreach ($mandantIds as $id) {
|
||||
$id = (int) $id;
|
||||
@@ -525,11 +598,35 @@ function update_category_links()
|
||||
}
|
||||
}
|
||||
|
||||
$savedEinrichts = [];
|
||||
foreach ($einrichtIds as $id) {
|
||||
$id = (int) $id;
|
||||
$sql = "SELECT id, description FROM organigramm_einricht WHERE id = $id LIMIT 1";
|
||||
$res = mysqli_query($GLOBALS['mysql_con'], $sql);
|
||||
if ($res && mysqli_num_rows($res) > 0) {
|
||||
$row = mysqli_fetch_assoc($res);
|
||||
$savedEinrichts[] = ['value' => $row['id'], 'name' => $row['description']];
|
||||
}
|
||||
}
|
||||
|
||||
$savedFachbereiche = [];
|
||||
foreach ($fachbereichIds as $id) {
|
||||
$id = (int) $id;
|
||||
$sql = "SELECT id, description FROM organogramm_space WHERE id = $id LIMIT 1";
|
||||
$res = mysqli_query($GLOBALS['mysql_con'], $sql);
|
||||
if ($res && mysqli_num_rows($res) > 0) {
|
||||
$row = mysqli_fetch_assoc($res);
|
||||
$savedFachbereiche[] = ['value' => $row['id'], 'name' => $row['description']];
|
||||
}
|
||||
}
|
||||
|
||||
echo json_encode([
|
||||
'success' => true,
|
||||
'mandants' => $savedMandants,
|
||||
'departments' => $savedDepartments,
|
||||
'roles' => $savedRoles
|
||||
'roles' => $savedRoles,
|
||||
'einrichts' => $savedEinrichts,
|
||||
'fachbereiche' => $savedFachbereiche,
|
||||
]);
|
||||
} else {
|
||||
echo json_encode(['error' => implode("; ", $errors)]);
|
||||
@@ -1406,6 +1503,46 @@ function update_post_roles($postId, $roleIds)
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Löscht alte Einrichtungs-Verknüpfungen für einen Beitrag und fügt neue ein.
|
||||
*/
|
||||
function update_post_einrichts($postId, $einrichtIds)
|
||||
{
|
||||
$deleteQuery = "DELETE FROM knowledgecenter_post_einricht WHERE post_id = $postId";
|
||||
if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) {
|
||||
return "Fehler beim Löschen der Post-Einrichtungs-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']);
|
||||
}
|
||||
foreach ($einrichtIds as $einrichtId) {
|
||||
$einrichtId = (int) $einrichtId;
|
||||
$insertQuery = "INSERT INTO knowledgecenter_post_einricht (post_id, einricht_id, created_at)
|
||||
VALUES ($postId, $einrichtId, NOW())";
|
||||
if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) {
|
||||
return "Fehler beim Einfügen der Einrichtungs-ID $einrichtId: " . mysqli_error($GLOBALS['mysql_con']);
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Löscht alte Fachbereich-Verknüpfungen für einen Beitrag und fügt neue ein.
|
||||
*/
|
||||
function update_post_fachbereiche($postId, $fachbereichIds)
|
||||
{
|
||||
$deleteQuery = "DELETE FROM knowledgecenter_post_fachbereich WHERE post_id = $postId";
|
||||
if (!mysqli_query($GLOBALS['mysql_con'], $deleteQuery)) {
|
||||
return "Fehler beim Löschen der Post-Fachbereich-Verknüpfungen: " . mysqli_error($GLOBALS['mysql_con']);
|
||||
}
|
||||
foreach ($fachbereichIds as $fachbereichId) {
|
||||
$fachbereichId = (int) $fachbereichId;
|
||||
$insertQuery = "INSERT INTO knowledgecenter_post_fachbereich (post_id, fachbereich_id, created_at)
|
||||
VALUES ($postId, $fachbereichId, NOW())";
|
||||
if (!mysqli_query($GLOBALS['mysql_con'], $insertQuery)) {
|
||||
return "Fehler beim Einfügen der Fachbereich-ID $fachbereichId: " . mysqli_error($GLOBALS['mysql_con']);
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Löscht alte Produkt-Verknüpfungen und fügt neue in product_knowledgecenter_post_link ein.
|
||||
*/
|
||||
@@ -1662,15 +1799,17 @@ function search_posts()
|
||||
$limitPlusOne = $limit + 1; // um zusätzlich eine Zeile zu laden, falls mehr Ergebnisse existieren
|
||||
|
||||
/**
|
||||
* Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen)
|
||||
* Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen, Einrichtungen, Fachbereiche)
|
||||
*/
|
||||
$currentUserId = $_POST["main_contact_id"] ?? 0;
|
||||
$userMandants = [];
|
||||
$userDepartments = [];
|
||||
$userRoles = [];
|
||||
$userEinrichts = [];
|
||||
$userFachbereiche = [];
|
||||
|
||||
if ($currentUserId) {
|
||||
$query = "SELECT main_mandant_id, main_department_id, main_role_id
|
||||
$query = "SELECT main_mandant_id, main_department_id, main_role_id, main_einricht_id, main_bereich_id
|
||||
FROM main_contact_department
|
||||
WHERE main_contact_id = $currentUserId AND active = 1";
|
||||
$result = mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
@@ -1685,16 +1824,24 @@ function search_posts()
|
||||
if ($row['main_role_id'] != 0 && !in_array($row['main_role_id'], $userRoles)) {
|
||||
$userRoles[] = $row['main_role_id'];
|
||||
}
|
||||
if ($row['main_einricht_id'] != 0 && !in_array($row['main_einricht_id'], $userEinrichts)) {
|
||||
$userEinrichts[] = $row['main_einricht_id'];
|
||||
}
|
||||
if ($row['main_bereich_id'] != 0 && !in_array($row['main_bereich_id'], $userFachbereiche)) {
|
||||
$userFachbereiche[] = $row['main_bereich_id'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als
|
||||
* Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als
|
||||
* kommaseparierte Strings vor.
|
||||
*/
|
||||
$allowedMandants = !empty($userMandants) ? implode(',', $userMandants) : 'NULL';
|
||||
$allowedDepartments = !empty($userDepartments) ? implode(',', $userDepartments) : 'NULL';
|
||||
$allowedRoles = !empty($userRoles) ? implode(',', $userRoles) : 'NULL';
|
||||
$allowedEinrichts = !empty($userEinrichts) ? implode(',', $userEinrichts) : 'NULL';
|
||||
$allowedFachbereiche = !empty($userFachbereiche) ? implode(',', $userFachbereiche) : 'NULL';
|
||||
|
||||
|
||||
|
||||
@@ -1751,17 +1898,23 @@ function search_posts()
|
||||
AND (valid_from IS NULL OR valid_from <= NOW())
|
||||
AND (valid_until IS NULL OR valid_until >= NOW())
|
||||
)
|
||||
LEFT JOIN knowledgecenter_post_department AS pd
|
||||
LEFT JOIN knowledgecenter_post_department AS pd
|
||||
ON kp.id = pd.post_id
|
||||
LEFT JOIN knowledgecenter_post_mandant AS pm
|
||||
LEFT JOIN knowledgecenter_post_mandant AS pm
|
||||
ON kp.id = pm.post_id
|
||||
LEFT JOIN knowledgecenter_post_role AS pr
|
||||
LEFT JOIN knowledgecenter_post_role AS pr
|
||||
ON kp.id = pr.post_id
|
||||
LEFT JOIN knowledgecenter_post_einricht AS pe
|
||||
ON kp.id = pe.post_id
|
||||
LEFT JOIN knowledgecenter_post_fachbereich AS pfb
|
||||
ON kp.id = pfb.post_id
|
||||
WHERE 1=1
|
||||
$searchCondition
|
||||
AND ( pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments) )
|
||||
AND ( pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants) )
|
||||
AND ( pr.role_id IS NULL OR pr.role_id IN ($allowedRoles) )
|
||||
AND ( pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts) )
|
||||
AND ( pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche) )
|
||||
ORDER BY kp.modified_at DESC
|
||||
LIMIT $offset, $limitPlusOne
|
||||
";
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen)
|
||||
* Zunächst: Holen der User-Daten (Mandanten, Abteilungen, Rollen, Einrichtungen, Fachbereiche)
|
||||
*/
|
||||
$currentUserId = $GLOBALS["main_contact"]["id"] ?? 0;
|
||||
$userMandants = [];
|
||||
$userDepartments = [];
|
||||
$userRoles = [];
|
||||
$userEinrichts = [];
|
||||
$userFachbereiche = [];
|
||||
|
||||
if ($currentUserId) {
|
||||
$query = "SELECT main_mandant_id, main_department_id, main_role_id
|
||||
$query = "SELECT main_mandant_id, main_department_id, main_role_id, main_einricht_id, main_bereich_id
|
||||
FROM main_contact_department
|
||||
WHERE main_contact_id = $currentUserId AND active = 1";
|
||||
$result = mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
@@ -24,21 +26,31 @@ if ($currentUserId) {
|
||||
if ($row['main_role_id'] != 0 && !in_array($row['main_role_id'], $userRoles)) {
|
||||
$userRoles[] = $row['main_role_id'];
|
||||
}
|
||||
if ($row['main_einricht_id'] != 0 && !in_array($row['main_einricht_id'], $userEinrichts)) {
|
||||
$userEinrichts[] = $row['main_einricht_id'];
|
||||
}
|
||||
if ($row['main_bereich_id'] != 0 && !in_array($row['main_bereich_id'], $userFachbereiche)) {
|
||||
$userFachbereiche[] = $row['main_bereich_id'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als
|
||||
* Für den LEFT JOIN-Ansatz bereiten wir die erlaubten Werte als
|
||||
* kommaseparierte Strings vor.
|
||||
*/
|
||||
$allowedMandants = !empty($userMandants) ? implode(',', $userMandants) : 'NULL';
|
||||
$allowedDepartments = !empty($userDepartments) ? implode(',', $userDepartments) : 'NULL';
|
||||
$allowedRoles = !empty($userRoles) ? implode(',', $userRoles) : 'NULL';
|
||||
$allowedEinrichts = !empty($userEinrichts) ? implode(',', $userEinrichts) : 'NULL';
|
||||
$allowedFachbereiche = !empty($userFachbereiche) ? implode(',', $userFachbereiche) : 'NULL';
|
||||
|
||||
// Für den globalen Zugriff kannst Du auch die Variablen in $GLOBALS speichern:
|
||||
$GLOBALS['allowedMandants'] = $allowedMandants;
|
||||
$GLOBALS['allowedDepartments'] = $allowedDepartments;
|
||||
$GLOBALS['allowedRoles'] = $allowedRoles;
|
||||
$GLOBALS['allowedEinrichts'] = $allowedEinrichts;
|
||||
$GLOBALS['allowedFachbereiche'] = $allowedFachbereiche;
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -126,21 +126,27 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis
|
||||
knowledgecenter_categories_update AS c ON kcl.child_category_id = c.id
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_translations AS t ON c.id = t.category_id AND t.language_id = $languageId
|
||||
LEFT JOIN
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_department AS cd ON c.id = cd.category_id
|
||||
LEFT JOIN
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_mandant AS cm ON c.id = cm.category_id
|
||||
LEFT JOIN
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_role AS cr ON c.id = cr.category_id
|
||||
WHERE
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_einricht AS ce ON c.id = ce.category_id
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_fachbereich AS cf ON c.id = cf.category_id
|
||||
WHERE
|
||||
kcl.parent_category_id = $categoryId
|
||||
AND c.state = 1
|
||||
AND ( cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments) )
|
||||
AND ( cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants) )
|
||||
AND ( cr.role_id IS NULL OR cr.role_id IN ($allowedRoles) )
|
||||
GROUP BY
|
||||
AND ( ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts) )
|
||||
AND ( cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche) )
|
||||
GROUP BY
|
||||
c.id
|
||||
ORDER BY
|
||||
ORDER BY
|
||||
kcl.sorting ASC
|
||||
";
|
||||
$resSubs = mysqli_query($GLOBALS['mysql_con'], $sqlSubs);
|
||||
@@ -193,18 +199,24 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis
|
||||
AND (v2.valid_from IS NULL OR v2.valid_from <= NOW())
|
||||
AND (v2.valid_until IS NULL OR v2.valid_until >= NOW())
|
||||
)
|
||||
LEFT JOIN
|
||||
LEFT JOIN
|
||||
knowledgecenter_post_department AS pd ON kp.id = pd.post_id
|
||||
LEFT JOIN
|
||||
LEFT JOIN
|
||||
knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id
|
||||
LEFT JOIN
|
||||
LEFT JOIN
|
||||
knowledgecenter_post_role AS pr ON kp.id = pr.post_id
|
||||
WHERE
|
||||
LEFT JOIN
|
||||
knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id
|
||||
LEFT JOIN
|
||||
knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id
|
||||
WHERE
|
||||
kcp.category_id = $categoryId
|
||||
AND pv.post_id IS NOT NULL
|
||||
AND ( pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments) )
|
||||
AND ( pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants) )
|
||||
AND ( pr.role_id IS NULL OR pr.role_id IN ($allowedRoles) )
|
||||
AND ( pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts) )
|
||||
AND ( pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche) )
|
||||
GROUP BY
|
||||
kp.id
|
||||
ORDER BY
|
||||
@@ -263,19 +275,24 @@ $redirectURL = isset($_GET['redirectURL']) ? $_GET['redirectURL'] : '?action=Lis
|
||||
knowledgecenter_categories_update AS c
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_translations AS t ON c.id = t.category_id AND t.language_id = $languageId
|
||||
LEFT JOIN
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_department AS cd ON c.id = cd.category_id
|
||||
LEFT JOIN
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_mandant AS cm ON c.id = cm.category_id
|
||||
LEFT JOIN
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_role AS cr ON c.id = cr.category_id
|
||||
WHERE
|
||||
|
||||
c.id NOT IN (SELECT child_category_id FROM knowledgecenter_category_links)
|
||||
AND c.state = 1
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_einricht AS ce ON c.id = ce.category_id
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_fachbereich AS cf ON c.id = cf.category_id
|
||||
WHERE
|
||||
c.id NOT IN (SELECT child_category_id FROM knowledgecenter_category_links)
|
||||
AND c.state = 1
|
||||
AND ( cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments) )
|
||||
AND ( cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants) )
|
||||
AND ( cr.role_id IS NULL OR cr.role_id IN ($allowedRoles) )
|
||||
AND ( ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts) )
|
||||
AND ( cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche) )
|
||||
GROUP BY
|
||||
c.id
|
||||
ORDER BY
|
||||
|
||||
@@ -74,16 +74,20 @@ $sql = "
|
||||
AND kct_fb.language_id = ?
|
||||
|
||||
-- Sichtbarkeiten (nur Einschränkungen existieren -> filtern, sonst sichtbar)
|
||||
LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id
|
||||
LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id
|
||||
LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id
|
||||
LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id
|
||||
LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id
|
||||
LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id
|
||||
LEFT JOIN knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id
|
||||
LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id
|
||||
|
||||
WHERE
|
||||
WHERE
|
||||
pv.post_id IS NOT NULL
|
||||
AND pv.modified_at >= DATE_SUB(NOW(), INTERVAL 3 WEEK)
|
||||
AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments))
|
||||
AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants))
|
||||
AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles))
|
||||
AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments))
|
||||
AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants))
|
||||
AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles))
|
||||
AND (pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts))
|
||||
AND (pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche))
|
||||
|
||||
GROUP BY kp.id
|
||||
ORDER BY pv.modified_at DESC
|
||||
|
||||
@@ -51,14 +51,18 @@ $sql = "
|
||||
AND (v2.valid_from IS NULL OR v2.valid_from <= NOW())
|
||||
AND (v2.valid_until IS NULL OR v2.valid_until >= NOW())
|
||||
)
|
||||
LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id
|
||||
LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id
|
||||
LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id
|
||||
LEFT JOIN knowledgecenter_post_department AS pd ON kp.id = pd.post_id
|
||||
LEFT JOIN knowledgecenter_post_mandant AS pm ON kp.id = pm.post_id
|
||||
LEFT JOIN knowledgecenter_post_role AS pr ON kp.id = pr.post_id
|
||||
LEFT JOIN knowledgecenter_post_einricht AS pe ON kp.id = pe.post_id
|
||||
LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON kp.id = pfb.post_id
|
||||
WHERE kcp.category_id = ?
|
||||
AND pv.post_id IS NOT NULL
|
||||
AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments))
|
||||
AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants))
|
||||
AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles))
|
||||
AND (pd.department_id IS NULL OR pd.department_id IN ($allowedDepartments))
|
||||
AND (pm.mandant_id IS NULL OR pm.mandant_id IN ($allowedMandants))
|
||||
AND (pr.role_id IS NULL OR pr.role_id IN ($allowedRoles))
|
||||
AND (pe.einricht_id IS NULL OR pe.einricht_id IN ($allowedEinrichts))
|
||||
AND (pfb.fachbereich_id IS NULL OR pfb.fachbereich_id IN ($allowedFachbereiche))
|
||||
GROUP BY kp.id
|
||||
ORDER BY kp.created_at DESC
|
||||
";
|
||||
@@ -99,18 +103,24 @@ JOIN
|
||||
knowledgecenter_categories_update AS c ON kcl.child_category_id = c.id
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_translations AS t ON c.id = t.category_id AND t.language_id = $languageId
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_department AS cd ON c.id = cd.category_id
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_mandant AS cm ON c.id = cm.category_id
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_role AS cr ON c.id = cr.category_id
|
||||
WHERE
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_department AS cd ON c.id = cd.category_id
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_mandant AS cm ON c.id = cm.category_id
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_role AS cr ON c.id = cr.category_id
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_einricht AS ce ON c.id = ce.category_id
|
||||
LEFT JOIN
|
||||
knowledgecenter_category_fachbereich AS cf ON c.id = cf.category_id
|
||||
WHERE
|
||||
kcl.parent_category_id = $categoryId
|
||||
AND c.state = 1
|
||||
AND (cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments))
|
||||
AND (cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants))
|
||||
AND (cr.role_id IS NULL OR cr.role_id IN ($allowedRoles))
|
||||
AND (cd.department_id IS NULL OR cd.department_id IN ($allowedDepartments))
|
||||
AND (cm.mandant_id IS NULL OR cm.mandant_id IN ($allowedMandants))
|
||||
AND (cr.role_id IS NULL OR cr.role_id IN ($allowedRoles))
|
||||
AND (ce.einricht_id IS NULL OR ce.einricht_id IN ($allowedEinrichts))
|
||||
AND (cf.fachbereich_id IS NULL OR cf.fachbereich_id IN ($allowedFachbereiche))
|
||||
GROUP BY
|
||||
c.id
|
||||
ORDER BY
|
||||
|
||||
@@ -10,9 +10,11 @@ $currentUserId = $GLOBALS["main_contact"]["id"] ?? 0;
|
||||
$userMandants = [];
|
||||
$userDepartments = [];
|
||||
$userRoles = [];
|
||||
$userEinrichts = [];
|
||||
$userFachbereiche = [];
|
||||
|
||||
if ($currentUserId) {
|
||||
$query = "SELECT main_mandant_id, main_department_id, main_role_id
|
||||
$query = "SELECT main_mandant_id, main_department_id, main_role_id, main_einricht_id, main_bereich_id
|
||||
FROM main_contact_department
|
||||
WHERE main_contact_id = $currentUserId AND active = 1";
|
||||
$result = mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
@@ -26,6 +28,12 @@ if ($currentUserId) {
|
||||
if (!in_array($row['main_role_id'], $userRoles)) {
|
||||
$userRoles[] = $row['main_role_id'];
|
||||
}
|
||||
if ($row['main_einricht_id'] != 0 && !in_array($row['main_einricht_id'], $userEinrichts)) {
|
||||
$userEinrichts[] = $row['main_einricht_id'];
|
||||
}
|
||||
if ($row['main_bereich_id'] != 0 && !in_array($row['main_bereich_id'], $userFachbereiche)) {
|
||||
$userFachbereiche[] = $row['main_bereich_id'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -53,34 +61,31 @@ function userHasAccessForPost($postId)
|
||||
return true;
|
||||
}
|
||||
}
|
||||
global $allowedMandants, $allowedDepartments, $allowedRoles;
|
||||
global $allowedMandants, $allowedDepartments, $allowedRoles, $allowedEinrichts, $allowedFachbereiche;
|
||||
|
||||
|
||||
// Baue den Query, der per LEFT JOIN die Verknüpfungen berücksichtigt.
|
||||
// Für jeden Bereich wird ermittelt:
|
||||
// - cntX: Gesamtzahl der Verknüpfungen in diesem Bereich für diesen Post.
|
||||
// - matchX: Anzahl der Verknüpfungen, die in der erlaubten Liste liegen.
|
||||
// Wenn cnt > 0 und match = 0, dann hat der User in diesem Bereich keinen Zugriff.
|
||||
// Existieren keine Verknüpfungen (cnt = 0), gilt der Bereich als unbeschränkt.
|
||||
$sql = "
|
||||
SELECT
|
||||
SELECT
|
||||
COUNT(DISTINCT pd.department_id) AS cntDept,
|
||||
SUM(IF(pd.department_id IN (" . ($allowedDepartments ? $allowedDepartments : 'NULL') . "), 1, 0)) AS matchDept,
|
||||
COUNT(DISTINCT pm.mandant_id) AS cntMand,
|
||||
SUM(IF(pm.mandant_id IN (" . ($allowedMandants ? $allowedMandants : 'NULL') . "), 1, 0)) AS matchMand,
|
||||
COUNT(DISTINCT pr.role_id) AS cntRole,
|
||||
SUM(IF(pr.role_id IN (" . ($allowedRoles ? $allowedRoles : 'NULL') . "), 1, 0)) AS matchRole
|
||||
SUM(IF(pr.role_id IN (" . ($allowedRoles ? $allowedRoles : 'NULL') . "), 1, 0)) AS matchRole,
|
||||
COUNT(DISTINCT pe.einricht_id) AS cntEinricht,
|
||||
SUM(IF(pe.einricht_id IN (" . ($allowedEinrichts ? $allowedEinrichts : 'NULL') . "), 1, 0)) AS matchEinricht,
|
||||
COUNT(DISTINCT pfb.fachbereich_id) AS cntFachbereich,
|
||||
SUM(IF(pfb.fachbereich_id IN (" . ($allowedFachbereiche ? $allowedFachbereiche : 'NULL') . "), 1, 0)) AS matchFachbereich
|
||||
FROM knowledgecenter_posts AS p
|
||||
LEFT JOIN knowledgecenter_post_department AS pd ON p.id = pd.post_id
|
||||
LEFT JOIN knowledgecenter_post_mandant AS pm ON p.id = pm.post_id
|
||||
LEFT JOIN knowledgecenter_post_role AS pr ON p.id = pr.post_id
|
||||
LEFT JOIN knowledgecenter_post_einricht AS pe ON p.id = pe.post_id
|
||||
LEFT JOIN knowledgecenter_post_fachbereich AS pfb ON p.id = pfb.post_id
|
||||
WHERE p.id = $postId
|
||||
GROUP BY p.id
|
||||
";
|
||||
$res = mysqli_query($GLOBALS['mysql_con'], $sql);
|
||||
if (!$res || mysqli_num_rows($res) === 0) {
|
||||
// Falls keine Verknüpfungen in allen Bereichen vorhanden sind, wird oft kein Datensatz zurückgegeben
|
||||
// – das bedeutet, dass es keine Einschränkungen gibt, also Zugriff.
|
||||
return true;
|
||||
}
|
||||
$row = mysqli_fetch_assoc($res);
|
||||
@@ -95,6 +100,12 @@ function userHasAccessForPost($postId)
|
||||
if ($row['cntRole'] > 0 && $row['matchRole'] == 0) {
|
||||
$access = false;
|
||||
}
|
||||
if ($row['cntEinricht'] > 0 && $row['matchEinricht'] == 0) {
|
||||
$access = false;
|
||||
}
|
||||
if ($row['cntFachbereich'] > 0 && $row['matchFachbereich'] == 0) {
|
||||
$access = false;
|
||||
}
|
||||
return $access;
|
||||
}
|
||||
|
||||
|
||||
@@ -115,7 +115,7 @@ while ($row = mysqli_fetch_assoc($result)) {
|
||||
}
|
||||
$selectedPostRoles = [];
|
||||
if ($postId != 0) {
|
||||
$querySelected = "SELECT r.id, r.description
|
||||
$querySelected = "SELECT r.id, r.description
|
||||
FROM knowledgecenter_post_role AS pr
|
||||
JOIN main_role AS r ON pr.role_id = r.id
|
||||
WHERE pr.post_id = $postId";
|
||||
@@ -125,6 +125,44 @@ if ($postId != 0) {
|
||||
}
|
||||
}
|
||||
|
||||
// -------------------- Einrichtungen für Post --------------------
|
||||
$postEinrichtsData = [];
|
||||
$query = "SELECT id, description FROM organigramm_einricht ORDER BY description ASC";
|
||||
$result = mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
while ($row = mysqli_fetch_assoc($result)) {
|
||||
$postEinrichtsData[] = ['value' => $row['id'], 'name' => $row['description']];
|
||||
}
|
||||
$selectedPostEinrichts = [];
|
||||
if ($postId != 0) {
|
||||
$querySelected = "SELECT e.id, e.description
|
||||
FROM knowledgecenter_post_einricht AS pe
|
||||
JOIN organigramm_einricht AS e ON pe.einricht_id = e.id
|
||||
WHERE pe.post_id = $postId";
|
||||
$resultSelected = mysqli_query($GLOBALS['mysql_con'], $querySelected);
|
||||
while ($row = mysqli_fetch_assoc($resultSelected)) {
|
||||
$selectedPostEinrichts[] = ['value' => $row['id'], 'name' => $row['description']];
|
||||
}
|
||||
}
|
||||
|
||||
// -------------------- Fachbereiche für Post --------------------
|
||||
$postFachbereicheData = [];
|
||||
$query = "SELECT id, description FROM organogramm_space ORDER BY description ASC";
|
||||
$result = mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
while ($row = mysqli_fetch_assoc($result)) {
|
||||
$postFachbereicheData[] = ['value' => $row['id'], 'name' => $row['description']];
|
||||
}
|
||||
$selectedPostFachbereiche = [];
|
||||
if ($postId != 0) {
|
||||
$querySelected = "SELECT s.id, s.description
|
||||
FROM knowledgecenter_post_fachbereich AS pfb
|
||||
JOIN organogramm_space AS s ON pfb.fachbereich_id = s.id
|
||||
WHERE pfb.post_id = $postId";
|
||||
$resultSelected = mysqli_query($GLOBALS['mysql_con'], $querySelected);
|
||||
while ($row = mysqli_fetch_assoc($resultSelected)) {
|
||||
$selectedPostFachbereiche[] = ['value' => $row['id'], 'name' => $row['description']];
|
||||
}
|
||||
}
|
||||
|
||||
// -------------------- Produkte für Post --------------------
|
||||
$productsData = [];
|
||||
$query = "SELECT p.id, pt.title
|
||||
@@ -221,6 +259,16 @@ if (!empty($post['text_color'])) {
|
||||
<input type="text" id="postRoleTags" name="postRoles" placeholder="<?=$translation->get("roles")?>…" />
|
||||
</div>
|
||||
|
||||
<h3>Einrichtungen</h3>
|
||||
<div class="settings_container">
|
||||
<input type="text" id="postEinrichtTags" name="postEinrichts" placeholder="Einrichtung hinzufügen…" />
|
||||
</div>
|
||||
|
||||
<h3>Fachbereiche</h3>
|
||||
<div class="settings_container">
|
||||
<input type="text" id="postFachbereichTags" name="postFachbereiche" placeholder="Fachbereich hinzufügen…" />
|
||||
</div>
|
||||
|
||||
<h3><?=$translation->get("products")?></h3>
|
||||
<div class="settings_container">
|
||||
<input type="text" id="postProductTags" name="postProducts" placeholder="<?=$translation->get("products")?>…" />
|
||||
@@ -262,10 +310,14 @@ if (!empty($post['text_color'])) {
|
||||
var postMandantsData = <?php echo json_encode($postMandantsData); ?>;
|
||||
var postDepartmentsData = <?php echo json_encode($postDepartmentsData); ?>;
|
||||
var postRolesData = <?php echo json_encode($postRolesData); ?>;
|
||||
var postEinrichtsData = <?php echo json_encode($postEinrichtsData); ?>;
|
||||
var postFachbereicheData = <?php echo json_encode($postFachbereicheData); ?>;
|
||||
var selectedCategories = <?php echo json_encode($selectedCategories); ?>;
|
||||
var selectedPostMandants = <?php echo json_encode($selectedPostMandants); ?>;
|
||||
var selectedPostDepartments = <?php echo json_encode($selectedPostDepartments); ?>;
|
||||
var selectedPostRoles = <?php echo json_encode($selectedPostRoles); ?>;
|
||||
var selectedPostEinrichts = <?php echo json_encode($selectedPostEinrichts); ?>;
|
||||
var selectedPostFachbereiche = <?php echo json_encode($selectedPostFachbereiche); ?>;
|
||||
var productsData = <?php echo json_encode($productsData); ?>;
|
||||
var selectedProducts = <?php echo json_encode($selectedProducts); ?>;
|
||||
|
||||
@@ -370,6 +422,42 @@ if (!empty($post['text_color'])) {
|
||||
tagifyPostRoles.addTags(selectedPostRoles);
|
||||
}
|
||||
|
||||
// Einrichtungen für Post
|
||||
var tagifyPostEinrichts = new Tagify(document.getElementById('postEinrichtTags'), {
|
||||
whitelist: postEinrichtsData,
|
||||
tagTextProp: 'name',
|
||||
enforceWhitelist: true,
|
||||
dropdown: { enabled: 0, maxItems: Infinity, searchKeys: ["name"] },
|
||||
templates: {
|
||||
dropdownItem: function (tagData) {
|
||||
return `<div ${this.getAttributes(tagData)} class="tagify__dropdown__item">
|
||||
<span>${tagData.name}</span>
|
||||
</div>`;
|
||||
}
|
||||
}
|
||||
});
|
||||
if (selectedPostEinrichts.length) {
|
||||
tagifyPostEinrichts.addTags(selectedPostEinrichts);
|
||||
}
|
||||
|
||||
// Fachbereiche für Post
|
||||
var tagifyPostFachbereiche = new Tagify(document.getElementById('postFachbereichTags'), {
|
||||
whitelist: postFachbereicheData,
|
||||
tagTextProp: 'name',
|
||||
enforceWhitelist: true,
|
||||
dropdown: { enabled: 0, maxItems: Infinity, searchKeys: ["name"] },
|
||||
templates: {
|
||||
dropdownItem: function (tagData) {
|
||||
return `<div ${this.getAttributes(tagData)} class="tagify__dropdown__item">
|
||||
<span>${tagData.name}</span>
|
||||
</div>`;
|
||||
}
|
||||
}
|
||||
});
|
||||
if (selectedPostFachbereiche.length) {
|
||||
tagifyPostFachbereiche.addTags(selectedPostFachbereiche);
|
||||
}
|
||||
|
||||
// Produkte für Post
|
||||
var tagifyPostProducts = new Tagify(document.getElementById('postProductTags'), {
|
||||
whitelist: productsData,
|
||||
@@ -400,6 +488,8 @@ if (!empty($post['text_color'])) {
|
||||
var selectedMandants = tagifyPostMandants.value.map(tag => tag.value);
|
||||
var selectedDepartments = tagifyPostDepartments.value.map(tag => tag.value);
|
||||
var selectedRoles = tagifyPostRoles.value.map(tag => tag.value);
|
||||
var selectedEinrichts = tagifyPostEinrichts.value.map(tag => tag.value);
|
||||
var selectedFachbereiche = tagifyPostFachbereiche.value.map(tag => tag.value);
|
||||
var selectedFormId = $("#postFormSelect").val();
|
||||
var postBackgroundColor = $("#postBackgroundColor").val();
|
||||
var postTextColor = $("#postTextColor").val();
|
||||
@@ -435,6 +525,19 @@ if (!empty($post['text_color'])) {
|
||||
post_id: postId,
|
||||
roles: JSON.stringify(selectedRoles)
|
||||
}, "json"),
|
||||
|
||||
$.post("/module/knowledgecenter_update/Ajax/Ajax.php", {
|
||||
action: "update_post_einrichts",
|
||||
post_id: postId,
|
||||
einrichts: JSON.stringify(selectedEinrichts)
|
||||
}, "json"),
|
||||
|
||||
$.post("/module/knowledgecenter_update/Ajax/Ajax.php", {
|
||||
action: "update_post_fachbereiche",
|
||||
post_id: postId,
|
||||
fachbereiche: JSON.stringify(selectedFachbereiche)
|
||||
}, "json"),
|
||||
|
||||
$.post("/module/knowledgecenter_update/Ajax/Ajax.php", {
|
||||
action: "update_post_products",
|
||||
post_id: postId,
|
||||
@@ -451,17 +554,19 @@ if (!empty($post['text_color'])) {
|
||||
background_color: postBackgroundColor,
|
||||
text_color: postTextColor
|
||||
}, "json")
|
||||
).done(function (categoriesResponse, mandantsResponse, formResponse, departmentsResponse, rolesResponse, productsResponse, pdfInlineResponse, postColorsResponse) {
|
||||
).done(function (categoriesResponse, mandantsResponse, formResponse, departmentsResponse, rolesResponse, einrichtsResponse, fachbereicheResponse, productsResponse, pdfInlineResponse, postColorsResponse) {
|
||||
var catSuccess = categoriesResponse[0].success;
|
||||
var mandantsSuccess = mandantsResponse[0].success;
|
||||
var formSuccess = formResponse[0].success;
|
||||
var departmentsSuccess = departmentsResponse[0].success;
|
||||
var rolesSuccess = rolesResponse[0].success;
|
||||
var einrichtsSuccess = einrichtsResponse[0].success;
|
||||
var fachbereicheSuccess = fachbereicheResponse[0].success;
|
||||
var productsSuccess = productsResponse[0].success;
|
||||
var pdfInlineSuccess = pdfInlineResponse[0].success;
|
||||
var postColorsSuccess = postColorsResponse[0].success;
|
||||
|
||||
if (catSuccess && mandantsSuccess && formSuccess && departmentsSuccess && rolesSuccess && productsSuccess && pdfInlineSuccess && postColorsSuccess) {
|
||||
if (catSuccess && mandantsSuccess && formSuccess && departmentsSuccess && rolesSuccess && einrichtsSuccess && fachbereicheSuccess && productsSuccess && pdfInlineSuccess && postColorsSuccess) {
|
||||
showMessage("Alle Daten erfolgreich gespeichert!", true);
|
||||
} else {
|
||||
var errorMsg = "Fehler beim Speichern:";
|
||||
@@ -470,6 +575,8 @@ if (!empty($post['text_color'])) {
|
||||
if (!formSuccess) errorMsg += " Formular";
|
||||
if (!departmentsSuccess) errorMsg += " Departments";
|
||||
if (!rolesSuccess) errorMsg += " Rollen";
|
||||
if (!einrichtsSuccess) errorMsg += " Einrichtungen";
|
||||
if (!fachbereicheSuccess) errorMsg += " Fachbereiche";
|
||||
if (!productsSuccess) errorMsg += " Produkte";
|
||||
if (!pdfInlineSuccess) errorMsg += " PDF Inline Vorschau";
|
||||
if (!postColorsSuccess) errorMsg += " Farben";
|
||||
|
||||
Reference in New Issue
Block a user