Beide Module wurden aus einem anderen Kundenprojekt kopiert und bereinigt: Knowledgecenter: - Bild-Cache (1.985 Dateien) geleert, Ordnerstruktur mit .gitkeep behalten - Files-Gallery-Lizenzschlüssel entfernt (config.php) - Kundenspezifische Kategorien gelöscht: Teil I/II/III QM-Struktur, nummerierte QM-Kapitel, Gremien (Präsidium/Finanzausschuss/Landesausschuss), Sitzungsservice-Serie, Protokoll-Abteilungen, Testeinträge - 56 generische Kategorien bleiben (Downloads, Onboarding, Personalthemen …) Tasks: - Alle Betriebsdaten gelöscht (114 Tasks, 914 Submissions, 579 Assignments) - Task-Definitionen und Verlinkungen geleert - Kategoriestruktur bleibt (Allgemein, IT, Personal, Buchhaltung …) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
69 lines
2.1 KiB
PHP
69 lines
2.1 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
require_once dirname(dirname(__DIR__)) . '/bootstrap.php';
|
|
|
|
if (!TaskCertRequest::isPost()) {
|
|
TaskCertResponse::json(['success' => false, 'error' => 'Methode nicht erlaubt'], 405);
|
|
}
|
|
|
|
$auth = TaskCertAuthContext::fromGlobals();
|
|
if (!$auth->hasPermission('r-task-cert-admin')) {
|
|
TaskCertResponse::json(['success' => false, 'error' => 'Keine Berechtigung'], 403);
|
|
}
|
|
|
|
$contentType = trim((string) ($_SERVER['CONTENT_TYPE'] ?? ''));
|
|
$isJson = strpos($contentType, 'application/json') !== false;
|
|
|
|
if ($isJson) {
|
|
$rawBody = file_get_contents('php://input');
|
|
$body = json_decode($rawBody ?: '{}', true);
|
|
if (!is_array($body)) {
|
|
$body = [];
|
|
}
|
|
|
|
$csrfToken = trim((string) ($body['csrf_token'] ?? ''));
|
|
if ($csrfToken !== '') {
|
|
$_POST['csrf_token'] = $csrfToken;
|
|
}
|
|
TaskCertCsrf::assertValidFromRequest(true);
|
|
|
|
$submissionId = (int) ($body['submission_id'] ?? 0);
|
|
$decision = trim((string) ($body['decision'] ?? ''));
|
|
$note = trim((string) ($body['note'] ?? ''));
|
|
} else {
|
|
TaskCertCsrf::assertValidFromRequest(true);
|
|
$submissionId = TaskCertRequest::postInt('submission_id', 0);
|
|
$decision = TaskCertRequest::postString('decision', '');
|
|
$note = TaskCertRequest::postString('note', '');
|
|
}
|
|
|
|
if ($submissionId <= 0) {
|
|
TaskCertResponse::json(['success' => false, 'error' => 'Ungültige submission_id'], 400);
|
|
}
|
|
|
|
if (!in_array($decision, ['approve', 'reject'], true)) {
|
|
TaskCertResponse::json(['success' => false, 'error' => 'Ungültige decision'], 400);
|
|
}
|
|
|
|
try {
|
|
$services = task_cert_services();
|
|
|
|
if ($decision === 'approve') {
|
|
$services['approvalService']->approveSubmission($submissionId, $auth->contactId(), $note);
|
|
} else {
|
|
$services['approvalService']->rejectSubmission($submissionId, $auth->contactId(), $note);
|
|
}
|
|
|
|
TaskCertResponse::json([
|
|
'success' => true,
|
|
'submission_id' => $submissionId,
|
|
'decision' => $decision,
|
|
]);
|
|
} catch (Throwable $throwable) {
|
|
TaskCertResponse::json([
|
|
'success' => false,
|
|
'error' => $throwable->getMessage(),
|
|
], 400);
|
|
}
|