s.probst/OpenXE
1
0
Fork 0
mirror of https://github.com/OpenXE-org/OpenXE.git synced 2024-11-14 20:17:14 +01:00
Code Issues Projects Releases Wiki Activity

api_accounts fillApiPermissions if empty

Browse Source
This commit is contained in:
OpenXE 2023-12-15 19:03:16 +01:00
parent 53b228b06c
commit bef8e02217
2 changed files with 14716 additions and 14710 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28830
www/pages/api.php
View File

File diff suppressed because it is too large Load Diff

596
www/pages/api_account.php
View File

@ -1,298 +1,304 @@
<?php <?php
/* /*
**** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE **** **** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
* *
* Xentral (c) Xentral ERP Sorftware GmbH, Fuggerstrasse 11, D-86150 Augsburg, * Germany 2019 * Xentral (c) Xentral ERP Sorftware GmbH, Fuggerstrasse 11, D-86150 Augsburg, * Germany 2019
* *
* This file is licensed under the Embedded Projects General Public License *Version 3.1. * This file is licensed under the Embedded Projects General Public License *Version 3.1.
* *
* You should have received a copy of this license from your vendor and/or *along with this file; If not, please visit www.wawision.de/Lizenzhinweis * You should have received a copy of this license from your vendor and/or *along with this file; If not, please visit www.wawision.de/Lizenzhinweis
* to obtain the text of the corresponding license version. * to obtain the text of the corresponding license version.
* *
**** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE **** **** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
*/ */
?> ?>
<?php <?php
use Xentral\Components\Http\JsonResponse; use Xentral\Components\Http\JsonResponse;
class Api_account class Api_account
{ {
/** @var Application $app */ /** @var Application $app */
protected $app; protected $app;
const MODULE_NAME = 'ApiAccount'; const MODULE_NAME = 'ApiAccount';
/** @var string[] $javascript */ /** @var string[] $javascript */
public $javascript = [ public $javascript = [
'./classes/Modules/ApiAccount/www/js/api_account.js', './classes/Modules/ApiAccount/www/js/api_account.js',
]; ];
/** /**
* @param Application $app * @param Application $app
* @param string $name * @param string $name
* @param array $erlaubtevars * @param array $erlaubtevars
* *
* @return array * @return array
*/ */
public static function TableSearch($app, $name, $erlaubtevars) public static function TableSearch($app, $name, $erlaubtevars)
{ {
switch($name) switch($name)
{ {
case 'api_account_list': case 'api_account_list':
$allowed['api_account'] = array('list'); $allowed['api_account'] = array('list');
$heading = array('API Account ID', 'Bezeichnung', 'Aktiv', 'Men&uuml;'); $heading = array('API Account ID', 'Bezeichnung', 'Aktiv', 'Men&uuml;');
$width = array('10%', '79%', '10%', '1%'); $width = array('10%', '79%', '10%', '1%');
$findcols = array('aa.id', 'bezeichnung', "if(aktiv = 1, 'ja','nein')", 'id'); $findcols = array('aa.id', 'bezeichnung', "if(aktiv = 1, 'ja','nein')", 'id');
$searchsql = array('bezeichnung'); $searchsql = array('bezeichnung');
$defaultorder = 1; //Optional wenn andere Reihenfolge gewuenscht $defaultorder = 1; //Optional wenn andere Reihenfolge gewuenscht
$defaultorderdesc = 1; $defaultorderdesc = 1;
$menucol = 3; $menucol = 3;
$menu = "<table cellpadding=0 cellspacing=0><tr><td nowrap><a data-id=\"%value%\" class=\"get\" href=\"#\"><img src=\"themes/{$app->Conf->WFconf['defaulttheme']}/images/edit.svg\" border=\"0\"></a></td></tr></table>"; $menu = "<table cellpadding=0 cellspacing=0><tr><td nowrap><a data-id=\"%value%\" class=\"get\" href=\"#\"><img src=\"themes/{$app->Conf->WFconf['defaulttheme']}/images/edit.svg\" border=\"0\"></a></td></tr></table>";
$sql = "SELECT aa.id, aa.id, aa.bezeichnung, $sql = "SELECT aa.id, aa.id, aa.bezeichnung,
if(aa.aktiv = 1, 'ja','nein') as aktiv, if(aa.aktiv = 1, 'ja','nein') as aktiv,
aa.id aa.id
FROM `api_account` AS `aa` FROM `api_account` AS `aa`
"; ";
$fastcount = "SELECT COUNT(`aa`.`id`) FROM `api_account` AS `aa`"; $fastcount = "SELECT COUNT(`aa`.`id`) FROM `api_account` AS `aa`";
break; break;
} }
$erg = []; $erg = [];
foreach($erlaubtevars as $k => $v) { foreach($erlaubtevars as $k => $v) {
if(isset($$v)) { if(isset($$v)) {
$erg[$v] = $$v; $erg[$v] = $$v;
} }
} }
return $erg; return $erg;
} }
/** /**
* Api_account constructor. * Api_account constructor.
* *
* @param Application $app * @param Application $app
* @param bool $intern * @param bool $intern
*/ */
public function __construct($app, $intern = false) public function __construct($app, $intern = false)
{ {
$this->app=$app; $this->app=$app;
if($intern) { if($intern) {
return; return;
} }
$this->app->ActionHandlerInit($this); $this->app->ActionHandlerInit($this);
$this->app->ActionHandler("create","Api_AccountCreate"); $this->app->ActionHandler("create","Api_AccountCreate");
$this->app->ActionHandler("edit","Api_AccountEdit"); $this->app->ActionHandler("edit","Api_AccountEdit");
$this->app->ActionHandler("list","Api_AccountList"); $this->app->ActionHandler("list","Api_AccountList");
$this->app->ActionHandler("delete","Api_AccountDelete"); $this->app->ActionHandler("delete","Api_AccountDelete");
$this->app->DefaultActionHandler('list'); $this->app->DefaultActionHandler('list');
$this->app->ActionHandlerListen($app); $this->app->ActionHandlerListen($app);
} }
function Api_AccountCreate(){ function Api_AccountCreate(){
} }
function Api_AccountEdit(){ function Api_AccountEdit(){
} }
public function Api_AccountDelete(){ public function Api_AccountDelete(){
$id = $this->app->Secure->GetGET('id'); $id = $this->app->Secure->GetGET('id');
$this->app->DB->Delete(sprintf('DELETE FROM `api_account` WHERE `id` = %d', $id)); $this->app->DB->Delete(sprintf('DELETE FROM `api_account` WHERE `id` = %d', $id));
$this->app->Location->execute('index.php?module=api_account&action=list'); $this->app->Location->execute('index.php?module=api_account&action=list');
} }
/** /**
* @return JsonResponse * @return JsonResponse
*/ */
public function HandleGetAjaxAction() public function HandleGetAjaxAction()
{ {
$id = (int)$this->app->Secure->GetPOST('id'); $id = (int)$this->app->Secure->GetPOST('id');
if($id === 0) { if($id === 0) {
$data = [ $data = [
'aktiv' => 0, 'aktiv' => 0,
'id' => '', 'id' => '',
'bezeichnung' => '', 'bezeichnung' => '',
'projekt' => '', 'projekt' => '',
'remotedomain' => '', 'remotedomain' => '',
'initkey' => '', 'initkey' => '',
'importwarteschlange' => 0, 'importwarteschlange' => 0,
'importwarteschlange_name' => '', 'importwarteschlange_name' => '',
'event_url' => '', 'event_url' => '',
'cleanutf8' => 0, 'cleanutf8' => 0,
'apitempkey' => '', 'apitempkey' => '',
'ishtmltransformation' => 0, 'ishtmltransformation' => 0,
]; ];
return new JsonResponse($data); return new JsonResponse($data);
} }
if($id > 0) { if($id > 0) {
$data = $this->app->DB->SelectRow( $data = $this->app->DB->SelectRow(
sprintf( sprintf(
"SELECT a.id, a.bezeichnung, a.aktiv, p.abkuerzung AS `projekt`, a.remotedomain, a.initkey, "SELECT a.id, a.bezeichnung, a.aktiv, p.abkuerzung AS `projekt`, a.remotedomain, a.initkey,
a.importwarteschlange, a.importwarteschlange_name, a.cleanutf8, a.event_url, a.permissions, a.ishtmltransformation a.importwarteschlange, a.importwarteschlange_name, a.cleanutf8, a.event_url, a.permissions, a.ishtmltransformation
FROM `api_account` AS `a` FROM `api_account` AS `a`
LEFT JOIN `projekt` AS `p` ON a.projekt = p.id LEFT JOIN `projekt` AS `p` ON a.projekt = p.id
WHERE a.id = %d", WHERE a.id = %d",
$id $id
) )
); );
/** @var Api $api */ /** @var Api $api */
$api = $this->app->loadModule('api'); $api = $this->app->loadModule('api');
$data['apitempkey'] = $api->generateHashFromDomainAndKey($data['initkey'], $data['remotedomain']); $data['apitempkey'] = $api->generateHashFromDomainAndKey($data['initkey'], $data['remotedomain']);
if(!empty($data)) { if(!empty($data)) {
return new JsonResponse($data); return new JsonResponse($data);
} }
} }
return new JsonResponse(['error'=>'Account nicht gefunden'], JsonResponse::HTTP_BAD_REQUEST); return new JsonResponse(['error'=>'Account nicht gefunden'], JsonResponse::HTTP_BAD_REQUEST);
} }
/** /**
* @return JsonResponse * @return JsonResponse
*/ */
public function HandleSaveAjaxAction() public function HandleSaveAjaxAction()
{ {
if(!$this->app->erp->RechteVorhanden('api_account', 'edit')) { if(!$this->app->erp->RechteVorhanden('api_account', 'edit')) {
return new JsonResponse(['error'=>'Fehlende Rechte'], JsonResponse::HTTP_BAD_REQUEST); return new JsonResponse(['error'=>'Fehlende Rechte'], JsonResponse::HTTP_BAD_REQUEST);
} }
$id = (int)$this->app->Secure->GetPOST('id'); $id = (int)$this->app->Secure->GetPOST('id');
$bezeichnung = $this->app->Secure->GetPOST('bezeichnung'); $bezeichnung = $this->app->Secure->GetPOST('bezeichnung');
if(empty($bezeichnung)) { if(empty($bezeichnung)) {
return new JsonResponse(['error'=>'Bitte füllen Sie die Bezeichnung aus'], JsonResponse::HTTP_BAD_REQUEST); return new JsonResponse(['error'=>'Bitte füllen Sie die Bezeichnung aus'], JsonResponse::HTTP_BAD_REQUEST);
} }
$projekt = (string)$this->app->Secure->GetPOST('projekt'); $projekt = (string)$this->app->Secure->GetPOST('projekt');
if($projekt !== ''){ if($projekt !== ''){
$projekt = (int)$this->app->erp->ReplaceProjekt(1, $projekt, 1); $projekt = (int)$this->app->erp->ReplaceProjekt(1, $projekt, 1);
} }
else { else {
$projekt = 0; $projekt = 0;
} }
$aktiv = (int)(bool)$this->app->Secure->GetPOST('aktiv'); $aktiv = (int)(bool)$this->app->Secure->GetPOST('aktiv');
$importwarteschlange = (int)(bool)$this->app->Secure->GetPOST('importwarteschlange'); $importwarteschlange = (int)(bool)$this->app->Secure->GetPOST('importwarteschlange');
$cleanutf8 = (int)(bool)$this->app->Secure->GetPOST('cleanutf8'); $cleanutf8 = (int)(bool)$this->app->Secure->GetPOST('cleanutf8');
$remotedomain = $this->app->Secure->GetPOST('remotedomain'); $remotedomain = $this->app->Secure->GetPOST('remotedomain');
$initkey = $this->app->Secure->GetPOST('initkey'); $initkey = $this->app->Secure->GetPOST('initkey');
$importwarteschlange_name = $this->app->Secure->GetPOST('importwarteschlange_name'); $importwarteschlange_name = $this->app->Secure->GetPOST('importwarteschlange_name');
$event_url = $this->app->Secure->GetPOST('event_url'); $event_url = $this->app->Secure->GetPOST('event_url');
$isHtmlTransformation = (int)(bool)$this->app->Secure->GetPOST('ishtmltransformation'); $isHtmlTransformation = (int)(bool)$this->app->Secure->GetPOST('ishtmltransformation');
$api_permissions = $this->prepareApiPermissions($this->app->Secure->GetPOST('api_permissions')); $api_permissions = $this->prepareApiPermissions($this->app->Secure->GetPOST('api_permissions'));
if($id <= 0) { if($id <= 0) {
$this->app->DB->Insert( $this->app->DB->Insert(
sprintf( sprintf(
"INSERT INTO `api_account` "INSERT INTO `api_account`
(`bezeichnung`, `initkey`, `importwarteschlange_name`, `event_url`, `remotedomain`, `aktiv`, (`bezeichnung`, `initkey`, `importwarteschlange_name`, `event_url`, `remotedomain`, `aktiv`,
`importwarteschlange`, `cleanutf8`, `uebertragung_account`, `projekt`, `permissions`, `ishtmltransformation`) `importwarteschlange`, `cleanutf8`, `uebertragung_account`, `projekt`, `permissions`, `ishtmltransformation`)
VALUES ('%s', '%s', '%s', '%s', '%s', %d, VALUES ('%s', '%s', '%s', '%s', '%s', %d,
%d, %d, 0, %d, '%s', %d) ", %d, %d, 0, %d, '%s', %d) ",
$bezeichnung, $initkey, $importwarteschlange_name, $event_url, $remotedomain, $aktiv, $bezeichnung, $initkey, $importwarteschlange_name, $event_url, $remotedomain, $aktiv,
$importwarteschlange, $cleanutf8, $projekt, $api_permissions, $isHtmlTransformation $importwarteschlange, $cleanutf8, $projekt, $api_permissions, $isHtmlTransformation
) )
); );
$id = (int)$this->app->DB->GetInsertID(); $id = (int)$this->app->DB->GetInsertID();
if($id){ if($id){
$data = ['success' => true, 'id' => $id]; $data = ['success' => true, 'id' => $id];
return new JsonResponse($data); return new JsonResponse($data);
} }
return new JsonResponse(['error'=>'Account konnte nicht erstellt werden'], JsonResponse::HTTP_BAD_REQUEST); return new JsonResponse(['error'=>'Account konnte nicht erstellt werden'], JsonResponse::HTTP_BAD_REQUEST);
} }
$data = $this->app->DB->SelectRow( $data = $this->app->DB->SelectRow(
sprintf( sprintf(
"SELECT a.id, a.bezeichnung, a.aktiv, p.abkuerzung AS `projekt`, a.remotedomain, a.initkey, "SELECT a.id, a.bezeichnung, a.aktiv, p.abkuerzung AS `projekt`, a.remotedomain, a.initkey,
a.importwarteschlange, a.importwarteschlange_name, a.cleanutf8, a.event_url, a.permissions, a.ishtmltransformation a.importwarteschlange, a.importwarteschlange_name, a.cleanutf8, a.event_url, a.permissions, a.ishtmltransformation
FROM `api_account` AS `a` FROM `api_account` AS `a`
LEFT JOIN `projekt` AS `p` ON a.projekt = p.id LEFT JOIN `projekt` AS `p` ON a.projekt = p.id
WHERE a.id = %d", WHERE a.id = %d",
$id $id
) )
); );
if(empty($data)) { if(empty($data)) {
return new JsonResponse(['error'=>'Account nicht gefunden'], JsonResponse::HTTP_BAD_REQUEST); return new JsonResponse(['error'=>'Account nicht gefunden'], JsonResponse::HTTP_BAD_REQUEST);
} }
$this->app->DB->Update( $this->app->DB->Update(
sprintf( sprintf(
"UPDATE `api_account` "UPDATE `api_account`
SET `bezeichnung` = '%s', SET `bezeichnung` = '%s',
`initkey` = '%s', `initkey` = '%s',
`importwarteschlange_name` = '%s', `importwarteschlange_name` = '%s',
`event_url` = '%s', `event_url` = '%s',
`remotedomain` = '%s', `remotedomain` = '%s',
`aktiv` = %d, `aktiv` = %d,
`importwarteschlange` = %d, `importwarteschlange` = %d,
`cleanutf8` = %d, `cleanutf8` = %d,
`uebertragung_account` = 0, `uebertragung_account` = 0,
`projekt` = %d , `projekt` = %d ,
`permissions` = '%s', `permissions` = '%s',
`ishtmltransformation` = %d `ishtmltransformation` = %d
WHERE `id` = %d", WHERE `id` = %d",
$bezeichnung, $initkey, $importwarteschlange_name, $event_url, $remotedomain, $aktiv, $bezeichnung, $initkey, $importwarteschlange_name, $event_url, $remotedomain, $aktiv,
$importwarteschlange, $cleanutf8, $projekt, $api_permissions, $isHtmlTransformation, $id $importwarteschlange, $cleanutf8, $projekt, $api_permissions, $isHtmlTransformation, $id
) )
); );
if(empty($this->app->DB->error())) { if(empty($this->app->DB->error())) {
$data = ['success' => true, 'id' => $id]; $data = ['success' => true, 'id' => $id];
return new JsonResponse($data); return new JsonResponse($data);
} }
return new JsonResponse(['error'=>'Account konnte nicht geändert werden'], JsonResponse::HTTP_BAD_REQUEST); return new JsonResponse(['error'=>'Account konnte nicht geändert werden'], JsonResponse::HTTP_BAD_REQUEST);
} }
private function prepareApiPermissions(array $apiPermissions){ private function prepareApiPermissions(array $apiPermissions){
$cleanedPermissions = []; $cleanedPermissions = [];
foreach ($apiPermissions as $permission => $value){ foreach ($apiPermissions as $permission => $value){
if($value === 'true'){ if($value === 'true'){
$cleanedPermissions[] = $permission; $cleanedPermissions[] = $permission;
} }
} }
return json_encode($cleanedPermissions); return json_encode($cleanedPermissions);
} }
public function Api_AccountList(){ public function Api_AccountList(){
$cmd = $this->app->Secure->GetGET('cmd'); $cmd = $this->app->Secure->GetGET('cmd');
if($cmd === 'get') { if($cmd === 'get') {
return $this->HandleGetAjaxAction(); return $this->HandleGetAjaxAction();
} }
if($cmd === 'save') { if($cmd === 'save') {
return $this->HandleSaveAjaxAction(); return $this->HandleSaveAjaxAction();
} }
$apiPermissions = $this->app->DB->SelectArr("SELECT * FROM `api_permission`"); $apiPermissions = $this->app->DB->SelectArr("SELECT * FROM `api_permission`");
$groupedApiPermissions = []; if (empty($apiPermissions)) {
foreach ($apiPermissions as $apiPermission){ $api = $this->app->loadModule('api');
$groupedApiPermissions[$apiPermission['group']][] =$apiPermission; $api->fillApiPermissions();
} $apiPermissions = $this->app->DB->SelectArr("SELECT * FROM `api_permission`");
}
$apiPermissionsHtml = '';
foreach ($groupedApiPermissions as $group => $permissions) { $groupedApiPermissions = [];
$apiPermissionsHtml .= '<tr>'; foreach ($apiPermissions as $apiPermission){
$apiPermissionsHtml .= "<td>{$group}</td>"; $groupedApiPermissions[$apiPermission['group']][] =$apiPermission;
$apiPermissionsHtml .= "<td>"; }
foreach ($permissions as $permission){
$apiPermissionsHtml .= "<label for='{$permission['key']}'>"; $apiPermissionsHtml = '';
$apiPermissionsHtml .= "<input class='permission-checkbox' type='checkbox' name='{$permission['key']}'>"; foreach ($groupedApiPermissions as $group => $permissions) {
$apiPermissionsHtml .= "&nbsp;&nbsp;{$permission['key']}</label>"; $apiPermissionsHtml .= '<tr>';
$apiPermissionsHtml .= "<br>"; $apiPermissionsHtml .= "<td>{$group}</td>";
} $apiPermissionsHtml .= "<td>";
$apiPermissionsHtml .= "</td>"; foreach ($permissions as $permission){
$apiPermissionsHtml .= '</tr>'; $apiPermissionsHtml .= "<label for='{$permission['key']}'>";
} $apiPermissionsHtml .= "<input class='permission-checkbox' type='checkbox' name='{$permission['key']}'>";
$apiPermissionsHtml .= "&nbsp;&nbsp;{$permission['key']}</label>";
$this->app->YUI->TableSearch('TAB1','api_account_list', 'show','','',basename(__FILE__), __CLASS__); $apiPermissionsHtml .= "<br>";
$this->app->erp->MenuEintrag('#', 'Neu'); }
$this->app->erp->MenuEintrag('index.php?module=api_account&action=list', '&Uuml;bersicht'); $apiPermissionsHtml .= "</td>";
$this->app->erp->Headlines('API Account'); $apiPermissionsHtml .= '</tr>';
$this->app->Tpl->Set('API_PERMISSIONS_HTML', $apiPermissionsHtml); }
$this->app->YUI->Autocomplete('projekt', 'projektname', 1);
$this->app->Tpl->Parse('PAGE','api_account_list.tpl'); $this->app->YUI->TableSearch('TAB1','api_account_list', 'show','','',basename(__FILE__), __CLASS__);
} $this->app->erp->MenuEintrag('#', 'Neu');
} $this->app->erp->MenuEintrag('index.php?module=api_account&action=list', '&Uuml;bersicht');
$this->app->erp->Headlines('API Account');
$this->app->Tpl->Set('API_PERMISSIONS_HTML', $apiPermissionsHtml);
$this->app->YUI->Autocomplete('projekt', 'projektname', 1);
$this->app->Tpl->Parse('PAGE','api_account_list.tpl');
}
}