mirror of
https://github.com/ACSPRI/queXS
synced 2024-04-02 12:12:16 +00:00
New feature - allow operators to restrict viewing permissions of sample variables (Requires new table)
This commit is contained in:
Adam Zammit
@@ -1,3 +1,10 @@
|
||||
CREATE TABLE IF NOT EXISTS `sample_import_var_restrict` (
|
||||
`sample_import_id` bigint(20) NOT NULL,
|
||||
`var` char(128) collate utf8_unicode_ci NOT NULL,
|
||||
`restrict` tinyint(1) NOT NULL default '0',
|
||||
PRIMARY KEY (`sample_import_id`,`var`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
|
||||
|
||||
queXS 1.7.6 - Changes since 1.7.5
|
||||
|
||||
Fixed Bug: Define operator skills as for the assigning of cases to operators
|
||||
|
||||
@@ -82,6 +82,36 @@ if (isset($_POST['submit']))
|
||||
$_GET['edit'] = $sample_import_id;
|
||||
}
|
||||
|
||||
if (isset($_POST['submitvp']))
|
||||
{
|
||||
$sample_import_id = intval($_POST['sample_import_id']);
|
||||
|
||||
unset($_POST['submitvp']);
|
||||
unset($_POST['sample_import_id']);
|
||||
|
||||
$db->StartTrans();
|
||||
|
||||
$sql = "UPDATE sample_import_var_restrict
|
||||
SET `restrict` = 1
|
||||
WHERE sample_import_id = $sample_import_id";
|
||||
|
||||
$db->Execute($sql);
|
||||
|
||||
foreach($_POST as $p => $val)
|
||||
{
|
||||
$sql = "UPDATE sample_import_var_restrict
|
||||
SET `restrict` = 0
|
||||
WHERE sample_import_id = $sample_import_id
|
||||
AND `var` LIKE " . $db->qstr($p);
|
||||
|
||||
$db->Execute($sql);
|
||||
}
|
||||
|
||||
$db->CompleteTrans();
|
||||
|
||||
$_GET['view'] = $sample_import_id;
|
||||
}
|
||||
|
||||
if (isset($_GET['rename']))
|
||||
{
|
||||
xhtml_head(T_("Rename"),true,array("../css/table.css"));
|
||||
@@ -110,6 +140,63 @@ if (isset($_GET['rename']))
|
||||
exit();
|
||||
}
|
||||
|
||||
|
||||
if (isset($_GET['view']))
|
||||
{
|
||||
xhtml_head(T_("Operator viewing permissions"),true,array("../css/table.css"));
|
||||
|
||||
$sample_import_id = intval($_GET['view']);
|
||||
|
||||
$sql = "SELECT sample_id
|
||||
FROM `sample`
|
||||
WHERE import_id = $sample_import_id";
|
||||
|
||||
$sample_id = $db->GetOne($sql);
|
||||
|
||||
$sql = "SELECT si.description, sv.val, sv.var,
|
||||
CONCAT('<input type=\'checkbox\' ', CASE WHEN (sir.restrict IS NULL || sir.restrict = 0) THEN 'checked=\"checked\"' ELSE '' END ,' name=\'',sv.var,'\' value=\'11\'/>') as box,
|
||||
sir.restrict IS NULL as existss
|
||||
FROM sample_import as si
|
||||
JOIN `sample` as s ON (s.import_id = si.sample_import_id AND s.sample_id = $sample_id)
|
||||
JOIN sample_var as sv ON (sv.sample_id = s.sample_id)
|
||||
LEFT JOIN sample_import_var_restrict as sir ON (sir.sample_import_id = si.sample_import_id AND sir.var = sv.var)
|
||||
WHERE si.sample_import_id = $sample_import_id";
|
||||
|
||||
$rs = $db->GetAll($sql);
|
||||
|
||||
//if not in restrict table, then insert
|
||||
foreach($rs as $r)
|
||||
{
|
||||
if ($r['existss'] == 1)
|
||||
{
|
||||
$sql = "INSERT INTO sample_import_var_restrict (sample_import_id,var,`restrict`)
|
||||
VALUES ($sample_import_id,'{$r['var']}',0)";
|
||||
|
||||
$db->Execute($sql);
|
||||
}
|
||||
}
|
||||
|
||||
print "<h2>" . T_("Operator viewing permissions") . ": " . $rs[0]['description'] . "</h2>";
|
||||
echo "<p><a href='?'>" . T_("Go back") . "</a></p>";
|
||||
|
||||
print "<p>" . T_("Select which fields from this sample should be able to be viewed by operators") . "</p>";
|
||||
|
||||
?>
|
||||
<form action="?" method="post">
|
||||
<?php
|
||||
xhtml_table($rs,array("var","val","box"),array(T_("Field"),T_("Example data"),T_("Allow operator to see?")));
|
||||
?>
|
||||
<div><input type='hidden' name='sample_import_id' value='<?php echo $sample_import_id;?>'/></div>
|
||||
<div><input type="submit" name="submitvp" value="<?php echo T_("Save changes");?>"/></div>
|
||||
</form>
|
||||
<?php
|
||||
|
||||
|
||||
xhtml_foot();
|
||||
exit();
|
||||
}
|
||||
|
||||
|
||||
if (isset($_GET['edit']))
|
||||
{
|
||||
xhtml_head(T_("Deidentify"),true,array("../css/table.css"));
|
||||
@@ -179,6 +266,7 @@ $sql = "SELECT
|
||||
END
|
||||
as enabledisable,
|
||||
CONCAT('<a href=\'?edit=',sample_import_id,'\'>" . T_("Deidentify") . "</a>') as did,
|
||||
CONCAT('<a href=\'?view=',sample_import_id,'\'>" . T_("Operator viewing permissions") . "</a>') as vp,
|
||||
CONCAT('<a href=\'?rename=',sample_import_id,'\'>" . T_("Rename") . "</a>') as rname,
|
||||
description
|
||||
FROM sample_import";
|
||||
@@ -187,8 +275,8 @@ $rs = $db->GetAll($sql);
|
||||
|
||||
xhtml_head(T_("Sample list"),true,array("../css/table.css"));
|
||||
|
||||
$columns = array("description","enabledisable","did","rname");
|
||||
$titles = array(T_("Sample"),T_("Enable/Disable"),T_("Deidentify"),T_("Rename"));
|
||||
$columns = array("description","enabledisable","did","vp","rname");
|
||||
$titles = array(T_("Sample"),T_("Enable/Disable"),T_("Deidentify"),T_("Operator viewing permissions"),T_("Rename"));
|
||||
|
||||
xhtml_table($rs,$columns,$titles);
|
||||
|
||||
|
||||
@@ -147,11 +147,12 @@ else
|
||||
|
||||
|
||||
//display sample details
|
||||
// use type = 1 to limit to non specific sample variables
|
||||
// use sample_import_var_restrict to limit
|
||||
$sql = "SELECT s.var,s.val
|
||||
FROM sample_var as s
|
||||
JOIN `case` as c on (c.case_id = '$case_id' and c.sample_id = s.sample_id)
|
||||
WHERE s.type = 1";
|
||||
JOIN `sample` as sa ON (sa.sample_id = c.sample_id)
|
||||
JOIN sample_import_var_restrict as sv ON (sv.var LIKE s.var AND sa.import_id = sv.sample_import_id AND sv.restrict = 0)";
|
||||
|
||||
$rs = $db->GetAll($sql);
|
||||
|
||||
|
||||
@@ -124,7 +124,7 @@ function verify_fields($fields)
|
||||
function display_table($data)
|
||||
{
|
||||
print "<table>";
|
||||
print "<tr><th></th><th>" . T_("Import?") . "</th><th>" . T_("Name") . "</th><th>" . T_("Type") . "</th></tr>";
|
||||
print "<tr><th></th><th>" . T_("Import?") . "</th><th>" . T_("Name") . "</th><th>" . T_("Type") . "</th><th>" . T_("Allow operator to see?") . "</th></tr>";
|
||||
$row = 1;
|
||||
|
||||
global $db;
|
||||
@@ -148,8 +148,9 @@ function display_table($data)
|
||||
print "<option value=\"{$r['type']}\" $selected>" . T_($r['description']) . "</option>";
|
||||
$selected = "";
|
||||
}
|
||||
print "</select>";
|
||||
print "</td></tr>";
|
||||
print "</select></td>";
|
||||
print "<td><input type=\"checkbox\" name=\"a_$row\"/></td>";
|
||||
print "</tr>";
|
||||
$row++;
|
||||
|
||||
}
|
||||
@@ -215,6 +216,20 @@ function import_file($file, $description, $fields, $firstrow = 2)
|
||||
{
|
||||
$selected_type[substr($key,2)] = $fields["t_" . substr($key,2)];
|
||||
$selected_name[substr($key,2)] = $fields["n_" . substr($key,2)];
|
||||
|
||||
$restrict = 1;
|
||||
|
||||
//Set restrictions on columns
|
||||
if (isset($fields["a_" . substr($key,2)]))
|
||||
{
|
||||
$restrict = 0;
|
||||
}
|
||||
|
||||
$sql = "INSERT INTO sample_import_var_restrict
|
||||
(`sample_import_id`,`var`,`restrict`)
|
||||
VALUES ($id,'" . $fields["n_" . substr($key,2)] . "',$restrict)";
|
||||
|
||||
$db->Execute($sql);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -153,11 +153,13 @@ else
|
||||
|
||||
|
||||
//display sample details
|
||||
// use type = 1 to limit to non specific sample variables
|
||||
//limit to those allowed by admin
|
||||
$sql = "SELECT s.var,s.val
|
||||
FROM sample_var as s
|
||||
JOIN `case` as c on (c.case_id = '$case_id' and c.sample_id = s.sample_id)
|
||||
WHERE s.type = 1";
|
||||
JOIN `sample` as sa ON (sa.sample_id = c.sample_id)
|
||||
JOIN sample_import_var_restrict as sv ON (sv.var LIKE s.var AND sa.import_id = sv.sample_import_id AND sv.restrict = 0)";
|
||||
|
||||
|
||||
$rs = $db->GetAll($sql);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user