diff --git a/CHANGELOG b/CHANGELOG index dcb9cdc5..cf7b48d9 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,10 @@ +CREATE TABLE IF NOT EXISTS `sample_import_var_restrict` ( + `sample_import_id` bigint(20) NOT NULL, + `var` char(128) collate utf8_unicode_ci NOT NULL, + `restrict` tinyint(1) NOT NULL default '0', + PRIMARY KEY (`sample_import_id`,`var`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + queXS 1.7.6 - Changes since 1.7.5 Fixed Bug: Define operator skills as for the assigning of cases to operators diff --git a/admin/samplelist.php b/admin/samplelist.php index 3cfe3266..da8d7153 100644 --- a/admin/samplelist.php +++ b/admin/samplelist.php @@ -82,6 +82,36 @@ if (isset($_POST['submit'])) $_GET['edit'] = $sample_import_id; } +if (isset($_POST['submitvp'])) +{ + $sample_import_id = intval($_POST['sample_import_id']); + + unset($_POST['submitvp']); + unset($_POST['sample_import_id']); + + $db->StartTrans(); + + $sql = "UPDATE sample_import_var_restrict + SET `restrict` = 1 + WHERE sample_import_id = $sample_import_id"; + + $db->Execute($sql); + + foreach($_POST as $p => $val) + { + $sql = "UPDATE sample_import_var_restrict + SET `restrict` = 0 + WHERE sample_import_id = $sample_import_id + AND `var` LIKE " . $db->qstr($p); + + $db->Execute($sql); + } + + $db->CompleteTrans(); + + $_GET['view'] = $sample_import_id; +} + if (isset($_GET['rename'])) { xhtml_head(T_("Rename"),true,array("../css/table.css")); @@ -110,6 +140,63 @@ if (isset($_GET['rename'])) exit(); } + +if (isset($_GET['view'])) +{ + xhtml_head(T_("Operator viewing permissions"),true,array("../css/table.css")); + + $sample_import_id = intval($_GET['view']); + + $sql = "SELECT sample_id + FROM `sample` + WHERE import_id = $sample_import_id"; + + $sample_id = $db->GetOne($sql); + + $sql = "SELECT si.description, sv.val, sv.var, + CONCAT('') as box, + sir.restrict IS NULL as existss + FROM sample_import as si + JOIN `sample` as s ON (s.import_id = si.sample_import_id AND s.sample_id = $sample_id) + JOIN sample_var as sv ON (sv.sample_id = s.sample_id) + LEFT JOIN sample_import_var_restrict as sir ON (sir.sample_import_id = si.sample_import_id AND sir.var = sv.var) + WHERE si.sample_import_id = $sample_import_id"; + + $rs = $db->GetAll($sql); + + //if not in restrict table, then insert + foreach($rs as $r) + { + if ($r['existss'] == 1) + { + $sql = "INSERT INTO sample_import_var_restrict (sample_import_id,var,`restrict`) + VALUES ($sample_import_id,'{$r['var']}',0)"; + + $db->Execute($sql); + } + } + + print "

" . T_("Operator viewing permissions") . ": " . $rs[0]['description'] . "

"; + echo "

" . T_("Go back") . "

"; + + print "

" . T_("Select which fields from this sample should be able to be viewed by operators") . "

"; + + ?> +
+ +
+
"/>
+
+ " . T_("Deidentify") . "') as did, + CONCAT('" . T_("Operator viewing permissions") . "') as vp, CONCAT('" . T_("Rename") . "') as rname, description FROM sample_import"; @@ -187,8 +275,8 @@ $rs = $db->GetAll($sql); xhtml_head(T_("Sample list"),true,array("../css/table.css")); -$columns = array("description","enabledisable","did","rname"); -$titles = array(T_("Sample"),T_("Enable/Disable"),T_("Deidentify"),T_("Rename")); +$columns = array("description","enabledisable","did","vp","rname"); +$titles = array(T_("Sample"),T_("Enable/Disable"),T_("Deidentify"),T_("Operator viewing permissions"),T_("Rename")); xhtml_table($rs,$columns,$titles); diff --git a/contactdetails.php b/contactdetails.php index cc879074..538251c4 100644 --- a/contactdetails.php +++ b/contactdetails.php @@ -147,11 +147,12 @@ else //display sample details - // use type = 1 to limit to non specific sample variables + // use sample_import_var_restrict to limit $sql = "SELECT s.var,s.val FROM sample_var as s JOIN `case` as c on (c.case_id = '$case_id' and c.sample_id = s.sample_id) - WHERE s.type = 1"; + JOIN `sample` as sa ON (sa.sample_id = c.sample_id) + JOIN sample_import_var_restrict as sv ON (sv.var LIKE s.var AND sa.import_id = sv.sample_import_id AND sv.restrict = 0)"; $rs = $db->GetAll($sql); diff --git a/functions/functions.import.php b/functions/functions.import.php index 1bf9fccf..622dc986 100644 --- a/functions/functions.import.php +++ b/functions/functions.import.php @@ -124,7 +124,7 @@ function verify_fields($fields) function display_table($data) { print ""; - print ""; + print ""; $row = 1; global $db; @@ -148,8 +148,9 @@ function display_table($data) print ""; $selected = ""; } - print ""; - print ""; + print ""; + print ""; + print ""; $row++; } @@ -215,6 +216,20 @@ function import_file($file, $description, $fields, $firstrow = 2) { $selected_type[substr($key,2)] = $fields["t_" . substr($key,2)]; $selected_name[substr($key,2)] = $fields["n_" . substr($key,2)]; + + $restrict = 1; + + //Set restrictions on columns + if (isset($fields["a_" . substr($key,2)])) + { + $restrict = 0; + } + + $sql = "INSERT INTO sample_import_var_restrict + (`sample_import_id`,`var`,`restrict`) + VALUES ($id,'" . $fields["n_" . substr($key,2)] . "',$restrict)"; + + $db->Execute($sql); } } diff --git a/respondent.php b/respondent.php index f9e0bd1c..6b96c774 100644 --- a/respondent.php +++ b/respondent.php @@ -153,11 +153,13 @@ else //display sample details - // use type = 1 to limit to non specific sample variables + //limit to those allowed by admin $sql = "SELECT s.var,s.val FROM sample_var as s JOIN `case` as c on (c.case_id = '$case_id' and c.sample_id = s.sample_id) - WHERE s.type = 1"; + JOIN `sample` as sa ON (sa.sample_id = c.sample_id) + JOIN sample_import_var_restrict as sv ON (sv.var LIKE s.var AND sa.import_id = sv.sample_import_id AND sv.restrict = 0)"; + $rs = $db->GetAll($sql);
" . T_("Import?") . "" . T_("Name") . "" . T_("Type") . "
" . T_("Import?") . "" . T_("Name") . "" . T_("Type") . "" . T_("Allow operator to see?") . "