SuperX-Kernmodul
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

167 lines
5.5 KiB

<%@page pageEncoding="iso-8859-1" contentType="text/html" %>
<%@ page import ="org.dbforms.config.DbFormsConfigRegistry,java.sql.Connection,java.sql.Statement,java.sql.ResultSet" %>
<%if (request.getParameter("logoff") != null&&request.getSession()!=null) {
request.getSession().invalidate();
};
if (request.getSession()!=null&&request.getSession().getAttribute("sessiontype")!=null&&
request.getSession().getAttribute("sessiontype").equals("superx")) {
Object mandantobject=request.getSession().getAttribute("MandantenID");
Object userid=request.getSession().getAttribute("UserID");
String mandantenid="";
if(mandantobject != null)
mandantenid=mandantobject.toString();
//der superx-Default-Mandant ist bei dbforms ein Leerstring
if(mandantenid.equals("default"))
mandantenid="";
Connection conmm=null;
Statement st5;
ResultSet l_rset5;
try {
conmm = DbFormsConfigRegistry.instance().lookup().getConnection(mandantenid);
st5=conmm.createStatement();
String queryMaskenRechte = "--alle Abfragen für die die Gruppe über Sachgebiete berechtigt \n"
+ "select distinct M.tid,M.name \n"
+ " from maskeninfo M, sachgeb_maske_bez S, group_sachgeb_bez G, user_group_bez U \n"
+ " where (U.sticky is null or U.sticky>0) and M.tid = S.maskeninfo_id \n"
+ " and S.sachgebiete_id = G.sachgebiete_id \n"
+ " and G.groupinfo_id = U.groupinfo_id \n"
+ " and U.userinfo_id = "
+ userid
+ " \n"
+ " union \n"
+ " --alle Abfragen für die die Gruppe berechtigt (Einzelrechte) \n"
+ " select distinct M.tid,M.name \n"
+ " from maskeninfo M, group_masken_bez G, user_group_bez U \n"
+ " where (U.sticky is null or U.sticky>0) and M.tid = G.maskeninfo_id \n"
+ " and G.groupinfo_id = U.groupinfo_id \n"
+ " and U.userinfo_id = "
+ userid
+ " \n"
+ " union \n"
+ "--alle Abfragen aus Sachgebieten für die der Nutzer Rechte hat \n"
+ " select distinct M.tid,M.name \n"
+ " from maskeninfo M \n"
+ " where \n"
+ " (M.tid in (select maskeninfo_id from sachgeb_maske_bez S where S.sachgebiete_id in \n"
+ " (select sachgebiete_id from user_sachgeb_bez U where U.userinfo_id="
+ userid
+ " ))) \n"
+ " union \n"
+ "--alle Abfragen für die Einzelrechte in user_masken_bez angegeben \n"
+ " select distinct M.tid,M.name \n"
+ " from maskeninfo M, user_masken_bez B \n"
+ " where \n"
+ " B.userinfo_id = "
+ userid
+ " \n"
+ " and (M.tid = B.maskeninfo_id \n"
+ " or B.maskeninfo_id = 0)";
l_rset5 = st5.executeQuery(queryMaskenRechte);
StringBuffer maskRights=new StringBuffer();
while (l_rset5.next())
{
maskRights.append(l_rset5.getObject(1)+",");
}
l_rset5.close();
st5.close();
conmm.close();
int countMaskRights=0; boolean hasFinRights=false;boolean hasDrittRights=false;boolean hasManRights=false;
//String maskRights=request.getSession().getAttribute("UserMaskRights").toString();
if (maskRights.indexOf(",14571000,")>-1)
{countMaskRights++;hasFinRights=true;}
if (maskRights.indexOf(",888880120,")>-1)
{countMaskRights++;hasDrittRights=true;}
if (maskRights.indexOf(",888880190,")>-1)
{countMaskRights++;hasManRights=true;}
if (countMaskRights==0)
{
%>
<html>
<head>
<meta http-equiv="content-type" content="text/html;">
<title>HFT Stuttgart </title>
<!-- <link rel="stylesheet" type="text/css" href="format.css">-->
<link rel="stylesheet" type="text/css" href="/superx/BISP/xml/man.css" />
<link rel="stylesheet" type="text/css" href="/superx/BISP/xml/man_html.css" />
</head>
<script language="Javascript">
function oeffne(url)
{
self.maske.location.href=url;
}
function applyMerkmale(merkmale)
{
self.maske.applyMerkmale(merkmale);
}
</script>
<script type="text/javascript" src="js/dojo/dojo.js"></script>
<body>
<br/><br/><br/><br/><br/><h2 align="center"><font color=red>Sie haben keine Rechte für Finanz- oder Drittmittelbericht oder Managementübersicht</font><h2>
</body>
</html>
<% } else
//if (countMaskRights==1&&hasFinRights) response.sendRedirect("/superx/xml/management/finanzbericht.jsp");
{%>
<html>
<head>
<meta http-equiv="content-type" content="text/html;">
<title>HFT Stuttgart </title>
<!-- <link rel="stylesheet" type="text/css" href="format.css">-->
<link rel="stylesheet" type="text/css" href="/superx/BISP/xml/man.css" />
<link rel="stylesheet" type="text/css" href="/superx/BISP/xml/man_html.css" />
<script language="Javascript">
function oeffne(url)
{
self.maske.location.href=url;
}
function applyMerkmale(merkmale)
{
self.maske.applyMerkmale(merkmale);
}
</script>
<script type="text/javascript" src="js/dojo/dojo.js"></script>
</head>
<body>
<br/><br/>
<p align="center"><img src="LogoHFTStuttgart.png" width="90%" height="30%"></p><br/>
<div align="center" id="Menue">
<h2 align="center">Bitte w&auml;hlen Sie:</h2>
<% if (hasManRights) {%><h3 class="menue"><a href="/superx/servlet/SuperXmlTabelle?tid=888880190">Managementübersicht</a></h3><%}%>
<% if (hasFinRights) {%><h3 class="menue"> <a href="/superx/servlet/SuperXmlMaske?tid=14571000">Finanzbericht</a></h3><%}%>
<% if (hasDrittRights) {%><h3 class="menue"> <a href="/superx/servlet/SuperXmlMaske?tid=888880120">Drittmitellbericht</a></h3><%}%>
</div>
</body>
</html>
<%
}
}
catch (Exception e) {
out.print("<html><body>Fehler bei Datenverbindung: "+e+ " MandantenID"+mandantenid);
}
}
else {
if (request.getSession()!=null) session.invalidate();
response.sendRedirect("/superx/xml/management/index.jsp");
return;
}
%>