function check_competency_result_access($userId, $crId, &$found) { // select the first assessment_worksheet which (through several layers of // indirection) is referenced by the competency item $query = new Query(new QueryBuilder(SELECT_QUERY, array('tables' => array('assessment_worksheet' => 'id'), 'joins' => array("INNER JOIN rubric_results ON rubric_results.id = assessment_worksheet.fk_rubric_results", "INNER JOIN competency_results ON competency_results.fk_rubric_results = rubric_results.id"), 'where' => "competency_results.id = ?", 'where-params' => array("i:{$crId}")))); if ($query->is_empty()) { $found = false; return false; } $found = true; // then verify that we have access to the worksheet for some assessment $wkstId = $query->get_row_ordered()[0]; return check_assessment_access($userId, $wkstId, 'assessment_worksheet'); }
function add_comp_row($id) { // 'id' is worksheet id return Query::perform_transaction(function (&$rollback) use($id) { // select id of rubric_results entity $query = new Query(new QueryBuilder(SELECT_QUERY, array('tables' => array('rubric_results' => 'id'), 'joins' => array('INNER JOIN assessment_worksheet ON assessment_worksheet.fk_rubric_results = rubric_results.id'), 'where' => 'assessment_worksheet.id = ?', 'where-params' => array("i:{$id}")))); if ($query->is_empty()) { page_fail(NOT_FOUND); } $rrId = $query->get_row_ordered()[0]; // insert new competency_results entity $insert = new Query(new QueryBuilder(INSERT_QUERY, array('table' => 'competency_results', 'fields' => array('outstanding_tally', 'expected_tally', 'marginal_tally', 'unacceptable_tally', 'fk_rubric_results'), 'values' => array(array("l:0", "l:0", "l:0", "l:0", "l:{$rrId}"))))); // select the inserted row and return it $comp = new Query(new QueryBuilder(SELECT_QUERY, array('tables' => array('competency_results' => array('id', 'competency_desc', 'outstanding_tally', 'expected_tally', 'marginal_tally', 'unacceptable_tally', 'pass_fail_type', 'comment')), 'aliases' => array('competency_results.competency_desc' => 'description'), 'where' => 'id = LAST_INSERT_ID()'))); if ($comp->is_empty()) { page_fail(SERVER_ERROR); } // shouldn't happen return json_encode($comp->get_row_assoc()); }); }