Elektronische Signatur » History » Revision 6
Revision 5 (Carsten Rose, 12.04.2021 18:42) → Revision 6/9 (Carsten Rose, 12.04.2021 18:47)
h1. Elektronische Signatur
* Person A loest im Tool eine Email aus, die an Person B gesendet wird.
* Die Email enthaelt eine URL mit einem zeitlich beschraenktes Einmal-Token.
* Person B empfaengt die Email und klickt auf dem Link.
* Bei Aufruf der URL wird entweder ein Form geoeffnet (um weitere Information abzufragen) oder der Link loest direkt eine Action aus das etwas bestaetigt wird.
h1. Approval Mail ausloesen - Page: application
* QFQ Record: a) Logik um die Approval Mail auszuloesen, b) Den Link anzubieten um das versenden zu starten.
<pre>
#
# {{action:SE::w}}'='sendApprovalMail'
# {{appId:RE}}
#
# Logic to send email with AUTH token
10 {
# Take care that the SIP variable is cleared after first use.
sql = SELECT '' FROM (SELECT '') AS fake WHERE '{{action:SE::w}}'='sendApprovalMail'
# Be sure an auth token is defined
20.sql = UPDATE Application SET auth='{{random:V}}' WHERE auth='' AND id={{appId:S}}
30 {
sql = SELECT n.text AS _body
n.title AS _subject
app.auth AS _auth
QDATE_FORMAT(app.deadline) AS _deadline
FROM Note AS n, Application AS app
WHERE n.reference='Email Template: Approve Mail'
AND app.id={{appId:R}}
40.sql = SELECT 'to:<email>|from:<email>|subject:{{subject:R}}|body:{{body}}|grid:<grid>|xid:<xId>' AS _sendmail
}
}
# Logic to show application status
100 {
sql = SELECT ...
# Link to initiate email
110.sql = SELECT 'p:{{pageAlias:T}}&action=sendApprovalMail&appId={{appId:R}}|q:An approval mail will be sent|s|b:Send mail' AS _link
FROM Application AS app
WHERE app.id={{appId:R}}
}
</pre>
* Email Template (z.B. Note Record) mit Variablen. Achtung: evtl darf der Text nicht HTML SpecialChar kodiert werden.
<pre>
Dear {{name:R}}
...
Please click {{baseUrl:Y}}/index.php?id=confirmation&auth={{auth:R}}.
...
The applicants deadline is {{deadline:R}}.
...
</pre>
h1. Approval/Deny Approval - Page: approval
* Seite wird nicht im Menu angezeigt.
* Seite muss ist ohne Zugriffsbeschraenkung (fe group) aufrufbar sein.
* Spalten:
* Application.reviewDecission: approve|deny
* Application.reviewTs: NULL|Timestamp
aufrufbar.
<pre>
#
# {{auth:CE:alnumx}}
# {{action:SE}} = 'approve'
#
# Normalize
10.sql = SELECT '{{auth:CE:alnumx}}' AS _auth
'{{appId:S0}}' AS _appId
'{{action:SE::w}}' AS _action
# User calls this page with AUTH token: offer button 'approve' and 'deny'
20 {
sql = SELECT '' FROM (SELECT '') AS fake WHERE '{{auth:R}}'!=''
30 {
# Gather facts
sql = SELECT app.id AS _appId
, QDATE_FORMAT(app.deadline) AS _deadline
, app.deadline<NOW() AS _deadlineExpired
, ISNULL(app.reviewTs) AS _reviewOpen
FROM Application AS app
WHERE '{{auth:R}}'=app.auth
altsql = SELECT Sorry, token unknown. Maybe the URL is broken.
40 {
sql = SELECT 'Applicant: ', app.name, ', ', app.firstName, '<br>'
, 'Applicaton: ', app.title
, 'p:{{pageAlias:T}}&action=approve&appId={{appId:R}}|t:Approve|s|b' AS _link, ' '
, 'p:{{pageAlias:T}}&action=deny&appId={{appId:R}}|t:Deny|s|b' AS _link
FROM Application AS app
WHERE app.id={{appId:R}}
AND !{{deadlineExpired:R}}
AND {{reviewOpen:R}}
# Detailed message whats wrong.
altsql = SELECT IF({{deadlineExpired:R}},'Deadline expired: {{deadline:R}}','')
IF({{reviewOpen:R}},'','The approval/deny has already been done.')
}
}
}
# User clicked on 'approve' or 'deny'. Arguments {{appId}} and {{action}} are given. 'deny'
50 {
sql = SELECT ISNULL(app.reviewTs) AS _reviewOpen
FROM Application AS app
WHERE app.id={{appId:R}}
AND '{{action:R}}'!=''
60 {
sql = SELECT ''
FROM Application
WHERE app.id={{appId:R}} AND ISNULL(reviewTs)
althead = The approval/deny has already been done.
tail = Thanks for the decission.
70 {
sql = UPDATE Application SET reviewDecission={{action:R}}, reviewTs=NOW()
WHERE app.id={{appId:R}} AND ISNULL(reviewTs)
}
# Send notification mail to applicant
80 {
sql = SELECT '....' AS _sendmail
}
}
}
</pre>