1 package SL::Controller::Admin;
5 use parent qw(SL::Controller::Base);
10 use SL::DB::AuthGroup;
11 use SL::Helper::Flash;
12 use SL::Locale::String qw(t8);
14 use Rose::Object::MakeMethods::Generic
16 'scalar --get_set_init' => [ qw(client user nologin_file_name db_cfg) ],
19 __PACKAGE__->run_before(\&setup_layout);
21 sub get_auth_level { "admin" };
23 my ($class, %params) = @_;
24 return $params{action} eq 'login';
34 return $self->login_form if !$::form->{do_login};
35 return if !$self->authenticate_root;
36 return if !$self->check_auth_db_and_tables;
37 return if $self->apply_dbupgrade_scripts;
38 $self->redirect_to(action => 'list_clients_and_users');
43 $::auth->destroy_session;
44 $self->redirect_to(action => 'login');
47 sub action_apply_dbupgrade_scripts {
50 return if $self->apply_dbupgrade_scripts;
51 $self->action_list_clients_and_users;
54 sub action_create_auth_db {
57 $::auth->create_database(superuser => $::form->{db_superuser},
58 superuser_password => $::form->{db_superuser_password},
59 template => $::form->{db_template});
60 $self->check_auth_db_and_tables;
63 sub action_create_auth_tables {
66 $::auth->create_tables;
67 $::auth->set_session_value('admin_password', $::lx_office_conf{authentication}->{admin_password});
68 $::auth->create_or_refresh_session;
70 my $group = (SL::DB::Manager::AuthGroup->get_all(limit => 1))[0];
72 SL::DB::AuthGroup->new(
73 name => t8('Full Access'),
74 description => t8('Full access to all functions'),
75 rights => [ map { SL::DB::AuthGroupRight->new(right => $_, granted => 1) } SL::Auth::all_rights() ],
79 if (!$self->apply_dbupgrade_scripts) {
84 sub action_list_clients_and_users {
89 CLIENTS => SL::DB::Manager::AuthClient->get_all_sorted,
90 USERS => SL::DB::Manager::AuthUser->get_all_sorted,
91 LOCKED => (-e $self->nologin_file_name),
92 title => "kivitendo " . $::locale->text('Administration'),
96 sub action_unlock_system {
98 unlink $self->nologin_file_name;
99 flash_later('info', t8('Lockfile removed!'));
100 $self->redirect_to(action => 'list_clients_and_users');
103 sub action_lock_system {
106 my $fh = IO::File->new($self->nologin_file_name, "w");
108 $::form->error(t8('Cannot create Lock!'));
112 flash_later('info', t8('Lockfile created!'));
113 $self->redirect_to(action => 'list_clients_and_users');
121 sub init_db_cfg { $::lx_office_conf{'authentication/database'} }
122 sub init_nologin_file_name { $::lx_office_conf{paths}->{userspath} . '/nologin'; }
123 sub init_client { SL::DB::AuthClient->new(id => $::form->{client_id})->load; }
124 sub init_user { SL::DB::AuthUser ->new(id => $::form->{user_id} )->load; }
131 my ($self, $action) = @_;
133 $::request->layout(SL::Layout::Dispatcher->new(style => 'admin'));
134 $::request->layout->use_stylesheet("lx-office-erp.css");
135 $::form->{favicon} = "favicon.ico";
143 my ($self, %params) = @_;
144 $::request->layout->focus('#admin_password');
145 $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $::form->{version}), %params);
148 sub check_auth_db_and_tables {
151 if (!$::auth->check_database) {
152 $self->render('admin/check_auth_database', title => t8('Authentification database creation'));
156 if (!$::auth->check_tables) {
157 $self->render('admin/check_auth_tables', title => t8('Authentification tables creation'));
164 sub apply_dbupgrade_scripts {
165 return SL::DBUpgrade2->new(form => $::form, dbdriver => 'Pg', auth => 1)->apply_admin_dbupgrade_scripts(1);
168 sub authenticate_root {
171 return 1 if $::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK();
173 $::auth->punish_wrong_login;
174 $::auth->delete_session_value('admin_password');
176 $self->login_form(error => t8('Incorrect Password!'));