1 package SL::Controller::Admin;
5 use parent qw(SL::Controller::Base);
8 use List::Util qw(first);
9 use List::UtilsBy qw(sort_by);
13 use SL::DB::AuthGroup;
15 use SL::Helper::Flash;
16 use SL::Locale::String qw(t8);
17 use SL::System::InstallationLock;
19 use SL::Layout::AdminLogin;
21 use Rose::Object::MakeMethods::Generic
23 'scalar --get_set_init' => [ qw(client user group printer db_cfg is_locked
24 all_dateformats all_numberformats all_countrycodes all_stylesheets all_menustyles all_clients all_groups all_users all_rights all_printers
25 all_dbsources all_used_dbsources all_accounting_methods all_inventory_systems all_profit_determinations all_charts) ],
28 __PACKAGE__->run_before(\&setup_layout);
29 __PACKAGE__->run_before(\&setup_client, only => [ qw(list_printers new_printer edit_printer save_printer delete_printer) ]);
31 sub get_auth_level { "admin" };
33 my ($class, %params) = @_;
34 return $params{action} eq 'login';
38 # actions: login, logout
44 return $self->login_form if !$::form->{do_login};
45 return if !$self->authenticate_root;
46 return if !$self->check_auth_db_and_tables;
47 return if $self->apply_dbupgrade_scripts;
49 $self->redirect_to(action => 'show');
54 $::auth->destroy_session;
55 $self->redirect_to(action => 'login');
59 # actions: creating the authentication database & tables, applying database ugprades
62 sub action_apply_dbupgrade_scripts {
65 return if $self->apply_dbupgrade_scripts;
66 $self->redirect_to(action => 'show');
69 sub action_create_auth_db {
72 $::auth->create_database(superuser => $::form->{db_superuser},
73 superuser_password => $::form->{db_superuser_password},
74 template => $::form->{db_template});
75 $self->check_auth_db_and_tables;
78 sub action_create_auth_tables {
81 $::auth->create_tables;
82 $::auth->set_session_value('admin_password', $::lx_office_conf{authentication}->{admin_password});
83 $::auth->create_or_refresh_session;
85 return if $self->apply_dbupgrade_scripts;
87 my $group = (SL::DB::Manager::AuthGroup->get_all(limit => 1))[0];
89 SL::DB::AuthGroup->new(
90 name => t8('Full Access'),
91 description => t8('Full access to all functions'),
92 rights => [ map { SL::DB::AuthGroupRight->new(right => $_, granted => 1) } $::auth->all_rights ],
108 title => "kivitendo " . t8('Administration'),
112 sub action_new_user {
115 my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager});
116 $self->user(SL::DB::AuthUser->new(
119 countrycode => $defaults->language('de'),
120 numberformat => $defaults->numberformat('1.000,00'),
121 dateformat => $defaults->dateformat('dd.mm.yy'),
122 stylesheet => "kivitendo.css",
127 $self->edit_user_form(title => t8('Create a new user'));
130 sub action_edit_user {
132 $self->edit_user_form(title => t8('Edit User'));
135 sub action_save_user {
137 my $params = delete($::form->{user}) || { };
138 my $props = delete($params->{config_values}) || { };
139 my $is_new = !$params->{id};
141 # Assign empty arrays if the browser doesn't send those controls.
142 $params->{clients} ||= [];
143 $params->{groups} ||= [];
145 $self->user($is_new ? SL::DB::AuthUser->new : SL::DB::AuthUser->new(id => $params->{id})->load)
146 ->assign_attributes(%{ $params })
147 ->config_values({ %{ $self->user->config_values }, %{ $props } });
149 my @errors = $self->user->validate;
152 flash('error', @errors);
153 $self->edit_user_form(title => $is_new ? t8('Create a new user') : t8('Edit User'));
159 if ($::auth->can_change_password && $::form->{new_password}) {
160 $::auth->change_password($self->user->login, $::form->{new_password});
163 flash_later('info', $is_new ? t8('The user has been created.') : t8('The user has been saved.'));
164 $self->redirect_to(action => 'show');
167 sub action_delete_user {
170 my @clients = @{ $self->user->clients || [] };
172 # backup user metadata (email, name, etc)
173 my $user_config_values_ref = $self->user->config_values();
174 my $login =$self->user->login;
176 if (!$self->user->delete) {
177 flash('error', t8('The user could not be deleted.'));
178 $self->edit_user_form(title => t8('Edit User'));
182 # Flag corresponding entries in 'employee' as deleted.
183 # and restore the most important user data in employee
184 # TODO try and catch the whole transaction {user->delete; update employee} {exception}
185 foreach my $client (@clients) {
186 my $dbh = $client->dbconnect(AutoCommit => 1) || next;
187 $dbh->do(qq|UPDATE employee SET deleted = TRUE, name = ?, deleted_email = ?,
188 deleted_tel = ?, deleted_fax = ?, deleted_signature = ? WHERE login = ?|,undef,
189 $user_config_values_ref->{name}, $user_config_values_ref->{email},
190 $user_config_values_ref->{tel}, $user_config_values_ref->{fax},
191 $user_config_values_ref->{signature}, $self->user->login);
195 flash_later('info', t8('The user has been deleted.'));
196 $self->redirect_to(action => 'show');
203 sub action_new_client {
206 $self->client(SL::DB::AuthClient->new(
207 dbhost => $::auth->{DB_config}->{host},
208 dbport => $::auth->{DB_config}->{port},
209 dbuser => $::auth->{DB_config}->{user},
210 dbpasswd => $::auth->{DB_config}->{password},
213 $self->edit_client_form(title => t8('Create a new client'));
216 sub action_edit_client {
218 $self->edit_client_form(title => t8('Edit Client'));
221 sub action_save_client {
223 my $params = delete($::form->{client}) || { };
224 my $is_new = !$params->{id};
226 # Assign empty arrays if the browser doesn't send those controls.
227 $params->{groups} ||= [];
228 $params->{users} ||= [];
230 $self->client($is_new ? SL::DB::AuthClient->new : SL::DB::AuthClient->new(id => $params->{id})->load)->assign_attributes(%{ $params });
232 my @errors = $self->client->validate;
235 flash('error', @errors);
236 $self->edit_client_form(title => $is_new ? t8('Create a new client') : t8('Edit Client'));
241 if ($self->client->is_default) {
242 SL::DB::Manager::AuthClient->update_all(set => { is_default => 0 }, where => [ '!id' => $self->client->id ]);
245 flash_later('info', $is_new ? t8('The client has been created.') : t8('The client has been saved.'));
246 $self->redirect_to(action => 'show');
249 sub action_delete_client {
252 if (!$self->client->delete) {
253 flash('error', t8('The client could not be deleted.'));
254 $self->edit_client_form(title => t8('Edit Client'));
258 flash_later('info', t8('The client has been deleted.'));
259 $self->redirect_to(action => 'show');
262 sub action_test_database_connectivity {
265 my %cfg = %{ $::form->{client} || {} };
266 my $dbconnect = 'dbi:Pg:dbname=' . $cfg{dbname} . ';host=' . $cfg{dbhost} . ';port=' . $cfg{dbport};
267 my $dbh = DBI->connect($dbconnect, $cfg{dbuser}, $cfg{dbpasswd});
270 my $error = $DBI::errstr;
272 $dbh->disconnect if $dbh;
274 $self->render('admin/test_db_connection', { layout => 0 },
275 title => t8('Database Connection Test'),
284 sub action_new_group {
287 $self->group(SL::DB::AuthGroup->new);
288 $self->edit_group_form(title => t8('Create a new group'));
291 sub action_edit_group {
293 $self->edit_group_form(title => t8('Edit User Group'));
296 sub action_save_group {
299 my $params = delete($::form->{group}) || { };
300 my $is_new = !$params->{id};
302 # Assign empty arrays if the browser doesn't send those controls.
303 $params->{clients} ||= [];
304 $params->{users} ||= [];
306 $self->group($is_new ? SL::DB::AuthGroup->new : SL::DB::AuthGroup->new(id => $params->{id})->load)->assign_attributes(%{ $params });
308 my @errors = $self->group->validate;
311 flash('error', @errors);
312 $self->edit_group_form(title => $is_new ? t8('Create a new user group') : t8('Edit User Group'));
318 flash_later('info', $is_new ? t8('The user group has been created.') : t8('The user group has been saved.'));
319 $self->redirect_to(action => 'show');
322 sub action_delete_group {
325 if (!$self->group->delete) {
326 flash('error', t8('The user group could not be deleted.'));
327 $self->edit_group_form(title => t8('Edit User Group'));
331 flash_later('info', t8('The user group has been deleted.'));
332 $self->redirect_to(action => 'show');
339 sub action_list_printers {
341 $self->render('admin/list_printers', title => t8('Printer management'));
344 sub action_new_printer {
347 $self->printer(SL::DB::Printer->new);
348 $self->edit_printer_form(title => t8('Create a new printer'));
351 sub action_edit_printer {
353 $self->edit_printer_form(title => t8('Edit Printer'));
356 sub action_save_printer {
358 my $params = delete($::form->{printer}) || { };
359 my $is_new = !$params->{id};
361 $self->printer($is_new ? SL::DB::Printer->new : SL::DB::Printer->new(id => $params->{id})->load)->assign_attributes(%{ $params });
363 my @errors = $self->printer->validate;
366 flash('error', @errors);
367 $self->edit_printer_form(title => $is_new ? t8('Create a new printer') : t8('Edit Printer'));
371 $self->printer->save;
373 flash_later('info', $is_new ? t8('The printer has been created.') : t8('The printer has been saved.'));
374 $self->redirect_to(action => 'list_printers', 'client.id' => $self->client->id);
377 sub action_delete_printer {
380 if (!$self->printer->delete) {
381 flash('error', t8('The printer could not be deleted.'));
382 $self->edit_printer_form(title => t8('Edit Printer'));
386 flash_later('info', t8('The printer has been deleted.'));
387 $self->redirect_to(action => 'list_printers', 'client.id' => $self->client->id);
391 # actions: database administration
394 sub action_create_dataset_login {
397 $self->database_administration_login_form(
398 title => t8('Create Dataset'),
399 next_action => 'create_dataset',
403 sub action_create_dataset {
405 $self->create_dataset_form;
408 sub action_do_create_dataset {
412 push @errors, t8("Dataset missing!") if !$::form->{db};
413 push @errors, t8("Default currency missing!") if !$::form->{defaultcurrency};
416 flash('error', @errors);
417 return $self->create_dataset_form;
420 $::form->{encoding} = 'UNICODE';
421 User->new->dbcreate($::form);
423 flash_later('info', t8("The dataset #1 has been created.", $::form->{db}));
424 $self->redirect_to(action => 'show');
427 sub action_delete_dataset_login {
430 $self->database_administration_login_form(
431 title => t8('Delete Dataset'),
432 next_action => 'delete_dataset',
436 sub action_delete_dataset {
438 $self->delete_dataset_form;
441 sub action_do_delete_dataset {
445 push @errors, t8("Dataset missing!") if !$::form->{db};
448 flash('error', @errors);
449 return $self->create_dataset_form;
452 User->new->dbdelete($::form);
454 flash_later('info', t8("The dataset #1 has been deleted.", $::form->{db}));
455 $self->redirect_to(action => 'show');
459 # actions: locking, unlocking
462 sub action_show_lock {
467 title => "kivitendo " . t8('Administration'),
471 sub action_unlock_system {
474 SL::System::InstallationLock->unlock;
475 flash_later('info', t8('Lockfile removed!'));
476 $self->redirect_to(action => 'show');
479 sub action_lock_system {
482 SL::System::InstallationLock->lock;
483 flash_later('info', t8('Lockfile created!'));
484 $self->redirect_to(action => 'show');
491 sub init_db_cfg { $::lx_office_conf{'authentication/database'} }
492 sub init_is_locked { SL::System::InstallationLock->is_locked }
493 sub init_client { SL::DB::Manager::AuthClient->find_by(id => (($::form->{client} || {})->{id} || $::form->{id})) }
494 sub init_user { SL::DB::AuthUser ->new(id => ($::form->{id} || ($::form->{user} || {})->{id}))->load }
495 sub init_group { SL::DB::AuthGroup ->new(id => ($::form->{id} || ($::form->{group} || {})->{id}))->load }
496 sub init_printer { SL::DB::Printer ->new(id => ($::form->{id} || ($::form->{printer} || {})->{id}))->load }
497 sub init_all_clients { SL::DB::Manager::AuthClient->get_all_sorted }
498 sub init_all_users { SL::DB::Manager::AuthUser ->get_all_sorted }
499 sub init_all_groups { SL::DB::Manager::AuthGroup ->get_all_sorted }
500 sub init_all_printers { SL::DB::Manager::Printer ->get_all_sorted }
501 sub init_all_dateformats { [ qw(mm/dd/yy dd/mm/yy dd.mm.yy yyyy-mm-dd) ] }
502 sub init_all_numberformats { [ '1,000.00', '1000.00', '1.000,00', '1000,00', "1'000.00" ] }
503 sub init_all_stylesheets { [ qw(lx-office-erp.css Mobile.css kivitendo.css) ] }
504 sub init_all_dbsources { [ sort User->dbsources($::form) ] }
505 sub init_all_used_dbsources { { map { (join(':', $_->dbhost || 'localhost', $_->dbport || 5432, $_->dbname) => $_->name) } @{ $_[0]->all_clients } } }
506 sub init_all_accounting_methods { [ { id => 'accrual', name => t8('Accrual accounting') }, { id => 'cash', name => t8('Cash accounting') } ] }
507 sub init_all_inventory_systems { [ { id => 'perpetual', name => t8('Perpetual inventory') }, { id => 'periodic', name => t8('Periodic inventory') } ] }
508 sub init_all_profit_determinations { [ { id => 'balance', name => t8('Balancing') }, { id => 'income', name => t8('Cash basis accounting') } ] }
510 sub init_all_charts {
511 tie my %dir_h, 'IO::Dir', 'sql/';
514 map { s/-chart\.sql$//; +{ id => $_ } }
516 grep { /-chart\.sql\z/ && !/Default-chart.sql\z/ }
521 sub init_all_menustyles {
523 { id => 'old', title => $::locale->text('Old (on the side)') },
524 { id => 'v3', title => $::locale->text('Top (CSS)') },
525 { id => 'neu', title => $::locale->text('Top (Javascript)') },
529 sub init_all_rights {
530 my (@sections, $current_section);
532 foreach my $entry ($::auth->all_rights_full) {
534 push @sections, { description => t8($entry->[1]), rights => [] };
536 } elsif (@sections) {
537 push @{ $sections[-1]->{rights} }, {
539 description => t8($entry->[1]),
543 die "Right without sections: " . join('::', @{ $entry });
550 sub init_all_countrycodes {
551 my %cc = User->country_codes;
552 return [ map { id => $_, title => $cc{$_} }, sort { $cc{$a} cmp $cc{$b} } keys %cc ];
560 my ($self, $action) = @_;
562 my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager});
563 $::request->layout(SL::Layout::Dispatcher->new(style => 'admin'));
564 $::form->{favicon} = "favicon.ico";
566 countrycode => $defaults->language('de'),
567 numberformat => $defaults->numberformat('1.000,00'),
568 dateformat => $defaults->dateformat('dd.mm.yy'),
575 $self->client(SL::DB::Manager::AuthClient->get_default || $self->all_clients->[0]) if !$self->client;
576 $::auth->set_client($self->client->id);
583 sub use_multiselect_js {
586 $::request->layout->use_javascript("${_}.js") for qw(jquery.selectboxes jquery.multiselect2side);
591 my ($self, %params) = @_;
592 $::request->layout(SL::Layout::AdminLogin->new);
593 my $version = $::form->read_version;
594 $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $version), %params, version => $version);
598 my ($self, %params) = @_;
599 $self->use_multiselect_js->render('admin/edit_user', %params);
602 sub edit_client_form {
603 my ($self, %params) = @_;
604 $self->use_multiselect_js->render('admin/edit_client', %params);
607 sub edit_group_form {
608 my ($self, %params) = @_;
609 $self->use_multiselect_js->render('admin/edit_group', %params);
612 sub edit_printer_form {
613 my ($self, %params) = @_;
614 $self->render('admin/edit_printer', %params);
617 sub database_administration_login_form {
618 my ($self, %params) = @_;
622 dbhost => $::form->{dbhost} || $::auth->{DB_config}->{host} || 'localhost',
623 dbport => $::form->{dbport} || $::auth->{DB_config}->{port} || 5432,
624 dbuser => $::form->{dbuser} || $::auth->{DB_config}->{user} || 'kivitendo',
625 dbpasswd => $::form->{dbpasswd} || $::auth->{DB_config}->{password},
626 dbdefault => $::form->{dbdefault} || 'template1',
631 sub create_dataset_form {
632 my ($self, %params) = @_;
634 my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager});
635 $::form->{favicon} = "favicon.ico";
636 $::form->{countrymode} = $defaults->country('DE');
637 $::form->{chart} = $defaults->chart_of_accounts('Germany-DATEV-SKR03EU');
638 $::form->{defaultcurrency} = $defaults->currency('EUR');
639 $::form->{precision} = $defaults->precision(0.01);
640 $::form->{accounting_method} = $defaults->accounting_method('cash');
641 $::form->{inventory_system} = $defaults->inventory_system('periodic');
642 $::form->{profit_determination} = $defaults->profit_determination('balance');
643 $::form->{feature_balance} = $defaults->feature_balance(1);
644 $::form->{feature_datev} = $defaults->feature_datev(1);
645 $::form->{feature_erfolgsrechnung} = $defaults->feature_erfolgsrechnung(0);
646 $::form->{feature_eurechnung} = $defaults->feature_eurechnung(1);
647 $::form->{feature_ustva} = $defaults->feature_ustva(1);
649 $self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')));
652 sub delete_dataset_form {
653 my ($self, %params) = @_;
654 $self->render('admin/delete_dataset', title => (t8('Database Administration') . " / " . t8('Delete Dataset')));
661 sub check_auth_db_and_tables {
664 if (!$::auth->check_database) {
665 $self->render('admin/check_auth_database', title => t8('Authentification database creation'));
669 if (!$::auth->check_tables) {
670 $self->render('admin/check_auth_tables', title => t8('Authentification tables creation'));
677 sub apply_dbupgrade_scripts {
678 return SL::DBUpgrade2->new(form => $::form, auth => 1)->apply_admin_dbupgrade_scripts(1);
681 sub authenticate_root {
684 return 1 if $::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK();
686 $::auth->punish_wrong_login;
687 $::auth->delete_session_value('admin_password');
689 $self->login_form(error => t8('Incorrect password!'));
694 sub is_user_used_for_task_server {
695 my ($self, $user) = @_;
697 return undef if !$user;
698 return join ', ', sort_by { lc } map { $_->name } @{ SL::DB::Manager::AuthClient->get_all(where => [ task_server_user_id => $user->id ]) };
projects / kivitendo-erp.git / blob