1 package SL::Controller::Admin;
5 use parent qw(SL::Controller::Base);
10 use SL::DB::AuthGroup;
11 use SL::Helper::Flash;
12 use SL::Locale::String qw(t8);
15 use Rose::Object::MakeMethods::Generic
17 'scalar --get_set_init' => [ qw(client user nologin_file_name db_cfg all_dateformats all_numberformats all_countrycodes all_stylesheets all_menustyles all_clients all_groups all_users) ],
20 __PACKAGE__->run_before(\&setup_layout);
22 sub get_auth_level { "admin" };
24 my ($class, %params) = @_;
25 return $params{action} eq 'login';
29 # actions: login, logout
35 return $self->login_form if !$::form->{do_login};
36 return if !$self->authenticate_root;
37 return if !$self->check_auth_db_and_tables;
38 return if $self->apply_dbupgrade_scripts;
39 $self->redirect_to(action => 'show');
44 $::auth->destroy_session;
45 $self->redirect_to(action => 'login');
49 # actions: creating the authentication database & tables, applying database ugprades
52 sub action_apply_dbupgrade_scripts {
55 return if $self->apply_dbupgrade_scripts;
59 sub action_create_auth_db {
62 $::auth->create_database(superuser => $::form->{db_superuser},
63 superuser_password => $::form->{db_superuser_password},
64 template => $::form->{db_template});
65 $self->check_auth_db_and_tables;
68 sub action_create_auth_tables {
71 $::auth->create_tables;
72 $::auth->set_session_value('admin_password', $::lx_office_conf{authentication}->{admin_password});
73 $::auth->create_or_refresh_session;
75 my $group = (SL::DB::Manager::AuthGroup->get_all(limit => 1))[0];
77 SL::DB::AuthGroup->new(
78 name => t8('Full Access'),
79 description => t8('Full access to all functions'),
80 rights => [ map { SL::DB::AuthGroupRight->new(right => $_, granted => 1) } SL::Auth::all_rights() ],
84 if (!$self->apply_dbupgrade_scripts) {
98 CLIENTS => SL::DB::Manager::AuthClient->get_all_sorted,
99 USERS => SL::DB::Manager::AuthUser->get_all_sorted,
100 LOCKED => (-e $self->nologin_file_name),
101 title => "kivitendo " . t8('Administration'),
105 sub action_new_user {
108 $self->user(SL::DB::AuthUser->new(
112 numberformat => "1.000,00",
113 dateformat => "dd.mm.yy",
114 stylesheet => "kivitendo.css",
119 $self->edit_user_form(title => t8('Create a new user'));
122 sub action_edit_user {
124 $self->edit_user_form(title => t8('Edit User'));
127 sub action_save_user {
129 my $params = delete($::form->{user}) || { };
130 my $props = delete($params->{config_values}) || { };
131 my $is_new = !$params->{id};
133 $self->user($is_new ? SL::DB::AuthUser->new : SL::DB::AuthUser->new(id => $params->{id})->load)
134 ->assign_attributes(%{ $params })
135 ->config_values({ %{ $self->user->config_values }, %{ $props } });
137 my @errors = $self->user->validate;
140 flash('error', @errors);
141 $self->edit_user_form(title => $is_new ? t8('Create a new user') : t8('Edit User'));
147 if ($::auth->can_change_password && $::form->{new_password}) {
148 $::auth->change_password($self->user->login, $::form->{new_password});
151 flash_later('info', $is_new ? t8('The user has been created.') : t8('The user has been saved.'));
152 $self->redirect_to(action => 'show');
155 sub action_delete_user {
158 if (!$self->user->delete) {
159 flash('error', t8('The user could not be deleted.'));
160 $self->edit_user_form(title => t8('Edit User'));
164 flash_later('info', t8('The user has been deleted.'));
165 $self->redirect_to(action => 'show');
172 sub action_new_client {
175 $self->client(SL::DB::AuthClient->new(
176 dbhost => $::auth->{DB_config}->{host},
177 dbport => $::auth->{DB_config}->{port},
178 dbuser => $::auth->{DB_config}->{user},
179 dbpasswd => $::auth->{DB_config}->{password},
182 $self->edit_client_form(title => t8('Create a new client'));
185 sub action_edit_client {
187 $self->edit_client_form(title => t8('Edit Client'));
190 sub action_save_client {
192 my $params = delete($::form->{client}) || { };
193 my $is_new = !$params->{id};
195 $self->client($is_new ? SL::DB::AuthClient->new : SL::DB::AuthClient->new(id => $params->{id})->load)->assign_attributes(%{ $params });
197 my @errors = $self->client->validate;
200 flash('error', @errors);
201 $self->edit_client_form(title => $is_new ? t8('Create a new client') : t8('Edit Client'));
206 if ($self->client->is_default) {
207 SL::DB::Manager::AuthClient->update_all(set => { is_default => 0 }, where => [ '!id' => $self->client->id ]);
210 flash_later('info', $is_new ? t8('The client has been created.') : t8('The client has been saved.'));
211 $self->redirect_to(action => 'show');
214 sub action_delete_client {
217 if (!$self->client->delete) {
218 flash('error', t8('The client could not be deleted.'));
219 $self->edit_client_form(title => t8('Edit Client'));
223 flash_later('info', t8('The client has been deleted.'));
224 $self->redirect_to(action => 'show');
227 sub action_test_database_connectivity {
230 my %cfg = %{ $::form->{client} || {} };
231 my $dbconnect = 'dbi:Pg:dbname=' . $cfg{dbname} . ';host=' . $cfg{dbhost} . ';port=' . $cfg{dbport};
232 my $dbh = DBI->connect($dbconnect, $cfg{dbuser}, $cfg{dbpasswd});
235 my $error = $DBI::errstr;
237 $dbh->disconnect if $dbh;
239 $self->render('admin/test_db_connection',
240 title => t8('Database Connection Test'),
246 # actions: locking, unlocking
249 sub action_unlock_system {
251 unlink $self->nologin_file_name;
252 flash_later('info', t8('Lockfile removed!'));
253 $self->redirect_to(action => 'show');
256 sub action_lock_system {
259 my $fh = IO::File->new($self->nologin_file_name, "w");
261 $::form->error(t8('Cannot create Lock!'));
265 flash_later('info', t8('Lockfile created!'));
266 $self->redirect_to(action => 'show');
274 sub init_db_cfg { $::lx_office_conf{'authentication/database'} }
275 sub init_nologin_file_name { $::lx_office_conf{paths}->{userspath} . '/nologin'; }
276 sub init_client { SL::DB::AuthClient->new(id => ($::form->{id} || ($::form->{client} || {})->{id}))->load }
277 sub init_user { SL::DB::AuthUser ->new(id => ($::form->{id} || ($::form->{user} || {})->{id}))->load }
278 sub init_all_clients { SL::DB::Manager::AuthClient->get_all_sorted }
279 sub init_all_users { SL::DB::Manager::AuthUser->get_all_sorted }
280 sub init_all_groups { SL::DB::Manager::AuthGroup->get_all_sorted }
281 sub init_all_dateformats { [ qw(mm/dd/yy dd/mm/yy dd.mm.yy yyyy-mm-dd) ] }
282 sub init_all_numberformats { [ qw(1,000.00 1000.00 1.000,00 1000,00) ] }
283 sub init_all_stylesheets { [ qw(lx-office-erp.css Mobile.css kivitendo.css) ] }
284 sub init_all_menustyles {
286 { id => 'old', title => $::locale->text('Old (on the side)') },
287 { id => 'v3', title => $::locale->text('Top (CSS)') },
288 { id => 'neu', title => $::locale->text('Top (Javascript)') },
292 sub init_all_countrycodes {
293 my %cc = User->country_codes;
294 return [ map { id => $_, title => $cc{$_} }, sort { $cc{$a} cmp $cc{$b} } keys %cc ];
302 my ($self, $action) = @_;
304 $::request->layout(SL::Layout::Dispatcher->new(style => 'admin'));
305 $::request->layout->use_stylesheet("lx-office-erp.css");
306 $::form->{favicon} = "favicon.ico";
314 my ($self, %params) = @_;
315 $::request->layout->focus('#admin_password');
316 $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $::form->{version}), %params);
320 my ($self, %params) = @_;
322 $::request->layout->use_javascript("${_}.js") for qw(jquery.selectboxes jquery.multiselect2side);
323 $self->render('admin/edit_user', %params);
326 sub edit_client_form {
327 my ($self, %params) = @_;
329 $::request->layout->use_javascript("${_}.js") for qw(jquery.selectboxes jquery.multiselect2side);
330 $self->render('admin/edit_client', %params);
337 sub check_auth_db_and_tables {
340 if (!$::auth->check_database) {
341 $self->render('admin/check_auth_database', title => t8('Authentification database creation'));
345 if (!$::auth->check_tables) {
346 $self->render('admin/check_auth_tables', title => t8('Authentification tables creation'));
353 sub apply_dbupgrade_scripts {
354 return SL::DBUpgrade2->new(form => $::form, dbdriver => 'Pg', auth => 1)->apply_admin_dbupgrade_scripts(1);
357 sub authenticate_root {
360 return 1 if $::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK();
362 $::auth->punish_wrong_login;
363 $::auth->delete_session_value('admin_password');
365 $self->login_form(error => t8('Incorrect Password!'));