1 package SL::Controller::Admin;
5 use parent qw(SL::Controller::Base);
8 use List::Util qw(first);
11 use SL::DB::AuthGroup;
13 use SL::Helper::Flash;
14 use SL::Locale::String qw(t8);
17 use Rose::Object::MakeMethods::Generic
19 'scalar --get_set_init' => [ qw(client user group printer nologin_file_name db_cfg is_locked
20 all_dateformats all_numberformats all_countrycodes all_stylesheets all_menustyles all_clients all_groups all_users all_rights all_printers) ],
23 __PACKAGE__->run_before(\&setup_layout);
24 __PACKAGE__->run_before(\&setup_client, only => [ qw(list_printers new_printer edit_printer save_printer delete_printer) ]);
26 sub get_auth_level { "admin" };
28 my ($class, %params) = @_;
29 return $params{action} eq 'login';
33 # actions: login, logout
39 return $self->login_form if !$::form->{do_login};
40 return if !$self->authenticate_root;
41 return if !$self->check_auth_db_and_tables;
42 return if $self->apply_dbupgrade_scripts;
43 $self->redirect_to(action => 'show');
48 $::auth->destroy_session;
49 $self->redirect_to(action => 'login');
53 # actions: creating the authentication database & tables, applying database ugprades
56 sub action_apply_dbupgrade_scripts {
59 return if $self->apply_dbupgrade_scripts;
63 sub action_create_auth_db {
66 $::auth->create_database(superuser => $::form->{db_superuser},
67 superuser_password => $::form->{db_superuser_password},
68 template => $::form->{db_template});
69 $self->check_auth_db_and_tables;
72 sub action_create_auth_tables {
75 $::auth->create_tables;
76 $::auth->set_session_value('admin_password', $::lx_office_conf{authentication}->{admin_password});
77 $::auth->create_or_refresh_session;
79 my $group = (SL::DB::Manager::AuthGroup->get_all(limit => 1))[0];
81 SL::DB::AuthGroup->new(
82 name => t8('Full Access'),
83 description => t8('Full access to all functions'),
84 rights => [ map { SL::DB::AuthGroupRight->new(right => $_, granted => 1) } SL::Auth::all_rights() ],
88 if (!$self->apply_dbupgrade_scripts) {
102 title => "kivitendo " . t8('Administration'),
106 sub action_new_user {
109 $self->user(SL::DB::AuthUser->new(
113 numberformat => "1.000,00",
114 dateformat => "dd.mm.yy",
115 stylesheet => "kivitendo.css",
120 $self->edit_user_form(title => t8('Create a new user'));
123 sub action_edit_user {
125 $self->edit_user_form(title => t8('Edit User'));
128 sub action_save_user {
130 my $params = delete($::form->{user}) || { };
131 my $props = delete($params->{config_values}) || { };
132 my $is_new = !$params->{id};
134 $self->user($is_new ? SL::DB::AuthUser->new : SL::DB::AuthUser->new(id => $params->{id})->load)
135 ->assign_attributes(%{ $params })
136 ->config_values({ %{ $self->user->config_values }, %{ $props } });
138 my @errors = $self->user->validate;
141 flash('error', @errors);
142 $self->edit_user_form(title => $is_new ? t8('Create a new user') : t8('Edit User'));
148 if ($::auth->can_change_password && $::form->{new_password}) {
149 $::auth->change_password($self->user->login, $::form->{new_password});
152 flash_later('info', $is_new ? t8('The user has been created.') : t8('The user has been saved.'));
153 $self->redirect_to(action => 'show');
156 sub action_delete_user {
159 if (!$self->user->delete) {
160 flash('error', t8('The user could not be deleted.'));
161 $self->edit_user_form(title => t8('Edit User'));
165 flash_later('info', t8('The user has been deleted.'));
166 $self->redirect_to(action => 'show');
173 sub action_new_client {
176 $self->client(SL::DB::AuthClient->new(
177 dbhost => $::auth->{DB_config}->{host},
178 dbport => $::auth->{DB_config}->{port},
179 dbuser => $::auth->{DB_config}->{user},
180 dbpasswd => $::auth->{DB_config}->{password},
183 $self->edit_client_form(title => t8('Create a new client'));
186 sub action_edit_client {
188 $self->edit_client_form(title => t8('Edit Client'));
191 sub action_save_client {
193 my $params = delete($::form->{client}) || { };
194 my $is_new = !$params->{id};
196 $self->client($is_new ? SL::DB::AuthClient->new : SL::DB::AuthClient->new(id => $params->{id})->load)->assign_attributes(%{ $params });
198 my @errors = $self->client->validate;
201 flash('error', @errors);
202 $self->edit_client_form(title => $is_new ? t8('Create a new client') : t8('Edit Client'));
207 if ($self->client->is_default) {
208 SL::DB::Manager::AuthClient->update_all(set => { is_default => 0 }, where => [ '!id' => $self->client->id ]);
211 flash_later('info', $is_new ? t8('The client has been created.') : t8('The client has been saved.'));
212 $self->redirect_to(action => 'show');
215 sub action_delete_client {
218 if (!$self->client->delete) {
219 flash('error', t8('The client could not be deleted.'));
220 $self->edit_client_form(title => t8('Edit Client'));
224 flash_later('info', t8('The client has been deleted.'));
225 $self->redirect_to(action => 'show');
228 sub action_test_database_connectivity {
231 my %cfg = %{ $::form->{client} || {} };
232 my $dbconnect = 'dbi:Pg:dbname=' . $cfg{dbname} . ';host=' . $cfg{dbhost} . ';port=' . $cfg{dbport};
233 my $dbh = DBI->connect($dbconnect, $cfg{dbuser}, $cfg{dbpasswd});
236 my $error = $DBI::errstr;
238 $dbh->disconnect if $dbh;
240 $self->render('admin/test_db_connection',
241 title => t8('Database Connection Test'),
250 sub action_new_group {
253 $self->group(SL::DB::AuthGroup->new);
254 $self->edit_group_form(title => t8('Create a new group'));
257 sub action_edit_group {
259 $self->edit_group_form(title => t8('Edit User Group'));
262 sub action_save_group {
265 my $params = delete($::form->{group}) || { };
266 my $is_new = !$params->{id};
268 $self->group($is_new ? SL::DB::AuthGroup->new : SL::DB::AuthGroup->new(id => $params->{id})->load)->assign_attributes(%{ $params });
270 my @errors = $self->group->validate;
273 flash('error', @errors);
274 $self->edit_group_form(title => $is_new ? t8('Create a new user group') : t8('Edit User Group'));
280 flash_later('info', $is_new ? t8('The user group has been created.') : t8('The user group has been saved.'));
281 $self->redirect_to(action => 'show');
284 sub action_delete_group {
287 if (!$self->group->delete) {
288 flash('error', t8('The user group could not be deleted.'));
289 $self->edit_group_form(title => t8('Edit User Group'));
293 flash_later('info', t8('The user group has been deleted.'));
294 $self->redirect_to(action => 'show');
301 sub action_list_printers {
303 $self->render('admin/list_printers', title => t8('Printer management'));
306 sub action_new_printer {
309 $self->printer(SL::DB::Printer->new);
310 $self->edit_printer_form(title => t8('Create a new printer'));
313 sub action_edit_printer {
315 $self->edit_printer_form(title => t8('Edit Printer'));
318 sub action_save_printer {
320 my $params = delete($::form->{printer}) || { };
321 my $is_new = !$params->{id};
323 $self->printer($is_new ? SL::DB::Printer->new : SL::DB::Printer->new(id => $params->{id})->load)->assign_attributes(%{ $params });
325 my @errors = $self->printer->validate;
328 flash('error', @errors);
329 $self->edit_printer_form(title => $is_new ? t8('Create a new printer') : t8('Edit Printer'));
333 $self->printer->save;
335 flash_later('info', $is_new ? t8('The printer has been created.') : t8('The printer has been saved.'));
336 $self->redirect_to(action => 'list_printers', 'client.id' => $self->client->id);
339 sub action_delete_printer {
342 if (!$self->printer->delete) {
343 flash('error', t8('The printer could not be deleted.'));
344 $self->edit_printer_form(title => t8('Edit Printer'));
348 flash_later('info', t8('The printer has been deleted.'));
349 $self->redirect_to(action => 'list_printers', 'client.id' => $self->client->id);
353 # actions: locking, unlocking
356 sub action_unlock_system {
358 unlink $self->nologin_file_name;
359 flash_later('info', t8('Lockfile removed!'));
360 $self->redirect_to(action => 'show');
363 sub action_lock_system {
366 my $fh = IO::File->new($self->nologin_file_name, "w");
368 $::form->error(t8('Cannot create Lock!'));
372 flash_later('info', t8('Lockfile created!'));
373 $self->redirect_to(action => 'show');
381 sub init_db_cfg { $::lx_office_conf{'authentication/database'} }
382 sub init_nologin_file_name { $::lx_office_conf{paths}->{userspath} . '/nologin'; }
383 sub init_is_locked { -e $_[0]->nologin_file_name }
384 sub init_client { SL::DB::Manager::AuthClient->find_by(id => ($::form->{id} || ($::form->{client} || {})->{id})) }
385 sub init_user { SL::DB::AuthUser ->new(id => ($::form->{id} || ($::form->{user} || {})->{id}))->load }
386 sub init_group { SL::DB::AuthGroup ->new(id => ($::form->{id} || ($::form->{group} || {})->{id}))->load }
387 sub init_printer { SL::DB::Printer ->new(id => ($::form->{id} || ($::form->{printer} || {})->{id}))->load }
388 sub init_all_clients { SL::DB::Manager::AuthClient->get_all_sorted }
389 sub init_all_users { SL::DB::Manager::AuthUser ->get_all_sorted }
390 sub init_all_groups { SL::DB::Manager::AuthGroup ->get_all_sorted }
391 sub init_all_printers { SL::DB::Manager::Printer ->get_all_sorted }
392 sub init_all_dateformats { [ qw(mm/dd/yy dd/mm/yy dd.mm.yy yyyy-mm-dd) ] }
393 sub init_all_numberformats { [ qw(1,000.00 1000.00 1.000,00 1000,00) ] }
394 sub init_all_stylesheets { [ qw(lx-office-erp.css Mobile.css kivitendo.css) ] }
395 sub init_all_menustyles {
397 { id => 'old', title => $::locale->text('Old (on the side)') },
398 { id => 'v3', title => $::locale->text('Top (CSS)') },
399 { id => 'neu', title => $::locale->text('Top (Javascript)') },
403 sub init_all_rights {
404 my (@sections, $current_section);
406 foreach my $entry ($::auth->all_rights_full) {
407 if ($entry->[0] =~ m/^--/) {
408 push @sections, { description => $entry->[1], rights => [] };
410 } elsif (@sections) {
411 push @{ $sections[-1]->{rights} }, {
413 description => $entry->[1],
417 die "Right without sections: " . join('::', @{ $entry });
424 sub init_all_countrycodes {
425 my %cc = User->country_codes;
426 return [ map { id => $_, title => $cc{$_} }, sort { $cc{$a} cmp $cc{$b} } keys %cc ];
434 my ($self, $action) = @_;
436 $::request->layout(SL::Layout::Dispatcher->new(style => 'admin'));
437 $::request->layout->use_stylesheet("lx-office-erp.css");
438 $::form->{favicon} = "favicon.ico";
444 $self->client((first { $_->is_default } @{ $self->all_clients }) || $self->all_clients->[0]) if !$self->client;
445 $::auth->set_client($self->client->id);
453 sub use_multiselect_js {
456 $::request->layout->use_javascript("${_}.js") for qw(jquery.selectboxes jquery.multiselect2side);
461 my ($self, %params) = @_;
462 $::request->layout->focus('#admin_password');
463 $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $::form->{version}), %params);
467 my ($self, %params) = @_;
468 $self->use_multiselect_js->render('admin/edit_user', %params);
471 sub edit_client_form {
472 my ($self, %params) = @_;
473 $self->use_multiselect_js->render('admin/edit_client', %params);
476 sub edit_group_form {
477 my ($self, %params) = @_;
478 $self->use_multiselect_js->render('admin/edit_group', %params);
481 sub edit_printer_form {
482 my ($self, %params) = @_;
483 $self->render('admin/edit_printer', %params);
490 sub check_auth_db_and_tables {
493 if (!$::auth->check_database) {
494 $self->render('admin/check_auth_database', title => t8('Authentification database creation'));
498 if (!$::auth->check_tables) {
499 $self->render('admin/check_auth_tables', title => t8('Authentification tables creation'));
506 sub apply_dbupgrade_scripts {
507 return SL::DBUpgrade2->new(form => $::form, dbdriver => 'Pg', auth => 1)->apply_admin_dbupgrade_scripts(1);
510 sub authenticate_root {
513 return 1 if $::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK();
515 $::auth->punish_wrong_login;
516 $::auth->delete_session_value('admin_password');
518 $self->login_form(error => t8('Incorrect Password!'));