1 package SL::Controller::Admin;
5 use parent qw(SL::Controller::Base);
8 use List::Util qw(first);
12 use SL::DB::AuthGroup;
14 use SL::Helper::Flash;
15 use SL::Locale::String qw(t8);
16 use SL::System::InstallationLock;
19 use Rose::Object::MakeMethods::Generic
21 'scalar --get_set_init' => [ qw(client user group printer db_cfg is_locked
22 all_dateformats all_numberformats all_countrycodes all_stylesheets all_menustyles all_clients all_groups all_users all_rights all_printers
23 all_dbsources all_used_dbsources all_accounting_methods all_inventory_systems all_profit_determinations all_charts) ],
26 __PACKAGE__->run_before(\&setup_layout);
27 __PACKAGE__->run_before(\&setup_client, only => [ qw(list_printers new_printer edit_printer save_printer delete_printer) ]);
29 sub get_auth_level { "admin" };
31 my ($class, %params) = @_;
32 return $params{action} eq 'login';
36 # actions: login, logout
42 return $self->login_form if !$::form->{do_login};
43 return if !$self->authenticate_root;
44 return if !$self->check_auth_db_and_tables;
45 return if $self->apply_dbupgrade_scripts;
47 $self->redirect_to(action => 'show');
52 $::auth->destroy_session;
53 $self->redirect_to(action => 'login');
57 # actions: creating the authentication database & tables, applying database ugprades
60 sub action_apply_dbupgrade_scripts {
63 return if $self->apply_dbupgrade_scripts;
64 $self->redirect_to(action => 'show');
67 sub action_create_auth_db {
70 $::auth->create_database(superuser => $::form->{db_superuser},
71 superuser_password => $::form->{db_superuser_password},
72 template => $::form->{db_template});
73 $self->check_auth_db_and_tables;
76 sub action_create_auth_tables {
79 $::auth->create_tables;
80 $::auth->set_session_value('admin_password', $::lx_office_conf{authentication}->{admin_password});
81 $::auth->create_or_refresh_session;
83 my $group = (SL::DB::Manager::AuthGroup->get_all(limit => 1))[0];
85 SL::DB::AuthGroup->new(
86 name => t8('Full Access'),
87 description => t8('Full access to all functions'),
88 rights => [ map { SL::DB::AuthGroupRight->new(right => $_, granted => 1) } SL::Auth::all_rights() ],
92 if (!$self->apply_dbupgrade_scripts) {
106 title => "kivitendo " . t8('Administration'),
110 sub action_new_user {
113 $self->user(SL::DB::AuthUser->new(
117 numberformat => "1.000,00",
118 dateformat => "dd.mm.yy",
119 stylesheet => "kivitendo.css",
124 $self->edit_user_form(title => t8('Create a new user'));
127 sub action_edit_user {
129 $self->edit_user_form(title => t8('Edit User'));
132 sub action_save_user {
134 my $params = delete($::form->{user}) || { };
135 my $props = delete($params->{config_values}) || { };
136 my $is_new = !$params->{id};
138 # Assign empty arrays if the browser doesn't send those controls.
139 $params->{clients} ||= [];
140 $params->{groups} ||= [];
142 $self->user($is_new ? SL::DB::AuthUser->new : SL::DB::AuthUser->new(id => $params->{id})->load)
143 ->assign_attributes(%{ $params })
144 ->config_values({ %{ $self->user->config_values }, %{ $props } });
146 my @errors = $self->user->validate;
149 flash('error', @errors);
150 $self->edit_user_form(title => $is_new ? t8('Create a new user') : t8('Edit User'));
156 if ($::auth->can_change_password && $::form->{new_password}) {
157 $::auth->change_password($self->user->login, $::form->{new_password});
160 flash_later('info', $is_new ? t8('The user has been created.') : t8('The user has been saved.'));
161 $self->redirect_to(action => 'show');
164 sub action_delete_user {
167 my @clients = @{ $self->user->clients || [] };
169 if (!$self->user->delete) {
170 flash('error', t8('The user could not be deleted.'));
171 $self->edit_user_form(title => t8('Edit User'));
175 # Flag corresponding entries in 'employee' as deleted.
176 foreach my $client (@clients) {
177 my $dbh = $client->dbconnect(AutoCommit => 1) || next;
178 $dbh->do(qq|UPDATE employee SET deleted = TRUE WHERE login = ?|, undef, $self->user->login);
182 flash_later('info', t8('The user has been deleted.'));
183 $self->redirect_to(action => 'show');
190 sub action_new_client {
193 $self->client(SL::DB::AuthClient->new(
194 dbhost => $::auth->{DB_config}->{host},
195 dbport => $::auth->{DB_config}->{port},
196 dbuser => $::auth->{DB_config}->{user},
197 dbpasswd => $::auth->{DB_config}->{password},
200 $self->edit_client_form(title => t8('Create a new client'));
203 sub action_edit_client {
205 $self->edit_client_form(title => t8('Edit Client'));
208 sub action_save_client {
210 my $params = delete($::form->{client}) || { };
211 my $is_new = !$params->{id};
213 # Assign empty arrays if the browser doesn't send those controls.
214 $params->{groups} ||= [];
215 $params->{users} ||= [];
217 $self->client($is_new ? SL::DB::AuthClient->new : SL::DB::AuthClient->new(id => $params->{id})->load)->assign_attributes(%{ $params });
219 my @errors = $self->client->validate;
222 flash('error', @errors);
223 $self->edit_client_form(title => $is_new ? t8('Create a new client') : t8('Edit Client'));
228 if ($self->client->is_default) {
229 SL::DB::Manager::AuthClient->update_all(set => { is_default => 0 }, where => [ '!id' => $self->client->id ]);
232 flash_later('info', $is_new ? t8('The client has been created.') : t8('The client has been saved.'));
233 $self->redirect_to(action => 'show');
236 sub action_delete_client {
239 if (!$self->client->delete) {
240 flash('error', t8('The client could not be deleted.'));
241 $self->edit_client_form(title => t8('Edit Client'));
245 flash_later('info', t8('The client has been deleted.'));
246 $self->redirect_to(action => 'show');
249 sub action_test_database_connectivity {
252 my %cfg = %{ $::form->{client} || {} };
253 my $dbconnect = 'dbi:Pg:dbname=' . $cfg{dbname} . ';host=' . $cfg{dbhost} . ';port=' . $cfg{dbport};
254 my $dbh = DBI->connect($dbconnect, $cfg{dbuser}, $cfg{dbpasswd});
257 my $error = $DBI::errstr;
259 $dbh->disconnect if $dbh;
261 $self->render('admin/test_db_connection', { layout => 0 },
262 title => t8('Database Connection Test'),
271 sub action_new_group {
274 $self->group(SL::DB::AuthGroup->new);
275 $self->edit_group_form(title => t8('Create a new group'));
278 sub action_edit_group {
280 $self->edit_group_form(title => t8('Edit User Group'));
283 sub action_save_group {
286 my $params = delete($::form->{group}) || { };
287 my $is_new = !$params->{id};
289 # Assign empty arrays if the browser doesn't send those controls.
290 $params->{clients} ||= [];
291 $params->{users} ||= [];
293 $self->group($is_new ? SL::DB::AuthGroup->new : SL::DB::AuthGroup->new(id => $params->{id})->load)->assign_attributes(%{ $params });
295 my @errors = $self->group->validate;
298 flash('error', @errors);
299 $self->edit_group_form(title => $is_new ? t8('Create a new user group') : t8('Edit User Group'));
305 flash_later('info', $is_new ? t8('The user group has been created.') : t8('The user group has been saved.'));
306 $self->redirect_to(action => 'show');
309 sub action_delete_group {
312 if (!$self->group->delete) {
313 flash('error', t8('The user group could not be deleted.'));
314 $self->edit_group_form(title => t8('Edit User Group'));
318 flash_later('info', t8('The user group has been deleted.'));
319 $self->redirect_to(action => 'show');
326 sub action_list_printers {
328 $self->render('admin/list_printers', title => t8('Printer management'));
331 sub action_new_printer {
334 $self->printer(SL::DB::Printer->new);
335 $self->edit_printer_form(title => t8('Create a new printer'));
338 sub action_edit_printer {
340 $self->edit_printer_form(title => t8('Edit Printer'));
343 sub action_save_printer {
345 my $params = delete($::form->{printer}) || { };
346 my $is_new = !$params->{id};
348 $self->printer($is_new ? SL::DB::Printer->new : SL::DB::Printer->new(id => $params->{id})->load)->assign_attributes(%{ $params });
350 my @errors = $self->printer->validate;
353 flash('error', @errors);
354 $self->edit_printer_form(title => $is_new ? t8('Create a new printer') : t8('Edit Printer'));
358 $self->printer->save;
360 flash_later('info', $is_new ? t8('The printer has been created.') : t8('The printer has been saved.'));
361 $self->redirect_to(action => 'list_printers', 'client.id' => $self->client->id);
364 sub action_delete_printer {
367 if (!$self->printer->delete) {
368 flash('error', t8('The printer could not be deleted.'));
369 $self->edit_printer_form(title => t8('Edit Printer'));
373 flash_later('info', t8('The printer has been deleted.'));
374 $self->redirect_to(action => 'list_printers', 'client.id' => $self->client->id);
378 # actions: database administration
381 sub action_database_administration {
384 $::form->{dbhost} ||= $::auth->{DB_config}->{host} || 'localhost';
385 $::form->{dbport} ||= $::auth->{DB_config}->{port} || 5432;
386 $::form->{dbuser} ||= $::auth->{DB_config}->{user} || 'kivitendo';
387 $::form->{dbpasswd} ||= $::auth->{DB_config}->{password};
388 $::form->{dbdefault} ||= 'template1';
390 $self->render('admin/dbadmin', title => t8('Database Administration'));
393 sub action_create_dataset {
395 $self->create_dataset_form;
398 sub action_do_create_dataset {
402 push @errors, t8("Dataset missing!") if !$::form->{db};
403 push @errors, t8("Default currency missing!") if !$::form->{defaultcurrency};
406 flash('error', @errors);
407 return $self->create_dataset_form;
410 $::form->{encoding} = 'UNICODE';
411 User->new->dbcreate($::form);
413 flash_later('info', t8("The dataset #1 has been created.", $::form->{db}));
414 $self->redirect_to(action => 'database_administration');
417 sub action_delete_dataset {
419 $self->delete_dataset_form;
422 sub action_do_delete_dataset {
426 push @errors, t8("Dataset missing!") if !$::form->{db};
429 flash('error', @errors);
430 return $self->create_dataset_form;
433 User->new->dbdelete($::form);
435 flash_later('info', t8("The dataset #1 has been deleted.", $::form->{db}));
436 $self->redirect_to(action => 'database_administration');
440 # actions: locking, unlocking
443 sub action_unlock_system {
446 SL::System::InstallationLock->unlock;
447 flash_later('info', t8('Lockfile removed!'));
448 $self->redirect_to(action => 'show');
451 sub action_lock_system {
454 SL::System::InstallationLock->unlock;
455 flash_later('info', t8('Lockfile created!'));
456 $self->redirect_to(action => 'show');
463 sub init_db_cfg { $::lx_office_conf{'authentication/database'} }
464 sub init_is_locked { SL::System::InstallationLock->is_locked }
465 sub init_client { SL::DB::Manager::AuthClient->find_by(id => ($::form->{id} || ($::form->{client} || {})->{id})) }
466 sub init_user { SL::DB::AuthUser ->new(id => ($::form->{id} || ($::form->{user} || {})->{id}))->load }
467 sub init_group { SL::DB::AuthGroup ->new(id => ($::form->{id} || ($::form->{group} || {})->{id}))->load }
468 sub init_printer { SL::DB::Printer ->new(id => ($::form->{id} || ($::form->{printer} || {})->{id}))->load }
469 sub init_all_clients { SL::DB::Manager::AuthClient->get_all_sorted }
470 sub init_all_users { SL::DB::Manager::AuthUser ->get_all_sorted }
471 sub init_all_groups { SL::DB::Manager::AuthGroup ->get_all_sorted }
472 sub init_all_printers { SL::DB::Manager::Printer ->get_all_sorted }
473 sub init_all_dateformats { [ qw(mm/dd/yy dd/mm/yy dd.mm.yy yyyy-mm-dd) ] }
474 sub init_all_numberformats { [ '1,000.00', '1000.00', '1.000,00', '1000,00' ] }
475 sub init_all_stylesheets { [ qw(lx-office-erp.css Mobile.css kivitendo.css) ] }
476 sub init_all_dbsources { [ sort User->dbsources($::form) ] }
477 sub init_all_used_dbsources { { map { (join(':', $_->dbhost || 'localhost', $_->dbport || 5432, $_->dbname) => $_->name) } @{ $_[0]->all_clients } } }
478 sub init_all_accounting_methods { [ { id => 'accrual', name => t8('Accrual accounting') }, { id => 'cash', name => t8('Cash accounting') } ] }
479 sub init_all_inventory_systems { [ { id => 'perpetual', name => t8('Perpetual inventory') }, { id => 'periodic', name => t8('Periodic inventory') } ] }
480 sub init_all_profit_determinations { [ { id => 'balance', name => t8('Balancing') }, { id => 'income', name => t8('Cash basis accounting') } ] }
482 sub init_all_charts {
483 tie my %dir_h, 'IO::Dir', 'sql/';
486 map { s/-chart\.sql$//; +{ id => $_ } }
488 grep { /-chart\.sql\z/ && !/Default-chart.sql\z/ }
493 sub init_all_menustyles {
495 { id => 'old', title => $::locale->text('Old (on the side)') },
496 { id => 'v3', title => $::locale->text('Top (CSS)') },
497 { id => 'neu', title => $::locale->text('Top (Javascript)') },
501 sub init_all_rights {
502 my (@sections, $current_section);
504 foreach my $entry ($::auth->all_rights_full) {
505 if ($entry->[0] =~ m/^--/) {
506 push @sections, { description => $entry->[1], rights => [] };
508 } elsif (@sections) {
509 push @{ $sections[-1]->{rights} }, {
511 description => $entry->[1],
515 die "Right without sections: " . join('::', @{ $entry });
522 sub init_all_countrycodes {
523 my %cc = User->country_codes;
524 return [ map { id => $_, title => $cc{$_} }, sort { $cc{$a} cmp $cc{$b} } keys %cc ];
532 my ($self, $action) = @_;
534 $::request->layout(SL::Layout::Dispatcher->new(style => 'admin'));
535 $::request->layout->use_stylesheet("lx-office-erp.css");
536 $::form->{favicon} = "favicon.ico";
539 numberformat => '1.000,00',
540 dateformat => 'dd.mm.yy',
547 $self->client((first { $_->is_default } @{ $self->all_clients }) || $self->all_clients->[0]) if !$self->client;
548 $::auth->set_client($self->client->id);
556 sub use_multiselect_js {
559 $::request->layout->use_javascript("${_}.js") for qw(jquery.selectboxes jquery.multiselect2side);
564 my ($self, %params) = @_;
565 my $version = $::form->read_version;
566 $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $version), %params, version => $version);
570 my ($self, %params) = @_;
571 $self->use_multiselect_js->render('admin/edit_user', %params);
574 sub edit_client_form {
575 my ($self, %params) = @_;
576 $self->use_multiselect_js->render('admin/edit_client', %params);
579 sub edit_group_form {
580 my ($self, %params) = @_;
581 $self->use_multiselect_js->render('admin/edit_group', %params);
584 sub edit_printer_form {
585 my ($self, %params) = @_;
586 $self->render('admin/edit_printer', %params);
589 sub create_dataset_form {
590 my ($self, %params) = @_;
591 $self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')));
594 sub delete_dataset_form {
595 my ($self, %params) = @_;
596 $self->render('admin/delete_dataset', title => (t8('Database Administration') . " / " . t8('Delete Dataset')));
603 sub check_auth_db_and_tables {
606 if (!$::auth->check_database) {
607 $self->render('admin/check_auth_database', title => t8('Authentification database creation'));
611 if (!$::auth->check_tables) {
612 $self->render('admin/check_auth_tables', title => t8('Authentification tables creation'));
619 sub apply_dbupgrade_scripts {
620 return SL::DBUpgrade2->new(form => $::form, auth => 1)->apply_admin_dbupgrade_scripts(1);
623 sub authenticate_root {
626 return 1 if $::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK();
628 $::auth->punish_wrong_login;
629 $::auth->delete_session_value('admin_password');
631 $self->login_form(error => t8('Incorrect password!'));