use IO::Dir;
use List::Util qw(first);
+use List::UtilsBy qw(sort_by);
use SL::Common ();
use SL::DB::AuthUser;
use SL::DB::AuthGroup;
use SL::DB::Printer;
+use SL::DBUtils ();
use SL::Helper::Flash;
use SL::Locale::String qw(t8);
use SL::System::InstallationLock;
use SL::User;
+use SL::Version;
+use SL::Layout::AdminLogin;
use Rose::Object::MakeMethods::Generic
(
'scalar --get_set_init' => [ qw(client user group printer db_cfg is_locked
all_dateformats all_numberformats all_countrycodes all_stylesheets all_menustyles all_clients all_groups all_users all_rights all_printers
- all_dbsources all_unused_dbsources all_accounting_methods all_inventory_systems all_profit_determinations all_charts) ],
+ all_dbsources all_used_dbsources all_accounting_methods all_inventory_systems all_profit_determinations all_charts) ],
);
__PACKAGE__->run_before(\&setup_layout);
__PACKAGE__->run_before(\&setup_client, only => [ qw(list_printers new_printer edit_printer save_printer delete_printer) ]);
sub get_auth_level { "admin" };
-sub keep_auth_vars {
+sub keep_auth_vars_in_form {
my ($class, %params) = @_;
return $params{action} eq 'login';
}
$::auth->set_session_value('admin_password', $::lx_office_conf{authentication}->{admin_password});
$::auth->create_or_refresh_session;
- my $group = (SL::DB::Manager::AuthGroup->get_all(limit => 1))[0];
- if (!$group) {
+ my $scripts_applied = $self->apply_dbupgrade_scripts;
+
+ if (! SL::DB::Manager::AuthGroup->get_all_count) {
SL::DB::AuthGroup->new(
name => t8('Full Access'),
description => t8('Full access to all functions'),
- rights => [ map { SL::DB::AuthGroupRight->new(right => $_, granted => 1) } SL::Auth::all_rights() ],
+ rights => [ map { SL::DB::AuthGroupRight->new(right => $_, granted => 1) } $::auth->all_rights ],
)->save;
}
- if (!$self->apply_dbupgrade_scripts) {
- $self->action_login;
- }
+ $self->action_login unless $scripts_applied;
}
#
sub action_new_user {
my ($self) = @_;
+ my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager});
$self->user(SL::DB::AuthUser->new(
config_values => {
- vclimit => 200,
- countrycode => "de",
- numberformat => "1.000,00",
- dateformat => "dd.mm.yy",
+ countrycode => $defaults->language('de'),
+ numberformat => $defaults->numberformat('1.000,00'),
+ dateformat => $defaults->dateformat('dd.mm.yy'),
stylesheet => "kivitendo.css",
menustyle => "neu",
},
my $props = delete($params->{config_values}) || { };
my $is_new = !$params->{id};
+ # Assign empty arrays if the browser doesn't send those controls.
+ $params->{clients} ||= [];
+ $params->{groups} ||= [];
+
$self->user($is_new ? SL::DB::AuthUser->new : SL::DB::AuthUser->new(id => $params->{id})->load)
->assign_attributes(%{ $params })
->config_values({ %{ $self->user->config_values }, %{ $props } });
my @clients = @{ $self->user->clients || [] };
+ # backup user metadata (email, name, etc)
+ my $user_config_values_ref = $self->user->config_values();
+ my $login =$self->user->login;
+
if (!$self->user->delete) {
flash('error', t8('The user could not be deleted.'));
$self->edit_user_form(title => t8('Edit User'));
}
# Flag corresponding entries in 'employee' as deleted.
+ # and restore the most important user data in employee
+ # TODO try and catch the whole transaction {user->delete; update employee} {exception}
foreach my $client (@clients) {
my $dbh = $client->dbconnect(AutoCommit => 1) || next;
- $dbh->do(qq|UPDATE employee SET deleted = TRUE WHERE login = ?|, undef, $self->user->login);
+ $dbh->do(qq|UPDATE employee SET deleted = TRUE, name = ?, deleted_email = ?,
+ deleted_tel = ?, deleted_fax = ?, deleted_signature = ? WHERE login = ?|,undef,
+ $user_config_values_ref->{name}, $user_config_values_ref->{email},
+ $user_config_values_ref->{tel}, $user_config_values_ref->{fax},
+ $user_config_values_ref->{signature}, $self->user->login);
$dbh->disconnect;
}
my $params = delete($::form->{client}) || { };
my $is_new = !$params->{id};
+ # Assign empty arrays if the browser doesn't send those controls.
+ $params->{groups} ||= [];
+ $params->{users} ||= [];
+
$self->client($is_new ? SL::DB::AuthClient->new : SL::DB::AuthClient->new(id => $params->{id})->load)->assign_attributes(%{ $params });
my @errors = $self->client->validate;
my $params = delete($::form->{group}) || { };
my $is_new = !$params->{id};
+ # Assign empty arrays if the browser doesn't send those controls.
+ $params->{clients} ||= [];
+ $params->{users} ||= [];
+
$self->group($is_new ? SL::DB::AuthGroup->new : SL::DB::AuthGroup->new(id => $params->{id})->load)->assign_attributes(%{ $params });
my @errors = $self->group->validate;
# actions: database administration
#
-sub action_database_administration {
+sub action_create_dataset_login {
my ($self) = @_;
- $::form->{dbhost} ||= $::auth->{DB_config}->{host} || 'localhost';
- $::form->{dbport} ||= $::auth->{DB_config}->{port} || 5432;
- $::form->{dbuser} ||= $::auth->{DB_config}->{user} || 'kivitendo';
- $::form->{dbpasswd} ||= $::auth->{DB_config}->{password};
- $::form->{dbdefault} ||= 'template1';
-
- $self->render('admin/dbadmin', title => t8('Database Administration'));
+ $self->database_administration_login_form(
+ title => t8('Create Dataset'),
+ next_action => 'create_dataset',
+ );
}
sub action_create_dataset {
my ($self) = @_;
- $self->create_dataset_form;
+
+ my %superuser = $self->check_database_superuser_privileges(no_credentials_not_an_error => 1);
+ $self->create_dataset_form(superuser => \%superuser);
}
sub action_do_create_dataset {
my ($self) = @_;
+ my %superuser = $self->check_database_superuser_privileges;
+
my @errors;
push @errors, t8("Dataset missing!") if !$::form->{db};
push @errors, t8("Default currency missing!") if !$::form->{defaultcurrency};
+ push @errors, $superuser{error} if !$superuser{have_privileges} && $superuser{error};
if (@errors) {
flash('error', @errors);
- return $self->create_dataset_form;
+ return $self->create_dataset_form(superuser => \%superuser);
}
$::form->{encoding} = 'UNICODE';
User->new->dbcreate($::form);
flash_later('info', t8("The dataset #1 has been created.", $::form->{db}));
- $self->redirect_to(action => 'database_administration');
+ $self->redirect_to(action => 'show');
+}
+
+sub action_delete_dataset_login {
+ my ($self) = @_;
+
+ $self->database_administration_login_form(
+ title => t8('Delete Dataset'),
+ next_action => 'delete_dataset',
+ );
}
sub action_delete_dataset {
if (@errors) {
flash('error', @errors);
- return $self->create_dataset_form;
+ return $self->delete_dataset_form;
}
User->new->dbdelete($::form);
flash_later('info', t8("The dataset #1 has been deleted.", $::form->{db}));
- $self->redirect_to(action => 'database_administration');
+ $self->redirect_to(action => 'show');
}
#
# actions: locking, unlocking
#
+sub action_show_lock {
+ my ($self) = @_;
+
+ $self->render(
+ "admin/show_lock",
+ title => "kivitendo " . t8('Administration'),
+ );
+}
+
sub action_unlock_system {
my ($self) = @_;
sub action_lock_system {
my ($self) = @_;
- SL::System::InstallationLock->unlock;
+ SL::System::InstallationLock->lock;
flash_later('info', t8('Lockfile created!'));
$self->redirect_to(action => 'show');
}
sub init_db_cfg { $::lx_office_conf{'authentication/database'} }
sub init_is_locked { SL::System::InstallationLock->is_locked }
-sub init_client { SL::DB::Manager::AuthClient->find_by(id => ($::form->{id} || ($::form->{client} || {})->{id})) }
+sub init_client { SL::DB::Manager::AuthClient->find_by(id => (($::form->{client} || {})->{id} || $::form->{id})) }
sub init_user { SL::DB::AuthUser ->new(id => ($::form->{id} || ($::form->{user} || {})->{id}))->load }
sub init_group { SL::DB::AuthGroup ->new(id => ($::form->{id} || ($::form->{group} || {})->{id}))->load }
sub init_printer { SL::DB::Printer ->new(id => ($::form->{id} || ($::form->{printer} || {})->{id}))->load }
sub init_all_groups { SL::DB::Manager::AuthGroup ->get_all_sorted }
sub init_all_printers { SL::DB::Manager::Printer ->get_all_sorted }
sub init_all_dateformats { [ qw(mm/dd/yy dd/mm/yy dd.mm.yy yyyy-mm-dd) ] }
-sub init_all_numberformats { [ qw(1,000.00 1000.00 1.000,00 1000,00) ] }
+sub init_all_numberformats { [ '1,000.00', '1000.00', '1.000,00', '1000,00', "1'000.00" ] }
sub init_all_stylesheets { [ qw(lx-office-erp.css Mobile.css kivitendo.css) ] }
sub init_all_dbsources { [ sort User->dbsources($::form) ] }
-sub init_all_unused_dbsources { [ sort User->dbsources_unused($::form) ] }
+sub init_all_used_dbsources { { map { (join(':', $_->dbhost || 'localhost', $_->dbport || 5432, $_->dbname) => $_->name) } @{ $_[0]->all_clients } } }
sub init_all_accounting_methods { [ { id => 'accrual', name => t8('Accrual accounting') }, { id => 'cash', name => t8('Cash accounting') } ] }
sub init_all_inventory_systems { [ { id => 'perpetual', name => t8('Perpetual inventory') }, { id => 'periodic', name => t8('Periodic inventory') } ] }
sub init_all_profit_determinations { [ { id => 'balance', name => t8('Balancing') }, { id => 'income', name => t8('Cash basis accounting') } ] }
my (@sections, $current_section);
foreach my $entry ($::auth->all_rights_full) {
- if ($entry->[0] =~ m/^--/) {
- push @sections, { description => $entry->[1], rights => [] };
+ if ($entry->[2]) {
+ push @sections, { description => t8($entry->[1]), rights => [] };
} elsif (@sections) {
push @{ $sections[-1]->{rights} }, {
name => $entry->[0],
- description => $entry->[1],
+ description => t8($entry->[1]),
};
} else {
sub setup_layout {
my ($self, $action) = @_;
+ my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager});
$::request->layout(SL::Layout::Dispatcher->new(style => 'admin'));
- $::request->layout->use_stylesheet("lx-office-erp.css");
$::form->{favicon} = "favicon.ico";
+ %::myconfig = (
+ countrycode => $defaults->language('de'),
+ numberformat => $defaults->numberformat('1.000,00'),
+ dateformat => $defaults->dateformat('dd.mm.yy'),
+ ) if !%::myconfig;
}
sub setup_client {
my ($self) = @_;
- $self->client((first { $_->is_default } @{ $self->all_clients }) || $self->all_clients->[0]) if !$self->client;
- $::auth->set_client($self->client->id);
+ $self->client(SL::DB::Manager::AuthClient->get_default || $self->all_clients->[0]) if !$self->client;
+ $::auth->set_client($self->client->id) if $self->client;
}
-
#
# displaying forms
#
return $self;
}
+sub use_ckeditor_js {
+ my ($self) = @_;
+
+ $::request->{layout}->use_javascript("${_}.js") for qw(ckeditor/ckeditor ckeditor/adapters/jquery);
+ return $self;
+}
+
sub login_form {
my ($self, %params) = @_;
- $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $::form->read_version), %params);
+ $::request->layout(SL::Layout::AdminLogin->new);
+ my $version = SL::Version->get_version;
+ $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $version), %params, version => $version );
}
sub edit_user_form {
my ($self, %params) = @_;
- $self->use_multiselect_js->render('admin/edit_user', %params);
+ $self->use_multiselect_js->use_ckeditor_js->render('admin/edit_user', %params);
}
sub edit_client_form {
$self->render('admin/edit_printer', %params);
}
+sub database_administration_login_form {
+ my ($self, %params) = @_;
+
+ $self->render(
+ 'admin/dbadmin',
+ dbhost => $::form->{dbhost} || $::auth->{DB_config}->{host} || 'localhost',
+ dbport => $::form->{dbport} || $::auth->{DB_config}->{port} || 5432,
+ dbuser => $::form->{dbuser} || $::auth->{DB_config}->{user} || 'kivitendo',
+ dbpasswd => $::form->{dbpasswd} || $::auth->{DB_config}->{password},
+ dbdefault => $::form->{dbdefault} || 'template1',
+ %params,
+ );
+}
+
sub create_dataset_form {
my ($self, %params) = @_;
- $self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')));
+
+ my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager});
+ $::form->{favicon} = "favicon.ico";
+ $::form->{countrymode} = $defaults->country('DE');
+ $::form->{chart} = $defaults->chart_of_accounts('Germany-DATEV-SKR03EU');
+ $::form->{defaultcurrency} = $defaults->currency('EUR');
+ $::form->{precision} = $defaults->precision(0.01);
+ $::form->{accounting_method} = $defaults->accounting_method('cash');
+ $::form->{inventory_system} = $defaults->inventory_system('periodic');
+ $::form->{profit_determination} = $defaults->profit_determination('balance');
+ $::form->{feature_balance} = $defaults->feature_balance(1);
+ $::form->{feature_datev} = $defaults->feature_datev(1);
+ $::form->{feature_erfolgsrechnung} = $defaults->feature_erfolgsrechnung(0);
+ $::form->{feature_eurechnung} = $defaults->feature_eurechnung(1);
+ $::form->{feature_ustva} = $defaults->feature_ustva(1);
+
+ $self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')), superuser => $params{superuser});
}
sub delete_dataset_form {
return undef;
}
+sub is_user_used_for_task_server {
+ my ($self, $user) = @_;
+
+ return undef if !$user;
+ return join ', ', sort_by { lc } map { $_->name } @{ SL::DB::Manager::AuthClient->get_all(where => [ task_server_user_id => $user->id ]) };
+}
+
+sub check_database_superuser_privileges {
+ my ($self, %params) = @_;
+
+ my %dbconnect_form = %{ $::form };
+ my %result = (
+ username => $dbconnect_form{dbuser},
+ password => $dbconnect_form{dbpasswd},
+ );
+
+ my $check_privileges = sub {
+ my $dbh = SL::DBConnect->connect($dbconnect_form{dbconnect}, $result{username}, $result{password}, SL::DBConnect->get_options);
+ return (error => $::locale->text('The credentials (username & password) for connecting database are wrong.')) if !$dbh;
+
+ my $is_superuser = SL::DBUtils::role_is_superuser($dbh, $result{username});
+
+ $dbh->disconnect;
+
+ return (have_privileges => $is_superuser);
+ };
+
+ User::dbconnect_vars(\%dbconnect_form, $dbconnect_form{dbdefault});
+
+ %result = (
+ %result,
+ $check_privileges->(),
+ );
+
+ if (!$result{have_privileges}) {
+ $result{username} = $::form->{database_superuser_user};
+ $result{password} = $::form->{database_superuser_password};
+
+ if ($::form->{database_superuser_user}) {
+ %result = (
+ %result,
+ $check_privileges->(),
+ );
+ }
+ }
+
+ if ($result{have_privileges}) {
+ $::auth->set_session_value(database_superuser_username => $result{username}, database_superuser_password => $result{password});
+ return %result;
+ }
+
+ $::auth->delete_session_value(qw(database_superuser_username database_superuser_password));
+
+ return () if !$::form->{database_superuser_user} && $params{no_credentials_not_an_error};
+ return (%result, error => $::locale->text('No superuser credentials were entered.')) if !$::form->{database_superuser_user};
+ return %result if $result{error};
+ return (%result, error => $::locale->text('The database user \'#1\' does not have superuser privileges.', $result{username}));
+}
+
1;