use SL::DB::AuthUser;
use SL::DB::AuthGroup;
use SL::DB::Printer;
+use SL::DBUtils ();
use SL::Helper::Flash;
use SL::Locale::String qw(t8);
use SL::System::InstallationLock;
use SL::User;
+use SL::Version;
use SL::Layout::AdminLogin;
use Rose::Object::MakeMethods::Generic
__PACKAGE__->run_before(\&setup_client, only => [ qw(list_printers new_printer edit_printer save_printer delete_printer) ]);
sub get_auth_level { "admin" };
-sub keep_auth_vars {
+sub keep_auth_vars_in_form {
my ($class, %params) = @_;
return $params{action} eq 'login';
}
$::auth->set_session_value('admin_password', $::lx_office_conf{authentication}->{admin_password});
$::auth->create_or_refresh_session;
- return if $self->apply_dbupgrade_scripts;
+ my $scripts_applied = $self->apply_dbupgrade_scripts;
- my $group = (SL::DB::Manager::AuthGroup->get_all(limit => 1))[0];
- if (!$group) {
+ if (! SL::DB::Manager::AuthGroup->get_all_count) {
SL::DB::AuthGroup->new(
name => t8('Full Access'),
description => t8('Full access to all functions'),
)->save;
}
- $self->action_login;
+ $self->action_login unless $scripts_applied;
}
#
my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager});
$self->user(SL::DB::AuthUser->new(
config_values => {
- vclimit => 200,
countrycode => $defaults->language('de'),
numberformat => $defaults->numberformat('1.000,00'),
dateformat => $defaults->dateformat('dd.mm.yy'),
sub action_create_dataset {
my ($self) = @_;
- $self->create_dataset_form;
+
+ my %superuser = $self->check_database_superuser_privileges(no_credentials_not_an_error => 1);
+ $self->create_dataset_form(superuser => \%superuser);
}
sub action_do_create_dataset {
my ($self) = @_;
+ my %superuser = $self->check_database_superuser_privileges;
+
my @errors;
push @errors, t8("Dataset missing!") if !$::form->{db};
push @errors, t8("Default currency missing!") if !$::form->{defaultcurrency};
+ push @errors, $superuser{error} if !$superuser{have_privileges} && $superuser{error};
if (@errors) {
flash('error', @errors);
- return $self->create_dataset_form;
+ return $self->create_dataset_form(superuser => \%superuser);
}
$::form->{encoding} = 'UNICODE';
if (@errors) {
flash('error', @errors);
- return $self->create_dataset_form;
+ return $self->delete_dataset_form;
}
User->new->dbdelete($::form);
my ($self) = @_;
$self->client(SL::DB::Manager::AuthClient->get_default || $self->all_clients->[0]) if !$self->client;
- $::auth->set_client($self->client->id);
+ $::auth->set_client($self->client->id) if $self->client;
}
#
return $self;
}
+sub use_ckeditor_js {
+ my ($self) = @_;
+
+ $::request->{layout}->use_javascript("${_}.js") for qw(ckeditor/ckeditor ckeditor/adapters/jquery);
+ return $self;
+}
+
sub login_form {
my ($self, %params) = @_;
$::request->layout(SL::Layout::AdminLogin->new);
- my $version = $::form->read_version;
- $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $version), %params, version => $version);
+ my $version = SL::Version->get_version;
+ $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $version), %params, version => $version );
}
sub edit_user_form {
my ($self, %params) = @_;
- $self->use_multiselect_js->render('admin/edit_user', %params);
+ $self->use_multiselect_js->use_ckeditor_js->render('admin/edit_user', %params);
}
sub edit_client_form {
my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager});
$::form->{favicon} = "favicon.ico";
- $::form->{countrymode} = $defaults->country('DE');
- $::form->{chart} = $defaults->chart_of_accounts('Germany-DATEV-SKR03EU');
- $::form->{defaultcurrency} = $defaults->currency('EUR');
- $::form->{precision} = $defaults->precision(0.01);
- $::form->{accounting_method} = $defaults->accounting_method('cash');
- $::form->{inventory_system} = $defaults->inventory_system('periodic');
- $::form->{profit_determination} = $defaults->profit_determination('balance');
-
- $self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')));
+ $::form->{countrymode} = $defaults->country('DE');
+ $::form->{chart} = $defaults->chart_of_accounts('Germany-DATEV-SKR03EU');
+ $::form->{defaultcurrency} = $defaults->currency('EUR');
+ $::form->{precision} = $defaults->precision(0.01);
+ $::form->{accounting_method} = $defaults->accounting_method('cash');
+ $::form->{inventory_system} = $defaults->inventory_system('periodic');
+ $::form->{profit_determination} = $defaults->profit_determination('balance');
+ $::form->{feature_balance} = $defaults->feature_balance(1);
+ $::form->{feature_datev} = $defaults->feature_datev(1);
+ $::form->{feature_erfolgsrechnung} = $defaults->feature_erfolgsrechnung(0);
+ $::form->{feature_eurechnung} = $defaults->feature_eurechnung(1);
+ $::form->{feature_ustva} = $defaults->feature_ustva(1);
+
+ $self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')), superuser => $params{superuser});
}
sub delete_dataset_form {
return join ', ', sort_by { lc } map { $_->name } @{ SL::DB::Manager::AuthClient->get_all(where => [ task_server_user_id => $user->id ]) };
}
+sub check_database_superuser_privileges {
+ my ($self, %params) = @_;
+
+ my %dbconnect_form = %{ $::form };
+ my %result = (
+ username => $dbconnect_form{dbuser},
+ password => $dbconnect_form{dbpasswd},
+ );
+
+ my $check_privileges = sub {
+ my $dbh = SL::DBConnect->connect($dbconnect_form{dbconnect}, $result{username}, $result{password}, SL::DBConnect->get_options);
+ return (error => $::locale->text('The credentials (username & password) for connecting database are wrong.')) if !$dbh;
+
+ my $is_superuser = SL::DBUtils::role_is_superuser($dbh, $result{username});
+
+ $dbh->disconnect;
+
+ return (have_privileges => $is_superuser);
+ };
+
+ User::dbconnect_vars(\%dbconnect_form, $dbconnect_form{dbdefault});
+
+ %result = (
+ %result,
+ $check_privileges->(),
+ );
+
+ if (!$result{have_privileges}) {
+ $result{username} = $::form->{database_superuser_user};
+ $result{password} = $::form->{database_superuser_password};
+
+ if ($::form->{database_superuser_user}) {
+ %result = (
+ %result,
+ $check_privileges->(),
+ );
+ }
+ }
+
+ if ($result{have_privileges}) {
+ $::auth->set_session_value(database_superuser_username => $result{username}, database_superuser_password => $result{password});
+ return %result;
+ }
+
+ $::auth->delete_session_value(qw(database_superuser_username database_superuser_password));
+
+ return () if !$::form->{database_superuser_user} && $params{no_credentials_not_an_error};
+ return (%result, error => $::locale->text('No superuser credentials were entered.')) if !$::form->{database_superuser_user};
+ return %result if $result{error};
+ return (%result, error => $::locale->text('The database user \'#1\' does not have superuser privileges.', $result{username}));
+}
1;