package Menu;
+use SL::Auth;
+use SL::Inifile;
+
+use strict;
+
sub new {
$main::lxdebug->enter_sub();
- my ($type, $menufile, $level) = @_;
+ my ($type, @menufiles) = @_;
+ my $self = bless {}, $type;
+
+ my @order;
+
+ foreach my $menufile (grep { -f } @menufiles) {
+ my $inifile = Inifile->new($menufile);
+
+ push @order, @{ delete($inifile->{ORDER}) || [] };
+ $self->{$_} = $inifile->{$_} for keys %{ $inifile };
+ }
+
+ $self->{ORDER} = \@order;
- use SL::Inifile;
- my $self = Inifile->new($menufile, $level);
+ $self->set_access();
$main::lxdebug->leave_sub();
- bless $self, $type;
+ return $self;
}
-sub menuitem {
- $main::lxdebug->enter_sub();
+sub menuitem_new {
+ $main::lxdebug->enter_sub(LXDebug::DEBUG2());
- my ($self, $myconfig, $form, $item) = @_;
+ my ($self, $name, $item) = @_;
- my $module = $form->{script};
- my $action = "section_menu";
- my $target = "";
+ my $form = $main::form;
+ my $myconfig = \%main::myconfig;
- if ($self->{$item}{module}) {
- $module = $self->{$item}{module};
- }
- if ($self->{$item}{action}) {
- $action = $self->{$item}{action};
- }
- if ($self->{$item}{target}) {
- $target = $self->{$item}{target};
- }
+ my $module = $self->{$name}->{module} || $form->{script};
+ my $action = $self->{$name}->{action};
- my $level = $form->escape($item);
+ $item->{target} = $self->{$name}->{target} || "main_window";
+ $item->{href} = $self->{$name}->{href} || "${module}?action=" . $form->escape($action);
- my $str =
- qq|<a href=$module?path=$form->{path}&action=$action&level=$level&login=$form->{login}&password=$form->{password}|;
+ my @vars = qw(module target href);
+ push @vars, 'action' unless ($self->{$name}->{href});
- my @vars = qw(module action target href);
+ map { delete $self->{$name}{$_} } @vars;
- if ($self->{$item}{href}) {
- $str = qq|<a href=$self->{$item}{href}|;
- @vars = qw(module target href);
+ # add other params
+ foreach my $key (keys %{ $self->{$name} }) {
+ my ($value, $conf) = split(m/=/, $self->{$name}->{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
+ $item->{href} .= "&" . $form->escape($key) . "=" . $form->escape($value);
}
- map { delete $self->{$item}{$_} } @vars;
+ $main::lxdebug->leave_sub(LXDebug::DEBUG2());
+}
- # add other params
- foreach my $key (keys %{ $self->{$item} }) {
- $str .= "&" . $form->escape($key, 1) . "=";
- ($value, $conf) = split /=/, $self->{$item}{$key}, 2;
- $value = $myconfig->{$value} . "/$conf" if ($conf);
- $str .= $form->escape($value, 1);
- }
+sub access_control {
+ $main::lxdebug->enter_sub(2);
- if ($target) {
- $str .= qq| target=$target|;
- }
+ my ($self, $myconfig, $menulevel) = @_;
- $str .= ">";
+ my @menu = ();
- $main::lxdebug->leave_sub();
+ if (!$menulevel) {
+ @menu = grep { !/--/ } @{ $self->{ORDER} };
+ } else {
+ @menu = grep { /^${menulevel}--/ } @{ $self->{ORDER} };
+ }
- return $str;
+ $main::lxdebug->leave_sub(2);
+
+ return @menu;
}
-sub menuitemNew {
- my ($self, $myconfig, $form, $item) = @_;
+sub parse_access_string {
+ my $self = shift;
+ my $key = shift;
+ my $access = shift;
- my $module = $form->{script};
- my $action = "section_menu";
+ my $form = $main::form;
+ my $auth = $main::auth;
+ my $myconfig = \%main::myconfig;
- #if ($self->{$item}{module}) {
- $module = $self->{$item}{module};
+ my @stack;
+ my $cur_ary = [];
- #}
- if ($self->{$item}{action}) {
- $action = $self->{$item}{action};
- }
+ push @stack, $cur_ary;
+
+ while ($access =~ m/^([a-z_]+|\||\&|\(|\)|\s+)/) {
+ my $token = $1;
+ substr($access, 0, length($1)) = "";
+
+ next if ($token =~ /\s/);
+
+ if ($token eq "(") {
+ my $new_cur_ary = [];
+ push @stack, $new_cur_ary;
+ push @{$cur_ary}, $new_cur_ary;
+ $cur_ary = $new_cur_ary;
+
+ } elsif ($token eq ")") {
+ pop @stack;
+ if (!@stack) {
+ $form->error("Error in menu.ini for entry ${key}: missing '('");
+ }
+ $cur_ary = $stack[-1];
- my $level = $form->escape($item);
- my $str =
- qq|$module?path=$form->{path}&action=$action&level=$level&login=$form->{login}&password=$form->{password}|;
- my @vars = qw(module action target href);
+ } elsif (($token eq "|") || ($token eq "&")) {
+ push @{$cur_ary}, $token;
- if ($self->{$item}{href}) {
- $str = qq|$self->{$item}{href}|;
- @vars = qw(module target href);
+ } else {
+ push @{$cur_ary}, $auth->check_right($form->{login}, $token, 1);
+ }
}
- map { delete $self->{$item}{$_} } @vars;
+ if ($access) {
+ $form->error("Error in menu.ini for entry ${key}: unrecognized token at the start of '$access'\n");
+ }
- # add other params
- foreach my $key (keys %{ $self->{$item} }) {
- $str .= "&" . $form->escape($key, 1) . "=";
- ($value, $conf) = split /=/, $self->{$item}{$key}, 2;
- $value = $myconfig->{$value} . "/$conf" if ($conf);
- $str .= $form->escape($value, 1);
+ if (1 < scalar @stack) {
+ $main::form->error("Error in menu.ini for entry ${key}: Missing ')'\n");
}
- $str .= " ";
+ return SL::Auth::evaluate_rights_ary($stack[0]);
+}
+sub parse_instance_conf_string {
+ my ($self, $setting) = @_;
+ return $::instance_conf->data->{$setting};
}
-sub access_control {
- $main::lxdebug->enter_sub(2);
+sub set_access {
+ my $self = shift;
- my ($self, $myconfig, $menulevel) = @_;
+ my $key;
- my @menu = ();
+ foreach $key (@{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
- if ($menulevel eq "") {
- @menu = grep { !/--/ } @{ $self->{ORDER} };
- } else {
- @menu = grep { /^${menulevel}--/ } @{ $self->{ORDER} };
- }
+ $entry->{GRANTED} = $entry->{ACCESS} ? $self->parse_access_string($key, $entry->{ACCESS}) : 1;
+ $entry->{GRANTED} &&= $self->parse_instance_conf_string($entry->{INSTANCE_CONF}) if $entry->{INSTANCE_CONF};
+ $entry->{IS_MENU} = $entry->{submenu} || ($key !~ m/--/);
+ $entry->{NUM_VISIBLE_CHILDREN} = 0;
+
+ if ($key =~ m/--/) {
+ my $parent = $key;
+ substr($parent, rindex($parent, '--')) = '';
+ $entry->{GRANTED} &&= $self->{$parent}->{GRANTED};
+ }
- my @a = split /;/, $myconfig->{acs};
- my %excl;
+ $entry->{VISIBLE} = $entry->{GRANTED};
+ }
- map { $excl{$_} = 1 } @a;
+ foreach $key (reverse @{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
- @a = ();
- map { push @a, $_ unless $excl{$_} } (@menu);
+ if ($entry->{IS_MENU}) {
+ $entry->{VISIBLE} &&= $entry->{NUM_VISIBLE_CHILDREN} > 0;
+ }
- $main::lxdebug->leave_sub(2);
+ next if (($key !~ m/--/) || !$entry->{VISIBLE});
- return @a;
-}
+ my $parent = $key;
+ substr($parent, rindex($parent, '--')) = '';
+ $self->{$parent}->{NUM_VISIBLE_CHILDREN}++;
+ }
-sub generate_acl {
- my ($self, $menulevel, $hash) = @_;
+# $self->dump_visible();
- my @items = $self->access_control(\%main::myconfig, $menulevel);
+ $self->{ORDER} = [ grep { $self->{$_}->{VISIBLE} } @{ $self->{ORDER} } ];
- $menulevel =~ s/[^A-Za-z_\/\.\+\-]/_/g;
- $hash->{"access_" . lc($menulevel)} = 1 if ($menulevel);
+ { no strict 'refs';
+ # ToDO: fix this. nuke and pave algorithm without type checking screams for problems.
+ map { delete @{$self->{$_}}{qw(GRANTED IS_MENU NUM_VISIBLE_CHILDREN VISIBLE ACCESS)} if ($_ ne 'ORDER') } keys %{ $self };
+ }
+}
- foreach my $item (@items) {
- $self->generate_acl($item, $hash); #unless ($menulevel);
+sub dump_visible {
+ my $self = shift;
+ foreach my $key (@{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
+ $main::lxdebug->message(0, "$entry->{GRANTED} $entry->{VISIBLE} $entry->{NUM_VISIBLE_CHILDREN} $key");
}
}
projects / kivitendo-erp.git / blobdiff