# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
-#
+#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
package Menu;
+use SL::Auth;
+use SL::Inifile;
+
+use strict;
sub new {
$main::lxdebug->enter_sub();
- my ($type, $menufile, $level) = @_;
+ my ($type, $menufile) = @_;
- use SL::Inifile;
- my $self = Inifile->new($menufile, $level);
-
- $main::lxdebug->leave_sub();
+ my $self = {};
+ my $inifile = Inifile->new($menufile);
+
+ map { $self->{$_} = $inifile->{$_} } keys %{ $inifile };
bless $self, $type;
-}
+ $self->set_access();
+
+ $main::lxdebug->leave_sub();
+
+ return $self;
+}
sub menuitem {
$main::lxdebug->enter_sub();
my ($self, $myconfig, $form, $item) = @_;
+ my $module = $self->{$item}{module} || $form->{script};
+ my $action = $self->{$item}{action} || "section_menu";
+ my $target = $self->{$item}{target} || "";
+
+ my $level = $form->escape($item);
+
+ my $style = 'style="vertical-align:top"';
+ my $target_token = ($target)
+ ? "target='$target'" : '';
+
+ my $href = ($self->{$item}{href})
+ ? $form->escape($self->{$item}{href})
+ : "$module?action=$action&level=$level";
+
+ my @vars = ($self->{$item}{href})
+ ? qw(module target href)
+ : qw(module action target href);
+
+# map { delete $self->{$item}{$_} } @vars;
+
+ # add other params
+ foreach my $key (keys %{ $self->{$item} }) {
+ $href .= "&" . $form->escape($key, 1) . "=";
+ my ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
+ $href .= $form->escape($value, 1);
+ }
+
+ my $str = "<a href='$href' $target_token $style>";
+
+ $main::lxdebug->leave_sub();
+
+ return $str;
+}
+
+sub menuitem_js {
+ my ($self, $myconfig, $form, $item) = @_;
+
+ my $module = $form->{script};
+ my $action = "section_menu";
+
+ #if ($self->{$item}{module}) {
+ $module = $self->{$item}{module};
+
+ #}
+ if ($self->{$item}{action}) {
+ $action = $self->{$item}{action};
+ }
+
+ my $level = $form->escape($item);
+ my $str = qq|$module?action=$action&level=$level|;
+ my @vars = qw(module action target href);
+
+ if ($self->{$item}{href}) {
+ $str = qq|$self->{$item}{href}|;
+ @vars = qw(module target href);
+ }
+
+ map { delete $self->{$item}{$_} } @vars;
+
+ # add other params
+ foreach my $key (keys %{ $self->{$item} }) {
+ $str .= "&" . $form->escape($key, 1) . "=";
+ my ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
+ $str .= $form->escape($value, 1);
+ }
+
+ $str .= " ";
+
+}
+
+sub menuitem_new {
+ $main::lxdebug->enter_sub();
+
+ my ($self, $name, $item) = @_;
+
+ my $form = $main::form;
+ my $myconfig = \%main::myconfig;
+
+ my $module = $self->{$name}->{module} || $form->{script};
+ my $action = $self->{$name}->{action};
+
+ $item->{target} = $self->{$name}->{target} || "main_window";
+ $item->{href} = $self->{$name}->{href} || "${module}?action=" . $form->escape($action);
+
+ my @vars = qw(module target href);
+ push @vars, 'action' unless ($self->{$name}->{href});
+
+ map { delete $self->{$name}{$_} } @vars;
+
+ # add other params
+ foreach my $key (keys %{ $self->{$name} }) {
+ my ($value, $conf) = split(m/=/, $self->{$name}->{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
+ $item->{href} .= "&" . $form->escape($key) . "=" . $form->escape($value);
+ }
+
+ $main::lxdebug->leave_sub();
+}
+
+sub menuitem_v3 {
+ $main::lxdebug->enter_sub();
+
+ my ($self, $myconfig, $form, $item, $other) = @_;
+
my $module = $form->{script};
my $action = "section_menu";
my $target = "";
}
my $level = $form->escape($item);
- my $str = qq|<a href=$module?path=$form->{path}&action=$action&level=$level&login=$form->{login}&password=$form->{password}|;
+
+ my $str = qq|<a href="$module?action=| . $form->escape($action) . qq|&level=| . $form->escape($level);
+
my @vars = qw(module action target href);
-
+
if ($self->{$item}{href}) {
- $str = qq|<a href=$self->{$item}{href}|;
+ $str
= qq|<a href=$self->{$item}{href}|;
@vars = qw(module target href);
}
map { delete $self->{$item}{$_} } @vars;
-
-
+
# add other params
foreach my $key (keys %{ $self->{$item} }) {
- $str .= "&".$form->escape($key,1)."=";
- ($value, $conf) = split /=/, $self->{$item}{$key}, 2;
- $value = $myconfig->{$value}."/$conf" if ($conf);
+ $str .= "&" . $form->escape($key, 1) . "=";
+ my ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
$str .= $form->escape($value, 1);
}
+ $str .= '"';
+
if ($target) {
- $str .= qq| target=$target|;
+ $str .= qq| target="| . $form->quote($target) . qq|"|;
+ }
+
+ if ($other) {
+ foreach my $key (keys(%{$other})) {
+ $str .= qq| ${key}="| . $form->quote($other->{$key}) . qq|"|;
+ }
}
$str .= ">";
return $str;
}
+sub menuitem_XML {
+ $main::lxdebug->enter_sub();
+
+ my ($self, $myconfig, $form, $item, $other) = @_;
+
+ my $module = $form->{script};
+ my $action = "section_menu";
+ my $target = "";
+
+ if ($self->{$item}{module}) {
+ $module = $self->{$item}{module};
+ }
+ if ($self->{$item}{action}) {
+ $action = $self->{$item}{action};
+ }
+ if ($self->{$item}{target}) {
+ $target = $self->{$item}{target};
+ }
+
+ my $level = $form->escape($item);
+
+ my $str = qq| link="$module?action=| . $form->escape($action) .
+ qq|&level=| . $form->escape($level);
+
+ my @vars = qw(module action target href);
+
+ if ($self->{$item}{href}) {
+ $str = qq| link=$self->{$item}{href}|;
+ @vars = qw(module target href);
+ }
+
+ map { delete $self->{$item}{$_} } @vars;
+
+ # add other params
+ foreach my $key (keys %{ $self->{$item} }) {
+ $str .= "&" . $form->escape($key, 1) . "=";
+ my ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
+ $str .= $form->escape($value, 1);
+ }
+
+ $str .= '"';
+
+
+
+ if ($other) {
+ foreach my $key (keys(%{$other})) {
+ $str .= qq| ${key}="| . $form->quote($other->{$key}) . qq|"|;
+ }
+ }
+
+
+ $main::lxdebug->leave_sub();
+
+ return $str;
+}
sub access_control {
- $main::lxdebug->enter_sub();
+ $main::lxdebug->enter_sub(2);
my ($self, $myconfig, $menulevel) = @_;
-
+
my @menu = ();
if ($menulevel eq "") {
@menu = grep { /^${menulevel}--/ } @{ $self->{ORDER} };
}
- my @a = split /;/, $myconfig->{acs};
- my $excl = ();
+ $main::lxdebug->leave_sub(2);
- # remove --AR, --AP from array
- grep { ($a, $b) = split /--/; s/--$a$//; } @a;
+ return @menu;
+}
- map { $excl{$_} = 1 } @a;
+sub parse_access_string {
+ my $self = shift;
+ my $key = shift;
+ my $access = shift;
- @a = ();
- map { push @a, $_ unless $excl{$_} } (@menu);
+ my $form = $main::form;
+ my $auth = $main::auth;
+ my $myconfig = \%main::myconfig;
- $main::lxdebug->leave_sub();
+ my @stack;
+ my $cur_ary = [];
+
+ push @stack, $cur_ary;
+
+ while ($access =~ m/^([a-z_]+|\||\&|\(|\)|\s+)/) {
+ my $token = $1;
+ substr($access, 0, length($1)) = "";
+
+ next if ($token =~ /\s/);
+
+ if ($token eq "(") {
+ my $new_cur_ary = [];
+ push @stack, $new_cur_ary;
+ push @{$cur_ary}, $new_cur_ary;
+ $cur_ary = $new_cur_ary;
+
+ } elsif ($token eq ")") {
+ pop @stack;
+ if (!@stack) {
+ $form->error("Error in menu.ini for entry ${key}: missing '('");
+ }
+ $cur_ary = $stack[-1];
+
+ } elsif (($token eq "|") || ($token eq "&")) {
+ push @{$cur_ary}, $token;
+
+ } else {
+ push @{$cur_ary}, $auth->check_right($form->{login}, $token, 1);
+ }
+ }
+
+ if ($access) {
+ $form->error("Error in menu.ini for entry ${key}: unrecognized token at the start of '$access'\n");
+ }
+
+ if (1 < scalar @stack) {
+ $main::form->error("Error in menu.ini for entry ${key}: Missing ')'\n");
+ }
- return @a;
+ return SL::Auth::evaluate_rights_ary($stack[0]);
}
+sub set_access {
+ my $self = shift;
+
+ my $key;
+
+ foreach $key (@{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
+
+ $entry->{GRANTED} = $entry->{ACCESS} ? $self->parse_access_string($key, $entry->{ACCESS}) : 1;
+ $entry->{IS_MENU} = $entry->{submenu} || ($key !~ m/--/);
+ $entry->{NUM_VISIBLE_CHILDREN} = 0;
+
+ if ($key =~ m/--/) {
+ my $parent = $key;
+ substr($parent, rindex($parent, '--')) = '';
+ $entry->{GRANTED} &&= $self->{$parent}->{GRANTED};
+ }
+
+ $entry->{VISIBLE} = $entry->{GRANTED};
+ }
+
+ foreach $key (reverse @{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
+
+ if ($entry->{IS_MENU}) {
+ $entry->{VISIBLE} &&= $entry->{NUM_VISIBLE_CHILDREN} > 0;
+ }
+
+ next if (($key !~ m/--/) || !$entry->{VISIBLE});
+
+ my $parent = $key;
+ substr($parent, rindex($parent, '--')) = '';
+ $self->{$parent}->{NUM_VISIBLE_CHILDREN}++;
+ }
+
+# $self->dump_visible();
+
+ $self->{ORDER} = [ grep { $self->{$_}->{VISIBLE} } @{ $self->{ORDER} } ];
+
+ { no strict 'refs';
+ # ToDO: fix this. nuke and pave algorithm without type checking screams for problems.
+ map { delete @{$self->{$_}}{qw(GRANTED IS_MENU NUM_VISIBLE_CHILDREN VISIBLE ACCESS)} if ($_ ne 'ORDER') } keys %{ $self };
+ }
+}
+
+sub dump_visible {
+ my $self = shift;
+ foreach my $key (@{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
+ $main::lxdebug->message(0, "$entry->{GRANTED} $entry->{VISIBLE} $entry->{NUM_VISIBLE_CHILDREN} $key");
+ }
+}
1;
projects / kivitendo-erp.git / blobdiff