X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;ds=inline;f=SL%2FMenu.pm;h=4b470cabc56a0e0df147129fecb4f926ea320e0e;hb=7d98492f4bc7b6bc456e2233d452797bbd3fef25;hp=044ce9b798ea3a3a05f4a31d05b7821f8079f8ba;hpb=d629acd82a27e980899a044ca8b0f4becc8e94bb;p=kivitendo-erp.git
diff --git a/SL/Menu.pm b/SL/Menu.pm
index 044ce9b79..4b470cabc 100644
--- a/SL/Menu.pm
+++ b/SL/Menu.pm
@@ -34,17 +34,26 @@
package Menu;
+use SL::Auth;
+use SL::Inifile;
+
sub new {
$main::lxdebug->enter_sub();
- my ($type, $menufile, $level) = @_;
+ my ($type, $menufile) = @_;
- use SL::Inifile;
- my $self = Inifile->new($menufile, $level);
+ my $self = {};
+ my $inifile = Inifile->new($menufile);
- $main::lxdebug->leave_sub();
+ map { $self->{$_} = $inifile->{$_} } keys %{ $inifile };
bless $self, $type;
+
+ $self->set_access();
+
+ $main::lxdebug->leave_sub();
+
+ return $self;
}
sub menuitem {
@@ -68,8 +77,7 @@ sub menuitem {
my $level = $form->escape($item);
- my $str =
- qq|{login}&password=$form->{password}|;
+ my $str = qq|{script};
+ my $action = "section_menu";
+
+ #if ($self->{$item}{module}) {
+ $module = $self->{$item}{module};
+
+ #}
+ if ($self->{$item}{action}) {
+ $action = $self->{$item}{action};
+ }
+
+ my $level = $form->escape($item);
+ my $str =
+ qq|$module?action=$action&level=$level&login=$form->{login}&password=$form->{password}|;
+ my @vars = qw(module action target href);
+
+ if ($self->{$item}{href}) {
+ $str = qq|$self->{$item}{href}|;
+ @vars = qw(module target href);
+ }
+
+ map { delete $self->{$item}{$_} } @vars;
+
+ # add other params
+ foreach my $key (keys %{ $self->{$item} }) {
+ $str .= "&" . $form->escape($key, 1) . "=";
+ ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
+ $str .= $form->escape($value, 1);
+ }
+
+ $str .= " ";
+
+}
+
+sub menuitem_new {
+ $main::lxdebug->enter_sub();
+
+ my ($self, $name, $item) = @_;
+
+ my $form = $main::form;
+
+ my $module = $self->{$name}->{module} || $form->{script};
+ my $action = $self->{$name}->{action};
+
+ $item->{target} = $self->{$name}->{target} || "main_window";
+ $item->{href} = $self->{$name}->{href} || "${module}?action=" . $form->escape($action);
+
+ my @vars = qw(module target href);
+ push @vars, 'action' unless ($self->{$name}->{href});
+
+ map { delete $self->{$name}{$_} } @vars;
+
+ # add other params
+ foreach my $key (keys %{ $self->{$name} }) {
+ my ($value, $conf) = split(m/=/, $self->{$name}->{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
+ $item->{href} .= "&" . $form->escape($key) . "=" . $form->escape($value);
+ }
+
+ $main::lxdebug->leave_sub();
+}
+
sub menuitem_v3 {
$main::lxdebug->enter_sub();
@@ -120,9 +194,7 @@ sub menuitem_v3 {
my $level = $form->escape($item);
- my $str = qq|escape($form->{$_}); } qw(login password));
+ my $str = qq|{$item}{module}) {
- $module = $self->{$item}{module};
-
- #}
+ if ($self->{$item}{module}) {
+ $module = $self->{$item}{module};
+ }
if ($self->{$item}{action}) {
$action = $self->{$item}{action};
}
+ if ($self->{$item}{target}) {
+ $target = $self->{$item}{target};
+ }
my $level = $form->escape($item);
- my $str =
- qq|$module?action=$action&level=$level&login=$form->{login}&password=$form->{password}|;
+
+ my $str = qq| link="$module?action=| . $form->escape($action) .
+ qq|&level=| . $form->escape($level);
+
my @vars = qw(module action target href);
if ($self->{$item}{href}) {
- $str = qq|$self->{$item}{href}|;
+ $str = qq| link=$self->{$item}{href}|;
@vars = qw(module target href);
}
@@ -188,14 +267,26 @@ sub menuitemNew {
# add other params
foreach my $key (keys %{ $self->{$item} }) {
- $str .= "&" . $form->escape($key, 1) . "=";
+ $str .= "&" . $form->escape($key, 1) . "=";
($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
$value = $myconfig->{$value} . "/$conf" if ($conf);
$str .= $form->escape($value, 1);
}
- $str .= " ";
+ $str .= '"';
+
+
+ if ($other) {
+ foreach my $key (keys(%{$other})) {
+ $str .= qq| ${key}="| . $form->quote($other->{$key}) . qq|"|;
+ }
+ }
+
+
+ $main::lxdebug->leave_sub();
+
+ return $str;
}
sub access_control {
@@ -211,32 +302,106 @@ sub access_control {
@menu = grep { /^${menulevel}--/ } @{ $self->{ORDER} };
}
- my @a = split(/;/, $myconfig->{acs});
- my $excl = ();
+ $main::lxdebug->leave_sub(2);
+
+ return @menu;
+}
- # remove --AR, --AP from array
- grep { ($a, $b) = split(/--/); s/--$a$//; } @a;
+sub parse_access_string {
+ my $self = shift;
+ my $key = shift;
+ my $access = shift;
- map { $excl{$_} = 1 } @a;
+ my @stack;
+ my $cur_ary = [];
- @a = ();
- map { push @a, $_ unless $excl{$_} } (@menu);
+ push @stack, $cur_ary;
- $main::lxdebug->leave_sub(2);
+ while ($access =~ m/^([a-z_]+|\||\&|\(|\)|\s+)/) {
+ my $token = $1;
+ substr($access, 0, length($1)) = "";
+
+ next if ($token =~ /\s/);
+
+ if ($token eq "(") {
+ my $new_cur_ary = [];
+ push @stack, $new_cur_ary;
+ push @{$cur_ary}, $new_cur_ary;
+ $cur_ary = $new_cur_ary;
+
+ } elsif ($token eq ")") {
+ pop @stack;
+ if (!@stack) {
+ $main::form->error("Error in menu.ini for entry ${key}: missing '('");
+ }
+ $cur_ary = $stack[-1];
+
+ } elsif (($token eq "|") || ($token eq "&")) {
+ push @{$cur_ary}, $token;
+
+ } else {
+ push @{$cur_ary}, $main::auth->check_right($main::form->{login}, $token, 1);
+ }
+ }
+
+ if ($access) {
+ $main::form->error("Error in menu.ini for entry ${name}: unrecognized token at the start of '$access'\n");
+ }
+
+ if (1 < scalar @stack) {
+ $main::form->error("Error in menu.ini for entry ${name}: Missing ')'\n");
+ }
- return @a;
+ return SL::Auth::evaluate_rights_ary($stack[0]);
}
-sub generate_acl {
- my ($self, $menulevel, $hash) = @_;
+sub set_access {
+ my $self = shift;
- my @items = $self->access_control(\%main::myconfig, $menulevel);
+ my $key;
- $menulevel =~ s/[^A-Za-z_\/\.\+\-]/_/g;
- $hash->{"access_" . lc($menulevel)} = 1 if ($menulevel);
+ foreach $key (@{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
+
+ $entry->{GRANTED} = $entry->{ACCESS} ? $self->parse_access_string($key, $entry->{ACCESS}) : 1;
+ $entry->{IS_MENU} = $entry->{submenu} || ($key !~ m/--/);
+ $entry->{NUM_VISIBLE_CHILDREN} = 0;
+
+ if ($key =~ m/--/) {
+ my $parent = $key;
+ substr($parent, rindex($parent, '--')) = '';
+ $entry->{GRANTED} &&= $self->{$parent}->{GRANTED};
+ }
+
+ $entry->{VISIBLE} = $entry->{GRANTED};
+ }
+
+ foreach $key (reverse @{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
+
+ if ($entry->{IS_MENU}) {
+ $entry->{VISIBLE} &&= $entry->{NUM_VISIBLE_CHILDREN} > 0;
+ }
+
+ next if (($key !~ m/--/) || !$entry->{VISIBLE});
+
+ my $parent = $key;
+ substr($parent, rindex($parent, '--')) = '';
+ $self->{$parent}->{NUM_VISIBLE_CHILDREN}++;
+ }
+
+# $self->dump_visible();
+
+ $self->{ORDER} = [ grep { $self->{$_}->{VISIBLE} } @{ $self->{ORDER} } ];
+
+ map { delete @{$self->{$_}}{qw(GRANTED IS_MENU NUM_VISIBLE_CHILDREN VISIBLE ACCESS)} if ($_ ne 'ORDER') } keys %{ $self };
+}
- foreach my $item (@items) {
- $self->generate_acl($item, $hash); #unless ($menulevel);
+sub dump_visible {
+ my $self = shift;
+ foreach my $key (@{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
+ $main::lxdebug->message(0, "$entry->{GRANTED} $entry->{VISIBLE} $entry->{NUM_VISIBLE_CHILDREN} $key");
}
}