X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FAdmin.pm;h=c22fdca74075a48ab6a3a66e6cf34c0420a6dace;hb=b293ff8ad52fc76ba0c44783e3982418114d6b08;hp=179142c738ac9e2acd690470f99783599c8e293a;hpb=188734cee4672fe7421293f7af68fa3734e52064;p=kivitendo-erp.git diff --git a/SL/Controller/Admin.pm b/SL/Controller/Admin.pm index 179142c73..c22fdca74 100644 --- a/SL/Controller/Admin.pm +++ b/SL/Controller/Admin.pm @@ -6,15 +6,19 @@ use parent qw(SL::Controller::Base); use IO::Dir; use List::Util qw(first); +use List::UtilsBy qw(sort_by); use SL::Common (); use SL::DB::AuthUser; use SL::DB::AuthGroup; use SL::DB::Printer; +use SL::DBUtils (); use SL::Helper::Flash; use SL::Locale::String qw(t8); use SL::System::InstallationLock; use SL::User; +use SL::Version; +use SL::Layout::AdminLogin; use Rose::Object::MakeMethods::Generic ( @@ -27,7 +31,7 @@ __PACKAGE__->run_before(\&setup_layout); __PACKAGE__->run_before(\&setup_client, only => [ qw(list_printers new_printer edit_printer save_printer delete_printer) ]); sub get_auth_level { "admin" }; -sub keep_auth_vars { +sub keep_auth_vars_in_form { my ($class, %params) = @_; return $params{action} eq 'login'; } @@ -80,18 +84,17 @@ sub action_create_auth_tables { $::auth->set_session_value('admin_password', $::lx_office_conf{authentication}->{admin_password}); $::auth->create_or_refresh_session; - my $group = (SL::DB::Manager::AuthGroup->get_all(limit => 1))[0]; - if (!$group) { + my $scripts_applied = $self->apply_dbupgrade_scripts; + + if (! SL::DB::Manager::AuthGroup->get_all_count) { SL::DB::AuthGroup->new( name => t8('Full Access'), description => t8('Full access to all functions'), - rights => [ map { SL::DB::AuthGroupRight->new(right => $_, granted => 1) } SL::Auth::all_rights() ], + rights => [ map { SL::DB::AuthGroupRight->new(right => $_, granted => 1) } $::auth->all_rights ], )->save; } - if (!$self->apply_dbupgrade_scripts) { - $self->action_login; - } + $self->action_login unless $scripts_applied; } # @@ -110,12 +113,12 @@ sub action_show { sub action_new_user { my ($self) = @_; + my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager}); $self->user(SL::DB::AuthUser->new( config_values => { - vclimit => 200, - countrycode => "de", - numberformat => "1.000,00", - dateformat => "dd.mm.yy", + countrycode => $defaults->language('de'), + numberformat => $defaults->numberformat('1.000,00'), + dateformat => $defaults->dateformat('dd.mm.yy'), stylesheet => "kivitendo.css", menustyle => "neu", }, @@ -129,12 +132,6 @@ sub action_edit_user { $self->edit_user_form(title => t8('Edit User')); } -sub action_save_newuser { - my ($self) = @_; - $::form->{user}{clients} = 0; - $self->action_save_user(); -} - sub action_save_user { my ($self) = @_; my $params = delete($::form->{user}) || { }; @@ -172,6 +169,10 @@ sub action_delete_user { my @clients = @{ $self->user->clients || [] }; + # backup user metadata (email, name, etc) + my $user_config_values_ref = $self->user->config_values(); + my $login =$self->user->login; + if (!$self->user->delete) { flash('error', t8('The user could not be deleted.')); $self->edit_user_form(title => t8('Edit User')); @@ -179,9 +180,15 @@ sub action_delete_user { } # Flag corresponding entries in 'employee' as deleted. + # and restore the most important user data in employee + # TODO try and catch the whole transaction {user->delete; update employee} {exception} foreach my $client (@clients) { my $dbh = $client->dbconnect(AutoCommit => 1) || next; - $dbh->do(qq|UPDATE employee SET deleted = TRUE WHERE login = ?|, undef, $self->user->login); + $dbh->do(qq|UPDATE employee SET deleted = TRUE, name = ?, deleted_email = ?, + deleted_tel = ?, deleted_fax = ?, deleted_signature = ? WHERE login = ?|,undef, + $user_config_values_ref->{name}, $user_config_values_ref->{email}, + $user_config_values_ref->{tel}, $user_config_values_ref->{fax}, + $user_config_values_ref->{signature}, $self->user->login); $dbh->disconnect; } @@ -395,19 +402,24 @@ sub action_create_dataset_login { sub action_create_dataset { my ($self) = @_; - $self->create_dataset_form; + + my %superuser = $self->check_database_superuser_privileges(no_credentials_not_an_error => 1); + $self->create_dataset_form(superuser => \%superuser); } sub action_do_create_dataset { my ($self) = @_; + my %superuser = $self->check_database_superuser_privileges; + my @errors; push @errors, t8("Dataset missing!") if !$::form->{db}; push @errors, t8("Default currency missing!") if !$::form->{defaultcurrency}; + push @errors, $superuser{error} if !$superuser{have_privileges} && $superuser{error}; if (@errors) { flash('error', @errors); - return $self->create_dataset_form; + return $self->create_dataset_form(superuser => \%superuser); } $::form->{encoding} = 'UNICODE'; @@ -439,7 +451,7 @@ sub action_do_delete_dataset { if (@errors) { flash('error', @errors); - return $self->create_dataset_form; + return $self->delete_dataset_form; } User->new->dbdelete($::form); @@ -483,7 +495,7 @@ sub action_lock_system { sub init_db_cfg { $::lx_office_conf{'authentication/database'} } sub init_is_locked { SL::System::InstallationLock->is_locked } -sub init_client { SL::DB::Manager::AuthClient->find_by(id => ($::form->{id} || ($::form->{client} || {})->{id})) } +sub init_client { SL::DB::Manager::AuthClient->find_by(id => (($::form->{client} || {})->{id} || $::form->{id})) } sub init_user { SL::DB::AuthUser ->new(id => ($::form->{id} || ($::form->{user} || {})->{id}))->load } sub init_group { SL::DB::AuthGroup ->new(id => ($::form->{id} || ($::form->{group} || {})->{id}))->load } sub init_printer { SL::DB::Printer ->new(id => ($::form->{id} || ($::form->{printer} || {})->{id}))->load } @@ -492,7 +504,7 @@ sub init_all_users { SL::DB::Manager::AuthUser ->get_all_sorted sub init_all_groups { SL::DB::Manager::AuthGroup ->get_all_sorted } sub init_all_printers { SL::DB::Manager::Printer ->get_all_sorted } sub init_all_dateformats { [ qw(mm/dd/yy dd/mm/yy dd.mm.yy yyyy-mm-dd) ] } -sub init_all_numberformats { [ '1,000.00', '1000.00', '1.000,00', '1000,00' ] } +sub init_all_numberformats { [ '1,000.00', '1000.00', '1.000,00', '1000,00', "1'000.00" ] } sub init_all_stylesheets { [ qw(lx-office-erp.css Mobile.css kivitendo.css) ] } sub init_all_dbsources { [ sort User->dbsources($::form) ] } sub init_all_used_dbsources { { map { (join(':', $_->dbhost || 'localhost', $_->dbport || 5432, $_->dbname) => $_->name) } @{ $_[0]->all_clients } } } @@ -523,13 +535,13 @@ sub init_all_rights { my (@sections, $current_section); foreach my $entry ($::auth->all_rights_full) { - if ($entry->[0] =~ m/^--/) { - push @sections, { description => $entry->[1], rights => [] }; + if ($entry->[2]) { + push @sections, { description => t8($entry->[1]), rights => [] }; } elsif (@sections) { push @{ $sections[-1]->{rights} }, { name => $entry->[0], - description => $entry->[1], + description => t8($entry->[1]), }; } else { @@ -552,12 +564,13 @@ sub init_all_countrycodes { sub setup_layout { my ($self, $action) = @_; + my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager}); $::request->layout(SL::Layout::Dispatcher->new(style => 'admin')); $::form->{favicon} = "favicon.ico"; %::myconfig = ( - countrycode => 'de', - numberformat => '1.000,00', - dateformat => 'dd.mm.yy', + countrycode => $defaults->language('de'), + numberformat => $defaults->numberformat('1.000,00'), + dateformat => $defaults->dateformat('dd.mm.yy'), ) if !%::myconfig; } @@ -565,7 +578,7 @@ sub setup_client { my ($self) = @_; $self->client(SL::DB::Manager::AuthClient->get_default || $self->all_clients->[0]) if !$self->client; - $::auth->set_client($self->client->id); + $::auth->set_client($self->client->id) if $self->client; } # @@ -579,16 +592,23 @@ sub use_multiselect_js { return $self; } +sub use_ckeditor_js { + my ($self) = @_; + + $::request->{layout}->use_javascript("${_}.js") for qw(ckeditor/ckeditor ckeditor/adapters/jquery); + return $self; +} + sub login_form { my ($self, %params) = @_; - my $version = $::form->read_version; - $::request->layout->no_menu(1); - $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $version), %params, version => $version); + $::request->layout(SL::Layout::AdminLogin->new); + my $version = SL::Version->get_version; + $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $version), %params, version => $version ); } sub edit_user_form { my ($self, %params) = @_; - $self->use_multiselect_js->render('admin/edit_user', %params); + $self->use_multiselect_js->use_ckeditor_js->render('admin/edit_user', %params); } sub edit_client_form { @@ -622,7 +642,23 @@ sub database_administration_login_form { sub create_dataset_form { my ($self, %params) = @_; - $self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset'))); + + my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager}); + $::form->{favicon} = "favicon.ico"; + $::form->{countrymode} = $defaults->country('DE'); + $::form->{chart} = $defaults->chart_of_accounts('Germany-DATEV-SKR03EU'); + $::form->{defaultcurrency} = $defaults->currency('EUR'); + $::form->{precision} = $defaults->precision(0.01); + $::form->{accounting_method} = $defaults->accounting_method('cash'); + $::form->{inventory_system} = $defaults->inventory_system('periodic'); + $::form->{profit_determination} = $defaults->profit_determination('balance'); + $::form->{feature_balance} = $defaults->feature_balance(1); + $::form->{feature_datev} = $defaults->feature_datev(1); + $::form->{feature_erfolgsrechnung} = $defaults->feature_erfolgsrechnung(0); + $::form->{feature_eurechnung} = $defaults->feature_eurechnung(1); + $::form->{feature_ustva} = $defaults->feature_ustva(1); + + $self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')), superuser => $params{superuser}); } sub delete_dataset_form { @@ -667,4 +703,63 @@ sub authenticate_root { return undef; } +sub is_user_used_for_task_server { + my ($self, $user) = @_; + + return undef if !$user; + return join ', ', sort_by { lc } map { $_->name } @{ SL::DB::Manager::AuthClient->get_all(where => [ task_server_user_id => $user->id ]) }; +} + +sub check_database_superuser_privileges { + my ($self, %params) = @_; + + my %dbconnect_form = %{ $::form }; + my %result = ( + username => $dbconnect_form{dbuser}, + password => $dbconnect_form{dbpasswd}, + ); + + my $check_privileges = sub { + my $dbh = SL::DBConnect->connect($dbconnect_form{dbconnect}, $result{username}, $result{password}, SL::DBConnect->get_options); + return (error => $::locale->text('The credentials (username & password) for connecting database are wrong.')) if !$dbh; + + my $is_superuser = SL::DBUtils::role_is_superuser($dbh, $result{username}); + + $dbh->disconnect; + + return (have_privileges => $is_superuser); + }; + + User::dbconnect_vars(\%dbconnect_form, $dbconnect_form{dbdefault}); + + %result = ( + %result, + $check_privileges->(), + ); + + if (!$result{have_privileges}) { + $result{username} = $::form->{database_superuser_user}; + $result{password} = $::form->{database_superuser_password}; + + if ($::form->{database_superuser_user}) { + %result = ( + %result, + $check_privileges->(), + ); + } + } + + if ($result{have_privileges}) { + $::auth->set_session_value(database_superuser_username => $result{username}, database_superuser_password => $result{password}); + return %result; + } + + $::auth->delete_session_value(qw(database_superuser_username database_superuser_password)); + + return () if !$::form->{database_superuser_user} && $params{no_credentials_not_an_error}; + return (%result, error => $::locale->text('No superuser credentials were entered.')) if !$::form->{database_superuser_user}; + return %result if $result{error}; + return (%result, error => $::locale->text('The database user \'#1\' does not have superuser privileges.', $result{username})); +} + 1;