X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FBase.pm;h=64ac328bd6098aabfa774a888ebe80f115b45744;hb=1a3920a1f7f2a75da8ae6db91f6c2a57e88b95ad;hp=285bfcee494a9a2ecea6ab5a95ba97ffd34287f9;hpb=2b44867fc2d4e3c061c126890cc90fcaa84b6baa;p=kivitendo-erp.git diff --git a/SL/Controller/Base.pm b/SL/Controller/Base.pm index 285bfcee4..64ac328bd 100644 --- a/SL/Controller/Base.pm +++ b/SL/Controller/Base.pm @@ -7,6 +7,13 @@ use parent qw(Rose::Object); use Carp; use IO::File; use List::Util qw(first); +use SL::Request qw(flatten); +use SL::MoreCommon qw(uri_encode); + +use Rose::Object::MakeMethods::Generic +( + scalar => [ qw(action_name) ], +); # # public/helper functions @@ -18,12 +25,21 @@ sub url_for { return $_[0] if (scalar(@_) == 1) && !ref($_[0]); my %params = ref($_[0]) eq 'HASH' ? %{ $_[0] } : @_; - my $controller = delete($params{controller}) || $self->_controller_name; - my $action = delete($params{action}) || 'dispatch'; - $params{action} = "${controller}/${action}"; - my $query = join('&', map { $::form->escape($_) . '=' . $::form->escape($params{$_}) } keys %params); + my $controller = delete($params{controller}) || $self->controller_name; + my $action = $params{action} || 'dispatch'; + + my $script; + if ($controller =~ m/\.pl$/) { + # Old-style controller + $script = $controller; + } else { + $params{action} = "${controller}/${action}"; + $script = "controller.pl"; + } - return "controller.pl?${query}"; + my $query = join '&', map { uri_encode($_->[0]) . '=' . uri_encode($_->[1]) } @{ flatten(\%params) }; + + return "${script}?${query}"; } sub redirect_to { @@ -68,7 +84,7 @@ sub render { } else { $::form->{title} = $locals{title} if $locals{title}; - $::form->header; + $::form->header(no_menu => $options->{no_menu}); } } @@ -113,6 +129,12 @@ sub send_file { $file->close; } +sub controller_name { + my $class = ref($_[0]) || $_[0]; + $class =~ s/^SL::Controller:://; + return $class; +} + # # Before/after run hooks # @@ -149,10 +171,10 @@ sub _run_hooks { || ($hook->{except} && $hook->{except}->{$action}); if (ref($hook->{code}) eq 'CODE') { - $hook->{code}->($self); + $hook->{code}->($self, $action); } else { my $sub = $hook->{code}; - $self->$sub; + $self->$sub($action); } } } @@ -165,6 +187,15 @@ sub delay_flash_on_redirect { 0; } +sub get_auth_level { + # Ignore the 'action' parameter. + return 'user'; +} + +sub keep_auth_vars_in_form { + return 0; +} + # # private functions -- for use in Base only # @@ -178,15 +209,12 @@ sub _run_action { $::form->error("Invalid action '${action}' for controller " . ref($self)) if !$self->can($sub); + $self->action_name($action); $self->_run_hooks('before', $action); $self->$sub(@_); $self->_run_hooks('after', $action); } -sub _controller_name { - return (split(/::/, ref($_[0])))[-1]; -} - sub _dispatch { my $self = shift; @@ -196,11 +224,12 @@ sub _dispatch { my $sub = "action_${action}"; if ($self->can($sub)) { + $self->action_name($action); $self->_run_hooks('before', $action); $self->$sub(@_); $self->_run_hooks('after', $action); } else { - $::form->error($::locale->text('Oops. No valid action found to dispatch. Please report this case to the Lx-Office team.')); + $::form->error($::locale->text('Oops. No valid action found to dispatch. Please report this case to the kivitendo team.')); } } @@ -216,6 +245,7 @@ sub _template_obj { INCLUDE_PATH => '.:templates/webpages', COMPILE_EXT => '.tcc', COMPILE_DIR => $::lx_office_conf{paths}->{userspath} . '/templates-cache', + ERROR => 'templates/webpages/generic/exception.html', }) || croak; return $self->{__basepriv_template_obj}; @@ -308,6 +338,10 @@ hooks themselves are run as instance methods. Hooks are run in the order they're added. +The hooks receive a single parameter: the name of the action that is +about to be called (for C hooks) / was called (for C +hooks). + The return value of the hooks is discarded. Hooks can be defined to run for all actions, for only specific actions @@ -376,7 +410,7 @@ The template itself has access to the following variables: =item * C -- C<$::locale> -=item * C -- all parameters from C +=item * C -- all parameters from C with the same name they appear in the file (first level is the section, second the actual variable, e.g. C, C etc) @@ -444,7 +478,7 @@ parameter or as a normal hash. The controller to call is given by C<$params{controller}>. It defaults to the current controller as returned by -L. +L. The action to call is given by C<$params{action}>. It defaults to C. @@ -495,12 +529,40 @@ action. The hook's return values are discarded. -=item delay_flash_on_redirect +=item C May be overridden by a controller. If this method returns true, redirect_to will delay all flash messages for the current request. Defaults to false for compatibility reasons. +=item C + +May be overridden by a controller. Determines what kind of +authentication is required for a particular action. Must return either +C (which means that authentication as an admin is required), +C (authentication as a normal user suffices) with a possible +future value C (which would require no authentication but is not +yet implemented). + +=item C + +May be overridden by a controller. If falsish (the default) all form +variables whose name starts with C<{AUTH}> are removed before the +request is routed. Only controllers that handle login requests +themselves should return trueish for this function. + +=item C + +Returns the name of the curernt controller package without the +C prefix. This method can be called both as a class +method and an instance method. + +=item C + +Returns the name of the currently executing action. If the dispatcher +mechanism was used then this is not C but the actual method +name the dispatching resolved to. + =back =head2 PRIVATE FUNCTIONS @@ -509,11 +571,6 @@ These functions are supposed to be used from this base class only. =over 4 -=item C<_controller_name> - -Returns the name of the curernt controller package without the -C prefix. - =item C<_dispatch> Implements the method lookup for indirect dispatching mentioned in the