X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FBase.pm;h=64ac328bd6098aabfa774a888ebe80f115b45744;hb=25ad1535122a8cd3bab24b0b71bd9bf887c40641;hp=39bc692e7410a5382eeae8f43cab5b3e22fd94e3;hpb=b89137f814fb873ddc98c765b7a0ef17bed83ce1;p=kivitendo-erp.git diff --git a/SL/Controller/Base.pm b/SL/Controller/Base.pm index 39bc692e7..64ac328bd 100644 --- a/SL/Controller/Base.pm +++ b/SL/Controller/Base.pm @@ -5,7 +5,15 @@ use strict; use parent qw(Rose::Object); use Carp; +use IO::File; use List::Util qw(first); +use SL::Request qw(flatten); +use SL::MoreCommon qw(uri_encode); + +use Rose::Object::MakeMethods::Generic +( + scalar => [ qw(action_name) ], +); # # public/helper functions @@ -17,19 +25,33 @@ sub url_for { return $_[0] if (scalar(@_) == 1) && !ref($_[0]); my %params = ref($_[0]) eq 'HASH' ? %{ $_[0] } : @_; - my $controller = delete($params{controller}) || $self->_controller_name; - my $action = delete($params{action}) || 'dispatch'; - $params{action} = "${controller}/${action}"; - my $query = join('&', map { $::form->escape($_) . '=' . $::form->escape($params{$_}) } keys %params); + my $controller = delete($params{controller}) || $self->controller_name; + my $action = $params{action} || 'dispatch'; + + my $script; + if ($controller =~ m/\.pl$/) { + # Old-style controller + $script = $controller; + } else { + $params{action} = "${controller}/${action}"; + $script = "controller.pl"; + } + + my $query = join '&', map { uri_encode($_->[0]) . '=' . uri_encode($_->[1]) } @{ flatten(\%params) }; - return "controller.pl?${query}"; + return "${script}?${query}"; } sub redirect_to { my $self = shift; my $url = $self->url_for(@_); - print $::cgi->redirect($url); + if ($self->delay_flash_on_redirect) { + require SL::Helper::Flash; + SL::Helper::Flash::delay_flash(); + } + + print $::request->{cgi}->redirect($url); } sub render { @@ -37,46 +59,82 @@ sub render { my $template = shift; my ($options, %locals) = (@_ && ref($_[0])) ? @_ : ({ }, @_); + $options->{type} = lc($options->{type} || 'html'); + $options->{no_layout} = 1 if $options->{type} eq 'js'; + my $source; if ($options->{inline}) { $source = \$template; + } elsif($options->{raw}) { + $source = $template; + } else { - $source = "templates/webpages/${template}.html"; + $source = "templates/webpages/${template}." . $options->{type}; croak "Template file ${source} not found" unless -f $source; } - if (!$options->{partial} && !$options->{inline}) { - $::form->{title} = $locals{title} if $locals{title}; - $::form->header; + if (!$options->{partial} && !$options->{inline} && !$::form->{header}) { + if ($options->{no_layout}) { + $::form->{header} = 1; + my $content_type = $options->{type} eq 'js' ? 'text/javascript' : 'text/html'; + + print $::form->create_http_response(content_type => $content_type, + charset => $::lx_office_conf{system}->{dbcharset} || Common::DEFAULT_CHARSET()); + + } else { + $::form->{title} = $locals{title} if $locals{title}; + $::form->header(no_menu => $options->{no_menu}); + } } my %params = ( %locals, - AUTH => $::auth, - FORM => $::form, - LOCALE => $::locale, - LXCONFIG => { dbcharset => $::dbcharset, - webdav => $::webdav, - lizenzen => $::lizenzen, - latex_templates => $::latex, - opendocument_templates => $::opendocument_templates, - vertreter => $::vertreter, - show_best_before => $::show_best_before, - }, - LXDEBUG => $::lxdebug, - MYCONFIG => \%::myconfig, - SELF => $self, + AUTH => $::auth, + FLASH => $::form->{FLASH}, + FORM => $::form, + INSTANCE_CONF => $::instance_conf, + LOCALE => $::locale, + LXCONFIG => \%::lx_office_conf, + LXDEBUG => $::lxdebug, + MYCONFIG => \%::myconfig, + SELF => $self, ); my $output; - my $parser = $self->_template_obj; - $parser->process($source, \%params, \$output) || croak $parser->error; + if (!$options->{raw}) { + my $parser = $self->_template_obj; + $parser->process($source, \%params, \$output) || croak $parser->error; + } else { + $output = $$source; + } - print $output unless $options->{inline}; + print $output unless $options->{inline} || $options->{no_output}; return $output; } +sub send_file { + my ($self, $file_name, %params) = @_; + + my $file = IO::File->new($file_name, 'r') || croak("Cannot open file '${file_name}'"); + my $content_type = $params{type} || 'application/octet_stream'; + my $attachment_name = $params{name} || $file_name; + $attachment_name =~ s:.*//::g; + + print $::form->create_http_response(content_type => $content_type, + content_disposition => 'attachment; filename="' . $attachment_name . '"', + content_length => -s $file); + + $::locale->with_raw_io(\*STDOUT, sub { print while <$file> }); + $file->close; +} + +sub controller_name { + my $class = ref($_[0]) || $_[0]; + $class =~ s/^SL::Controller:://; + return $class; +} + # # Before/after run hooks # @@ -113,14 +171,31 @@ sub _run_hooks { || ($hook->{except} && $hook->{except}->{$action}); if (ref($hook->{code}) eq 'CODE') { - $hook->{code}->($self); + $hook->{code}->($self, $action); } else { my $sub = $hook->{code}; - $self->$sub; + $self->$sub($action); } } } +# +# behaviour. override these +# + +sub delay_flash_on_redirect { + 0; +} + +sub get_auth_level { + # Ignore the 'action' parameter. + return 'user'; +} + +sub keep_auth_vars_in_form { + return 0; +} + # # private functions -- for use in Base only # @@ -134,15 +209,12 @@ sub _run_action { $::form->error("Invalid action '${action}' for controller " . ref($self)) if !$self->can($sub); + $self->action_name($action); $self->_run_hooks('before', $action); $self->$sub(@_); $self->_run_hooks('after', $action); } -sub _controller_name { - return (split(/::/, ref($_[0])))[-1]; -} - sub _dispatch { my $self = shift; @@ -151,9 +223,14 @@ sub _dispatch { my $action = first { $::form->{"action_${_}"} } @actions; my $sub = "action_${action}"; - $self->_run_hooks('before', $action); - $self->$sub(@_); - $self->_run_hooks('after', $action); + if ($self->can($sub)) { + $self->action_name($action); + $self->_run_hooks('before', $action); + $self->$sub(@_); + $self->_run_hooks('after', $action); + } else { + $::form->error($::locale->text('Oops. No valid action found to dispatch. Please report this case to the kivitendo team.')); + } } sub _template_obj { @@ -167,7 +244,8 @@ sub _template_obj { PLUGIN_BASE => 'SL::Template::Plugin', INCLUDE_PATH => '.:templates/webpages', COMPILE_EXT => '.tcc', - COMPILE_DIR => $::userspath . '/templates-cache', + COMPILE_DIR => $::lx_office_conf{paths}->{userspath} . '/templates-cache', + ERROR => 'templates/webpages/generic/exception.html', }) || croak; return $self->{__basepriv_template_obj}; @@ -260,6 +338,10 @@ hooks themselves are run as instance methods. Hooks are run in the order they're added. +The hooks receive a single parameter: the name of the action that is +about to be called (for C hooks) / was called (for C +hooks). + The return value of the hooks is discarded. Hooks can be defined to run for all actions, for only specific actions @@ -287,23 +369,36 @@ C<$options>, if present, must be a hash reference. All remaining parameters are slurped into C<%locals>. What is rendered and how C<$template> is interpreted is determined by -C<< $options->{inline} >> and C<< $options->{partial} >>. +the options I, I, I and I. If C<< $options->{inline} >> is trueish then C<$template> is a string containing the template code to interprete. Additionally the output will not be sent to the browser. Instead it is only returned to the caller. +If C<< $options->{raw} >> is trueish, the function will treat the input as +already parsed, and will not filter the input through Template. Unlike +C, the input is taked as a reference. + If C<< $options->{inline} >> is falsish then C<$template> is interpreted as the name of a template file. It is prefixed with -"templates/webpages/" and postfixed with ".html". An exception will be -thrown if that file does not exist. +"templates/webpages/" and postfixed with a file extension based on +C<< $options->{type} >>. C<< $options->{type} >> can be either C +or C and defaults to C. An exception will be thrown if that +file does not exist. If C<< $options->{partial} >> or C<< $options->{inline} >> is trueish -then C<< $::form->header >> will not be called. Otherwise -C<< $::form->{header} >> will be set to C<$locals{header}> (only if -$locals{header} is trueish) and C<< $::form->header >> will be called -before the template itself is processed. +then neither the HTTP response header nor the standard HTML header is +generated. + +Otherwise at least the HTTP response header will be generated based on +the template type (C<< $options->{type} >>). + +If the template type is C then the standard HTML header will be +output via C<< $::form->header >> with C<< $::form->{title} >> set to +C<$locals{title}> (the latter only if C<$locals{title}> is +trueish). Setting C<< $options->{no_layout} >> to trueish will prevent +this. The template itself has access to the following variables: @@ -315,9 +410,10 @@ The template itself has access to the following variables: =item * C -- C<$::locale> -=item * C -- all parameters from C with -the same name they appear in the file (e.g. C, C -etc) +=item * C -- all parameters from C +with the same name they appear in the file (first level is the +section, second the actual variable, e.g. C, +C etc) =item * C -- C<$::lxdebug> @@ -334,6 +430,39 @@ output to the browser. The function will always return the output. +Example: Render a HTML template with a certain title and a few locals + + $self->render('todo/list', + title => 'List TODO items', + TODO_ITEMS => SL::DB::Manager::Todo->get_all_sorted); + +Example: Render a string and return its content for further processing +by the calling function. No header is generated due to C. + + my $content = $self->render('[% USE JavaScript %][% JavaScript.replace_with("#someid", "js/something") %]', + { type => 'js', inline => 1 }); + +Example: Render a JavaScript template and send it to the +browser. Typical use for actions called via AJAX: + + $self->render('todo/single_item', { type => 'js' }, + item => $employee->most_important_todo_item); + +=item C + +Sends the file C<$file_name> to the browser including appropriate HTTP +headers for a download. C<%params> can include the following: + +=over 2 + +=item * C -- the file's content type; defaults to +'application/octet_stream' + +=item * C -- the name presented to the browser; defaults to +C<$file_name> + +=back + =item C =item C @@ -349,7 +478,7 @@ parameter or as a normal hash. The controller to call is given by C<$params{controller}>. It defaults to the current controller as returned by -L. +L. The action to call is given by C<$params{action}>. It defaults to C. @@ -400,6 +529,40 @@ action. The hook's return values are discarded. +=item C + +May be overridden by a controller. If this method returns true, redirect_to +will delay all flash messages for the current request. Defaults to false for +compatibility reasons. + +=item C + +May be overridden by a controller. Determines what kind of +authentication is required for a particular action. Must return either +C (which means that authentication as an admin is required), +C (authentication as a normal user suffices) with a possible +future value C (which would require no authentication but is not +yet implemented). + +=item C + +May be overridden by a controller. If falsish (the default) all form +variables whose name starts with C<{AUTH}> are removed before the +request is routed. Only controllers that handle login requests +themselves should return trueish for this function. + +=item C + +Returns the name of the curernt controller package without the +C prefix. This method can be called both as a class +method and an instance method. + +=item C + +Returns the name of the currently executing action. If the dispatcher +mechanism was used then this is not C but the actual method +name the dispatching resolved to. + =back =head2 PRIVATE FUNCTIONS @@ -408,11 +571,6 @@ These functions are supposed to be used from this base class only. =over 4 -=item C<_controller_name> - -Returns the name of the curernt controller package without the -C prefix. - =item C<_dispatch> Implements the method lookup for indirect dispatching mentioned in the