X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FMenu.pm;h=530a468fc7d530e4a3ce3f6d2532ac2ea39b5ad3;hb=590708a7a8d02ecd60267271f276e975c08d56c6;hp=77bc848fd2b8fec7e23385c491ce48c443500ae8;hpb=181ce4f5bab35c1f270a192f062cd27cd34060ba;p=kivitendo-erp.git

diff --git a/SL/Menu.pm b/SL/Menu.pm
index 77bc848fd..530a468fc 100644
--- a/SL/Menu.pm
+++ b/SL/Menu.pm
@@ -34,209 +34,190 @@
 
 package Menu;
 
-sub new {
-  $main::lxdebug->enter_sub();
-
-  my ($type, $menufile, $level) = @_;
-
-  use SL::Inifile;
-  my $self = Inifile->new($menufile, $level);
+use SL::Auth;
+use SL::Inifile;
 
-  $main::lxdebug->leave_sub();
-
-  bless $self, $type;
-}
+use strict;
 
-sub menuitem {
+sub new {
   $main::lxdebug->enter_sub();
 
-  my ($self, $myconfig, $form, $item) = @_;
-
-  my $module = $form->{script};
-  my $action = "section_menu";
-  my $target = "";
-
-  if ($self->{$item}{module}) {
-    $module = $self->{$item}{module};
-  }
-  if ($self->{$item}{action}) {
-    $action = $self->{$item}{action};
-  }
-  if ($self->{$item}{target}) {
-    $target = $self->{$item}{target};
-  }
-
-  my $level = $form->escape($item);
-
-  my $str =
-    qq|<a style="vertical-align:top" href=$module?path=$form->{path}&action=$action&level=$level&login=$form->{login}&password=$form->{password}|;
-
-  my @vars = qw(module action target href);
+  my ($type, @menufiles) = @_;
+  my $self               = bless {}, $type;
 
-  if ($self->{$item}{href}) {
-    $str  = qq|<a href=$self->{$item}{href}|;
-    @vars = qw(module target href);
-  }
+  my @order;
 
-  map { delete $self->{$item}{$_} } @vars;
+  foreach my $menufile (grep { -f } @menufiles) {
+    my $inifile = Inifile->new($menufile);
 
-  # add other params
-  foreach my $key (keys %{ $self->{$item} }) {
-    $str .= "&" . $form->escape($key, 1) . "=";
-    ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
-    $value = $myconfig->{$value} . "/$conf" if ($conf);
-    $str .= $form->escape($value, 1);
+    push @order, @{ delete($inifile->{ORDER}) || [] };
+    $self->{$_} = $inifile->{$_} for keys %{ $inifile };
   }
 
-  if ($target) {
-    $str .= qq| target=$target|;
-  }
+  $self->{ORDER} = \@order;
 
-  $str .= ">";
+  $self->set_access();
 
   $main::lxdebug->leave_sub();
 
-  return $str;
+  return $self;
 }
 
-sub menuitem_v3 {
-  $main::lxdebug->enter_sub();
+sub menuitem_new {
+  $main::lxdebug->enter_sub(LXDebug::DEBUG2());
 
-  my ($self, $myconfig, $form, $item, $other) = @_;
+  my ($self, $name, $item) = @_;
 
-  my $module = $form->{script};
-  my $action = "section_menu";
-  my $target = "";
+  my $form        =  $main::form;
+  my $myconfig    = \%main::myconfig;
 
-  if ($self->{$item}{module}) {
-    $module = $self->{$item}{module};
-  }
-  if ($self->{$item}{action}) {
-    $action = $self->{$item}{action};
-  }
-  if ($self->{$item}{target}) {
-    $target = $self->{$item}{target};
-  }
+  my $module      = $self->{$name}->{module} || $form->{script};
+  my $action      = $self->{$name}->{action};
 
-  my $level = $form->escape($item);
+  $item->{target} = $self->{$name}->{target} || "main_window";
+  $item->{href}   = $self->{$name}->{href}   || "${module}?action=" . $form->escape($action);
 
-  my $str = qq|<a href="$module?action=| . $form->escape($action) .
-    qq|&level=| . $form->escape($level);
-  map({ $str .= "&${_}=" . $form->escape($form->{$_}); } qw(path login password));
+  my @vars = qw(module target href);
+  push @vars, 'action' unless ($self->{$name}->{href});
 
-  my @vars = qw(module action target href);
+  map { delete $self->{$name}{$_} } @vars;
 
-  if ($self->{$item}{href}) {
-    $str  = qq|<a href=$self->{$item}{href}|;
-    @vars = qw(module target href);
+  # add other params
+  foreach my $key (keys %{ $self->{$name} }) {
+    my ($value, $conf)  = split(m/=/, $self->{$name}->{$key}, 2);
+    $value              = $myconfig->{$value} . "/$conf" if ($conf);
+    $item->{href}      .= "&" . $form->escape($key) . "=" . $form->escape($value);
   }
 
-  map { delete $self->{$item}{$_} } @vars;
+  $main::lxdebug->leave_sub(LXDebug::DEBUG2());
+}
 
-  # add other params
-  foreach my $key (keys %{ $self->{$item} }) {
-    $str .= "&" . $form->escape($key, 1) . "=";
-    ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
-    $value = $myconfig->{$value} . "/$conf" if ($conf);
-    $str .= $form->escape($value, 1);
-  }
+sub access_control {
+  $main::lxdebug->enter_sub(2);
 
-  $str .= '"';
+  my ($self, $myconfig, $menulevel) = @_;
 
-  if ($target) {
-    $str .= qq| target="| . $form->quote($target) . qq|"|;
-  }
+  my @menu = ();
 
-  if ($other) {
-    foreach my $key (keys(%{$other})) {
-      $str .= qq| ${key}="| . $form->quote($other->{$key}) . qq|"|;
-    }
+  if (!$menulevel) {
+    @menu = grep { !/--/ } @{ $self->{ORDER} };
+  } else {
+    @menu = grep { /^${menulevel}--/ } @{ $self->{ORDER} };
   }
 
-  $str .= ">";
-
-  $main::lxdebug->leave_sub();
+  $main::lxdebug->leave_sub(2);
 
-  return $str;
+  return @menu;
 }
 
-sub menuitemNew {
-  my ($self, $myconfig, $form, $item) = @_;
+sub parse_access_string {
+  my $self   = shift;
+  my $key    = shift;
+  my $access = shift;
 
-  my $module = $form->{script};
-  my $action = "section_menu";
+  my $form        =  $main::form;
+  my $auth        =  $main::auth;
+  my $myconfig    = \%main::myconfig;
 
-  #if ($self->{$item}{module}) {
-  $module = $self->{$item}{module};
+  my @stack;
+  my $cur_ary = [];
 
-  #}
-  if ($self->{$item}{action}) {
-    $action = $self->{$item}{action};
-  }
+  push @stack, $cur_ary;
 
-  my $level = $form->escape($item);
-  my $str   =
-    qq|$module?path=$form->{path}&action=$action&level=$level&login=$form->{login}&password=$form->{password}|;
-  my @vars = qw(module action target href);
+  while ($access =~ m/^([a-z_]+|\||\&|\(|\)|\s+)/) {
+    my $token = $1;
+    substr($access, 0, length($1)) = "";
 
-  if ($self->{$item}{href}) {
-    $str  = qq|$self->{$item}{href}|;
-    @vars = qw(module target href);
+    next if ($token =~ /\s/);
+
+    if ($token eq "(") {
+      my $new_cur_ary = [];
+      push @stack, $new_cur_ary;
+      push @{$cur_ary}, $new_cur_ary;
+      $cur_ary = $new_cur_ary;
+
+    } elsif ($token eq ")") {
+      pop @stack;
+      if (!@stack) {
+        $form->error("Error in menu.ini for entry ${key}: missing '('");
+      }
+      $cur_ary = $stack[-1];
+
+    } elsif (($token eq "|") || ($token eq "&")) {
+      push @{$cur_ary}, $token;
+
+    } else {
+      push @{$cur_ary}, $auth->check_right($::myconfig{login}, $token, 1);
+    }
   }
 
-  map { delete $self->{$item}{$_} } @vars;
+  if ($access) {
+    $form->error("Error in menu.ini for entry ${key}: unrecognized token at the start of '$access'\n");
+  }
 
-  # add other params
-  foreach my $key (keys %{ $self->{$item} }) {
-    $str .= "&" . $form->escape($key, 1) . "=";
-    ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
-    $value = $myconfig->{$value} . "/$conf" if ($conf);
-    $str .= $form->escape($value, 1);
+  if (1 < scalar @stack) {
+    $main::form->error("Error in menu.ini for entry ${key}: Missing ')'\n");
   }
 
-  $str .= " ";
+  return SL::Auth::evaluate_rights_ary($stack[0]);
+}
 
+sub parse_instance_conf_string {
+  my ($self, $setting) = @_;
+  return $::instance_conf->data->{$setting};
 }
 
-sub access_control {
-  $main::lxdebug->enter_sub(2);
+sub set_access {
+  my $self = shift;
 
-  my ($self, $myconfig, $menulevel) = @_;
+  my $key;
 
-  my @menu = ();
+  foreach $key (@{ $self->{ORDER} }) {
+    my $entry = $self->{$key};
 
-  if ($menulevel eq "") {
-    @menu = grep { !/--/ } @{ $self->{ORDER} };
-  } else {
-    @menu = grep { /^${menulevel}--/ } @{ $self->{ORDER} };
-  }
+    $entry->{GRANTED}              = $entry->{ACCESS} ? $self->parse_access_string($key, $entry->{ACCESS}) : 1;
+    $entry->{GRANTED}            &&= $self->parse_instance_conf_string($entry->{INSTANCE_CONF}) if $entry->{INSTANCE_CONF};
+    $entry->{IS_MENU}              = $entry->{submenu} || ($key !~ m/--/);
+    $entry->{NUM_VISIBLE_CHILDREN} = 0;
 
-  my @a    = split(/;/, $myconfig->{acs});
-  my $excl = ();
+    if ($key =~ m/--/) {
+      my $parent = $key;
+      substr($parent, rindex($parent, '--')) = '';
+      $entry->{GRANTED} &&= $self->{$parent}->{GRANTED};
+    }
 
-  # remove --AR, --AP from array
-  grep { ($a, $b) = split(/--/); s/--$a$//; } @a;
+    $entry->{VISIBLE} = $entry->{GRANTED};
+  }
 
-  map { $excl{$_} = 1 } @a;
+  foreach $key (reverse @{ $self->{ORDER} }) {
+    my $entry = $self->{$key};
 
-  @a = ();
-  map { push @a, $_ unless $excl{$_} } (@menu);
+    if ($entry->{IS_MENU}) {
+      $entry->{VISIBLE} &&= $entry->{NUM_VISIBLE_CHILDREN} > 0;
+    }
 
-  $main::lxdebug->leave_sub(2);
+    next if (($key !~ m/--/) || !$entry->{VISIBLE});
 
-  return @a;
-}
+    my $parent = $key;
+    substr($parent, rindex($parent, '--')) = '';
+    $self->{$parent}->{NUM_VISIBLE_CHILDREN}++;
+  }
 
-sub generate_acl {
-  my ($self, $menulevel, $hash) = @_;
+#   $self->dump_visible();
 
-  my @items = $self->access_control(\%main::myconfig, $menulevel);
+  $self->{ORDER} = [ grep { $self->{$_}->{VISIBLE} } @{ $self->{ORDER} } ];
 
-  $menulevel =~ s/[^A-Za-z_\/\.\+\-]/_/g;
-  $hash->{"access_" . lc($menulevel)} = 1 if ($menulevel);
+  { no strict 'refs';
+  # ToDO: fix this. nuke and pave algorithm without type checking screams for problems.
+  map { delete @{$self->{$_}}{qw(GRANTED IS_MENU NUM_VISIBLE_CHILDREN VISIBLE ACCESS)} if ($_ ne 'ORDER') } keys %{ $self };
+  }
+}
 
-  foreach my $item (@items) {
-    $self->generate_acl($item, $hash); #unless ($menulevel);
+sub dump_visible {
+  my $self = shift;
+  foreach my $key (@{ $self->{ORDER} }) {
+    my $entry = $self->{$key};
+    $main::lxdebug->message(0, "$entry->{GRANTED} $entry->{VISIBLE} $entry->{NUM_VISIBLE_CHILDREN} $key");
   }
 }