X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FMenu.pm;h=5df7089d564d5d2fe3d6759ece05271d8c042a80;hb=8c7e44938a661e035f62840e1e177353240ace5d;hp=b10fc67b41a2940e3dbc0e70a517c63b60f05987;hpb=ee072e4f077213bf6f8792ca8f0a1afebbb6282f;p=kivitendo-erp.git
diff --git a/SL/Menu.pm b/SL/Menu.pm
index b10fc67b4..5df7089d5 100644
--- a/SL/Menu.pm
+++ b/SL/Menu.pm
@@ -34,17 +34,26 @@
package Menu;
+use SL::Auth;
+use SL::Inifile;
+
sub new {
$main::lxdebug->enter_sub();
- my ($type, $menufile, $level) = @_;
+ my ($type, $menufile) = @_;
- use SL::Inifile;
- my $self = Inifile->new($menufile, $level);
+ my $self = {};
+ my $inifile = Inifile->new($menufile);
- $main::lxdebug->leave_sub();
+ map { $self->{$_} = $inifile->{$_} } keys %{ $inifile };
bless $self, $type;
+
+ $self->set_access();
+
+ $main::lxdebug->leave_sub();
+
+ return $self;
}
sub menuitem {
@@ -67,8 +76,9 @@ sub menuitem {
}
my $level = $form->escape($item);
- my $str =
- qq|{path}&action=$action&level=$level&login=$form->{login}&password=$form->{password}|;
+
+ my $str = qq|{$item}{href}) {
@@ -81,7 +91,7 @@ sub menuitem {
# add other params
foreach my $key (keys %{ $self->{$item} }) {
$str .= "&" . $form->escape($key, 1) . "=";
- ($value, $conf) = split /=/, $self->{$item}{$key}, 2;
+ ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
$value = $myconfig->{$value} . "/$conf" if ($conf);
$str .= $form->escape($value, 1);
}
@@ -97,9 +107,163 @@ sub menuitem {
return $str;
}
-sub access_control {
+sub menuitem_v3 {
$main::lxdebug->enter_sub();
+ my ($self, $myconfig, $form, $item, $other) = @_;
+
+ my $module = $form->{script};
+ my $action = "section_menu";
+ my $target = "";
+
+ if ($self->{$item}{module}) {
+ $module = $self->{$item}{module};
+ }
+ if ($self->{$item}{action}) {
+ $action = $self->{$item}{action};
+ }
+ if ($self->{$item}{target}) {
+ $target = $self->{$item}{target};
+ }
+
+ my $level = $form->escape($item);
+
+ my $str = qq|escape($key, 1) . "=";
+ ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
+ $str .= $form->escape($value, 1);
+ }
+
+ $str .= '"';
+
+ if ($target) {
+ $str .= qq| target="| . $form->quote($target) . qq|"|;
+ }
+
+ if ($other) {
+ foreach my $key (keys(%{$other})) {
+ $str .= qq| ${key}="| . $form->quote($other->{$key}) . qq|"|;
+ }
+ }
+
+ $str .= ">";
+
+ $main::lxdebug->leave_sub();
+
+ return $str;
+}
+
+sub menuitem_XML {
+ $main::lxdebug->enter_sub();
+
+ my ($self, $myconfig, $form, $item, $other) = @_;
+
+ my $module = $form->{script};
+ my $action = "section_menu";
+ my $target = "";
+
+ if ($self->{$item}{module}) {
+ $module = $self->{$item}{module};
+ }
+ if ($self->{$item}{action}) {
+ $action = $self->{$item}{action};
+ }
+ if ($self->{$item}{target}) {
+ $target = $self->{$item}{target};
+ }
+
+ my $level = $form->escape($item);
+
+ my $str = qq| link="$module?action=| . $form->escape($action) .
+ qq|&level=| . $form->escape($level);
+ map({ $str .= "&${_}=" . $form->escape($form->{$_}); } qw(login password));
+
+ my @vars = qw(module action target href);
+
+ if ($self->{$item}{href}) {
+ $str = qq| link=$self->{$item}{href}|;
+ @vars = qw(module target href);
+ }
+
+ map { delete $self->{$item}{$_} } @vars;
+
+ # add other params
+ foreach my $key (keys %{ $self->{$item} }) {
+ $str .= "&" . $form->escape($key, 1) . "=";
+ ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
+ $str .= $form->escape($value, 1);
+ }
+
+ $str .= '"';
+
+
+
+ if ($other) {
+ foreach my $key (keys(%{$other})) {
+ $str .= qq| ${key}="| . $form->quote($other->{$key}) . qq|"|;
+ }
+ }
+
+
+ $main::lxdebug->leave_sub();
+
+ return $str;
+}
+
+sub menuitemNew {
+ my ($self, $myconfig, $form, $item) = @_;
+
+ my $module = $form->{script};
+ my $action = "section_menu";
+
+ #if ($self->{$item}{module}) {
+ $module = $self->{$item}{module};
+
+ #}
+ if ($self->{$item}{action}) {
+ $action = $self->{$item}{action};
+ }
+
+ my $level = $form->escape($item);
+ my $str = qq|$module?action=$action&level=$level|;
+ my @vars = qw(module action target href);
+
+ if ($self->{$item}{href}) {
+ $str = qq|$self->{$item}{href}|;
+ @vars = qw(module target href);
+ }
+
+ map { delete $self->{$item}{$_} } @vars;
+
+ # add other params
+ foreach my $key (keys %{ $self->{$item} }) {
+ $str .= "&" . $form->escape($key, 1) . "=";
+ ($value, $conf) = split(/=/, $self->{$item}{$key}, 2);
+ $value = $myconfig->{$value} . "/$conf" if ($conf);
+ $str .= $form->escape($value, 1);
+ }
+
+ $str .= " ";
+
+}
+
+sub access_control {
+ $main::lxdebug->enter_sub(2);
+
my ($self, $myconfig, $menulevel) = @_;
my @menu = ();
@@ -110,21 +274,132 @@ sub access_control {
@menu = grep { /^${menulevel}--/ } @{ $self->{ORDER} };
}
- my @a = split /;/, $myconfig->{acs};
+ my @a = split(/;/, $myconfig->{acs});
my $excl = ();
# remove --AR, --AP from array
- grep { ($a, $b) = split /--/; s/--$a$//; } @a;
+ grep { ($a, $b) = split(/--/); s/--$a$//; } @a;
map { $excl{$_} = 1 } @a;
@a = ();
map { push @a, $_ unless $excl{$_} } (@menu);
- $main::lxdebug->leave_sub();
+ $main::lxdebug->leave_sub(2);
return @a;
}
+sub generate_acl {
+ my ($self, $menulevel, $hash) = @_;
+
+ my @items = $self->access_control(\%main::myconfig, $menulevel);
+
+ $menulevel =~ s/[^A-Za-z_\/\.\+\-]/_/g;
+ $hash->{"access_" . lc($menulevel)} = 1 if ($menulevel);
+
+ foreach my $item (@items) {
+ $self->generate_acl($item, $hash); #unless ($menulevel);
+ }
+}
+
+sub parse_access_string {
+ my $self = shift;
+ my $key = shift;
+ my $access = shift;
+
+ my @stack;
+ my $cur_ary = [];
+
+ push @stack, $cur_ary;
+
+ while ($access =~ m/^([a-z_]+|\||\&|\(|\)|\s+)/) {
+ my $token = $1;
+ substr($access, 0, length($1)) = "";
+
+ next if ($token =~ /\s/);
+
+ if ($token eq "(") {
+ my $new_cur_ary = [];
+ push @stack, $new_cur_ary;
+ push @{$cur_ary}, $new_cur_ary;
+ $cur_ary = $new_cur_ary;
+
+ } elsif ($token eq ")") {
+ pop @stack;
+ if (!@stack) {
+ $main::form->error("Error in menu.ini for entry ${key}: missing '('");
+ }
+ $cur_ary = $stack[-1];
+
+ } elsif (($token eq "|") || ($token eq "&")) {
+ push @{$cur_ary}, $token;
+
+ } else {
+ push @{$cur_ary}, $main::auth->check_right($main::form->{login}, $token, 1);
+ }
+ }
+
+ if ($access) {
+ $main::form->error("Error in menu.ini for entry ${name}: unrecognized token at the start of '$access'\n");
+ }
+
+ if (1 < scalar @stack) {
+ $main::form->error("Error in menu.ini for entry ${name}: Missing ')'\n");
+ }
+
+ return SL::Auth::evaluate_rights_ary($stack[0]);
+}
+
+sub set_access {
+ my $self = shift;
+
+ my $key;
+
+ foreach $key (@{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
+
+ $entry->{GRANTED} = $entry->{ACCESS} ? $self->parse_access_string($key, $entry->{ACCESS}) : 1;
+ $entry->{IS_MENU} = $entry->{submenu} || ($key !~ m/--/);
+ $entry->{NUM_VISIBLE_CHILDREN} = 0;
+
+ if ($key =~ m/--/) {
+ my $parent = $key;
+ substr($parent, rindex($parent, '--')) = '';
+ $entry->{GRANTED} &&= $self->{$parent}->{GRANTED};
+ }
+
+ $entry->{VISIBLE} = $entry->{GRANTED};
+ }
+
+ foreach $key (reverse @{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
+
+ if ($entry->{IS_MENU}) {
+ $entry->{VISIBLE} &&= $entry->{NUM_VISIBLE_CHILDREN} > 0;
+ }
+
+ next if (($key !~ m/--/) || !$entry->{VISIBLE});
+
+ my $parent = $key;
+ substr($parent, rindex($parent, '--')) = '';
+ $self->{$parent}->{NUM_VISIBLE_CHILDREN}++;
+ }
+
+# $self->dump_visible();
+
+ $self->{ORDER} = [ grep { $self->{$_}->{VISIBLE} } @{ $self->{ORDER} } ];
+
+ map { delete @{$self->{$_}}{qw(GRANTED IS_MENU NUM_VISIBLE_CHILDREN VISIBLE ACCESS)} if ($_ ne 'ORDER') } keys %{ $self };
+}
+
+sub dump_visible {
+ my $self = shift;
+ foreach my $key (@{ $self->{ORDER} }) {
+ my $entry = $self->{$key};
+ $main::lxdebug->message(0, "$entry->{GRANTED} $entry->{VISIBLE} $entry->{NUM_VISIBLE_CHILDREN} $key");
+ }
+}
+
1;