X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=bin%2Fmozilla%2Fadmin.pl;h=02821989668c7a40ff5face5127cf67e358df650;hb=8ccdbe3d60faaed72573207e3917d43ffae61eca;hp=ef985f40c3ec002588b3f15cd65de55252a279db;hpb=c3cee60334aa81dfb51e5ffe45635d59450c3409;p=kivitendo-erp.git diff --git a/bin/mozilla/admin.pl b/bin/mozilla/admin.pl old mode 100644 new mode 100755 index ef985f40c..028219896 --- a/bin/mozilla/admin.pl +++ b/bin/mozilla/admin.pl @@ -36,20 +36,38 @@ $menufile = "menu.ini"; use DBI; use CGI; - +use English qw(-no_match_vars); +use Fcntl; +use File::Copy; +use IO::File; +use POSIX qw(strftime); +use Sys::Hostname; + +use SL::Auth; use SL::Form; +use SL::Mailer; use SL::User; use SL::Common; +use SL::Inifile; +use SL::DBUpgrade2; +use SL::DBUtils; require "bin/mozilla/common.pl"; +require "bin/mozilla/admin_groups.pl"; our $cgi = new CGI(''); $form = new Form; -$form->{"root"} = "root login"; $locale = new Locale $language, "admin"; +our $auth = SL::Auth->new(); +if ($auth->session_tables_present()) { + $auth->expire_sessions(); + $auth->restore_session(); + $auth->set_session_value('rpw', $form->{rpw}); +} + # customization if (-f "bin/mozilla/custom_$form->{script}") { eval { require "bin/mozilla/custom_$form->{script}"; }; @@ -60,38 +78,27 @@ $form->{stylesheet} = "lx-office-erp.css"; $form->{favicon} = "favicon.ico"; if ($form->{action}) { + if ($auth->authenticate_root($form->{rpw}, 0) != Auth::OK) { + $form->{error_message} = $locale->text('Incorrect Password!'); + adminlogin(); + exit; + } + $auth->create_or_refresh_session() if ($auth->session_tables_present()); - $subroutine = $locale->findsub($form->{action}); + call_sub($locale->findsub($form->{action})); - if ($subroutine eq 'login') { - if ($form->{rpw}) { - $form->{rpw} = crypt $form->{rpw}, "ro"; - } - } +} elsif ($auth->authenticate_root($form->{rpw}, 0) == Auth::OK) { - check_password(); + $auth->create_or_refresh_session() if ($auth->session_tables_present()); - call_sub($subroutine); + login(); } else { - # if there are no drivers bail out $form->error($locale->text('No Database Drivers available!')) unless (User->dbdrivers); - # create memberfile - if (!-f $memberfile) { - open(FH, ">$memberfile") or $form->error("$memberfile : $!"); - print FH qq|# SQL-Ledger Accounting members - -[root login] -password= - -|; - close FH; - } - adminlogin(); } @@ -102,47 +109,220 @@ password= sub adminlogin { - $form->{title} = - qq|Lx-Office ERP $form->{version} | . $locale->text('Administration'); + $form->{title} = qq|Lx-Office ERP $form->{version} | . $locale->text('Administration'); $form->header(); print $form->parse_html_template('admin/adminlogin'); } sub login { + check_auth_db_and_tables(); list_users(); } -sub list_users { +sub logout { + $auth->destroy_session(); + adminlogin(); +} + +sub check_auth_db_and_tables { + my %params; + + map { $params{"db_${_}"} = $auth->{DB_config}->{$_} } keys %{ $auth->{DB_config} }; + + if (!$auth->check_database()) { + $form->{title} = $locale->text('Authentification database creation'); + $form->header(); + print $form->parse_html_template('admin/check_auth_database', \%params); + + exit 0; + } + + if (!$auth->check_tables()) { + $form->{title} = $locale->text('Authentification tables creation'); + $form->header(); + print $form->parse_html_template('admin/check_auth_tables', \%params); + + exit 0; + } + + if (-f $memberfile) { + my $memberdir = ""; + + if ($memberfile =~ m|^.*/|) { + $memberdir = $&; + } + + my $backupdir = "${memberdir}member-file-migration"; + + $form->{title} = $locale->text('User data migration'); + $form->header(); + print $form->parse_html_template('admin/user_migration', { 'memberfile' => $memberfile, + 'backupdir' => $backupdir }); + + exit 0 + } +} + +sub create_auth_db { + $auth->create_database('superuser' => $form->{db_superuser}, + 'superuser_password' => $form->{db_superuser_password}, + 'template' => $form->{db_template}); + login(); +} + +sub create_auth_tables { + $auth->create_tables(); + $auth->set_session_value('rpw', $form->{rpw}); + $auth->create_or_refresh_session(); + + if (!-f $memberfile) { + # New installation -- create a standard group with full access + my $group = { + 'name' => $locale->text('Full Access'), + 'description' => $locale->text('Full access to all functions'), + 'rights' => { map { $_ => 1 } SL::Auth::all_rights() }, + 'members' => [ map { $_->{id} } values %members ], + }; + + $auth->save_group($group); + } + + login(); +} + +sub migrate_users { + $lxdebug->enter_sub(); + + my $memberdir = ""; + + if ($memberfile =~ m|^.*/|) { + $memberdir = $&; + } + + my $backupdir = "${memberdir}member-file-migration"; - $form->error($locale->text('File locked!')) if (-f "${memberfile}.LCK"); + if (! -d $backupdir && !mkdir $backupdir, 0700) { + $form->error(sprintf($locale->text('The directory "%s" could not be created:\n%s'), $backupdir, $!)); + } + + copy $memberfile, "users/member-file-migration/members"; + + my $in = IO::File->new($memberfile, "r"); - open(FH, "$memberfile") or $form->error("$memberfile : $!"); + $form->error($locale->text('Could not open the old memberfile.')) if (!$in); - my %members; + my (%members, $login); - while () { + while (<$in>) { chomp; - if (/^\[.*\]/) { + next if (m/^\s*\#/); + + if (m/^\[.*\]/) { $login = $_; $login =~ s/(\[|\])//g; + $login =~ s/^\s*//; + $login =~ s/\s*$//; $members{$login} = { "login" => $login }; + next; } - if (/^([a-z]+)=(.*)/) { - $members{$login}->{$1} = $2; + if ($login && m/=/) { + my ($key, $value) = split m/\s*=\s*/, $_, 2; + $key =~ s|^\s*||; + $value =~ s|\s*$||; + + $value =~ s|\\r||g; + $value =~ s|\\n|\n|g; + + $members{$login}->{$key} = $value; } } - close(FH); + $in->close(); + + delete $members{"root login"}; + + map { $_->{dbpasswd} = unpack 'u', $_->{dbpasswd} } values %members; + + while (my ($login, $params) = each %members) { + $auth->save_user($login, %{ $params }); + $auth->change_password($login, $params->{password}, 1); + + my $conf_file = "${memberdir}${login}.conf"; + + if (-f $conf_file) { + copy $conf_file, "${backupdir}/${login}.conf"; + unlink $conf_file; + } + } + + unlink $memberfile; + + my @member_list = sort { lc $a->{login} cmp lc $b->{login} } values %members; + + $form->{title} = $locale->text('User data migration'); + $form->header(); + print $form->parse_html_template('admin/user_migration_done', { 'MEMBERS' => \@member_list }); + + $lxdebug->leave_sub(); +} + +sub create_standard_group_ask { + $form->{title} = $locale->text('Create a standard group'); + + $form->header(); + print $form->parse_html_template("admin/create_standard_group_ask"); +} + +sub create_standard_group { + my %members = $auth->read_all_users(); + + my $groups = $auth->read_groups(); + + foreach my $group (values %{$groups}) { + if (($form->{group_id} != $group->{id}) + && ($form->{name} eq $group->{name})) { + $form->show_generic_error($locale->text("A group with that name does already exist.")); + } + } + + my $group = { + 'name' => $locale->text('Full Access'), + 'description' => $locale->text('Full access to all functions'), + 'rights' => { map { $_ => 1 } SL::Auth::all_rights() }, + 'members' => [ map { $_->{id} } values %members ], + }; + + $auth->save_group($group); + + user_migration_complete(1); +} + +sub dont_create_standard_group { + user_migration_complete(0); +} + +sub user_migration_complete { + my $standard_group_created = shift; + + $form->{title} = $locale->text('User migration complete'); + $form->header(); + + print $form->parse_html_template('admin/user_migration_complete', { 'standard_group_created' => $standard_group_created }); +} + +sub list_users { + my %members = $auth->read_all_users(); delete $members{"root login"}; + map { $_->{templates} =~ s|.*/||; } values %members; - $form->{title} = "Lx-Office ERP " . $locale->text('Administration'); - $form->{LOCKED} = -e "$userspath/nologin"; + $form->{title} = "Lx-Office ERP " . $locale->text('Administration'); + $form->{LOCKED} = -e "$userspath/nologin"; $form->{MEMBERS} = [ @members{sort { lc $a cmp lc $b } keys %members} ]; $form->header(); @@ -156,22 +336,19 @@ sub add_user { . $locale->text('Administration') . " / " . $locale->text('Add User'); - $form->{Oracle_sid} = $sid; - $form->{Oracle_dbport} = '1521'; - $form->{Oracle_dbhost} = `hostname`; - my $myconfig = { "vclimit" => 200, "countrycode" => "de", - "numberformat" => "1000,00", + "numberformat" => "1.000,00", "dateformat" => "dd.mm.yy", "stylesheet" => "lx-office-erp.css", + "menustyle" => "v3", }; edit_user_form($myconfig); } -sub edit { +sub edit_user { $form->{title} = "Lx-Office ERP " @@ -182,10 +359,7 @@ sub edit { $form->isblank("login", $locale->text("The login is missing.")); # get user - my $myconfig = new User "$memberfile", "$form->{login}"; - - $myconfig->{signature} =~ s/\\n/\r\n/g; - $myconfig->{address} =~ s/\\n/\r\n/g; + my $myconfig = new User($form->{login}); # strip basedir from templates directory $myconfig->{templates} =~ s|.*/||; @@ -215,7 +389,7 @@ sub edit_user_form { $form->error(sprintf($locale->text("The directory %s does not exist."), $templates)); } - opendir TEMPLATEDIR, "$templates/." or $form->error("$templates : $!"); + opendir TEMPLATEDIR, "$templates/." or $form->error("$templates : $ERRNO"); my @all = readdir(TEMPLATEDIR); my @alldir = sort grep { -d "$templates/$_" && !/^\.\.?$/ } @all; my @allhtml = sort grep { -f "$templates/$_" && /\.html$/ } @all; @@ -249,86 +423,37 @@ sub edit_user_form { map { $form->{"myc_${_}"} = $myconfig->{$_} } keys %{ $myconfig }; - map { $form->{"Pg_${_}"} = $myconfig->{$_} } qw(dbhost dbport dbname dbuser dbpasswd); + my $groups = []; - # access control - my @acsorder = (); - my %acs = (); - my %excl = (); - open(FH, $menufile) or $form->error("$menufile : $!"); + if ($form->{edit}) { + my $user_id = $auth->get_user_id($form->{login}); + my $all_groups = $auth->read_groups(); - while ($item = ) { - next unless $item =~ /\[/; - next if $item =~ /\#/; - - $item =~ s/(\[|\])//g; - chomp $item; - - my ($level, $menuitem); - - if ($item =~ /--/) { - ($level, $menuitem) = split /--/, $item, 2; - } else { - $level = $item; - $menuitem = $item; - push @acsorder, $item; + foreach my $group (values %{ $all_groups }) { + push @{ $groups }, $group if (grep { $user_id == $_ } @{ $group->{members} }); } - $acs{$level} ||= []; - push @{ $acs{$level} }, $menuitem; - - } - - foreach $item (split(/;/, $myconfig->{acs})) { - ($key, $value) = split /--/, $item, 2; - $excl{$key}{$value} = 1; - } - - $form->{ACLS} = []; - $form->{all_acs} = ""; - - foreach $key (@acsorder) { - my $acl = { "checked" => $form->{login} ? !$excl{$key}->{$key} : 1, - "name" => "${key}--${key}", - "title" => $key, - "SUBACLS" => [], }; - $form->{all_acs} .= "${key}--${key};"; - - foreach $item (@{ $acs{$key} }) { - next if ($key eq $item); - - my $subacl = { "checked" => $form->{login} ? !$excl{$key}->{$item} : 1, - "name" => "${key}--${item}", - "title" => $item }; - push @{ $acl->{SUBACLS} }, $subacl; - $form->{all_acs} .= "${key}--${item};"; - } - push @{ $form->{ACLS} }, $acl; + $groups = [ sort { lc $a->{name} cmp lc $b->{name} } @{ $groups } ]; } - chop $form->{all_acs}; + $form->{CAN_CHANGE_PASSWORD} = $auth->can_change_password(); $form->header(); - print $form->parse_html_template("admin/edit_user"); + print $form->parse_html_template("admin/edit_user", { 'GROUPS' => $groups }); } -sub save { - - # no driver checked - $form->error($locale->text('Database Driver not checked!')) - unless $form->{dbdriver}; +sub save_user { + $form->{dbdriver} = 'Pg'; # no spaces allowed in login name - ($form->{login}) = split / /, $form->{login}; - + $form->{login} =~ s|\s||g; $form->isblank("login", $locale->text('Login name missing!')); # check for duplicates if (!$form->{edit}) { - $temp = new User "$memberfile", "$form->{login}"; - - if ($temp->{login}) { - $form->error("$form->{login} " . $locale->text('is already a member!')); + my %members = $auth->read_all_users(); + if ($members{$form->{login}}) { + $form->show_generic_error($locale->text('Another user with the login #1 does already exist.', $form->{login}), 'back_button' => 1); } } @@ -351,41 +476,10 @@ sub save { $form->{templates} =~ s|.*/||; $form->{templates} = "$templates/$form->{templates}"; - $myconfig = new User "$memberfile", "$form->{login}"; + $myconfig = new User($form->{login}); - # redo acs variable and delete all the acs codes - my @acs; - foreach $item (split m|;|, $form->{all_acs}) { - my $name = "ACS_${item}"; - $name =~ s| |+|g; - push @acs, $item if !$form->{$name}; - delete $form->{$name}; - } - $form->{acs} = join ";", @acs; - - # check which database was filled in - if ($form->{dbdriver} eq 'Oracle') { - $form->{sid} = $form->{Oracle_sid},; - $form->{dbhost} = $form->{Oracle_dbhost},; - $form->{dbport} = $form->{Oracle_dbport}; - $form->{dbpasswd} = $form->{Oracle_dbpasswd}; - $form->{dbuser} = $form->{Oracle_dbuser}; - $form->{dbname} = $form->{Oracle_dbuser}; - - $form->isblank("dbhost", $locale->text('Hostname missing!')); - $form->isblank("dbport", $locale->text('Port missing!')); - $form->isblank("dbuser", $locale->text('Dataset missing!')); - } - if ($form->{dbdriver} eq 'Pg') { - $form->{dbhost} = $form->{Pg_dbhost}; - $form->{dbport} = $form->{Pg_dbport}; - $form->{dbpasswd} = $form->{Pg_dbpasswd}; - $form->{dbuser} = $form->{Pg_dbuser}; - $form->{dbname} = $form->{Pg_dbname}; - - $form->isblank("dbname", $locale->text('Dataset missing!')); - $form->isblank("dbuser", $locale->text('Database User missing!')); - } + $form->isblank("dbname", $locale->text('Dataset missing!')); + $form->isblank("dbuser", $locale->text('Database User missing!')); foreach $item (keys %{$form}) { $myconfig->{$item} = $form->{$item}; @@ -396,7 +490,13 @@ sub save { $myconfig->{stylesheet} = $form->{userstylesheet}; } - $myconfig->save_member($memberfile, $userspath); + $myconfig->save_member(); + + if ($auth->can_change_password() + && defined $form->{new_password} + && ($form->{new_password} ne '********')) { + $auth->change_password($form->{login}, $form->{new_password}); + } if ($webdav) { @webdavdirs = @@ -413,7 +513,7 @@ sub save { } close(HTACCESS); } - open(HTACCESS, "> $file") or die "cannot open $file $!\n"; + open(HTACCESS, "> $file") or die "cannot open $file $ERRNO\n"; $newfile .= $myconfig->{login} . ":" . $myconfig->{password} . "\n"; print(HTACCESS $newfile); close(HTACCESS); @@ -428,7 +528,7 @@ sub save { } close(HTACCESS); } - open(HTACCESS, "> $file") or die "cannot open $file $!\n"; + open(HTACCESS, "> $file") or die "cannot open $file $ERRNO\n"; print(HTACCESS $newfile); close(HTACCESS); } @@ -448,18 +548,18 @@ sub save { umask(007); # copy templates to the directory - opendir TEMPLATEDIR, "$templates/." or $form - error("$templates : $!"); - @templates = grep /$form->{mastertemplates}.*?\.(html|tex|sty|xml|txb)$/, + opendir TEMPLATEDIR, "$templates/." or $form - error("$templates : $ERRNO"); + @templates = grep /$form->{mastertemplates}.*?\.(html|tex|sty|odt|xml|txb)$/, readdir TEMPLATEDIR; closedir TEMPLATEDIR; foreach $file (@templates) { open(TEMP, "$templates/$file") - or $form->error("$templates/$file : $!"); + or $form->error("$templates/$file : $ERRNO"); - $file =~ s/$form->{mastertemplates}-//; + $file =~ s/\Q$form->{mastertemplates}\E-//; open(NEW, ">$form->{templates}/$file") - or $form->error("$form->{templates}/$file : $!"); + or $form->error("$form->{templates}/$file : $ERRNO"); while ($line = ) { print NEW $line; @@ -468,96 +568,58 @@ sub save { close(NEW); } } else { - $form->error("$!: $form->{templates}"); + $form->error("$ERRNO: $form->{templates}"); } } - $form->redirect($locale->text('User saved!')); - -} - -sub delete { - - $form->{templates} = - ($form->{templates}) - ? "$templates/$form->{templates}" - : "$templates/$form->{login}"; - - $form->error($locale->text('File locked!')) if (-f ${memberfile} . LCK); - open(FH, ">${memberfile}.LCK") or $form->error("${memberfile}.LCK : $!"); - close(FH); - - open(CONF, "+<$memberfile") or $form->error("$memberfile : $!"); - - @config = ; + # Add new user to his groups. + if (ref $form->{new_user_group_ids} eq 'ARRAY') { + my $all_groups = $auth->read_groups(); + my %user = $auth->read_user($form->{login}); - seek(CONF, 0, 0); - truncate(CONF, 0); + foreach my $group_id (@{ $form->{new_user_group_ids} }) { + my $group = $all_groups->{$group_id}; - while ($line = shift @config) { + next if !$group; - if ($line =~ /^\[/) { - last if ($line =~ /\[$form->{login}\]/); - $login = login_name($line); + push @{ $group->{members} }, $user{id}; + $auth->save_group($group); } - - if ($line =~ /^templates=/) { - $user{$login} = get_value($line); - } - - print CONF $line; } - # remove everything up to next login or EOF - # and save template variable - while ($line = shift @config) { - if ($line =~ /^templates=/) { - $templatedir = get_value($line); - } - last if ($line =~ /^\[/); - } + $form->redirect($locale->text('User saved!')); - # this one is either the next login or EOF - print CONF $line; +} - $login = login_name($line); +sub save_user_as_new { + $form->{login} = $form->{new_user_login}; + delete @{$form}{qw(edit new_user_login)}; - while ($line = shift @config) { - if ($line =~ /^\[/) { - $login = login_name($line); - } + save_user(); +} - if ($line =~ /^templates=/) { - $user{$login} = get_value($line); - } +sub delete_user { + my %members = $auth->read_all_users(); + my $templates = $members{$form->{login}}->{templates}; - print CONF $line; - } + $auth->delete_user($form->{login}); - close(CONF); - unlink "${memberfile}.LCK"; + if ($templates) { + my $templates_in_use = 0; - # scan %user for $templatedir - foreach $login (keys %user) { - last if ($found = ($templatedir eq $user{$login})); - } - - # if found keep directory otherwise delete - if (!$found) { + foreach $login (keys %members) { + next if $form->{login} eq $login; + next if $members{$login}->{templates} ne $templates; + $templates_in_use = 1; + last; + } - # delete it if there is a template directory - $dir = "$form->{templates}"; - if (-d "$dir") { - unlink <$dir/*.html>; - unlink <$dir/*.tex>; - unlink <$dir/*.sty>; - rmdir "$dir"; + if (!$templates_in_use && -d $templates) { + unlink <$templates/*>; + rmdir $templates; } } - # delete config file for user - unlink "$userspath/$form->{login}.conf"; - $form->redirect($locale->text('User deleted!')); } @@ -584,324 +646,317 @@ sub get_value { $value; } -sub change_admin_password { +sub pg_database_administration { - $form->{title} = - qq|Lx-Office ERP | - . $locale->text('Administration') . " / " - . $locale->text('Change Admin Password'); + $form->{dbdriver} = 'Pg'; + dbselect_source(); - $form->header(); - print $form->parse_html_template("admin/change_admin_password"); } -sub change_password { - if ($form->{"password"} ne $form->{"password_again"}) { - $form->{title} = - qq|Lx-Office ERP | - . $locale->text('Administration') . " / " - . $locale->text('Change Admin Password'); - - $form->header(); - $form->error($locale->text("The passwords do not match.")); - } - - $root->{password} = $form->{password}; - - $root->{'root login'} = 1; - $root->save_member($memberfile); - - $form->{callback} = - "$form->{script}?action=list_users&rpw=$root->{password}"; - - $form->redirect($locale->text('Password changed!')); -} +sub dbselect_source { + $form->{dbport} = '5432'; + $form->{dbuser} = 'postgres'; + $form->{dbdefault} = 'template1'; + $form->{dbhost} = 'localhost'; -sub check_password { - $root = new User "$memberfile", $form->{root}; + $form->{title} = "Lx-Office ERP / " . $locale->text('Database Administration'); - if (!defined($root->{password}) || ($root->{password} ne $form->{rpw})) { - $form->error($locale->text('Incorrect Password!')); - } + # Intentionnaly disabled unless fixed to work with the authentication DB. + $form->{ALLOW_DBBACKUP} = 0; # "$pg_dump_exe" ne "DISABLED"; + $form->header(); + print $form->parse_html_template("admin/dbadmin"); } -sub pg_database_administration { - +sub test_db_connection { $form->{dbdriver} = 'Pg'; - dbselect_source(); + User::dbconnect_vars($form, $form->{dbname}); -} + my $dbh = DBI->connect($form->{dbconnect}, $form->{dbuser}, $form->{dbpasswd}); -sub oracle_database_administration { + $form->{connection_ok} = $dbh ? 1 : 0; + $form->{errstr} = $DBI::errstr; - $form->{dbdriver} = 'Oracle'; - dbselect_source(); + $dbh->disconnect() if ($dbh); + $form->{title} = $locale->text('Database Connection Test'); + $form->header(); + print $form->parse_html_template("admin/test_db_connection"); } -sub dbdriver_defaults { - - # load some defaults for the selected driver - %driverdefaults = ( - 'Pg' => { dbport => '5432', - dbuser => 'postgres', - dbdefault => 'template1', - dbhost => 'localhost', - connectstring => $locale->text('Connect to') - }, - 'Oracle' => { dbport => '1521', - dbuser => 'oralin', - dbdefault => $sid, - dbhost => `hostname`, - connectstring => 'SID' - }); - - map { $form->{$_} = $driverdefaults{ $form->{dbdriver} }{$_} } - keys %{ $driverdefaults{Pg} }; - +sub continue { + call_sub($form->{"nextsub"}); } -sub dbselect_source { - - dbdriver_defaults(); - - $msg{Pg} = - $locale->text( - 'Leave host and port field empty unless you want to make a remote connection.' - ); - $msg{Oracle} = - $locale->text( - 'You must enter a host and port for local and remote connections!'); +sub back { + call_sub($form->{"back_nextsub"}); +} +sub update_dataset { $form->{title} = - "Lx-Office ERP / " . $locale->text('Database Administration'); + "Lx-Office ERP " + . $locale->text('Database Administration') . " / " + . $locale->text('Update Dataset'); - $form->header; + my @need_updates = User->dbneedsupdate($form); + $form->{NEED_UPDATES} = \@need_updates; + $form->{ALL_UPDATED} = !scalar @need_updates; - print qq| - + $form->header(); + print $form->parse_html_template("admin/update_dataset"); +} +sub dbupdate { + $form->{stylesheet} = "lx-office-erp.css"; + $form->{title} = $locale->text("Dataset upgrade"); + $form->header(); -
-

$form->{title}

+ my $rowcount = $form->{rowcount} * 1; + my @update_rows = grep { $form->{"update_$_"} } (1 .. $rowcount); + $form->{NOTHING_TO_DO} = !scalar @update_rows; + my $saved_form = save_form(); -
{script}> + $| = 1; - - -
+ print $form->parse_html_template("admin/dbupgrade_all_header"); - + foreach my $i (@update_rows) { + restore_form($saved_form); - - - + map { $form->{$_} = $form->{"${_}_${i}"} } qw(dbname dbdriver dbhost dbport dbuser dbpasswd); -{dbdriver}> + my $controls = parse_dbupdate_controls($form, $form->{dbdriver}); - -
| . $locale->text('Database') . qq|
- + print $form->parse_html_template("admin/dbupgrade_header"); - + $form->{dbupdate} = $form->{dbname}; + $form->{$form->{dbname}} = 1; - - - - + User->dbupdate($form); + User->dbupdate2($form, $controls); - + print $form->parse_html_template("admin/dbupgrade_footer"); + } - + print $form->parse_html_template("admin/dbupgrade_all_done"); +} - - - - +sub create_dataset { + $form->{dbsources} = join " ", map { "[${_}]" } sort User->dbsources($form); - + $form->{CHARTS} = []; - + opendir SQLDIR, "sql/." or $form - error($ERRNO); + foreach $item (sort grep /-chart\.sql\z/, readdir SQLDIR) { + next if ($item eq 'Default-chart.sql'); + $item =~ s/-chart\.sql//; + push @{ $form->{CHARTS} }, { "name" => $item, + "selected" => $item eq "Germany-DATEV-SKR03EU" }; + } + closedir SQLDIR; - - + my $default_charset = $dbcharset; + $default_charset ||= Common::DEFAULT_CHARSET; - + my $cluster_encoding = User->dbclusterencoding($form); + if ($cluster_encoding && ($cluster_encoding =~ m/^(?:UTF-?8|UNICODE)$/i)) { + if ($dbcharset !~ m/^UTF-?8$/i) { + $form->show_generic_error($locale->text('The selected PostgreSQL installation uses UTF-8 as its encoding. ' . + 'Therefore you have to configure Lx-Office to use UTF-8 as well.'), + 'back_button' => 1); + } -
| . $locale->text('Host') . qq|{dbhost}>| . $locale->text('Port') . qq|{dbport}>
| . $locale->text('User') . qq|| . $locale->text('Password') . qq|
$form->{connectstring}{dbdefault}>
+ $form->{FORCE_DBENCODING} = 'UNICODE'; -
+ } else { + $form->{DBENCODINGS} = []; - -{rpw}> + foreach my $encoding (@Common::db_encodings) { + push @{ $form->{DBENCODINGS} }, { "dbencoding" => $encoding->{dbencoding}, + "label" => $encoding->{label}, + "selected" => $encoding->{charset} eq $default_charset }; + } + } -
+ $form->{title} = + "Lx-Office ERP " + . $locale->text('Database Administration') . " / " + . $locale->text('Create Dataset'); -|; -# Vorübergehend Deaktiviert -# -print qq| + $form->header(); + print $form->parse_html_template("admin/create_dataset"); +} - +sub dbcreate { + $form->isblank("db", $locale->text('Dataset missing!')); -
+ User->dbcreate(\%$form); -

| - . $locale->text( - 'This is a preliminary check for existing sources. Nothing will be created or deleted at this stage!' - ) + $form->{title} = + "Lx-Office ERP " + . $locale->text('Database Administration') . " / " + . $locale->text('Create Dataset'); - . qq| -
$msg{$form->{dbdriver}} + $form->header(); + print $form->parse_html_template("admin/dbcreate"); +} +sub delete_dataset { + @dbsources = User->dbsources_unused($form); + $form->error($locale->text('Nothing to delete!')) unless @dbsources; - - -|; + $form->{title} = + "Lx-Office ERP " + . $locale->text('Database Administration') . " / " + . $locale->text('Delete Dataset'); + $form->{DBSOURCES} = [ map { { "name", $_ } } sort @dbsources ]; + $form->header(); + print $form->parse_html_template("admin/delete_dataset"); } -sub continue { - call_sub($form->{"nextsub"}); -} +sub dbdelete { -sub update_dataset { + if (!$form->{db}) { + $form->error($locale->text('No Dataset selected!')); + } - %needsupdate = User->dbneedsupdate(\%$form); + User->dbdelete(\%$form); $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " - . $locale->text('Update Dataset'); + . $locale->text('Delete Dataset'); + $form->header(); + print $form->parse_html_template("admin/dbdelete"); +} - $form->header; +sub backup_dataset { + $form->{title} = + "Lx-Office ERP " + . $locale->text('Database Administration') . " / " + . $locale->text('Backup Dataset'); - print qq| - + if ("$pg_dump_exe" eq "DISABLED") { + $form->error($locale->text('Database backups and restorations are disabled in lx-erp.conf.')); + } + my @dbsources = sort User->dbsources($form); + $form->{DATABASES} = [ map { { "dbname" => $_ } } @dbsources ]; + $form->{NO_DATABASES} = !scalar @dbsources; -

-

$form->{title}

-|; - my $field_id = 0; - foreach $key (sort keys %needsupdate) { - if ($needsupdate{$key} ne $form->{dbversion}) { - $upd .= qq| $key\n|; - $form->{dbupdate} .= "db$key "; - $field_id++; - } - } + my $username = getpwuid $UID || "unknown-user"; + my $hostname = hostname() || "unknown-host"; + $form->{from} = "Lx-Office Admin <${username}\@${hostname}>"; - chop $form->{dbupdate}; + $form->header(); + print $form->parse_html_template("admin/backup_dataset"); +} - if ($form->{dbupdate}) { +sub backup_dataset_start { + $form->{title} = + "Lx-Office ERP " + . $locale->text('Database Administration') . " / " + . $locale->text('Backup Dataset'); - print qq| - -{script}> + $pg_dump_exe ||= "pg_dump"; - - - - - - + if ("$pg_dump_exe" eq "DISABLED") { + $form->error($locale->text('Database backups and restorations are disabled in lx-erp.conf.')); + } - - - - - - - - -
| . $locale->text('The following Datasets need to be updated') . qq|
+ $form->isblank("dbname", $locale->text('The dataset name is missing.')); + $form->isblank("to", $locale->text('The email address is missing.')) if $form->{destination} eq "email"; -$upd + my $tmpdir = "/tmp/lx_office_backup_" . Common->unique_id(); + mkdir $tmpdir, 0700 || $form->error($locale->text('A temporary directory could not be created:') . " $ERRNO"); -
+ my $pgpass = IO::File->new("${tmpdir}/.pgpass", O_WRONLY | O_CREAT, 0600); - + if (!$pgpass) { + unlink $tmpdir; + $form->error($locale->text('A temporary file could not be created:') . " $ERRNO"); + } - + print $pgpass "$form->{dbhost}:$form->{dbport}:$form->{dbname}:$form->{dbuser}:$form->{dbpasswd}\n"; + $pgpass->close(); -{rpw}> + $ENV{HOME} = $tmpdir; - + my @args = ("-Ft", "-c", "-o", "-h", $form->{dbhost}, "-U", $form->{dbuser}); + push @args, ("-p", $form->{dbport}) if ($form->{dbport}); + push @args, $form->{dbname}; -
+ my $cmd = "${pg_dump_exe} " . join(" ", map { s/\\/\\\\/g; s/\"/\\\"/g; $_ } @args); + my $name = "dataset_backup_$form->{dbname}_" . strftime("%Y%m%d", localtime()) . ".tar"; -
- + if ($form->{destination} ne "email") { + my $in = IO::File->new("$cmd |"); -
- -|; + if (!$in) { + unlink "${tmpdir}/.pgpass"; + rmdir $tmpdir; - } else { + $form->error($locale->text('The pg_dump process could not be started.')); + } - print $locale->text('All Datasets up to date!'); + print "content-type: application/x-tar\n"; + print "content-disposition: attachment; filename=\"${name}\"\n\n"; - } + while (my $line = <$in>) { + print $line; + } - print qq| + $in->close(); - - -|; + unlink "${tmpdir}/.pgpass"; + rmdir $tmpdir; -} + } else { + my $tmp = $tmpdir . "/dump_" . Common::unique_id(); -sub dbupdate { - $form->{"stylesheet"} = "lx-office-erp.css"; - $form->{"title"} = $main::locale->text("Dataset upgrade"); - $form->header(); - my $dbname = - join(" ", - map({ s/\s//g; s/^db//; $_; } - grep({ $form->{$_} } - split(/\s+/, $form->{"dbupdate"})))); - print($form->parse_html_template("dbupgrade/header", - { "dbname" => $dbname })); + if (system("$cmd > $tmp") != 0) { + unlink "${tmpdir}/.pgpass", $tmp; + rmdir $tmpdir; - User->dbupdate(\%$form); + $form->error($locale->text('The pg_dump process could not be started.')); + } - print qq| -
+ my $mail = new Mailer; -| . $locale->text('Dataset updated!') . qq| + map { $mail->{$_} = $form->{$_} } qw(from to cc subject message); -
+ $mail->{charset} = $dbcharset ? $dbcharset : Common::DEFAULT_CHARSET; + $mail->{attachments} = [ { "filename" => $tmp, "name" => $name } ]; + $mail->send(); -| . $locale->text("Continue") . qq||; + unlink "${tmpdir}/.pgpass", $tmp; + rmdir $tmpdir; -} + $form->{title} = + "Lx-Office ERP " + . $locale->text('Database Administration') . " / " + . $locale->text('Backup Dataset'); -sub create_dataset { - $form->{dbsources} = join " ", map { "[${_}]" } sort User->dbsources(\%$form); + $form->header(); + print $form->parse_html_template("admin/backup_dataset_email_done"); + } +} - $form->{CHARTS} = []; +sub restore_dataset { + $form->{title} = + "Lx-Office ERP " + . $locale->text('Database Administration') . " / " + . $locale->text('Restore Dataset'); - opendir SQLDIR, "sql/." or $form - error($!); - foreach $item (sort grep /-chart\.sql\z/, readdir SQLDIR) { - next if ($item eq 'Default-chart.sql'); - $item =~ s/-chart\.sql//; - push @{ $form->{CHARTS} }, { "name" => $item, - "selected" => $item eq "Germany-DATEV-SKR03EU" }; + if ("$pg_restore_exe" eq "DISABLED") { + $form->error($locale->text('Database backups and restorations are disabled in lx-erp.conf.')); } - closedir SQLDIR; - my $default_charset = $dbcharset; - $default_charset ||= Common::DEFAULT_CHARSET; + my $default_charset = $dbcharset; + $default_charset ||= Common::DEFAULT_CHARSET; - $form->{DBENCODINGS} = []; + $form->{DBENCODINGS} = []; foreach my $encoding (@Common::db_encodings) { push @{ $form->{DBENCODINGS} }, { "dbencoding" => $encoding->{dbencoding}, @@ -909,66 +964,138 @@ sub create_dataset { "selected" => $encoding->{charset} eq $default_charset }; } + $form->header(); + print $form->parse_html_template("admin/restore_dataset"); +} + +sub restore_dataset_start { $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " - . $locale->text('Create Dataset'); + . $locale->text('Restore Dataset'); - $form->header(); - print $form->parse_html_template("admin/create_dataset"); -} + $pg_restore_exe ||= "pg_restore"; -sub dbcreate { - $form->isblank("db", $locale->text('Dataset missing!')); + if ("$pg_restore_exe" eq "DISABLED") { + $form->error($locale->text('Database backups and restorations are disabled in lx-erp.conf.')); + } - User->dbcreate(\%$form); + $form->isblank("new_dbname", $locale->text('The dataset name is missing.')); + $form->isblank("content", $locale->text('No backup file has been uploaded.')); - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Create Dataset'); + # Create temporary directories. Write the backup file contents to a temporary + # file. Create a .pgpass file with the username and password for the pg_restore + # utility. - $form->header(); - print $form->parse_html_template("admin/dbcreate"); -} + my $tmpdir = "/tmp/lx_office_backup_" . Common->unique_id(); + mkdir $tmpdir, 0700 || $form->error($locale->text('A temporary directory could not be created:') . " $ERRNO"); -sub delete_dataset { - @dbsources = User->dbsources_unused(\%$form, $memberfile); - $form->error($locale->text('Nothing to delete!')) unless @dbsources; + my $pgpass = IO::File->new("${tmpdir}/.pgpass", O_WRONLY | O_CREAT, 0600); - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Delete Dataset'); - $form->{DBSOURCES} = [ map { { "name", $_ } } sort @dbsources ]; + if (!$pgpass) { + unlink $tmpdir; + $form->error($locale->text('A temporary file could not be created:') . " $ERRNO"); + } - $form->header(); - print $form->parse_html_template("admin/delete_dataset"); -} + print $pgpass "$form->{dbhost}:$form->{dbport}:$form->{new_dbname}:$form->{dbuser}:$form->{dbpasswd}\n"; + $pgpass->close(); -sub dbdelete { + $ENV{HOME} = $tmpdir; - if (!$form->{db}) { - $form->error($locale->text('No Dataset selected!')); + my $tmp = $tmpdir . "/dump_" . Common::unique_id(); + my $tmpfile; + + if (substr($form->{content}, 0, 2) eq "\037\213") { + $tmpfile = IO::File->new("| gzip -d > $tmp"); + $tmpfile->binary(); + + } else { + $tmpfile = IO::File->new($tmp, O_WRONLY | O_CREAT | O_BINARY, 0600); } - User->dbdelete(\%$form); + if (!$tmpfile) { + unlink "${tmpdir}/.pgpass"; + rmdir $tmpdir; - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Delete Dataset'); + $form->error($locale->text('A temporary file could not be created:') . " $ERRNO"); + } + + print $tmpfile $form->{content}; + $tmpfile->close(); + + delete $form->{content}; + + # Try to connect to the database. Find out if a database with the same name exists. + # If yes, then drop the existing database. Create a new one with the name and encoding + # given by the user. + + User::dbconnect_vars($form, "template1"); + + my %myconfig = map { $_ => $form->{$_} } grep /^db/, keys %{ $form }; + my $dbh = $form->dbconnect(\%myconfig) || $form->dberror(); + + my ($query, $sth); + + $form->{new_dbname} =~ s|[^a-zA-Z0-9_\-]||g; + + $query = qq|SELECT COUNT(*) FROM pg_database WHERE datname = ?|; + my ($count) = selectrow_query($form, $dbh, $query, $form->{new_dbname}); + if ($count) { + do_query($form, $dbh, qq|DROP DATABASE $form->{new_dbname}|); + } + + my $found = 0; + foreach my $item (@Common::db_encodings) { + if ($item->{dbencoding} eq $form->{dbencoding}) { + $found = 1; + last; + } + } + $form->{dbencoding} = "LATIN9" unless $form->{dbencoding}; + + do_query($form, $dbh, qq|CREATE DATABASE $form->{new_dbname} ENCODING ? TEMPLATE template0|, $form->{dbencoding}); + + $dbh->disconnect(); + + # Spawn pg_restore on the temporary file. + + my @args = ("-h", $form->{dbhost}, "-U", $form->{dbuser}, "-d", $form->{new_dbname}); + push @args, ("-p", $form->{dbport}) if ($form->{dbport}); + push @args, $tmp; + + my $cmd = "${pg_restore_exe} " . join(" ", map { s/\\/\\\\/g; s/\"/\\\"/g; $_ } @args); + + my $in = IO::File->new("$cmd 2>&1 |"); + + if (!$in) { + unlink "${tmpdir}/.pgpass", $tmp; + rmdir $tmpdir; + + $form->error($locale->text('The pg_restore process could not be started.')); + } + + $AUTOFLUSH = 1; $form->header(); - print $form->parse_html_template("admin/dbdelete"); + print $form->parse_html_template("admin/restore_dataset_start_header"); + + while (my $line = <$in>) { + print $line; + } + $in->close(); + + $form->{retval} = $CHILD_ERROR >> 8; + print $form->parse_html_template("admin/restore_dataset_start_footer"); + + unlink "${tmpdir}/.pgpass", $tmp; + rmdir $tmpdir; } sub unlock_system { unlink "$userspath/nologin"; - $form->{callback} = - "$form->{script}?action=list_users&rpw=$root->{password}"; + $form->{callback} = "admin.pl?action=list_users"; $form->redirect($locale->text('Lockfile removed!')); @@ -980,9 +1107,58 @@ sub lock_system { or $form->error($locale->text('Cannot create Lock!')); close(FH); - $form->{callback} = - "$form->{script}?action=list_users&rpw=$root->{password}"; + $form->{callback} = "admin.pl?action=list_users"; $form->redirect($locale->text('Lockfile created!')); } + +sub yes { + call_sub($form->{yes_nextsub}); +} + +sub no { + call_sub($form->{no_nextsub}); +} + +sub add { + call_sub($form->{add_nextsub}); +} + +sub edit { + $form->{edit_nextsub} ||= 'edit_user'; + + call_sub($form->{edit_nextsub}); +} + +sub delete { + $form->{delete_nextsub} ||= 'delete_user'; + + call_sub($form->{delete_nextsub}); +} + +sub save { + $form->{save_nextsub} ||= 'save_user'; + + call_sub($form->{save_nextsub}); +} + +sub back { + call_sub($form->{back_nextsub}); +} + +sub dispatcher { + foreach my $action (qw(create_standard_group dont_create_standard_group + save_user delete_user save_user_as_new)) { + if ($form->{"action_${action}"}) { + call_sub($action); + return; + } + } + + call_sub($form->{default_action}) if ($form->{default_action}); + + $form->error($locale->text('No action defined.')); +} + +1;