X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=bin%2Fmozilla%2Fadmin.pl;h=eee799958f92a7173a98634dd926e4ffd91b35a6;hb=1e513d1dc428b188ac7acbf06de82d32c5d79f1a;hp=a08891a8f825897c05366bb65d8aeee57f8cc2fb;hpb=57bf9c89a037036fcf433de39643778854defe51;p=kivitendo-erp.git diff --git a/bin/mozilla/admin.pl b/bin/mozilla/admin.pl index a08891a8f..eee799958 100755 --- a/bin/mozilla/admin.pl +++ b/bin/mozilla/admin.pl @@ -32,8 +32,6 @@ # #====================================================================== -my $menufile = "menu.ini"; - use DBI; use CGI; use English qw(-no_match_vars); @@ -44,7 +42,9 @@ use POSIX qw(strftime); use Sys::Hostname; use SL::Auth; +use SL::Auth::PasswordPolicy; use SL::Form; +use SL::Iconv; use SL::Mailer; use SL::User; use SL::Common; @@ -54,62 +54,55 @@ use SL::DBUtils; require "bin/mozilla/common.pl"; require "bin/mozilla/admin_groups.pl"; +require "bin/mozilla/admin_printer.pl"; use strict; -our $cgi = new CGI(''); -our $form = new Form; -our $locale = new Locale $main::language, "admin"; -our $auth = SL::Auth->new(); - -if ($auth->session_tables_present()) { - $auth->expire_sessions(); - $auth->restore_session(); - $auth->set_session_value('rpw', $form->{rpw}); -} +our $cgi; +our $form; +our $locale; +our $auth; -# customization -if (-f "bin/mozilla/custom_$form->{script}") { - eval { require "bin/mozilla/custom_$form->{script}"; }; - $form->error($@) if ($@); -} +sub run { + $::lxdebug->enter_sub; + my $session_result = shift; -$form->{stylesheet} = "lx-office-erp.css"; -$form->{favicon} = "favicon.ico"; + $cgi = $::cgi; + $form = $::form; + $locale = $::locale; + $auth = $::auth; -if ($form->{action}) { - if ($auth->authenticate_root($form->{rpw}, 0) != $auth->OK()) { - $form->{error_message} = $locale->text('Incorrect Password!'); - adminlogin(); - exit; - } + $::auth->set_session_value('rpw', $::form->{rpw}) if $session_result == SL::Auth->SESSION_OK; - $auth->create_or_refresh_session() if ($auth->session_tables_present()); - - call_sub($locale->findsub($form->{action})); - -} elsif ($auth->authenticate_root($form->{rpw}, 0) == $auth->OK()) { - - $auth->create_or_refresh_session() if ($auth->session_tables_present()); - - login(); + $form->{stylesheet} = "lx-office-erp.css"; + $form->{favicon} = "favicon.ico"; -} else { - # if there are no drivers bail out - $form->error($locale->text('No Database Drivers available!')) - unless (User->dbdrivers); + if ($form->{action}) { + if ($auth->authenticate_root($form->{rpw}, 0) != $auth->OK()) { + $form->{error_message} = $locale->text('Incorrect Password!'); + adminlogin(); + } else { + if ($auth->session_tables_present()) { + $::auth->set_session_value('rpw', $::form->{rpw}); + $::auth->create_or_refresh_session(); + _apply_dbupgrade_scripts(); + } - adminlogin(); + call_sub($locale->findsub($form->{action})); + } + } else { + # if there are no drivers bail out + $form->error($locale->text('No Database Drivers available!')) + unless (User->dbdrivers); + adminlogin(); + } + $::lxdebug->leave_sub; } -1; - -# end - sub adminlogin { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; $form->{title} = qq|Lx-Office ERP $form->{version} | . $locale->text('Administration'); @@ -128,8 +121,8 @@ sub logout { } sub check_auth_db_and_tables { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; my %params; @@ -140,7 +133,7 @@ sub check_auth_db_and_tables { $form->header(); print $form->parse_html_template('admin/check_auth_database', \%params); - exit 0; + ::end_of_request(); } if (!$main::auth->check_tables()) { @@ -148,7 +141,7 @@ sub check_auth_db_and_tables { $form->header(); print $form->parse_html_template('admin/check_auth_tables', \%params); - exit 0; + ::end_of_request(); } if (-f $main::memberfile) { @@ -165,22 +158,22 @@ sub check_auth_db_and_tables { print $form->parse_html_template('admin/user_migration', { 'memberfile' => $main::memberfile, 'backupdir' => $backupdir }); - exit 0 + ::end_of_request(); } } sub create_auth_db { - my $form = $main::form; + my $form = $main::form; $main::auth->create_database('superuser' => $form->{db_superuser}, - 'superuser_password' => $form->{db_superuser_password}, - 'template' => $form->{db_template}); + 'superuser_password' => $form->{db_superuser_password}, + 'template' => $form->{db_template}); login(); } sub create_auth_tables { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; $main::auth->create_tables(); $main::auth->set_session_value('rpw', $form->{rpw}); @@ -205,8 +198,8 @@ sub create_auth_tables { sub migrate_users { $main::lxdebug->enter_sub(); - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; my $memberdir = ""; @@ -285,8 +278,8 @@ sub migrate_users { } sub create_standard_group_ask { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; $form->{title} = $locale->text('Create a standard group'); @@ -295,12 +288,12 @@ sub create_standard_group_ask { } sub create_standard_group { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; my %members = $main::auth->read_all_users(); - my $groups = $main::auth->read_groups(); + my $groups = $main::auth->read_groups(); foreach my $group (values %{$groups}) { if (($form->{group_id} != $group->{id}) @@ -328,8 +321,8 @@ sub dont_create_standard_group { sub user_migration_complete { my $standard_group_created = shift; - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; $form->{title} = $locale->text('User migration complete'); $form->header(); @@ -338,8 +331,8 @@ sub user_migration_complete { } sub list_users { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; my %members = $main::auth->read_all_users(); @@ -356,37 +349,35 @@ sub list_users { } sub add_user { + my $form = $main::form; + my $locale = $main::locale; - my $form = $main::form; - my $locale = $main::locale; - - $form->{title} = - "Lx-Office ERP " - . $locale->text('Administration') . " / " - . $locale->text('Add User'); + $form->{title} = "Lx-Office ERP " . $locale->text('Administration') . " / " . $locale->text('Add User'); - my $myconfig = { +# Note: Menu Style 'v3' is not compatible to all browsers! +# "menustyle" => "old" sets the HTML Menu to default. + my $myconfig = { "vclimit" => 200, "countrycode" => "de", "numberformat" => "1.000,00", "dateformat" => "dd.mm.yy", "stylesheet" => "lx-office-erp.css", - "menustyle" => "v3", + "menustyle" => "old", + dbport => $::auth->{DB_config}->{port} || 5432, + dbuser => $::auth->{DB_config}->{user} || 'lxoffice', + dbhost => $::auth->{DB_config}->{host} || 'localhost', }; + edit_user_form($myconfig); } sub edit_user { - my $form = $main::form; - my $locale = $main::locale; - + my $form = $main::form; + my $locale = $main::locale; - $form->{title} = - "Lx-Office ERP " - . $locale->text('Administration') . " / " - . $locale->text('Edit User'); - $form->{edit} = 1; + $form->{title} = "Lx-Office ERP " . $locale->text('Administration') . " / " . $locale->text('Edit User'); + $form->{edit} = 1; $form->isblank("login", $locale->text("The login is missing.")); @@ -402,8 +393,8 @@ sub edit_user { sub edit_user_form { my ($myconfig) = @_; - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; my @valid_dateformats = qw(mm-dd-yy mm/dd/yy dd-mm-yy dd/mm/yy dd.mm.yy yyyy-mm-dd); $form->{ALL_DATEFORMATS} = [ map { { "format" => $_, "selected" => $_ eq $myconfig->{dateformat} } } @valid_dateformats ]; @@ -478,8 +469,8 @@ sub edit_user_form { } sub save_user { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; $form->{dbdriver} = 'Pg'; @@ -530,50 +521,6 @@ sub save_user { $myconfig->save_member(); - if ($main::auth->can_change_password() - && defined $form->{new_password} - && ($form->{new_password} ne '********')) { - $main::auth->change_password($form->{login}, $form->{new_password}); - } - - my ($login, $password, $newfile); - if ($main::webdav) { - my @webdavdirs = - qw(angebote bestellungen rechnungen anfragen lieferantenbestellungen einkaufsrechnungen); - foreach my $directory (@webdavdirs) { - my $file = "webdav/" . $directory . "/webdav-user"; - if ($form->{$directory}) { - if (open(HTACCESS, "$file")) { - while () { - ($login, $password) = split(/:/, $_); - if ($login ne $form->{login}) { - $newfile .= $_; - } - } - close(HTACCESS); - } - open(HTACCESS, "> $file") or die "cannot open $file $ERRNO\n"; - $newfile .= $myconfig->{login} . ":" . $myconfig->{password} . "\n"; - print(HTACCESS $newfile); - close(HTACCESS); - } else { - $form->{$directory} = 0; - if (open(HTACCESS, "$file")) { - while () { - ($login, $password) = split(/:/, $_); - if ($login ne $form->{login}) { - $newfile .= $_; - } - } - close(HTACCESS); - } - open(HTACCESS, "> $file") or die "cannot open $file $ERRNO\n"; - print(HTACCESS $newfile); - close(HTACCESS); - } - } - } - $form->{templates} =~ s|.*/||; $form->{templates} = "$main::templates/$form->{templates}"; $form->{mastertemplates} =~ s|.*/||; @@ -626,12 +573,24 @@ sub save_user { } } - $form->redirect($locale->text('User saved!')); + if ($main::auth->can_change_password() + && defined $form->{new_password} + && ($form->{new_password} ne '********')) { + my $verifier = SL::Auth::PasswordPolicy->new; + my $result = $verifier->verify($form->{new_password}, 1); + if ($result != SL::Auth::PasswordPolicy->OK()) { + $form->error($::locale->text('The settings were saved, but the password was not changed.') . ' ' . join(' ', $verifier->errors($result))); + } + + $main::auth->change_password($form->{login}, $form->{new_password}); + } + + $form->redirect($locale->text('User saved!')); } sub save_user_as_new { - my $form = $main::form; + my $form = $main::form; $form->{login} = $form->{new_user_login}; delete @{$form}{qw(edit new_user_login)}; @@ -640,8 +599,8 @@ sub save_user_as_new { } sub delete_user { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; my %members = $main::auth->read_all_users(); my $templates = $members{$form->{login}}->{templates}; @@ -677,10 +636,7 @@ sub login_name { } sub get_value { - my $line = shift; - - my $form = $main::form; - + my $line = shift; my ($null, $value) = split(/=/, $line, 2); # remove comments @@ -693,7 +649,7 @@ sub get_value { } sub pg_database_administration { - my $form = $main::form; + my $form = $main::form; $form->{dbdriver} = 'Pg'; dbselect_source(); @@ -701,13 +657,13 @@ sub pg_database_administration { } sub dbselect_source { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; - $form->{dbport} = '5432'; - $form->{dbuser} = 'postgres'; + $form->{dbport} = $::auth->{DB_config}->{port} || 5432; + $form->{dbuser} = $::auth->{DB_config}->{user} || 'lxoffice'; $form->{dbdefault} = 'template1'; - $form->{dbhost} = 'localhost'; + $form->{dbhost} = $::auth->{DB_config}->{host} || 'localhost'; $form->{title} = "Lx-Office ERP / " . $locale->text('Database Administration'); @@ -719,8 +675,8 @@ sub dbselect_source { } sub test_db_connection { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; $form->{dbdriver} = 'Pg'; User::dbconnect_vars($form, $form->{dbname}); @@ -742,13 +698,10 @@ sub continue { } sub update_dataset { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Update Dataset'); + $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " . $locale->text('Update Dataset'); my @need_updates = User->dbneedsupdate($form); $form->{NEED_UPDATES} = \@need_updates; @@ -759,8 +712,8 @@ sub update_dataset { } sub dbupdate { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; $form->{stylesheet} = "lx-office-erp.css"; $form->{title} = $locale->text("Dataset upgrade"); @@ -780,15 +733,13 @@ sub dbupdate { map { $form->{$_} = $form->{"${_}_${i}"} } qw(dbname dbdriver dbhost dbport dbuser dbpasswd); - my $controls = parse_dbupdate_controls($form, $form->{dbdriver}); - print $form->parse_html_template("admin/dbupgrade_header"); $form->{dbupdate} = $form->{dbname}; $form->{$form->{dbname}} = 1; User->dbupdate($form); - User->dbupdate2($form, $controls); + User->dbupdate2($form, SL::DBUpgrade2->new(form => $form, dbdriver => $form->{dbdriver})->parse_dbupdate_controls); print $form->parse_html_template("admin/dbupgrade_footer"); } @@ -797,12 +748,12 @@ sub dbupdate { } sub create_dataset { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; $form->{dbsources} = join " ", map { "[${_}]" } sort User->dbsources($form); - $form->{CHARTS} = []; + $form->{CHARTS} = []; opendir SQLDIR, "sql/." or $form->error($ERRNO); foreach my $item (sort grep /-chart\.sql\z/, readdir SQLDIR) { @@ -836,43 +787,34 @@ sub create_dataset { } } - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Create Dataset'); + $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " . $locale->text('Create Dataset'); $form->header(); print $form->parse_html_template("admin/create_dataset"); } sub dbcreate { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; $form->isblank("db", $locale->text('Dataset missing!')); User->dbcreate(\%$form); - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Create Dataset'); + $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " . $locale->text('Create Dataset'); $form->header(); print $form->parse_html_template("admin/dbcreate"); } sub delete_dataset { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; my @dbsources = User->dbsources_unused($form); $form->error($locale->text('Nothing to delete!')) unless @dbsources; - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Delete Dataset'); + $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " . $locale->text('Delete Dataset'); $form->{DBSOURCES} = [ map { { "name", $_ } } sort @dbsources ]; $form->header(); @@ -880,8 +822,8 @@ sub delete_dataset { } sub dbdelete { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; if (!$form->{db}) { $form->error($locale->text('No Dataset selected!')); @@ -889,22 +831,16 @@ sub dbdelete { User->dbdelete(\%$form); - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Delete Dataset'); + $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " . $locale->text('Delete Dataset'); $form->header(); print $form->parse_html_template("admin/dbdelete"); } sub backup_dataset { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Backup Dataset'); + $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " . $locale->text('Backup Dataset'); if ("$main::pg_dump_exe" eq "DISABLED") { $form->error($locale->text('Database backups and restorations are disabled in lx-erp.conf.')); @@ -923,13 +859,10 @@ sub backup_dataset { } sub backup_dataset_start { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Backup Dataset'); + $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " . $locale->text('Backup Dataset'); $main::pg_dump_exe ||= "pg_dump"; @@ -1005,10 +938,7 @@ sub backup_dataset_start { unlink "${tmpdir}/.pgpass", $tmp; rmdir $tmpdir; - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Backup Dataset'); + $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " . $locale->text('Backup Dataset'); $form->header(); print $form->parse_html_template("admin/backup_dataset_email_done"); @@ -1016,13 +946,10 @@ sub backup_dataset_start { } sub restore_dataset { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Restore Dataset'); + $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " . $locale->text('Restore Dataset'); if ("$main::pg_restore_exe" eq "DISABLED") { $form->error($locale->text('Database backups and restorations are disabled in lx-erp.conf.')); @@ -1044,13 +971,10 @@ sub restore_dataset { } sub restore_dataset_start { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; - $form->{title} = - "Lx-Office ERP " - . $locale->text('Database Administration') . " / " - . $locale->text('Restore Dataset'); + $form->{title} = "Lx-Office ERP " . $locale->text('Database Administration') . " / " . $locale->text('Restore Dataset'); $main::pg_restore_exe ||= "pg_restore"; @@ -1170,8 +1094,8 @@ sub restore_dataset_start { } sub unlock_system { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; unlink "$main::userspath/nologin"; @@ -1182,8 +1106,8 @@ sub unlock_system { } sub lock_system { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; open(FH, ">$main::userspath/nologin") or $form->error($locale->text('Cannot create Lock!')); @@ -1208,7 +1132,7 @@ sub add { } sub edit { - my $form = $main::form; + my $form = $main::form; $form->{edit_nextsub} ||= 'edit_user'; @@ -1224,7 +1148,7 @@ sub delete { } sub save { - my $form = $main::form; + my $form = $main::form; $form->{save_nextsub} ||= 'save_user'; @@ -1236,8 +1160,8 @@ sub back { } sub dispatcher { - my $form = $main::form; - my $locale = $main::locale; + my $form = $main::form; + my $locale = $main::locale; foreach my $action (qw(create_standard_group dont_create_standard_group save_user delete_user save_user_as_new)) { @@ -1252,4 +1176,8 @@ sub dispatcher { $form->error($locale->text('No action defined.')); } +sub _apply_dbupgrade_scripts { + ::end_of_request() if SL::DBUpgrade2->new(form => $::form, dbdriver => 'Pg', auth => 1)->apply_admin_dbupgrade_scripts(1); +} + 1;