Projekt

Allgemein

Profil

Herunterladen (16,3 KB) Statistiken
| Zweig: | Markierung: | Revision:

kivitendo/SL/User.pm @ 1a69cdf7

#=====================================================================
# LX-Office ERP
# Copyright (C) 2004
# Based on SQL-Ledger Version 2.1.9
# Web http://www.lx-office.org
#
#=====================================================================
# SQL-Ledger Accounting
# Copyright (C) 2001
#
# Author: Dieter Simader
# Email: dsimader@sql-ledger.org
# Web: http://www.sql-ledger.org
#
# Contributors:
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
# MA 02110-1335, USA.
#=====================================================================
#
# user related functions
#
#=====================================================================

package User;

use IO::File;
use List::MoreUtils qw(any);

use SL::DB;
#use SL::Auth;
use SL::DB::AuthClient;
use SL::DB::Employee;
use SL::DBConnect;
use SL::DBUpgrade2;
use SL::DBUtils;
use SL::Iconv;
use SL::Inifile;
use SL::System::InstallationLock;
use SL::DefaultManager;

use strict;

use constant LOGIN_OK => 0;
use constant LOGIN_BASIC_TABLES_MISSING => -1;
use constant LOGIN_DBUPDATE_AVAILABLE => -2;
use constant LOGIN_AUTH_DBUPDATE_AVAILABLE => -3;
use constant LOGIN_GENERAL_ERROR => -4;

sub new {
$main::lxdebug->enter_sub();

my ($type, %params) = @_;

my $self = {};

if ($params{id} || $params{login}) {
my %user_data = $main::auth->read_user(%params);
map { $self->{$_} = $user_data{$_} } keys %user_data;
}

$main::lxdebug->leave_sub();

bless $self, $type;
}

sub country_codes {
$main::lxdebug->enter_sub();

local *DIR;

my %cc = ();
my @language = ();

# scan the locale directory and read in the LANGUAGE files
opendir(DIR, "locale");

my @dir = grep(!/(^\.\.?$|\..*)/, readdir(DIR));

foreach my $dir (@dir) {
next unless open(my $fh, '<:encoding(UTF-8)', "locale/$dir/LANGUAGE");
@language = <$fh>;
close $fh;

$cc{$dir} = "@language";
}

closedir(DIR);

$main::lxdebug->leave_sub();

return %cc;
}

sub _handle_superuser_privileges {
my ($self, $form) = @_;

if ($form->{database_superuser_username}) {
$::auth->set_session_value("database_superuser_username" => $form->{database_superuser_username}, "database_superuser_password" => $form->{database_superuser_password});
}

my %dbconnect_form = %{ $form };
my ($su_user, $su_password) = map { $::auth->get_session_value("database_superuser_$_") } qw(username password);

if ($su_user) {
$dbconnect_form{dbuser} = $su_user;
$dbconnect_form{dbpasswd} = $su_password;
}

dbconnect_vars(\%dbconnect_form, $form->{dbname});

my %result = (
username => $dbconnect_form{dbuser},
password => $dbconnect_form{dbpasswd},
);

$::auth->set_session_value("database_superuser_username" => $dbconnect_form{dbuser}, "database_superuser_password" => $dbconnect_form{dbpasswd});

my $dbh = SL::DBConnect->connect($dbconnect_form{dbconnect}, $dbconnect_form{dbuser}, $dbconnect_form{dbpasswd}, SL::DBConnect->get_options);
return (%result, error => $::locale->text('The credentials (username & password) for connecting database are wrong.')) if !$dbh;

my $is_superuser = SL::DBUtils::role_is_superuser($dbh, $dbconnect_form{dbuser});

$dbh->disconnect;

return (%result, have_privileges => 1) if $is_superuser;
return (%result) if !$su_user; # no error message if credentials weren't set by the user
return (%result, error => $::locale->text('The database user \'#1\' does not have superuser privileges.', $dbconnect_form{dbuser}));
}

sub login {
my ($self, $form) = @_;

return LOGIN_GENERAL_ERROR() if !$self->{login} || !$::auth->client;

my %myconfig = $main::auth->read_user(login => $self->{login});

# Auth DB upgrades available?
my $dbupdater_auth = SL::DBUpgrade2->new(form => $form, auth => 1)->parse_dbupdate_controls;
return LOGIN_AUTH_DBUPDATE_AVAILABLE() if $dbupdater_auth->unapplied_upgrade_scripts($::auth->dbconnect);

# check if database is down
my $dbh = SL::DB->client->dbh;

# we got a connection, check the version
my ($dbversion) = $dbh->selectrow_array(qq|SELECT version FROM defaults|);
if (!$dbversion) {
$dbh->disconnect;
return LOGIN_BASIC_TABLES_MISSING();
}

$self->create_schema_info_table($form, $dbh);

my $dbupdater = SL::DBUpgrade2->new(form => $form)->parse_dbupdate_controls;
my @unapplied_scripts = $dbupdater->unapplied_upgrade_scripts($dbh);
# $dbh->disconnect;

if (!@unapplied_scripts) {
SL::DB::Manager::Employee->update_entries_for_authorized_users;
return LOGIN_OK();
}

# Store the fact that we're applying database upgrades at the
# moment. That way functions called from the layout modules that may
# require updated tables can chose only to use basic features.
$::request->applying_database_upgrades(1);

$form->{$_} = $::auth->client->{$_} for qw(dbname dbhost dbport dbuser dbpasswd);
$form->{$_} = $myconfig{$_} for qw(datestyle);

$form->{"title"} = $main::locale->text("Dataset upgrade");
$form->header(no_layout => $form->{no_layout});
print $form->parse_html_template("dbupgrade/header");

$form->{dbupdate} = "db" . $::auth->client->{dbname};

my $show_update_warning = $form->{"show_dbupdate_warning"};
my %superuser = (need_privileges => (any { $_->{superuser_privileges} } @unapplied_scripts));

if ($superuser{need_privileges}) {
%superuser = (
%superuser,
$self->_handle_superuser_privileges($form),
);
$show_update_warning = 1 if !$superuser{have_privileges};
}

if ($show_update_warning) {
print $form->parse_html_template("dbupgrade/warning", {
unapplied_scripts => \@unapplied_scripts,
superuser => \%superuser,
});
$::dispatcher->end_request;
}

# update the tables
SL::System::InstallationLock->lock;

# ignore HUP, QUIT in case the webserver times out
$SIG{HUP} = 'IGNORE';
$SIG{QUIT} = 'IGNORE';

$self->dbupdate2(form => $form, updater => $dbupdater, database => $::auth->client->{dbname});

# If $self->dbupdate2 returns than this means all upgrade scripts
# have been applied successfully, none required user
# interaction. Otherwise the deeper layers would have called
# $::dispatcher->end_request already, and return would not have returned to
# us. Therefore we can now use RDBO instances because their supposed
# table structures do match the actual structures. So let's ensure
# that the "employee" table contains the appropriate entries for all
# users authorized for the current client.
SL::DB::Manager::Employee->update_entries_for_authorized_users;

SL::System::InstallationLock->unlock;

print $form->parse_html_template("dbupgrade/footer");

return LOGIN_DBUPDATE_AVAILABLE();
}

sub dbconnect_vars {
$main::lxdebug->enter_sub();

my ($form, $db) = @_;

my %dboptions = (
'yy-mm-dd' => 'set DateStyle to \'ISO\'',
'yyyy-mm-dd' => 'set DateStyle to \'ISO\'',
'mm/dd/yy' => 'set DateStyle to \'SQL, US\'',
'dd/mm/yy' => 'set DateStyle to \'SQL, EUROPEAN\'',
'dd.mm.yy' => 'set DateStyle to \'GERMAN\''
);

$form->{dboptions} = $dboptions{ $form->{dateformat} };
$form->{dbconnect} = "dbi:Pg:dbname=${db};host=" . ($form->{dbhost} || 'localhost') . ";port=" . ($form->{dbport} || 5432);

$main::lxdebug->leave_sub();
}

sub dbsources {
$main::lxdebug->enter_sub();

my ($self, $form) = @_;

my @dbsources = ();
my ($sth, $query);

$form->{dbdefault} = $form->{dbuser} unless $form->{dbdefault};
&dbconnect_vars($form, $form->{dbdefault});

my $dbh = SL::DBConnect->connect($form->{dbconnect}, $form->{dbuser}, $form->{dbpasswd}, SL::DBConnect->get_options)
or $form->dberror;

$query =
qq|SELECT datname FROM pg_database | .
qq|WHERE NOT datname IN ('template0', 'template1')|;
$sth = $dbh->prepare($query);
$sth->execute() || $form->dberror($query);

while (my ($db) = $sth->fetchrow_array) {

if ($form->{only_acc_db}) {

next if ($db =~ /^template/);

&dbconnect_vars($form, $db);
my $dbh = SL::DBConnect->connect($form->{dbconnect}, $form->{dbuser}, $form->{dbpasswd}, SL::DBConnect->get_options)
or $form->dberror;

$query =
qq|SELECT tablename FROM pg_tables | .
qq|WHERE (tablename = 'defaults') AND (tableowner = ?)|;
my $sth = $dbh->prepare($query);
$sth->execute($form->{dbuser}) ||
$form->dberror($query . " ($form->{dbuser})");

if ($sth->fetchrow_array) {
push(@dbsources, $db);
}
$sth->finish;
$dbh->disconnect;
next;
}
push(@dbsources, $db);
}

$sth->finish;
$dbh->disconnect;

$main::lxdebug->leave_sub();

return @dbsources;
}

sub dbcreate {
$main::lxdebug->enter_sub();

my ($self, $form) = @_;

&dbconnect_vars($form, $form->{dbdefault});
my $dbh =
SL::DBConnect->connect($form->{dbconnect}, $form->{dbuser}, $form->{dbpasswd}, SL::DBConnect->get_options)
or $form->dberror;
$form->{db} =~ s/\"//g;

my @dboptions;

push @dboptions, "ENCODING = " . $dbh->quote($form->{"encoding"}) if $form->{"encoding"};
if ($form->{"dbdefault"}) {
my $dbdefault = $form->{"dbdefault"};
$dbdefault =~ s/[^a-zA-Z0-9_\-]//g;
push @dboptions, "TEMPLATE = $dbdefault";
}

my $query = qq|CREATE DATABASE "$form->{db}"|;
$query .= " WITH " . join(" ", @dboptions) if @dboptions;

# Ignore errors if the database exists.
$dbh->do($query);

$dbh->disconnect;

&dbconnect_vars($form, $form->{db});

# make a shim myconfig so that rose db connections work
$::myconfig{$_} = $form->{$_} for qw(dbhost dbport dbuser dbpasswd);
$::myconfig{dbname} = $form->{db};

$dbh = SL::DBConnect->connect($form->{dbconnect}, $form->{dbuser}, $form->{dbpasswd}, SL::DBConnect->get_options)
or $form->dberror;

my $dbupdater = SL::DBUpgrade2->new(form => $form, return_on_error => 1, silent => 1)->parse_dbupdate_controls;
# create the tables
$dbupdater->process_query($dbh, "sql/lx-office.sql");
$dbupdater->process_query($dbh, "sql/$form->{chart}-chart.sql");

$query = qq|UPDATE defaults SET coa = ?|;
do_query($form, $dbh, $query, map { $form->{$_} } qw(chart));

$dbh->disconnect;

# update new database
$self->dbupdate2(form => $form, updater => $dbupdater, database => $form->{db}, silent => 1);

$dbh = SL::DBConnect->connect($form->{dbconnect}, $form->{dbuser}, $form->{dbpasswd}, SL::DBConnect->get_options)
or $form->dberror;

$query = "SELECT * FROM currencies WHERE name = ?";
my $curr = selectfirst_hashref_query($form, $dbh, $query, $form->{defaultcurrency});
if (!$curr->{id}) {
do_query($form, $dbh, "INSERT INTO currencies (name) VALUES (?)", $form->{defaultcurrency});
$curr = selectfirst_hashref_query($form, $dbh, $query, $form->{defaultcurrency});
}

$query = qq|UPDATE defaults SET
accounting_method = ?,
profit_determination = ?,
inventory_system = ?,
precision = ?,
currency_id = ?,
feature_balance = ?,
feature_datev = ?,
feature_erfolgsrechnung = ?,
feature_eurechnung = ?,
feature_ustva = ?
|;
do_query($form, $dbh, $query,
$form->{accounting_method},
$form->{profit_determination},
$form->{inventory_system},
$form->parse_amount(\%::myconfig, $form->{precision_as_number}),
$curr->{id},
$form->{feature_balance},
$form->{feature_datev},
$form->{feature_erfolgsrechnung},
$form->{feature_eurechnung},
$form->{feature_ustva}
);

$dbh->disconnect;

$main::lxdebug->leave_sub();
}

sub dbdelete {
$main::lxdebug->enter_sub();

my ($self, $form) = @_;
$form->{db} =~ s/\"//g;

&dbconnect_vars($form, $form->{dbdefault});
my $dbh = SL::DBConnect->connect($form->{dbconnect}, $form->{dbuser}, $form->{dbpasswd}, SL::DBConnect->get_options)
or $form->dberror;
my $query = qq|DROP DATABASE "$form->{db}"|;
do_query($form, $dbh, $query);

$dbh->disconnect;

$main::lxdebug->leave_sub();
}

sub calc_version {
$main::lxdebug->enter_sub(2);

my (@v, $version, $i);

@v = split(/\./, $_[0]);
while (scalar(@v) < 4) {
push(@v, 0);
}
$version = 0;
for ($i = 0; $i < 4; $i++) {
$version *= 1000;
$version += $v[$i];
}

$main::lxdebug->leave_sub(2);
return $version;
}

sub cmp_script_version {
my ($a_from, $a_to, $b_from, $b_to);
my ($i, $res_a, $res_b);
my ($my_a, $my_b) = do { no warnings 'once'; ($a, $b) };

$my_a =~ s/.*-upgrade-//;
$my_a =~ s/.sql$//;
$my_b =~ s/.*-upgrade-//;
$my_b =~ s/.sql$//;
my ($my_a_from, $my_a_to) = split(/-/, $my_a);
my ($my_b_from, $my_b_to) = split(/-/, $my_b);

$res_a = calc_version($my_a_from);
$res_b = calc_version($my_b_from);

if ($res_a == $res_b) {
$res_a = calc_version($my_a_to);
$res_b = calc_version($my_b_to);
}

return $res_a <=> $res_b;
}

sub create_schema_info_table {
$main::lxdebug->enter_sub();

my ($self, $form, $dbh) = @_;

my $query = "SELECT tag FROM schema_info LIMIT 1";
if (!$dbh->do($query)) {
$dbh->rollback();
$query =
qq|CREATE TABLE schema_info (| .
qq| tag text, | .
qq| login text, | .
qq| itime timestamp DEFAULT now(), | .
qq| PRIMARY KEY (tag))|;
$dbh->do($query) || $form->dberror($query);
}

$main::lxdebug->leave_sub();
}

sub dbupdate2 {
my ($self, %params) = @_;

my $form = $params{form};
my $dbupdater = $params{updater};
my $db = $params{database};
my $silent = $params{silent};

map { $_->{description} = SL::Iconv::convert($_->{charset}, 'UTF-8', $_->{description}) } values %{ $dbupdater->{all_controls} };

&dbconnect_vars($form, $db);

my $dbh = SL::DBConnect->connect($form->{dbconnect}, $form->{dbuser}, $form->{dbpasswd}, SL::DBConnect->get_options) or $form->dberror;

$dbh->do($form->{dboptions}) if ($form->{dboptions});

$self->create_schema_info_table($form, $dbh);

my @upgradescripts = $dbupdater->unapplied_upgrade_scripts($dbh);
my $need_superuser = (any { $_->{superuser_privileges} } @upgradescripts);
my $superuser_dbh;

if ($need_superuser) {
my %dbconnect_form = (
%{ $form },
dbuser => $::auth->get_session_value("database_superuser_username"),
dbpasswd => $::auth->get_session_value("database_superuser_password"),
);

if ($dbconnect_form{dbuser} ne $form->{dbuser}) {
dbconnect_vars(\%dbconnect_form, $db);
$superuser_dbh = SL::DBConnect->connect($dbconnect_form{dbconnect}, $dbconnect_form{dbuser}, $dbconnect_form{dbpasswd}, SL::DBConnect->get_options) or $form->dberror;
}
}

$::lxdebug->log_time("DB upgrades commencing");

foreach my $control (@upgradescripts) {
# Apply upgrade. Control will only return to us if the upgrade has
# been applied correctly and if the update has not requested user
# interaction.
my $script_dbh = $control->{superuser_privileges} ? ($superuser_dbh // $dbh) : $dbh;

$::lxdebug->message(LXDebug->DEBUG2(), "Applying Update $control->{file}" . ($control->{superuser_privileges} ? " with superuser privileges" : ""));
print $form->parse_html_template("dbupgrade/upgrade_message2", $control) unless $silent;

$dbupdater->process_file($script_dbh, "sql/Pg-upgrade2/$control->{file}", $control);
}

$::lxdebug->log_time("DB upgrades finished");

$dbh->disconnect;
$superuser_dbh->disconnect if $superuser_dbh;
}

sub data {
+{ %{ $_[0] } }
}

sub get_default_myconfig {
my ($self_or_class, %user_config) = @_;
my $defaults = SL::DefaultManager->new($::lx_office_conf{system}->{default_manager});

return (
countrycode => $defaults->language('de'),
css_path => 'css', # Needed for menunew, see SL::Layout::Base::get_stylesheet_for_user
dateformat => $defaults->dateformat('dd.mm.yy'),
numberformat => $defaults->numberformat('1.000,00'),
stylesheet => $defaults->stylesheet('kivitendo.css'),
timeformat => $defaults->timeformat('hh:mm'),
%user_config,
);
}

1;
(72-72/79)