/ - Diff - projekt kivitendo - wissen

« Zurück | Weiter »

Revision a1ea659f

Von Sven Schöling vor mehr als 9 Jahren hinzugefügt

ID a1ea659fc8d83ea24f7ba863c82322ae41131007
Vorgänger 1b9b086f
Nachfolger 361ae413

Rechte: In die Datenbank verlagert

       return $self->{api_token} && $provided_api_token && ($self->{api_token} eq $provided_api_token);
+    }
     sub session_tables_present {
       my $self = shift;
     sub _tables_present {
       my ($self, @tables) = @_;
       my $cache_key = join '_', @tables;
       # Only re-check for the presence of auth tables if either the check
       # hasn't been done before of if they weren't present.
       if ($self->{session_tables_present}) {
         return $self->{session_tables_present};
+      }
       return $self->{"$cache_key\_tables_present"} ||= do {
         my $dbh  = $self->dbconnect(1);
       my $dbh  = $self->dbconnect(1);
         if (!$dbh) {
           return 0;
+        }
       if (!$dbh) {
         return 0;
+      }
         my $query =
           qq|SELECT COUNT(*)
              FROM pg_tables
              WHERE (schemaname = 'auth')
                AND (tablename IN (@{[ join ', ', ('?') x @tables ]}))|;
       my $query =
         qq|SELECT COUNT(*)
            FROM pg_tables
            WHERE (schemaname = 'auth')
              AND (tablename IN ('session', 'session_content'))|;
         my ($count) = selectrow_query($main::form, $dbh, $query, @tables);
       my ($count) = selectrow_query($main::form, $dbh, $query);
         return scalar @tables == $count;
+      }
+    }
       $self->{session_tables_present} = 2 == $count;
     sub session_tables_present {
       $_[0]->_tables_present('session', 'session_content');
+    }
       return $self->{session_tables_present};
     sub master_rights_present {
       $_[0]->_tables_present('master_rights');
+    }
     # --------------------------------------
     sub all_rights_full {
       my $locale = $main::locale;
       my @all_rights = (
         ["--master_data",                  $locale->text("Master Data")],
         ["customer_vendor_edit",           $locale->text("Create customers and vendors. Edit all vendors. Edit only customers where salesman equals employee (login)")],
         ["customer_vendor_all_edit",       $locale->text("Create customers and vendors. Edit all vendors. Edit all customers")],
         ["part_service_assembly_edit",     $locale->text("Create and edit parts, services, assemblies")],
         ["part_service_assembly_details",  $locale->text("Show details and reports of parts, services, assemblies")],
         ["project_edit",                   $locale->text("Create and edit projects")],
         ["--ar",                           $locale->text("AR")],
         ["requirement_spec_edit",          $locale->text("Create and edit requirement specs")],
         ["sales_quotation_edit",           $locale->text("Create and edit sales quotations")],
         ["sales_order_edit",               $locale->text("Create and edit sales orders")],
         ["sales_delivery_order_edit",      $locale->text("Create and edit sales delivery orders")],
         ["invoice_edit",                   $locale->text("Create and edit invoices and credit notes")],
         ["dunning_edit",                   $locale->text("Create and edit dunnings")],
         ["sales_letter_edit",              $locale->text("Edit sales letters")],
         ["sales_all_edit",                 $locale->text("View/edit all employees sales documents")],
         ["edit_prices",                    $locale->text("Edit prices and discount (if not used, textfield is ONLY set readonly)")],
         ["show_ar_transactions",           $locale->text("Show AR transactions as part of AR invoice report")],
         ["delivery_plan",                  $locale->text("Show delivery plan")],
         ["delivery_value_report",          $locale->text("Show delivery value report")],
         ["sales_letter_report",            $locale->text("Show sales letters report")],
         ["--ap",                           $locale->text("AP")],
         ["request_quotation_edit",         $locale->text("Create and edit RFQs")],
         ["purchase_order_edit",            $locale->text("Create and edit purchase orders")],
         ["purchase_delivery_order_edit",   $locale->text("Create and edit purchase delivery orders")],
         ["vendor_invoice_edit",            $locale->text("Create and edit vendor invoices")],
         ["show_ap_transactions",           $locale->text("Show AP transactions as part of AP invoice report")],
         ["--warehouse_management",         $locale->text("Warehouse management")],
         ["warehouse_contents",             $locale->text("View warehouse content")],
         ["warehouse_management",           $locale->text("Warehouse management")],
         ["--general_ledger_cash",          $locale->text("General ledger and cash")],
         ["general_ledger",                 $locale->text("Transactions, AR transactions, AP transactions")],
         ["datev_export",                   $locale->text("DATEV Export")],
         ["cash",                           $locale->text("Receipt, payment, reconciliation")],
         ["bank_transaction",               $locale->text("Bank transactions")],
         ["--reports",                      $locale->text('Reports')],
         ["report",                         $locale->text('All reports')],
         ["advance_turnover_tax_return",    $locale->text('Advance turnover tax return')],
         ["--batch_printing",               $locale->text("Batch Printing")],
         ["batch_printing",                 $locale->text("Batch Printing")],
         ["--configuration",                $locale->text("Configuration")],
         ["config",                         $locale->text("Change kivitendo installation settings (most entries in the 'System' menu)")],
         ["admin",                          $locale->text("Client administration: configuration, editing templates, task server control, background jobs (remaining entries in the 'System' menu)")],
         ["--others",                       $locale->text("Others")],
         ["email_bcc",                      $locale->text("May set the BCC field when sending emails")],
         ["productivity",                   $locale->text("Productivity")],
         ["display_admin_link",             $locale->text("Show administration link")],
         );
       return @all_rights;
       my ($self) = @_;
       @{ $self->{master_rights} ||= do {
           $self->dbconnect->selectall_arrayref("SELECT name, description, category FROM auth.master_rights ORDER BY id");
+        }
+      }
+    }
     sub all_rights {
       return grep !/^--/, map { $_->[0] } all_rights_full();
       return map { $_->[0] } grep { !$_->[2] } $_[0]->all_rights_full;
+    }
     sub read_groups {
-...
           $group->{rights}->{$row->{right}} |= $row->{granted};
+        }
         map { $group->{rights}->{$_} = 0 if (!defined $group->{rights}->{$_}); } all_rights();
         map { $group->{rights}->{$_} = 0 if (!defined $group->{rights}->{$_}); } $self->all_rights;
+      }
       $sth->finish();
-...
       my $dbh   = $self->dbconnect;
       my ($query, $sth, $row, $rights);
       $rights = { map { $_ => 0 } all_rights() };
       $rights = { map { $_ => 0 } $self->all_rights };
       return $rights if !$self->client || !$login;

       my (@sections, $current_section);
       foreach my $entry ($::auth->all_rights_full) {
         if ($entry->[0] =~ m/^--/) {
           push @sections, { description => $entry->[1], rights => [] };
         if ($entry->[2]) {
           push @sections, { description => t8($entry->[1]), rights => [] };
         } elsif (@sections) {
           push @{ $sections[-1]->{rights} }, {
             name        => $entry->[0],
             description => $entry->[1],
             description => t8($entry->[1]),
           };
         } else {

       # Auth DB needs update? If so log the user out forcefully.
       if (User::LOGIN_AUTH_DBUPDATE_AVAILABLE() == $result) {
         $::auth->destroy_session;
         return $self->render('login_screen/auth_db_needs_update');
         # must be without layout because menu rights might not exist yet
         return $self->render('login_screen/auth_db_needs_update', { layout => 0 });
+      }
       # Basic client tables available? If not tell the user to create them

     use Pod::Usage;
     use YAML ();
     use YAML::Loader (); # YAML tries to load Y:L at runtime, but can't find it after we chdir'ed
     use SL::DBUpgrade2;
     $OUTPUT_AUTOFLUSH = 1;
-...
     handle_file(@{ $_ })       for @progfiles;
     handle_file(@{ $_ })       for @dbplfiles;
     scanmenu($_)               for @menufiles;
     scandbupgrades();
     for my $file_name (grep { /\.(?:js|html)$/i } map({find_files($_)} @javascript_dirs)) {
       scan_javascript_file($file_name);
-...
     sub scanmenu {
       my $file = shift;
       print STDERR "trying to load file $file\n";
       my $menu = YAML::LoadFile($file);
       for my $node (@$menu) {
         # possible for override files
         next unless exists $node->{name};
         $locale{$node->{name}}     = 1;
         $alllocales{$node->{name}} = 1;
         $cached{$file}{all}{$node->{name}} = 1;
+      }
+    }
     sub scandbupgrades {
       # we only need to do this for auth atm, because only auth scripts can include new rights, which are translateable
       my $auth = 1;
       my $dbu = SL::DBUpgrade2->new(auth => $auth, path => '../../sql/Pg-upgrade2-auth');
       for my $upgrade ($dbu->sort_dbupdate_controls) {
         for my $string (@{ $upgrade->{locales} || [] }) {
           $locale{$string}     = 1;
           $alllocales{$string} = 1;
         $cached{$upgrade->{tag}}{all}{$string} = 1;
+        }
+      }
+    }

     -- @tag: add_master_rights
     -- @description: Rechte in die Datenbank migrieren
     -- @depends: release_3_2_0
     -- @charset: utf-8
     -- @locales: Master Data
     -- @locales: Create customers and vendors. Edit all vendors. Edit only customers where salesman equals employee (login)
     -- @locales: Create customers and vendors. Edit all vendors. Edit all customers
     -- @locales: Create and edit parts, services, assemblies
     -- @locales: Show details and reports of parts, services, assemblies
     -- @locales: Create and edit projects
     -- @locales: AR
     -- @locales: Create and edit requirement specs
     -- @locales: Create and edit sales quotations
     -- @locales: Create and edit sales orders
     -- @locales: Create and edit sales delivery orders
     -- @locales: Create and edit invoices and credit notes
     -- @locales: Create and edit dunnings
     -- @locales: Edit sales letters
     -- @locales: View/edit all employees sales documents
     -- @locales: Edit prices and discount (if not used, textfield is ONLY set readonly)
     -- @locales: Show AR transactions as part of AR invoice report
     -- @locales: Show delivery plan
     -- @locales: Show delivery value report
     -- @locales: Show sales letters report
     -- @locales: AP
     -- @locales: Create and edit RFQs
     -- @locales: Create and edit purchase orders
     -- @locales: Create and edit purchase delivery orders
     -- @locales: Create and edit vendor invoices
     -- @locales: Show AP transactions as part of AP invoice report
     -- @locales: Warehouse management
     -- @locales: View warehouse content
     -- @locales: Warehouse management
     -- @locales: General ledger and cash
     -- @locales: Transactions, AR transactions, AP transactions
     -- @locales: DATEV Export
     -- @locales: Receipt, payment, reconciliation
     -- @locales: Bank transactions
     -- @locales: Reports
     -- @locales: All reports
     -- @locales: Advance turnover tax return
     -- @locales: Batch Printing
     -- @locales: Batch Printing
     -- @locales: Configuration
     -- @locales: Change kivitendo installation settings (most entries in the 'System' menu)
     -- @locales: Client administration: configuration, editing templates, task server control, background jobs (remaining entries in the 'System' menu)
     -- @locales: Others
     -- @locales: May set the BCC field when sending emails
     -- @locales: Productivity
     -- @locales: Show administration link
     CREATE TABLE auth.master_rights (
       id          SERIAL PRIMARY KEY,
       position    INTEGER NOT NULL,
       name        TEXT NOT NULL UNIQUE,
       description TEXT NOT NULL,
       category    BOOLEAN NOT NULL DEFAULT FALSE
     );
     INSERT INTO auth.master_rights (position, name, description, category) VALUES ( 1, 'master_data',                    'Master Data', TRUE);
     INSERT INTO auth.master_rights (position, name, description) VALUES ( 2, 'customer_vendor_edit',           'Create customers and vendors. Edit all vendors. Edit only customers where salesman equals employee (login)');
     INSERT INTO auth.master_rights (position, name, description) VALUES ( 3, 'customer_vendor_all_edit',       'Create customers and vendors. Edit all vendors. Edit all customers');
     INSERT INTO auth.master_rights (position, name, description) VALUES ( 4, 'part_service_assembly_edit',     'Create and edit parts, services, assemblies');
     INSERT INTO auth.master_rights (position, name, description) VALUES ( 5, 'part_service_assembly_details',  'Show details and reports of parts, services, assemblies');
     INSERT INTO auth.master_rights (position, name, description) VALUES ( 6, 'project_edit',                   'Create and edit projects');
     INSERT INTO auth.master_rights (position, name, description, category) VALUES ( 7, 'ar',                             'AR', TRUE);
     INSERT INTO auth.master_rights (position, name, description) VALUES ( 8, 'requirement_spec_edit',          'Create and edit requirement specs');
     INSERT INTO auth.master_rights (position, name, description) VALUES ( 9, 'sales_quotation_edit',           'Create and edit sales quotations');
     INSERT INTO auth.master_rights (position, name, description) VALUES (10, 'sales_order_edit',               'Create and edit sales orders');
     INSERT INTO auth.master_rights (position, name, description) VALUES (11, 'sales_delivery_order_edit',      'Create and edit sales delivery orders');
     INSERT INTO auth.master_rights (position, name, description) VALUES (12, 'invoice_edit',                   'Create and edit invoices and credit notes');
     INSERT INTO auth.master_rights (position, name, description) VALUES (13, 'dunning_edit',                   'Create and edit dunnings');
     INSERT INTO auth.master_rights (position, name, description) VALUES (14, 'sales_letter_edit',              'Edit sales letters');
     INSERT INTO auth.master_rights (position, name, description) VALUES (15, 'sales_all_edit',                 'View/edit all employees sales documents');
     INSERT INTO auth.master_rights (position, name, description) VALUES (16, 'edit_prices',                    'Edit prices and discount (if not used, textfield is ONLY set readonly)');
     INSERT INTO auth.master_rights (position, name, description) VALUES (17, 'show_ar_transactions',           'Show AR transactions as part of AR invoice report');
     INSERT INTO auth.master_rights (position, name, description) VALUES (18, 'delivery_plan',                  'Show delivery plan');
     INSERT INTO auth.master_rights (position, name, description) VALUES (19, 'delivery_value_report',          'Show delivery value report');
     INSERT INTO auth.master_rights (position, name, description) VALUES (20, 'sales_letter_report',            'Show sales letters report');
     INSERT INTO auth.master_rights (position, name, description, category) VALUES (21, 'ap',                             'AP', TRUE);
     INSERT INTO auth.master_rights (position, name, description) VALUES (22, 'request_quotation_edit',         'Create and edit RFQs');
     INSERT INTO auth.master_rights (position, name, description) VALUES (23, 'purchase_order_edit',            'Create and edit purchase orders');
     INSERT INTO auth.master_rights (position, name, description) VALUES (24, 'purchase_delivery_order_edit',   'Create and edit purchase delivery orders');
     INSERT INTO auth.master_rights (position, name, description) VALUES (25, 'vendor_invoice_edit',            'Create and edit vendor invoices');
     INSERT INTO auth.master_rights (position, name, description) VALUES (26, 'show_ap_transactions',           'Show AP transactions as part of AP invoice report');
     INSERT INTO auth.master_rights (position, name, description, category) VALUES (27, 'warehouse',                      'Warehouse management', TRUE);
     INSERT INTO auth.master_rights (position, name, description) VALUES (28, 'warehouse_contents',             'View warehouse content');
     INSERT INTO auth.master_rights (position, name, description) VALUES (29, 'warehouse_management',           'Warehouse management');
     INSERT INTO auth.master_rights (position, name, description, category) VALUES (30, 'general_ledger_cash',            'General ledger and cash', TRUE);
     INSERT INTO auth.master_rights (position, name, description) VALUES (31, 'general_ledger',                 'Transactions, AR transactions, AP transactions');
     INSERT INTO auth.master_rights (position, name, description) VALUES (32, 'datev_export',                   'DATEV Export');
     INSERT INTO auth.master_rights (position, name, description) VALUES (33, 'cash',                           'Receipt, payment, reconciliation');
     INSERT INTO auth.master_rights (position, name, description) VALUES (34, 'bank_transaction',               'Bank transactions');
     INSERT INTO auth.master_rights (position, name, description, category) VALUES (35, 'reports',                        'Reports', TRUE);
     INSERT INTO auth.master_rights (position, name, description) VALUES (36, 'report',                         'All reports');
     INSERT INTO auth.master_rights (position, name, description) VALUES (37, 'advance_turnover_tax_return',    'Advance turnover tax return');
     INSERT INTO auth.master_rights (position, name, description, category) VALUES (38, 'batch_printing_category',                 'Batch Printing', TRUE);
     INSERT INTO auth.master_rights (position, name, description) VALUES (39, 'batch_printing',                 'Batch Printing');
     INSERT INTO auth.master_rights (position, name, description, category) VALUES (40, 'configuration',                  'Configuration', TRUE);
     INSERT INTO auth.master_rights (position, name, description) VALUES (41, 'config',                         'Change kivitendo installation settings (most entries in the ''System'' menu)');
     INSERT INTO auth.master_rights (position, name, description) VALUES (42, 'admin',                          'Client administration: configuration, editing templates, task server control, background jobs (remaining entries in the ''System'' menu)');
     INSERT INTO auth.master_rights (position, name, description, category) VALUES (43, 'others',                         'Others', TRUE);
     INSERT INTO auth.master_rights (position, name, description) VALUES (44, 'email_bcc',                      'May set the BCC field when sending emails');
     INSERT INTO auth.master_rights (position, name, description) VALUES (45, 'productivity',                   'Productivity');
     INSERT INTO auth.master_rights (position, name, description) VALUES (46, 'display_admin_link',             'Show administration link');

Auch abrufbar als: Unified diff

Projekt

Allgemein

Profil

projekt kivitendo

Revision a1ea659f

Von Sven Schöling vor mehr als 9 Jahren hinzugefügt