Revision a1ea659f
Von Sven Schöling vor mehr als 9 Jahren hinzugefügt
| SL/Auth.pm | ||
|---|---|---|
| 897 | 897 |
return $self->{api_token} && $provided_api_token && ($self->{api_token} eq $provided_api_token);
|
| 898 | 898 |
} |
| 899 | 899 |
|
| 900 |
sub session_tables_present {
|
|
| 901 |
my $self = shift; |
|
| 900 |
sub _tables_present {
|
|
| 901 |
my ($self, @tables) = @_; |
|
| 902 |
my $cache_key = join '_', @tables; |
|
| 902 | 903 |
|
| 903 | 904 |
# Only re-check for the presence of auth tables if either the check |
| 904 | 905 |
# hasn't been done before of if they weren't present. |
| 905 |
if ($self->{session_tables_present}) {
|
|
| 906 |
return $self->{session_tables_present};
|
|
| 907 |
} |
|
| 906 |
return $self->{"$cache_key\_tables_present"} ||= do {
|
|
| 907 |
my $dbh = $self->dbconnect(1); |
|
| 908 | 908 |
|
| 909 |
my $dbh = $self->dbconnect(1); |
|
| 909 |
if (!$dbh) {
|
|
| 910 |
return 0; |
|
| 911 |
} |
|
| 910 | 912 |
|
| 911 |
if (!$dbh) {
|
|
| 912 |
return 0; |
|
| 913 |
} |
|
| 913 |
my $query = |
|
| 914 |
qq|SELECT COUNT(*) |
|
| 915 |
FROM pg_tables |
|
| 916 |
WHERE (schemaname = 'auth') |
|
| 917 |
AND (tablename IN (@{[ join ', ', ('?') x @tables ]}))|;
|
|
| 914 | 918 |
|
| 915 |
my $query = |
|
| 916 |
qq|SELECT COUNT(*) |
|
| 917 |
FROM pg_tables |
|
| 918 |
WHERE (schemaname = 'auth') |
|
| 919 |
AND (tablename IN ('session', 'session_content'))|;
|
|
| 919 |
my ($count) = selectrow_query($main::form, $dbh, $query, @tables); |
|
| 920 | 920 |
|
| 921 |
my ($count) = selectrow_query($main::form, $dbh, $query); |
|
| 921 |
return scalar @tables == $count; |
|
| 922 |
} |
|
| 923 |
} |
|
| 922 | 924 |
|
| 923 |
$self->{session_tables_present} = 2 == $count;
|
|
| 925 |
sub session_tables_present {
|
|
| 926 |
$_[0]->_tables_present('session', 'session_content');
|
|
| 927 |
} |
|
| 924 | 928 |
|
| 925 |
return $self->{session_tables_present};
|
|
| 929 |
sub master_rights_present {
|
|
| 930 |
$_[0]->_tables_present('master_rights');
|
|
| 926 | 931 |
} |
| 927 | 932 |
|
| 928 | 933 |
# -------------------------------------- |
| 929 | 934 |
|
| 930 | 935 |
sub all_rights_full {
|
| 931 |
my $locale = $main::locale; |
|
| 932 |
|
|
| 933 |
my @all_rights = ( |
|
| 934 |
["--master_data", $locale->text("Master Data")],
|
|
| 935 |
["customer_vendor_edit", $locale->text("Create customers and vendors. Edit all vendors. Edit only customers where salesman equals employee (login)")],
|
|
| 936 |
["customer_vendor_all_edit", $locale->text("Create customers and vendors. Edit all vendors. Edit all customers")],
|
|
| 937 |
["part_service_assembly_edit", $locale->text("Create and edit parts, services, assemblies")],
|
|
| 938 |
["part_service_assembly_details", $locale->text("Show details and reports of parts, services, assemblies")],
|
|
| 939 |
["project_edit", $locale->text("Create and edit projects")],
|
|
| 940 |
["--ar", $locale->text("AR")],
|
|
| 941 |
["requirement_spec_edit", $locale->text("Create and edit requirement specs")],
|
|
| 942 |
["sales_quotation_edit", $locale->text("Create and edit sales quotations")],
|
|
| 943 |
["sales_order_edit", $locale->text("Create and edit sales orders")],
|
|
| 944 |
["sales_delivery_order_edit", $locale->text("Create and edit sales delivery orders")],
|
|
| 945 |
["invoice_edit", $locale->text("Create and edit invoices and credit notes")],
|
|
| 946 |
["dunning_edit", $locale->text("Create and edit dunnings")],
|
|
| 947 |
["sales_letter_edit", $locale->text("Edit sales letters")],
|
|
| 948 |
["sales_all_edit", $locale->text("View/edit all employees sales documents")],
|
|
| 949 |
["edit_prices", $locale->text("Edit prices and discount (if not used, textfield is ONLY set readonly)")],
|
|
| 950 |
["show_ar_transactions", $locale->text("Show AR transactions as part of AR invoice report")],
|
|
| 951 |
["delivery_plan", $locale->text("Show delivery plan")],
|
|
| 952 |
["delivery_value_report", $locale->text("Show delivery value report")],
|
|
| 953 |
["sales_letter_report", $locale->text("Show sales letters report")],
|
|
| 954 |
["--ap", $locale->text("AP")],
|
|
| 955 |
["request_quotation_edit", $locale->text("Create and edit RFQs")],
|
|
| 956 |
["purchase_order_edit", $locale->text("Create and edit purchase orders")],
|
|
| 957 |
["purchase_delivery_order_edit", $locale->text("Create and edit purchase delivery orders")],
|
|
| 958 |
["vendor_invoice_edit", $locale->text("Create and edit vendor invoices")],
|
|
| 959 |
["show_ap_transactions", $locale->text("Show AP transactions as part of AP invoice report")],
|
|
| 960 |
["--warehouse_management", $locale->text("Warehouse management")],
|
|
| 961 |
["warehouse_contents", $locale->text("View warehouse content")],
|
|
| 962 |
["warehouse_management", $locale->text("Warehouse management")],
|
|
| 963 |
["--general_ledger_cash", $locale->text("General ledger and cash")],
|
|
| 964 |
["general_ledger", $locale->text("Transactions, AR transactions, AP transactions")],
|
|
| 965 |
["datev_export", $locale->text("DATEV Export")],
|
|
| 966 |
["cash", $locale->text("Receipt, payment, reconciliation")],
|
|
| 967 |
["bank_transaction", $locale->text("Bank transactions")],
|
|
| 968 |
["--reports", $locale->text('Reports')],
|
|
| 969 |
["report", $locale->text('All reports')],
|
|
| 970 |
["advance_turnover_tax_return", $locale->text('Advance turnover tax return')],
|
|
| 971 |
["--batch_printing", $locale->text("Batch Printing")],
|
|
| 972 |
["batch_printing", $locale->text("Batch Printing")],
|
|
| 973 |
["--configuration", $locale->text("Configuration")],
|
|
| 974 |
["config", $locale->text("Change kivitendo installation settings (most entries in the 'System' menu)")],
|
|
| 975 |
["admin", $locale->text("Client administration: configuration, editing templates, task server control, background jobs (remaining entries in the 'System' menu)")],
|
|
| 976 |
["--others", $locale->text("Others")],
|
|
| 977 |
["email_bcc", $locale->text("May set the BCC field when sending emails")],
|
|
| 978 |
["productivity", $locale->text("Productivity")],
|
|
| 979 |
["display_admin_link", $locale->text("Show administration link")],
|
|
| 980 |
); |
|
| 981 |
|
|
| 982 |
return @all_rights; |
|
| 936 |
my ($self) = @_; |
|
| 937 |
|
|
| 938 |
@{ $self->{master_rights} ||= do {
|
|
| 939 |
$self->dbconnect->selectall_arrayref("SELECT name, description, category FROM auth.master_rights ORDER BY id");
|
|
| 940 |
} |
|
| 941 |
} |
|
| 983 | 942 |
} |
| 984 | 943 |
|
| 985 | 944 |
sub all_rights {
|
| 986 |
return grep !/^--/, map { $_->[0] } all_rights_full();
|
|
| 945 |
return map { $_->[0] } grep { !$_->[2] } $_[0]->all_rights_full;
|
|
| 987 | 946 |
} |
| 988 | 947 |
|
| 989 | 948 |
sub read_groups {
|
| ... | ... | |
| 1030 | 989 |
$group->{rights}->{$row->{right}} |= $row->{granted};
|
| 1031 | 990 |
} |
| 1032 | 991 |
|
| 1033 |
map { $group->{rights}->{$_} = 0 if (!defined $group->{rights}->{$_}); } all_rights();
|
|
| 992 |
map { $group->{rights}->{$_} = 0 if (!defined $group->{rights}->{$_}); } $self->all_rights;
|
|
| 1034 | 993 |
} |
| 1035 | 994 |
$sth->finish(); |
| 1036 | 995 |
|
| ... | ... | |
| 1212 | 1171 |
my $dbh = $self->dbconnect; |
| 1213 | 1172 |
my ($query, $sth, $row, $rights); |
| 1214 | 1173 |
|
| 1215 |
$rights = { map { $_ => 0 } all_rights() };
|
|
| 1174 |
$rights = { map { $_ => 0 } $self->all_rights };
|
|
| 1216 | 1175 |
|
| 1217 | 1176 |
return $rights if !$self->client || !$login; |
| 1218 | 1177 |
|
Auch abrufbar als: Unified diff
Rechte: In die Datenbank verlagert