Projekt

Allgemein

Profil

« Zurück | Weiter » 

Revision be54aea5

Von Moritz Bunkus vor etwa 7 Jahren hinzugefügt

  • ID be54aea5115bbfcc5d91de846879126417cacdbd
  • Vorgänger 511d3561
  • Nachfolger be6d3645

Datenbank anlegen: Super-User-Rechte abfragen, sofern nötig

Unterschiede anzeigen:

SL/Controller/Admin.pm
12 12 
use SL::DB::AuthUser;
13 13 
use SL::DB::AuthGroup;
14 14 
use SL::DB::Printer;
15 
use SL::DBUtils ();
15 16 
use SL::Helper::Flash;
16 17 
use SL::Locale::String qw(t8);
17 18 
use SL::System::InstallationLock;
......
401 402 

  		




  402
  403
  
    
sub action_create_dataset {


  		




  403
  404
  
    
  my ($self) = @_;


  		




  404
  
  
    
  $self->create_dataset_form;


  		




  
  405
  
    

  		




  
  406
  
    
  my %superuser = $self->check_database_superuser_privileges(no_credentials_not_an_error => 1);


  		




  
  407
  
    
  $self->create_dataset_form(superuser => \%superuser);


  		




  405
  408
  
    
}


  		




  406
  409
  
    

  		




  407
  410
  
    
sub action_do_create_dataset {


  		




  408
  411
  
    
  my ($self) = @_;


  		




  409
  412
  
    

  		




  
  413
  
    
  my %superuser = $self->check_database_superuser_privileges;


  		




  
  414
  
    

  		




  410
  415
  
    
  my @errors;


  		




  411
  416
  
    
  push @errors, t8("Dataset missing!")          if !$::form->{db};


  		




  412
  417
  
    
  push @errors, t8("Default currency missing!") if !$::form->{defaultcurrency};


  		




  
  418
  
    
  push @errors, $superuser{error}               if !$superuser{have_privileges} && $superuser{error};


  		




  413
  419
  
    

  		




  414
  420
  
    
  if (@errors) {


  		




  415
  421
  
    
    flash('error', @errors);


  		




  416
  
  
    
    return $self->create_dataset_form;


  		




  
  422
  
    
    return $self->create_dataset_form(superuser => \%superuser);


  		




  417
  423
  
    
  }


  		




  418
  424
  
    

  		




  419
  425
  
    
  $::form->{encoding} = 'UNICODE';


  		




  ......




  645
  651
  
    
  $::form->{feature_eurechnung}      = $defaults->feature_eurechnung(1);


  		




  646
  652
  
    
  $::form->{feature_ustva}           = $defaults->feature_ustva(1);


  		




  647
  653
  
    

  		




  648
  
  
    
  $self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')));


  		




  
  654
  
    
  $self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')), superuser => $params{superuser});


  		




  649
  655
  
    
}


  		




  650
  656
  
    

  		




  651
  657
  
    
sub delete_dataset_form {


  		




  ......




  697
  703
  
    
  return join ', ', sort_by { lc } map { $_->name } @{ SL::DB::Manager::AuthClient->get_all(where => [ task_server_user_id => $user->id ]) };


  		




  698
  704
  
    
}


  		




  699
  705
  
    

  		




  
  706
  
    
sub check_database_superuser_privileges {


  		




  
  707
  
    
  my ($self, %params) = @_;


  		




  
  708
  
    

  		




  
  709
  
    
  my %dbconnect_form = %{ $::form };


  		




  
  710
  
    
  my %result         = (


  		




  
  711
  
    
    username => $dbconnect_form{dbuser},


  		




  
  712
  
    
    password => $dbconnect_form{dbpasswd},


  		




  
  713
  
    
  );


  		




  
  714
  
    

  		




  
  715
  
    
  my $check_privileges = sub {


  		




  
  716
  
    
    my $dbh = SL::DBConnect->connect($dbconnect_form{dbconnect}, $result{username}, $result{password}, SL::DBConnect->get_options);


  		




  
  717
  
    
    return (error => $::locale->text('The credentials (username & password) for connecting database are wrong.')) if !$dbh;


  		




  
  718
  
    

  		




  
  719
  
    
    my $is_superuser = SL::DBUtils::role_is_superuser($dbh, $result{username});


  		




  
  720
  
    

  		




  
  721
  
    
    $dbh->disconnect;


  		




  
  722
  
    

  		




  
  723
  
    
    return (have_privileges => $is_superuser);


  		




  
  724
  
    
  };


  		




  
  725
  
    

  		




  
  726
  
    
  User::dbconnect_vars(\%dbconnect_form, $dbconnect_form{dbdefault});


  		




  
  727
  
    

  		




  
  728
  
    
  %result = (


  		




  
  729
  
    
    %result,


  		




  
  730
  
    
    $check_privileges->(),


  		




  
  731
  
    
  );


  		




  
  732
  
    

  		




  
  733
  
    
  if (!$result{have_privileges}) {


  		




  
  734
  
    
    $result{username} = $::form->{database_superuser_user};


  		




  
  735
  
    
    $result{password} = $::form->{database_superuser_password};


  		




  
  736
  
    

  		




  
  737
  
    
    if ($::form->{database_superuser_user}) {


  		




  
  738
  
    
      %result = (


  		




  
  739
  
    
        %result,


  		




  
  740
  
    
        $check_privileges->(),


  		




  
  741
  
    
      );


  		




  
  742
  
    
    }


  		




  
  743
  
    
  }


  		




  
  744
  
    

  		




  
  745
  
    
  if ($result{have_privileges}) {


  		




  
  746
  
    
    $::auth->set_session_value(database_superuser_username => $result{username}, database_superuser_password => $result{password});


  		




  
  747
  
    
    return %result;


  		




  
  748
  
    
  }


  		




  
  749
  
    

  		




  
  750
  
    
  $::auth->delete_session_value(qw(database_superuser_username database_superuser_password));


  		




  
  751
  
    

  		




  
  752
  
    
  return ()                                                                            if !$::form->{database_superuser_user} && $params{no_credentials_not_an_error};


  		




  
  753
  
    
  return (%result, error => $::locale->text('No superuser credentials were entered.')) if !$::form->{database_superuser_user};


  		




  
  754
  
    
  return %result                                                                       if $result{error};


  		




  
  755
  
    
  return (%result, error => $::locale->text('The database user \'#1\' does not have superuser privileges.', $result{username}));


  		




  
  756
  
    
}


  		




  700
  757
  
    

  		




  701
  758
  
    
1;


  		












  

    
      SL/DBUtils.pm
    
  





  392
  392
  
    
  return "%" . SL::Util::trim($string // '') . "%";


  		




  393
  393
  
    
}


  		




  394
  394
  
    

  		




  
  395
  
    
sub role_is_superuser {


  		




  
  396
  
    
  my ($dbh, $login)  = @_;


  		




  
  397
  
    
  my ($is_superuser) = $dbh->selectrow_array(qq|SELECT usesuper FROM pg_user WHERE usename = ?|, undef, $login);


  		




  
  398
  
    

  		




  
  399
  
    
  return $is_superuser;


  		




  
  400
  
    
}


  		




  
  401
  
    

  		




  395
  402
  
    
1;


  		




  396
  403
  
    

  		




  397
  404
  
    

  		












  

    
      SL/User.pm
    
  





  130
  130
  
    
  my $dbh = SL::DBConnect->connect($dbconnect_form{dbconnect}, $dbconnect_form{dbuser}, $dbconnect_form{dbpasswd}, SL::DBConnect->get_options);


  		




  131
  131
  
    
  return (%result, error => $::locale->text('The credentials (username & password) for connecting database are wrong.')) if !$dbh;


  		




  132
  132
  
    

  		




  133
  
  
    
  my ($is_superuser) = $dbh->selectrow_array(qq|SELECT usesuper FROM pg_user WHERE usename = ?|, undef, $dbconnect_form{dbuser});


  		




  
  133
  
    
  my $is_superuser = SL::DBUtils::role_is_superuser($dbh, $dbconnect_form{dbuser});


  		




  134
  134
  
    

  		




  135
  135
  
    
  $dbh->disconnect;


  		




  136
  136
  
    

  		












  

    
      locale/de/all
    
  





  847
  847
  
    
  'Database Host'               => 'Datenbankcomputer',


  		




  848
  848
  
    
  'Database ID'                 => 'Datenbank-ID',


  		




  849
  849
  
    
  'Database Management'         => 'Datenbankadministration',


  		




  
  850
  
    
  'Database Superuser'          => 'Datenbank-Super-Benutzer',


  		




  850
  851
  
    
  'Database User'               => 'Datenbankbenutzer',


  		




  851
  852
  
    
  'Database host and port'      => 'Datenbankhost und -port',


  		




  852
  853
  
    
  'Database login (#1)'         => 'Datenbankanmeldung (#1)',


  		




  853
  854
  
    
  'Database name'               => 'Datenbankname',


  		




  854
  855
  
    
  'Database settings'           => 'Datenbankeinstellungen',


  		




  
  856
  
    
  'Database superuser privileges are required for parts of the database modifications.' => 'Für einige Teile der Datenbankänderungen werden Datenbank-Super-Benutzer-Rechte benötigt.',


  		




  855
  857
  
    
  'Database superuser privileges are required for the update.' => 'Datenbank-Super-Benutzer-Rechte werden für das Update benötigt.',


  		




  856
  858
  
    
  'Database template'           => 'Datenbankvorlage',


  		




  857
  859
  
    
  'Database update error:'      => 'Fehler beim Datenbankupgrade:',


  		




  ......




  1974
  1976
  
    
  'No start date given, setting to #1' => 'Kein Startdatum gegeben, setze Startdatum auf #1',


  		




  1975
  1977
  
    
  'No such job #1 in the database.' => 'Hintergrund-Job #1 existiert nicht mehr.',


  		




  1976
  1978
  
    
  'No summary account'          => 'Kein Sammelkonto',


  		




  
  1979
  
    
  'No superuser credentials were entered.' => 'Es wurden keine Super-Benutzer-Anmeldedaten eingegeben.',


  		




  1977
  1980
  
    
  'No template has been selected yet.' => 'Es wurde noch keine Vorlage ausgewählt.',


  		




  1978
  1981
  
    
  'No text blocks have been created for this position.' => 'Für diese Position wurden noch keine Textblöcke angelegt.',


  		




  1979
  1982
  
    
  'No text has been entered yet.' => 'Es wurde noch kein Text eingegeben.',


  		












  

    
      templates/webpages/admin/create_dataset.html
    
  





  10
  10
  
    
  [% LxERP.t8('In the latter case the tables needed by kivitendo will be created in that database.') %]


  		




  11
  11
  
    
 </p>


  		




  12
  12
  
    

  		




  
  13
  
    
 [% IF !superuser.have_privileges %]


  		




  
  14
  
    
  <p>


  		




  
  15
  
    
   [% LxERP.t8("Database superuser privileges are required for parts of the database modifications.") %]


  		




  
  16
  
    
   [% LxERP.t8("Please provide corresponding credentials.") %]


  		




  
  17
  
    
  </p>


  		




  
  18
  
    
 [% END %]


  		




  
  19
  
    

  		




  13
  20
  
    
 <table border="0">


  		




  14
  21
  
    
  <tr>


  		




  15
  22
  
    
   <th valign="top" align="right" nowrap>[% LxERP.t8('Existing Datasets') %]</th>


  		




  ......




  21
  28
  
    
   <td>[% L.input_tag('db', FORM.db, class="initial_focus") %]</td>


  		




  22
  29
  
    
  </tr>


  		




  23
  30
  
    

  		




  
  31
  
    
  [% IF !superuser.have_privileges %]


  		




  
  32
  
    
   <tr>


  		




  
  33
  
    
    <th align="right" nowrap>[% LxERP.t8("Database Superuser") %]</th>


  		




  
  34
  
    
    <td>[% L.input_tag("database_superuser_user", superuser.username) %]</td>


  		




  
  35
  
    
   </tr>


  		




  
  36
  
    

  		




  
  37
  
    
   <tr>


  		




  
  38
  
    
    <th align="right" nowrap>[% LxERP.t8("Password") %]</th>


  		




  
  39
  
    
    <td>[% L.input_tag("database_superuser_password", superuser.password, type="password") %]</td>


  		




  
  40
  
    
   </tr>


  		




  
  41
  
    
  [% END %]


  		




  
  42
  
    

  		




  24
  43
  
    
  <tr>


  		




  25
  44
  
    
   <td colspan="1"> </td>


  		




  26
  45
  
    
   <td><hr size="1" noshade></td>


  		












Auch abrufbar als:  Unified diff