Revision be54aea5
Von Moritz Bunkus vor etwa 7 Jahren hinzugefügt
| SL/Controller/Admin.pm | ||
|---|---|---|
| 12 | 12 |
use SL::DB::AuthUser; |
| 13 | 13 |
use SL::DB::AuthGroup; |
| 14 | 14 |
use SL::DB::Printer; |
| 15 |
use SL::DBUtils (); |
|
| 15 | 16 |
use SL::Helper::Flash; |
| 16 | 17 |
use SL::Locale::String qw(t8); |
| 17 | 18 |
use SL::System::InstallationLock; |
| ... | ... | |
| 401 | 402 |
|
| 402 | 403 |
sub action_create_dataset {
|
| 403 | 404 |
my ($self) = @_; |
| 404 |
$self->create_dataset_form; |
|
| 405 |
|
|
| 406 |
my %superuser = $self->check_database_superuser_privileges(no_credentials_not_an_error => 1); |
|
| 407 |
$self->create_dataset_form(superuser => \%superuser); |
|
| 405 | 408 |
} |
| 406 | 409 |
|
| 407 | 410 |
sub action_do_create_dataset {
|
| 408 | 411 |
my ($self) = @_; |
| 409 | 412 |
|
| 413 |
my %superuser = $self->check_database_superuser_privileges; |
|
| 414 |
|
|
| 410 | 415 |
my @errors; |
| 411 | 416 |
push @errors, t8("Dataset missing!") if !$::form->{db};
|
| 412 | 417 |
push @errors, t8("Default currency missing!") if !$::form->{defaultcurrency};
|
| 418 |
push @errors, $superuser{error} if !$superuser{have_privileges} && $superuser{error};
|
|
| 413 | 419 |
|
| 414 | 420 |
if (@errors) {
|
| 415 | 421 |
flash('error', @errors);
|
| 416 |
return $self->create_dataset_form; |
|
| 422 |
return $self->create_dataset_form(superuser => \%superuser);
|
|
| 417 | 423 |
} |
| 418 | 424 |
|
| 419 | 425 |
$::form->{encoding} = 'UNICODE';
|
| ... | ... | |
| 645 | 651 |
$::form->{feature_eurechnung} = $defaults->feature_eurechnung(1);
|
| 646 | 652 |
$::form->{feature_ustva} = $defaults->feature_ustva(1);
|
| 647 | 653 |
|
| 648 |
$self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')));
|
|
| 654 |
$self->render('admin/create_dataset', title => (t8('Database Administration') . " / " . t8('Create Dataset')), superuser => $params{superuser});
|
|
| 649 | 655 |
} |
| 650 | 656 |
|
| 651 | 657 |
sub delete_dataset_form {
|
| ... | ... | |
| 697 | 703 |
return join ', ', sort_by { lc } map { $_->name } @{ SL::DB::Manager::AuthClient->get_all(where => [ task_server_user_id => $user->id ]) };
|
| 698 | 704 |
} |
| 699 | 705 |
|
| 706 |
sub check_database_superuser_privileges {
|
|
| 707 |
my ($self, %params) = @_; |
|
| 708 |
|
|
| 709 |
my %dbconnect_form = %{ $::form };
|
|
| 710 |
my %result = ( |
|
| 711 |
username => $dbconnect_form{dbuser},
|
|
| 712 |
password => $dbconnect_form{dbpasswd},
|
|
| 713 |
); |
|
| 714 |
|
|
| 715 |
my $check_privileges = sub {
|
|
| 716 |
my $dbh = SL::DBConnect->connect($dbconnect_form{dbconnect}, $result{username}, $result{password}, SL::DBConnect->get_options);
|
|
| 717 |
return (error => $::locale->text('The credentials (username & password) for connecting database are wrong.')) if !$dbh;
|
|
| 718 |
|
|
| 719 |
my $is_superuser = SL::DBUtils::role_is_superuser($dbh, $result{username});
|
|
| 720 |
|
|
| 721 |
$dbh->disconnect; |
|
| 722 |
|
|
| 723 |
return (have_privileges => $is_superuser); |
|
| 724 |
}; |
|
| 725 |
|
|
| 726 |
User::dbconnect_vars(\%dbconnect_form, $dbconnect_form{dbdefault});
|
|
| 727 |
|
|
| 728 |
%result = ( |
|
| 729 |
%result, |
|
| 730 |
$check_privileges->(), |
|
| 731 |
); |
|
| 732 |
|
|
| 733 |
if (!$result{have_privileges}) {
|
|
| 734 |
$result{username} = $::form->{database_superuser_user};
|
|
| 735 |
$result{password} = $::form->{database_superuser_password};
|
|
| 736 |
|
|
| 737 |
if ($::form->{database_superuser_user}) {
|
|
| 738 |
%result = ( |
|
| 739 |
%result, |
|
| 740 |
$check_privileges->(), |
|
| 741 |
); |
|
| 742 |
} |
|
| 743 |
} |
|
| 744 |
|
|
| 745 |
if ($result{have_privileges}) {
|
|
| 746 |
$::auth->set_session_value(database_superuser_username => $result{username}, database_superuser_password => $result{password});
|
|
| 747 |
return %result; |
|
| 748 |
} |
|
| 749 |
|
|
| 750 |
$::auth->delete_session_value(qw(database_superuser_username database_superuser_password)); |
|
| 751 |
|
|
| 752 |
return () if !$::form->{database_superuser_user} && $params{no_credentials_not_an_error};
|
|
| 753 |
return (%result, error => $::locale->text('No superuser credentials were entered.')) if !$::form->{database_superuser_user};
|
|
| 754 |
return %result if $result{error};
|
|
| 755 |
return (%result, error => $::locale->text('The database user \'#1\' does not have superuser privileges.', $result{username}));
|
|
| 756 |
} |
|
| 700 | 757 |
|
| 701 | 758 |
1; |
Auch abrufbar als: Unified diff
Datenbank anlegen: Super-User-Rechte abfragen, sofern nötig