kivitendo/SL/Controller/Admin.pm @ d306aa8c
| d8ac0828 | Moritz Bunkus | package SL::Controller::Admin;
|
||
use strict;
|
||||
use parent qw(SL::Controller::Base);
|
||||
use IO::File;
|
||||
| 8b34d295 | Moritz Bunkus | use List::Util qw(first);
|
||
| d8ac0828 | Moritz Bunkus | |||
use SL::DB::AuthUser;
|
||||
use SL::DB::AuthGroup;
|
||||
| 8b34d295 | Moritz Bunkus | use SL::DB::Printer;
|
||
| d8ac0828 | Moritz Bunkus | use SL::Helper::Flash;
|
||
use SL::Locale::String qw(t8);
|
||||
| 66c08b64 | Moritz Bunkus | use SL::System::InstallationLock;
|
||
| 288111da | Moritz Bunkus | use SL::User;
|
||
| d8ac0828 | Moritz Bunkus | |||
use Rose::Object::MakeMethods::Generic
|
||||
(
|
||||
| 66c08b64 | Moritz Bunkus | 'scalar --get_set_init' => [ qw(client user group printer db_cfg is_locked
|
||
| 8b34d295 | Moritz Bunkus | all_dateformats all_numberformats all_countrycodes all_stylesheets all_menustyles all_clients all_groups all_users all_rights all_printers) ],
|
||
| d8ac0828 | Moritz Bunkus | );
|
||
__PACKAGE__->run_before(\&setup_layout);
|
||||
| 8b34d295 | Moritz Bunkus | __PACKAGE__->run_before(\&setup_client, only => [ qw(list_printers new_printer edit_printer save_printer delete_printer) ]);
|
||
| d8ac0828 | Moritz Bunkus | |||
sub get_auth_level { "admin" };
|
||||
sub keep_auth_vars {
|
||||
my ($class, %params) = @_;
|
||||
return $params{action} eq 'login';
|
||||
}
|
||||
#
|
||||
| 288111da | Moritz Bunkus | # actions: login, logout
|
||
| d8ac0828 | Moritz Bunkus | #
|
||
sub action_login {
|
||||
my ($self) = @_;
|
||||
return $self->login_form if !$::form->{do_login};
|
||||
return if !$self->authenticate_root;
|
||||
return if !$self->check_auth_db_and_tables;
|
||||
return if $self->apply_dbupgrade_scripts;
|
||||
| 288111da | Moritz Bunkus | $self->redirect_to(action => 'show');
|
||
| d8ac0828 | Moritz Bunkus | }
|
||
sub action_logout {
|
||||
my ($self) = @_;
|
||||
$::auth->destroy_session;
|
||||
$self->redirect_to(action => 'login');
|
||||
}
|
||||
| 288111da | Moritz Bunkus | #
|
||
# actions: creating the authentication database & tables, applying database ugprades
|
||||
#
|
||||
| d8ac0828 | Moritz Bunkus | sub action_apply_dbupgrade_scripts {
|
||
my ($self) = @_;
|
||||
return if $self->apply_dbupgrade_scripts;
|
||||
| 288111da | Moritz Bunkus | $self->action_show;
|
||
| d8ac0828 | Moritz Bunkus | }
|
||
sub action_create_auth_db {
|
||||
my ($self) = @_;
|
||||
$::auth->create_database(superuser => $::form->{db_superuser},
|
||||
superuser_password => $::form->{db_superuser_password},
|
||||
template => $::form->{db_template});
|
||||
$self->check_auth_db_and_tables;
|
||||
}
|
||||
sub action_create_auth_tables {
|
||||
my ($self) = @_;
|
||||
$::auth->create_tables;
|
||||
$::auth->set_session_value('admin_password', $::lx_office_conf{authentication}->{admin_password});
|
||||
$::auth->create_or_refresh_session;
|
||||
my $group = (SL::DB::Manager::AuthGroup->get_all(limit => 1))[0];
|
||||
if (!$group) {
|
||||
SL::DB::AuthGroup->new(
|
||||
name => t8('Full Access'),
|
||||
description => t8('Full access to all functions'),
|
||||
rights => [ map { SL::DB::AuthGroupRight->new(right => $_, granted => 1) } SL::Auth::all_rights() ],
|
||||
)->save;
|
||||
}
|
||||
if (!$self->apply_dbupgrade_scripts) {
|
||||
$self->action_login;
|
||||
}
|
||||
}
|
||||
| 288111da | Moritz Bunkus | #
|
||
# actions: users
|
||||
#
|
||||
sub action_show {
|
||||
| d8ac0828 | Moritz Bunkus | my ($self) = @_;
|
||
$self->render(
|
||||
| 288111da | Moritz Bunkus | "admin/show",
|
||
| 69df38d3 | Moritz Bunkus | title => "kivitendo " . t8('Administration'),
|
||
| d8ac0828 | Moritz Bunkus | );
|
||
}
|
||||
| 288111da | Moritz Bunkus | sub action_new_user {
|
||
my ($self) = @_;
|
||||
$self->user(SL::DB::AuthUser->new(
|
||||
config_values => {
|
||||
vclimit => 200,
|
||||
countrycode => "de",
|
||||
numberformat => "1.000,00",
|
||||
dateformat => "dd.mm.yy",
|
||||
stylesheet => "kivitendo.css",
|
||||
menustyle => "neu",
|
||||
},
|
||||
));
|
||||
$self->edit_user_form(title => t8('Create a new user'));
|
||||
}
|
||||
sub action_edit_user {
|
||||
my ($self) = @_;
|
||||
$self->edit_user_form(title => t8('Edit User'));
|
||||
}
|
||||
sub action_save_user {
|
||||
my ($self) = @_;
|
||||
my $params = delete($::form->{user}) || { };
|
||||
my $props = delete($params->{config_values}) || { };
|
||||
my $is_new = !$params->{id};
|
||||
$self->user($is_new ? SL::DB::AuthUser->new : SL::DB::AuthUser->new(id => $params->{id})->load)
|
||||
->assign_attributes(%{ $params })
|
||||
->config_values({ %{ $self->user->config_values }, %{ $props } });
|
||||
my @errors = $self->user->validate;
|
||||
if (@errors) {
|
||||
flash('error', @errors);
|
||||
$self->edit_user_form(title => $is_new ? t8('Create a new user') : t8('Edit User'));
|
||||
return;
|
||||
}
|
||||
$self->user->save;
|
||||
if ($::auth->can_change_password && $::form->{new_password}) {
|
||||
$::auth->change_password($self->user->login, $::form->{new_password});
|
||||
}
|
||||
flash_later('info', $is_new ? t8('The user has been created.') : t8('The user has been saved.'));
|
||||
$self->redirect_to(action => 'show');
|
||||
}
|
||||
sub action_delete_user {
|
||||
my ($self) = @_;
|
||||
| f1a6f401 | Moritz Bunkus | my @clients = @{ $self->user->clients || [] };
|
||
| 288111da | Moritz Bunkus | if (!$self->user->delete) {
|
||
flash('error', t8('The user could not be deleted.'));
|
||||
$self->edit_user_form(title => t8('Edit User'));
|
||||
return;
|
||||
}
|
||||
| f1a6f401 | Moritz Bunkus | # Flag corresponding entries in 'employee' as deleted.
|
||
foreach my $client (@clients) {
|
||||
my $dbh = $client->dbconnect(AutoCommit => 1) || next;
|
||||
$dbh->do(qq|UPDATE employee SET deleted = TRUE WHERE login = ?|, undef, $self->user->login);
|
||||
$dbh->disconnect;
|
||||
}
|
||||
| 288111da | Moritz Bunkus | flash_later('info', t8('The user has been deleted.'));
|
||
$self->redirect_to(action => 'show');
|
||||
}
|
||||
| 9636227e | Moritz Bunkus | #
|
||
# actions: clients
|
||||
#
|
||||
sub action_new_client {
|
||||
my ($self) = @_;
|
||||
$self->client(SL::DB::AuthClient->new(
|
||||
dbhost => $::auth->{DB_config}->{host},
|
||||
dbport => $::auth->{DB_config}->{port},
|
||||
dbuser => $::auth->{DB_config}->{user},
|
||||
dbpasswd => $::auth->{DB_config}->{password},
|
||||
));
|
||||
$self->edit_client_form(title => t8('Create a new client'));
|
||||
}
|
||||
sub action_edit_client {
|
||||
my ($self) = @_;
|
||||
$self->edit_client_form(title => t8('Edit Client'));
|
||||
}
|
||||
sub action_save_client {
|
||||
my ($self) = @_;
|
||||
my $params = delete($::form->{client}) || { };
|
||||
my $is_new = !$params->{id};
|
||||
$self->client($is_new ? SL::DB::AuthClient->new : SL::DB::AuthClient->new(id => $params->{id})->load)->assign_attributes(%{ $params });
|
||||
my @errors = $self->client->validate;
|
||||
if (@errors) {
|
||||
flash('error', @errors);
|
||||
$self->edit_client_form(title => $is_new ? t8('Create a new client') : t8('Edit Client'));
|
||||
return;
|
||||
}
|
||||
$self->client->save;
|
||||
if ($self->client->is_default) {
|
||||
SL::DB::Manager::AuthClient->update_all(set => { is_default => 0 }, where => [ '!id' => $self->client->id ]);
|
||||
}
|
||||
flash_later('info', $is_new ? t8('The client has been created.') : t8('The client has been saved.'));
|
||||
$self->redirect_to(action => 'show');
|
||||
}
|
||||
sub action_delete_client {
|
||||
my ($self) = @_;
|
||||
if (!$self->client->delete) {
|
||||
flash('error', t8('The client could not be deleted.'));
|
||||
$self->edit_client_form(title => t8('Edit Client'));
|
||||
return;
|
||||
}
|
||||
flash_later('info', t8('The client has been deleted.'));
|
||||
$self->redirect_to(action => 'show');
|
||||
}
|
||||
sub action_test_database_connectivity {
|
||||
my ($self) = @_;
|
||||
my %cfg = %{ $::form->{client} || {} };
|
||||
my $dbconnect = 'dbi:Pg:dbname=' . $cfg{dbname} . ';host=' . $cfg{dbhost} . ';port=' . $cfg{dbport};
|
||||
my $dbh = DBI->connect($dbconnect, $cfg{dbuser}, $cfg{dbpasswd});
|
||||
my $ok = !!$dbh;
|
||||
my $error = $DBI::errstr;
|
||||
$dbh->disconnect if $dbh;
|
||||
$self->render('admin/test_db_connection',
|
||||
title => t8('Database Connection Test'),
|
||||
ok => $ok,
|
||||
error => $error);
|
||||
}
|
||||
| 69df38d3 | Moritz Bunkus | #
|
||
# actions: groups
|
||||
#
|
||||
sub action_new_group {
|
||||
my ($self) = @_;
|
||||
$self->group(SL::DB::AuthGroup->new);
|
||||
$self->edit_group_form(title => t8('Create a new group'));
|
||||
}
|
||||
sub action_edit_group {
|
||||
my ($self) = @_;
|
||||
$self->edit_group_form(title => t8('Edit User Group'));
|
||||
}
|
||||
sub action_save_group {
|
||||
my ($self) = @_;
|
||||
my $params = delete($::form->{group}) || { };
|
||||
my $is_new = !$params->{id};
|
||||
$self->group($is_new ? SL::DB::AuthGroup->new : SL::DB::AuthGroup->new(id => $params->{id})->load)->assign_attributes(%{ $params });
|
||||
my @errors = $self->group->validate;
|
||||
if (@errors) {
|
||||
flash('error', @errors);
|
||||
$self->edit_group_form(title => $is_new ? t8('Create a new user group') : t8('Edit User Group'));
|
||||
return;
|
||||
}
|
||||
$self->group->save;
|
||||
flash_later('info', $is_new ? t8('The user group has been created.') : t8('The user group has been saved.'));
|
||||
$self->redirect_to(action => 'show');
|
||||
}
|
||||
sub action_delete_group {
|
||||
my ($self) = @_;
|
||||
if (!$self->group->delete) {
|
||||
flash('error', t8('The user group could not be deleted.'));
|
||||
$self->edit_group_form(title => t8('Edit User Group'));
|
||||
return;
|
||||
}
|
||||
flash_later('info', t8('The user group has been deleted.'));
|
||||
$self->redirect_to(action => 'show');
|
||||
}
|
||||
| 8b34d295 | Moritz Bunkus | #
|
||
# actions: printers
|
||||
#
|
||||
sub action_list_printers {
|
||||
my ($self) = @_;
|
||||
$self->render('admin/list_printers', title => t8('Printer management'));
|
||||
}
|
||||
sub action_new_printer {
|
||||
my ($self) = @_;
|
||||
$self->printer(SL::DB::Printer->new);
|
||||
$self->edit_printer_form(title => t8('Create a new printer'));
|
||||
}
|
||||
sub action_edit_printer {
|
||||
my ($self) = @_;
|
||||
$self->edit_printer_form(title => t8('Edit Printer'));
|
||||
}
|
||||
sub action_save_printer {
|
||||
my ($self) = @_;
|
||||
my $params = delete($::form->{printer}) || { };
|
||||
my $is_new = !$params->{id};
|
||||
$self->printer($is_new ? SL::DB::Printer->new : SL::DB::Printer->new(id => $params->{id})->load)->assign_attributes(%{ $params });
|
||||
my @errors = $self->printer->validate;
|
||||
if (@errors) {
|
||||
flash('error', @errors);
|
||||
$self->edit_printer_form(title => $is_new ? t8('Create a new printer') : t8('Edit Printer'));
|
||||
return;
|
||||
}
|
||||
$self->printer->save;
|
||||
flash_later('info', $is_new ? t8('The printer has been created.') : t8('The printer has been saved.'));
|
||||
$self->redirect_to(action => 'list_printers', 'client.id' => $self->client->id);
|
||||
}
|
||||
sub action_delete_printer {
|
||||
my ($self) = @_;
|
||||
if (!$self->printer->delete) {
|
||||
flash('error', t8('The printer could not be deleted.'));
|
||||
$self->edit_printer_form(title => t8('Edit Printer'));
|
||||
return;
|
||||
}
|
||||
flash_later('info', t8('The printer has been deleted.'));
|
||||
$self->redirect_to(action => 'list_printers', 'client.id' => $self->client->id);
|
||||
}
|
||||
| 288111da | Moritz Bunkus | #
|
||
# actions: locking, unlocking
|
||||
#
|
||||
| d8ac0828 | Moritz Bunkus | sub action_unlock_system {
|
||
my ($self) = @_;
|
||||
| 66c08b64 | Moritz Bunkus | |||
SL::System::InstallationLock->unlock;
|
||||
| d8ac0828 | Moritz Bunkus | flash_later('info', t8('Lockfile removed!'));
|
||
| 288111da | Moritz Bunkus | $self->redirect_to(action => 'show');
|
||
| d8ac0828 | Moritz Bunkus | }
|
||
sub action_lock_system {
|
||||
my ($self) = @_;
|
||||
| 66c08b64 | Moritz Bunkus | SL::System::InstallationLock->unlock;
|
||
flash_later('info', t8('Lockfile created!'));
|
||||
$self->redirect_to(action => 'show');
|
||||
| d8ac0828 | Moritz Bunkus | }
|
||
#
|
||||
# initializers
|
||||
#
|
||||
| 8b34d295 | Moritz Bunkus | sub init_db_cfg { $::lx_office_conf{'authentication/database'} }
|
||
| 66c08b64 | Moritz Bunkus | sub init_is_locked { SL::System::InstallationLock->is_locked }
|
||
| 8b34d295 | Moritz Bunkus | sub init_client { SL::DB::Manager::AuthClient->find_by(id => ($::form->{id} || ($::form->{client} || {})->{id})) }
|
||
sub init_user { SL::DB::AuthUser ->new(id => ($::form->{id} || ($::form->{user} || {})->{id}))->load }
|
||||
sub init_group { SL::DB::AuthGroup ->new(id => ($::form->{id} || ($::form->{group} || {})->{id}))->load }
|
||||
sub init_printer { SL::DB::Printer ->new(id => ($::form->{id} || ($::form->{printer} || {})->{id}))->load }
|
||||
sub init_all_clients { SL::DB::Manager::AuthClient->get_all_sorted }
|
||||
sub init_all_users { SL::DB::Manager::AuthUser ->get_all_sorted }
|
||||
sub init_all_groups { SL::DB::Manager::AuthGroup ->get_all_sorted }
|
||||
sub init_all_printers { SL::DB::Manager::Printer ->get_all_sorted }
|
||||
sub init_all_dateformats { [ qw(mm/dd/yy dd/mm/yy dd.mm.yy yyyy-mm-dd) ] }
|
||||
sub init_all_numberformats { [ qw(1,000.00 1000.00 1.000,00 1000,00) ] }
|
||||
sub init_all_stylesheets { [ qw(lx-office-erp.css Mobile.css kivitendo.css) ] }
|
||||
| 288111da | Moritz Bunkus | sub init_all_menustyles {
|
||
return [
|
||||
{ id => 'old', title => $::locale->text('Old (on the side)') },
|
||||
{ id => 'v3', title => $::locale->text('Top (CSS)') },
|
||||
{ id => 'neu', title => $::locale->text('Top (Javascript)') },
|
||||
];
|
||||
}
|
||||
| 69df38d3 | Moritz Bunkus | sub init_all_rights {
|
||
my (@sections, $current_section);
|
||||
foreach my $entry ($::auth->all_rights_full) {
|
||||
if ($entry->[0] =~ m/^--/) {
|
||||
push @sections, { description => $entry->[1], rights => [] };
|
||||
} elsif (@sections) {
|
||||
push @{ $sections[-1]->{rights} }, {
|
||||
name => $entry->[0],
|
||||
description => $entry->[1],
|
||||
};
|
||||
} else {
|
||||
die "Right without sections: " . join('::', @{ $entry });
|
||||
}
|
||||
}
|
||||
return \@sections;
|
||||
}
|
||||
| 288111da | Moritz Bunkus | sub init_all_countrycodes {
|
||
my %cc = User->country_codes;
|
||||
return [ map { id => $_, title => $cc{$_} }, sort { $cc{$a} cmp $cc{$b} } keys %cc ];
|
||||
}
|
||||
| d8ac0828 | Moritz Bunkus | |||
#
|
||||
# filters
|
||||
#
|
||||
sub setup_layout {
|
||||
my ($self, $action) = @_;
|
||||
$::request->layout(SL::Layout::Dispatcher->new(style => 'admin'));
|
||||
$::request->layout->use_stylesheet("lx-office-erp.css");
|
||||
$::form->{favicon} = "favicon.ico";
|
||||
}
|
||||
| 8b34d295 | Moritz Bunkus | sub setup_client {
|
||
my ($self) = @_;
|
||||
$self->client((first { $_->is_default } @{ $self->all_clients }) || $self->all_clients->[0]) if !$self->client;
|
||||
$::auth->set_client($self->client->id);
|
||||
}
|
||||
| d8ac0828 | Moritz Bunkus | #
|
||
| 288111da | Moritz Bunkus | # displaying forms
|
||
| d8ac0828 | Moritz Bunkus | #
|
||
| 69df38d3 | Moritz Bunkus | sub use_multiselect_js {
|
||
my ($self) = @_;
|
||||
$::request->layout->use_javascript("${_}.js") for qw(jquery.selectboxes jquery.multiselect2side);
|
||||
return $self;
|
||||
}
|
||||
| d8ac0828 | Moritz Bunkus | sub login_form {
|
||
my ($self, %params) = @_;
|
||||
$::request->layout->focus('#admin_password');
|
||||
| d3160c04 | Moritz Bunkus | $self->render('admin/adminlogin', title => t8('kivitendo v#1 administration', $::form->read_version), %params);
|
||
| d8ac0828 | Moritz Bunkus | }
|
||
| 288111da | Moritz Bunkus | sub edit_user_form {
|
||
my ($self, %params) = @_;
|
||||
| 69df38d3 | Moritz Bunkus | $self->use_multiselect_js->render('admin/edit_user', %params);
|
||
| 288111da | Moritz Bunkus | }
|
||
| 9636227e | Moritz Bunkus | sub edit_client_form {
|
||
my ($self, %params) = @_;
|
||||
| 69df38d3 | Moritz Bunkus | $self->use_multiselect_js->render('admin/edit_client', %params);
|
||
}
|
||||
| 9636227e | Moritz Bunkus | |||
| 69df38d3 | Moritz Bunkus | sub edit_group_form {
|
||
my ($self, %params) = @_;
|
||||
$self->use_multiselect_js->render('admin/edit_group', %params);
|
||||
| 9636227e | Moritz Bunkus | }
|
||
| 8b34d295 | Moritz Bunkus | sub edit_printer_form {
|
||
my ($self, %params) = @_;
|
||||
$self->render('admin/edit_printer', %params);
|
||||
}
|
||||
| 288111da | Moritz Bunkus | #
|
||
# helpers
|
||||
#
|
||||
| d8ac0828 | Moritz Bunkus | sub check_auth_db_and_tables {
|
||
my ($self) = @_;
|
||||
if (!$::auth->check_database) {
|
||||
$self->render('admin/check_auth_database', title => t8('Authentification database creation'));
|
||||
return 0;
|
||||
}
|
||||
if (!$::auth->check_tables) {
|
||||
$self->render('admin/check_auth_tables', title => t8('Authentification tables creation'));
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
sub apply_dbupgrade_scripts {
|
||||
| 90bb521a | Moritz Bunkus | return SL::DBUpgrade2->new(form => $::form, auth => 1)->apply_admin_dbupgrade_scripts(1);
|
||
| d8ac0828 | Moritz Bunkus | }
|
||
sub authenticate_root {
|
||||
my ($self) = @_;
|
||||
return 1 if $::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK();
|
||||
$::auth->punish_wrong_login;
|
||||
$::auth->delete_session_value('admin_password');
|
||||
| 0afeb736 | Moritz Bunkus | $self->login_form(error => t8('Incorrect password!'));
|
||
| d8ac0828 | Moritz Bunkus | |||
return undef;
|
||||
}
|
||||
1;
|