line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package CallBackery::GuiPlugin::UserForm; |
2
|
1
|
|
|
1
|
|
996
|
use Mojo::Base 'CallBackery::GuiPlugin::AbstractForm'; |
|
1
|
|
|
|
|
3
|
|
|
1
|
|
|
|
|
6
|
|
3
|
1
|
|
|
1
|
|
78
|
use CallBackery::Translate qw(trm); |
|
1
|
|
|
|
|
4
|
|
|
1
|
|
|
|
|
53
|
|
4
|
1
|
|
|
1
|
|
6
|
use CallBackery::Exception qw(mkerror); |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
44
|
|
5
|
1
|
|
|
1
|
|
7
|
use Mojo::Util qw(hmac_sha1_sum); |
|
1
|
|
|
|
|
1
|
|
|
1
|
|
|
|
|
44
|
|
6
|
1
|
|
|
1
|
|
9
|
use Mojo::JSON qw(true false); |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
1918
|
|
7
|
|
|
|
|
|
|
|
8
|
|
|
|
|
|
|
=head1 NAME |
9
|
|
|
|
|
|
|
|
10
|
|
|
|
|
|
|
CallBackery::GuiPlugin::UserForm - UserForm Plugin |
11
|
|
|
|
|
|
|
|
12
|
|
|
|
|
|
|
=head1 SYNOPSIS |
13
|
|
|
|
|
|
|
|
14
|
|
|
|
|
|
|
use CallBackery::GuiPlugin::UserForm; |
15
|
|
|
|
|
|
|
|
16
|
|
|
|
|
|
|
=head1 DESCRIPTION |
17
|
|
|
|
|
|
|
|
18
|
|
|
|
|
|
|
The UserForm Plugin. |
19
|
|
|
|
|
|
|
|
20
|
|
|
|
|
|
|
=cut |
21
|
|
|
|
|
|
|
|
22
|
|
|
|
|
|
|
|
23
|
|
|
|
|
|
|
=head1 PROPERTIES |
24
|
|
|
|
|
|
|
|
25
|
|
|
|
|
|
|
All the methods of L plus: |
26
|
|
|
|
|
|
|
|
27
|
|
|
|
|
|
|
=cut |
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
=head2 formCfg |
30
|
|
|
|
|
|
|
|
31
|
|
|
|
|
|
|
Returns a Configuration Structure for the Report Frontend Module. |
32
|
|
|
|
|
|
|
|
33
|
|
|
|
|
|
|
=cut |
34
|
|
|
|
|
|
|
|
35
|
|
|
|
|
|
|
my $DUMMY_PASSWORD = '>>NOt REALly a PaSSwoRd<<'; |
36
|
|
|
|
|
|
|
|
37
|
|
|
|
|
|
|
has formCfg => sub { |
38
|
|
|
|
|
|
|
my $self = shift; |
39
|
|
|
|
|
|
|
|
40
|
|
|
|
|
|
|
if ($self->config->{type} eq 'edit' and not $self->args->{selection}{cbuser_id}){ |
41
|
|
|
|
|
|
|
return [{ |
42
|
|
|
|
|
|
|
label => trm('Error'), |
43
|
|
|
|
|
|
|
widget => 'header', |
44
|
|
|
|
|
|
|
note => trm('No user selected.') |
45
|
|
|
|
|
|
|
}]; |
46
|
|
|
|
|
|
|
} |
47
|
|
|
|
|
|
|
return [ |
48
|
|
|
|
|
|
|
$self->config->{type} eq 'edit' ? { |
49
|
|
|
|
|
|
|
key => 'cbuser_id', |
50
|
|
|
|
|
|
|
label => trm('UserId'), |
51
|
|
|
|
|
|
|
widget => 'hiddenText', |
52
|
|
|
|
|
|
|
set => { |
53
|
|
|
|
|
|
|
readOnly => true, |
54
|
|
|
|
|
|
|
}, |
55
|
|
|
|
|
|
|
} : (), |
56
|
|
|
|
|
|
|
|
57
|
|
|
|
|
|
|
{ |
58
|
|
|
|
|
|
|
key => 'cbuser_login', |
59
|
|
|
|
|
|
|
label => trm('Username'), |
60
|
|
|
|
|
|
|
widget => 'text', |
61
|
|
|
|
|
|
|
set => { |
62
|
|
|
|
|
|
|
required => true, |
63
|
|
|
|
|
|
|
readOnly => $self->user->may('admin') ? false : true |
64
|
|
|
|
|
|
|
}, |
65
|
|
|
|
|
|
|
}, |
66
|
|
|
|
|
|
|
{ |
67
|
|
|
|
|
|
|
key => 'cbuser_password', |
68
|
|
|
|
|
|
|
label => trm('Password'), |
69
|
|
|
|
|
|
|
widget => 'password', |
70
|
|
|
|
|
|
|
set => { |
71
|
|
|
|
|
|
|
required => true, |
72
|
|
|
|
|
|
|
}, |
73
|
|
|
|
|
|
|
}, |
74
|
|
|
|
|
|
|
{ |
75
|
|
|
|
|
|
|
key => 'cbuser_password_check', |
76
|
|
|
|
|
|
|
label => trm('Password Again'), |
77
|
|
|
|
|
|
|
widget => 'password', |
78
|
|
|
|
|
|
|
set => { |
79
|
|
|
|
|
|
|
required => true, |
80
|
|
|
|
|
|
|
}, |
81
|
|
|
|
|
|
|
}, |
82
|
|
|
|
|
|
|
|
83
|
|
|
|
|
|
|
{ |
84
|
|
|
|
|
|
|
key => 'cbuser_given', |
85
|
|
|
|
|
|
|
label => trm('Given Name'), |
86
|
|
|
|
|
|
|
widget => 'text', |
87
|
|
|
|
|
|
|
set => { |
88
|
|
|
|
|
|
|
required => true, |
89
|
|
|
|
|
|
|
readOnly => $self->user->may('admin') ? false : true |
90
|
|
|
|
|
|
|
}, |
91
|
|
|
|
|
|
|
}, |
92
|
|
|
|
|
|
|
{ |
93
|
|
|
|
|
|
|
key => 'cbuser_family', |
94
|
|
|
|
|
|
|
label => trm('Family Name'), |
95
|
|
|
|
|
|
|
widget => 'text', |
96
|
|
|
|
|
|
|
set => { |
97
|
|
|
|
|
|
|
required => true, |
98
|
|
|
|
|
|
|
readOnly => $self->user->may('admin') ? false : true |
99
|
|
|
|
|
|
|
} |
100
|
|
|
|
|
|
|
}, |
101
|
|
|
|
|
|
|
$self->user->may('admin') ? ( |
102
|
|
|
|
|
|
|
{ |
103
|
|
|
|
|
|
|
key => 'cbuser_note', |
104
|
|
|
|
|
|
|
label => trm('Note'), |
105
|
|
|
|
|
|
|
widget => 'textArea', |
106
|
|
|
|
|
|
|
set => { |
107
|
|
|
|
|
|
|
placeholder => 'some extra information about this user', |
108
|
|
|
|
|
|
|
} |
109
|
|
|
|
|
|
|
} ) : (), |
110
|
|
|
|
|
|
|
@{$self->rightsCheckBoxes} |
111
|
|
|
|
|
|
|
]; |
112
|
|
|
|
|
|
|
}; |
113
|
|
|
|
|
|
|
|
114
|
|
|
|
|
|
|
has rightsCheckBoxes => sub { |
115
|
|
|
|
|
|
|
my $self = shift; |
116
|
|
|
|
|
|
|
return [] if not $self->user->may('admin'); |
117
|
|
|
|
|
|
|
my $db = $self->user->mojoSqlDb; |
118
|
|
|
|
|
|
|
my $rightTbl= $db->dbh->quote_identifier('cbright'); |
119
|
|
|
|
|
|
|
my $rights = $db->dbh->selectall_arrayref(<<"SQL",{Slice => {}}); |
120
|
|
|
|
|
|
|
SELECT cbright_id,cbright_label FROM $rightTbl |
121
|
|
|
|
|
|
|
SQL |
122
|
|
|
|
|
|
|
my @checkboxes = { |
123
|
|
|
|
|
|
|
widget => 'header', |
124
|
|
|
|
|
|
|
label => 'Permissions' |
125
|
|
|
|
|
|
|
}; |
126
|
|
|
|
|
|
|
my $adminId = $self->user->db->lookUp('cbright','key','admin'); |
127
|
|
|
|
|
|
|
|
128
|
|
|
|
|
|
|
for (sort {$a->{cbright_label} cmp $b->{cbright_label}} @$rights){ |
129
|
|
|
|
|
|
|
push @checkboxes, |
130
|
|
|
|
|
|
|
{ |
131
|
|
|
|
|
|
|
key => 'cbright_id_'.$_->{cbright_id}, |
132
|
|
|
|
|
|
|
widget => 'checkBox', |
133
|
|
|
|
|
|
|
label => $_->{cbright_label}, |
134
|
|
|
|
|
|
|
} |
135
|
|
|
|
|
|
|
} |
136
|
|
|
|
|
|
|
return \@checkboxes; |
137
|
|
|
|
|
|
|
}; |
138
|
|
|
|
|
|
|
|
139
|
|
|
|
|
|
|
|
140
|
|
|
|
|
|
|
has actionCfg => sub { |
141
|
|
|
|
|
|
|
my $self = shift; |
142
|
|
|
|
|
|
|
my $mode = $self->config->{mode} // 'default'; |
143
|
|
|
|
|
|
|
my $type = $self->config->{type} // 'new'; |
144
|
|
|
|
|
|
|
|
145
|
|
|
|
|
|
|
my $handler = sub { |
146
|
|
|
|
|
|
|
my $self = shift; |
147
|
|
|
|
|
|
|
my $args = shift; |
148
|
|
|
|
|
|
|
my $admin = ($self->user->may('admin') or $mode eq 'init'); |
149
|
|
|
|
|
|
|
|
150
|
|
|
|
|
|
|
my @fields = $admin ? (qw(login family given note)) : (); |
151
|
|
|
|
|
|
|
my $itsMine = $args->{cbuser_id} == $self->user->userId; |
152
|
|
|
|
|
|
|
die mkerror(2847,trm("You can only edit your own stuff unless you have admin permissions.")) |
153
|
|
|
|
|
|
|
unless $admin or $itsMine; |
154
|
|
|
|
|
|
|
|
155
|
|
|
|
|
|
|
if ($args->{cbuser_password} ne $DUMMY_PASSWORD){ |
156
|
|
|
|
|
|
|
die mkerror(2847,trm("The password instances did not match.")) |
157
|
|
|
|
|
|
|
if $args->{cbuser_password} ne $args->{cbuser_password_check}; |
158
|
|
|
|
|
|
|
push @fields, 'password'; |
159
|
|
|
|
|
|
|
} |
160
|
|
|
|
|
|
|
|
161
|
|
|
|
|
|
|
$args->{cbuser_password} = hmac_sha1_sum($args->{cbuser_password}); |
162
|
|
|
|
|
|
|
my $db = $self->user->db; |
163
|
|
|
|
|
|
|
|
164
|
|
|
|
|
|
|
$args->{cbuser_id} = $db->updateOrInsertData('cbuser',{ |
165
|
|
|
|
|
|
|
map { $_ => $args->{'cbuser_'.$_} } @fields |
166
|
|
|
|
|
|
|
},$args->{cbuser_id} ? { id => int($args->{cbuser_id}) } : ()); |
167
|
|
|
|
|
|
|
|
168
|
|
|
|
|
|
|
|
169
|
|
|
|
|
|
|
my $adminId = $db->fetchValue('cbright',{key=>'admin'},'id'); |
170
|
|
|
|
|
|
|
if ($admin){ |
171
|
|
|
|
|
|
|
for (keys %$args){ |
172
|
|
|
|
|
|
|
next if not /^cbright_id_(\d+)$/; |
173
|
|
|
|
|
|
|
my $right_id = $1; |
174
|
|
|
|
|
|
|
my $match = { |
175
|
|
|
|
|
|
|
cbuser => $args->{cbuser_id}, |
176
|
|
|
|
|
|
|
cbright => $right_id |
177
|
|
|
|
|
|
|
}; |
178
|
|
|
|
|
|
|
# in init mode the user gets admin ... always |
179
|
|
|
|
|
|
|
if ($args->{$_} |
180
|
|
|
|
|
|
|
or ( $mode eq 'init' and $right_id == $adminId ) |
181
|
|
|
|
|
|
|
or ( $itsMine and $right_id == $adminId ) |
182
|
|
|
|
|
|
|
){ |
183
|
|
|
|
|
|
|
$db->updateOrInsertData('cbuserright',$match,$match); |
184
|
|
|
|
|
|
|
} |
185
|
|
|
|
|
|
|
else { |
186
|
|
|
|
|
|
|
$db->deleteDataWhere('cbuserright',$match); |
187
|
|
|
|
|
|
|
} |
188
|
|
|
|
|
|
|
} |
189
|
|
|
|
|
|
|
} |
190
|
|
|
|
|
|
|
|
191
|
|
|
|
|
|
|
if ($self->controller and $self->controller->can('runEventActions')){ |
192
|
|
|
|
|
|
|
$self->controller->runEventActions('changeConfig'); |
193
|
|
|
|
|
|
|
} |
194
|
|
|
|
|
|
|
return { |
195
|
|
|
|
|
|
|
action => $mode eq 'init' ? 'logout' : 'dataSaved' |
196
|
|
|
|
|
|
|
}; |
197
|
|
|
|
|
|
|
}; |
198
|
|
|
|
|
|
|
|
199
|
|
|
|
|
|
|
return [ |
200
|
|
|
|
|
|
|
{ |
201
|
|
|
|
|
|
|
label => $mode eq 'init' |
202
|
|
|
|
|
|
|
? trm('Create Admin Account') |
203
|
|
|
|
|
|
|
: $type eq 'edit' |
204
|
|
|
|
|
|
|
? trm('Save Changes') |
205
|
|
|
|
|
|
|
: trm('Add User'), |
206
|
|
|
|
|
|
|
action => 'submit', |
207
|
|
|
|
|
|
|
key => 'save', |
208
|
|
|
|
|
|
|
actionHandler => $handler |
209
|
|
|
|
|
|
|
} |
210
|
|
|
|
|
|
|
]; |
211
|
|
|
|
|
|
|
}; |
212
|
|
|
|
|
|
|
|
213
|
|
|
|
|
|
|
has grammar => sub { |
214
|
|
|
|
|
|
|
my $self = shift; |
215
|
|
|
|
|
|
|
$self->mergeGrammar( |
216
|
|
|
|
|
|
|
$self->SUPER::grammar, |
217
|
|
|
|
|
|
|
{ |
218
|
|
|
|
|
|
|
_doc => "User Form Configuration", |
219
|
|
|
|
|
|
|
_vars => [ qw(type mode) ], |
220
|
|
|
|
|
|
|
type => { |
221
|
|
|
|
|
|
|
_doc => 'type of form to show: edit, add', |
222
|
|
|
|
|
|
|
_re => '(edit|add)' |
223
|
|
|
|
|
|
|
}, |
224
|
|
|
|
|
|
|
mode => { |
225
|
|
|
|
|
|
|
_doc => 'In init mode the for will run for the __ROOT user and thus allow the creation of the initial account', |
226
|
|
|
|
|
|
|
_re => '(init|default)', |
227
|
|
|
|
|
|
|
_re_error => 'Pick one of init or default', |
228
|
|
|
|
|
|
|
_default => 'default' |
229
|
|
|
|
|
|
|
} |
230
|
|
|
|
|
|
|
}, |
231
|
|
|
|
|
|
|
); |
232
|
|
|
|
|
|
|
}; |
233
|
|
|
|
|
|
|
|
234
|
|
|
|
|
|
|
has checkAccess => sub { |
235
|
|
|
|
|
|
|
my $self = shift; |
236
|
|
|
|
|
|
|
my $userId = $self->user->userId; |
237
|
|
|
|
|
|
|
my $mode = $self->config->{mode} // 'default'; |
238
|
|
|
|
|
|
|
if ($mode eq 'init'){ |
239
|
|
|
|
|
|
|
return ($userId and $userId eq '__ROOT'); |
240
|
|
|
|
|
|
|
} |
241
|
|
|
|
|
|
|
return $self->user; |
242
|
|
|
|
|
|
|
}; |
243
|
|
|
|
|
|
|
|
244
|
|
|
|
|
|
|
=head1 METHODS |
245
|
|
|
|
|
|
|
|
246
|
|
|
|
|
|
|
All the methods of L plus: |
247
|
|
|
|
|
|
|
|
248
|
|
|
|
|
|
|
=cut |
249
|
|
|
|
|
|
|
|
250
|
|
|
|
|
|
|
|
251
|
|
|
|
|
|
|
sub getAllFieldValues { |
252
|
0
|
|
|
0
|
1
|
|
my $self = shift; |
253
|
0
|
|
|
|
|
|
my $args = shift; |
254
|
0
|
0
|
|
|
|
|
return {} if $self->config->{type} ne 'edit'; |
255
|
0
|
|
0
|
|
|
|
my $id = $args->{selection}{cbuser_id} // $self->user->userId; |
256
|
|
|
|
|
|
|
|
257
|
0
|
0
|
|
|
|
|
return {} unless $id; |
258
|
|
|
|
|
|
|
|
259
|
0
|
0
|
0
|
|
|
|
die mkerror(2847,"You can only edit your own stuff unless you have admin permissions.") |
260
|
|
|
|
|
|
|
if not ( $self->user->may('admin') or $id == $self->user->userId ); |
261
|
|
|
|
|
|
|
|
262
|
0
|
|
|
|
|
|
my $data = $self->user->db->fetchRow('cbuser',{id => $id}); |
263
|
0
|
|
|
|
|
|
$data->{cbuser_password} = $DUMMY_PASSWORD; |
264
|
0
|
|
|
|
|
|
$data->{cbuser_password_check} = $DUMMY_PASSWORD; |
265
|
0
|
|
|
|
|
|
my $db = $self->user->mojoSqlDb; |
266
|
0
|
|
|
|
|
|
my $rightTbl= $db->dbh->quote_identifier('cbright'); |
267
|
0
|
|
|
|
|
|
my $rights = $db->dbh->selectall_arrayref(<<"SQL",{Slice => {}}, $id); |
268
|
|
|
|
|
|
|
SELECT cbright_id, cbuserright_id IS NOT NULL as value |
269
|
|
|
|
|
|
|
FROM $rightTbl LEFT JOIN cbuserright ON (cbright_id = cbuserright_cbright AND cbuserright_cbuser = ?) |
270
|
|
|
|
|
|
|
SQL |
271
|
0
|
|
|
|
|
|
for (@$rights){ |
272
|
0
|
0
|
|
|
|
|
$data->{'cbright_id_'.$_->{cbright_id}} = $_->{value} ? 1 : 0; |
273
|
|
|
|
|
|
|
} |
274
|
|
|
|
|
|
|
|
275
|
0
|
|
|
|
|
|
return $data; |
276
|
|
|
|
|
|
|
} |
277
|
|
|
|
|
|
|
|
278
|
|
|
|
|
|
|
1; |
279
|
|
|
|
|
|
|
__END__ |