change autorisation table

index.html

@@ -31,7 +31,6 @@
    <ul id="table_selection_tabs">
     <li class="nav tab_02"><a href="/bio_inv" title="Tabelle Geraete, Anlagen, Material"> Inventar </a></li>
     <li class="nav tab_02"><a href="/bio_chem" title="Tabelle Chemiestoffe"> Chemiestoffe </a></li>
-    <li class="nav tab_02"><a href="/bio_eln" title="Elektronisches Laborbuch"> Laborbuch </a></li>
    </ul>
    <div id="contentActionsWrapper" class="dataface-view-section rel_02" style="padding: 4px;">
     <h3> BIO </h3></div>

master/tables/list_reiter/list_reiter.php

@@ -23,7 +23,7 @@ class tables_list_reiter {
     $auth =& Dataface_AuthenticationTool::getInstance();
     $user =& $auth->getLoggedInUser();
     if ( !isset($user) ) return Dataface_PermissionsTool::NO_ACCESS();
-    $role = $user->val('role'); // get Role from mpi_users
+    $role = $user->val('role'); // get Role from sys_user
     if ( $role == 'MANAGER' or $role == 'ADMIN') return;
     return Dataface_PermissionsTool::getRolePermissions('READ ONLY');
   }

master/tables/list_reiter/list_reiter.sql

@@ -16,7 +16,7 @@ INSERT INTO `list_reiter` (`autoID`, `reiter`, `kategorie`, `favorit`, `history`
 (000002, 'tab_tabelle2', 'Haupttabelle', 1, 1, 'Haupttabelle 2'),
 (000003, 'list_katReiter', 'Liste', 0, 0, 'Zugehoerigkeit DB-Tabellen'),
 (000004, 'list_reiter', 'Liste', 0, 0, 'Sammelcontainer fuer Tabbutton "mehr .."'),
-(000005, 'mpi_users', 'Autorisierung', 1, 0, 'Autorisierung und Berechtigung Benutzer'),
+(000005, 'sys_user', 'Autorisierung', 1, 0, 'Autorisierung und Berechtigung Benutzer'),
 (000006, 'view_user', 'View', 0, 0, 'Auswahl Benutzer aus DB user'),
 (000007, 'view_favorit', 'Programmierung', 0, 0, 'Für den schnelleren Zugriff unter dem Menüpunkt ''Favorit'),
 (000008, 'view_reiter', 'Programmierung', 0, 0, 'Hole alle Tabellen von Datenbank von mysql');

master/tables/list_role/list_role.php

@@ -7,7 +7,7 @@ class tables_list_role {
     $auth =& Dataface_AuthenticationTool::getInstance();
     $user =& $auth->getLoggedInUser();
     if ( !isset($user) ) return Dataface_PermissionsTool::NO_ACCESS();
-    $role = $user->val('role'); // get Role from mpi_users
+    $role = $user->val('role'); // get Role from sys_user
     if ( $role == 'MANAGER' or $role == 'ADMIN') return;
     return Dataface_PermissionsTool::getRolePermissions('READ ONLY');
   }

master/tables/sys_user/fields.ini

@@ -18,14 +18,15 @@ vocabulary = user
 ;validators:lettersonly:message = "Username: Only letter here allowed"
 widget:label = "Login"
 column:legend = "User [Ext.]"
-widget:description = "Daten von User-DB (view_user oder fields.ini ggf. anpassen)"
+widget:description = "Daten von User-DB (view_user). Ggfs. in sys_user/fields.ini anpassen."
 order = 20
 
-;[password]
-;encryption = "sha1"
-;widget:description = "Is empty, the last saved password will not be overwritten"
-;validators:regex = "/^.{8,31}$/"
-;validators:regex:message = "Password: Must be between 8 and 31 characters long"
+;nur fuer lokale Anmeldung wichtig
+[password]
+encryption = "sha1"
+widget:description = "Is empty, the last saved password will not be overwritten"
+validators:regex = "/^.{8,31}$/"
+validators:regex:message = "Password: Must be between 8 and 31 characters long"
 order = 30
 
 [email]

master/tables/sys_user/sys_user.sh

@@ -4,9 +4,8 @@
 # schachi 2018-07-30
 #
 # Requirements:
-#  - old exists and new not yet
-#  - cursor stand on database root (where conf.ini exists)
-
+#  - old mpi_users exists and new sys_user not yet
+#  - parameter path show root of database (where conf.ini exists)
 
   help="Execute:\t'$0 <path-to-db>' OR direct in root folder of database"
 
@@ -25,6 +24,9 @@
  
   conf="conf.ini"
   auth="sys_user"
+  role="list_role"
+  colo="custom.css"
+  view="view_user"
 
   if [[ ! -w $conf ]]; then
     echo -e "ERROR:\t'$conf' not found or not writable. Not a root folder of database."
@@ -39,35 +41,74 @@
   if [[ -z $ok ]]; then ok="n"; fi
   if [[ $ok != "y" ]]; then exit 0; fi
 
-  # step conf.ini
-  echo -e " STEP[1]:\tChange parameter in section [_auth] in '$conf'"
-  echo -e "\tBEFORE:\t$(egrep '^users_table' $conf) ; $(egrep '^username_column' $conf)"
+  # step - check if view_user used as vocabulary
+  echo -e " STEP[1]:\tCheck if old view '$view' used in program codes"
+  if [[ $(grep -rv '^;' tables | grep view_user | grep localID) ]]; then
+    echo -e "\tBEFORE:"
+    echo "$(grep -rv '^;' tables | grep -B1 view_user | grep -B1 localID)"
+    echo -e "\tWARNING:\tOld view '$view' use in program code. Please fix manuell as first like this 'SELECT login, sort FROM view_user'"
+    echo -en " Ignore ? (y/[n]) : "
+    read ok
+    if [[ -z $ok ]]; then ok="n"; fi
+    if [[ $ok != "y" ]]; then exit 0; fi
+  else
+    echo -e "\tINFO:\t\told view '$view' not use in program code"
+  fi
+
+  # step - conf.ini
+  echo -e " STEP[2]:\tChange parameter in section [_auth] in '$conf'"
+  echo -e "\tBEFORE1:\t$(egrep '^users_table' $conf)"
+  echo -e "\tBEFORE2:\t$(egrep '^username_column' $conf)"
   sed -i 's/^users_table = "mpi_users"/users_table = "sys_user"/' $conf
   sed -i 's/^username_column = "username"/username_column = "login"/' $conf
-  echo -e "\tAFTER:\t$(egrep '^users_table' $conf) ; $(egrep '^username_column' $conf)"
+  echo -e "\tAFTER1:\t\t$(egrep '^users_table' $conf)"
+  echo -e "\tAFTER2:\t\t$(egrep '^username_column' $conf)"
 
-  # step link sys_user
-  echo -e " STEP[2]:\tChange link in tables for auth"
+  # step - link sys_user
+  echo -e " STEP[3]:\tChange link in tables for auth"
   if [[ ! -L tables/mpi_users ]]; then
     echo -e "\tWARNING:\tOld auth link no more exists"
   else
     echo -e " BEFORE[$step]:"
-    ls -l tables/mpi_users
-    rm tables/mpi_users
+    echo -e "\t$(ls -l tables/mpi_users)"
+    echo -e "\t$(rm -v tables/mpi_users)"
   fi
   if [[ -L tables/sys_user ]]; then
     echo -e "\tWARNING:\tNew auth link already exists"
   else
     echo -e "\tAFTER:"
-    ln -s ../../master/tables/$auth tables/
-    ls -l tables/$auth
+    echo -e "\t$(ln -s ../../master/tables/$auth tables/)"
+    echo -e "\t$(ls -l tables/$auth)"
+  fi
+
+  # step - link list_role
+  echo -e " STEP[4]:\tCreate link for $role in tables for roles"
+  if [[ -L tables/$role ]]; then
+    echo -e "\tWARNING:\tNew role link already exists"
+  else
+    echo -e "\t$(ln -s ../../master/tables/$role tables/)"
+    echo -e "\t$(ls -l tables/$role)"
   fi
-  
-  # step create table sys_user and copy old entries
-  echo -e " STEP[3]:\tExcecute '$auth.sql' in database 'mpidb_$db'"
+
+  # step - set color viol
+  echo -e " STEP[5]:\tSet color viol for used roles in $colo"
+  if [[ ! -w $colo ]]; then
+    echo -e "WARNING:\t'$colo' not found or not writable"
+  else
+    if [[ ! $(grep 'viol' $colo | grep '#ccf') ]]; then
+      echo "tr.listing.odd.viol   td.row-actions-cell," >> $colo
+      echo "tr.listing.even.viol  td.row-actions-cell { background-color: #ccf; }" >> $colo
+      echo -e "\tAFTER1:\t\t$(grep 'tr.listing.odd.viol' $colo)"
+      echo -e "\tAFTER2:\t\t$(grep 'tr.listing.even.viol' $colo)"
+    else
+      echo -e "\tINFO:\t\tColor is already set"
+    fi
+  fi
+
+  # step - create table sys_user and copy old entries
+  echo -e " STEP[6]:\tExcecute '$auth.sql' in database 'mpidb_$db'"
   if [[ ! -r tables/$auth/$auth.sql ]]; then
     echo -e "ERROR:\t'tables/$auth/$auth.sql' not found or not readable."
-    
   else
     mysql -p -u root mpidb_$db < tables/$auth/$auth.sql
     if [[ $? -eq 0 ]]; then

master/tables/sys_user/sys_user.sql

@@ -10,10 +10,10 @@ BEGIN
     BEGIN
       ROLLBACK;
     END;
-  DECLARE exit handler for sqlwarning
-    BEGIN
-      ROLLBACK;
-    END;
+--  DECLARE exit handler for sqlwarning
+--    BEGIN
+--      ROLLBACK;
+--    END;
   START TRANSACTION;
 
     -- create table list_role
@@ -60,13 +60,6 @@ BEGIN
     -- Constraint
     ALTER TABLE `sys_user` ADD CONSTRAINT `sysUser_listRole` FOREIGN KEY IF NOT EXISTS (`role`) REFERENCES `list_role` (`role`);
 
-    -- copy inserts from old mpi_users
-    INSERT INTO sys_user (login, role, email, bearbeiter, zeitstempel) SELECT username, role, email, 'import', zeitstempel FROM mpi_users;
-    -- new insert (for new db's)
-    -- INSERT INTO `sys_user` (`logID`, `login`, `role`, `email`) VALUES
-    --  (000001, 'obiwan', 'MANAGER', 'initial', 'obiwan@mpi-magdeburg.mpg.de'),
-    --  (000002, 'pengo', 'ADMIN', 'initial', 'pengo@mpi-magdeburg.mpg.de');
-
     -- set permissions for user 'it_user' for read and write roles  
     GRANT SELECT, INSERT, UPDATE, DELETE ON `sys_user` TO 'it_user'@'localhost';
     GRANT SELECT ON `list_role` TO 'it_user'@'localhost';
@@ -79,16 +72,48 @@ BEGIN
      ORDER BY sort
     ;
 
+    -- create if not exist list_reiter
+    CREATE TABLE IF NOT EXISTS `list_reiter` (
+     `autoID` smallint(6) unsigned zerofill NOT NULL AUTO_INCREMENT,
+     `reiter` varchar(30) COLLATE utf8_unicode_ci NOT NULL,
+     `kategorie` varchar(30) COLLATE utf8_unicode_ci NOT NULL,
+     `favorit` tinyint(1) NOT NULL DEFAULT '0',
+     `history` tinyint(1) NOT NULL DEFAULT '0',
+     `bedeutung` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
+     PRIMARY KEY (`autoID`),
+     UNIQUE KEY `reiter` (`reiter`),
+     KEY `kategorie` (`kategorie`)
+    ) ENGINE=InnoDB  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='Reiterlinks fuer Xataface' AUTO_INCREMENT=9 ;
+
+    -- create if not exist list_katReiter
+    CREATE TABLE IF NOT EXISTS `list_katReiter` (
+     `autoID` smallint(6) unsigned NOT NULL AUTO_INCREMENT,
+     `kategorie` varchar(30) COLLATE utf8_unicode_ci NOT NULL,
+     PRIMARY KEY (`autoID`),
+     UNIQUE KEY `kategorie` (`kategorie`)
+    ) ENGINE=InnoDB  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=10 ;
+    -- add entries in list_katReiter
+    UPDATE list_katReiter SET kategorie = 'Autorisierung' WHERE kategorie = 'Authorisierung';
+    INSERT IGNORE INTO `list_katReiter` (`kategorie`) VALUES ('Autorisierung');
+
     -- add entries in list_reiter
     INSERT IGNORE INTO `list_reiter` (`reiter`, `kategorie`, `favorit`, `history`, `bedeutung`) VALUES
-     ('sys_user', 'Authorisierung', 1, 1, 'Authorisierung und Berechtigung Benutzer'),
-     ('list_role', 'Authorisierung', 1, 0, 'Liste aller Berechtigungen (Rollen)');
+     ('sys_user', 'Autorisierung', 1, 1, 'Autorisierung und Berechtigung Benutzer'),
+     ('list_role', 'Autorisierung', 1, 0, 'Liste aller Berechtigungen (Rollen)');
     UPDATE `list_reiter` SET `bedeutung` = 'Auswahlliste fuer aktive und nicht abgelaufene Benutzer' WHERE `reiter` = 'view_user';
 
+    -- copy inserts from old mpi_users
+    INSERT IGNORE INTO sys_user (login, role, email, bearbeiter, zeitstempel) SELECT username, role, email, 'import', zeitstempel FROM mpi_users;
+    -- new insert (for new db's)
+    -- INSERT INTO `sys_user` (`logID`, `login`, `role`, `email`) VALUES
+    --  (000001, 'obiwan', 'MANAGER', 'initial', 'obiwan@mpi-magdeburg.mpg.de'),
+    --  (000002, 'pengo', 'ADMIN', 'initial', 'pengo@mpi-magdeburg.mpg.de');
+
     -- del old table mpi_users (if all done and work)
     SELECT count(*) INTO cnt FROM sys_user; 
     IF cnt > 0 THEN 
       DROP TABLE IF EXISTS `mpi_users`;
+      DROP TABLE IF EXISTS `mpi_users__history`;
       DELETE FROM `list_reiter` WHERE `reiter` = 'mpi_users';
     END IF;
 

master/tables/view_user/view_user.sql

@@ -12,104 +12,24 @@ CREATE OR REPLACE VIEW view_user AS
   sort
 ;
 
--- mpi-dcts own version aus user-db
+-- mpg-version ohne externe DB (licman,inv,gfk,chem,user) - Auslieferzustand
+-- ggf. benoetigte User fuer Auswahl hier eintragen oder in mpi_user\fields.ini Feld widget:type mit ';' deaktvieren
 CREATE OR REPLACE VIEW view_user AS
- SELECT
-  localID, last_name, first_name
- FROM
-  mpidb_user.mpi_user
- WHERE
- active = 1
- ORDER BY
-  localID
+ SELECT 
+  '000001' AS userID, 'mpg_local' AS login, 'MPG, version (mpg_local)' AS sort
 ;
 
 -- mpg-version aus user-db
 CREATE OR REPLACE VIEW view_user AS
  SELECT
-  localID, last_name, first_name
+  employee_id AS userID,
+  localID AS login,
+  CONCAT(last_name, ', ', first_name, ' (', IFNULL(localID,'--'), ')') AS sort
  FROM
   mpidb_mpg_user.mpi_user
  WHERE
   active = 1
  ORDER BY
-  localID
-;
-
--- mpg-version ohne externe DB (licman) - Auslieferzustand
--- ggf. benoetigte User fuer Auswahl hier eintragen oder in mpi_user\fields.ini Feld widget:type mit ';' deaktvieren
-CREATE OR REPLACE VIEW mpidb_mpg_licman.view_user AS
- SELECT 
-  'local' AS localID, 'version' AS last_name, 'mpg' AS first_name
- ORDER BY 
-  localID
-;
-
--- mpg-version mit externe DB (licman)
-CREATE OR REPLACE VIEW mpidb_mpg_licman.view_user AS
- SELECT 
-  localID, last_name, first_name
- FROM
-  mpidb_mpg_user.mpi_user
- WHERE
-  active = 1
- ORDER BY 
-  localID
-;
-
--- mpg-version ohne externe DB (inv) - Auslieferzustand
--- ggf. benoetigte User fuer Auswahl hier eintragen oder in mpi_user\fields.ini Feld widget:type mit ';' deaktvieren
-CREATE OR REPLACE VIEW mpidb_mpg_inv.view_user AS
-SELECT 
- 'local' AS localID, 'version' AS last_name, 'mpg' AS first_name
-ORDER BY 
- localID
-;
-
--- mpg-version mit externe DB (inv)
-CREATE OR REPLACE VIEW mpidb_mpg_inv.view_user AS
-SELECT 
- localID, last_name, first_name FROM mpidb_mpg_user.mpi_user
-WHERE
- active = 1
-ORDER BY 
- localID
-;
-
--- mpg-version ohne externe DB (gfk) - Auslieferzustand
--- ggf. benoetigte User fuer Auswahl hier eintragen oder in mpi_user\fields.ini Feld widget:type mit ';' deaktvieren
-CREATE OR REPLACE VIEW mpidb_mpg_gfk.view_user AS
-SELECT 
- 'local' AS localID, 'version' AS last_name, 'mpg' AS first_name
-ORDER BY 
- localID
-;
-
--- mpg-version mit externe DB (gfk)
-CREATE OR REPLACE VIEW mpidb_mpg_gfk.view_user AS
-SELECT 
- localID, last_name, first_name FROM mpidb_mpg_user.mpi_user
-WHERE
- active = 1
-ORDER BY 
- localID
-;
-
--- mpg-version ohne externe DB (chem) - Auslieferzustand
-CREATE OR REPLACE VIEW mpidb_mpg_chem.view_user AS
-SELECT
- 'local' AS localID, 'version' AS last_name, 'mpg' AS first_name
-ORDER BY
- localID
-;
-
--- mpg-version mit externe DB (chem)
-CREATE OR REPLACE VIEW mpidb_mpg_chem.view_user AS
-SELECT
- localID, last_name, first_name FROM mpidb_mpg_user.mpi_user
-WHERE
- active = 1
-ORDER BY
- localID
+  login
 ;
 

template/conf.ini

@@ -11,7 +11,7 @@ title = "Template Datenbank"
 ;debug = 1
 default_language = de
 ;default_browse_action = edit
-;default_table = mpi_users
+;default_table = 
 default_limit = 25
 ;usage_mode = edit
 disable_session_ip_check = 1
@@ -24,8 +24,6 @@ disable_g2 = 1
 ;[_output_cache]
 ;enabled = 1
 ;lifeTime = 3600
-; geht nicht
-;ignoredTables = "mpi_users"
 
 [_modules]
 ;modules_g2=modules/g2/g2.php
@@ -65,8 +63,8 @@ view_favorit = "Favorit"
 list_reiter  = "mehr .."
 
 [_auth]
-users_table = "mpi_users"
-username_column = "username"
+users_table = "sys_user"
+username_column = "login"
 session_timeout = 86400
 ; Autorisierung ueber db
 ;auth_type = basic

template/conf/ApplicationDelegate.php

@@ -42,11 +42,12 @@ class conf_ApplicationDelegate {
     if ( !@$query['-relationship'] ) {
       if ( !$_POST AND !@$query['-sort'] ) {
         // Sortierung aendern Common
-        if ( $table == 'list_reiter' ) $query['-sort'] = 'reiter';
-        if ( $table == 'mpi_ablage' )  $query['-sort'] = 'zeitstempel DESC';
-        if ( $table == 'mpi_users' )   $query['-sort'] = 'zeitstempel DESC';
+        if ( $query['-table'] == 'list_reiter' ) $query['-sort'] = 'reiter';
+        if ( $query['-table'] == 'mpi_ablage' )  $query['-sort'] = 'zeitstempel DESC';
+        if ( $query['-table'] == 'sys_user' )    $query['-sort'] = 'login';
+        if ( $query['-table'] == 'mpi_users' )   $query['-sort'] = 'zeitstempel DESC';
         // Sortierung aendern individuell
-        if ( $table == 'tab_table' )   $query['-sort'] = 'zeitstempel DESC';
+        if ( $query['-table'] == 'tab_table' )   $query['-sort'] = 'zeitstempel DESC';
       }
 /*
     } else {

template/tables/mpi_users

-../../master/tables/mpi_users
\ No newline at end of file