use SL::User;
use SL::DBConnect;
use SL::DBUpgrade2;
-use SL::DBUtils;
+use SL::DBUtils qw(do_query do_statement prepare_execute_query prepare_query selectall_array_query selectrow_query);
use strict;
my $self = bless {}, $type;
$self->_read_auth_config(%params);
- $self->reset;
+ $self->init;
return $self;
}
-sub reset {
+sub init {
my ($self, %params) = @_;
$self->{SESSION} = { };
$self->{RIGHTS} = { };
$self->{unique_counter} = 0;
$self->{column_information} = SL::Auth::ColumnInformation->new(auth => $self);
+}
+
+sub reset {
+ my ($self, %params) = @_;
+
+ $self->{SESSION} = { };
+ $self->{FULL_RIGHTS} = { };
+ $self->{RIGHTS} = { };
+ $self->{unique_counter} = 0;
+
+ if ($self->is_db_connected) {
+ # reset is called during request shutdown already. In case of a
+ # completely new auth DB this would fail and generate an error
+ # message even if the user is currently trying to create said auth
+ # DB. Therefore only fetch the column information if a connection
+ # has been established.
+ $self->{column_information} = SL::Auth::ColumnInformation->new(auth => $self);
+ $self->{column_information}->_fetch;
+ } else {
+ delete $self->{column_information};
+ }
+
$self->{authenticator}->reset;
$self->client(undef);
} else {
print STDERR "Error: @msg\n";
}
- ::end_of_request();
+ $::dispatcher->end_request;
}
sub _read_auth_config {
return ERR_PASSWORD;
}
- $password = SL::Auth::Password->hash(login => 'root', password => $password);
my $admin_password = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $self->{admin_password}->());
+ $password = SL::Auth::Password->hash(login => 'root', password => $password, stored_password => $admin_password);
my $result = $password eq $admin_password ? OK : ERR_PASSWORD;
$self->set_session_value(SESSION_KEY_ROOT_AUTH() => $result);
$self->{dbh} = SL::DBConnect->connect($dsn, $cfg->{user}, $cfg->{password}, { pg_enable_utf8 => 1, AutoCommit => 1 });
if (!$may_fail && !$self->{dbh}) {
+ delete $self->{dbh};
$main::form->error($main::locale->text('The connection to the authentication database failed:') . "\n" . $DBI::errstr);
}
}
}
+sub is_db_connected {
+ my ($self) = @_;
+ return !!$self->{dbh};
+}
+
sub check_tables {
my ($self, $dbh) = @_;
$form = $main::form;
- # Don't fail if the auth DB doesn't yet.
+ # Don't fail if the auth DB doesn't exist yet.
if (!( $dbh = $self->dbconnect(1) )) {
return $self->session_restore_result(SESSION_NONE());
}
sub _load_with_auto_restore_column {
my ($self, $dbh, $session_id) = @_;
- my $auto_restore_keys = join ', ', map { "'${_}'" } qw(login password rpw);
+ my %auto_restore_keys = map { $_ => 1 } qw(login password rpw client_id), SESSION_KEY_ROOT_AUTH, SESSION_KEY_USER_AUTH;
my $query = <<SQL;
SELECT sess_key, sess_value, auto_restore
FROM auth.session_content
WHERE (session_id = ?)
- AND ( auto_restore
- OR sess_key IN (${auto_restore_keys}))
SQL
my $sth = prepare_execute_query($::form, $dbh, $query, $session_id);
while (my $ref = $sth->fetchrow_hashref) {
- my $value = SL::Auth::SessionValue->new(auth => $self,
- key => $ref->{sess_key},
- value => $ref->{sess_value},
- auto_restore => $ref->{auto_restore},
- raw => 1);
- $self->{SESSION}->{ $ref->{sess_key} } = $value;
-
- next if defined $::form->{$ref->{sess_key}};
-
- my $data = $value->get;
- $::form->{$ref->{sess_key}} = $data if $value->{auto_restore} || !ref $data;
+ if ($ref->{auto_restore} || $auto_restore_keys{$ref->{sess_key}}) {
+ my $value = SL::Auth::SessionValue->new(auth => $self,
+ key => $ref->{sess_key},
+ value => $ref->{sess_value},
+ auto_restore => $ref->{auto_restore},
+ raw => 1);
+ $self->{SESSION}->{ $ref->{sess_key} } = $value;
+
+ next if defined $::form->{$ref->{sess_key}};
+
+ my $data = $value->get;
+ $::form->{$ref->{sess_key}} = $data if $value->{auto_restore} || !ref $data;
+ } else {
+ my $value = SL::Auth::SessionValue->new(auth => $self,
+ key => $ref->{sess_key});
+ $self->{SESSION}->{ $ref->{sess_key} } = $value;
+ }
}
$sth->finish;
-
- $query = <<SQL;
- SELECT sess_key
- FROM auth.session_content
- WHERE (session_id = ?)
- AND NOT COALESCE(auto_restore, FALSE)
- AND (sess_key NOT IN (${auto_restore_keys}))
-SQL
- $sth = prepare_execute_query($::form, $dbh, $query, $session_id);
-
- while (my $ref = $sth->fetchrow_hashref) {
- my $value = SL::Auth::SessionValue->new(auth => $self,
- key => $ref->{sess_key});
- $self->{SESSION}->{ $ref->{sess_key} } = $value;
- }
}
sub destroy_session {
my ($count) = selectrow_query($main::form, $dbh, $query, @tables);
- return scalar @tables == $count;
+ scalar @tables == $count;
}
}
my ($self) = @_;
@{ $self->{master_rights} ||= do {
- $self->dbconnect->selectall_arrayref("SELECT name, description, category FROM auth.master_rights ORDER BY id");
+ $self->dbconnect->selectall_arrayref("SELECT name, description, category FROM auth.master_rights ORDER BY position");
}
}
}
push @{$cur_ary}, $token;
} else {
- push @{$cur_ary}, $self->{RIGHTS}->{$login}->{$token} * 1;
+ push @{$cur_ary}, ($self->{RIGHTS}->{$login}->{$token} // 0) * 1;
}
}
projects / kivitendo-erp.git / blobdiff