Merge branch 'master' of ssh://lx-office/~/lx-office-erp

[kivitendo-erp.git] / SL / Auth.pm

diff --git a/SL/Auth.pm b/SL/Auth.pm
index 094b58b..4b6f2fa 100644 (file)
--- a/SL/Auth.pm
+++ b/SL/Auth.pm
@@ -11,6 +11,7 @@ use constant SESSION_EXPIRED =>   2;
 use Digest::MD5 qw(md5_hex);
 use IO::File;
 use Time::HiRes qw(gettimeofday);
+use List::MoreUtils qw(uniq);
 
 use SL::Auth::DB;
 use SL::Auth::LDAP;
@@ -18,6 +19,8 @@ use SL::Auth::LDAP;
 use SL::User;
 use SL::DBUtils;
 
+use strict;
+
 sub new {
   $main::lxdebug->enter_sub();
 
@@ -139,7 +142,7 @@ sub dbconnect {
     $dsn .= ';port=' . $cfg->{port};
   }
 
-  $main::lxdebug->message(LXDebug::DEBUG1, "Auth::dbconnect DSN: $dsn");
+  $main::lxdebug->message(LXDebug->DEBUG1, "Auth::dbconnect DSN: $dsn");
 
   $self->{dbh} = DBI->connect($dsn, $cfg->{user}, $cfg->{password}, { 'AutoCommit' => 0 });
 
@@ -214,7 +217,7 @@ sub create_database {
     $dsn .= ';port=' . $cfg->{port};
   }
 
-  $main::lxdebug->message(LXDebug::DEBUG1, "Auth::create_database DSN: $dsn");
+  $main::lxdebug->message(LXDebug->DEBUG1(), "Auth::create_database DSN: $dsn");
 
   my $dbh = DBI->connect($dsn, $params{superuser}, $params{superuser_password});
 
@@ -229,7 +232,7 @@ sub create_database {
 
   my $query = qq|CREATE DATABASE "$cfg->{db}" OWNER "$cfg->{user}" TEMPLATE "$params{template}" ENCODING '$encoding'|;
 
-  $main::lxdebug->message(LXDebug::DEBUG1, "Auth::create_database query: $query");
+  $main::lxdebug->message(LXDebug->DEBUG1(), "Auth::create_database query: $query");
 
   $dbh->do($query);
 
@@ -358,7 +361,7 @@ sub read_user {
   my $login = shift;
 
   my $dbh   = $self->dbconnect();
-  my $query = qq|SELECT cfg.cfg_key, cfg.cfg_value
+  my $query = qq|SELECT u.id, u.login, cfg.cfg_key, cfg.cfg_value
                  FROM auth.user_config cfg
                  LEFT JOIN auth."user" u ON (cfg.user_id = u.id)
                  WHERE (u.login = ?)|;
@@ -368,7 +371,7 @@ sub read_user {
 
   while (my $ref = $sth->fetchrow_hashref()) {
     $user_data{$ref->{cfg_key}} = $ref->{cfg_value};
-    $user_data{login}           = $login;
+    @user_data{qw(id login)}    = @{$ref}{qw(id login)};
   }
 
   $sth->finish();
@@ -516,9 +519,6 @@ sub expire_sessions {
 sub _create_session_id {
   $main::lxdebug->enter_sub();
 
-  my @secs = gettimeofday();
-  srand $secs[1] + $$;
-
   my @data;
   map { push @data, int(rand() * 255); } (1..32);
 
@@ -654,6 +654,7 @@ sub all_rights_full {
     ["sales_delivery_order_edit",      $locale->text("Create and edit sales delivery orders")],
     ["invoice_edit",                   $locale->text("Create and edit invoices and credit notes")],
     ["dunning_edit",                   $locale->text("Create and edit dunnings")],
+    ["sales_all_edit",                 $locale->text("View/edit all employees sales documents")],
     ["--ap",                           $locale->text("AP")],
     ["request_quotation_edit",         $locale->text("Create and edit RFQs")],
     ["purchase_order_edit",            $locale->text("Create and edit purchase orders")],
@@ -704,13 +705,14 @@ sub read_groups {
   $sth   = prepare_query($form, $dbh, $query);
 
   foreach $group (values %{$groups}) {
-    $group->{members} = [];
+    my @members;
 
     do_statement($form, $sth, $query, $group->{id});
 
     while ($row = $sth->fetchrow_hashref()) {
-      push @{$group->{members}}, $row->{user_id};
+      push @members, $row->{user_id};
     }
+    $group->{members} = [ uniq @members ];
   }
   $sth->finish();
 
@@ -760,7 +762,7 @@ sub save_group {
   $query  = qq|INSERT INTO auth.user_group (user_id, group_id) VALUES (?, ?)|;
   $sth    = prepare_query($form, $dbh, $query);
 
-  foreach my $user_id (@{ $group->{members} }) {
+  foreach my $user_id (uniq @{ $group->{members} }) {
     do_statement($form, $sth, $query, $user_id, $group->{id});
   }
   $sth->finish();