$::auth erst nach dem session expire zerstören.

[kivitendo-erp.git] / SL / Dispatcher.pm

diff --git a/SL/Dispatcher.pm b/SL/Dispatcher.pm
index 687c373..3bf1206 100644 (file)
--- a/SL/Dispatcher.pm
+++ b/SL/Dispatcher.pm
@@ -5,7 +5,6 @@ use strict;
 BEGIN {
   unshift @INC, "modules/override"; # Use our own versions of various modules (e.g. YAML).
   push    @INC, "modules/fallback"; # Only use our own versions of modules if there's no system version.
-  push    @INC, "SL";               # FCGI won't find modules that are not properly named. Help it by inclduging SL
 }
 
 use CGI qw( -no_xhtml);
@@ -15,10 +14,11 @@ use Encode;
 use English qw(-no_match_vars);
 use SL::Auth;
 use SL::LXDebug;
+use SL::LxOfficeConf;
 use SL::Locale;
 use SL::Common;
+use SL::Form;
 use SL::Helper::DateTime;
-use Form;
 use List::Util qw(first);
 use File::Basename;
 
@@ -35,6 +35,11 @@ sub new {
   return $self;
 }
 
+sub interface_type {
+  my ($self) = @_;
+  return $self->{interface} eq 'cgi' ? 'CGI' : 'FastCGI';
+}
+
 sub pre_request_checks {
   if (!$::auth->session_tables_present) {
     if ($::form->{script} eq 'admin.pl') {
@@ -52,10 +57,10 @@ sub show_error {
   my $template             = shift;
   my $error_type           = shift || '';
 
-  $::locale                = Locale->new($::language);
+  $::locale                = Locale->new($::lx_office_conf{system}->{language});
   $::form->{error}         = $::locale->text('The session is invalid or has expired.') if ($error_type eq 'session');
   $::form->{error}         = $::locale->text('Incorrect password!.')                   if ($error_type eq 'password');
-  $::myconfig{countrycode} = $::language;
+  $::myconfig{countrycode} = $::lx_office_conf{system}->{language};
   $::form->{stylesheet}    = 'css/lx-office-erp.css';
 
   $::form->header;
@@ -66,14 +71,8 @@ sub show_error {
 }
 
 sub pre_startup_setup {
-  eval {
-    package main;
-    require "config/lx-erp.conf";
-  };
-  eval {
-    package main;
-    require "config/lx-erp-local.conf";
-  } if -f "config/lx-erp-local.conf";
+  SL::LxOfficeConf->read;
+  _init_environment();
 
   eval {
     package main;
@@ -84,19 +83,10 @@ sub pre_startup_setup {
   # canonial globals. if it's not here, chances are it will get refactored someday.
   {
     no warnings 'once';
-    $::userspath   = "users";
-    $::templates   = "templates";
-    $::memberfile  = "users/members";
-    $::menufile    = "menu.ini";
-    $::sendmail    = "| /usr/sbin/sendmail -t";
     $::lxdebug     = LXDebug->new;
-    $::auth        = SL::Auth->new;
     $::form        = undef;
     %::myconfig    = ();
     %::called_subs = (); # currently used for recursion detection
-
-    read_config 'config/lx_office.conf' => %::lx_office_conf if -f "config/lx_office.conf";
-    _decode_recursively(\%::lx_office_conf);
   }
 
   $SIG{__WARN__} = sub {
@@ -167,8 +157,9 @@ sub handle_request {
   $self->unrequire_bin_mozilla;
 
   $::cgi         = CGI->new('');
-  $::locale      = Locale->new($::language);
+  $::locale      = Locale->new($::lx_office_conf{system}->{language});
   $::form        = Form->new;
+  $::auth        = SL::Auth->new;
   %::called_subs = ();
 
   eval { ($routing_type, $script_name, $action) = _route_request($script_name); 1; } or return;
@@ -193,7 +184,7 @@ sub handle_request {
     my $session_result = $::auth->restore_session;
     $::auth->create_or_refresh_session;
 
-    $::form->error($::locale->text('System currently down for maintenance!')) if -e "$::userspath/nologin" && $script ne 'admin';
+    $::form->error($::locale->text('System currently down for maintenance!')) if -e ($::lx_office_conf{paths}->{userspath} . "/nologin") && $script ne 'admin';
 
     if ($script eq 'login' or $script eq 'admin' or $script eq 'kopf') {
       $::form->{titlebar} = "Lx-Office " . $::locale->text('Version') . " $::form->{version}";
@@ -207,11 +198,11 @@ sub handle_request {
 
       $::locale = Locale->new($::myconfig{countrycode});
 
-      show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($::form->{login}, $::form->{password}, 0);
+      show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($::form->{login}, $::form->{password});
 
       $::auth->set_session_value('login', $::form->{login}, 'password', $::form->{password});
       $::auth->create_or_refresh_session;
-      $::auth->delete_session_value('FLASH')->save_session();
+      $::auth->delete_session_value('FLASH');
       delete $::form->{password};
 
       if ($action) {
@@ -241,7 +232,10 @@ sub handle_request {
   $::locale   = undef;
   $::form     = undef;
   $::myconfig = ();
-  Form::disconnect_standard_dbh unless $self->_interface_is_fcgi;
+  Form::disconnect_standard_dbh;
+  $::auth->expire_session_keys->save_session;
+  $::auth->dbdisconnect;
+  $::auth     = undef;
 
   $::lxdebug->end_request;
   $::lxdebug->leave_sub;
@@ -325,15 +319,24 @@ sub get_standard_filehandles {
   return $self->{interface} =~ m/f(?:ast)cgi/i ? $self->{request}->GetHandles() : (\*STDIN, \*STDOUT, \*STDERR);
 }
 
-sub _decode_recursively {
-  my ($obj) = @_;
+sub _init_environment {
+  my %key_map = ( lib  => { name => 'PERL5LIB', append_path => 1 },
+                  path => { name => 'PATH',     append_path => 1 },
+                );
+  my $cfg     = $::lx_office_conf{environment} || {};
 
-  while (my ($key, $value) = each %{ $obj }) {
-    if (ref($value) eq 'HASH') {
-      _decode_recursively($value);
-    } else {
-      $obj->{$key} = decode('UTF-8', $value);
+  while (my ($key, $value) = each %{ $cfg }) {
+    next unless $value;
+
+    my $info = $key_map{$key} || {};
+    $key     = $info->{name}  || $key;
+
+    if ($info->{append_path}) {
+      $value = ':' . $value unless $value =~ m/^:/ || !$ENV{$key};
+      $value = $ENV{$key} . $value;
     }
+
+    $ENV{$key} = $value;
   }
 }