use strict;
+# Force scripts/locales.pl to parse these templates:
+# parse_html_template('login_screen/auth_db_unreachable')
+# parse_html_template('login_screen/user_login')
+# parse_html_template('generic/error')
+
BEGIN {
- unshift @INC, "modules/override"; # Use our own versions of various modules (e.g. YAML).
- push @INC, "modules/fallback"; # Only use our own versions of modules if there's no system version.
+ use SL::System::Process;
+ my $exe_dir = SL::System::Process::exe_dir;
+
+ unshift @INC, "${exe_dir}/modules/override"; # Use our own versions of various modules (e.g. YAML).
+ push @INC, "${exe_dir}/modules/fallback"; # Only use our own versions of modules if there's no system version.
+ unshift @INC, $exe_dir;
}
use CGI qw( -no_xhtml);
use List::Util qw(first);
use POSIX;
use SL::Auth;
+use SL::Dispatcher::AuthHandler;
use SL::LXDebug;
use SL::LxOfficeConf;
use SL::Locale;
use SL::Common;
use SL::Form;
use SL::Helper::DateTime;
+use SL::InstanceConfiguration;
use SL::Template::Plugin::HTMLFixes;
+use SL::Controller::Layout::None;
# Trailing new line is added so that Perl will not add the line
# number 'die' was called in.
my $self = bless {}, $class;
$self->{interface} = lc($interface || 'cgi');
+ $self->{auth_handler} = SL::Dispatcher::AuthHandler->new;
return $self;
}
::run();
::end_of_request();
} else {
- show_error('login/auth_db_unreachable');
+ show_error('login_screen/auth_db_unreachable');
}
}
}
$::lxdebug->enter_sub;
my $template = shift;
my $error_type = shift || '';
+ my %params = @_;
- $::locale = Locale->new($::lx_office_conf{system}->{language});
+ $::myconfig{countrycode} = delete($params{countrycode}) || $::lx_office_conf{system}->{language};
+ $::locale = Locale->new($::myconfig{countrycode});
$::form->{error} = $::locale->text('The session is invalid or has expired.') if ($error_type eq 'session');
- $::form->{error} = $::locale->text('Incorrect password!.') if ($error_type eq 'password');
- $::myconfig{countrycode} = $::lx_office_conf{system}->{language};
- $::form->{stylesheet} = 'css/lx-office-erp.css';
+ $::form->{error} = $::locale->text('Incorrect password!') if ($error_type eq 'password');
- $::form->header;
- print $::form->parse_html_template($template);
+ $::form->header(no_menu => 1);
+ print $::form->parse_html_template($template, \%params);
$::lxdebug->leave_sub;
::end_of_request();
my ($self) = @_;
SL::LxOfficeConf->read;
- _init_environment();
eval {
package main;
$::auth = SL::Auth->new;
$::form = undef;
%::myconfig = ();
- %::called_subs = (); # currently used for recursion detection
+ $::request = undef;
}
$SIG{__WARN__} = sub {
sub _require_controller {
my $controller = shift;
$controller =~ s|[^A-Za-z0-9_]||g;
+ $controller = "SL/Controller/${controller}";
eval {
package main;
- require "SL/Controller/${controller}.pm";
+ require "${controller}.pm";
} or die $EVAL_ERROR;
}
my ($script, $path, $suffix, $script_name, $action, $routing_type);
- $script_name = $ENV{SCRIPT_NAME};
-
$self->unrequire_bin_mozilla;
- $::cgi = CGI->new('');
- $::locale = Locale->new($::lx_office_conf{system}->{language});
- $::form = Form->new;
- %::called_subs = ();
+ $::locale = Locale->new($::lx_office_conf{system}->{language});
+ $::form = Form->new;
+ $::instance_conf = SL::InstanceConfiguration->new;
+ $::request = {
+ cgi => CGI->new({}),
+ layout => SL::Controller::Layout::None->new,
+ };
my $session_result = $::auth->restore_session;
$::auth->create_or_refresh_session;
$::form->read_cgi_input;
- eval { ($routing_type, $script_name, $action) = _route_request($script_name); 1; } or return;
+ eval { ($routing_type, $script_name, $action) = _route_request($ENV{SCRIPT_NAME}); 1; } or return;
if ($routing_type eq 'old') {
$::form->{action} = lc $::form->{action};
$::form->error($::locale->text('System currently down for maintenance!')) if -e ($::lx_office_conf{paths}->{userspath} . "/nologin") && $script ne 'admin';
- if ($script eq 'login' or $script eq 'admin') {
- $::form->{titlebar} = "Lx-Office " . $::locale->text('Version') . " $::form->{version}";
- ::run($session_result);
+ # For compatibility with a lot of database upgrade scripts etc:
+ # Re-write request to old 'login.pl?action=login' to new
+ # 'LoginScreen' controller. Make sure to load its code!
+ if (($script eq 'login') && ($action eq 'login')) {
+ ($routing_type, $script, $script_name, $action) = qw(controller controller LoginScreen login);
+ _require_controller('LoginScreen');
+ }
- } else {
- show_error('login/password_error', 'session') if SL::Auth::SESSION_EXPIRED == $session_result;
- %::myconfig = $::auth->read_user($::form->{login});
+ if (($script eq 'login') && !$action) {
+ print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login');
- show_error('login/password_error', 'password') unless $::myconfig{login};
+ } elsif ($script eq 'admin') {
+ $::form->{titlebar} = "kivitendo " . $::locale->text('Version') . " $::form->{version}";
+ ::run($session_result);
- $::locale = Locale->new($::myconfig{countrycode});
+ } else {
+ if (SL::Auth::SESSION_EXPIRED == $session_result) {
+ print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login&error=session');
+ }
- show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($::form->{login}, $::form->{password});
+ my %auth_result = $self->{auth_handler}->handle(
+ routing_type => $routing_type,
+ script => $script,
+ controller => $script_name,
+ action => $action,
+ );
- $::auth->store_credentials_in_session(login => $::form->{login}, password => $::form->{password});
- $::auth->create_or_refresh_session;
- $::auth->delete_session_value('FLASH');
- delete $::form->{password};
+ delete @{ $::form }{ grep { m/^\{AUTH\}/ } keys %{ $::form } } unless $auth_result{keep_auth_vars};
if ($action) {
- map { $::form->{$_} = $::myconfig{$_} } qw(stylesheet charset)
+ $::instance_conf->init if $auth_result{auth_level} eq 'user';
+
+ map { $::form->{$_} = $::myconfig{$_} } qw(charset)
unless $action eq 'save' && $::form->{type} eq 'preferences';
$::form->set_standard_title;
} or do {
if ($EVAL_ERROR ne END_OF_REQUEST) {
print STDERR $EVAL_ERROR;
- $::form->{label_error} = $::cgi->pre($EVAL_ERROR);
+ $::form->{label_error} = $::request->{cgi}->pre($EVAL_ERROR);
+ chdir SL::System::Process::exe_dir;
eval { show_error('generic/error') };
}
};
+ $::form->footer;
+
# cleanup
$::auth->save_session;
$::auth->expire_sessions;
$::locale = undef;
$::form = undef;
$::myconfig = ();
+ $::request = undef;
Form::disconnect_standard_dbh;
$::lxdebug->end_request;
1;
} or do {
- $::form->{label_error} = $::cgi->pre($EVAL_ERROR);
+ $::form->{label_error} = $::request->{cgi}->pre($EVAL_ERROR);
show_error('generic/error');
};
1;
} or do {
- $::form->{label_error} = $::cgi->pre($EVAL_ERROR);
+ $::form->{label_error} = $::request->{cgi}->pre($EVAL_ERROR);
show_error('generic/error');
};
return $self->{interface} =~ m/f(?:ast)cgi/i ? $self->{request}->GetHandles() : (\*STDIN, \*STDOUT, \*STDERR);
}
-sub _init_environment {
- my %key_map = ( lib => { name => 'PERL5LIB', append_path => 1 },
- path => { name => 'PATH', append_path => 1 },
- );
- my $cfg = $::lx_office_conf{environment} || {};
-
- while (my ($key, $value) = each %{ $cfg }) {
- next unless $value;
-
- my $info = $key_map{$key} || {};
- $key = $info->{name} || $key;
-
- if ($info->{append_path}) {
- $value = ':' . $value unless $value =~ m/^:/ || !$ENV{$key};
- $value = $ENV{$key} . $value;
- }
-
- $ENV{$key} = $value;
- }
-}
-
sub _check_for_old_config_files {
my @old_files = grep { -f "config/${_}" } qw(authentication.pl console.conf lx-erp.conf lx-erp-local.conf);
return unless @old_files;
- $::form->{title} = $::locale->text('Old configuration files');
- $::form->{stylesheet} = 'lx-office-erp.css';
+ $::form->{title} = $::locale->text('Old configuration files');
$::form->header;
- print $::form->parse_html_template('login/old_configuration_files', { FILES => \@old_files });
+ print $::form->parse_html_template('login_screen/old_configuration_files', { FILES => \@old_files });
::end_of_request();
}
projects / kivitendo-erp.git / blobdiff