X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FAuth.pm;h=04145f2cf1e05be3bba6fa586478899f3cf50bde;hb=0e5c060647cb76818bedd176c6fd32e9a658eaff;hp=0171899c4b7c770b64bb29d425592fff140c1593;hpb=81a9ce9b77b4b44edc35f37148cb57bb19fa6cdd;p=kivitendo-erp.git

diff --git a/SL/Auth.pm b/SL/Auth.pm
index 0171899c4..04145f2cf 100644
--- a/SL/Auth.pm
+++ b/SL/Auth.pm
@@ -37,12 +37,12 @@ sub new {
   my $self            = bless {}, $type;
 
   $self->_read_auth_config(%params);
-  $self->reset;
+  $self->init;
 
   return $self;
 }
 
-sub reset {
+sub init {
   my ($self, %params) = @_;
 
   $self->{SESSION}            = { };
@@ -50,6 +50,28 @@ sub reset {
   $self->{RIGHTS}             = { };
   $self->{unique_counter}     = 0;
   $self->{column_information} = SL::Auth::ColumnInformation->new(auth => $self);
+}
+
+sub reset {
+  my ($self, %params) = @_;
+
+  $self->{SESSION}        = { };
+  $self->{FULL_RIGHTS}    = { };
+  $self->{RIGHTS}         = { };
+  $self->{unique_counter} = 0;
+
+  if ($self->is_db_connected) {
+    # reset is called during request shutdown already. In case of a
+    # completely new auth DB this would fail and generate an error
+    # message even if the user is currently trying to create said auth
+    # DB. Therefore only fetch the column information if a connection
+    # has been established.
+    $self->{column_information} = SL::Auth::ColumnInformation->new(auth => $self);
+    $self->{column_information}->_fetch;
+  } else {
+    delete $self->{column_information};
+  }
+
   $self->{authenticator}->reset;
 
   $self->client(undef);
@@ -236,6 +258,7 @@ sub dbconnect {
   $self->{dbh} = SL::DBConnect->connect($dsn, $cfg->{user}, $cfg->{password}, { pg_enable_utf8 => 1, AutoCommit => 1 });
 
   if (!$may_fail && !$self->{dbh}) {
+    delete $self->{dbh};
     $main::form->error($main::locale->text('The connection to the authentication database failed:') . "\n" . $DBI::errstr);
   }
 
@@ -251,6 +274,11 @@ sub dbdisconnect {
   }
 }
 
+sub is_db_connected {
+  my ($self) = @_;
+  return !!$self->{dbh};
+}
+
 sub check_tables {
   my ($self, $dbh)    = @_;
 
@@ -925,7 +953,7 @@ sub all_rights_full {
   my ($self) = @_;
 
   @{ $self->{master_rights} ||= do {
-      $self->dbconnect->selectall_arrayref("SELECT name, description, category FROM auth.master_rights ORDER BY id");
+      $self->dbconnect->selectall_arrayref("SELECT name, description, category FROM auth.master_rights ORDER BY position");
     }
   }
 }
@@ -1281,6 +1309,11 @@ close the database connection.
 Creating a new database handle on each request can take up to 30% of the
 pre-request startup time, so we want to avoid that for fast ajax calls.
 
+=item C<assert, $right, $dont_abort>
+
+Checks if current user has the C<$right>. If C<$dont_abort> is falsish
+the request dies with a access denied error, otherwise returns true or false.
+
 =back
 
 =head1 BUGS