X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FAuth.pm;h=8ac2293b88d973e4ae5c7c2238c123f8ef7aa62b;hb=af59820cb06ba396ba10ecd88f43a92c331a6066;hp=062a4baeb66448287f309c7d080ebbd206a5e552;hpb=8c7e44938a661e035f62840e1e177353240ace5d;p=kivitendo-erp.git diff --git a/SL/Auth.pm b/SL/Auth.pm index 062a4baeb..8ac2293b8 100644 --- a/SL/Auth.pm +++ b/SL/Auth.pm @@ -1,8 +1,12 @@ package SL::Auth; -use constant OK => 0; -use constant ERR_PASSWORD => 1; -use constant ERR_BACKEND => 100; +use constant OK => 0; +use constant ERR_PASSWORD => 1; +use constant ERR_BACKEND => 100; + +use constant SESSION_OK => 0; +use constant SESSION_NONE => 1; +use constant SESSION_EXPIRED => 2; use Digest::MD5 qw(md5_hex); use IO::File; @@ -86,18 +90,21 @@ sub _read_auth_config { $self->{authenticator}->verify_config(); + $self->{session_timeout} *= 1; + $self->{session_timeout} = 8 * 60 if (!$self->{session_timeout}); + $main::lxdebug->leave_sub(); } sub authenticate_root { $main::lxdebug->enter_sub(); - my $self = shift; - my $password = shift; - my $is_crypted = shift; + my $self = shift; + my $password = shift; + my $is_crypted = shift; - $password = crypt $password, 'ro' if (!$password || !$is_crypted); - $admin_password = crypt "$self->{admin_password}", 'ro'; + $password = crypt $password, 'ro' if (!$password || !$is_crypted); + my $admin_password = crypt "$self->{admin_password}", 'ro'; $main::lxdebug->leave_sub(); @@ -325,7 +332,7 @@ sub read_all_users { while (my $ref = $sth->fetchrow_hashref()) { $users{$ref->{login}} ||= { 'login' => $ref->{login}, 'id' => $ref->{id} }; - $users{$ref->{login}}->{$ref->{cfg_key}} = $ref->{cfg_value} if (($cfg_key ne 'login') && ($cfg_key ne 'id')); + $users{$ref->{login}}->{$ref->{cfg_key}} = $ref->{cfg_value} if (($ref->{cfg_key} ne 'login') && ($ref->{cfg_key} ne 'id')); } $sth->finish(); @@ -416,21 +423,24 @@ sub restore_session { $self->{SESSION} = { }; - return $main::lxdebug->leave_sub() if (!$session_id); + if (!$session_id) { + $main::lxdebug->leave_sub(); + return SESSION_NONE; + } my ($dbh, $query, $sth, $cookie, $ref, $form); $form = $main::form; $dbh = $self->dbconnect(); - $query = qq|SELECT *, (mtime < (now() - '24h'::interval)) AS is_expired FROM auth.session WHERE id = ?|; + $query = qq|SELECT *, (mtime < (now() - '$self->{session_timeout}m'::interval)) AS is_expired FROM auth.session WHERE id = ?|; $cookie = selectfirst_hashref_query($form, $dbh, $query, $session_id); if (!$cookie || $cookie->{is_expired} || ($cookie->{ip_address} ne $ENV{REMOTE_ADDR})) { $self->destroy_session(); $main::lxdebug->leave_sub(); - return; + return SESSION_EXPIRED; } $query = qq|SELECT sess_key, sess_value FROM auth.session_content WHERE session_id = ?|; @@ -444,6 +454,8 @@ sub restore_session { $sth->finish(); $main::lxdebug->leave_sub(); + + return SESSION_OK; } sub destroy_session { @@ -477,13 +489,13 @@ sub expire_sessions { WHERE session_id IN (SELECT id FROM auth.session - WHERE (mtime < (now() - '24h'::interval)))|; + WHERE (mtime < (now() - '$self->{session_timeout}m'::interval)))|; do_query($main::form, $dbh, $query); $query = qq|DELETE FROM auth.session - WHERE (mtime < (now() - '24h'::interval))|; + WHERE (mtime < (now() - '$self->{session_timeout}m'::interval))|; do_query($main::form, $dbh, $query); @@ -624,6 +636,9 @@ sub all_rights_full { ["purchase_order_edit", $locale->text("Create and edit purchase orders")], ["purchase_delivery_order_edit", $locale->text("Create and edit purchase delivery orders")], ["vendor_invoice_edit", $locale->text("Create and edit vendor invoices")], + ["--warehouse_management", $locale->text("Warehouse management")], + ["warehouse_contents", $locale->text("View warehouse content")], + ["warehouse_management", $locale->text("Warehouse management")], ["--general_ledger_cash", $locale->text("General ledger and cash")], ["general_ledger", $locale->text("Transactions, AR transactions, AP transactions")], ["datev_export", $locale->text("DATEV Export")],