X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FAuth.pm;h=e7f60e963b72e8df5308630c38a07207a7793aed;hb=0c32dd23e6c2d104239bd489fc61b81db8f19f59;hp=6bb7bfaa784e4f5344bb60615f9222301390a735;hpb=d5c0d18a11c012e287f99d74365f42758f7e6b3b;p=kivitendo-erp.git diff --git a/SL/Auth.pm b/SL/Auth.pm index 6bb7bfaa7..e7f60e963 100644 --- a/SL/Auth.pm +++ b/SL/Auth.pm @@ -6,12 +6,14 @@ use Digest::MD5 qw(md5_hex); use IO::File; use Time::HiRes qw(gettimeofday); use List::MoreUtils qw(uniq); +use YAML; use SL::Auth::Constants qw(:all); use SL::Auth::DB; use SL::Auth::LDAP; use SL::User; +use SL::DBUpgrade2; use SL::DBUtils; use strict; @@ -59,31 +61,28 @@ sub DESTROY { $self->{dbh}->disconnect() if ($self->{dbh}); } -sub _read_auth_config { - $main::lxdebug->enter_sub(); +# form isn't loaded yet, so auth needs it's own error. +sub mini_error { + $::lxdebug->show_backtrace(); - my $self = shift; - - my $form = $main::form; - my $locale = $main::locale; - - my $code; - my $in = IO::File->new('config/authentication.pl', 'r'); - - if (!$in) { - $form->error($locale->text('The config file "config/authentication.pl" was not found.')); + my ($self, @msg) = @_; + if ($ENV{HTTP_USER_AGENT}) { + print Form->create_http_response(content_type => 'text/html'); + print "
", join ('
', @msg), "
"; + } else { + print STDERR "Error: @msg\n"; } + ::end_of_request(); +} - while (<$in>) { - $code .= $_; - } - $in->close(); +sub _read_auth_config { + $main::lxdebug->enter_sub(); - eval $code; + my $self = shift; - if ($@) { - $form->error($locale->text('The config file "config/authentication.pl" contained invalid Perl code:') . "\n" . $@); - } + map { $self->{$_} = $::lx_office_conf{authentication}->{$_} } keys %{ $::lx_office_conf{authentication} }; + $self->{DB_config} = $::lx_office_conf{'authentication/database'}; + $self->{LDAP_config} = $::lx_office_conf{'authentication/ldap'}; if ($self->{module} eq 'DB') { $self->{authenticator} = SL::Auth::DB->new($self); @@ -93,17 +92,20 @@ sub _read_auth_config { } if (!$self->{authenticator}) { - $form->error($locale->text('No or an unknown authenticantion module specified in "config/authentication.pl".')); + my $locale = Locale->new('en'); + $self->mini_error($locale->text('No or an unknown authenticantion module specified in "config/lx_office.conf".')); } my $cfg = $self->{DB_config}; if (!$cfg) { - $form->error($locale->text('config/authentication.pl: Key "DB_config" is missing.')); + my $locale = Locale->new('en'); + $self->mini_error($locale->text('config/lx_office.conf: Key "DB_config" is missing.')); } if (!$cfg->{host} || !$cfg->{db} || !$cfg->{user}) { - $form->error($locale->text('config/authentication.pl: Missing parameters in "DB_config". Required parameters are "host", "db" and "user".')); + my $locale = Locale->new('en'); + $self->mini_error($locale->text('config/lx_office.conf: Missing parameters in "authentication/database". Required parameters are "host", "db" and "user".')); } $self->{authenticator}->verify_config(); @@ -164,13 +166,13 @@ sub dbconnect { $main::lxdebug->message(LXDebug->DEBUG1, "Auth::dbconnect DSN: $dsn"); - $self->{dbh} = DBI->connect($dsn, $cfg->{user}, $cfg->{password}, { pg_enable_utf8 => $::locale->is_utf8, AutoCommit => 0 }); + $self->{dbh} = DBI->connect($dsn, $cfg->{user}, $cfg->{password}, { pg_enable_utf8 => $::locale->is_utf8, AutoCommit => 1 }); if (!$may_fail && !$self->{dbh}) { $main::form->error($main::locale->text('The connection to the authentication database failed:') . "\n" . $DBI::errstr); } - $main::lxdebug->leave_sub(); + $main::lxdebug->leave_sub(2); return $self->{dbh}; } @@ -239,7 +241,7 @@ sub create_database { $main::lxdebug->message(LXDebug->DEBUG1(), "Auth::create_database DSN: $dsn"); - my $charset = $main::dbcharset; + my $charset = $::lx_office_conf{system}->{dbcharset}; $charset ||= Common::DEFAULT_CHARSET; my $encoding = $Common::charset_to_db_encoding{$charset}; $encoding ||= 'UNICODE'; @@ -282,11 +284,11 @@ sub create_tables { my $self = shift; my $dbh = $self->dbconnect(); - my $charset = $main::dbcharset; + my $charset = $::lx_office_conf{system}->{dbcharset}; $charset ||= Common::DEFAULT_CHARSET; $dbh->rollback(); - User->process_query($main::form, $dbh, 'sql/auth_db.sql', undef, $charset); + SL::DBUpgrade2->new(form => $::form)->process_query($dbh, 'sql/auth_db.sql', undef, $charset); $main::lxdebug->leave_sub(); } @@ -304,6 +306,8 @@ sub save_user { my ($sth, $query, $user_id); + $dbh->begin_work; + $query = qq|SELECT id FROM auth."user" WHERE login = ?|; ($user_id) = selectrow_query($form, $dbh, $query, $login); @@ -424,11 +428,14 @@ sub delete_user { my $form = $main::form; my $dbh = $self->dbconnect(); + + $dbh->begin_work; + my $query = qq|SELECT id FROM auth."user" WHERE login = ?|; my ($id) = selectrow_query($form, $dbh, $query, $login); - return $main::lxdebug->leave_sub() if (!$id); + $dbh->rollback and return $main::lxdebug->leave_sub() if (!$id); do_query($form, $dbh, qq|DELETE FROM auth.user_group WHERE user_id = ?|, $id); do_query($form, $dbh, qq|DELETE FROM auth.user_config WHERE user_id = ?|, $id); @@ -472,7 +479,7 @@ sub restore_session { if (!$cookie || $cookie->{is_expired} || ($cookie->{ip_address} ne $ENV{REMOTE_ADDR})) { $self->destroy_session(); $main::lxdebug->leave_sub(); - return SESSION_EXPIRED; + return $cookie ? SESSION_EXPIRED : SESSION_NONE; } $query = qq|SELECT sess_key, sess_value FROM auth.session_content WHERE session_id = ?|; @@ -480,7 +487,7 @@ sub restore_session { while (my $ref = $sth->fetchrow_hashref()) { $self->{SESSION}->{$ref->{sess_key}} = $ref->{sess_value}; - $form->{$ref->{sess_key}} = $ref->{sess_value} if (!defined $form->{$ref->{sess_key}}); + $form->{$ref->{sess_key}} = $self->_load_value($ref->{sess_value}) if (!defined $form->{$ref->{sess_key}}); } $sth->finish(); @@ -490,6 +497,18 @@ sub restore_session { return SESSION_OK; } +sub _load_value { + return $_[1] if $_[1] !~ m/^---/; + + my $value; + eval { + $value = YAML::Load($_[1]); + 1; + } or return $_[1]; + + return $value; +} + sub destroy_session { $main::lxdebug->enter_sub(); @@ -498,6 +517,8 @@ sub destroy_session { if ($session_id) { my $dbh = $self->dbconnect(); + $dbh->begin_work; + do_query($main::form, $dbh, qq|DELETE FROM auth.session_content WHERE session_id = ?|, $session_id); do_query($main::form, $dbh, qq|DELETE FROM auth.session WHERE id = ?|, $session_id); @@ -516,6 +537,9 @@ sub expire_sessions { my $self = shift; my $dbh = $self->dbconnect(); + + $dbh->begin_work; + my $query = qq|DELETE FROM auth.session_content WHERE session_id IN @@ -561,47 +585,92 @@ sub create_or_refresh_session { $form = $main::form; $dbh = $self->dbconnect(); + $dbh->begin_work; + do_query($::form, $dbh, qq|LOCK auth.session_content|); + $query = qq|SELECT id FROM auth.session WHERE id = ?|; ($id) = selectrow_query($form, $dbh, $query, $session_id); if ($id) { do_query($form, $dbh, qq|UPDATE auth.session SET mtime = now() WHERE id = ?|, $session_id); - do_query($form, $dbh, qq|DELETE FROM auth.session_content WHERE session_id = ?|, $session_id); } else { do_query($form, $dbh, qq|INSERT INTO auth.session (id, ip_address, mtime) VALUES (?, ?, now())|, $session_id, $ENV{REMOTE_ADDR}); } - $query = qq|INSERT INTO auth.session_content (session_id, sess_key, sess_value) VALUES (?, ?, ?)|; - $sth = prepare_query($form, $dbh, $query); - - foreach my $key (sort keys %{ $self->{SESSION} }) { - do_statement($form, $sth, $query, $session_id, $key, $self->{SESSION}->{$key}); - } + $self->save_session($dbh); - $sth->finish(); $dbh->commit(); $main::lxdebug->leave_sub(); } +sub save_session { + my $self = shift; + my $provided_dbh = shift; + + my $dbh = $provided_dbh || $self->dbconnect(); + + $dbh->begin_work unless $provided_dbh; + + do_query($::form, $dbh, qq|LOCK auth.session_content|); + do_query($::form, $dbh, qq|DELETE FROM auth.session_content WHERE session_id = ?|, $session_id); + + if (%{ $self->{SESSION} }) { + my $query = qq|INSERT INTO auth.session_content (session_id, sess_key, sess_value) VALUES (?, ?, ?)|; + my $sth = prepare_query($::form, $dbh, $query); + + foreach my $key (sort keys %{ $self->{SESSION} }) { + do_statement($::form, $sth, $query, $session_id, $key, $self->{SESSION}->{$key}); + } + + $sth->finish(); + } + + $dbh->commit() unless $provided_dbh; +} + sub set_session_value { $main::lxdebug->enter_sub(); - my $self = shift; + my $self = shift; + my %params = @_; $self->{SESSION} ||= { }; - while (2 <= scalar @_) { - my $key = shift; - my $value = shift; - - $self->{SESSION}->{$key} = $value; + while (my ($key, $value) = each %params) { + $self->{SESSION}->{ $key } = YAML::Dump($value); } $main::lxdebug->leave_sub(); + + return $self; +} + +sub delete_session_value { + $main::lxdebug->enter_sub(); + + my $self = shift; + + $self->{SESSION} ||= { }; + delete @{ $self->{SESSION} }{ @_ }; + + $main::lxdebug->leave_sub(); + + return $self; +} + +sub get_session_value { + $main::lxdebug->enter_sub(); + + my $self = shift; + my $value = $self->{SESSION} ? $self->_load_value($self->{SESSION}->{ $_[0] }) : undef; + + $main::lxdebug->leave_sub(); + + return $value; } sub set_cookie_environment_variable { @@ -690,6 +759,8 @@ sub all_rights_full { ["--reports", $locale->text('Reports')], ["report", $locale->text('All reports')], ["advance_turnover_tax_return", $locale->text('Advance turnover tax return')], + ["--batch_printing", $locale->text("Batch Printing")], + ["batch_printing", $locale->text("Batch Printing")], ["--others", $locale->text("Others")], ["email_bcc", $locale->text("May set the BCC field when sending emails")], ["config", $locale->text("Change Lx-Office installation settings (all menu entries beneath 'System')")], @@ -766,6 +837,8 @@ sub save_group { my $form = $main::form; my $dbh = $self->dbconnect(); + $dbh->begin_work; + my ($query, $sth, $row, $rights); if (!$group->{id}) { @@ -811,6 +884,7 @@ sub delete_group { my $form = $main::from; my $dbh = $self->dbconnect(); + $dbh->begin_work; do_query($form, $dbh, qq|DELETE FROM auth.user_group WHERE group_id = ?|, $id); do_query($form, $dbh, qq|DELETE FROM auth.group_rights WHERE group_id = ?|, $id);