X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FAuth.pm;h=eb5a7805ad8030618ee063b475a04b1795b2d33a;hb=6f2893dcf199d5e5147cc2020c2ab6984f4274dc;hp=68ca553957d125afc600bd90e9b79ccf80980715;hpb=c87608abb2f5d98353e6838f33146b00a1399c3c;p=kivitendo-erp.git

diff --git a/SL/Auth.pm b/SL/Auth.pm
index 68ca55395..eb5a7805a 100644
--- a/SL/Auth.pm
+++ b/SL/Auth.pm
@@ -1,23 +1,21 @@
 package SL::Auth;
 
-use constant OK              =>   0;
-use constant ERR_PASSWORD    =>   1;
-use constant ERR_BACKEND     => 100;
-
-use constant SESSION_OK      =>   0;
-use constant SESSION_NONE    =>   1;
-use constant SESSION_EXPIRED =>   2;
+use DBI;
 
 use Digest::MD5 qw(md5_hex);
 use IO::File;
 use Time::HiRes qw(gettimeofday);
+use List::MoreUtils qw(uniq);
 
+use SL::Auth::Constants qw(:all);
 use SL::Auth::DB;
 use SL::Auth::LDAP;
 
 use SL::User;
 use SL::DBUtils;
 
+use strict;
+
 sub new {
   $main::lxdebug->enter_sub();
 
@@ -35,6 +33,26 @@ sub new {
   return $self;
 }
 
+sub get_user_dbh {
+  my ($self, $login) = @_;
+  my %user = $self->read_user($login);
+  my $dbh  = DBI->connect(
+    $user{dbconnect},
+    $user{dbuser},
+    $user{dbpasswd},
+    {
+      pg_enable_utf8 => $::locale->is_utf8,
+      AutoCommit     => 0
+    }
+  ) or $::form->dberror;
+
+  if ($user{dboptions}) {
+    $dbh->do($user{dboptions}) or $::form->dberror($user{dboptions});
+  }
+
+  return $dbh;
+}
+
 sub DESTROY {
   my $self = shift;
 
@@ -122,13 +140,13 @@ sub authenticate {
 }
 
 sub dbconnect {
-  $main::lxdebug->enter_sub();
+  $main::lxdebug->enter_sub(2);
 
   my $self     = shift;
   my $may_fail = shift;
 
   if ($self->{dbh}) {
-    $main::lxdebug->leave_sub();
+    $main::lxdebug->leave_sub(2);
     return $self->{dbh};
   }
 
@@ -139,9 +157,9 @@ sub dbconnect {
     $dsn .= ';port=' . $cfg->{port};
   }
 
-  $main::lxdebug->message(LXDebug::DEBUG1, "Auth::dbconnect DSN: $dsn");
+  $main::lxdebug->message(LXDebug->DEBUG1, "Auth::dbconnect DSN: $dsn");
 
-  $self->{dbh} = DBI->connect($dsn, $cfg->{user}, $cfg->{password}, { 'AutoCommit' => 0 });
+  $self->{dbh} = DBI->connect($dsn, $cfg->{user}, $cfg->{password}, { pg_enable_utf8 => $::locale->is_utf8, AutoCommit => 0 });
 
   if (!$may_fail && !$self->{dbh}) {
     $main::form->error($main::locale->text('The connection to the authentication database failed:') . "\n" . $DBI::errstr);
@@ -214,22 +232,22 @@ sub create_database {
     $dsn .= ';port=' . $cfg->{port};
   }
 
-  $main::lxdebug->message(LXDebug::DEBUG1, "Auth::create_database DSN: $dsn");
-
-  my $dbh = DBI->connect($dsn, $params{superuser}, $params{superuser_password});
-
-  if (!$dbh) {
-    $main::form->error($main::locale->text('The connection to the template database failed:') . "\n" . $DBI::errstr);
-  }
+  $main::lxdebug->message(LXDebug->DEBUG1(), "Auth::create_database DSN: $dsn");
 
   my $charset    = $main::dbcharset;
   $charset     ||= Common::DEFAULT_CHARSET;
   my $encoding   = $Common::charset_to_db_encoding{$charset};
   $encoding    ||= 'UNICODE';
 
+  my $dbh        = DBI->connect($dsn, $params{superuser}, $params{superuser_password}, { pg_enable_utf8 => $charset =~ m/^utf-?8$/i });
+
+  if (!$dbh) {
+    $main::form->error($main::locale->text('The connection to the template database failed:') . "\n" . $DBI::errstr);
+  }
+
   my $query = qq|CREATE DATABASE "$cfg->{db}" OWNER "$cfg->{user}" TEMPLATE "$params{template}" ENCODING '$encoding'|;
 
-  $main::lxdebug->message(LXDebug::DEBUG1, "Auth::create_database query: $query");
+  $main::lxdebug->message(LXDebug->DEBUG1(), "Auth::create_database query: $query");
 
   $dbh->do($query);
 
@@ -358,7 +376,7 @@ sub read_user {
   my $login = shift;
 
   my $dbh   = $self->dbconnect();
-  my $query = qq|SELECT cfg.cfg_key, cfg.cfg_value
+  my $query = qq|SELECT u.id, u.login, cfg.cfg_key, cfg.cfg_value
                  FROM auth.user_config cfg
                  LEFT JOIN auth."user" u ON (cfg.user_id = u.id)
                  WHERE (u.login = ?)|;
@@ -368,7 +386,7 @@ sub read_user {
 
   while (my $ref = $sth->fetchrow_hashref()) {
     $user_data{$ref->{cfg_key}} = $ref->{cfg_value};
-    $user_data{login}           = $login;
+    @user_data{qw(id login)}    = @{$ref}{qw(id login)};
   }
 
   $sth->finish();
@@ -516,9 +534,6 @@ sub expire_sessions {
 sub _create_session_id {
   $main::lxdebug->enter_sub();
 
-  my @secs = gettimeofday();
-  srand $secs[1] + $$;
-
   my @data;
   map { push @data, int(rand() * 255); } (1..32);
 
@@ -629,6 +644,20 @@ sub all_rights_full {
   my $locale = $main::locale;
 
   my @all_rights = (
+    ["--crm",                          $locale->text("CRM optional software")],
+    ["crm_search",                     $locale->text("CRM search")],
+    ["crm_new",                        $locale->text("CRM create customers, vendors and contacts")],
+    ["crm_service",                    $locale->text("CRM services")],
+    ["crm_admin",                      $locale->text("CRM admin")],
+    ["crm_adminuser",                  $locale->text("CRM user")],
+    ["crm_adminstatus",                $locale->text("CRM status")],
+    ["crm_email",                      $locale->text("CRM send email")],
+    ["crm_termin",                     $locale->text("CRM termin")],
+    ["crm_opportunity",                $locale->text("CRM opportunity")],
+    ["crm_knowhow",                    $locale->text("CRM know how")],
+    ["crm_follow",                     $locale->text("CRM follow up")],
+    ["crm_notices",                    $locale->text("CRM notices")],
+    ["crm_other",                      $locale->text("CRM other")],
     ["--master_data",                  $locale->text("Master Data")],
     ["customer_vendor_edit",           $locale->text("Create and edit customers and vendors")],
     ["part_service_assembly_edit",     $locale->text("Create and edit parts, services, assemblies")],
@@ -640,6 +669,7 @@ sub all_rights_full {
     ["sales_delivery_order_edit",      $locale->text("Create and edit sales delivery orders")],
     ["invoice_edit",                   $locale->text("Create and edit invoices and credit notes")],
     ["dunning_edit",                   $locale->text("Create and edit dunnings")],
+    ["sales_all_edit",                 $locale->text("View/edit all employees sales documents")],
     ["--ap",                           $locale->text("AP")],
     ["request_quotation_edit",         $locale->text("Create and edit RFQs")],
     ["purchase_order_edit",            $locale->text("Create and edit purchase orders")],
@@ -690,13 +720,14 @@ sub read_groups {
   $sth   = prepare_query($form, $dbh, $query);
 
   foreach $group (values %{$groups}) {
-    $group->{members} = [];
+    my @members;
 
     do_statement($form, $sth, $query, $group->{id});
 
     while ($row = $sth->fetchrow_hashref()) {
-      push @{$group->{members}}, $row->{user_id};
+      push @members, $row->{user_id};
     }
+    $group->{members} = [ uniq @members ];
   }
   $sth->finish();
 
@@ -746,7 +777,7 @@ sub save_group {
   $query  = qq|INSERT INTO auth.user_group (user_id, group_id) VALUES (?, ?)|;
   $sth    = prepare_query($form, $dbh, $query);
 
-  foreach my $user_id (@{ $group->{members} }) {
+  foreach my $user_id (uniq @{ $group->{members} }) {
     do_statement($form, $sth, $query, $user_id, $group->{id});
   }
   $sth->finish();
@@ -813,7 +844,7 @@ sub evaluate_rights_ary {
     }
   }
 
-  $main::lxdebug->enter_sub(2);
+  $main::lxdebug->leave_sub(2);
 
   return $value;
 }
@@ -847,7 +878,7 @@ sub _parse_rights_string {
       pop @stack;
 
       if (!@stack) {
-        $main::lxdebug->enter_sub(2);
+        $main::lxdebug->leave_sub(2);
         return 0;
       }
 
@@ -863,7 +894,7 @@ sub _parse_rights_string {
 
   my $result = ($access || (1 < scalar @stack)) ? 0 : evaluate_rights_ary($stack[0]);
 
-  $main::lxdebug->enter_sub(2);
+  $main::lxdebug->leave_sub(2);
 
   return $result;
 }