X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FLoginScreen.pm;h=80700b930895706d3fb5732a2f2fa2f8d93d27f7;hb=91a56629c620e0e0a2ea50a93f005bc344b1eca8;hp=a06686af235d399c08b80ab29d012c0a3960a166;hpb=8abd9ce32e946691e0953f9a8e2c183183d7854e;p=kivitendo-erp.git

diff --git a/SL/Controller/LoginScreen.pm b/SL/Controller/LoginScreen.pm
index a06686af2..80700b930 100644
--- a/SL/Controller/LoginScreen.pm
+++ b/SL/Controller/LoginScreen.pm
@@ -56,7 +56,6 @@ sub action_login {
   }
 
   %::myconfig      = $login ? $::auth->read_user(login => $login) : ();
-  $::form->{login} = $login;
   $::locale        = Locale->new($::myconfig{countrycode}) if $::myconfig{countrycode};
   SL::Dispatcher::AuthHandler::User->new->handle(countrycode => $::myconfig{countrycode});
 
@@ -111,8 +110,6 @@ sub keep_auth_vars_in_form {
 sub _redirect_to_main_script {
   my ($self) = @_;
 
-  $self->_ensure_employees_for_authorized_users_exist;
-
   return $self->redirect_to($::form->{callback}) if $::form->{callback};
 
   $self->redirect_to(controller => "login.pl", action => 'company_logo');
@@ -129,6 +126,19 @@ sub _redirect_to_main_script_if_already_logged_in {
   my %user = $::auth->read_user(login => $login);
   return if ($user{login} || '') ne $login;
 
+  # Check if there's a client set in the session -- and whether or not
+  # the user still has access to the client.
+  my $client_id = $::auth->get_session_value('client_id');
+  return if !$client_id;
+
+  if (!$::auth->set_client($client_id)) {
+    $::auth->punish_wrong_login;
+    $::auth->destroy_session;
+    $::auth->create_or_refresh_session;
+    $self->show_login_form(error => t8('Incorrect username or password or no access to selected client!'));
+    return 1;
+  }
+
   # Check if the session is logged in correctly.
   return if SL::Auth::OK() != $::auth->authenticate($login, undef);
 
@@ -140,27 +150,11 @@ sub _redirect_to_main_script_if_already_logged_in {
   return 1;
 }
 
-sub _ensure_employees_for_authorized_users_exist {
-  my ($self) = @_;
-
-  my %employees_by_login = map { ($_->login => $_) } @{ SL::DB::Manager::Employee->get_all };
-
-  foreach my $user (@{ SL::DB::AuthClient->new(id => $::auth->client->{id})->load->users || [] }) {
-    my $user_config = $user->config_values;
-    my $employee    = $employees_by_login{$user->login} || SL::DB::Employee->new(login => $user->login);
-
-    $employee->update_attributes(
-      name      => $user_config->{name},
-      workphone => $user_config->{tel},
-      deleted   => 0,
-    );
-  }
-}
-
 sub error_state {
   my %states = (
     session  => { warning => t8('The session has expired. Please log in again.')                   },
     password => { error   => t8('Incorrect username or password or no access to selected client!') },
+    action   => { warning => t8('The action is missing or invalid.')                               },
   );
 
   return %{ $states{$_[0]} || {} };
@@ -183,7 +177,7 @@ sub init_default_client_id {
 sub show_login_form {
   my ($self, %params) = @_;
 
-  $self->render('login_screen/user_login', %params);
+  $self->render('login_screen/user_login', %params, version => $::form->read_version);
 }
 
 1;