X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FLoginScreen.pm;h=80700b930895706d3fb5732a2f2fa2f8d93d27f7;hb=e497d49f814a76f1423a33fb9deac5c54cf0f602;hp=385ce6fdd5f2568885f3aea94dacc5d7a09ba24a;hpb=6ca9244cdf323b4ad216ce69e7b9516f8423b344;p=kivitendo-erp.git diff --git a/SL/Controller/LoginScreen.pm b/SL/Controller/LoginScreen.pm index 385ce6fdd..80700b930 100644 --- a/SL/Controller/LoginScreen.pm +++ b/SL/Controller/LoginScreen.pm @@ -32,7 +32,7 @@ sub action_user_login { return if $self->_redirect_to_main_script_if_already_logged_in; # Otherwise show the login form. - $self->show_login_form(error => error_state($::form->{error})); + $self->show_login_form(error_state($::form->{error})); } sub action_logout { @@ -56,7 +56,6 @@ sub action_login { } %::myconfig = $login ? $::auth->read_user(login => $login) : (); - $::form->{login} = $login; $::locale = Locale->new($::myconfig{countrycode}) if $::myconfig{countrycode}; SL::Dispatcher::AuthHandler::User->new->handle(countrycode => $::myconfig{countrycode}); @@ -111,8 +110,6 @@ sub keep_auth_vars_in_form { sub _redirect_to_main_script { my ($self) = @_; - $self->_ensure_employees_for_authorized_users_exist; - return $self->redirect_to($::form->{callback}) if $::form->{callback}; $self->redirect_to(controller => "login.pl", action => 'company_logo'); @@ -129,6 +126,19 @@ sub _redirect_to_main_script_if_already_logged_in { my %user = $::auth->read_user(login => $login); return if ($user{login} || '') ne $login; + # Check if there's a client set in the session -- and whether or not + # the user still has access to the client. + my $client_id = $::auth->get_session_value('client_id'); + return if !$client_id; + + if (!$::auth->set_client($client_id)) { + $::auth->punish_wrong_login; + $::auth->destroy_session; + $::auth->create_or_refresh_session; + $self->show_login_form(error => t8('Incorrect username or password or no access to selected client!')); + return 1; + } + # Check if the session is logged in correctly. return if SL::Auth::OK() != $::auth->authenticate($login, undef); @@ -140,28 +150,14 @@ sub _redirect_to_main_script_if_already_logged_in { return 1; } -sub _ensure_employees_for_authorized_users_exist { - my ($self) = @_; - - my %employees_by_login = map { ($_->login => $_) } @{ SL::DB::Manager::Employee->get_all }; - - foreach my $user (@{ SL::DB::AuthClient->new(id => $::auth->client->{id})->load->users || [] }) { - my $user_config = $user->config_values; - my $employee = $employees_by_login{$user->login} || SL::DB::Employee->new(login => $user->login); - - $employee->update_attributes( - name => $user_config->{name}, - workphone => $user_config->{tel}, - deleted => 0, - ); - } -} - sub error_state { - return { - session => $::locale->text('The session is invalid or has expired.'), - password => $::locale->text('Incorrect username or password or no access to selected client!'), - }->{$_[0]}; + my %states = ( + session => { warning => t8('The session has expired. Please log in again.') }, + password => { error => t8('Incorrect username or password or no access to selected client!') }, + action => { warning => t8('The action is missing or invalid.') }, + ); + + return %{ $states{$_[0]} || {} }; } sub set_layout { @@ -181,8 +177,7 @@ sub init_default_client_id { sub show_login_form { my ($self, %params) = @_; - $::request->layout->focus('#auth_login'); - $self->render('login_screen/user_login', %params); + $self->render('login_screen/user_login', %params, version => $::form->read_version); } 1;