X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FLoginScreen.pm;h=adcc8f05b9fede9b16b557191eb48af4e7963531;hb=53593baa211863fbf66540cf1bcc36c8fb37257f;hp=13b7b8a8c9d2e4f3eb755f45eb295b9686fb0f8b;hpb=7647d46acbc2a8253c0afeac5c706c3eb76995d5;p=kivitendo-erp.git

diff --git a/SL/Controller/LoginScreen.pm b/SL/Controller/LoginScreen.pm
index 13b7b8a8c..adcc8f05b 100644
--- a/SL/Controller/LoginScreen.pm
+++ b/SL/Controller/LoginScreen.pm
@@ -4,10 +4,23 @@ use strict;
 
 use parent qw(SL::Controller::Base);
 
+use List::Util qw(first);
+
 use SL::Dispatcher::AuthHandler::User;
+use SL::DB::AuthClient;
+use SL::DB::AuthGroup;
+use SL::DB::AuthUser;
+use SL::DB::Employee;
+use SL::Locale::String qw(t8);
 use SL::User;
+use SL::Version;
+
+use Rose::Object::MakeMethods::Generic (
+  'scalar --get_set_init' => [ qw(clients default_client_id) ],
+);
 
 __PACKAGE__->run_before('set_layout');
+
 #
 # actions
 #
@@ -20,7 +33,7 @@ sub action_user_login {
   return if $self->_redirect_to_main_script_if_already_logged_in;
 
   # Otherwise show the login form.
-  $self->render('login_screen/user_login', error => error_state($::form->{error}));
+  $self->show_login_form(error_state($::form->{error}));
 }
 
 sub action_logout {
@@ -28,42 +41,59 @@ sub action_logout {
 
   $::auth->destroy_session;
   $::auth->create_or_refresh_session;
-  $self->render('login_screen/user_login', error => $::locale->text('You are logged out!'));
+  $self->show_login_form(info => $::locale->text('You are logged out!'));
 }
 
 sub action_login {
   my ($self) = @_;
 
-  my $login        = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
+  my $login     = $::form->{'{AUTH}login'}     || $::auth->get_session_value('login');
+  my $client_id = $::form->{'{AUTH}client_id'} || $::auth->get_session_value('client_id');
+  my $error     = t8('Incorrect username or password or no access to selected client!');
+
+  if (!$::auth->set_client($client_id)) {
+    $::auth->punish_wrong_login;
+    return $self->show_login_form(error => $error);
+  }
+
   %::myconfig      = $login ? $::auth->read_user(login => $login) : ();
-  SL::Dispatcher::AuthHandler::User->new->handle(countrycode => $::myconfig{countrycode});
-  $::form->{login} = $::myconfig{login};
   $::locale        = Locale->new($::myconfig{countrycode}) if $::myconfig{countrycode};
-  my $user         = User->new(login => $::myconfig{login});
-  $::request->{layout} = SL::Layout::Dispatcher->new(style => $user->{menustyle});
+  my $auth_result  = SL::Dispatcher::AuthHandler::User->new->handle(callback => $::form->{callback});
 
-  # if we get an error back, bale out
-  my $result = $user->login($::form);
+  $::dispatcher->end_request unless $auth_result;
 
-  # Database update available?
-  ::end_of_request() if -2 == $result;
+  $::request->layout(SL::Layout::Dispatcher->new(style => $::myconfig{menustyle}));
+
+  # if we get an error back, bale out
+  my $result = User->new(login => $::myconfig{login})->login($::form);
 
   # Auth DB needs update? If so log the user out forcefully.
-  if (-3 == $result) {
+  if (User::LOGIN_AUTH_DBUPDATE_AVAILABLE() == $result) {
     $::auth->destroy_session;
-    return $self->render('login_screen/auth_db_needs_update');
+    # must be without layout because menu rights might not exist yet
+    return $self->render('login_screen/auth_db_needs_update', { layout => 0 });
   }
 
+  # Basic client tables available? If not tell the user to create them
+  # and log the user out forcefully.
+  if (User::LOGIN_BASIC_TABLES_MISSING() == $result) {
+    $::auth->destroy_session;
+    return $self->render('login_screen/basic_tables_missing');
+  }
+
+  # Database update available?
+  $::dispatcher->end_request if User::LOGIN_DBUPDATE_AVAILABLE() == $result;
+
   # Other login errors.
-  if (0 > $result) {
+  if (User::LOGIN_OK() != $result) {
     $::auth->punish_wrong_login;
-    return $self->render('login_screen/user_login', error => $::locale->text('Incorrect username or password!'));
+    return $self->show_login_form(error => $error);
   }
 
   # Everything is fine.
   $::auth->set_cookie_environment_variable();
 
-  $self->_redirect_to_main_script($user);
+  $self->_redirect_to_main_script;
 }
 
 #
@@ -82,7 +112,7 @@ sub keep_auth_vars_in_form {
 #
 
 sub _redirect_to_main_script {
-  my ($self, $user) = @_;
+  my ($self) = @_;
 
   return $self->redirect_to($::form->{callback}) if $::form->{callback};
 
@@ -100,6 +130,19 @@ sub _redirect_to_main_script_if_already_logged_in {
   my %user = $::auth->read_user(login => $login);
   return if ($user{login} || '') ne $login;
 
+  # Check if there's a client set in the session -- and whether or not
+  # the user still has access to the client.
+  my $client_id = $::auth->get_session_value('client_id');
+  return if !$client_id;
+
+  if (!$::auth->set_client($client_id)) {
+    $::auth->punish_wrong_login;
+    $::auth->destroy_session;
+    $::auth->create_or_refresh_session;
+    $self->show_login_form(error => t8('Incorrect username or password or no access to selected client!'));
+    return 1;
+  }
+
   # Check if the session is logged in correctly.
   return if SL::Auth::OK() != $::auth->authenticate($login, undef);
 
@@ -112,14 +155,35 @@ sub _redirect_to_main_script_if_already_logged_in {
 }
 
 sub error_state {
-  return {
-    session  => $::locale->text('The session is invalid or has expired.'),
-    password => $::locale->text('Incorrect password!'),
-  }->{$_[0]};
+  my %states = (
+    session  => { warning => t8('The session has expired. Please log in again.')                   },
+    password => { error   => t8('Incorrect username or password or no access to selected client!') },
+    action   => { warning => t8('The action is missing or invalid.')                               },
+  );
+
+  return %{ $states{$_[0]} || {} };
 }
 
 sub set_layout {
-  $::request->{layout} = SL::Layout::Dispatcher->new(style => 'login');
+  $::request->{layout} = $::request->is_mobile
+    ? SL::Layout::Dispatcher->new(style => 'mobile_login')
+    : SL::Layout::Dispatcher->new(style => 'login');
+}
+
+sub init_clients {
+  return SL::DB::Manager::AuthClient->get_all_sorted;
+}
+
+sub init_default_client_id {
+  my ($self)         = @_;
+  my $default_client = first { $_->is_default } @{ $self->clients };
+  return $default_client ? $default_client->id : undef;
+}
+
+sub show_login_form {
+  my ($self, %params) = @_;
+
+  $self->render('login_screen/user_login', %params, version => SL::Version->get_version, callback => $::form->{callback});
 }
 
 1;