X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FLoginScreen.pm;h=adcc8f05b9fede9b16b557191eb48af4e7963531;hb=53593baa211863fbf66540cf1bcc36c8fb37257f;hp=50cae1816d18f762fbb8bff30b7d40884ac8b80e;hpb=383534cc74519de23e1298cd5bb1fc542d836b42;p=kivitendo-erp.git diff --git a/SL/Controller/LoginScreen.pm b/SL/Controller/LoginScreen.pm index 50cae1816..adcc8f05b 100644 --- a/SL/Controller/LoginScreen.pm +++ b/SL/Controller/LoginScreen.pm @@ -13,6 +13,7 @@ use SL::DB::AuthUser; use SL::DB::Employee; use SL::Locale::String qw(t8); use SL::User; +use SL::Version; use Rose::Object::MakeMethods::Generic ( 'scalar --get_set_init' => [ qw(clients default_client_id) ], @@ -32,7 +33,7 @@ sub action_user_login { return if $self->_redirect_to_main_script_if_already_logged_in; # Otherwise show the login form. - $self->show_login_form(error => error_state($::form->{error})); + $self->show_login_form(error_state($::form->{error})); } sub action_logout { @@ -56,26 +57,35 @@ sub action_login { } %::myconfig = $login ? $::auth->read_user(login => $login) : (); - $::form->{login} = $login; $::locale = Locale->new($::myconfig{countrycode}) if $::myconfig{countrycode}; - SL::Dispatcher::AuthHandler::User->new->handle(countrycode => $::myconfig{countrycode}); + my $auth_result = SL::Dispatcher::AuthHandler::User->new->handle(callback => $::form->{callback}); + + $::dispatcher->end_request unless $auth_result; $::request->layout(SL::Layout::Dispatcher->new(style => $::myconfig{menustyle})); # if we get an error back, bale out my $result = User->new(login => $::myconfig{login})->login($::form); - # Database update available? - ::end_of_request() if -2 == $result; - # Auth DB needs update? If so log the user out forcefully. - if (-3 == $result) { + if (User::LOGIN_AUTH_DBUPDATE_AVAILABLE() == $result) { + $::auth->destroy_session; + # must be without layout because menu rights might not exist yet + return $self->render('login_screen/auth_db_needs_update', { layout => 0 }); + } + + # Basic client tables available? If not tell the user to create them + # and log the user out forcefully. + if (User::LOGIN_BASIC_TABLES_MISSING() == $result) { $::auth->destroy_session; - return $self->render('login_screen/auth_db_needs_update'); + return $self->render('login_screen/basic_tables_missing'); } + # Database update available? + $::dispatcher->end_request if User::LOGIN_DBUPDATE_AVAILABLE() == $result; + # Other login errors. - if (0 > $result) { + if (User::LOGIN_OK() != $result) { $::auth->punish_wrong_login; return $self->show_login_form(error => $error); } @@ -104,8 +114,6 @@ sub keep_auth_vars_in_form { sub _redirect_to_main_script { my ($self) = @_; - $self->_ensure_employees_for_authorized_users_exist; - return $self->redirect_to($::form->{callback}) if $::form->{callback}; $self->redirect_to(controller => "login.pl", action => 'company_logo'); @@ -122,6 +130,19 @@ sub _redirect_to_main_script_if_already_logged_in { my %user = $::auth->read_user(login => $login); return if ($user{login} || '') ne $login; + # Check if there's a client set in the session -- and whether or not + # the user still has access to the client. + my $client_id = $::auth->get_session_value('client_id'); + return if !$client_id; + + if (!$::auth->set_client($client_id)) { + $::auth->punish_wrong_login; + $::auth->destroy_session; + $::auth->create_or_refresh_session; + $self->show_login_form(error => t8('Incorrect username or password or no access to selected client!')); + return 1; + } + # Check if the session is logged in correctly. return if SL::Auth::OK() != $::auth->authenticate($login, undef); @@ -133,32 +154,20 @@ sub _redirect_to_main_script_if_already_logged_in { return 1; } -sub _ensure_employees_for_authorized_users_exist { - my ($self) = @_; - - my %employees_by_login = map { ($_->login => $_) } @{ SL::DB::Manager::Employee->get_all }; - - foreach my $user (@{ SL::DB::AuthClient->new(id => $::auth->client->{id})->load->users || [] }) { - my $user_config = $user->config_values; - my $employee = $employees_by_login{$user->login} || SL::DB::Employee->new(login => $user->login); - - $employee->update_attributes( - name => $user_config->{name}, - workphone => $user_config->{tel}, - deleted => 0, - ); - } -} - sub error_state { - return { - session => $::locale->text('The session is invalid or has expired.'), - password => $::locale->text('Incorrect username or password or no access to selected client!'), - }->{$_[0]}; + my %states = ( + session => { warning => t8('The session has expired. Please log in again.') }, + password => { error => t8('Incorrect username or password or no access to selected client!') }, + action => { warning => t8('The action is missing or invalid.') }, + ); + + return %{ $states{$_[0]} || {} }; } sub set_layout { - $::request->{layout} = SL::Layout::Dispatcher->new(style => 'login'); + $::request->{layout} = $::request->is_mobile + ? SL::Layout::Dispatcher->new(style => 'mobile_login') + : SL::Layout::Dispatcher->new(style => 'login'); } sub init_clients { @@ -174,8 +183,7 @@ sub init_default_client_id { sub show_login_form { my ($self, %params) = @_; - $::request->layout->focus('#auth_login'); - $self->render('login_screen/user_login', %params); + $self->render('login_screen/user_login', %params, version => SL::Version->get_version, callback => $::form->{callback}); } 1;