X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FLoginScreen.pm;h=d38736b82289fb884124556e9cb54d52918ddb8c;hb=fa7fc7eeb3ca718914affee06c0629a08d571288;hp=50cae1816d18f762fbb8bff30b7d40884ac8b80e;hpb=383534cc74519de23e1298cd5bb1fc542d836b42;p=kivitendo-erp.git diff --git a/SL/Controller/LoginScreen.pm b/SL/Controller/LoginScreen.pm index 50cae1816..d38736b82 100644 --- a/SL/Controller/LoginScreen.pm +++ b/SL/Controller/LoginScreen.pm @@ -32,7 +32,7 @@ sub action_user_login { return if $self->_redirect_to_main_script_if_already_logged_in; # Otherwise show the login form. - $self->show_login_form(error => error_state($::form->{error})); + $self->show_login_form(error_state($::form->{error})); } sub action_logout { @@ -65,17 +65,24 @@ sub action_login { # if we get an error back, bale out my $result = User->new(login => $::myconfig{login})->login($::form); - # Database update available? - ::end_of_request() if -2 == $result; - # Auth DB needs update? If so log the user out forcefully. - if (-3 == $result) { + if (User::LOGIN_AUTH_DBUPDATE_AVAILABLE() == $result) { $::auth->destroy_session; return $self->render('login_screen/auth_db_needs_update'); } + # Basic client tables available? If not tell the user to create them + # and log the user out forcefully. + if (User::LOGIN_BASIC_TABLES_MISSING() == $result) { + $::auth->destroy_session; + return $self->render('login_screen/basic_tables_missing'); + } + + # Database update available? + ::end_of_request() if User::LOGIN_DBUPDATE_AVAILABLE() == $result; + # Other login errors. - if (0 > $result) { + if (User::LOGIN_OK() != $result) { $::auth->punish_wrong_login; return $self->show_login_form(error => $error); } @@ -104,8 +111,6 @@ sub keep_auth_vars_in_form { sub _redirect_to_main_script { my ($self) = @_; - $self->_ensure_employees_for_authorized_users_exist; - return $self->redirect_to($::form->{callback}) if $::form->{callback}; $self->redirect_to(controller => "login.pl", action => 'company_logo'); @@ -122,6 +127,19 @@ sub _redirect_to_main_script_if_already_logged_in { my %user = $::auth->read_user(login => $login); return if ($user{login} || '') ne $login; + # Check if there's a client set in the session -- and whether or not + # the user still has access to the client. + my $client_id = $::auth->get_session_value('client_id'); + return if !$client_id; + + if (!$::auth->set_client($client_id)) { + $::auth->punish_wrong_login; + $::auth->destroy_session; + $::auth->create_or_refresh_session; + $self->show_login_form(error => t8('Incorrect username or password or no access to selected client!')); + return 1; + } + # Check if the session is logged in correctly. return if SL::Auth::OK() != $::auth->authenticate($login, undef); @@ -133,28 +151,14 @@ sub _redirect_to_main_script_if_already_logged_in { return 1; } -sub _ensure_employees_for_authorized_users_exist { - my ($self) = @_; - - my %employees_by_login = map { ($_->login => $_) } @{ SL::DB::Manager::Employee->get_all }; - - foreach my $user (@{ SL::DB::AuthClient->new(id => $::auth->client->{id})->load->users || [] }) { - my $user_config = $user->config_values; - my $employee = $employees_by_login{$user->login} || SL::DB::Employee->new(login => $user->login); - - $employee->update_attributes( - name => $user_config->{name}, - workphone => $user_config->{tel}, - deleted => 0, - ); - } -} - sub error_state { - return { - session => $::locale->text('The session is invalid or has expired.'), - password => $::locale->text('Incorrect username or password or no access to selected client!'), - }->{$_[0]}; + my %states = ( + session => { warning => t8('The session has expired. Please log in again.') }, + password => { error => t8('Incorrect username or password or no access to selected client!') }, + action => { warning => t8('The action is missing or invalid.') }, + ); + + return %{ $states{$_[0]} || {} }; } sub set_layout { @@ -174,8 +178,7 @@ sub init_default_client_id { sub show_login_form { my ($self, %params) = @_; - $::request->layout->focus('#auth_login'); - $self->render('login_screen/user_login', %params); + $self->render('login_screen/user_login', %params, version => $::form->read_version); } 1;