X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FLoginScreen.pm;h=e84a31505ddb1b1cf80b12a0a3c1bbee6228283d;hb=88abef92ceaa2f2f297eb0b2a9a64418bed97ba7;hp=50cae1816d18f762fbb8bff30b7d40884ac8b80e;hpb=841d44c00aae1166a0721e40dc2f9ffb7b9ac5b5;p=kivitendo-erp.git

diff --git a/SL/Controller/LoginScreen.pm b/SL/Controller/LoginScreen.pm
index 50cae1816..e84a31505 100644
--- a/SL/Controller/LoginScreen.pm
+++ b/SL/Controller/LoginScreen.pm
@@ -32,7 +32,7 @@ sub action_user_login {
   return if $self->_redirect_to_main_script_if_already_logged_in;
 
   # Otherwise show the login form.
-  $self->show_login_form(error => error_state($::form->{error}));
+  $self->show_login_form(error_state($::form->{error}));
 }
 
 sub action_logout {
@@ -65,17 +65,24 @@ sub action_login {
   # if we get an error back, bale out
   my $result = User->new(login => $::myconfig{login})->login($::form);
 
-  # Database update available?
-  ::end_of_request() if -2 == $result;
-
   # Auth DB needs update? If so log the user out forcefully.
-  if (-3 == $result) {
+  if (User::LOGIN_AUTH_DBUPDATE_AVAILABLE() == $result) {
     $::auth->destroy_session;
     return $self->render('login_screen/auth_db_needs_update');
   }
 
+  # Basic client tables available? If not tell the user to create them
+  # and log the user out forcefully.
+  if (User::LOGIN_BASIC_TABLES_MISSING() == $result) {
+    $::auth->destroy_session;
+    return $self->render('login_screen/basic_tables_missing');
+  }
+
+  # Database update available?
+  ::end_of_request() if User::LOGIN_DBUPDATE_AVAILABLE() == $result;
+
   # Other login errors.
-  if (0 > $result) {
+  if (User::LOGIN_OK() != $result) {
     $::auth->punish_wrong_login;
     return $self->show_login_form(error => $error);
   }
@@ -122,6 +129,19 @@ sub _redirect_to_main_script_if_already_logged_in {
   my %user = $::auth->read_user(login => $login);
   return if ($user{login} || '') ne $login;
 
+  # Check if there's a client set in the session -- and whether or not
+  # the user still has access to the client.
+  my $client_id = $::auth->get_session_value('client_id');
+  return if !$client_id;
+
+  if (!$::auth->set_client($client_id)) {
+    $::auth->punish_wrong_login;
+    $::auth->destroy_session;
+    $::auth->create_or_refresh_session;
+    $self->show_login_form(error => t8('Incorrect username or password or no access to selected client!'));
+    return 1;
+  }
+
   # Check if the session is logged in correctly.
   return if SL::Auth::OK() != $::auth->authenticate($login, undef);
 
@@ -151,10 +171,12 @@ sub _ensure_employees_for_authorized_users_exist {
 }
 
 sub error_state {
-  return {
-    session  => $::locale->text('The session is invalid or has expired.'),
-    password => $::locale->text('Incorrect username or password or no access to selected client!'),
-  }->{$_[0]};
+  my %states = (
+    session  => { warning => t8('The session has expired. Please log in again.')                   },
+    password => { error   => t8('Incorrect username or password or no access to selected client!') },
+  );
+
+  return %{ $states{$_[0]} || {} };
 }
 
 sub set_layout {
@@ -174,8 +196,7 @@ sub init_default_client_id {
 sub show_login_form {
   my ($self, %params) = @_;
 
-  $::request->layout->focus('#auth_login');
-  $self->render('login_screen/user_login', %params);
+  $self->render('login_screen/user_login', %params, version => $::form->read_version);
 }
 
 1;