X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FDispatcher.pm;h=35a351877f8f6ef84ac26f530141259780d4a3a0;hb=81fed28305f28aff317639f9a190cdf83a678ed4;hp=dbb476d6c4438aaed050834181edd18ce02480ea;hpb=4531a6c712b2529a01f31ddde2ef4d7045d173c7;p=kivitendo-erp.git diff --git a/SL/Dispatcher.pm b/SL/Dispatcher.pm index dbb476d6c..35a351877 100644 --- a/SL/Dispatcher.pm +++ b/SL/Dispatcher.pm @@ -2,9 +2,18 @@ package SL::Dispatcher; use strict; +# Force scripts/locales.pl to parse these templates: +# parse_html_template('login_screen/auth_db_unreachable') +# parse_html_template('login_screen/user_login') +# parse_html_template('generic/error') + BEGIN { - unshift @INC, "modules/override"; # Use our own versions of various modules (e.g. YAML). - push @INC, "modules/fallback"; # Only use our own versions of modules if there's no system version. + use SL::System::Process; + my $exe_dir = SL::System::Process::exe_dir; + + unshift @INC, "${exe_dir}/modules/override"; # Use our own versions of various modules (e.g. YAML). + push @INC, "${exe_dir}/modules/fallback"; # Only use our own versions of modules if there's no system version. + unshift @INC, $exe_dir; } use CGI qw( -no_xhtml); @@ -17,6 +26,7 @@ use List::MoreUtils qw(all); use List::Util qw(first); use POSIX; use SL::Auth; +use SL::Dispatcher::AuthHandler; use SL::LXDebug; use SL::LxOfficeConf; use SL::Locale; @@ -25,6 +35,7 @@ use SL::Form; use SL::Helper::DateTime; use SL::InstanceConfiguration; use SL::Template::Plugin::HTMLFixes; +use SL::Layout::None; # Trailing new line is added so that Perl will not add the line # number 'die' was called in. @@ -37,6 +48,7 @@ sub new { my $self = bless {}, $class; $self->{interface} = lc($interface || 'cgi'); + $self->{auth_handler} = SL::Dispatcher::AuthHandler->new; return $self; } @@ -54,7 +66,7 @@ sub pre_request_checks { ::run(); ::end_of_request(); } else { - show_error('login/auth_db_unreachable'); + show_error('login_screen/auth_db_unreachable'); } } } @@ -63,15 +75,15 @@ sub show_error { $::lxdebug->enter_sub; my $template = shift; my $error_type = shift || ''; + my %params = @_; - $::locale = Locale->new($::lx_office_conf{system}->{language}); + $::myconfig{countrycode} = delete($params{countrycode}) || $::lx_office_conf{system}->{language}; + $::locale = Locale->new($::myconfig{countrycode}); $::form->{error} = $::locale->text('The session is invalid or has expired.') if ($error_type eq 'session'); - $::form->{error} = $::locale->text('Incorrect password!.') if ($error_type eq 'password'); - $::myconfig{countrycode} = $::lx_office_conf{system}->{language}; - $::form->{stylesheet} = 'css/lx-office-erp.css'; + $::form->{error} = $::locale->text('Incorrect password!') if ($error_type eq 'password'); - $::form->header; - print $::form->parse_html_template($template); + $::form->header(no_menu => 1); + print $::form->parse_html_template($template, \%params); $::lxdebug->leave_sub; ::end_of_request(); @@ -144,10 +156,11 @@ sub require_main_code { sub _require_controller { my $controller = shift; $controller =~ s|[^A-Za-z0-9_]||g; + $controller = "SL/Controller/${controller}"; eval { package main; - require "SL/Controller/${controller}.pm"; + require "${controller}.pm"; } or die $EVAL_ERROR; } @@ -164,21 +177,22 @@ sub handle_request { my ($script, $path, $suffix, $script_name, $action, $routing_type); - $script_name = $ENV{SCRIPT_NAME}; - $self->unrequire_bin_mozilla; $::locale = Locale->new($::lx_office_conf{system}->{language}); $::form = Form->new; $::instance_conf = SL::InstanceConfiguration->new; - $::request = { cgi => CGI->new({}) }; + $::request = { + cgi => CGI->new({}), + layout => SL::Layout::None->new, + }; my $session_result = $::auth->restore_session; $::auth->create_or_refresh_session; $::form->read_cgi_input; - eval { ($routing_type, $script_name, $action) = _route_request($script_name); 1; } or return; + eval { ($routing_type, $script_name, $action) = _route_request($ENV{SCRIPT_NAME}); 1; } or return; if ($routing_type eq 'old') { $::form->{action} = lc $::form->{action}; @@ -199,29 +213,39 @@ sub handle_request { $::form->error($::locale->text('System currently down for maintenance!')) if -e ($::lx_office_conf{paths}->{userspath} . "/nologin") && $script ne 'admin'; - if ($script eq 'login' or $script eq 'admin') { - $::form->{titlebar} = "Lx-Office " . $::locale->text('Version') . " $::form->{version}"; - ::run($session_result); + # For compatibility with a lot of database upgrade scripts etc: + # Re-write request to old 'login.pl?action=login' to new + # 'LoginScreen' controller. Make sure to load its code! + if (($script eq 'login') && ($action eq 'login')) { + ($routing_type, $script, $script_name, $action) = qw(controller controller LoginScreen login); + _require_controller('LoginScreen'); + } - } else { - show_error('login/password_error', 'session') if SL::Auth::SESSION_EXPIRED == $session_result; - %::myconfig = $::auth->read_user(login => $::form->{login}); + if (($script eq 'login') && !$action) { + print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login'); - show_error('login/password_error', 'password') unless $::myconfig{login}; + } elsif ($script eq 'admin') { + $::form->{titlebar} = "kivitendo " . $::locale->text('Version') . " $::form->{version}"; + ::run($session_result); - $::locale = Locale->new($::myconfig{countrycode}); + } else { + if (SL::Auth::SESSION_EXPIRED == $session_result) { + print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login&error=session'); + } - show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($::form->{login}, $::form->{password}); + my %auth_result = $self->{auth_handler}->handle( + routing_type => $routing_type, + script => $script, + controller => $script_name, + action => $action, + ); - $::auth->store_credentials_in_session(login => $::form->{login}, password => $::form->{password}); - $::auth->create_or_refresh_session; - $::auth->delete_session_value('FLASH'); - delete $::form->{password}; + delete @{ $::form }{ grep { m/^\{AUTH\}/ } keys %{ $::form } } unless $auth_result{keep_auth_vars}; if ($action) { - $::instance_conf->init; + $::instance_conf->init if $auth_result{auth_level} eq 'user'; - map { $::form->{$_} = $::myconfig{$_} } qw(stylesheet charset) + map { $::form->{$_} = $::myconfig{$_} } qw(charset) unless $action eq 'save' && $::form->{type} eq 'preferences'; $::form->set_standard_title; @@ -240,10 +264,13 @@ sub handle_request { if ($EVAL_ERROR ne END_OF_REQUEST) { print STDERR $EVAL_ERROR; $::form->{label_error} = $::request->{cgi}->pre($EVAL_ERROR); + chdir SL::System::Process::exe_dir; eval { show_error('generic/error') }; } }; + $::form->footer; + # cleanup $::auth->save_session; $::auth->expire_sessions; @@ -373,10 +400,9 @@ sub _check_for_old_config_files { my @old_files = grep { -f "config/${_}" } qw(authentication.pl console.conf lx-erp.conf lx-erp-local.conf); return unless @old_files; - $::form->{title} = $::locale->text('Old configuration files'); - $::form->{stylesheet} = 'lx-office-erp.css'; + $::form->{title} = $::locale->text('Old configuration files'); $::form->header; - print $::form->parse_html_template('login/old_configuration_files', { FILES => \@old_files }); + print $::form->parse_html_template('login_screen/old_configuration_files', { FILES => \@old_files }); ::end_of_request(); }