0;
}
+sub get_auth_level {
+ # Ignore the 'action' parameter.
+ return 'user';
+}
+
#
# private functions -- for use in Base only
#
will delay all flash messages for the current request. Defaults to false for
compatibility reasons.
+=item C<get_auth_level $action>
+
+May be overridden by a controller. Determines what kind of
+authentication is required for a particular action. Must return either
+C<admin> (which means that authentication as an admin is required),
+C<user> (authentication as a normal user suffices) with a possible
+future value C<none> (which would require no authentication but is not
+yet implemented).
+
=back
=head2 PRIVATE FUNCTIONS
use List::Util qw(first);
use POSIX;
use SL::Auth;
+use SL::Dispatcher::AuthHandler;
use SL::LXDebug;
use SL::LxOfficeConf;
use SL::Locale;
my $self = bless {}, $class;
$self->{interface} = lc($interface || 'cgi');
+ $self->{auth_handler} = SL::Dispatcher::AuthHandler->new;
return $self;
}
$::lxdebug->enter_sub;
my $template = shift;
my $error_type = shift || '';
+ my %params = @_;
$::locale = Locale->new($::lx_office_conf{system}->{language});
$::form->{error} = $::locale->text('The session is invalid or has expired.') if ($error_type eq 'session');
$::myconfig{countrycode} = $::lx_office_conf{system}->{language};
$::form->header;
- print $::form->parse_html_template($template);
+ print $::form->parse_html_template($template, \%params);
$::lxdebug->leave_sub;
::end_of_request();
sub _require_controller {
my $controller = shift;
$controller =~ s|[^A-Za-z0-9_]||g;
+ $controller = "SL/Controller/${controller}";
eval {
package main;
- require "SL/Controller/${controller}.pm";
+ require "${controller}.pm";
} or die $EVAL_ERROR;
}
my ($script, $path, $suffix, $script_name, $action, $routing_type);
- $script_name = $ENV{SCRIPT_NAME};
-
$self->unrequire_bin_mozilla;
$::locale = Locale->new($::lx_office_conf{system}->{language});
$::form->read_cgi_input;
- eval { ($routing_type, $script_name, $action) = _route_request($script_name); 1; } or return;
+ eval { ($routing_type, $script_name, $action) = _route_request($ENV{SCRIPT_NAME}); 1; } or return;
if ($routing_type eq 'old') {
$::form->{action} = lc $::form->{action};
} else {
show_error('login/password_error', 'session') if SL::Auth::SESSION_EXPIRED == $session_result;
- my $login = $::auth->get_session_value('login');
- show_error('login/password_error', 'password') if not defined $login;
-
- %::myconfig = $::auth->read_user(login => $login);
-
- show_error('login/password_error', 'password') unless $::myconfig{login};
-
- $::locale = Locale->new($::myconfig{countrycode});
-
- show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($login, undef);
-
- $::auth->create_or_refresh_session;
- $::auth->delete_session_value('FLASH');
- delete $::form->{password};
+ my $auth_level = $self->{auth_handler}->handle(
+ routing_type => $routing_type,
+ script => $script,
+ controller => $script_name,
+ action => $action,
+ );
if ($action) {
- $::instance_conf->init;
+ $::instance_conf->init if $auth_level eq 'user';
map { $::form->{$_} = $::myconfig{$_} } qw(charset)
unless $action eq 'save' && $::form->{type} eq 'preferences';
--- /dev/null
+package SL::Dispatcher::AuthHandler;
+
+use strict;
+
+use parent qw(Rose::Object);
+
+use SL::Dispatcher::AuthHandler::Admin;
+use SL::Dispatcher::AuthHandler::User;
+
+sub handle {
+ my ($self, %param) = @_;
+
+ my $auth_level = $self->get_auth_level(%param);
+ my $handler_name = "SL::Dispatcher::AuthHandler::" . ucfirst($auth_level);
+ $self->{handlers} ||= {};
+ $self->{handlers}->{$handler_name} ||= $handler_name->new;
+ $self->{handlers}->{$handler_name}->handle;
+
+ return $auth_level;
+}
+
+sub get_auth_level {
+ my ($self, %param) = @_;
+
+ my $auth_level = $param{routing_type} eq 'old' ? ($param{script} eq 'admin' ? 'admin' : 'user')
+ : $param{routing_type} eq 'controller' ? "SL::Controller::$param{controller}"->get_auth_level($param{action})
+ : 'user';
+
+ return $auth_level eq 'user' ? 'user' : 'admin';
+}
+
+1;
--- /dev/null
+package SL::Dispatcher::AuthHandler::User;
+
+use strict;
+
+use parent qw(Rose::Object);
+
+sub handle {
+ my $login = $::auth->get_session_value('login');
+ SL::Dispatcher::show_error('login/password_error', 'password') if not defined $login;
+
+ %::myconfig = $::auth->read_user(login => $login);
+
+ SL::Dispatcher::show_error('login/password_error', 'password') unless $::myconfig{login};
+
+ $::locale = Locale->new($::myconfig{countrycode});
+
+ SL::Dispatcher::show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($login, undef);
+
+ $::auth->create_or_refresh_session;
+ $::auth->delete_session_value('FLASH');
+ delete $::form->{password};
+}
+
+1;
projects / kivitendo-erp.git / commitdiff