X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/2a496ad85e9117b7cfaaa315b208f478eba30ffd..f217d072d76183bc07723dcc29503b732bd2022d:/SL/Auth.pm diff --git a/SL/Auth.pm b/SL/Auth.pm index 82513b98d..5d97aa01f 100644 --- a/SL/Auth.pm +++ b/SL/Auth.pm @@ -12,6 +12,7 @@ use Regexp::IPv6 qw($IPv6_re); use SL::Auth::ColumnInformation; use SL::Auth::Constants qw(:all); use SL::Auth::DB; +use SL::Auth::HTTPHeaders; use SL::Auth::LDAP; use SL::Auth::Password; use SL::Auth::SessionValue; @@ -152,7 +153,7 @@ sub _read_auth_config { foreach my $module (split m{ +}, $self->{module}) { my $config_name; ($module, $config_name) = split m{:}, $module, 2; - $config_name ||= $module eq 'DB' ? 'database' : lc($module); + $config_name ||= $module eq 'DB' ? 'database' : $module eq 'HTTPHeaders' ? 'http_headers' : lc($module); my $config = $::lx_office_conf{'authentication/' . $config_name}; if (!$config) { @@ -166,6 +167,9 @@ sub _read_auth_config { } elsif ($module eq 'LDAP') { push @{ $self->{authenticators} }, SL::Auth::LDAP->new($config); + } elsif ($module eq 'HTTPHeaders') { + push @{ $self->{authenticators} }, SL::Auth::HTTPHeaders->new($config); + } else { my $locale = Locale->new('en'); $self->mini_error($locale->text('Unknown authenticantion module #1 specified in "config/kivitendo.conf".', $module)); @@ -228,6 +232,12 @@ sub authenticate_root { return $result; } +sub set_session_authenticated { + my ($self, $login, $result) = @_; + + $self->set_session_value(SESSION_KEY_USER_AUTH() => $result, login => $login, client_id => $self->client->{id}); +} + sub authenticate { my ($self, $login, $password) = @_; @@ -252,7 +262,8 @@ sub authenticate { } } - $self->set_session_value(SESSION_KEY_USER_AUTH() => $result, login => $login, client_id => $self->client->{id}); + $self->set_session_authenticated($login, $result); + return $result; } @@ -513,6 +524,9 @@ sub read_user { my %user_data; + # Set defaults for options not present in database + $user_data{follow_up_notify_by_email} = 1; + while (my $ref = $sth->fetchrow_hashref()) { $user_data{$ref->{cfg_key}} = $ref->{cfg_value}; @user_data{qw(id login)} = @{$ref}{qw(id login)}; @@ -879,7 +893,7 @@ sub get_session_value { ($self->{SESSION}{$key} //= SL::Auth::SessionValue->new(auth => $self, key => $key))->get } -sub create_unique_sesion_value { +sub create_unique_session_value { my ($self, $value, %params) = @_; $self->{SESSION} ||= { }; @@ -912,7 +926,7 @@ sub save_form_in_session { $data->{$key} = $form->{$key} if !ref($form->{$key}) || $non_scalars; } - return $self->create_unique_sesion_value($data, %params); + return $self->create_unique_session_value($data, %params); } sub restore_form_from_session { @@ -1229,6 +1243,15 @@ sub check_right { return $granted; } +sub deny_access { + my ($self) = @_; + + $::dispatcher->reply_with_json_error(error => 'access') if $::request->type eq 'json'; + + delete $::form->{title}; + $::form->show_generic_error($::locale->text("You do not have the permissions to access this function.")); +} + sub assert { my ($self, $right, $dont_abort) = @_; @@ -1237,10 +1260,7 @@ sub assert { } if (!$dont_abort) { - $::dispatcher->reply_with_json_error(error => 'access') if $::request->type eq 'json'; - - delete $::form->{title}; - $::form->show_generic_error($::locale->text("You do not have the permissions to access this function.")); + $self->deny_access; } return 0; @@ -1326,7 +1346,7 @@ The values can be any Perl structure. They are stored as YAML dumps. Retrieve a value from the session. Returns C if the value doesn't exist. -=item C +=item C Create a unique key in the session and store C<$value> there. @@ -1342,7 +1362,7 @@ setters nor the deleter access the database. =item C Stores the content of C<$params{form}> (default: C<$::form>) in the -session using L. +session using L. If C<$params{non_scalars}> is trueish then non-scalar values will be stored as well. Default is to only store scalar values.