X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/72b340de2352eec7d3f99a00e2141a2df35f07f3..75f692499bd11b7e2cd6fa4acb5c29923d0e281b:/SL/Auth.pm diff --git a/SL/Auth.pm b/SL/Auth.pm index 784b185b4..b1e4b25e9 100644 --- a/SL/Auth.pm +++ b/SL/Auth.pm @@ -11,6 +11,7 @@ use YAML; use SL::Auth::Constants qw(:all); use SL::Auth::DB; use SL::Auth::LDAP; +use SL::Auth::Password; use SL::SessionFile; use SL::User; @@ -136,12 +137,10 @@ sub _read_auth_config { sub authenticate_root { $main::lxdebug->enter_sub(); - my $self = shift; - my $password = shift; - my $is_crypted = shift; + my ($self, $password) = @_; - $password = crypt $password, 'ro' if (!$password || !$is_crypted); - my $admin_password = crypt "$self->{admin_password}", 'ro'; + $password = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $password); + my $admin_password = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $self->{admin_password}); $main::lxdebug->leave_sub(); @@ -163,6 +162,21 @@ sub authenticate { return $result; } +sub store_credentials_in_session { + my ($self, %params) = @_; + + $params{password} = SL::Auth::Password->hash_if_unhashed(login => $params{login}, password => $params{password}) + unless $self->{authenticator}->requires_cleartext_password; + + $self->set_session_value(login => $params{login}, password => $params{password}); +} + +sub store_root_credentials_in_session { + my ($self, $rpw) = @_; + + $self->set_session_value(rpw => SL::Auth::Password->hash_if_unhashed(login => 'root', password => $rpw)); +} + sub dbconnect { $main::lxdebug->enter_sub(2); @@ -659,12 +673,23 @@ sub set_session_value { $main::lxdebug->enter_sub(); my $self = shift; - my %params = @_; + my @params = @_; $self->{SESSION} ||= { }; - while (my ($key, $value) = each %params) { - $self->{SESSION}->{ $key } = YAML::Dump(ref($value) eq 'HASH' ? { data => $value } : $value); + while (@params) { + my $key = shift @params; + + if (ref $key eq 'HASH') { + my $value = { data => $key->{value}, + auto_restore => $key->{auto_restore}, + }; + $self->{SESSION}->{ $key->{key} } = YAML::Dump($value); + + } else { + my $value = shift @params; + $self->{SESSION}->{ $key } = YAML::Dump(ref($value) eq 'HASH' ? { data => $value } : $value); + } } $main::lxdebug->leave_sub(); @@ -841,7 +866,6 @@ sub all_rights_full { ["customer_vendor_edit", $locale->text("Create and edit customers and vendors")], ["part_service_assembly_edit", $locale->text("Create and edit parts, services, assemblies")], ["project_edit", $locale->text("Create and edit projects")], - ["license_edit", $locale->text("Manage license keys")], ["--ar", $locale->text("AR")], ["sales_quotation_edit", $locale->text("Create and edit sales quotations")], ["sales_order_edit", $locale->text("Create and edit sales orders")], @@ -1173,11 +1197,30 @@ SL::Auth - Authentication and session handling =over 4 +=item C =item C -Store all key/value pairs in C<%values> in the session. All of these -values are copied back into C<$::form> in the next request -automatically. +Store all values of C<@values> or C<%values> in the session. Each +member of C<@values> is tested if it is a hash reference. If it is +then it must contain the keys C and C and can optionally +contain the key C. In this case C is associated +with C and restored to C<$::form> upon the next request +automatically if C is trueish or if C is a scalar +value. + +If the current member of C<@values> is not a hash reference then it +will be used as the C and the next entry of C<@values> is used as +the C to store. In this case setting C is not +possible. + +Therefore the following two invocations are identical: + + $::auth-Eset_session_value(name =E "Charlie"); + $::auth-Eset_session_value({ key =E "name", value =E "Charlie" }); + +All of these values are copied back into C<$::form> for the next +request automatically if they're scalar values or if they have +C set to trueish. The values can be any Perl structure. They are stored as YAML dumps.