Bug 22330: Transfer limits should be respected for placing holds in staff interface...

[koha.git] / C4 / InstallAuth.pm

diff --git a/C4/InstallAuth.pm b/C4/InstallAuth.pm
index 6851214..67319b3 100644 (file)
--- a/C4/InstallAuth.pm
+++ b/C4/InstallAuth.pm
@@ -20,13 +20,15 @@ package C4::InstallAuth;
 use strict;
 #use warnings; FIXME - Bug 2505
 use Digest::MD5 qw(md5_base64);
+use CGI::Session;
+use File::Spec;
 
 require Exporter;
+
 use C4::Context;
 use C4::Output;
 use C4::Templates;
 use C4::Koha;
-use CGI::Session;
 
 use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
 
@@ -94,7 +96,7 @@ InstallAuth - Authenticates Koha users for Install process
 
     The C<template_name> is then used to find the correct template for
     the page. The authenticated users details are loaded onto the
-    template in the HTML::Template LOOP variable C<USER_INFO>. Also the
+    template in the logged_in_user variable (which is a Koha::Patron object). Also the
     C<sessionID> is passed to the template. This can be used in templates
     if cookies are disabled. It needs to be put as and input to every
     authenticated page.
@@ -142,12 +144,15 @@ sub get_template_and_user {
             $template->param( CAN_user_editcatalogue    => 1 );
             $template->param( CAN_user_updatecharges    => 1 );
             $template->param( CAN_user_acquisition      => 1 );
-            $template->param( CAN_user_management       => 1 );
             $template->param( CAN_user_tools            => 1 );
             $template->param( CAN_user_editauthorities  => 1 );
             $template->param( CAN_user_serials          => 1 );
             $template->param( CAN_user_reports          => 1 );
         }
+
+        my $minPasswordLength = C4::Context->preference('minPasswordLength');
+        $minPasswordLength = 3 if not $minPasswordLength or $minPasswordLength < 3;
+        $template->param(minPasswordLength => $minPasswordLength,);
     }
     return ( $template, $borrowernumber, $cookie );
 }
@@ -233,6 +238,7 @@ sub checkauth {
     my $dbh = C4::Context->dbh();
     my $template_name;
     $template_name = "installer/auth.tt";
+    my $sessdir = File::Spec->catdir( C4::Context::temporary_directory, 'cgisess_' . C4::Context->config('database') ); # same construction as in C4/Auth
 
     # state variables
     my $loggedin = 0;
@@ -243,7 +249,7 @@ sub checkauth {
         C4::Context->_new_userenv($sessionID);
         my $session =
           new CGI::Session( "driver:File;serializer:yaml", $sessionID,
-            { Directory => '/tmp' } );
+            { Directory => $sessdir } );
         if ( $session->param('cardnumber') ) {
             C4::Context->set_userenv(
                 $session->param('number'),
@@ -283,7 +289,7 @@ sub checkauth {
     }
     unless ($userid) {
         my $session =
-          new CGI::Session( "driver:File;serializer:yaml", undef, { Directory => '/tmp' } );
+          new CGI::Session( "driver:File;serializer:yaml", undef, { Directory => $sessdir } );
         $sessionID = $session->id;
         $userid    = $query->param('userid');
         C4::Context->_new_userenv($sessionID);
@@ -417,16 +423,6 @@ sub checkpw {
         );
         return 2;
     }
-    if (   $userid
-        && $userid     eq 'demo'
-        && "$password" eq 'demo'
-        && C4::Context->config('demo') )
-    {
-
-# DEMO => the demo user is allowed to do everything (if demo set to 1 in koha.conf
-# some features won't be effective : modify systempref, modify MARC structure,
-        return 2;
-    }
     return 0;
 }