X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;f=C4%2FAuth.pm;h=721176959af4d82e0f6f1a846113f17b08381057;hb=6b8be20497dd877c4ba5c5278a89fd82fc0862a9;hp=482ca16fc9b621ce0047d5a618929cd0a93ffc12;hpb=514f84a6ac2cd450098b1c9adc855f1d33417766;p=koha.git diff --git a/C4/Auth.pm b/C4/Auth.pm index 482ca16fc9..721176959a 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -26,7 +26,7 @@ use CGI::Session; require Exporter; use C4::Context; -use C4::Output; # to get the template +use C4::Templates; # to get the template use C4::Members; use C4::Koha; use C4::Branch; # GetBranches @@ -34,7 +34,7 @@ use C4::VirtualShelves; use POSIX qw/strftime/; # use utf8; -use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug $ldap $cas $caslogout); +use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug $ldap $cas $caslogout $servers $memcached); BEGIN { $VERSION = 3.02; # set version for version checking @@ -54,7 +54,16 @@ BEGIN { require C4::Auth_with_cas; # no import import C4::Auth_with_cas qw(checkpw_cas login_cas logout_cas login_cas_url); } - + $servers = C4::Context->config('memcached_servers'); + if ($servers) { + require Cache::Memcached; + $memcached = Cache::Memcached->new({ + servers => [ $servers ], + debug => 0, + compress_threshold => 10_000, + namespace => C4::Context->config('memcached_namespace') || 'koha', + }); + } } =head1 NAME @@ -127,13 +136,16 @@ EOQ sub get_template_and_user { my $in = shift; my $template = - gettemplate( $in->{'template_name'}, $in->{'type'}, $in->{'query'} ); - my ( $user, $cookie, $sessionID, $flags ) = checkauth( - $in->{'query'}, - $in->{'authnotrequired'}, - $in->{'flagsrequired'}, - $in->{'type'} - ) unless ($in->{'template_name'}=~/maintenance/); + C4::Templates::gettemplate( $in->{'template_name'}, $in->{'type'}, $in->{'query'} ); + my ( $user, $cookie, $sessionID, $flags ); + if ( $in->{'template_name'} !~m/maintenance/ ) { + ( $user, $cookie, $sessionID, $flags ) = checkauth( + $in->{'query'}, + $in->{'authnotrequired'}, + $in->{'flagsrequired'}, + $in->{'type'} + ); + } my $borrowernumber; my $insecure = C4::Context->preference('insecure'); @@ -154,19 +166,19 @@ sub get_template_and_user { $template->param( loggedinusername => $user ); $template->param( sessionID => $sessionID ); - my ($total, $pubshelves, $barshelves) = C4::Context->get_shelves_userenv(); - if (defined($pubshelves)) { - $template->param( pubshelves => scalar (@$pubshelves), - pubshelvesloop => $pubshelves, - ); - $template->param( pubtotal => $total->{'pubtotal'}, ) if ($total->{'pubtotal'} > scalar (@$pubshelves)); - } - if (defined($barshelves)) { - $template->param( barshelves => scalar (@$barshelves), - barshelvesloop => $barshelves, - ); - $template->param( bartotal => $total->{'bartotal'}, ) if ($total->{'bartotal'} > scalar (@$barshelves)); - } + my ($total, $pubshelves, $barshelves) = C4::Context->get_shelves_userenv(); + if (defined($pubshelves)) { + $template->param( pubshelves => scalar @{$pubshelves}, + pubshelvesloop => $pubshelves, + ); + $template->param( pubtotal => $total->{'pubtotal'}, ) if ($total->{'pubtotal'} > scalar @{$pubshelves}); + } + if (defined($barshelves)) { + $template->param( barshelves => scalar @{$barshelves}, + barshelvesloop => $barshelves, + ); + $template->param( bartotal => $total->{'bartotal'}, ) if ($total->{'bartotal'} > scalar @{$barshelves}); + } $borrowernumber = getborrowernumber($user) if defined($user); @@ -287,11 +299,11 @@ sub get_template_and_user { $template->param( sessionID => $sessionID ); my ($total, $pubshelves) = C4::Context->get_shelves_userenv(); # an anonymous user has no 'barshelves'... - if (defined(($pubshelves))) { - $template->param( pubshelves => scalar (@$pubshelves), + if (defined $pubshelves) { + $template->param( pubshelves => scalar @{$pubshelves}, pubshelvesloop => $pubshelves, ); - $template->param( pubtotal => $total->{'pubtotal'}, ) if ($total->{'pubtotal'} > scalar (@$pubshelves)); + $template->param( pubtotal => $total->{'pubtotal'}, ) if ($total->{'pubtotal'} > scalar @{$pubshelves}); } } @@ -326,6 +338,7 @@ sub get_template_and_user { "BiblioDefaultView".C4::Context->preference("BiblioDefaultView") => 1, EnhancedMessagingPreferences => C4::Context->preference('EnhancedMessagingPreferences'), GoogleJackets => C4::Context->preference("GoogleJackets"), + OpenLibraryCovers => C4::Context->preference("OpenLibraryCovers"), KohaAdminEmailAddress => "" . C4::Context->preference("KohaAdminEmailAddress"), LoginBranchcode => (C4::Context->userenv?C4::Context->userenv->{"branch"}:"insecure"), LoginFirstname => (C4::Context->userenv?C4::Context->userenv->{"firstname"}:"Bel"), @@ -337,7 +350,6 @@ sub get_template_and_user { singleBranchMode => C4::Context->preference("singleBranchMode"), XSLTDetailsDisplay => C4::Context->preference("XSLTDetailsDisplay"), XSLTResultsDisplay => C4::Context->preference("XSLTResultsDisplay"), - BranchesLoop => GetBranchesLoop(), using_https => $in->{'query'}->https() ? 1 : 0, noItemTypeImages => C4::Context->preference("noItemTypeImages"), ); @@ -360,6 +372,7 @@ sub get_template_and_user { advancedMARCEditor => C4::Context->preference("advancedMARCEditor"), canreservefromotherbranches => C4::Context->preference('canreservefromotherbranches'), intranetcolorstylesheet => C4::Context->preference("intranetcolorstylesheet"), + IntranetFavicon => C4::Context->preference("IntranetFavicon"), intranetreadinghistory => C4::Context->preference("intranetreadinghistory"), intranetstylesheet => C4::Context->preference("intranetstylesheet"), IntranetUserCSS => C4::Context->preference("IntranetUserCSS"), @@ -380,12 +393,11 @@ sub get_template_and_user { # variables passed from CGI: opac_css_override and opac_search_limits. my $opac_search_limit = $ENV{'OPAC_SEARCH_LIMIT'}; my $opac_limit_override = $ENV{'OPAC_LIMIT_OVERRIDE'}; - my $mylibraryfirst = C4::Context->preference("SearchMyLibraryFirst"); - my $opac_name; - if($opac_limit_override && ($opac_search_limit =~ /branch:(\w+)/) ){ - $opac_name = C4::Branch::GetBranchName($1) # opac_search_limit is a branch, so we use it. - } elsif($mylibraryfirst){ - $opac_name = C4::Branch::GetBranchName($mylibraryfirst); + my $opac_name = ''; + if (($opac_search_limit =~ /branch:(\w+)/ && $opac_limit_override) || $in->{'query'}->param('limit') =~ /branch:(\w+)/){ + $opac_name = $1; # opac_search_limit is a branch, so we use it. + } elsif (C4::Context->preference("SearchMyLibraryFirst") && C4::Context->userenv && C4::Context->userenv->{'branch'}) { + $opac_name = C4::Context->userenv->{'branch'}; } my $checkstyle = C4::Context->preference("opaccolorstylesheet"); if ($checkstyle =~ /http/) @@ -400,6 +412,7 @@ sub get_template_and_user { AmazonContent => "" . C4::Context->preference("AmazonContent"), AnonSuggestions => "" . C4::Context->preference("AnonSuggestions"), AuthorisedValueImages => C4::Context->preference("AuthorisedValueImages"), + BranchesLoop => GetBranchesLoop($opac_name), LibraryName => "" . C4::Context->preference("LibraryName"), LibraryNameTitle => "" . $LibraryNameTitle, LoginBranchname => C4::Context->userenv?C4::Context->userenv->{"branchname"}:"", @@ -417,7 +430,6 @@ sub get_template_and_user { OpacAuthorities => C4::Context->preference("OpacAuthorities"), OPACBaseURL => ($in->{'query'}->https() ? "https://" : "http://") . $ENV{'SERVER_NAME'} . ($ENV{'SERVER_PORT'} eq ($in->{'query'}->https() ? "443" : "80") ? '' : ":$ENV{'SERVER_PORT'}"), - opac_name => $opac_name, opac_css_override => $ENV{'OPAC_CSS_OVERRIDE'}, opac_search_limit => $opac_search_limit, opac_limit_override => $opac_limit_override, @@ -438,6 +450,7 @@ sub get_template_and_user { opacstylesheet => "" . C4::Context->preference("opacstylesheet"), opacbookbag => "" . C4::Context->preference("opacbookbag"), opaccredits => "" . C4::Context->preference("opaccredits"), + OpacFavicon => C4::Context->preference("OpacFavicon"), opacheader => "" . C4::Context->preference("opacheader"), opaclanguagesdisplay => "" . C4::Context->preference("opaclanguagesdisplay"), opacreadinghistory => C4::Context->preference("opacreadinghistory"), @@ -445,6 +458,8 @@ sub get_template_and_user { opacuserjs => C4::Context->preference("opacuserjs"), opacuserlogin => "" . C4::Context->preference("opacuserlogin"), reviewson => C4::Context->preference("reviewson"), + ShowReviewer => C4::Context->preference("ShowReviewer"), + ShowReviewerPhoto => C4::Context->preference("ShowReviewerPhoto"), suggestion => "" . C4::Context->preference("suggestion"), virtualshelves => "" . C4::Context->preference("virtualshelves"), OPACSerialIssueDisplayCount => C4::Context->preference("OPACSerialIssueDisplayCount"), @@ -465,7 +480,7 @@ sub get_template_and_user { SyndeticsCoverImageSize => C4::Context->preference("SyndeticsCoverImageSize"), ); - $template->param(OpacPublic => '1') if ($template->param( 'loggedinusername') || C4::Context->preference("OpacPublic")); + $template->param(OpacPublic => '1') if ($user || C4::Context->preference("OpacPublic")); } $template->param(listloop=>[{shelfname=>"Freelist", shelfnumber=>110}]); return ( $template, $borrowernumber, $cookie, $flags); @@ -726,7 +741,9 @@ sub checkauth { $userid = $retuserid; $info{'invalidCasLogin'} = 1 unless ($return); } else { - ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password, $query ); + my $retuserid; + ( $return, $retuserid ) = checkpw( $dbh, $userid, $password, $query ); + $userid = $retuserid if ($retuserid ne ''); } if ($return) { _session_log(sprintf "%20s from %16s logged in at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},(strftime '%c', localtime)); @@ -752,20 +769,21 @@ sub checkauth { "; my $sth = $dbh->prepare("$select where userid=?"); $sth->execute($userid); - unless ($sth->rows) { - $debug and print STDERR "AUTH_1: no rows for userid='$userid'\n"; - $sth = $dbh->prepare("$select where cardnumber=?"); - $sth->execute($cardnumber); - unless ($sth->rows) { - $debug and print STDERR "AUTH_2a: no rows for cardnumber='$cardnumber'\n"; - $sth->execute($userid); - unless ($sth->rows) { - $debug and print STDERR "AUTH_2b: no rows for userid='$userid' AS cardnumber\n"; - } - } - } + unless ($sth->rows) { + $debug and print STDERR "AUTH_1: no rows for userid='$userid'\n"; + $sth = $dbh->prepare("$select where cardnumber=?"); + $sth->execute($cardnumber); + + unless ($sth->rows) { + $debug and print STDERR "AUTH_2a: no rows for cardnumber='$cardnumber'\n"; + $sth->execute($userid); + unless ($sth->rows) { + $debug and print STDERR "AUTH_2b: no rows for userid='$userid' AS cardnumber\n"; + } + } + } if ($sth->rows) { - ($borrowernumber, $firstname, $surname, $userflags, + ($borrowernumber, $firstname, $surname, $userflags, $branchcode, $branchname, $branchprinter, $emailaddress) = $sth->fetchrow; $debug and print STDERR "AUTH_3 results: " . "$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress\n"; @@ -849,12 +867,12 @@ sub checkauth { $total->{'bartotal'} = $totshelves; ($pubshelves, $totshelves) = C4::VirtualShelves::GetRecentShelves(2, $row_count, undef); $total->{'pubtotal'} = $totshelves; - $session->param('barshelves', $barshelves->[0]); - $session->param('pubshelves', $pubshelves->[0]); + $session->param('barshelves', $barshelves); + $session->param('pubshelves', $pubshelves); $session->param('totshelves', $total); - C4::Context::set_shelves_userenv('bar',$barshelves->[0]); - C4::Context::set_shelves_userenv('pub',$pubshelves->[0]); + C4::Context::set_shelves_userenv('bar',$barshelves); + C4::Context::set_shelves_userenv('pub',$pubshelves); C4::Context::set_shelves_userenv('tot',$total); } else { @@ -874,9 +892,9 @@ sub checkauth { my ($total, $totshelves, $pubshelves); ($pubshelves, $totshelves) = C4::VirtualShelves::GetRecentShelves(2, $row_count, undef); $total->{'pubtotal'} = $totshelves; - $session->param('pubshelves', $pubshelves->[0]); + $session->param('pubshelves', $pubshelves); $session->param('totshelves', $total); - C4::Context::set_shelves_userenv('pub',$pubshelves->[0]); + C4::Context::set_shelves_userenv('pub',$pubshelves); C4::Context::set_shelves_userenv('tot',$total); # setting a couple of other session vars... @@ -918,7 +936,7 @@ sub checkauth { } my $template_name = ( $type eq 'opac' ) ? 'opac-auth.tmpl' : 'auth.tmpl'; - my $template = gettemplate( $template_name, $type, $query ); + my $template = C4::Templates::gettemplate( $template_name, $type, $query ); $template->param(branchloop => \@branch_loop,); my $checkstyle = C4::Context->preference("opaccolorstylesheet"); if ($checkstyle =~ /\//) @@ -939,6 +957,7 @@ sub checkauth { opacuserlogin => C4::Context->preference("opacuserlogin"), OpacNav => C4::Context->preference("OpacNav"), opaccredits => C4::Context->preference("opaccredits"), + OpacFavicon => C4::Context->preference("OpacFavicon"), opacreadinghistory => C4::Context->preference("opacreadinghistory"), opacsmallimage => C4::Context->preference("opacsmallimage"), opaclayoutstylesheet => C4::Context->preference("opaclayoutstylesheet"), @@ -952,6 +971,7 @@ sub checkauth { opacheader => C4::Context->preference("opacheader"), TagsEnabled => C4::Context->preference("TagsEnabled"), OPACUserCSS => C4::Context->preference("OPACUserCSS"), + opacstylesheet => C4::Context->preference("opacstylesheet"), intranetcolorstylesheet => C4::Context->preference("intranetcolorstylesheet"), intranetstylesheet => C4::Context->preference("intranetstylesheet"), @@ -978,7 +998,7 @@ sub checkauth { url => $self_url, LibraryName => C4::Context->preference("LibraryName"), ); - $template->param( \%info ); + $template->param( %info ); # $cookie = $query->cookie(CGISESSID => $session->id # ); print $query->header( @@ -1359,6 +1379,9 @@ sub get_session { elsif ($storage_method eq 'Pg') { $session = new CGI::Session("driver:PostgreSQL;serializer:yaml;id:md5", $sessionID, {Handle=>$dbh}); } + elsif ($storage_method eq 'memcached' && $servers){ + $session = new CGI::Session("driver:memcached;serializer:yaml;id:md5", $sessionID, { Memcached => $memcached } ); + } else { # catch all defaults to tmp should work on all systems $session = new CGI::Session("driver:File;serializer:yaml;id:md5", $sessionID, {Directory=>'/tmp'}); @@ -1398,7 +1421,7 @@ sub checkpw { C4::Context->set_userenv( "$borrowernumber", $userid, $cardnumber, $firstname, $surname, $branchcode, $flags ); - return 1, $cardnumber; + return 1, $userid; } } $sth = @@ -1562,7 +1585,7 @@ sub haspermission { my ($userid, $flagsrequired) = @_; my $sth = C4::Context->dbh->prepare("SELECT flags FROM borrowers WHERE userid=?"); $sth->execute($userid); - my $flags = getuserflags( $sth->fetchrow(), $userid ); + my $flags = getuserflags($sth->fetchrow(), $userid); if ( $userid eq C4::Context->config('user') ) { # Super User Account from /etc/koha.conf $flags->{'superlibrarian'} = 1; @@ -1571,7 +1594,9 @@ sub haspermission { # Demo user that can do "anything" (demo=1 in /etc/koha.conf) $flags->{'superlibrarian'} = 1; } + return $flags if $flags->{superlibrarian}; + foreach my $module ( keys %$flagsrequired ) { my $subperm = $flagsrequired->{$module}; if ($subperm eq '*') {