X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;f=C4%2FAuth.pm;h=b04df8b0410b5dfa7a7099710bb7d3d91f26a3ca;hb=72f9f2239f9d71eec5e2cd987f445a25618d8027;hp=705eda01c358099c1c27414e93a052141e039227;hpb=ea1aa7a0d906d583375618e37be60e9f0d62d939;p=koha.git diff --git a/C4/Auth.pm b/C4/Auth.pm index 705eda01c3..b04df8b041 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -28,6 +28,7 @@ require Exporter; use C4::Context; use C4::Templates; # to get the template use C4::Branch; # GetBranches +use C4::Update::Database; use C4::VirtualShelves; use POSIX qw/strftime/; use List::MoreUtils qw/ any /; @@ -134,9 +135,9 @@ sub get_template_and_user { my $in = shift; my $template = C4::Templates::gettemplate( $in->{'template_name'}, $in->{'type'}, $in->{'query'} ); - my ( $user, $cookie, $sessionID, $flags ); + my ( $user, $cookie, $sessionID, $flags, $new_session ); if ( $in->{'template_name'} !~m/maintenance/ ) { - ( $user, $cookie, $sessionID, $flags ) = checkauth( + ( $user, $cookie, $sessionID, $flags, $new_session ) = checkauth( $in->{'query'}, $in->{'authnotrequired'}, $in->{'flagsrequired'}, @@ -462,10 +463,18 @@ sub get_template_and_user { SyndeticsSeries => C4::Context->preference("SyndeticsSeries"), SyndeticsCoverImageSize => C4::Context->preference("SyndeticsCoverImageSize"), OPACLocalCoverImages => C4::Context->preference("OPACLocalCoverImages"), + PatronSelfRegistration => C4::Context->preference("PatronSelfRegistration"), + PatronSelfRegistrationDefaultCategory => C4::Context->preference("PatronSelfRegistrationDefaultCategory"), ); $template->param(OpacPublic => '1') if ($user || C4::Context->preference("OpacPublic")); } + + if ( $new_session ) { + # Check the version and redirect if DB is not up-to-date + version_check($in->{query}, $in->{'type'}, $cookie); + } + return ( $template, $borrowernumber, $cookie, $flags); } @@ -547,50 +556,6 @@ has authenticated. =cut -sub _version_check { - my $type = shift; - my $query = shift; - my $version; - # If Version syspref is unavailable, it means Koha is beeing installed, - # and so we must redirect to OPAC maintenance page or to the WebInstaller - # also, if OpacMaintenance is ON, OPAC should redirect to maintenance - if (C4::Context->preference('OpacMaintenance') && $type eq 'opac') { - warn "OPAC Install required, redirecting to maintenance"; - print $query->redirect("/cgi-bin/koha/maintenance.pl"); - safe_exit; - } - unless ( $version = C4::Context->preference('Version') ) { # assignment, not comparison - if ( $type ne 'opac' ) { - warn "Install required, redirecting to Installer"; - print $query->redirect("/cgi-bin/koha/installer/install.pl"); - } else { - warn "OPAC Install required, redirecting to maintenance"; - print $query->redirect("/cgi-bin/koha/maintenance.pl"); - } - safe_exit; - } - - # check that database and koha version are the same - # there is no DB version, it's a fresh install, - # go to web installer - # there is a DB version, compare it to the code version - my $kohaversion=C4::Context::KOHAVERSION; - # remove the 3 last . to have a Perl number - $kohaversion =~ s/(.*\..*)\.(.*)\.(.*)/$1$2$3/; - $debug and print STDERR "kohaversion : $kohaversion\n"; - if ($version < $kohaversion){ - my $warning = "Database update needed, redirecting to %s. Database is $version and Koha is $kohaversion"; - if ($type ne 'opac'){ - warn sprintf($warning, 'Installer'); - print $query->redirect("/cgi-bin/koha/installer/install.pl?step=3"); - } else { - warn sprintf("OPAC: " . $warning, 'maintenance'); - print $query->redirect("/cgi-bin/koha/maintenance.pl"); - } - safe_exit; - } -} - sub _session_log { (@_) or return 0; open my $fh, '>>', "/tmp/sessionlog" or warn "ERROR: Cannot append to /tmp/sessionlog"; @@ -607,6 +572,38 @@ sub _timeout_syspref { return $timeout; } +sub version_check { + my ( $query, $type, $cookie ) = @_; + # check we have a Version. Otherwise => go to installer + unless ( C4::Context->preference('Version') ) { + if ( $type ne 'opac' ) { + $debug && warn "Install required, redirecting to Installer"; + print $query->redirect("/cgi-bin/koha/installer/install.pl"); + } else { + $debug && warn "OPAC Install required, redirecting to maintenance"; + print $query->redirect("/cgi-bin/koha/maintenance.pl"); + } + safe_exit; + } + + # check if you're uptodate, and if you're not, head to updater + my $koha39 = "3.0900028"; + + # Old updatedatabase method + if (C4::Context->preference('Version') < $koha39) { + print $query->redirect("/cgi-bin/koha/installer/install.pl?step=3"); + safe_exit; + } + + # New updatedatabase method + unless ( C4::Update::Database::is_uptodate() ) { + # not up-to-date, redirect to updatedatabase page + warn "redirect to updatedatabase"; + print $query->redirect(-location => "/cgi-bin/koha/admin/updatedatabase.pl", -cookie => $cookie); + safe_exit; + } +} + sub checkauth { my $query = shift; $debug and warn "Checking Auth"; @@ -615,11 +612,16 @@ sub checkauth { my $flagsrequired = shift; my $type = shift; $type = 'opac' unless $type; + my $new_session = 0; my $dbh = C4::Context->dbh; my $timeout = _timeout_syspref(); + # days + if ($timeout =~ /(\d+)[dD]/) { + $timeout = $1 * 86400; + }; + $timeout = 600 unless $timeout; - _version_check($type,$query); # state variables my $loggedin = 0; my %info; @@ -723,6 +725,7 @@ sub checkauth { my $sessionID = $session->id; C4::Context->_new_userenv($sessionID); $cookie = $query->cookie( CGISESSID => $sessionID ); + $userid = $query->param('userid'); if ( ( $cas && $query->param('ticket') ) || $userid @@ -737,6 +740,7 @@ sub checkauth { checkpw( $dbh, $userid, $password, $query ); $userid = $retuserid; $info{'invalidCasLogin'} = 1 unless ($return); + $new_session = 1; } elsif ( ( $pki_field eq 'Common Name' && $ENV{'SSL_CLIENT_S_DN_CN'} ) @@ -775,6 +779,7 @@ sub checkauth { ( $return, $cardnumber, $retuserid ) = checkpw( $dbh, $userid, $password, $query ); $userid = $retuserid if ( $retuserid ne '' ); + $new_session = 1; } if ($return) { #_session_log(sprintf "%20s from %16s logged in at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},(strftime '%c', localtime)); @@ -916,7 +921,7 @@ sub checkauth { unless ($cookie) { $cookie = $query->cookie( CGISESSID => '' ); } - return ( $userid, $cookie, $sessionID, $flags ); + return ( $userid, $cookie, $sessionID, $flags, $new_session ); } # @@ -932,17 +937,11 @@ sub checkauth { my $value = $query->param($name); push @inputs, { name => $name, value => $value }; } - # get the branchloop, which we need for authentication - my $branches = GetBranches(); - my @branch_loop; - for my $branch_hash (sort keys %$branches) { - push @branch_loop, {branchcode => "$branch_hash", branchname => $branches->{$branch_hash}->{'branchname'}, }; - } my $template_name = ( $type eq 'opac' ) ? 'opac-auth.tmpl' : 'auth.tmpl'; my $template = C4::Templates::gettemplate($template_name, $type, $query ); $template->param( - branchloop => \@branch_loop, + branchloop => GetBranchesLoop(), opaccolorstylesheet => C4::Context->preference("opaccolorstylesheet"), opaclayoutstylesheet => C4::Context->preference("opaclayoutstylesheet"), login => 1, @@ -967,10 +966,9 @@ sub checkauth { OpacAuthorities => C4::Context->preference("OpacAuthorities"), OpacBrowser => C4::Context->preference("OpacBrowser"), opacheader => C4::Context->preference("opacheader"), - TagsEnabled => C4::Context->preference("TagsEnabled"), + TagsEnabled => C4::Context->preference("TagsEnabled"), OPACUserCSS => C4::Context->preference("OPACUserCSS"), - intranetcolorstylesheet => - C4::Context->preference("intranetcolorstylesheet"), + intranetcolorstylesheet => C4::Context->preference("intranetcolorstylesheet"), intranetstylesheet => C4::Context->preference("intranetstylesheet"), intranetbookbag => C4::Context->preference("intranetbookbag"), IntranetNav => C4::Context->preference("IntranetNav"), @@ -978,7 +976,9 @@ sub checkauth { intranetuserjs => C4::Context->preference("intranetuserjs"), IndependantBranches=> C4::Context->preference("IndependantBranches"), AutoLocation => C4::Context->preference("AutoLocation"), - wrongip => $info{'wrongip'}, + wrongip => $info{'wrongip'}, + PatronSelfRegistration => C4::Context->preference("PatronSelfRegistration"), + PatronSelfRegistrationDefaultCategory => C4::Context->preference("PatronSelfRegistrationDefaultCategory"), ); $template->param( OpacPublic => C4::Context->preference("OpacPublic")); @@ -1066,19 +1066,6 @@ sub check_api_auth { my $dbh = C4::Context->dbh; my $timeout = _timeout_syspref(); - unless (C4::Context->preference('Version')) { - # database has not been installed yet - return ("maintenance", undef, undef); - } - my $kohaversion=C4::Context::KOHAVERSION; - $kohaversion =~ s/(.*\..*)\.(.*)\.(.*)/$1$2$3/; - if (C4::Context->preference('Version') < $kohaversion) { - # database in need of version update; assume that - # no API should be called while databsae is in - # this condition. - return ("maintenance", undef, undef); - } - # FIXME -- most of what follows is a copy-and-paste # of code from checkauth. There is an obvious need # for refactoring to separate the various parts of @@ -1298,19 +1285,6 @@ sub check_cookie_auth { my $dbh = C4::Context->dbh; my $timeout = _timeout_syspref(); - unless (C4::Context->preference('Version')) { - # database has not been installed yet - return ("maintenance", undef); - } - my $kohaversion=C4::Context::KOHAVERSION; - $kohaversion =~ s/(.*\..*)\.(.*)\.(.*)/$1$2$3/; - if (C4::Context->preference('Version') < $kohaversion) { - # database in need of version update; assume that - # no API should be called while databsae is in - # this condition. - return ("maintenance", undef); - } - # FIXME -- most of what follows is a copy-and-paste # of code from checkauth. There is an obvious need # for refactoring to separate the various parts of