Fix for bug 1442, if you have independent branches on and autolocation on,

Signed-off-by: Joshua Ferraro <jmf@liblime.com>

diff --git a/C4/Auth.pm b/C4/Auth.pm
index 590ea3f..c392e44 100755 (executable)
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -456,7 +456,7 @@ sub checkauth {
         );
         $loggedin = 1;
     }
-    elsif ( $sessionID = $query->cookie("CGISESSID")) {     # assignment, not comparison (?)
+    elsif ( $sessionID = $query->cookie("CGISESSID")) {     # assignment, not comparison 
         my $session = get_session($sessionID);
         C4::Context->_new_userenv($sessionID);
         if ($session){
@@ -535,7 +535,7 @@ sub checkauth {
             _session_log(sprintf "%20s from %16s logged in  at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},localtime);
             $cookie = $query->cookie(CGISESSID => $sessionID);
             if ( $flags = haspermission( $dbh, $userid, $flagsrequired ) ) {
-                $loggedin = 1;
+                               $loggedin = 1;
             }
             else {
                 $info{'nopermission'} = 1;
@@ -590,6 +590,15 @@ sub checkauth {
                     $branchname = GetBranchName($branchcode);
                 }
                 my $branches = GetBranches();
+                if (C4::Context->boolean_preference('IndependantBranches') && C4::Context->boolean_preference('Autolocation')){
+                                   # we have to check they are coming from the right ip range
+                                       my $domain = $branches->{$branchcode}->{'branchip'};
+                                       if ($ip !~ /^$domain/){
+                                               $loggedin=0;
+                                               $info{'wrongip'} = 1;
+                                       }
+                               }
+
                 my @branchesloop;
                 foreach my $br ( keys %$branches ) {
                     #     now we work with the treatment of ip
@@ -644,6 +653,7 @@ sub checkauth {
                 $info{'invalid_username_or_password'} = 1;
                 C4::Context->_unset_userenv($sessionID);
             }
+
         }
     }
     my $insecure = C4::Context->boolean_preference('insecure');
@@ -706,7 +716,9 @@ sub checkauth {
         IndependantBranches     => C4::Context->preference("IndependantBranches"),
         AutoLocation       => C4::Context->preference("AutoLocation"),
         yuipath            => C4::Context->preference("yuipath"),
+               wrongip            => $info{'wrongip'}
     );
+    
     $template->param( loginprompt => 1 ) unless $info{'nopermission'};
 
     my $self_url = $query->url( -absolute => 1 );

diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl b/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl
index 2e34168..b895f1b 100644 (file)
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl
@@ -27,6 +27,10 @@
 <div id="login_error"><strong>Error: </strong>IP address has changed, please log in again </div>
 <!-- /TMPL_IF -->
 
+<!-- TMPL_IF NAME="wrongip" -->
+<div id="login_error"><strong>Error: </strong>Independent Branches and Autolocation are switched on and you are logging in with an IP address that doesn't match your branch. </div>
+<!-- /TMPL_IF -->
+
 <!-- TMPL_IF NAME="invalid_username_or_password" -->
 <div id="login_error"><strong>Error: </strong>Invalid username or password</div>
 <!-- /TMPL_IF -->