Bug 23697: (follow-up) Add autocompletion search in patron module

[koha-ffzg.git] / C4 / Auth.pm
diff --git a/C4/Auth.pm b/C4/Auth.pm

index 9057c4f..7a7d9f5 100644 (file)
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -44,6 +44,7 @@ use POSIX qw/strftime/;
  use List::MoreUtils qw/ any /;
  use Encode qw( encode is_utf8);
  use C4::Auth_with_shibboleth;
+use Net::CIDR;
  
  # use utf8;
  use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug $ldap $cas $caslogout);
@@ -60,7 +61,7 @@ BEGIN {
      @ISA       = qw(Exporter);
      @EXPORT    = qw(&checkauth &get_template_and_user &haspermission &get_user_subpermissions);
      @EXPORT_OK = qw(&check_api_auth &get_session &check_cookie_auth &checkpw &checkpw_internal &checkpw_hash
-      &get_all_subpermissions &get_user_subpermissions track_login_daily
+      &get_all_subpermissions &get_user_subpermissions track_login_daily &in_ipset
      );
      %EXPORT_TAGS = ( EditPermissions => [qw(get_all_subpermissions get_user_subpermissions)] );
      $ldap      = C4::Context->config('useldapserver') || 0;
@@ -171,8 +172,9 @@ sub get_template_and_user {
      }
  
      # If we enforce GDPR and the user did not consent, redirect
+    # Exceptions for consent page itself and SCI/SCO system
      if( $in->{type} eq 'opac' && $user &&
-        $in->{'template_name'} !~ /opac-patron-consent/ &&
+        $in->{'template_name'} !~ /^(opac-patron-consent|sc[io]\/)/ &&
          C4::Context->preference('GDPR_Policy') eq 'Enforced' )
      {
          my $consent = Koha::Patron::Consents->search({
@@ -478,7 +480,7 @@ sub get_template_and_user {
              AmazonCoverImages                                                          => C4::Context->preference("AmazonCoverImages"),
              AutoLocation                                                               => C4::Context->preference("AutoLocation"),
              "BiblioDefaultView" . C4::Context->preference("IntranetBiblioDefaultView") => 1,
-            CircAutocompl                                                              => C4::Context->preference("CircAutocompl"),
+            PatronAutocompletion                                                       => C4::Context->preference("PatronAutocompletion"),
              FRBRizeEditions                                                            => C4::Context->preference("FRBRizeEditions"),
              IndependentBranches                                                        => C4::Context->preference("IndependentBranches"),
              IntranetNav                                                                => C4::Context->preference("IntranetNav"),
@@ -548,7 +550,6 @@ sub get_template_and_user {
  
          my @search_groups = Koha::Library::Groups->get_search_groups({ interface => 'opac' });
          $template->param(
-            OpacAdditionalStylesheet                   => C4::Context->preference("OpacAdditionalStylesheet"),
              AnonSuggestions                       => "" . C4::Context->preference("AnonSuggestions"),
              LibrarySearchGroups                   => \@search_groups,
              opac_name                             => $opac_name,
@@ -570,7 +571,6 @@ sub get_template_and_user {
              OpacKohaUrl                           => C4::Context->preference("OpacKohaUrl"),
              OpacMainUserBlock                     => "" . C4::Context->preference("OpacMainUserBlock"),
              OpacNav                               => "" . C4::Context->preference("OpacNav"),
-            OpacNavRight                          => "" . C4::Context->preference("OpacNavRight"),
              OpacNavBottom                         => "" . C4::Context->preference("OpacNavBottom"),
              OpacPasswordChange                    => C4::Context->preference("OpacPasswordChange"),
              OPACPatronDetails                     => C4::Context->preference("OPACPatronDetails"),
@@ -581,7 +581,6 @@ sub get_template_and_user {
              'Version'                             => C4::Context->preference('Version'),
              hidelostitems                         => C4::Context->preference("hidelostitems"),
              mylibraryfirst                        => ( C4::Context->preference("SearchMyLibraryFirst") && C4::Context->userenv ) ? C4::Context->userenv->{'branch'} : '',
-            opaclayoutstylesheet                  => "" . C4::Context->preference("opaclayoutstylesheet"),
              opacbookbag                           => "" . C4::Context->preference("opacbookbag"),
              opaccredits                           => "" . C4::Context->preference("opaccredits"),
              OpacFavicon                           => C4::Context->preference("OpacFavicon"),
@@ -1238,8 +1237,6 @@ sub checkauth {
      my $template_name = ( $type eq 'opac' ) ? 'opac-auth.tt' : 'auth.tt';
      my $template = C4::Templates::gettemplate( $template_name, $type, $query );
      $template->param(
-        OpacAdditionalStylesheet                   => C4::Context->preference("OpacAdditionalStylesheet"),
-        opaclayoutstylesheet                  => C4::Context->preference("opaclayoutstylesheet"),
          login                                 => 1,
          INPUTS                                => \@inputs,
          script_name                           => get_script_name(),
@@ -1252,7 +1249,6 @@ sub checkauth {
          LibraryNameTitle                      => "" . $LibraryNameTitle,
          opacuserlogin                         => C4::Context->preference("opacuserlogin"),
          OpacNav                               => C4::Context->preference("OpacNav"),
-        OpacNavRight                          => C4::Context->preference("OpacNavRight"),
          OpacNavBottom                         => C4::Context->preference("OpacNavBottom"),
          opaccredits                           => C4::Context->preference("opaccredits"),
          OpacFavicon                           => C4::Context->preference("OpacFavicon"),
@@ -1786,6 +1782,7 @@ sub checkpw {
  
      my @return;
      my $patron = Koha::Patrons->find({ userid => $userid });
+    $patron = Koha::Patrons->find({ cardnumber => $userid }) unless $patron;
      my $check_internal_as_fallback = 0;
      my $passwd_ok = 0;
      # Note: checkpw_* routines returns:
@@ -1851,7 +1848,7 @@ sub checkpw {
      if( $patron ) {
          if ( $passwd_ok ) {
              $patron->update({ login_attempts => 0 });
-        } else {
+        } elsif( !$patron->account_locked ) {
              $patron->update({ login_attempts => $patron->login_attempts + 1 });
          }
      }
@@ -2066,6 +2063,7 @@ sub _dispatch {
          }
      } elsif ($ref eq 'HASH') {
          foreach my $key (keys %{$required}) {
+            next if $flags == 1;
              my $require = $required->{$key};
              my $rflags  = $flags->{$key};
              return 0 unless _dispatch($require, $rflags);
@@ -2090,7 +2088,6 @@ sub _dispatch {
  sub haspermission {
      my ( $userid, $flagsrequired ) = @_;
  
-
      #Koha::Exceptions::WrongParameter->throw('$flagsrequired should not be undef')
      #  unless defined($flagsrequired);
  
@@ -2106,6 +2103,28 @@ sub haspermission {
      #FIXME - This fcn should return the failed permission so a suitable error msg can be delivered.
  }
  
+=head2 in_ipset
+
+  $flags = ($ipset);
+
+C<$ipset> A space separated string describing an IP set. Can include single IPs or ranges
+
+Returns 1 if the remote address is in the provided ipset, or 0 otherwise.
+
+=cut
+
+sub in_ipset {
+    my ($ipset) = @_;
+    my $result = 1;
+    my @allowedipranges = $ipset ? split(' ', $ipset) : ();
+    if (scalar @allowedipranges > 0) {
+        my @rangelist;
+        eval { @rangelist = Net::CIDR::range2cidr(@allowedipranges); }; return 0 if $@;
+        eval { $result = Net::CIDR::cidrlookup($ENV{'REMOTE_ADDR'}, @rangelist) } || ( $ENV{DEBUG} && warn 'cidrlookup failed for ' . join(' ',@rangelist) );
+     }
+     return $result ? 1 : 0;
+}
+
  sub getborrowernumber {
      my ($userid) = @_;
      my $userenv = C4::Context->userenv;