X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;ds=sidebyside;f=C4%2FAuth.pm;h=47a8b8279cc1a2f0cb70699b95c55164533f765a;hb=85b1d6d55839017e75beede2f9829d4f4ba9e7ee;hp=a31161ef8ec4b7835c708192a55267589a83fb62;hpb=9573f444fcd6f56b2c9248d6bc8d52525a62d518;p=koha_gimpoz diff --git a/C4/Auth.pm b/C4/Auth.pm index a31161ef8e..47a8b8279c 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -26,7 +26,7 @@ use CGI::Session; require Exporter; use C4::Context; -use C4::Output; # to get the template +use C4::Templates; # to get the template use C4::Members; use C4::Koha; use C4::Branch; # GetBranches @@ -136,13 +136,16 @@ EOQ sub get_template_and_user { my $in = shift; my $template = - gettemplate( $in->{'template_name'}, $in->{'type'}, $in->{'query'} ); - my ( $user, $cookie, $sessionID, $flags ) = checkauth( - $in->{'query'}, - $in->{'authnotrequired'}, - $in->{'flagsrequired'}, - $in->{'type'} - ) unless ($in->{'template_name'}=~/maintenance/); + C4::Templates::gettemplate( $in->{'template_name'}, $in->{'type'}, $in->{'query'} ); + my ( $user, $cookie, $sessionID, $flags ); + if ( $in->{'template_name'} !~m/maintenance/ ) { + ( $user, $cookie, $sessionID, $flags ) = checkauth( + $in->{'query'}, + $in->{'authnotrequired'}, + $in->{'flagsrequired'}, + $in->{'type'} + ); + } my $borrowernumber; my $insecure = C4::Context->preference('insecure'); @@ -335,6 +338,7 @@ sub get_template_and_user { "BiblioDefaultView".C4::Context->preference("BiblioDefaultView") => 1, EnhancedMessagingPreferences => C4::Context->preference('EnhancedMessagingPreferences'), GoogleJackets => C4::Context->preference("GoogleJackets"), + OpenLibraryCovers => C4::Context->preference("OpenLibraryCovers"), KohaAdminEmailAddress => "" . C4::Context->preference("KohaAdminEmailAddress"), LoginBranchcode => (C4::Context->userenv?C4::Context->userenv->{"branch"}:"insecure"), LoginFirstname => (C4::Context->userenv?C4::Context->userenv->{"firstname"}:"Bel"), @@ -431,6 +435,7 @@ sub get_template_and_user { opac_limit_override => $opac_limit_override, OpacBrowser => C4::Context->preference("OpacBrowser"), OpacCloud => C4::Context->preference("OpacCloud"), + OpacKohaUrl => C4::Context->preference("OpacKohaUrl"), OpacMainUserBlock => "" . C4::Context->preference("OpacMainUserBlock"), OpacNav => "" . C4::Context->preference("OpacNav"), OpacPasswordChange => C4::Context->preference("OpacPasswordChange"), @@ -455,6 +460,7 @@ sub get_template_and_user { opacuserlogin => "" . C4::Context->preference("opacuserlogin"), reviewson => C4::Context->preference("reviewson"), ShowReviewer => C4::Context->preference("ShowReviewer"), + ShowReviewerPhoto => C4::Context->preference("ShowReviewerPhoto"), suggestion => "" . C4::Context->preference("suggestion"), virtualshelves => "" . C4::Context->preference("virtualshelves"), OPACSerialIssueDisplayCount => C4::Context->preference("OPACSerialIssueDisplayCount"), @@ -736,7 +742,9 @@ sub checkauth { $userid = $retuserid; $info{'invalidCasLogin'} = 1 unless ($return); } else { - ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password, $query ); + my $retuserid; + ( $return, $retuserid ) = checkpw( $dbh, $userid, $password, $query ); + $userid = $retuserid if ($retuserid ne ''); } if ($return) { _session_log(sprintf "%20s from %16s logged in at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},(strftime '%c', localtime)); @@ -762,20 +770,21 @@ sub checkauth { "; my $sth = $dbh->prepare("$select where userid=?"); $sth->execute($userid); - unless ($sth->rows) { - $debug and print STDERR "AUTH_1: no rows for userid='$userid'\n"; - $sth = $dbh->prepare("$select where cardnumber=?"); - $sth->execute($cardnumber); - unless ($sth->rows) { - $debug and print STDERR "AUTH_2a: no rows for cardnumber='$cardnumber'\n"; - $sth->execute($userid); - unless ($sth->rows) { - $debug and print STDERR "AUTH_2b: no rows for userid='$userid' AS cardnumber\n"; - } - } - } + unless ($sth->rows) { + $debug and print STDERR "AUTH_1: no rows for userid='$userid'\n"; + $sth = $dbh->prepare("$select where cardnumber=?"); + $sth->execute($cardnumber); + + unless ($sth->rows) { + $debug and print STDERR "AUTH_2a: no rows for cardnumber='$cardnumber'\n"; + $sth->execute($userid); + unless ($sth->rows) { + $debug and print STDERR "AUTH_2b: no rows for userid='$userid' AS cardnumber\n"; + } + } + } if ($sth->rows) { - ($borrowernumber, $firstname, $surname, $userflags, + ($borrowernumber, $firstname, $surname, $userflags, $branchcode, $branchname, $branchprinter, $emailaddress) = $sth->fetchrow; $debug and print STDERR "AUTH_3 results: " . "$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress\n"; @@ -928,7 +937,7 @@ sub checkauth { } my $template_name = ( $type eq 'opac' ) ? 'opac-auth.tmpl' : 'auth.tmpl'; - my $template = gettemplate( $template_name, $type, $query ); + my $template = C4::Templates::gettemplate( $template_name, $type, $query ); $template->param(branchloop => \@branch_loop,); my $checkstyle = C4::Context->preference("opaccolorstylesheet"); if ($checkstyle =~ /\//) @@ -1413,7 +1422,7 @@ sub checkpw { C4::Context->set_userenv( "$borrowernumber", $userid, $cardnumber, $firstname, $surname, $branchcode, $flags ); - return 1, $cardnumber; + return 1, $userid; } } $sth = @@ -1577,7 +1586,7 @@ sub haspermission { my ($userid, $flagsrequired) = @_; my $sth = C4::Context->dbh->prepare("SELECT flags FROM borrowers WHERE userid=?"); $sth->execute($userid); - my $flags = getuserflags( $sth->fetchrow(), $userid ); + my $flags = getuserflags($sth->fetchrow(), $userid); if ( $userid eq C4::Context->config('user') ) { # Super User Account from /etc/koha.conf $flags->{'superlibrarian'} = 1; @@ -1586,7 +1595,9 @@ sub haspermission { # Demo user that can do "anything" (demo=1 in /etc/koha.conf) $flags->{'superlibrarian'} = 1; } + return $flags if $flags->{superlibrarian}; + foreach my $module ( keys %$flagsrequired ) { my $subperm = $flagsrequired->{$module}; if ($subperm eq '*') {