Revision 4531a6c7
Von Sven Schöling vor mehr als 12 Jahren hinzugefügt
| SL/Auth.pm | ||
|---|---|---|
| 54 | 54 |
my ($self, $login, %params) = @_; |
| 55 | 55 |
my $may_fail = delete $params{may_fail};
|
| 56 | 56 |
|
| 57 |
my %user = $self->read_user($login); |
|
| 57 |
my %user = $self->read_user(login => $login);
|
|
| 58 | 58 |
my $dbh = SL::DBConnect->connect( |
| 59 | 59 |
$user{dbconnect},
|
| 60 | 60 |
$user{dbuser},
|
| ... | ... | |
| 244 | 244 |
sub check_tables {
|
| 245 | 245 |
$main::lxdebug->enter_sub(); |
| 246 | 246 |
|
| 247 |
my $self = shift;
|
|
| 247 |
my ($self, $dbh) = @_;
|
|
| 248 | 248 |
|
| 249 |
my $dbh = $self->dbconnect();
|
|
| 249 |
$dbh ||= $self->dbconnect();
|
|
| 250 | 250 |
my $query = qq|SELECT COUNT(*) FROM pg_tables WHERE (schemaname = 'auth') AND (tablename = 'user')|; |
| 251 | 251 |
|
| 252 | 252 |
my ($count) = $dbh->selectrow_array($query); |
| ... | ... | |
| 438 | 438 |
sub read_user {
|
| 439 | 439 |
$main::lxdebug->enter_sub(); |
| 440 | 440 |
|
| 441 |
my $self = shift; |
|
| 442 |
my $login = shift; |
|
| 441 |
my ($self, %params) = @_; |
|
| 443 | 442 |
|
| 444 | 443 |
my $dbh = $self->dbconnect(); |
| 444 |
|
|
| 445 |
my (@where, @values); |
|
| 446 |
if ($params{login}) {
|
|
| 447 |
push @where, 'u.login = ?'; |
|
| 448 |
push @values, $params{login};
|
|
| 449 |
} |
|
| 450 |
if ($params{id}) {
|
|
| 451 |
push @where, 'u.id = ?'; |
|
| 452 |
push @values, $params{id};
|
|
| 453 |
} |
|
| 454 |
my $where = join ' AND ', '1 = 1', @where; |
|
| 445 | 455 |
my $query = qq|SELECT u.id, u.login, cfg.cfg_key, cfg.cfg_value |
| 446 | 456 |
FROM auth.user_config cfg |
| 447 | 457 |
LEFT JOIN auth."user" u ON (cfg.user_id = u.id) |
| 448 |
WHERE (u.login = ?)|;
|
|
| 449 |
my $sth = prepare_execute_query($main::form, $dbh, $query, $login);
|
|
| 458 |
WHERE $where|;
|
|
| 459 |
my $sth = prepare_execute_query($main::form, $dbh, $query, @values);
|
|
| 450 | 460 |
|
| 451 | 461 |
my %user_data; |
| 452 | 462 |
|
| ... | ... | |
| 485 | 495 |
my $self = shift; |
| 486 | 496 |
my $login = shift; |
| 487 | 497 |
|
| 488 |
my $u_dbh = $self->get_user_dbh($login, may_fail => 1); |
|
| 489 | 498 |
my $dbh = $self->dbconnect; |
| 499 |
my $id = $self->get_user_id($login); |
|
| 500 |
my $user_db_exists; |
|
| 490 | 501 |
|
| 491 |
$dbh->begin_work;
|
|
| 502 |
$dbh->rollback and return $::lxdebug->leave_sub if (!$id);
|
|
| 492 | 503 |
|
| 493 |
my $query = qq|SELECT id FROM auth."user" WHERE login = ?|; |
|
| 504 |
my $u_dbh = $self->get_user_dbh($login, may_fail => 1); |
|
| 505 |
$user_db_exists = $self->check_tables($u_dbh) if $u_dbh; |
|
| 494 | 506 |
|
| 495 |
my ($id) = selectrow_query($::form, $dbh, $query, $login);
|
|
| 507 |
$u_dbh->begin_work if $u_dbh && $user_db_exists;
|
|
| 496 | 508 |
|
| 497 |
$dbh->rollback and return $::lxdebug->leave_sub if (!$id);
|
|
| 509 |
$dbh->begin_work;
|
|
| 498 | 510 |
|
| 499 | 511 |
do_query($::form, $dbh, qq|DELETE FROM auth.user_group WHERE user_id = ?|, $id); |
| 500 | 512 |
do_query($::form, $dbh, qq|DELETE FROM auth.user_config WHERE user_id = ?|, $id); |
| 501 |
do_query($::form, $u_dbh, qq|UPDATE employee SET deleted = 't' WHERE login = ?|, $login) if $u_dbh; |
|
| 513 |
do_query($::form, $dbh, qq|DELETE FROM auth.user WHERE id = ?|, $id); |
|
| 514 |
do_query($::form, $u_dbh, qq|UPDATE employee SET deleted = 't' WHERE login = ?|, $login) if $u_dbh && $user_db_exists; |
|
| 502 | 515 |
|
| 503 | 516 |
$dbh->commit; |
| 504 |
$u_dbh->commit if $u_dbh; |
|
| 517 |
$u_dbh->commit if $u_dbh && $user_db_exists;
|
|
| 505 | 518 |
|
| 506 | 519 |
$::lxdebug->leave_sub; |
| 507 | 520 |
} |
Auch abrufbar als: Unified diff
Usermaske im Adminbereich vor logins aus sessions geschützt.
Notwendigerweise zusätzlich User->new und Auth->read_user auf %params
umgeschrieben.