Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 36367: Remove _new_userenv

Browse source 
TODO - better review C4::Auth's changes. Are all the removal of
_new_userenv correct/enough?

Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This commit is contained in:
Jonathan Druart 2024-03-11 14:30:25 +01:00 committed by Martin Renvoize
parent 9c593121da
commit 58083ddf93
Signed by: martin.renvoize
GPG key ID: 422B469130441A0F
16 changed files with 20 additions and 77 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
C4/Auth.pm
View file

@ -933,7 +933,7 @@ sub checkauth {
$session->delete(); $session->delete();
$session->flush; $session->flush;
$cookie = $cookie_mgr->clear_unless( $query->cookie, @$cookie ); $cookie = $cookie_mgr->clear_unless( $query->cookie, @$cookie );
C4::Context::_unset_userenv($sessionID); C4::Context::unset_userenv();
$sessionID = undef; $sessionID = undef;
undef $userid; # IMPORTANT: this assures us a new session in code below undef $userid; # IMPORTANT: this assures us a new session in code below
$auth_state = 'failed'; $auth_state = 'failed';
@ -982,7 +982,7 @@ sub checkauth {
$session->delete(); $session->delete();
$session->flush; $session->flush;
} }
C4::Context::_unset_userenv($sessionID); C4::Context::unset_userenv();
$cookie = $cookie_mgr->clear_unless( $query->cookie, @$cookie ); $cookie = $cookie_mgr->clear_unless( $query->cookie, @$cookie );
if ($cas and $caslogout) { if ($cas and $caslogout) {
@ -1012,7 +1012,6 @@ sub checkauth {
} }
$sessionID = $session->id; $sessionID = $session->id;
C4::Context->_new_userenv($sessionID);
$cookie = $cookie_mgr->replace_in_list( $cookie, $query->cookie( $cookie = $cookie_mgr->replace_in_list( $cookie, $query->cookie(
-name => 'CGISESSID', -name => 'CGISESSID',
-value => $sessionID, -value => $sessionID,
@ -1158,7 +1157,7 @@ sub checkauth {
# although we do present an authorization failure. (Yes, the # although we do present an authorization failure. (Yes, the
# authentication was actually correct.) # authentication was actually correct.)
$info{'nopermission'} = 1; $info{'nopermission'} = 1;
C4::Context::_unset_userenv($sessionID); C4::Context::unset_userenv();
} }
my ( $borrowernumber, $firstname, $surname, $userflags, my ( $borrowernumber, $firstname, $surname, $userflags,
$branchcode, $branchname, $emailaddress, $desk_id, $branchcode, $branchname, $emailaddress, $desk_id,
@ -1306,7 +1305,7 @@ sub checkauth {
else { else {
if ($userid) { if ($userid) {
$info{'invalid_username_or_password'} = 1; $info{'invalid_username_or_password'} = 1;
C4::Context::_unset_userenv($sessionID); C4::Context::unset_userenv();
} }
$session->param( 'lasttime', time() ); $session->param( 'lasttime', time() );
$session->param( 'ip', $session->remote_addr() ); $session->param( 'ip', $session->remote_addr() );
@ -1667,7 +1666,6 @@ sub check_api_auth {
return ( "failed", undef, undef ) unless $session; return ( "failed", undef, undef ) unless $session;
my $sessionID = $session->id; my $sessionID = $session->id;
C4::Context->_new_userenv($sessionID);
my $cookie = $query->cookie( my $cookie = $query->cookie(
-name => 'CGISESSID', -name => 'CGISESSID',
-value => $sessionID, -value => $sessionID,
@ -1831,7 +1829,7 @@ sub check_cookie_auth {
unless ( $sessionID ) { unless ( $sessionID ) {
return ( "failed", undef ); return ( "failed", undef );
} }
C4::Context::_unset_userenv($sessionID); # remove old userenv first C4::Context::unset_userenv();
my $session = get_session($sessionID); my $session = get_session($sessionID);
if ($session) { if ($session) {
my $userid = $session->param('id'); my $userid = $session->param('id');
@ -1868,7 +1866,6 @@ sub check_cookie_auth {
return ("password_expired", undef ) if $patron->password_expired; return ("password_expired", undef ) if $patron->password_expired;
my $flags = defined($flagsrequired) ? haspermission( $userid, $flagsrequired ) : 1; my $flags = defined($flagsrequired) ? haspermission( $userid, $flagsrequired ) : 1;
if ($flags) { if ($flags) {
C4::Context->_new_userenv($sessionID);
if ( !C4::Context->interface ) { if ( !C4::Context->interface ) {
# No need to override the interface, most often set by get_template_and_user # No need to override the interface, most often set by get_template_and_user
C4::Context->interface( $session->param('interface') ); C4::Context->interface( $session->param('interface') );
@ -1898,7 +1895,6 @@ sub check_cookie_auth {
} }
} else { } else {
C4::Context->_new_userenv($sessionID);
C4::Context->interface($session->param('interface')); C4::Context->interface($session->param('interface'));
C4::Context->set_userenv( undef, q{} ); C4::Context->set_userenv( undef, q{} );
return ( "anon", $session ); return ( "anon", $session );

48
C4/Context.pm
View file

@ -182,7 +182,6 @@ sub new {
$self->{"Zconn"} = undef; # Zebra Connections $self->{"Zconn"} = undef; # Zebra Connections
$self->{"userenv"} = undef; # User env $self->{"userenv"} = undef; # User env
$self->{"activeuser"} = undef; # current active user
$self->{"shelves"} = undef; $self->{"shelves"} = undef;
$self->{tz} = undef; # local timezone object $self->{tz} = undef; # local timezone object
@ -758,19 +757,10 @@ sub restore_dbh
Retrieves a hash for user environment variables. Retrieves a hash for user environment variables.
This hash shall be cached for future use: if you call
C<C4::Context-E<gt>userenv> twice, you will get the same hash without real DB access
=cut =cut
#'
sub userenv { sub userenv {
my $var = $context->{"activeuser"}; return $context->{userenv};
if (defined $var and defined $context->{"userenv"}->{$var}) {
return $context->{"userenv"}->{$var};
} else {
return;
}
} }
=head2 set_userenv =head2 set_userenv
@ -798,7 +788,6 @@ sub set_userenv {
$register_id, $register_name $register_id, $register_name
) = @_; ) = @_;
my $var=$context->{"activeuser"} || '';
my $cell = { my $cell = {
"number" => $usernum, "number" => $usernum,
"id" => $userid, "id" => $userid,
@ -817,44 +806,21 @@ sub set_userenv {
"register_id" => $register_id, "register_id" => $register_id,
"register_name" => $register_name "register_name" => $register_name
}; };
$context->{userenv}->{$var} = $cell; $context->{userenv} = $cell;
return $cell; return $cell;
} }
=head2 _new_userenv =head2 unset_userenv
C4::Context->_new_userenv($session); # FIXME: This calling style is wrong for what looks like an _internal function C4::Context->unset_userenv;
Builds a hash for user environment variables. Destroys user environment variables.
This hash shall be cached for future use: if you call
C<C4::Context-E<gt>userenv> twice, you will get the same hash without real DB access
_new_userenv is called in Auth.pm
=cut =cut
#' sub unset_userenv
sub _new_userenv
{ {
shift; # Useless except it compensates for bad calling style $context->{userenv} = {};
my ($sessionID)= @_;
$context->{"activeuser"}=$sessionID;
}
=head2 _unset_userenv
C4::Context->_unset_userenv;
Destroys the hash for activeuser user environment variables.
=cut
#'
sub _unset_userenv
{
delete $context->{activeuser};
} }

6
C4/InstallAuth.pm
View file

@ -252,7 +252,6 @@ sub checkauth {
my $session = Koha::Session->get_session( { sessionID => $sessionID, storage_method => 'file' } ); my $session = Koha::Session->get_session( { sessionID => $sessionID, storage_method => 'file' } );
if ( $session ) { if ( $session ) {
C4::Context->_new_userenv($sessionID);
if ( $session->param('cardnumber') ) { if ( $session->param('cardnumber') ) {
C4::Context->set_userenv( C4::Context->set_userenv(
$session->param('number'), $session->param('number'),
@ -279,7 +278,7 @@ sub checkauth {
if ($logout || !$session) { if ($logout || !$session) {
# voluntary logout the user # voluntary logout the user
C4::Context->_unset_userenv($sessionID); C4::Context->unset_userenv();
$session = Koha::Session->get_session( { storage_method => 'file' } ); $session = Koha::Session->get_session( { storage_method => 'file' } );
} }
@ -288,7 +287,6 @@ sub checkauth {
unless ($userid) { unless ($userid) {
$userid = $query->param('login_userid'); $userid = $query->param('login_userid');
my $password = $query->param('login_password'); my $password = $query->param('login_password');
C4::Context->_new_userenv($sessionID);
my ( $return, $cardnumber ) = checkpw( $userid, $password ); my ( $return, $cardnumber ) = checkpw( $userid, $password );
if ($return) { if ($return) {
$loggedin = 1; $loggedin = 1;
@ -334,7 +332,7 @@ sub checkauth {
else { else {
if ($userid) { if ($userid) {
$info{'invalid_username_or_password'} = 1; $info{'invalid_username_or_password'} = 1;
C4::Context->_unset_userenv($sessionID); C4::Context->unset_userenv();
} }
} }
} }

1
Koha/BackgroundJob.pm
View file

@ -170,7 +170,6 @@ sub process {
if ( $self->context ) { if ( $self->context ) {
my $context = $self->json->decode($self->context); my $context = $self->json->decode($self->context);
C4::Context->_new_userenv(-1);
C4::Context->interface( $context->{interface} ); C4::Context->interface( $context->{interface} );
C4::Context->set_userenv( C4::Context->set_userenv(
$context->{number}, $context->{id}, $context->{number}, $context->{id},

2
Koha/Middleware/UserEnv.pm
View file

@ -22,7 +22,7 @@ sub call {
my $req = Plack::Request->new($env); my $req = Plack::Request->new($env);
C4::Context->_unset_userenv; C4::Context->unset_userenv;
return $self->app->($env); return $self->app->($env);
} }

2
Koha/REST/V1/Auth.pm
View file

@ -568,7 +568,7 @@ sub _set_userenv {
$THE_library = $patron->library; $THE_library = $patron->library;
} }
C4::Context->_new_userenv( $patron->borrowernumber ); C4::Context->new_userenv();
C4::Context->set_userenv( C4::Context->set_userenv(
$patron->borrowernumber, # number, $patron->borrowernumber, # number,
$patron->userid, # userid, $patron->userid, # userid,

2
Koha/Script.pm
View file

@ -46,11 +46,9 @@ sub import {
my $class = shift; my $class = shift;
my @flags = @_; my @flags = @_;
C4::Context->_new_userenv(1);
if ( ( $flags[0] || '' ) eq '-cron' ) { if ( ( $flags[0] || '' ) eq '-cron' ) {
# Set userenv # Set userenv
C4::Context->_new_userenv(1);
C4::Context->set_userenv( C4::Context->set_userenv(
undef, undef, undef, 'CRON', 'CRON', undef, undef, undef, 'CRON', 'CRON',
undef, undef, undef, undef, undef undef, undef, undef, undef, undef

1
opac/ilsdi.pl
View file

@ -128,7 +128,6 @@ unless ( $cgi->param('service') ) {
} }
# Set the userenv # Set the userenv
C4::Context->_new_userenv( 'ILSDI_'.time() );
C4::Context->set_userenv( C4::Context->set_userenv(
undef, undef, undef, 'ILSDI', 'ILSDI', undef, undef, undef, 'ILSDI', 'ILSDI',
undef, undef, undef, undef, undef, undef, undef, undef, undef, undef,

3
t/Token.t
View file

@ -27,7 +27,6 @@ use Time::HiRes qw|usleep|;
use C4::Context; use C4::Context;
use Koha::Token; use Koha::Token;
C4::Context->_new_userenv('DUMMY SESSION');
C4::Context->set_userenv(0,42,0,'firstname','surname', 'CPL', 'Library 1', 0, ''); C4::Context->set_userenv(0,42,0,'firstname','surname', 'CPL', 'Library 1', 0, '');
my $tokenizer = Koha::Token->new; my $tokenizer = Koha::Token->new;
@ -114,14 +113,12 @@ subtest 'testing _add_default_csrf_params with/without userenv (bug 27849)' => s
is( $result->{id}, 'anonymous_567', 'Check userid' ); is( $result->{id}, 'anonymous_567', 'Check userid' );
# Clear userenv # Clear userenv
C4::Context::_unset_userenv('DUMMY SESSION');
is( C4::Context::userenv, undef, 'No userenv anymore' ); is( C4::Context::userenv, undef, 'No userenv anymore' );
$result = Koha::Token::_add_default_csrf_params({}); # pass no session_id $result = Koha::Token::_add_default_csrf_params({}); # pass no session_id
is( $result->{session_id}, Koha::Token::DEFA_SESSION_ID, 'Check session id' ); is( $result->{session_id}, Koha::Token::DEFA_SESSION_ID, 'Check session id' );
is( $result->{id}, Koha::Token::DEFA_SESSION_USERID. '_'. $result->{session_id}, 'Check userid' ); is( $result->{id}, Koha::Token::DEFA_SESSION_USERID. '_'. $result->{session_id}, 'Check userid' );
# Empty anonymous userenv (see C4::Auth::check_cookie_auth) # Empty anonymous userenv (see C4::Auth::check_cookie_auth)
C4::Context->_new_userenv('ANON SESSION');
C4::Context->set_userenv( undef, q{} ); C4::Context->set_userenv( undef, q{} );
ok( C4::Context->userenv, "Userenv exists" ); ok( C4::Context->userenv, "Userenv exists" );
$result = Koha::Token::_add_default_csrf_params( {} ); # pass no session_id $result = Koha::Token::_add_default_csrf_params( {} ); # pass no session_id

7
t/db_dependent/Auth.t
View file

@ -199,7 +199,6 @@ subtest 'checkauth() tests' => sub {
$session->param( 'interface', 'intranet' ); $session->param( 'interface', 'intranet' );
$session->flush; $session->flush;
my $sessionID = $session->id; my $sessionID = $session->id;
C4::Context->_new_userenv($sessionID);
my ($return) = my ($return) =
C4::Auth::check_cookie_auth( $sessionID, undef, { skip_version_check => 1, remote_addr => '1.2.3.4' } ); C4::Auth::check_cookie_auth( $sessionID, undef, { skip_version_check => 1, remote_addr => '1.2.3.4' } );
@ -233,7 +232,6 @@ subtest 'checkauth() tests' => sub {
$session->param( 'interface', 'opac' ); $session->param( 'interface', 'opac' );
$session->flush; $session->flush;
my $previous_sessionID = $session->id; my $previous_sessionID = $session->id;
C4::Context->_new_userenv($previous_sessionID);
my ( $return ) = C4::Auth::check_cookie_auth( $previous_sessionID, undef, { skip_version_check => 1, remote_addr => '1.2.3.4' } ); my ( $return ) = C4::Auth::check_cookie_auth( $previous_sessionID, undef, { skip_version_check => 1, remote_addr => '1.2.3.4' } );
is( $return, 'ok', 'Former session in shape now' ); is( $return, 'ok', 'Former session in shape now' );
@ -262,7 +260,6 @@ subtest 'checkauth() tests' => sub {
$session->param( 'interface', 'intranet' ); $session->param( 'interface', 'intranet' );
$session->flush; $session->flush;
$previous_sessionID = $session->id; $previous_sessionID = $session->id;
C4::Context->_new_userenv($previous_sessionID);
$cgi->param( -name => 'login_userid', -value => $patron2->userid ); $cgi->param( -name => 'login_userid', -value => $patron2->userid );
$cgi->param( -name => 'login_password', -value => $password ); $cgi->param( -name => 'login_password', -value => $password );
$cgi->param( -name => 'koha_login_context', -value => 1 ); $cgi->param( -name => 'koha_login_context', -value => 1 );
@ -417,7 +414,6 @@ subtest 'checkauth() tests' => sub {
is( $sesh->param('branch'), $branch->branchcode, "If user is superlibrarian, they should be able to choose a branch" ); is( $sesh->param('branch'), $branch->branchcode, "If user is superlibrarian, they should be able to choose a branch" );
}; };
C4::Context->_new_userenv; # For next tests
}; };
subtest 'no_set_userenv parameter tests' => sub { subtest 'no_set_userenv parameter tests' => sub {
@ -430,8 +426,8 @@ subtest 'no_set_userenv parameter tests' => sub {
my $password = set_weak_password($patron); my $password = set_weak_password($patron);
ok( checkpw( $patron->userid, $password, undef, undef, 1 ), 'checkpw returns true' ); ok( checkpw( $patron->userid, $password, undef, undef, 1 ), 'checkpw returns true' );
C4::Context->unset_userenv;
is( C4::Context->userenv, undef, 'Userenv should be undef as required' ); is( C4::Context->userenv, undef, 'Userenv should be undef as required' );
C4::Context->_new_userenv('DUMMY SESSION');
C4::Context->set_userenv(0,0,0,'firstname','surname', $library->branchcode, 'Library 1', 0, '', ''); C4::Context->set_userenv(0,0,0,'firstname','surname', $library->branchcode, 'Library 1', 0, '', '');
is( C4::Context->userenv->{branch}, $library->branchcode, 'Userenv gives correct branch' ); is( C4::Context->userenv->{branch}, $library->branchcode, 'Userenv gives correct branch' );
ok( checkpw( $patron->userid, $password, undef, undef, 1 ), 'checkpw returns true' ); ok( checkpw( $patron->userid, $password, undef, undef, 1 ), 'checkpw returns true' );
@ -940,7 +936,6 @@ subtest 'Userenv clearing in check_cookie_auth' => sub {
is( C4::Context->userenv, undef, 'Environment should be cleared too' ); is( C4::Context->userenv, undef, 'Environment should be cleared too' );
# Show that we clear the userenv again: set up env and check deleted session # Show that we clear the userenv again: set up env and check deleted session
C4::Context->_new_userenv( $sessionID );
C4::Context->set_userenv; # empty C4::Context->set_userenv; # empty
is( defined C4::Context->userenv, 1, 'There should be an empty userenv again' ); is( defined C4::Context->userenv, 1, 'There should be an empty userenv again' );
( $auth_status, $session) = C4::Auth::check_cookie_auth( $sessionID ); ( $auth_status, $session) = C4::Auth::check_cookie_auth( $sessionID );

1
t/db_dependent/Koha/BackgroundJob.t
View file

@ -229,7 +229,6 @@ subtest 'process tests' => sub {
{ size => 10, a => 'aaa', b => 'bbb' } ); { size => 10, a => 'aaa', b => 'bbb' } );
my $job = Koha::BackgroundJobs->find($job_id); my $job = Koha::BackgroundJobs->find($job_id);
C4::Context->_new_userenv(-1);
C4::Context->interface('opac'); C4::Context->interface('opac');
is( C4::Context->userenv, undef, "Userenv unset prior to calling process"); is( C4::Context->userenv, undef, "Userenv unset prior to calling process");
is( C4::Context->interface, 'opac', "Interface set to opac prior to calling process"); is( C4::Context->interface, 'opac', "Interface set to opac prior to calling process");

2
t/db_dependent/Koha/Items.t
View file

@ -1317,7 +1317,7 @@ subtest 'store' => sub {
C4::Circulation::LostItem( $item->itemnumber, 1 ); C4::Circulation::LostItem( $item->itemnumber, 1 );
# Unset the userenv # Unset the userenv
C4::Context->_new_userenv(undef); C4::Context->unset_userenv();
# Simluate item marked as found # Simluate item marked as found
$item->itemlost(0)->store; $item->itemlost(0)->store;

1
t/db_dependent/Koha/Reviews.t
View file

@ -70,7 +70,6 @@ is( $retrieved_review_1_1->review, $new_review_1_1->review, 'Find a review by id
subtest 'search_limited' => sub { subtest 'search_limited' => sub {
plan tests => 2; plan tests => 2;
C4::Context->_new_userenv('xxx');
my $group_1 = Koha::Library::Group->new( { title => 'TEST Group 1' } )->store; my $group_1 = Koha::Library::Group->new( { title => 'TEST Group 1' } )->store;
my $group_2 = Koha::Library::Group->new( { title => 'TEST Group 2' } )->store; my $group_2 = Koha::Library::Group->new( { title => 'TEST Group 2' } )->store;
Koha::Library::Group->new({ parent_id => $group_1->id, branchcode => $patron_1->branchcode })->store(); Koha::Library::Group->new({ parent_id => $group_1->id, branchcode => $patron_1->branchcode })->store();

4
t/db_dependent/Koha/Template/Plugin/Registers.t
View file

@ -45,7 +45,7 @@ subtest 'session_register_id' => sub {
'1', "Returns the register id when set in the userenv" ); '1', "Returns the register id when set in the userenv" );
# Unset the userenv # Unset the userenv
C4::Context->_new_userenv(undef); C4::Context->unset_userenv();
}; };
subtest 'session_register_name' => sub { subtest 'session_register_name' => sub {
@ -61,7 +61,7 @@ subtest 'session_register_name' => sub {
'Register One', "Returns the register name when set in the userenv" ); 'Register One', "Returns the register name when set in the userenv" );
# Unset the userenv # Unset the userenv
C4::Context->_new_userenv(undef); C4::Context->unset_userenv();
}; };
subtest 'all() tests' => sub { subtest 'all() tests' => sub {

1
t/db_dependent/Patron/Borrower_Discharge.t
View file

@ -47,7 +47,6 @@ my $library = $builder->build({ source => 'Branch' });
my $another_library = $builder->build({ source => 'Branch' }); my $another_library = $builder->build({ source => 'Branch' });
my $itemtype = $builder->build({ source => 'Itemtype' })->{itemtype}; my $itemtype = $builder->build({ source => 'Itemtype' })->{itemtype};
C4::Context->_new_userenv('xxx');
my $patron = $builder->build_object({ my $patron = $builder->build_object({
class => 'Koha::Patrons', class => 'Koha::Patrons',
value => { value => {

2
t/lib/Mocks.pm
View file

@ -119,8 +119,6 @@ Also, some sane defaults are set if no parameters are passed.
sub mock_userenv { sub mock_userenv {
my ( $params ) = @_; my ( $params ) = @_;
C4::Context->_new_userenv(42);
my $userenv; my $userenv;
if ( $params and my $patron = $params->{patron} ) { if ( $params and my $patron = $params->{patron} ) {
$userenv = $patron->unblessed; $userenv = $patron->unblessed;