Jonathan Druart
3dd1cdd74f
The userenv (logged in user's info) are stored in $C4::Context->context->{activeuser}, which persists in plack worker's memory. It's really bad in theory as we are not cleaning it before or after the HTTP request, but only when set_userenv is called (what we are doing commonly in C4::Auth::get_template_and_user). If C4::Context->userenv is called before set_userenv we should get undef, not the userenv from the previous request! In practice this should not be a problem, but well... who really knows? This patch suggests to have a middleware to deal with removing the userenv at the beginning of each request (maybe it should be after, right? - FIXME). To test: 1 - Edit /etc/koha/sites/kohadev/koha-conf.xml to set <plack_workers>1</plack_workers> 2 - Edit about.pl and add a line after: CGI->new: warn Data::Dumper::Dumper( C4::Cointext->userenv() ); 3 - tail -f /var/log/koha/kohadev/*.log 4 - View about.pl in staff interface, should get a "somethign's wrong" warning 5 - Reload, you get current user info 6 - Open an incognito tab, sign in as a different user and click some stuff 7 - Reload about.pl in other window 8 - You get the opac user info 9 - Apply patch 10 - Edit /etc/koha/sites/kohadev/plack.psgi and add the middleware after "RealIP": enable "+Koha::Middleware::UserEnv"; 11 - Restart all 12 - Reload about.pl - you get a "Something's wrong" warning 13 - Click things in opac on incognito window 14 - Reload about.pl - only "Something's wrong" - you no longer see any user info Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> (cherry picked from commit 576e7e09fdca703f76c0d10ae55eebf12ee1fdf4) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> |
||
---|---|---|
.. | ||
docs | ||
scripts | ||
source | ||
templates | ||
bd-to-depends | ||
build-git-snapshot | ||
changelog | ||
clean | ||
compat | ||
control | ||
control.in | ||
copyright | ||
koha-common.bash-completion | ||
koha-common.config | ||
koha-common.cron.d | ||
koha-common.cron.daily | ||
koha-common.cron.hourly | ||
koha-common.cron.monthly | ||
koha-common.default | ||
koha-common.dirs | ||
koha-common.docs | ||
koha-common.init | ||
koha-common.install | ||
koha-common.links | ||
koha-common.logrotate | ||
koha-common.postinst | ||
koha-common.preinst | ||
koha-common.README.Debian | ||
koha-common.service | ||
koha-common.templates | ||
koha-core.bash-completion | ||
koha-core.config | ||
koha-core.default | ||
koha-core.dirs | ||
koha-core.docs | ||
koha-core.init | ||
koha-core.install | ||
koha-core.links | ||
koha-core.logrotate | ||
koha-core.postinst | ||
koha-core.preinst | ||
koha-core.templates | ||
koha-full.postinst | ||
koha-post-install-setup | ||
koha.apache-ports | ||
koha.config | ||
koha.dirs | ||
koha.install | ||
koha.postinst | ||
koha.postrm | ||
koha.prerm | ||
koha.README.Debian | ||
list-deps | ||
README.build | ||
rules | ||
unavailable.html | ||
update-control |
In order to build .deb packages, following debian packages need to be present (installed): devscripts pbuilder dh-make fakeroot As root (or sudo) execute: pbuilder create Executing build-git-snapshot without any arguments will leave package and the rest in some pbuilder dir, eg. /var/cache/pbuilder/result It is highly recommended that --buildresult option is used.