From fdc49e0fb34e138059f7b47b87c66cc8a1347162 Mon Sep 17 00:00:00 2001 From: Marcel de Rooy Date: Thu, 1 Jun 2023 13:03:50 +0000 Subject: [PATCH] Bug 33879: Do no longer overwrite interface in check_cookie_auth MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This will only have effect on installations running OPAC and staff on the same domain name. In that case an OPAC cookie still allows you to access intranet, and v.v. Test plan: Repeat the following steps WITHOUT this patch and WITH it. Login via OPAC. Go to staff. Perform an action that logs the interface in e.g. the statistics table, like a checkout. Inspect interface in the corresponding table. Observe difference that this patch makes. With this patch: Run t/db_dependent/Auth.t. Should pass again. Signed-off-by: Marcel de Rooy Signed-off-by: Björn Nylén Signed-off-by: David Nind Signed-off-by: Martin Renvoize Signed-off-by: Tomas Cohen Arazi (cherry picked from commit 68aeaf5c4c6aeeca4347995e5f74464929c20ac5) Signed-off-by: Martin Renvoize --- C4/Auth.pm | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index 07afd24018..3a3c559bad 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -1789,7 +1789,10 @@ sub check_cookie_auth { my $flags = defined($flagsrequired) ? haspermission( $userid, $flagsrequired ) : 1; if ($flags) { C4::Context->_new_userenv($sessionID); - C4::Context->interface($session->param('interface')); + if ( !C4::Context->interface ) { + # No need to override the interface, most often set by get_template_and_user + C4::Context->interface( $session->param('interface') ); + } C4::Context->set_userenv( $session->param('number'), $session->param('id') // '', $session->param('cardnumber'), $session->param('firstname'), -- 2.39.5