From: Bill Erickson Date: Tue, 1 Sep 2020 15:42:03 +0000 (-0400) Subject: SIP2Mediator EG configs continued X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=493fdfe0051fbaec42effc285be613b3353de81a;p=working%2FEvergreen.git SIP2Mediator EG configs continued Signed-off-by: Bill Erickson --- diff --git a/Open-ILS/examples/fm_IDL.xml b/Open-ILS/examples/fm_IDL.xml index 495910bf75..cb2b244849 100644 --- a/Open-ILS/examples/fm_IDL.xml +++ b/Open-ILS/examples/fm_IDL.xml @@ -13445,13 +13445,11 @@ SELECT usr, - - diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/SIP2Gateway.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/SIP2Gateway.pm index e40a43b88d..b7d5d90e0a 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/SIP2Gateway.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/SIP2Gateway.pm @@ -73,27 +73,30 @@ sub authenticate { my $auth = $U->simplereq( 'open-ils.auth_internal', 'open-ils.auth_internal.session.create', { - user_id => $account->{ils_usr}, - workstation => $account->{ils_workstation}, + user_id => $account->usr, + workstation => $account->workstation->name, login_type => 'staff' }); if ($auth->{textcode} ne 'SUCCESS') { $logger->warn( - "SIP2 login failed for ils_usr".$account->{ils_usr}); + "SIP2 login failed for ILS user: ".$account->usr); return 0; } - $account->{authtoken} = $auth->{payload}->{authtoken}; + my $session = { + account => $account, + authtoken => $auth->{payload}->{authtoken} + }; - # cache the login user account as well - $account->{login} = $U->simplereq( + # cache the login user as well + $session->{login} = $U->simplereq( 'open-ils.auth', 'open-ils.auth.session.retrieve', - $account->{authtoken} + $session->{authtoken} ); - cache()->put_cache("sip2_$seskey", $account); + cache()->put_cache("sip2_$seskey", $session); return 1; } @@ -180,8 +183,12 @@ sub init { my $e = new_editor(); my $settings = $e->retrieve_all_config_sip_setting; + my $accounts = $e->search_config_sip_account([ + {id => {'!=' => undef}}, + {flesh => 1, flesh_fields => {csa => ['workstation']}} + ]); - $config = {institutions => []}; + $config = {institutions => [], accounts => $accounts}; # Institution specific settings. # In addition to the options, this tells us what institutions we support. @@ -191,9 +198,9 @@ sub init { my $name = $set->name; my ($inst_conf) = - grep {$_->id eq $inst} @{$config->{institutions}} || + grep {$_->{id} eq $inst} @{$config->{institutions}} || { id => $inst, - currency => 'USD', # TODO + currency => 'USD', # default supports => [], options => {} }; @@ -327,12 +334,17 @@ sub handle_login { my $sip_username = get_field_value($message, 'CN'); my $sip_password = get_field_value($message, 'CO'); - my ($account) = grep { - $_->{sip_username} eq $sip_username && - $_->{sip_password} eq $sip_password - } @{$config->{accounts}}; + my ($account) = + grep {$_->sip_username eq $sip_username} @{$config->{accounts}}; - if ($account) { + if (!$account) { + $logger->warn("SIP2: No such SIP account: $sip_username"); + return $response; + } + + if ($U->verify_user_password( + new_editor(), $account->usr, $sip_password, 'sip2')) { + my $session = OpenILS::WWW::SIPSession->new(seskey => $seskey); $response->{fixed_fields}->[0] = '1' if $session->authenticate($account); @@ -347,18 +359,33 @@ sub handle_login { sub handle_sc_status { my ($seskey, $message) = @_; - return undef unless ( - $config->{options}->{allow_sc_status_before_login} || - OpenILS::WWW::SIPSession->from_cache($seskey) - ); + my $session = OpenILS::WWW::SIPSession->from_cache($seskey); + + my $instname; + if ($session) { + $instname = $session->{account}->institution; - # The SC Status message does not include an institution, but expects - # one in return. Use the configuration for the first institution. - # Maybe the SIP server itself should track which institutoin its - # instance is configured to use? That may multiple servers could - # run, one per institution. - my $instconf = $config->{institutions}->[0]; - my $instname = $instconf->{id}; + } else { + + # SC Status requires login? + return undef unless + $config->{options}->{allow_sc_status_before_login}; + + # The SC Status message does not include an institution, but expects + # one in return. Use the configuration for the first institution. + # Maybe the SIP server itself should track which institutoin its + # instance is configured to use? That may multiple servers could + # run, one per institution. + $instname = $config->{institutions}->[0]->{id}; + } + + my ($instconf) = + grep {$_->{id} eq $instname} @{$config->{institutions}}; + + if (!$instconf) { + $logger->warn("SIP2: No config for institution '$instname'"); + $instconf = {supports => []}; + } my $response = { code => '98', diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/SIP2Gateway/Patron.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/SIP2Gateway/Patron.pm index 844222d613..bf7ebaaed4 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/SIP2Gateway/Patron.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/SIP2Gateway/Patron.pm @@ -126,7 +126,7 @@ sub set_patron_summary_items { my $xacts = $U->simplereq( 'open-ils.actor', 'open-ils.actor.user.transactions.history.have_balance', - $session->account->{authtoken}, + $session->{authtoken}, $patron->id ); @@ -197,7 +197,7 @@ sub get_patron_penalties { {stop_date => {'>' => 'now'}} ], org_unit => - $U->get_org_full_path($session->account->{login}->ws_ou) + $U->get_org_full_path($session->{login}->ws_ou) } } }); diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.sip-config.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.sip-config.sql index 39e9beefc7..fb7c304621 100644 --- a/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.sip-config.sql +++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.sip-config.sql @@ -12,7 +12,6 @@ CREATE TABLE config.sip_account ( usr BIGINT NOT NULL REFERENCES actor.usr(id) DEFERRABLE INITIALLY DEFERRED, workstation INTEGER REFERENCES actor.workstation(id), - activity_type INTEGER REFERENCES config.usr_activity_type(id), av_format TEXT -- e.g. '3m' ); @@ -35,10 +34,22 @@ INSERT INTO actor.passwd_type (code, name, login, crypt_algo, iter_count) -- Example linking a SIP password to the 'admin' account. SELECT actor.set_passwd(1, 'sip2', 'sip_password'); +INSERT INTO actor.workstation (name, owning_lib) VALUES ('BR1-SIP2-Gateway', 4); + +INSERT INTO config.sip_account( + institution, sip_username, sip_password, usr, workstation, av_format +) VALUES ( + 'example', 'admin', + (SELECT id FROM actor.passwd WHERE usr = 1 AND passwd_type = 'sip2'), + 1, + (SELECT id FROM actor.workstation WHERE name = 'BR1-SIP2-Gateway'), + '3m' +); + INSERT INTO config.sip_setting (institution, name, value) VALUES ('*', 'allow_sc_status_before_login', 'true'), - ('*', 'currency', 'USD'), + ('*', 'currency', '"USD"'), ('example', 'due_date_use_sip_date_format', 'false'), ('example', 'patron_status_permit_loans', 'false'), ('example', 'patron_status_permit_all', 'false'),