1 # BEGIN BPS TAGGED BLOCK {{{
5 # This software is Copyright (c) 1996-2013 Best Practical Solutions, LLC
6 # <sales@bestpractical.com>
8 # (Except where explicitly superseded by other copyright notices)
13 # This work is made available to you under the terms of Version 2 of
14 # the GNU General Public License. A copy of that license should have
15 # been provided with this software, but in any event can be snarfed
18 # This work is distributed in the hope that it will be useful, but
19 # WITHOUT ANY WARRANTY; without even the implied warranty of
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 # General Public License for more details.
23 # You should have received a copy of the GNU General Public License
24 # along with this program; if not, write to the Free Software
25 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26 # 02110-1301 or visit their web page on the internet at
27 # http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
30 # CONTRIBUTION SUBMISSION POLICY:
32 # (The following paragraph is not intended to limit the rights granted
33 # to you to modify and distribute this software under the terms of
34 # the GNU General Public License and is only of importance to you if
35 # you choose to contribute your changes and enhancements to the
36 # community by submitting them to Best Practical Solutions, LLC.)
38 # By intentionally submitting any modifications, corrections or
39 # derivatives to this work, or any other work intended for use with
40 # Request Tracker, to Best Practical Solutions, LLC, you confirm that
41 # you are the copyright holder for those contributions and you grant
42 # Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
43 # royalty-free, perpetual, license to use, copy, create derivative
44 # works based on those contributions, and sublicense and distribute
45 # those contributions and any derivatives thereof.
47 # END BPS TAGGED BLOCK }}}
49 package RT::Interface::Web::Session;
57 RT::Interface::Web::Session - RT web session class
64 RT session class and utilities.
66 CLASS METHODS can be used without creating object instances,
67 it's mainly utilities to clean unused session records.
69 Object is tied hash and can be used to access session data.
77 Returns name of the class that is used as sessions storage.
84 my $class = RT->Config->Get('WebSessionClass')
85 || $self->Backends->{RT->Config->Get('DatabaseType')}
86 || 'Apache::Session::File';
87 eval "require $class";
94 Returns hash reference with names of the databases as keys and
95 sessions class names as values.
101 mysql => 'Apache::Session::MySQL',
102 Pg => 'Apache::Session::Postgres',
108 Returns hash reference with attributes that are used to create
114 my $class = $_[0]->Class;
115 return !$class->isa('Apache::Session::File') ? {
116 Handle => $RT::Handle->dbh,
117 LockHandle => $RT::Handle->dbh,
120 Directory => $RT::MasonSessionDir,
121 LockDirectory => $RT::MasonSessionDir,
128 Returns array ref with list of the session IDs.
133 my $self = shift || __PACKAGE__;
134 my $attributes = $self->Attributes;
135 if( $attributes->{Directory} ) {
136 return $self->_IdsDir( $attributes->{Directory} );
138 return $self->_IdsDB( $RT::Handle->dbh );
143 my ($self, $dir) = @_;
147 sub { return unless /^[a-zA-Z0-9]+$/;
148 $file{$_} = (stat($_))[9];
153 return [ sort { $file{$a} <=> $file{$b} } keys %file ];
157 my ($self, $dbh) = @_;
158 my $ids = $dbh->selectcol_arrayref("SELECT id FROM sessions ORDER BY LastUpdated DESC");
159 die "couldn't get ids: ". $dbh->errstr if $dbh->errstr;
165 Takes seconds and deletes all sessions that are older.
170 my $class = shift || __PACKAGE__;
171 my $attributes = $class->Attributes;
172 if( $attributes->{Directory} ) {
173 return $class->_ClearOldDir( $attributes->{Directory}, @_ );
175 return $class->_ClearOldDB( $RT::Handle->dbh, @_ );
180 my ($self, $dbh, $older_than) = @_;
182 unless( int $older_than ) {
183 $rows = $dbh->do("DELETE FROM sessions");
184 die "couldn't delete sessions: ". $dbh->errstr unless defined $rows;
187 my $date = POSIX::strftime("%Y-%m-%d %H:%M", localtime( time - int $older_than ) );
189 my $sth = $dbh->prepare("DELETE FROM sessions WHERE LastUpdated < ?");
190 die "couldn't prepare query: ". $dbh->errstr unless $sth;
191 $rows = $sth->execute( $date );
192 die "couldn't execute query: ". $dbh->errstr unless defined $rows;
195 $RT::Logger->info("successfuly deleted $rows sessions");
200 my ($self, $dir, $older_than) = @_;
202 require File::Spec if int $older_than;
205 my $class = $self->Class;
206 my $attrs = $self->Attributes;
208 foreach my $id( @{ $self->Ids } ) {
209 if( int $older_than ) {
210 my $mtime = (stat(File::Spec->catfile($dir,$id)))[9];
211 if( $mtime > $now - $older_than ) {
212 $RT::Logger->debug("skipped session '$id', isn't old");
219 eval { tie %session, $class, $id, $attrs };
221 $RT::Logger->debug("skipped session '$id', couldn't load: $@");
224 tied(%session)->delete;
225 $RT::Logger->info("successfuly deleted session '$id'");
228 my $lock = Apache::Session::Lock::File->new;
229 $lock->clean( $dir, $older_than );
236 Checks all sessions and if user has more then one session
237 then leave only the latest one.
242 my $self = shift || __PACKAGE__;
243 my $class = $self->Class;
244 my $attrs = $self->Attributes;
247 foreach my $id( @{ $self->Ids } ) {
250 eval { tie %session, $class, $id, $attrs };
252 $RT::Logger->debug("skipped session '$id', couldn't load: $@");
255 if( $session{'CurrentUser'} && $session{'CurrentUser'}->id ) {
256 unless( $seen{ $session{'CurrentUser'}->id }++ ) {
257 $RT::Logger->debug("skipped session '$id', first user's session");
261 tied(%session)->delete;
262 $RT::Logger->info("successfuly deleted session '$id'");
270 my $class = $self->Class;
271 my $attrs = $self->Attributes;
276 eval { tie %session, $class, $id, $attrs };
277 eval { tie %session, $class, undef, $attrs } if $@;
279 die loc("RT couldn't store your session.") . "\n"
280 . loc("This may mean that that the directory '[_1]' isn't writable or a database table is missing or corrupt.",
281 $RT::MasonSessionDir)
286 return tied %session;