lemonldap-ng/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GrantSession.pm

package Lemonldap::NG::Portal::Plugins::GrantSession;

use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants qw(
  PE_OK
  PE_SESSIONNOTGRANTED
  PE_BADCREDENTIALS
);

our $VERSION = '2.0.2';

extends 'Lemonldap::NG::Portal::Main::Plugin';

use constant afterData => 'run';

has rules => ( is => 'rw', default => sub { {} } );

sub init {
    my ($self) = @_;
    my $hd = $self->p->HANDLER;
    foreach ( keys %{ $self->conf->{grantSessionRules} } ) {
        $self->logger->debug("GrantRule key -> $_");
        $self->logger->debug(
            "GrantRule value -> " . $self->conf->{grantSessionRules}->{$_} );
        my $rule =
          $hd->buildSub(
            $hd->substitute( $self->conf->{grantSessionRules}->{$_} ) );
        unless ($rule) {
            $self->error( "Bad grantSession rule " . $hd->tsv->{jail}->error );
            return 0;
        }
        $self->rules->{$_} = $rule;
    }
    return 1;
}

sub run {
    my ( $self, $req ) = @_;

    sub sortByComment {
        my $A = ( $a =~ /^.*?##(.*)$/ )[0];
        my $B = ( $b =~ /^.*?##(.*)$/ )[0];
        return !$A ? 1 : !$B ? -1 : $A cmp $B;
    }

    # Avoid display notification if AuthResult is not null
    return PE_BADCREDENTIALS if $req->authResult > PE_OK;

    foreach ( sort sortByComment keys %{ $self->rules } ) {
        $self->logger->debug( "Grant session condition -> "
              . $self->conf->{grantSessionRules}->{$_} );
        unless ( $self->rules->{$_}->( $req, $req->sessionInfo ) ) {
            $req->userData( {} );

            # Catch rule message
            $_ =~ /^(.*?)##.*$/;
            if ($1) {
                $self->logger->debug("Message -> $1");

                # Message can contain session data as user attributes or macros
                my $hd  = $self->p->HANDLER;
                my $msg = $hd->substitute($1);
                unless ( $msg = $hd->buildSub($msg) ) {
                    $self->error( "Bad message " . $hd->tsv->{jail}->error );
                    return PE_OK;
                }
                $msg = $msg->( $req, $req->sessionInfo );
                $req->info(
                    $self->loadTemplate(
                        'simpleInfo', params => { trspan => $msg }
                    )
                );
                $self->userLogger->error( 'User '
                      . $req->sessionInfo->{uid}
                      . " was not granted to open session (rule -> $msg)" );
                $req->urldc( $self->conf->{portal} );
                return $req->authResult(PE_SESSIONNOTGRANTED);
            }
            else {
                $self->userLogger->error( 'User '
                      . $req->sessionInfo->{uid}
                      . " was not granted to open session (rule -> "
                      . $self->conf->{grantSessionRules}->{$_}
                      . ")" );
                $req->urldc( $self->conf->{portal} );
                return $req->authResult(PE_SESSIONNOTGRANTED);
            }
        }
    }
    return PE_OK;
}

1;
GrantSession plugin (#595) 2017-02-16 19:14:42 +01:00			`package Lemonldap::NG::Portal::Plugins::GrantSession;`

			`use strict;`
			`use Mouse;`
			`use Lemonldap::NG::Portal::Main::Constants qw(`
Tidy 2019-02-05 23:12:17 +01:00			`PE_OK`
			`PE_SESSIONNOTGRANTED`
			`PE_BADCREDENTIALS`
GrantSession plugin (#595) 2017-02-16 19:14:42 +01:00			`);`

Update versions 2019-02-05 18:44:31 +01:00			`our $VERSION = '2.0.2';`
Missing versions (#595) 2017-02-28 21:53:19 +01:00
GrantSession plugin (#595) 2017-02-16 19:14:42 +01:00			`extends 'Lemonldap::NG::Portal::Main::Plugin';`

Fix conf parameter name (#1510) 2018-10-01 15:20:41 +02:00			`use constant afterData => 'run';`
GrantSession plugin (#595) 2017-02-16 19:14:42 +01:00
			`has rules => ( is => 'rw', default => sub { {} } );`

			`sub init {`
			`my ($self) = @_;`
			`my $hd = $self->p->HANDLER;`
Fix conf parameter name (#1510) 2018-10-01 15:20:41 +02:00			`foreach ( keys %{ $self->conf->{grantSessionRules} } ) {`
WIP - Fix grantSession rules creation from manager & message display (#1510) 2018-10-01 19:43:16 +02:00			`$self->logger->debug("GrantRule key -> $_");`
			`$self->logger->debug(`
			`"GrantRule value -> " . $self->conf->{grantSessionRules}->{$_} );`
Tidy 2019-02-05 23:12:17 +01:00			`my $rule =`
			`$hd->buildSub(`
Fix conf parameter name (#1510) 2018-10-01 15:20:41 +02:00			`$hd->substitute( $self->conf->{grantSessionRules}->{$_} ) );`
GrantSession plugin (#595) 2017-02-16 19:14:42 +01:00			`unless ($rule) {`
Tidy 2019-02-05 23:12:17 +01:00			`$self->error( "Bad grantSession rule " . $hd->tsv->{jail}->error );`
GrantSession plugin (#595) 2017-02-16 19:14:42 +01:00			`return 0;`
			`}`
			`$self->rules->{$_} = $rule;`
			`}`
			`return 1;`
			`}`

Fix conf parameter name (#1510) 2018-10-01 15:20:41 +02:00			`sub run {`
GrantSession plugin (#595) 2017-02-16 19:14:42 +01:00			`my ( $self, $req ) = @_;`

			`sub sortByComment {`
			`my $A = ( $a =~ /^.?##(.)$/ )[0];`
			`my $B = ( $b =~ /^.?##(.)$/ )[0];`
			`return !$A ? 1 : !$B ? -1 : $A cmp $B;`
			`}`
WIP - Fix grantSession rules creation from manager & message display (#1510) 2018-10-01 19:43:16 +02:00
Cleaning code (#1628) 2019-02-04 18:59:37 +01:00			`# Avoid display notification if AuthResult is not null`
Update code (#1628) 2019-02-06 13:20:35 +01:00			`return PE_BADCREDENTIALS if $req->authResult > PE_OK;`
Fix error msg & Improve unit test (#1628) 2019-02-04 17:40:18 +01:00
GrantSession plugin (#595) 2017-02-16 19:14:42 +01:00			`foreach ( sort sortByComment keys %{ $self->rules } ) {`
Append debug message (#1510) 2018-10-01 22:46:28 +02:00			`$self->logger->debug( "Grant session condition -> "`
Tidy 2019-02-05 23:12:17 +01:00			`. $self->conf->{grantSessionRules}->{$_} );`
Replace request management in handler (#1044) Note: this is a big change, more tests needed 2017-03-28 23:07:49 +02:00			`unless ( $self->rules->{$_}->( $req, $req->sessionInfo ) ) {`
Enable history (#595) 2017-02-19 08:17:48 +01:00			`$req->userData( {} );`
WIP - Fix grantSession rules creation from manager & message display (#1510) 2018-10-01 19:43:16 +02:00
			`# Catch rule message`
			`$_ =~ /^(.?)##.$/;`
perltidy 2018-10-07 11:40:26 +02:00			`if ($1) {`
Append debug message (#1510) 2018-10-01 22:46:28 +02:00			`$self->logger->debug("Message -> $1");`
perltidy 2018-10-07 15:19:00 +02:00
Tidy 2019-02-05 23:12:17 +01:00			`# Message can contain session data as user attributes or macros`
GrantSession message can contain session data (#1510) 2018-10-07 14:13:13 +02:00			`my $hd = $self->p->HANDLER;`
			`my $msg = $hd->substitute($1);`
Improve code (#1510) 2018-10-07 21:32:26 +02:00			`unless ( $msg = $hd->buildSub($msg) ) {`
GrantSession message can contain session data (#1510) 2018-10-07 14:13:13 +02:00			`$self->error( "Bad message " . $hd->tsv->{jail}->error );`
Improve code (#1510) 2018-10-07 21:32:26 +02:00			`return PE_OK;`
GrantSession message can contain session data (#1510) 2018-10-07 14:13:13 +02:00			`}`
			`$msg = $msg->( $req, $req->sessionInfo );`
WIP - Fix grantSession rules creation from manager & message display (#1510) 2018-10-01 19:43:16 +02:00			`$req->info(`
			`$self->loadTemplate(`
GrantSession message can contain session data (#1510) 2018-10-07 14:13:13 +02:00			`'simpleInfo', params => { trspan => $msg }`
WIP - Fix grantSession rules creation from manager & message display (#1510) 2018-10-01 19:43:16 +02:00			`)`
			`);`
			`$self->userLogger->error( 'User '`
Tidy 2019-02-05 23:12:17 +01:00			`. $req->sessionInfo->{uid}`
			`. " was not granted to open session (rule -> $msg)" );`
WIP - Fix grantSession rules creation from manager & message display (#1510) 2018-10-01 19:43:16 +02:00			`$req->urldc( $self->conf->{portal} );`
			`return $req->authResult(PE_SESSIONNOTGRANTED);`
			`}`
			`else {`
			`$self->userLogger->error( 'User '`
Tidy 2019-02-05 23:12:17 +01:00			`. $req->sessionInfo->{uid}`
			`. " was not granted to open session (rule -> "`
			`. $self->conf->{grantSessionRules}->{$_}`
			`. ")" );`
WIP - Fix grantSession rules creation from manager & message display (#1510) 2018-10-01 19:43:16 +02:00			`$req->urldc( $self->conf->{portal} );`
			`return $req->authResult(PE_SESSIONNOTGRANTED);`
			`}`
GrantSession plugin (#595) 2017-02-16 19:14:42 +01:00			`}`
			`}`
Fix mistake (#1510) 2018-10-01 19:53:21 +02:00			`return PE_OK;`
GrantSession plugin (#595) 2017-02-16 19:14:42 +01:00			`}`

			`1;`