2015-05-14 08:44:38 +02:00
|
|
|
package Lemonldap::NG::Handler::PSGI;
|
|
|
|
|
|
|
|
|
|
use 5.10.0;
|
|
|
|
|
use Mouse;
|
2015-07-24 09:23:57 +02:00
|
|
|
use Lemonldap::NG::Handler::SharedConf qw(:tsv :variables :jailSharedVars);
|
2015-05-14 08:44:38 +02:00
|
|
|
extends 'Lemonldap::NG::Common::PSGI::Router';
|
|
|
|
|
|
2015-05-14 08:45:13 +02:00
|
|
|
our $VERSION = '2.0.0';
|
2015-05-14 08:44:38 +02:00
|
|
|
|
|
|
|
|
around init => sub {
|
|
|
|
|
my ( $method, $self, $args ) = splice @_;
|
2015-06-10 22:40:26 +02:00
|
|
|
Lemonldap::NG::Handler::SharedConf->init($self);
|
2015-05-14 08:44:38 +02:00
|
|
|
return $self->$method($args);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
sub _run {
|
|
|
|
|
my $self = shift;
|
|
|
|
|
my $rule = $self->{protection} || $localConfig->{protection};
|
|
|
|
|
if ( $rule ne 'none' ) {
|
|
|
|
|
$rule =
|
|
|
|
|
$rule eq "authenticate" ? "accept" : $rule eq "manager" ? "" : $rule;
|
|
|
|
|
return sub {
|
|
|
|
|
my $req = Lemonldap::NG::Common::PSGI::Request->new( $_[0] );
|
|
|
|
|
Lemonldap::NG::Handler::API->newRequest($req);
|
|
|
|
|
my $res = Lemonldap::NG::Handler::SharedConf->run($rule);
|
2015-12-02 21:25:02 +01:00
|
|
|
$req->userData($datas) if($datas);
|
2015-05-14 08:44:38 +02:00
|
|
|
|
|
|
|
|
# TODO: Userdata
|
|
|
|
|
#print STDERR Dumper( \@_, $res ); use Data::Dumper;
|
|
|
|
|
if ( $res == 403 ) {
|
|
|
|
|
return [
|
|
|
|
|
403,
|
|
|
|
|
[ 'Content-Type' => 'text/plain' ],
|
|
|
|
|
["You don't have rights to access this page"]
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Ajax hook: Ajax requests can not understand 30x responses. This
|
|
|
|
|
# is not really HTTP compliant but nothing in this
|
|
|
|
|
# protocol can do this. Our javascript understand that
|
|
|
|
|
# it has to prompt user with the URL
|
|
|
|
|
elsif (
|
|
|
|
|
( $res == 302 or $res == 303 )
|
2015-06-10 22:40:26 +02:00
|
|
|
and (
|
|
|
|
|
$req->accept =~ m|application/json|
|
|
|
|
|
or ( $req->contentType
|
|
|
|
|
and $req->contentType =~ m|application/json| )
|
|
|
|
|
)
|
2015-05-14 08:44:38 +02:00
|
|
|
)
|
|
|
|
|
{
|
|
|
|
|
return [
|
|
|
|
|
401, [ Authorization => $req->{respHeaders}->{Location} ],
|
|
|
|
|
['']
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
elsif ($res) {
|
|
|
|
|
return [ $res, [ %{ $req->{respHeaders} } ], [''] ];
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return $self->router($req);
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
eval { Lemonldap::NG::Handler::SharedConf->checkConf() } unless (%$tsv);
|
|
|
|
|
$self->lmLog( $@, 'error' ) if ($@);
|
|
|
|
|
return sub {
|
|
|
|
|
|
|
|
|
|
#print STDERR Dumper(\@_);use Data::Dumper;
|
|
|
|
|
$self->router( Lemonldap::NG::Common::PSGI::Request->new( $_[0] ) );
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-24 09:23:57 +02:00
|
|
|
## @method hashRef user()
|
|
|
|
|
# @return hash of user datas
|
|
|
|
|
sub user {
|
2015-07-27 23:15:14 +02:00
|
|
|
my ( $self, $req ) = splice @_;
|
|
|
|
|
return $req->userData;
|
2015-07-24 09:23:57 +02:00
|
|
|
}
|
|
|
|
|
|
2015-07-26 14:18:16 +02:00
|
|
|
## @method string userId()
|
|
|
|
|
# @return user identifier to log
|
|
|
|
|
sub userId {
|
2015-07-27 23:15:14 +02:00
|
|
|
my ( $self, $req ) = splice @_;
|
|
|
|
|
return $req->userData->{_whatToTrace};
|
2015-07-26 14:18:16 +02:00
|
|
|
}
|
|
|
|
|
|
2015-07-24 09:23:57 +02:00
|
|
|
## @method boolean group(string group)
|
|
|
|
|
# @param $group name of the Lemonldap::NG group to test
|
|
|
|
|
# @return boolean : true if user is in this group
|
|
|
|
|
sub group {
|
2015-07-27 23:15:14 +02:00
|
|
|
my ( $self, $req, $group ) = splice @_;
|
|
|
|
|
return ( $req->userData->{groups} =~ /\b$group\b/ );
|
2015-07-24 09:23:57 +02:00
|
|
|
}
|
|
|
|
|
|
2015-05-14 08:44:38 +02:00
|
|
|
1;
|
