2017-02-16 19:14:42 +01:00
|
|
|
package Lemonldap::NG::Portal::Plugins::GrantSession;
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use Mouse;
|
|
|
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
2018-10-01 19:43:16 +02:00
|
|
|
PE_OK
|
|
|
|
PE_SESSIONNOTGRANTED
|
2017-02-16 19:14:42 +01:00
|
|
|
);
|
|
|
|
|
2017-02-28 21:53:19 +01:00
|
|
|
our $VERSION = '2.0.0';
|
|
|
|
|
2017-02-16 19:14:42 +01:00
|
|
|
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
|
|
|
|
2018-10-01 15:20:41 +02:00
|
|
|
use constant afterData => 'run';
|
2017-02-16 19:14:42 +01:00
|
|
|
|
|
|
|
has rules => ( is => 'rw', default => sub { {} } );
|
|
|
|
|
|
|
|
sub init {
|
|
|
|
my ($self) = @_;
|
|
|
|
my $hd = $self->p->HANDLER;
|
2018-10-01 15:20:41 +02:00
|
|
|
foreach ( keys %{ $self->conf->{grantSessionRules} } ) {
|
2018-10-01 19:43:16 +02:00
|
|
|
$self->logger->debug("GrantRule key -> $_");
|
|
|
|
$self->logger->debug(
|
|
|
|
"GrantRule value -> " . $self->conf->{grantSessionRules}->{$_} );
|
|
|
|
my $rule = $hd->buildSub(
|
2018-10-01 15:20:41 +02:00
|
|
|
$hd->substitute( $self->conf->{grantSessionRules}->{$_} ) );
|
2017-02-16 19:14:42 +01:00
|
|
|
unless ($rule) {
|
2018-10-01 19:43:16 +02:00
|
|
|
$self->error(
|
|
|
|
"Bad grantSession rule " . $hd->tsv->{jail}->error );
|
2017-02-16 19:14:42 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
$self->rules->{$_} = $rule;
|
|
|
|
}
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2018-10-01 15:20:41 +02:00
|
|
|
sub run {
|
2017-02-16 19:14:42 +01:00
|
|
|
my ( $self, $req ) = @_;
|
|
|
|
|
|
|
|
sub sortByComment {
|
|
|
|
my $A = ( $a =~ /^.*?##(.*)$/ )[0];
|
|
|
|
my $B = ( $b =~ /^.*?##(.*)$/ )[0];
|
|
|
|
return !$A ? 1 : !$B ? -1 : $A cmp $B;
|
|
|
|
}
|
2018-10-01 19:43:16 +02:00
|
|
|
|
2017-02-16 19:14:42 +01:00
|
|
|
foreach ( sort sortByComment keys %{ $self->rules } ) {
|
2018-10-01 22:46:28 +02:00
|
|
|
$self->logger->debug( "Grant session condition -> "
|
2018-10-01 19:43:16 +02:00
|
|
|
. $self->conf->{grantSessionRules}->{$_} );
|
2017-03-28 23:07:49 +02:00
|
|
|
unless ( $self->rules->{$_}->( $req, $req->sessionInfo ) ) {
|
2017-02-19 08:17:48 +01:00
|
|
|
$req->userData( {} );
|
2018-10-01 19:43:16 +02:00
|
|
|
|
|
|
|
# Catch rule message
|
|
|
|
$_ =~ /^(.*?)##.*$/;
|
2018-10-01 22:46:28 +02:00
|
|
|
if ( $1 ) {
|
|
|
|
$self->logger->debug("Message -> $1");
|
2018-10-01 19:43:16 +02:00
|
|
|
$req->info(
|
|
|
|
$self->loadTemplate(
|
|
|
|
'simpleInfo', params => { trspan => $1 }
|
|
|
|
)
|
|
|
|
);
|
|
|
|
$self->userLogger->error( 'User '
|
|
|
|
. $req->user
|
|
|
|
. " was not granted to open session (rule -> $1)" );
|
|
|
|
$req->urldc( $self->conf->{portal} );
|
|
|
|
return $req->authResult(PE_SESSIONNOTGRANTED);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$self->userLogger->error( 'User '
|
|
|
|
. $req->user
|
|
|
|
. " was not granted to open session (rule -> "
|
|
|
|
. $self->conf->{grantSessionRules}->{$_}
|
|
|
|
. ")" );
|
|
|
|
$req->urldc( $self->conf->{portal} );
|
|
|
|
return $req->authResult(PE_SESSIONNOTGRANTED);
|
|
|
|
}
|
2017-02-16 19:14:42 +01:00
|
|
|
}
|
|
|
|
}
|
2018-10-01 19:53:21 +02:00
|
|
|
return PE_OK;
|
2017-02-16 19:14:42 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
1;
|