Use custom decrypt functions (#1956)
This commit is contained in:
parent
9c823b2e7f
commit
0ca649f106
6
COPYING
6
COPYING
|
@ -103,6 +103,12 @@ License: CC-3
|
|||
Comment: This work, "sfa_manager.png", is a derivative of
|
||||
"Noun project 1162.svg" by Christopher T. Howlett, under CC-BY-3.0.
|
||||
|
||||
Files: lemonldap-ng-portal/site/htdocs/static/common/icons/decryptValue.png
|
||||
Copyright: Christophe Maudoux <chrmdx@gmail.com>
|
||||
License: CC-3
|
||||
Comment: This work, "decryptValue.png", is a derivative of
|
||||
"secure.png" by Austin Condiff, under CC-BY-3.0.
|
||||
|
||||
Files: lemonldap-ng-portal/site/htdocs/static/common/icons/switchcontext_OFF.png
|
||||
Copyright: Christophe Maudoux <chrmdx@gmail.com>
|
||||
License: CC-4
|
||||
|
|
|
@ -1100,6 +1100,11 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'dbiUserUser' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'decryptValueFunctions' => {
|
||||
'msgFail' => '__badCustomFuncName__',
|
||||
'test' => qr/^(?:\w+(?:::\w+)*(?:\s+\w+(?:::\w+)*)*)?$/,
|
||||
'type' => 'text'
|
||||
},
|
||||
'decryptValueRule' => {
|
||||
'default' => 0,
|
||||
'type' => 'boolOrExpr'
|
||||
|
|
|
@ -528,6 +528,13 @@ sub attributes {
|
|||
documentation => 'Decrypt value activation rule',
|
||||
flags => 'p',
|
||||
},
|
||||
decryptValueFunctions => {
|
||||
type => 'text',
|
||||
test => qr/^(?:\w+(?:::\w+)*(?:\s+\w+(?:::\w+)*)*)?$/,
|
||||
msgFail => "__badCustomFuncName__",
|
||||
documentation => 'Custom function used for decrypting values',
|
||||
flags => 'p',
|
||||
},
|
||||
skipRenewConfirmation => {
|
||||
type => 'bool',
|
||||
default => 0,
|
||||
|
|
|
@ -718,6 +718,7 @@ sub tree {
|
|||
form => 'simpleInputContainer',
|
||||
nodes => [
|
||||
'decryptValueRule',
|
||||
'decryptValueFunctions',
|
||||
]
|
||||
},
|
||||
]
|
||||
|
|
|
@ -231,6 +231,7 @@
|
|||
"dbiSchema":"مخطط",
|
||||
"dbiUserTable":"جدول المستخدم",
|
||||
"decryptValue":"Decrypt value",
|
||||
"decryptValueFunctions":"Decrypt functions",
|
||||
"decryptValueRule":"Use rule",
|
||||
"default":"الاعْتيادي",
|
||||
"defaultRule":"القاعدة الاعتيادية ",
|
||||
|
|
|
@ -231,6 +231,7 @@
|
|||
"dbiSchema":"Schema",
|
||||
"dbiUserTable":"User table",
|
||||
"decryptValue":"Decrypt value",
|
||||
"decryptValueFunctions":"Decrypt functions",
|
||||
"decryptValueRule":"Use rule",
|
||||
"default":"Default",
|
||||
"defaultRule":"Default rule",
|
||||
|
|
|
@ -231,6 +231,7 @@
|
|||
"dbiSchema":"Schema",
|
||||
"dbiUserTable":"User table",
|
||||
"decryptValue":"Decrypt value",
|
||||
"decryptValueFunctions":"Decrypt functions",
|
||||
"decryptValueRule":"Use rule",
|
||||
"default":"Default",
|
||||
"defaultRule":"Default rule",
|
||||
|
|
|
@ -231,6 +231,7 @@
|
|||
"dbiSchema":"Schéma",
|
||||
"dbiUserTable":"Table des utilisateurs",
|
||||
"decryptValue":"Déchiffrement",
|
||||
"decryptValueFunctions":"Fonctions de déchiffrement",
|
||||
"decryptValueRule":"Règle d'utilisation",
|
||||
"default":"Défaut",
|
||||
"defaultRule":"Règle par défaut",
|
||||
|
|
|
@ -231,6 +231,7 @@
|
|||
"dbiSchema":"Schema",
|
||||
"dbiUserTable":"Tabella utente",
|
||||
"decryptValue":"Decrypt value",
|
||||
"decryptValueFunctions":"Decrypt functions",
|
||||
"decryptValueRule":"Use rule",
|
||||
"default":"Predefinito",
|
||||
"defaultRule":"Regola predefinita",
|
||||
|
|
|
@ -231,6 +231,7 @@
|
|||
"dbiSchema":"Giản đồ",
|
||||
"dbiUserTable":"Bảng người dùng",
|
||||
"decryptValue":"Decrypt value",
|
||||
"decryptValueFunctions":"Decrypt functions",
|
||||
"decryptValueRule":"Use rule",
|
||||
"default":"Mặc định",
|
||||
"defaultRule":"Quy tắc mặc định",
|
||||
|
|
|
@ -231,6 +231,7 @@
|
|||
"dbiSchema":"Schema",
|
||||
"dbiUserTable":"用户表",
|
||||
"decryptValue":"Decrypt value",
|
||||
"decryptValueFunctions":"Decrypt functions",
|
||||
"decryptValueRule":"Use rule",
|
||||
"default":"默认",
|
||||
"defaultRule":"默认规则",
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -124,6 +124,15 @@ sub params {
|
|||
$self->logger->debug("Display SwitchContext link -> $res{contextSwitching}")
|
||||
if $res{contextSwitching};
|
||||
|
||||
# Display DecryptValue link if allowed
|
||||
my $dvPlugin =
|
||||
$self->p->loadedModules->{'Lemonldap::NG::Portal::Plugins::DecryptValue'};
|
||||
$res{decryptValue} =
|
||||
$dvPlugin
|
||||
? $dvPlugin->displayLink( $req, $req->userData )
|
||||
: '';
|
||||
$self->logger->debug("Display DecryptValue link") if $res{decryptValue};
|
||||
|
||||
return %res;
|
||||
}
|
||||
|
||||
|
|
|
@ -81,7 +81,7 @@ sub display {
|
|||
|
||||
sub run {
|
||||
my ( $self, $req ) = @_;
|
||||
my $msg = '';
|
||||
my ( $msg, $decryptedValue ) = ( '', '' );
|
||||
|
||||
# Check access rules
|
||||
unless ( $self->rule->( $req, $req->userData ) ) {
|
||||
|
@ -121,12 +121,43 @@ sub run {
|
|||
}
|
||||
|
||||
my $cipheredValue = $req->param('cipheredValue') || '';
|
||||
my $decryptedValue =
|
||||
$self->p->HANDLER->tsv->{cipher}->decrypt($cipheredValue)
|
||||
if $cipheredValue;
|
||||
$self->logger->debug("decryptValue tried with value: $cipheredValue");
|
||||
|
||||
$self->logger->debug("decryptValue try with : $cipheredValue");
|
||||
$self->logger->debug("Decrypted value = $decryptedValue") if $decryptedValue;
|
||||
if ($cipheredValue) {
|
||||
if ( $self->{conf}->{decryptValueFunctions}
|
||||
and $self->{conf}->{decryptValueFunctions} =~
|
||||
qr/^(?:\w+(?:::\w+)*(?:\s+\w+(?:::\w+)*)*)?$/ )
|
||||
{
|
||||
foreach ( split( /\s+/, $self->{conf}->{decryptValueFunctions} ) ) {
|
||||
$self->userLogger->notice(
|
||||
"Try to decrypt value with function: $_");
|
||||
/^([\w:{2}]*?)(?:::)?(?:\w+)$/;
|
||||
eval "require Lemonldap::NG::Portal::$1";
|
||||
$self->logger->debug("Unable to load decrypt module: $@")
|
||||
if ($@);
|
||||
$decryptedValue = eval "$_()" unless ($@);
|
||||
$self->logger->debug(
|
||||
$@
|
||||
? "Unable to eval decrypt function: $@"
|
||||
: "Decrypted value = $decryptedValue"
|
||||
);
|
||||
last if $decryptedValue;
|
||||
}
|
||||
}
|
||||
else {
|
||||
$self->userLogger->notice("Malformed decrypt functions")
|
||||
if $self->{conf}->{decryptValueFunctions};
|
||||
$self->userLogger->notice(
|
||||
"Try to decrypt value with internal LL::NG decrypt function");
|
||||
$decryptedValue =
|
||||
$self->p->HANDLER->tsv->{cipher}->decrypt($cipheredValue);
|
||||
$self->logger->debug(
|
||||
$@
|
||||
? "Unable to decrypt value: $@"
|
||||
: "Decrypted value = $decryptedValue"
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
# Display form
|
||||
my $params = {
|
||||
|
@ -155,4 +186,9 @@ sub run {
|
|||
return $self->p->sendHtml( $req, 'decryptvalue', params => $params );
|
||||
}
|
||||
|
||||
sub displayLink {
|
||||
my ( $self, $req ) = @_;
|
||||
return $self->rule->( $req, $req->userData );
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
Binary file not shown.
After Width: | Height: | Size: 693 B |
|
@ -69,10 +69,16 @@
|
|||
</TMPL_IF>
|
||||
<TMPL_IF NAME="contextSwitching">
|
||||
<li class="dropdown-item"><a href="/switchcontext" class="nav-link">
|
||||
<img src="<TMPL_VAR NAME="STATIC_PREFIX">common/icons/switchcontext_<TMPL_VAR NAME="contextSwitching">.png" width="20" height="20" alt="refresh" />
|
||||
<img src="<TMPL_VAR NAME="STATIC_PREFIX">common/icons/switchcontext_<TMPL_VAR NAME="contextSwitching">.png" width="20" height="20" alt="switchContext" />
|
||||
<span trspan="contextSwitching_<TMPL_VAR NAME="contextSwitching">">contextSwitching_<TMPL_VAR NAME="contextSwitching"></span>
|
||||
</a></li>
|
||||
</TMPL_IF>
|
||||
<TMPL_IF NAME="decryptValue">
|
||||
<li class="dropdown-item"><a href="/decryptvalue" class="nav-link">
|
||||
<img src="<TMPL_VAR NAME="STATIC_PREFIX">common/icons/decryptValue.png" width="20" height="20" alt="decryptValue" />
|
||||
<span trspan="decryptCipheredValue">decryptCipheredValue</span>
|
||||
</a></li>
|
||||
</TMPL_IF>
|
||||
<li class="dropdown-item"><a href="/refresh" class="nav-link">
|
||||
<img src="<TMPL_VAR NAME="STATIC_PREFIX">common/icons/arrow_refresh.png" width="16" height="16" alt="refresh" />
|
||||
<span trspan="refreshrights">Refresh</span>
|
||||
|
|
Loading…
Reference in New Issue
Block a user