Use real authentificationLevel & Improve unit test (#2129)
This commit is contained in:
parent
2a34d1ae8c
commit
154250e6e7
|
@ -129,7 +129,7 @@
|
|||
.\" ========================================================================
|
||||
.\"
|
||||
.IX Title "llng-fastcgi-server 8"
|
||||
.TH llng-fastcgi-server 8 "2020-03-02" "perl v5.26.1" "User Contributed Perl Documentation"
|
||||
.TH llng-fastcgi-server 8 "2020-04-01" "perl v5.26.1" "User Contributed Perl Documentation"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
||||
.\" way too many mistakes in technical documents.
|
||||
.if n .ad l
|
||||
|
|
|
@ -263,6 +263,7 @@ sub check {
|
|||
"Compute groups and macros with real and spoofed attributes"
|
||||
);
|
||||
$req->sessionInfo($attrs);
|
||||
delete $req->sessionInfo->{groups};
|
||||
$req->steps( [ $self->p->groupsAndMacros, 'setLocalGroups' ] );
|
||||
if ( my $error = $self->p->process($req) ) {
|
||||
$self->logger->debug("Process returned error: $error");
|
||||
|
@ -410,10 +411,10 @@ sub _userData {
|
|||
# Compute groups & macros again with real authenticationLevel
|
||||
$req->sessionInfo->{authenticationLevel} = $realAuthLevel;
|
||||
delete $req->sessionInfo->{groups};
|
||||
|
||||
$req->steps( [ $self->p->groupsAndMacros, 'setLocalGroups' ] );
|
||||
if ( my $error = $self->p->process($req) ) {
|
||||
$self->logger->debug(
|
||||
"ContextSwitching: Process returned error: $error");
|
||||
$self->logger->debug("CheckUser: Process returned error: $error");
|
||||
return $req->error($error);
|
||||
}
|
||||
|
||||
|
|
|
@ -230,6 +230,18 @@ sub _userData {
|
|||
$req->error($error);
|
||||
}
|
||||
}
|
||||
|
||||
# Compute groups & macros again with real authenticationLevel
|
||||
$req->sessionInfo->{authenticationLevel} =
|
||||
$realSession->{real_authenticationLevel};
|
||||
delete $req->sessionInfo->{groups};
|
||||
$req->steps( [ $self->p->groupsAndMacros, 'setLocalGroups' ] );
|
||||
if ( my $error = $self->p->process($req) ) {
|
||||
$self->logger->debug("Impersonation: Process returned error: $error");
|
||||
$req->error($error);
|
||||
}
|
||||
|
||||
$self->logger->debug("Return \"$req->{user}\" sessionInfo");
|
||||
return $req->{sessionInfo};
|
||||
}
|
||||
|
||||
|
|
|
@ -212,14 +212,12 @@ ok( $res->[2]->[0] !~ m%_2fDevices</td>%, '_2fDevices NOT Found!' )
|
|||
|
||||
ok( $res->[2]->[0] =~ m%<td scope="row">authMode</td>%, 'Found macro authMode' )
|
||||
or explain( $res->[2]->[0], 'Macro Key authMode' );
|
||||
ok( $res->[2]->[0] =~ m%<td scope="row">DEMO</td>%, 'Found DEMO' )
|
||||
or explain( $res->[2]->[0], 'Macro Value DEMO' );
|
||||
ok( $res->[2]->[0] =~ m%<td scope="row">real_authMode</td>%,
|
||||
'Found macro real_authMode' )
|
||||
or explain( $res->[2]->[0], 'Macro Key real_authMode' );
|
||||
ok( $res->[2]->[0] =~ m%<td scope="row">TOTP</td>%, 'Found TOTP' )
|
||||
or explain( $res->[2]->[0], 'Macro Value TOTP' );
|
||||
count(8);
|
||||
count(7);
|
||||
|
||||
$query =~ s/url=/url=http%3A%2F%2Ftest1.example.com/;
|
||||
ok(
|
||||
|
|
|
@ -28,6 +28,7 @@ SKIP: {
|
|||
impersonationMergeSSOgroups => 1,
|
||||
totp2fSelfRegistration => 1,
|
||||
totp2fActivation => 1,
|
||||
totp2fAuthnLevel => 8
|
||||
}
|
||||
}
|
||||
);
|
||||
|
@ -233,6 +234,46 @@ m%<div class="alert alert-success"><div class="text-center"><b><span trspan="all
|
|||
or explain( $res->[2]->[0], 'Macro Key _whatToTrace' );
|
||||
count(12);
|
||||
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/checkuser',
|
||||
cookie => "lemonldap=$id",
|
||||
accept => 'text/html'
|
||||
),
|
||||
'CheckUser form',
|
||||
);
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/checkuser', 'user', 'url' );
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="checkUserMerged">%,
|
||||
'Found trspan="checkUserMerged"' )
|
||||
or explain( $res->[2]->[0], 'trspan="checkUserMerged"' );
|
||||
count(2);
|
||||
|
||||
$query =~ s/user=dwho/user=rtyler/;
|
||||
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/checkuser',
|
||||
IO::String->new($query),
|
||||
cookie => "lemonldap=$id",
|
||||
length => length($query),
|
||||
accept => 'text/html',
|
||||
),
|
||||
'POST checkuser'
|
||||
);
|
||||
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/checkuser', 'user', 'url' );
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="checkUserComputeSession">%,
|
||||
'Found trspan="checkUserComputeSession"' )
|
||||
or explain( $res->[2]->[0], 'trspan="checkUserComputeSession"' );
|
||||
ok( $res->[2]->[0] =~ m%<td scope="row">authMode</td>%,
|
||||
'Found macro authMode' )
|
||||
or explain( $res->[2]->[0], 'Macro Key authMode' );
|
||||
ok( $res->[2]->[0] =~ m%<td scope="row">TOTP</td>%, 'Found TOTP' )
|
||||
or explain( $res->[2]->[0], 'Macro Value TOTP' );
|
||||
count(4);
|
||||
|
||||
$client->logout($id);
|
||||
}
|
||||
clean_sessions();
|
||||
|
|
|
@ -321,8 +321,8 @@ ok( $res->[2]->[0] =~ m%<td scope="row">rtyler/dwho</td>%, 'Found rtyler/dwo' )
|
|||
count(15);
|
||||
|
||||
my %attributes = map /<td scope="row">(.+)?<\/td>/g, $res->[2]->[0];
|
||||
ok( scalar keys %attributes == 35, 'Found 35 attributes' )
|
||||
or print STDERR ( keys %attributes < 35 )
|
||||
ok( scalar keys %attributes == 34, 'Found 34 attributes' )
|
||||
or print STDERR ( keys %attributes < 34 )
|
||||
? "Missing attributes -> " . scalar keys %attributes
|
||||
: "Too much attributes -> " . scalar keys %attributes;
|
||||
ok( $attributes{'_auth'} eq 'Demo', '_auth' )
|
||||
|
|
|
@ -323,8 +323,10 @@ ok( $res->[2]->[0] =~ m%<td scope="row">_session_kind</td>%,
|
|||
count(17);
|
||||
|
||||
my %attributes = map /<td scope="row">(.+)?<\/td>/g, $res->[2]->[0];
|
||||
ok( keys %attributes == 35, 'Found 35 attributes' )
|
||||
or print STDERR "Missing attributes -> " . scalar %attributes;
|
||||
ok( keys %attributes == 34, 'Found 34 attributes' )
|
||||
or print STDERR ( keys %attributes < 34 )
|
||||
? "Missing attributes -> " . scalar keys %attributes
|
||||
: "Too much attributes -> " . scalar keys %attributes;
|
||||
ok( $attributes{'_auth'} eq 'Demo', '_auth' )
|
||||
or print STDERR Dumper( \%attributes );
|
||||
ok( $attributes{'uid'}, 'uid' ) or print STDERR Dumper( \%attributes );
|
||||
|
|
Loading…
Reference in New Issue