From 1800497815b6680f1f22fae53eb4f2ef1e72600d Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Thu, 5 Feb 2009 17:05:18 +0000 Subject: [PATCH] LEMONLDAP::NG : propagation of 0.9.3.4 changes --- build/lemonldap-ng/debian/copyright | 2 +- modules/lemonldap-ng-common/MANIFEST | 1 + .../lib/Lemonldap/NG/Common/CGI.pm | 18 ++++----- .../lib/Lemonldap/NG/Common/CGI/SOAPServer.pm | 2 +- .../Lemonldap/NG/Common/CGI/SOAPService.pm | 38 +++++++++++++++++++ .../example/scripts/buildPortalWSDL | 2 +- .../lib/Lemonldap/NG/Portal.pm | 2 +- .../lib/Lemonldap/NG/Portal/SharedConf.pm | 2 +- .../lib/Lemonldap/NG/Portal/Simple.pm | 18 ++++----- 9 files changed, 60 insertions(+), 25 deletions(-) create mode 100644 modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI/SOAPService.pm diff --git a/build/lemonldap-ng/debian/copyright b/build/lemonldap-ng/debian/copyright index 4933d5ff0..547ece6ac 100644 --- a/build/lemonldap-ng/debian/copyright +++ b/build/lemonldap-ng/debian/copyright @@ -11,7 +11,7 @@ Licence: Lemonldap::NG is distributed under your choice under the GNU General Public License or the Artistic License. On Debian GNU/Linux systems, the complete text of the GNU General Public -License version 2 can be found in `/usr/share/common-licenses/GPL' and the +License version 2 can be found in `/usr/share/common-licenses/GPL-2' and the Artistic Licence in `/usr/share/common-licenses/Artistic'. File lemonldap-ng-manager/example/lemonldap-ng-manager.js is distributed under diff --git a/modules/lemonldap-ng-common/MANIFEST b/modules/lemonldap-ng-common/MANIFEST index 6b6d7e0cd..f36def4aa 100644 --- a/modules/lemonldap-ng-common/MANIFEST +++ b/modules/lemonldap-ng-common/MANIFEST @@ -5,6 +5,7 @@ lib/Lemonldap/NG/Common/Apache/Session/SOAP.pm lib/Lemonldap/NG/Common/BuildWSDL.pm lib/Lemonldap/NG/Common/CGI.pm lib/Lemonldap/NG/Common/CGI/SOAPServer.pm +lib/Lemonldap/NG/Common/CGI/SOAPService.pm lib/Lemonldap/NG/Common/Conf.pm lib/Lemonldap/NG/Common/Conf/Constants.pm lib/Lemonldap/NG/Common/Conf/DBI.pm diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm index 4c26c1bf7..e1d045c55 100644 --- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm +++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm @@ -16,23 +16,21 @@ our $VERSION = '0.31'; use base qw(CGI); -## @method void soapTest(string soapFunctions) +## @method void soapTest(string soapFunctions object obj) # Check if request is a SOAP request. If it is, launch # Lemonldap::NG::Common::CGI::SOAPServer and exit. Else simply return. # @param $soapFunctions list of authorized functions. +# @param $obj optional object that will receive SOAP requests sub soapTest { - my $self = shift; - my $soapFunctions = shift || $self->{SOAPFunctions}; + my($self, $soapFunctions, $obj) = @_; # If non form encoded datas are posted, we call SOAP Services if ( $ENV{HTTP_SOAPACTION} ) { - require Lemonldap::NG::Common::CGI::SOAPServer; - my @func = (); - foreach ( ref($soapFunctions) ? @$soapFunctions : split /\s+/, $soapFunctions ) { - $_ = ref($self) . "::$_" unless (/::/); - push @func, $_; - } - Lemonldap::NG::Common::CGI::SOAPServer->dispatch_to(@func) + require Lemonldap::NG::Common::CGI::SOAPServer; #link protected dispatcher + require Lemonldap::NG::Common::CGI::SOAPService; #link protected soapService + my @func = ( ref($soapFunctions) ? @$soapFunctions : split /\s+/, $soapFunctions ); + my $dispatcher = Lemonldap::NG::Common::CGI::SOAPService->new($obj||$self,@func); + Lemonldap::NG::Common::CGI::SOAPServer->dispatch_to($dispatcher) ->handle($self); exit; } diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI/SOAPServer.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI/SOAPServer.pm index 5051b8161..6e4668c5f 100644 --- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI/SOAPServer.pm +++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI/SOAPServer.pm @@ -63,7 +63,7 @@ sub handle { $content, ) ); - $self->SUPER::handle; + $self->SUPER::handle(); } print $cgi->header( diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI/SOAPService.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI/SOAPService.pm new file mode 100644 index 000000000..c80269e96 --- /dev/null +++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI/SOAPService.pm @@ -0,0 +1,38 @@ +## @file +# SOAP wrapper used to restrict exported functions + +## @class +# SOAP wrapper used to restrict exported functions +package Lemonldap::NG::Common::CGI::SOAPService; + +## @cmethod Lemonldap::NG::Common::CGI::SOAPService new(object obj,string @func) +# Constructor +# @param $obj object which will be called for SOAP authorizated methods +# @param @fung authorizated methods +# @return Lemonldap::NG::Common::CGI::SOAPService object +sub new { + my($class, $obj, @func) = @_; + s/.*::// foreach(@func); + return bless {obj=>$obj,func=>\@func}, $class; +} + +## @method datas AUTOLOAD() +# Call the wanted function with the object given to the constructor. +# AUTOLOAD() is a magic method called by Perl interpreter fon non existent +# functions. Here, we use it to call the wanted function (given by $AUTOLOAD) +# if it is authorizated +# @return datas provided by the exported function +sub AUTOLOAD { + my $self = shift; + $AUTOLOAD =~ s/.*:://; + if(grep {$_ eq $AUTOLOAD} @{$self->{func}}){ + return $self->{obj}->$AUTOLOAD(@_); + } + elsif($AUTOLOAD ne 'DESTROY') { + die "$AUTOLOAD is an authorizated function";use Data::Dumper; + } + 1; +} + +1; + diff --git a/modules/lemonldap-ng-portal/example/scripts/buildPortalWSDL b/modules/lemonldap-ng-portal/example/scripts/buildPortalWSDL index 3c4901e40..8f679d339 100644 --- a/modules/lemonldap-ng-portal/example/scripts/buildPortalWSDL +++ b/modules/lemonldap-ng-portal/example/scripts/buildPortalWSDL @@ -25,7 +25,7 @@ print Lemonldap::NG::Common::BuildWSDL->new->buildWSDL(< - + diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal.pm index 07a7ae9eb..9bf11922f 100644 --- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal.pm +++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal.pm @@ -75,7 +75,7 @@ SOAP mode authentication (client) : my $soap = SOAP::Lite->proxy('http://auth.example.com/') - ->uri('urn:/Lemonldap::NG::Portal::SharedConf'); + ->uri('urn:/Lemonldap::NG::Common::::CGI::SOAPService'); my $r = $soap->getCookies( 'user', 'password' ); # Catch SOAP errors diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/SharedConf.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/SharedConf.pm index c1e958ddd..7f674eb8f 100644 --- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/SharedConf.pm +++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/SharedConf.pm @@ -123,7 +123,7 @@ SOAP mode authentication (client) : my $soap = SOAP::Lite->proxy('http://auth.example.com/') - ->uri('urn:/Lemonldap::NG::Portal::SharedConf'); + ->uri('urn:/Lemonldap::NG::Common::::CGI::SOAPService'); my $r = $soap->getCookies( 'user', 'password' ); # Catch SOAP errors diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm index 653027d75..18980813b 100644 --- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm +++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm @@ -95,7 +95,7 @@ sub new { binmode( STDOUT, ":utf8" ); my $class = shift; return $class if ( ref($class) ); - $self = $class->SUPER::new(); + my $self = $class->SUPER::new(); $self->getConf(@_) or $self->abort( "Configuration error", "Unable to get configuration: $Lemonldap::NG::Common::Conf::msg" ); @@ -158,7 +158,7 @@ sub new { if ( $self->{notification} and $ENV{PATH_INFO} and $ENV{PATH_INFO} =~ "/notification" ) { require SOAP::Lite; $Lemonldap::NG::Portal::Notification::self = $self->{notifObject}; - $self->soapTest('Lemonldap::NG::Portal::Notification::newNotification'); + $self->soapTest('Lemonldap::NG::Portal::Notification::newNotification',$self->{notifObject}); $self->abort('Bad request', 'Only SOAP requests are accepted with "/notification"'); } if ( $self->{Soap} ) { @@ -450,7 +450,7 @@ sub safe { }"; print STDERR $@ if ($@); } - $safe->share( '$self', '&encode_base64', @t ); + $safe->share( '&encode_base64', @t ); return $safe; } @@ -475,7 +475,7 @@ _RETURN $getCookieResponse Response #@param password password #@return session => { error => code , cookies => { cookieName1 => value ,... } } sub getCookies { - my $class = shift; + my $self = shift; $self->{error} = PE_OK; ( $self->{user}, $self->{password} ) = ( shift, shift ); unless ( $self->{user} && $self->{password} ) { @@ -549,7 +549,7 @@ sub controlUrlOrigin { if ( $self->{urldc} =~ /(?:\0|<|'|"|`|\%(?:00|25|3C|22|27|2C))/ or ( $self->{urldc} !~ -m#^https?://(?:$self->{reVHosts}|(?:[^/]*)?$self->{domain})(?:/.*)?$# +m#^https?://(?:$self->{reVHosts}|(?:[^/]*)?$self->{domain})(?::\d+)?(?:/.*)?$# and not $self->param('logout') ) ) { @@ -698,6 +698,7 @@ sub setMacros { local $self = shift; $self->abort( __PACKAGE__ . ": Unable to get configuration" ) unless ( $self->getConf(@_) ); + $self->safe->share('$self'); while ( my ( $n, $e ) = each( %{ $self->{macros} } ) ) { $e =~ s/\$(\w+)/\$self->{sessionInfo}->{$1}/g; $self->{sessionInfo}->{$n} = $self->safe->reval($e); @@ -713,12 +714,9 @@ sub setMacros { sub setGroups { local $self = shift; my $groups; - - #foreach ( keys %{ $self->{groups} } ) { + $self->safe->share('$self'); while ( my ( $group, $expr ) = each %{ $self->{groups} } ) { $expr =~ s/\$(\w+)/\$self->{sessionInfo}->{$1}/g; - - # TODO : custom Functions $groups .= "$group " if ( $self->safe->reval($expr) ); } if ( $self->{ldapGroupBase} ) { @@ -919,7 +917,7 @@ SOAP mode authentication (client) : my $soap = SOAP::Lite->proxy('http://auth.example.com/') - ->uri('urn:/Lemonldap::NG::Portal::SharedConf'); + ->uri('urn:/Lemonldap::NG::Common::::CGI::SOAPService'); my $r = $soap->getCookies( 'user', 'password' ); # Catch SOAP errors