Append contextSwitching prefix parameter (#1783)
This commit is contained in:
Christophe Maudoux
parent
e11c189141
commit
30f6a889de
|
|
@ -41,6 +41,7 @@ sub defaultValues {
|
|||
'checkXSS' => 1,
|
||||
'confirmFormMethod' => 'post',
|
||||
'contextSwitchingIdRule' => 1,
|
||||
'contextSwitchingPrefix' => 'switching',
|
||||
'contextSwitchingRule' => 0,
|
||||
'contextSwitchingStopWithLogout' => 1,
|
||||
'cookieName' => 'lemonldap',
|
||||
|
|
|
|||
|
|
@ -1004,6 +1004,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
},
|
||||
'type' => 'text'
|
||||
},
|
||||
'contextSwitchingPrefix' => {
|
||||
'default' => 'switching',
|
||||
'type' => 'text'
|
||||
},
|
||||
'contextSwitchingRule' => {
|
||||
'default' => 0,
|
||||
'type' => 'boolOrExpr'
|
||||
|
|
|
|||
|
|
@ -550,6 +550,12 @@ sub attributes {
|
|||
documentation => 'Stop context switching by logout',
|
||||
flags => 'p',
|
||||
},
|
||||
contextSwitchingPrefix => {
|
||||
type => 'text',
|
||||
default => 'switching',
|
||||
documentation => 'Prefix to store real session Id',
|
||||
flags => 'p',
|
||||
},
|
||||
decryptValueRule => {
|
||||
type => 'boolOrExpr',
|
||||
default => 0,
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ my @notManagedAttributes = (
|
|||
# Other ini-only prms
|
||||
'checkTime', 'status', 'soapProxyUrn',
|
||||
'impersonationPrefix', 'pdataDomain',
|
||||
'mySessionAuthorizedRWKeys',
|
||||
'mySessionAuthorizedRWKeys', 'contextSwitchingPrefix'
|
||||
);
|
||||
|
||||
# Words used either as attribute name and node title
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@ sub init {
|
|||
sub display {
|
||||
my ( $self, $req ) = @_;
|
||||
my $realSessionId =
|
||||
$req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"};
|
||||
$req->userData->{"$self->{conf}->{contextSwitchingPrefix}_session_id"};
|
||||
my $realSession;
|
||||
unless ( $realSession = $self->p->getApacheSession($realSessionId) ) {
|
||||
$self->userLogger->info(
|
||||
|
|
@ -85,14 +85,14 @@ sub display {
|
|||
|
||||
# Check access rules
|
||||
unless ( $self->rule->( $req, $req->userData )
|
||||
|| $req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"} )
|
||||
|| $req->userData->{"$self->{conf}->{contextSwitchingPrefix}_session_id"} )
|
||||
{
|
||||
$self->userLogger->warn('ContextSwitching service NOT authorized');
|
||||
return $self->p->do( $req,
|
||||
[ sub { PE_IMPERSONATION_SERVICE_NOT_ALLOWED } ] );
|
||||
}
|
||||
|
||||
if ( $req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"} ) {
|
||||
if ( $req->userData->{"$self->{conf}->{contextSwitchingPrefix}_session_id"} ) {
|
||||
$self->logger->debug('Request to stop ContextSwitching');
|
||||
if ( $self->conf->{contextSwitchingStopWithLogout} ) {
|
||||
$self->userLogger->notice("Stop ContextSwitching for $req->{user}");
|
||||
|
|
@ -233,7 +233,7 @@ sub _switchContext {
|
|||
$raz = 1;
|
||||
}
|
||||
|
||||
$req->sessionInfo->{"$self->{conf}->{impersonationPrefix}_session_id"} =
|
||||
$req->sessionInfo->{"$self->{conf}->{contextSwitchingPrefix}_session_id"} =
|
||||
$realSessionId;
|
||||
|
||||
if ($raz) {
|
||||
|
|
@ -263,7 +263,7 @@ sub _abortImpersonation {
|
|||
my ( $self, $req, $spoofId, $realId, $abort ) = @_;
|
||||
my $type = $abort ? 'sessionInfo' : 'userData';
|
||||
my $realSessionId =
|
||||
$req->{$type}->{"$self->{conf}->{impersonationPrefix}_session_id"};
|
||||
$req->{$type}->{"$self->{conf}->{contextSwitchingPrefix}_session_id"};
|
||||
my $session;
|
||||
unless ( $session = $self->p->getApacheSession($realSessionId) ) {
|
||||
$self->userLogger->info("Session $session expired");
|
||||
|
|
@ -293,7 +293,7 @@ sub _abortImpersonation {
|
|||
$req->urldc( $self->conf->{portal} );
|
||||
$req->id($realSessionId);
|
||||
$self->p->buildCookie($req);
|
||||
delete $req->{$type}->{"$self->{conf}->{impersonationPrefix}_session_id"};
|
||||
delete $req->{$type}->{"$self->{conf}->{contextSwitchingPrefix}_session_id"};
|
||||
|
||||
return $req;
|
||||
}
|
||||
|
|
@ -301,7 +301,7 @@ sub _abortImpersonation {
|
|||
sub displayLink {
|
||||
my ( $self, $req ) = @_;
|
||||
return 'OFF'
|
||||
if $req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"};
|
||||
if $req->userData->{"$self->{conf}->{contextSwitchingPrefix}_session_id"};
|
||||
return 'ON' if $self->rule->( $req, $req->userData );
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -13,19 +13,19 @@ my $client = LLNG::Manager::Test->new( {
|
|||
logLevel => 'error',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
https => 0,
|
||||
loginHistoryEnabled => 0,
|
||||
brutForceProtection => 0,
|
||||
portalMainLogo => 'common/logos/logo_llng_old.png',
|
||||
requireToken => 1,
|
||||
checkUser => 1,
|
||||
impersonationPrefix => 'testPrefix_',
|
||||
securedCookie => 0,
|
||||
https => 0,
|
||||
checkUserDisplayPersistentInfo => 0,
|
||||
checkUserDisplayEmptyValues => 0,
|
||||
contextSwitchingRule => 1,
|
||||
contextSwitchingIdRule => 1,
|
||||
contextSwitchingStopWithLogout => 1,
|
||||
contextSwitchingPrefix => 'testPrefix_',
|
||||
}
|
||||
}
|
||||
);
|
||||
|
|
@ -109,7 +109,7 @@ ok(
|
|||
);
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
m%<div class="message message-negative alert"><span trmsg="82"></span>%,
|
||||
m%<div class="message message-negative alert"><span trmsg="82"></span>%,
|
||||
'Found "<span trmsg="82">"'
|
||||
) or explain( $res->[2]->[0], '<span trmsg="82">' );
|
||||
count(3);
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user