LEMONLDAP::NG : New feature: configurations management (next; last, previous, delete)

build/lemonldap-ng/INSTALL

@@ -168,8 +168,8 @@ else for a complete install:
 
 See prereq in §1.1.2
 
-2.3 - LEMONLDAP INSTALLATION
-----------------------------
+2.3 - LEMONLDAP::NG INSTALLATION
+--------------------------------
 
 2.3.1 - Database configuration
 
@@ -202,7 +202,7 @@ example with MySQL:
                         dbiPassword => "mypass",
                  } );
 
-Securise Manager access with Apache: Lemonldap does not securise the manager
+Securise Manager access with Apache: Lemonldap::NG does not securise the manager
 itself yet:
 
   SSLEngine On

build/lemonldap-ng/TODO

@@ -2,10 +2,8 @@ Lemonldap::NG TODO
 ------------------
 TODO list for Lemonldap::NG development
 
-- Priority: High	Status: In progress	Created: 2007\04\21 13-13-25
-Buttons to manage configurations (delete, next, previous, last,...)
-	- Priority: Low	Status: N/A	Created: 2007\05\03 11-40-36
-	Delete buttons in virtualHosts if 'read"-"only'
+- Priority: Low	Status: N/A	Created: 2007\05\03 11-40-36
+Delete buttons in virtualHosts if 'read"-"only'
 - Priority: Normal	Status: Planning	Created: 2007\05\03 12-28-30
 Modify example to use nameVirtualHost instead of 127.0.0.x adresses
 - Priority: Normal	Status: In progress	Created: 2007\05\03 10-41-36

build/lemonldap-ng/_example/index.pl

@@ -40,7 +40,7 @@ foreach(keys %$headers) {
     </tr>\n"
 }
 print '</table>
-<p>Note that lemonldap cookie is hidden. So that application developpers can
+<p>Note that Lemonldap::NG cookie is hidden. So that application developpers can
 not spoof sessions.</p>
 <p>You can access to any information (IP address or LDAP attribute) by customizing
 exported headers with the

build/lemonldap-ng/debian/changelog

@@ -9,6 +9,7 @@ lemonldap-ng (0.8.1.2) unstable; urgency=low
   * New debian structure: lemonldap-ng is splitted in 5 packages, default
     configuration file has moved to /var/lib/lemonldap-ng/conf/ and first
     configuration file is managed by debconf
+  * Buttons to manage configurations in manager (next, previous, last, delete)
 
  -- Xavier Guimard <x.guimard@free.fr>  Thu, 03 May 2007 10:39:51 +0200
 

build/lemonldap-ng/doc/overview.html

@@ -37,9 +37,9 @@ authenticates user with a ldap bind by default, but you can also use another
 authentication sheme like using x509 user certificates (see
 Lemonldap::NG::Portal::AuthSSL(3) for more).</p>
 
-<p>Lemonldap use session cookies generated by Apache::Session so as secure as a
-128-bit random cookie. You may use the securedCookie options to avoid session
-hijacking.</p>
+<p>Lemonldap::NG use session cookies generated by Apache::Session so as secure
+as a 128-bit random cookie. You may use the securedCookie options to avoid
+session hijacking.</p>
 
 <p>You have to manage life of sessions by yourself since Lemonldap::NG knows
 nothing about the L<Apache::Session> module you've choosed, but it's very easy

modules/lemonldap-ng-handler/README

@@ -54,7 +54,7 @@ authenticates user with a ldap bind by default, but you can also use another
 authentication sheme like using x509 user certificates (see
 Lemonldap::NG::Portal::AuthSSL(3) for more).
 
-Lemonldap use session cookies generated by Apache::Session so as secure as a
+Lemonldap::NG use session cookies generated by Apache::Session so as secure as a
 128-bit random cookie. You may use the securedCookie options to avoid session
 hijacking.
 

modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler.pm

@@ -96,8 +96,8 @@ authenticates user with a ldap bind by default, but you can also use another
 authentication sheme like using x509 user certificates (see
 L<Lemonldap::NG::Portal::AuthSSL> for more).
 
-Lemonldap use session cookies generated by L<Apache::Session> so as secure as a
-128-bit random cookie. You may use the C<securedCookie> options of
+Lemonldap::NG use session cookies generated by L<Apache::Session> so as secure
+as a 128-bit random cookie. You may use the C<securedCookie> options of
 L<Lemonldap::NG::Portal> to avoid session hijacking.
 
 You have to manage life of sessions by yourself since Lemonldap::NG knows

modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Simple.pm

@@ -417,7 +417,7 @@ sub forbidden {
     return FORBIDDEN;
 }
 
-# hideCookie : hide Lemonldap cookie to the protected application
+# hideCookie : hide Lemonldap::NG cookie to the protected application
 sub hideCookie {
     my $class = shift;
     $class->lmLog( "$class: removing cookie", 'debug' );
@@ -521,7 +521,7 @@ sub run ($$) {
     $class->sendHeaders;
 
     # SECURITY
-    # Hide Lemonldap cookie
+    # Hide Lemonldap::NG cookie
     $class->hideCookie;
     OK;
 }
@@ -695,7 +695,7 @@ method itself.
 
 =item B<cookieName> (default: lemon)
 
-Name of the cookie used by the Lemonldap infrastructure.
+Name of the cookie used by the Lemonldap::NG infrastructure.
 
 =item B<portal> (required)
 

modules/lemonldap-ng-manager/Changes

@@ -9,6 +9,7 @@ Revision history for Perl extension Lemonldap::NG::Manager.
 	- whatToTrace parameter in configuration interface
 	- Fix tree bug when an hash ref is not defined
 	- More tests
+	- Next and previous conf
 
 0.61  Thu Mar 29 21:45:44 2007
 	- configuration is checked before saving

modules/lemonldap-ng-manager/README

@@ -53,7 +53,7 @@ authenticates user with a ldap bind by default, but you can also use another
 authentication sheme like using x509 user certificates (see
 Lemonldap::NG::Portal::AuthSSL(3) for more).
 
-Lemonldap use session cookies generated by Apache::Session so as secure as a
+Lemonldap::NG use session cookies generated by Apache::Session so as secure as a
 128-bit random cookie. You may use the securedCookie options to avoid session
 hijacking.
 

modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm

@@ -100,11 +100,27 @@ sub print_help {
     eval { no strict "refs"; &{"help_$chap"} };
 }
 
+# Delete subroutine
+
+sub print_delete {
+    my $self = shift;
+    print $self->header;
+    Lemonldap::NG::Manager::Help::import( $ENV{HTTP_ACCEPT_LANGUAGE} )
+      unless ( $self->can('help_groups') );
+    if ( $self->config->delete ( $self->param ( 'cfgNum' ) ) ) {
+        print &txt_configurationDeleted;
+    }
+    else {
+        print &txt_configurationNotDeleted;
+    }
+    exit;
+}
+
 # Configuration download subroutines
 sub print_conf {
     my $self = shift;
     print $self->header( -type => "text/xml", '-Cache-Control' => 'private' );
-    $self->printXmlConf;
+    $self->printXmlConf( { cfgNum => $self->param ( 'cfgNum' ), } );
     exit;
 }
 
@@ -118,7 +134,7 @@ sub default {
 sub printXmlConf {
     my $self   = shift;
     print XMLout(
-        $self->buildTree,
+        $self->buildTree( @_ ),
         #XMLDecl  => "<?xml version='1.0' encoding='iso-8859-1'?>",
         RootName => 'tree',
         KeyAttr  => { item => 'id', username => 'name' },
@@ -128,7 +144,7 @@ sub printXmlConf {
 
 sub buildTree {
     my $self   = shift;
-    my $config = $self->config->getConf();
+    my $config = $self->config->getConf( @_ );
     $config = $self->default unless ($config);
     my $tree = {
         id   => '0',

modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm

@@ -65,6 +65,10 @@ sub getConf {
     my ( $self, $args ) = @_;
     $args->{cfgNum} ||= $self->lastCfg;
     return undef unless $args->{cfgNum};
+    if ( $args->{cfgNum}<0 ) {
+        my @a = $self->available();
+        $args->{cfgNum} = ( @a + $args->{cfgNum} >0 ) ? ( $a[ $#a + $args->{cfgNum} ] ) : $a[0];
+    }
     my $fields = $self->load( $args->{cfgNum}, $args->{fields} );
     my $conf;
     while ( my ( $k, $v ) = each(%$fields) ) {
@@ -111,6 +115,13 @@ sub load {
     return &{$_[0]->{type}.'::load'}(@_);
 }
 
+sub delete {
+    my($self, $c) = @_;
+    my @a = $self->available();
+    return 0 unless ( @a + $c >0 );
+    return &{$self->{type}.'::delete'}( $self, $a[ $#a + $c ] );
+}
+
 1;
 __END__
 

modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/DBI.pm

@@ -6,7 +6,7 @@ use Storable qw(freeze thaw);
 use MIME::Base64;
 use Lemonldap::NG::Manager::Conf::Constants;
 
-our $VERSION = 0.13;
+our $VERSION = 0.14;
 
 sub prereq {
     my $self = shift;
@@ -106,6 +106,11 @@ sub load {
     return $row;
 }
 
+sub delete {
+    my ( $self, $cfgNum ) = @_;
+    $self->dbh->do( "DELETE from " . $self->{dbiTable} . " WHERE cfgNum=$cfgNum" );
+}
+
 sub logError {
     my $self = shift;
     print STDERR "Database error: " . $self->dbh->errstr . "\n";

modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/File.pm

@@ -3,7 +3,7 @@ package Lemonldap::NG::Manager::Conf::File;
 use strict;
 use Lemonldap::NG::Manager::Conf::Constants;
 
-our $VERSION = 0.21;
+our $VERSION = 0.22;
 
 sub prereq {
     my $self = shift;
@@ -96,4 +96,9 @@ sub load {
     return $f;
 }
 
+sub delete {
+    my ( $self, $cfgNum ) = @_;
+    unlink ( $self->{dirName} . "/lmConf-$cfgNum" );
+}
+
 __END__

modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Help.pm

@@ -54,7 +54,7 @@ sub help_authParams_fr {
 <h3>Param&egrave;tres d'authentification</h3>
 <dl>
 <dt> Type d'authentification </dt>
-<dd> Le sch&eacute;ma classique d'authentification Lemonldap;;NG consiste &agrave; utiliser une
+<dd> Le sch&eacute;ma classique d'authentification Lemonldap::NG consiste &agrave; utiliser une
 authentification par LDAP. Vous pouvez changer ceci en "SSL" par exemple.</dd>
 
 <dt> Portail </dt>
@@ -277,7 +277,7 @@ corresponding parameters&nbsp;:</p>
 <ul>
   <li>Module =&gt; Apache::Session::File, <br>options :
     <ul>
-      <li> Directory =&gt; /var/cache/lemonldap</li>
+      <li> Directory =&gt; /var/lib/lemonldap-ng/sessions</li>
     </ul>
   </li>
   <li>Module =&gt; Apache::Session::MySQL, <br>options :
@@ -307,7 +307,7 @@ indiquer les param&egrave;tres correspondants &agrave; ce module&nbsp;:</p>
 <ul>
   <li>Module =&gt; Apache::Session::File, <br>options :
     <ul>
-      <li> Directory =&gt; /var/cache/lemonldap</li>
+      <li> Directory =&gt; /var/lib/lemonldap-ng/sessions</li>
     </ul>
   </li>
   <li>Module =&gt; Apache::Session::MySQL, <br>options :

modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_HTML.pm

@@ -8,7 +8,7 @@ use AutoLoader qw(AUTOLOAD);
 require Lemonldap::NG::Manager::_i18n;
 use Lemonldap::NG::Manager::Conf::Constants;
 
-our $VERSION = '0.26';
+our $VERSION = '0.27';
 
 # TODO: Delete buttons in headers and rules if 'read-only'
 
@@ -81,15 +81,18 @@ sub javascript {
                newRule newHeader httpHeaders waitingResult unknownError
                configurationWasChanged configLoaded warningConfNotApplied
                applyConf prevConf lastConf nextConf deleteVirtualHost
-               areYouSure syntaxError)) {
+               areYouSure syntaxError deleteConf confirmDeleteConf)) {
         $text{$_} = &{"txt_$_"};
         $text{$_} =~s/'/\\'/g;
     }
     print qq#
-function loadConf() {
+function loadConf(n) {
   document.body.style.cursor='wait';
+  document.getElementById('treeBox').innerHTML='';
+  tree=new dhtmlXTreeObject(document.getElementById('treeBox'),"100%","100%",0);
+  tree.setImagePath("$self->{dhtmlXTreeImageLocation}");
   tree.setXMLAutoLoading("$ENV{SCRIPT_NAME}?lmQuery=conf");
-  tree.loadXML("$ENV{SCRIPT_NAME}?lmQuery=conf");
+  tree.loadXML("$ENV{SCRIPT_NAME}?lmQuery=conf&cfgNum="+n);
   tree.setOnClickHandler(onNodeSelect);
   tree.selectItem('virtualHosts',true,false);
   document.getElementById('help').innerHTML='<h3>$text{configLoaded}</h3>';
@@ -106,9 +109,7 @@ window.onload=function(){
   s3=new xSplitter('idSplitter3',0,0,w,h,true,4,w/4,w/8,true,4,null,s32);
   X.addEventListener(window,'resize',win_onresize,false);
   document.getElementById('help').innerHTML='<h3>$text{waitingResult}</h3>';
-  tree=new dhtmlXTreeObject(document.getElementById('treeBox'),"100%","100%",0);
-  tree.setImagePath("$self->{dhtmlXTreeImageLocation}");
-  loadConf();
+  loadConf(0);
 };
 
 function win_onresize(){
@@ -201,9 +202,10 @@ function onNodeSelect(nodeId) {
   }
   if(tree.getUserData(nodeId,"modif")=='both') but+=button('$text{deleteNode}','deleteNode',nodeId);
   but+=button('$text{saveConf}','saveConf',nodeId);
-  /*if(nodeId == 'root') but+=button('$text{prevConf}','prevConf',nodeId)
+  if(nodeId == 'root') but+=button('$text{prevConf}','prevConf',nodeId)
                            +button('$text{nextConf}','nextConf',nodeId)
-                           +button('$text{lastConf}','lastConf',nodeId);*/
+                           +button('$text{lastConf}','lastConf',nodeId)
+                           +button('$text{deleteConf}','deleteConf',nodeId);
   #;
     if( $self->{applyConfFile} ) {
         print "but+=button('$text{applyConf}','applyConf',nodeId);";
@@ -368,10 +370,35 @@ function applyConf(){
   xhr_object.send(null);
 }
 
+var previous = 0;
 function prevConf(){
+  previous--;
+  loadConf(previous);
 }
 
 function nextConf(){
+  if(previous<0){
+    previous++;
+    loadConf(previous);
+  }
+}
+
+function lastConf(){
+  previous=0;
+  loadConf(0);
+}
+
+function deleteConf(){
+  if(!(confirm('$text{confirmDeleteConf}'))) return 0;
+  previous=0;
+  xhr_object.open('GET', "$ENV{SCRIPT_NAME}?lmQuery=delete&cfgNum="+previous,true);
+  xhr_object.onreadystatechange = function() { 
+    if(xhr_object.readyState == 4){
+      document.getElementById('help').innerHTML=xhr_object.responseText;
+      loadConf(0);
+    } 
+  }
+  xhr_object.send(null);
 }
 
 function ec(s){

modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm

@@ -90,6 +90,10 @@ sub fr {
         areYouSure              => 'Etes vous sur ?',
         syntaxError             => 'Erreur de syntaxe, configuration refusée. Consultez les journaux du serveur web.',
         whatToTrace             => "Donnée à inscrire dans les journaux d'Apache",
+        deleteConf              => 'Effacer',
+        confirmDeleteConf       => "Vous allez effacer cette configuration. Confirmez-vous ?",
+        configurationDeleted    => 'Configuration éffacée',
+        configurationNotDeleted => 'Configuration non éffacée',
     };
 }
 
@@ -149,5 +153,9 @@ sub en {
         areYouSure              => 'Are you sure ?',
         syntaxError             => 'Syntax error, configuration refused. See web server logs for more.',
         whatToTrace             => "Attribute to use in Apache's logs",
+        deleteConf              => 'Delete',
+        confirmDeleteConf       => "You're going to delete configuration. Do you confirm ?",
+        configurationDeleted    => 'Configuration deleted',
+        configurationNotDeleted => 'Configuration not deleted',
     };
 }

modules/lemonldap-ng-portal/example/slavePortal.pl

@@ -80,7 +80,7 @@ my $portal = Lemonldap::NG::Portal::CDA->new(
         authenticate => sub { PE_OK },
 
         # If no Lemonldap::NG protected application is in the same domaine than
-        # the portal, it is recommended to not set a lemonldap cookie in the
+        # the portal, it is recommended to not set a lemonldap::NG cookie in the
         # other domain :
         #     Lemonldap::NG::Handler protect its cookie from remote application
         #     (to avoid developers to spoof an identity), but the master SSO

modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal.pm

@@ -79,11 +79,11 @@ authenticates user with a ldap bind by default, but you can also use another
 authentication sheme like using x509 user certificates (see
 L<Lemonldap::NG::Portal::AuthSSL> for more).
 
-Lemonldap use session cookies generated by L<Apache::Session> so as secure as a
+Lemonldap::NG use session cookies generated by L<Apache::Session> so as secure as a
 128-bit random cookie. You may use the C<securedCookie> options of
 L<Lemonldap::NG::Portal> to avoid session hijacking.
 
-You have to manage life of sessions by yourself since Lemonldap knows nothing
+You have to manage life of sessions by yourself since Lemonldap::NG knows nothing
 about the L<Apache::Session> module you've choosed, but it's very easy using a
 simple cron script because L<Lemonldap::NG::Portal> stores the start time in the
 C<_utime> field.
@@ -203,7 +203,7 @@ variable Apache has to use (C<$uid> by default).
 The real accounting has to be done by the application itself which knows the
 result of SQL transaction for example.
 
-Lemonldap can export http headers either using a proxy or protecting directly
+Lemonldap::NG can export http headers either using a proxy or protecting directly
 the application. By default, the C<User-Auth> field is used but you can change
 it using the C<exportedHeaders> parameters (stored in the configuration
 database). This parameters contains an associative array:
@@ -320,7 +320,7 @@ This library is free software; you can redistribute it and/or modify
 it under the same terms as Perl itself, either Perl version 5.8.4 or,
 at your option, any later version of Perl 5 you may have available.
 
-Lemonldap was originaly written by Eric German who decided to publish him in
+Lemonldap::NG was originaly written by Eric German who decided to publish him in
 2003 under the terms of the GNU General Public License version 2.
 Lemonldap::NG is a complete rewrite of Lemonldap and is able to have different
 policies in a same Apache virtual host.

modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm

@@ -100,7 +100,7 @@ sub error {
     return &Lemonldap::NG::Portal::_i18n::error( $self->{error}, $ENV{HTTP_ACCEPT_LANGUAGE} );
 }
 
-# Private sub used to bind to LDAP server both with Lemonldap account and user
+# Private sub used to bind to LDAP server both with Lemonldap::NG account and user
 # credentials if LDAP authentication is used
 sub _bind {
     my ( $ldap, $dn, $password ) = @_;
@@ -276,7 +276,7 @@ sub connectLDAP {
     PE_OK;
 }
 
-# 6. LDAP bind with Lemonldap account or anonymous unless defined
+# 6. LDAP bind with Lemonldap::NG account or anonymous unless defined
 sub bind {
     my $self = shift;
     $self->connectLDAP unless ( $self->{ldap} );
@@ -338,7 +338,7 @@ sub setGroups {
     PE_OK;
 }
 
-# 11. Now, LDAP will not be used by Lemonldap except for LDAP
+# 11. Now, LDAP will not be used by Lemonldap::NG except for LDAP
 #     authentication scheme
 sub unbind {
     my $self = shift;
@@ -520,7 +520,7 @@ default, anonymous bind is used.
 
 =item * securedCookie: set it to 1 if you want to protect user cookies
 
-=item * cookieName: name of the cookie used by Lemonldap (lemon by default)
+=item * cookieName: name of the cookie used by Lemonldap::NG (lemon by default)
 
 =item * domain: cookie domain. You may have to give it else the SSO will work
 only on your server.
@@ -543,13 +543,13 @@ be set to:
 
 =head2 Methods that can be overloaded
 
-All the functions above can be overloaded to adapt Lemonldap to your
+All the functions above can be overloaded to adapt Lemonldap::NG to your
 environment. They MUST return one of the exported constants (see above)
 and are called in this order by process().
 
 =head3 controlUrlOrigin
 
-If the user was redirected by a Lemonldap NG handler, stores the url that will be
+If the user was redirected by a Lemonldap::NG handler, stores the url that will be
 used to redirect the user after authentication.
 
 =head3 controlExistingSession
@@ -620,7 +620,7 @@ Disconnects from the LDAP server.
 
 =head3 buildCookie
 
-Creates the Lemonldap cookie.
+Creates the Lemonldap::NG cookie.
 
 =head3 log
 
@@ -647,11 +647,11 @@ Non-object method used to bind to the ldap server.
 
 =head3 header
 
-Overloads the CGI::header method to add Lemonldap cookie.
+Overloads the CGI::header method to add Lemonldap::NG cookie.
 
 =head3 redirect
 
-Overloads the CGI::redirect method to add Lemonldap cookie.
+Overloads the CGI::redirect method to add Lemonldap::NG cookie.
 
 =head2 EXPORT