Fix session update (#1664)
This commit is contained in:
parent
e32e5adf59
commit
6e50f41687
|
@ -67,9 +67,12 @@ sub run {
|
||||||
$realSession->{$spk} = $req->{sessionInfo}->{$k};
|
$realSession->{$spk} = $req->{sessionInfo}->{$k};
|
||||||
$self->logger->debug("-> Store $k in realSession key: $spk");
|
$self->logger->debug("-> Store $k in realSession key: $spk");
|
||||||
}
|
}
|
||||||
|
$self->logger->debug("Delete $k");
|
||||||
|
delete $req->{sessionInfo}->{$k};
|
||||||
}
|
}
|
||||||
$req->{user} = $spoofId;
|
$req->{user} = $spoofId;
|
||||||
$spoofSession = $self->_userDatas($req);
|
$spoofSession = $self->_userDatas($req);
|
||||||
|
$spoofSession->{groups} ||= '';
|
||||||
|
|
||||||
# Merging SSO groups and hGroups & Dedup
|
# Merging SSO groups and hGroups & Dedup
|
||||||
if ( $self->{conf}->{impersonationMergeSSOgroups} ) {
|
if ( $self->{conf}->{impersonationMergeSSOgroups} ) {
|
||||||
|
@ -77,25 +80,22 @@ sub run {
|
||||||
my $spg = "$self->{conf}->{impersonationPrefix}groups";
|
my $spg = "$self->{conf}->{impersonationPrefix}groups";
|
||||||
my $sphg = "$self->{conf}->{impersonationPrefix}hGroups";
|
my $sphg = "$self->{conf}->{impersonationPrefix}hGroups";
|
||||||
my $separator = $self->{conf}->{multiValuesSeparator};
|
my $separator = $self->{conf}->{multiValuesSeparator};
|
||||||
if ( $spoofSession->{groups}
|
$spoofSession->{groups} ||= '';
|
||||||
or $realSession->{$spg} )
|
$realSession->{$spg} ||= '';
|
||||||
{
|
|
||||||
$self->logger->debug("Processing groups...");
|
$self->logger->debug("Processing groups...");
|
||||||
my @spoofGrps = my @realGrps = ();
|
my @spoofGrps = my @realGrps = ();
|
||||||
@spoofGrps = split /\Q$separator/, $spoofSession->{groups}
|
@spoofGrps = split /\Q$separator/, $spoofSession->{groups};
|
||||||
if $spoofSession->{groups};
|
@realGrps = split /\Q$separator/, $realSession->{$spg};
|
||||||
@realGrps = split /\Q$separator/, $realSession->{$spg}
|
@spoofGrps = ( @spoofGrps, @realGrps );
|
||||||
if $realSession->{$spg};
|
my %hash = map { $_, 1 } @spoofGrps;
|
||||||
@spoofGrps = ( @spoofGrps, @realGrps );
|
$spoofSession->{groups} = join $separator, sort keys %hash;
|
||||||
my %hash = map { $_, 1 } @spoofGrps;
|
|
||||||
$spoofSession->{groups} = join $separator, sort keys %hash;
|
|
||||||
|
|
||||||
$self->logger->debug("Processing hGroups...");
|
$self->logger->debug("Processing hGroups...");
|
||||||
$spoofSession->{hGroups} ||= {};
|
$spoofSession->{hGroups} ||= {};
|
||||||
$realSession->{$sphg} ||= {};
|
$realSession->{$sphg} ||= {};
|
||||||
$spoofSession->{hGroups} = { %{ $spoofSession->{hGroups} },
|
$spoofSession->{hGroups} = { %{ $spoofSession->{hGroups} },
|
||||||
%{ $realSession->{$sphg} } };
|
%{ $realSession->{$sphg} } };
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create spoofed session
|
# Create spoofed session
|
||||||
|
|
|
@ -28,7 +28,7 @@ my $client = LLNG::Manager::Test->new( {
|
||||||
ok(
|
ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
'/',
|
'/',
|
||||||
IO::String->new('user=rtyler&password=rtyler'),
|
IO::String->new('user=msmith&password=msmith'),
|
||||||
length => 27,
|
length => 27,
|
||||||
accept => 'text/html',
|
accept => 'text/html',
|
||||||
),
|
),
|
||||||
|
|
|
@ -10,7 +10,7 @@ my $res;
|
||||||
|
|
||||||
my $client = LLNG::Manager::Test->new(
|
my $client = LLNG::Manager::Test->new(
|
||||||
{ ini => {
|
{ ini => {
|
||||||
logLevel => 'debug',
|
logLevel => 'error',
|
||||||
authentication => 'Demo',
|
authentication => 'Demo',
|
||||||
userDB => 'Same',
|
userDB => 'Same',
|
||||||
loginHistoryEnabled => 0,
|
loginHistoryEnabled => 0,
|
||||||
|
@ -21,7 +21,7 @@ my $client = LLNG::Manager::Test->new(
|
||||||
impersonationRule => 1,
|
impersonationRule => 1,
|
||||||
checkUserDisplayPersistentInfo => 0,
|
checkUserDisplayPersistentInfo => 0,
|
||||||
checkUserDisplayEmptyValues => 0,
|
checkUserDisplayEmptyValues => 0,
|
||||||
impersonationMergeSSOgroups => 1,
|
impersonationMergeSSOgroups => 0,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
@ -91,9 +91,11 @@ ok( $res->[2]->[0]
|
||||||
) or explain( $res->[2]->[0], 'trspan="allowed"' );
|
) or explain( $res->[2]->[0], 'trspan="allowed"' );
|
||||||
ok( $res->[2]->[0] =~ m%<span trspan="headers">%, 'Found trspan="headers"' )
|
ok( $res->[2]->[0] =~ m%<span trspan="headers">%, 'Found trspan="headers"' )
|
||||||
or explain( $res->[2]->[0], 'trspan="headers"' );
|
or explain( $res->[2]->[0], 'trspan="headers"' );
|
||||||
ok( $res->[2]->[0] =~ m%<span trspan="groups_sso">%,
|
|
||||||
'Found trspan="groups_sso"' )
|
ok( $res->[2]->[0] !~ m%<span trspan="groups_sso">%,
|
||||||
|
'trspan="groups_sso" NOT found' )
|
||||||
or explain( $res->[2]->[0], 'trspan="groups_sso"' );
|
or explain( $res->[2]->[0], 'trspan="groups_sso"' );
|
||||||
|
|
||||||
ok( $res->[2]->[0] =~ m%<span trspan="macros">%, 'Found trspan="macros"' )
|
ok( $res->[2]->[0] =~ m%<span trspan="macros">%, 'Found trspan="macros"' )
|
||||||
or explain( $res->[2]->[0], 'trspan="macros"' );
|
or explain( $res->[2]->[0], 'trspan="macros"' );
|
||||||
ok( $res->[2]->[0] =~ m%<span trspan="attributes">%,
|
ok( $res->[2]->[0] =~ m%<span trspan="attributes">%,
|
||||||
|
@ -106,16 +108,25 @@ ok( $res->[2]->[0] =~ m%<td class="align-middle">Auth-User</td>%,
|
||||||
'Found Auth-User' )
|
'Found Auth-User' )
|
||||||
or explain( $res->[2]->[0], 'Header Key: Auth-User' );
|
or explain( $res->[2]->[0], 'Header Key: Auth-User' );
|
||||||
ok( $res->[2]->[0] =~ m%<td class="align-middle">dwho</td>%,
|
ok( $res->[2]->[0] =~ m%<td class="align-middle">dwho</td>%,
|
||||||
'Found rtyler' )
|
'Found dwho' )
|
||||||
or explain( $res->[2]->[0], 'Header Value: dwho' );
|
or explain( $res->[2]->[0], 'Header Value: dwho' );
|
||||||
ok( $res->[2]->[0] =~ m%<td class="align-middle">su</td>%, 'Found su' )
|
|
||||||
or explain( $res->[2]->[0], 'SSO Groups: su' );
|
|
||||||
ok( $res->[2]->[0] =~ m%<td class="align-middle">_whatToTrace</td>%,
|
ok( $res->[2]->[0] =~ m%<td class="align-middle">_whatToTrace</td>%,
|
||||||
'Found _whatToTrace' )
|
'Found _whatToTrace' )
|
||||||
or explain( $res->[2]->[0], 'Macro Key _whatToTrace' );
|
or explain( $res->[2]->[0], 'Macro Key _whatToTrace' );
|
||||||
ok( $res->[2]->[0] =~ m%<td class="text-left">uid</td>%, 'Found uid' )
|
ok( $res->[2]->[0] =~ m%<td class="text-left">real_groups</td>%,
|
||||||
or explain( $res->[2]->[0], 'Attribute Value uid' );
|
'Found real_groups' )
|
||||||
count(12);
|
or explain( $res->[2]->[0], 'real_groups' );
|
||||||
|
ok( $res->[2]->[0] =~ m%<td class="text-left">su</td>%,
|
||||||
|
'Found su' )
|
||||||
|
or explain( $res->[2]->[0], 'su' );
|
||||||
|
ok( $res->[2]->[0] =~ m%<td class="text-left">real_uid</td>%,
|
||||||
|
'Found real_uid' )
|
||||||
|
or explain( $res->[2]->[0], 'real_groups' );
|
||||||
|
ok( $res->[2]->[0] =~ m%<td class="text-left">rtyler</td>%,
|
||||||
|
'Found rtyler' )
|
||||||
|
or explain( $res->[2]->[0], 'su' );
|
||||||
|
count(14);
|
||||||
|
|
||||||
|
|
||||||
$client->logout($id);
|
$client->logout($id);
|
||||||
|
|
|
@ -35,7 +35,7 @@
|
||||||
"key": "qwertyui",
|
"key": "qwertyui",
|
||||||
"locationRules": {
|
"locationRules": {
|
||||||
"auth.example.com" : {
|
"auth.example.com" : {
|
||||||
"(?#checkUser)^/checkuser" : "$uid eq \"dwho\"",
|
"(?#checkUser)^/checkuser" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
|
||||||
"(?#errors)^/lmerror/": "accept",
|
"(?#errors)^/lmerror/": "accept",
|
||||||
"default" : "accept"
|
"default" : "accept"
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in New Issue
Block a user