From 71a8fc6d1618876cb85cd142a40688092628969f Mon Sep 17 00:00:00 2001
From: Maxime Besson <maxime.besson@worteks.com>
Date: Sat, 1 May 2021 20:54:27 +0200
Subject: [PATCH] Skip registration of CAS App when config has errors (#2525)

---
 .../lib/Lemonldap/NG/Portal/Lib/CAS.pm        | 45 ++++++++++++-------
 1 file changed, 30 insertions(+), 15 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/CAS.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/CAS.pm
index 9d9745d3e..f32fd3633 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/CAS.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/CAS.pm
@@ -47,45 +47,60 @@ sub loadSrv {
 # Load CAS application list
 sub loadApp {
     my ($self) = @_;
-    if ( $self->conf->{casAppMetaDataOptions}
+    unless ( $self->conf->{casAppMetaDataOptions}
         and %{ $self->conf->{casAppMetaDataOptions} } )
     {
-        $self->casAppList( $self->conf->{casAppMetaDataOptions} );
-    }
-    else {
         $self->logger->info("No CAS apps found in configuration");
     }
 
     foreach ( keys %{ $self->conf->{casAppMetaDataOptions} } ) {
 
+        my $valid = 1;
+
         # Load access rule
-        my $rule = $self->conf->{casAppMetaDataOptions}->{$_}
+        my $rule =
+          $self->conf->{casAppMetaDataOptions}->{$_}
           ->{casAppMetaDataOptionsRule};
         if ( length $rule ) {
             $rule = $self->p->HANDLER->substitute($rule);
             unless ( $rule = $self->p->HANDLER->buildSub($rule) ) {
-                $self->error( 'CAS App rule error: '
+                $self->logger->error(
+                    "Unable to build access rule for CAS Application $_: "
                       . $self->p->HANDLER->tsv->{jail}->error );
-                return 0;
+                $valid = 0;
             }
-            $self->spRules->{$_} = $rule;
         }
 
         # Load per-application macros
-        my $macros = $self->conf->{casAppMetaDataMacros}->{$_};
+        my $macros         = $self->conf->{casAppMetaDataMacros}->{$_};
+        my $compiledMacros = {};
         for my $macroAttr ( keys %{$macros} ) {
             my $macroRule = $macros->{$macroAttr};
             if ( length $macroRule ) {
                 $macroRule = $self->p->HANDLER->substitute($macroRule);
-                unless ( $macroRule = $self->p->HANDLER->buildSub($macroRule) )
-                {
-                    $self->error( 'SAML SP macro error: '
-                          . $self->p->HANDLER->tsv->{jail}->error );
-                    return 0;
+                if ( $macroRule = $self->p->HANDLER->buildSub($macroRule) ) {
+                    $compiledMacros->{$macroAttr} = $macroRule;
+                }
+                else {
+                    $self->logger->error(
+"Unable to build macro $macroAttr for CAS Application $_: "
+                          . $self->p->HANDLER->tsv->{jail}->error );
+                    $valid = 0;
                 }
-                $self->spMacros->{$_}->{$macroAttr} = $macroRule;
             }
         }
+
+        if ($valid) {
+            $self->casAppList->{$_} =
+              $self->conf->{casAppMetaDataOptions}->{$_};
+            $self->spRules->{$_}  = $rule;
+            $self->spMacros->{$_} = $compiledMacros;
+        }
+        else {
+            $self->logger->error(
+                "CAS Application $_ has errors and will be ignored");
+
+        }
     }
     return 1;
 }