Merge branch 'v2.0'
This commit is contained in:
commit
72fc200631
@ -9,11 +9,11 @@
|
|||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<th><span trspan="rule"></span></th>
|
<th><span trspan="rule"></span></th>
|
||||||
<td><input id="rule" class="form-control" ng-model="currentNode.re" ng-change="changeRuleTitle(currentNode)"/></td>
|
<td><input id="rule" class="form-control" ng-model="currentNode.data" ng-change="changeRuleTitle(currentNode)"/></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<th><span trspan="message"></span></th>
|
<th><span trspan="message"></span></th>
|
||||||
<td><textarea rows="3" id="rulemessage" class="form-control" ng-model="currentNode.data"/></td>
|
<td><textarea rows="3" id="rulemessage" class="form-control" ng-model="currentNode.re"/></td>
|
||||||
</tr>
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
</div>
|
</div>
|
||||||
|
@ -3,7 +3,6 @@ package Lemonldap::NG::Portal::Auth::Choice;
|
|||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_FIRSTACCESS PE_ERROR);
|
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_FIRSTACCESS PE_ERROR);
|
||||||
use Data::Dumper;
|
|
||||||
|
|
||||||
our $VERSION = '2.0.2';
|
our $VERSION = '2.0.2';
|
||||||
|
|
||||||
@ -46,8 +45,6 @@ sub extractFormInfo {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$self->logger->debug("@@@@ Req -> " . Dumper($req) );
|
|
||||||
|
|
||||||
foreach my $mod ( values %{ $self->modules } ) {
|
foreach my $mod ( values %{ $self->modules } ) {
|
||||||
if ( $mod->can('setSecurity') ) {
|
if ( $mod->can('setSecurity') ) {
|
||||||
$mod->setSecurity($req);
|
$mod->setSecurity($req);
|
||||||
|
@ -351,7 +351,8 @@ sub display {
|
|||||||
# * Bad URL error
|
# * Bad URL error
|
||||||
elsif ($req->{error} == PE_LOGOUT_OK
|
elsif ($req->{error} == PE_LOGOUT_OK
|
||||||
or $req->{error} == PE_WAIT
|
or $req->{error} == PE_WAIT
|
||||||
or $req->{error} == PE_BADURL )
|
or $req->{error} == PE_BADURL
|
||||||
|
or $req->{error} == PE_BADCREDENTIALS )
|
||||||
{
|
{
|
||||||
%templateParams = (
|
%templateParams = (
|
||||||
%templateParams,
|
%templateParams,
|
||||||
|
@ -3,8 +3,9 @@ package Lemonldap::NG::Portal::Plugins::GrantSession;
|
|||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use Lemonldap::NG::Portal::Main::Constants qw(
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
PE_OK
|
PE_OK
|
||||||
PE_SESSIONNOTGRANTED
|
PE_SESSIONNOTGRANTED
|
||||||
|
PE_BADCREDENTIALS
|
||||||
);
|
);
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.0.0';
|
||||||
@ -22,11 +23,11 @@ sub init {
|
|||||||
$self->logger->debug("GrantRule key -> $_");
|
$self->logger->debug("GrantRule key -> $_");
|
||||||
$self->logger->debug(
|
$self->logger->debug(
|
||||||
"GrantRule value -> " . $self->conf->{grantSessionRules}->{$_} );
|
"GrantRule value -> " . $self->conf->{grantSessionRules}->{$_} );
|
||||||
my $rule =
|
my $rule = $hd->buildSub(
|
||||||
$hd->buildSub(
|
|
||||||
$hd->substitute( $self->conf->{grantSessionRules}->{$_} ) );
|
$hd->substitute( $self->conf->{grantSessionRules}->{$_} ) );
|
||||||
unless ($rule) {
|
unless ($rule) {
|
||||||
$self->error( "Bad grantSession rule " . $hd->tsv->{jail}->error );
|
$self->error(
|
||||||
|
"Bad grantSession rule " . $hd->tsv->{jail}->error );
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
$self->rules->{$_} = $rule;
|
$self->rules->{$_} = $rule;
|
||||||
@ -43,9 +44,12 @@ sub run {
|
|||||||
return !$A ? 1 : !$B ? -1 : $A cmp $B;
|
return !$A ? 1 : !$B ? -1 : $A cmp $B;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Avoid display notification if AuthResult is not null
|
||||||
|
return PE_BADCREDENTIALS if $req->authResult > 0;
|
||||||
|
|
||||||
foreach ( sort sortByComment keys %{ $self->rules } ) {
|
foreach ( sort sortByComment keys %{ $self->rules } ) {
|
||||||
$self->logger->debug( "Grant session condition -> "
|
$self->logger->debug( "Grant session condition -> "
|
||||||
. $self->conf->{grantSessionRules}->{$_} );
|
. $self->conf->{grantSessionRules}->{$_} );
|
||||||
unless ( $self->rules->{$_}->( $req, $req->sessionInfo ) ) {
|
unless ( $self->rules->{$_}->( $req, $req->sessionInfo ) ) {
|
||||||
$req->userData( {} );
|
$req->userData( {} );
|
||||||
|
|
||||||
@ -54,7 +58,7 @@ sub run {
|
|||||||
if ($1) {
|
if ($1) {
|
||||||
$self->logger->debug("Message -> $1");
|
$self->logger->debug("Message -> $1");
|
||||||
|
|
||||||
# Message can contain session data as user attributes or macros
|
# Message can contain session data as user attributes or macros
|
||||||
my $hd = $self->p->HANDLER;
|
my $hd = $self->p->HANDLER;
|
||||||
my $msg = $hd->substitute($1);
|
my $msg = $hd->substitute($1);
|
||||||
unless ( $msg = $hd->buildSub($msg) ) {
|
unless ( $msg = $hd->buildSub($msg) ) {
|
||||||
@ -68,17 +72,17 @@ sub run {
|
|||||||
)
|
)
|
||||||
);
|
);
|
||||||
$self->userLogger->error( 'User '
|
$self->userLogger->error( 'User '
|
||||||
. $req->sessionInfo->{uid}
|
. $req->sessionInfo->{uid}
|
||||||
. " was not granted to open session (rule -> $msg)" );
|
. " was not granted to open session (rule -> $msg)" );
|
||||||
$req->urldc( $self->conf->{portal} );
|
$req->urldc( $self->conf->{portal} );
|
||||||
return $req->authResult(PE_SESSIONNOTGRANTED);
|
return $req->authResult(PE_SESSIONNOTGRANTED);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$self->userLogger->error( 'User '
|
$self->userLogger->error( 'User '
|
||||||
. $req->sessionInfo->{uid}
|
. $req->sessionInfo->{uid}
|
||||||
. " was not granted to open session (rule -> "
|
. " was not granted to open session (rule -> "
|
||||||
. $self->conf->{grantSessionRules}->{$_}
|
. $self->conf->{grantSessionRules}->{$_}
|
||||||
. ")" );
|
. ")" );
|
||||||
$req->urldc( $self->conf->{portal} );
|
$req->urldc( $self->conf->{portal} );
|
||||||
return $req->authResult(PE_SESSIONNOTGRANTED);
|
return $req->authResult(PE_SESSIONNOTGRANTED);
|
||||||
}
|
}
|
||||||
|
@ -7,7 +7,7 @@ package Lemonldap::NG::Portal::UserDB::Demo;
|
|||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_USERNOTFOUND);
|
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_BADCREDENTIALS);
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Module';
|
extends 'Lemonldap::NG::Common::Module';
|
||||||
|
|
||||||
@ -60,7 +60,7 @@ sub getUser {
|
|||||||
}
|
}
|
||||||
|
|
||||||
eval { $self->p->_authentication->setSecurity($req) };
|
eval { $self->p->_authentication->setSecurity($req) };
|
||||||
PE_USERNOTFOUND;
|
PE_BADCREDENTIALS;
|
||||||
}
|
}
|
||||||
|
|
||||||
## @apmethod int setSessionInfo()
|
## @apmethod int setSessionInfo()
|
||||||
|
@ -5,7 +5,7 @@ use Mouse;
|
|||||||
use Lemonldap::NG::Portal::Main::Constants qw(
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
PE_ERROR
|
PE_ERROR
|
||||||
PE_OK
|
PE_OK
|
||||||
PE_USERNOTFOUND
|
PE_BADCREDENTIALS
|
||||||
);
|
);
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Module', 'Lemonldap::NG::Portal::Lib::REST';
|
extends 'Lemonldap::NG::Common::Module', 'Lemonldap::NG::Portal::Lib::REST';
|
||||||
@ -46,7 +46,7 @@ sub getUser {
|
|||||||
}
|
}
|
||||||
unless ( $res->{result} ) {
|
unless ( $res->{result} ) {
|
||||||
$self->userLogger->warn( 'User ' . $req->user . ' not found' );
|
$self->userLogger->warn( 'User ' . $req->user . ' not found' );
|
||||||
return PE_USERNOTFOUND;
|
return PE_BADCREDENTIALS;
|
||||||
}
|
}
|
||||||
$req->data->{restUserDBInfo} = $res->{info} || {};
|
$req->data->{restUserDBInfo} = $res->{info} || {};
|
||||||
return PE_OK;
|
return PE_OK;
|
||||||
|
@ -19,7 +19,8 @@ my $client = LLNG::Manager::Test->new(
|
|||||||
grantSessionRules => {
|
grantSessionRules => {
|
||||||
'$uid . " not allowed"##rule1' => '$uid ne "dwho"',
|
'$uid . " not allowed"##rule1' => '$uid ne "dwho"',
|
||||||
'Rtyler_Allowed##rule3' => '$uid eq "rtyler"',
|
'Rtyler_Allowed##rule3' => '$uid eq "rtyler"',
|
||||||
'##rule2' => '$uid ne "mrsmith"',
|
'##rule2' => '$uid ne "msmith"',
|
||||||
|
'##rule4' => '$uid ne "jdoe"',
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -39,6 +40,44 @@ ok( $res->[2]->[0] =~ /<h3 trspan="dwho not allowed">dwho not allowed<\/h3>/,
|
|||||||
'dwho rejected with custom message and session data' )
|
'dwho rejected with custom message and session data' )
|
||||||
or print STDERR Dumper( $res->[2]->[0] );
|
or print STDERR Dumper( $res->[2]->[0] );
|
||||||
count(1);
|
count(1);
|
||||||
|
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/',
|
||||||
|
IO::String->new('user=dwho&password=ohwd'),
|
||||||
|
accept => 'text/html',
|
||||||
|
length => 23
|
||||||
|
),
|
||||||
|
'Auth query'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] =~ /<span trmsg="5"><\/span><\/div>/,
|
||||||
|
'dwho rejected with PE_BADCREDENTIALS'
|
||||||
|
) or print STDERR Dumper( $res->[2]->[0] );
|
||||||
|
count(1);
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] =~ m%<span trspan="goToPortal">Go to portal</span>%,
|
||||||
|
'Found goToPortal button'
|
||||||
|
) or print STDERR Dumper( $res->[2]->[0] );
|
||||||
|
count(1);
|
||||||
|
|
||||||
|
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/',
|
||||||
|
IO::String->new('user=dwho&password=dwho'),
|
||||||
|
accept => 'text/html',
|
||||||
|
length => 23
|
||||||
|
),
|
||||||
|
'Auth query'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
ok( $res->[2]->[0] =~ /<h3 trspan="dwho not allowed">dwho not allowed<\/h3>/,
|
||||||
|
'dwho rejected with custom message and session data' )
|
||||||
|
or print STDERR Dumper( $res->[2]->[0] );
|
||||||
|
count(1);
|
||||||
|
|
||||||
ok( $res->[2]->[0] =~ qr%src="/static/common/js/info.(?:min\.)?js"></script>%,
|
ok( $res->[2]->[0] =~ qr%src="/static/common/js/info.(?:min\.)?js"></script>%,
|
||||||
'Found INFO js' )
|
'Found INFO js' )
|
||||||
or print STDERR Dumper( $res->[2]->[0] );
|
or print STDERR Dumper( $res->[2]->[0] );
|
||||||
@ -62,18 +101,40 @@ expectCookie($res);
|
|||||||
ok(
|
ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
'/',
|
'/',
|
||||||
IO::String->new('user=mrsmith&password=mrsmith'),
|
IO::String->new('user=msmith&password=msmith'),
|
||||||
accept => 'text/html',
|
accept => 'text/html',
|
||||||
length => 29
|
length => 27
|
||||||
),
|
),
|
||||||
'Auth query'
|
'Auth query'
|
||||||
);
|
);
|
||||||
count(1);
|
count(1);
|
||||||
ok(
|
ok(
|
||||||
$res->[2]->[0] =~ /<span trmsg="4"><\/span><\/div>/,
|
$res->[2]->[0] =~ /<span trmsg="41"><\/span><\/div>/,
|
||||||
'rtyler rejected with PE_SESSIONNOTGRANTED'
|
'rtyler rejected with PE_SESSIONNOTGRANTED'
|
||||||
) or print STDERR Dumper( $res->[2]->[0] );
|
) or print STDERR Dumper( $res->[2]->[0] );
|
||||||
count(1);
|
count(1);
|
||||||
|
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/',
|
||||||
|
IO::String->new('user=jdoe&password=jdoe'),
|
||||||
|
accept => 'text/html',
|
||||||
|
length => 23
|
||||||
|
),
|
||||||
|
'Auth query'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] =~ /<span trmsg="5"><\/span><\/div>/,
|
||||||
|
'rtyler rejected with PE_BADCREDENTIALS'
|
||||||
|
) or print STDERR Dumper( $res->[2]->[0] );
|
||||||
|
count(1);
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] =~ m%<span trspan="goToPortal">Go to portal</span>%,
|
||||||
|
'Found goToPortal button'
|
||||||
|
) or print STDERR Dumper( $res->[2]->[0] );
|
||||||
|
count(1);
|
||||||
|
|
||||||
ok( $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
|
ok( $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
|
||||||
'Found custom Main Logo' )
|
'Found custom Main Logo' )
|
||||||
or print STDERR Dumper( $res->[2]->[0] );
|
or print STDERR Dumper( $res->[2]->[0] );
|
||||||
|
Loading…
Reference in New Issue
Block a user