Safelib + LDAPFilter parameter
This commit is contained in:
Xavier Guimard
parent
2f5af7de52
commit
740ad09f9f
|
|
@ -12,6 +12,7 @@ lib/Lemonldap/NG/Common/Conf/DBI.pm
|
|||
lib/Lemonldap/NG/Common/Conf/File.pm
|
||||
lib/Lemonldap/NG/Common/Conf/SOAP.pm
|
||||
lib/Lemonldap/NG/Common/Crypto.pm
|
||||
lib/Lemonldap/NG/Common/Safelib.pm
|
||||
Makefile.PL
|
||||
MANIFEST
|
||||
META.yml Module meta-data (added by MakeMaker)
|
||||
|
|
@ -22,8 +23,8 @@ t/01-Common-Conf.t
|
|||
t/02-Common-Conf-File.t
|
||||
t/03-Common-Conf-DBI.t
|
||||
t/04-Common-Conf-SOAP.t
|
||||
t/10-Common.t
|
||||
t/20-Common-CGI.t
|
||||
t/30-Common-Safelib
|
||||
t/99-pod.t
|
||||
tools/apache-session-mysql.sql
|
||||
tools/lmConfig.mysql
|
||||
|
|
|
|||
|
|
@ -0,0 +1,47 @@
|
|||
package Lemonldap::NG::Common::Safelib;
|
||||
|
||||
use strict;
|
||||
|
||||
#use AutoLoader qw(AUTOLOAD);
|
||||
|
||||
our $VERSION = '0.01';
|
||||
|
||||
# Set here all the names of functions that must be available in Safe objects.
|
||||
# Not that only functions, not methods, can be written here
|
||||
our $functions = [qw()];
|
||||
|
||||
1;
|
||||
__END__
|
||||
|
||||
=head1 NAME
|
||||
|
||||
Lemonldap::NG::Common::Safelib - Contains functions that are automatically
|
||||
imported in Lemonldap::NG Safe objects to be used in expressions like rules,
|
||||
macros,...
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
Private module not documented.
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
Private module not documented.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<Lemonldap::NG::Manager>, L<Lemonldap::NG::Portal>, L<Lemonldap::NG::Handler>
|
||||
|
||||
=head1 AUTHOR
|
||||
|
||||
Xavier Guimard, E<lt>guimard@E<gt>
|
||||
|
||||
=head1 COPYRIGHT AND LICENSE
|
||||
|
||||
Copyright (C) 2009 by Xavier Guimard
|
||||
|
||||
This library is free software; you can redistribute it and/or modify
|
||||
it under the same terms as Perl itself, either Perl version 5.10.0 or,
|
||||
at your option, any later version of Perl 5 you may have available.
|
||||
|
||||
=cut
|
||||
|
||||
|
|
@ -6,7 +6,7 @@
|
|||
# change 'tests => 1' to 'tests => last_test_to_print';
|
||||
|
||||
use Test::More tests => 1;
|
||||
BEGIN { use_ok('Lemonldap::NG::Common') }
|
||||
BEGIN { use_ok('Lemonldap::NG::Common::Safelib') }
|
||||
|
||||
#########################
|
||||
|
||||
|
|
@ -18,6 +18,7 @@ use strict;
|
|||
use MIME::Base64;
|
||||
use Exporter 'import';
|
||||
use Safe;
|
||||
use Lemonldap::NG::Common::Safelib; #link protected safe Safe object
|
||||
require Data::Dumper;
|
||||
require POSIX;
|
||||
|
||||
|
|
@ -355,6 +356,9 @@ sub safe {
|
|||
}";
|
||||
$class->lmLog( $@, 'error' ) if ($@);
|
||||
}
|
||||
$safe->share_from( 'main', ['%ENV'] );
|
||||
$safe->share_from( 'Lemonldap::NG::Common::Safelib',
|
||||
$Lemonldap::NG::Common::Safelib::functions );
|
||||
$safe->share( '&encode_base64', '$datas', '&lmSetHeaderIn',
|
||||
'$apacheRequest', @t );
|
||||
return $safe;
|
||||
|
|
@ -558,8 +562,8 @@ sub defaultValuesInit {
|
|||
$whatToTrace =~ s/\$//g;
|
||||
$https = $args->{https} unless defined($https);
|
||||
$https = 1 unless defined($https);
|
||||
$args->{securedCookie} = 1 unless defined($args->{securedCookie});
|
||||
$cookieName .= 'http' if($args->{securedCookie} == 2 and $https == 0);
|
||||
$args->{securedCookie} = 1 unless defined( $args->{securedCookie} );
|
||||
$cookieName .= 'http' if ( $args->{securedCookie} == 2 and $https == 0 );
|
||||
$port = $args->{port} || 0 unless defined($port);
|
||||
$customFunctions = $args->{customFunctions};
|
||||
1;
|
||||
|
|
@ -701,7 +705,8 @@ sub buildPostForm {
|
|||
$r->print(
|
||||
qq{<html><body onload="document.getElementById('f').submit()"><form id="f" method="post" action="$url"><input type=hidden name="a" value="}
|
||||
. sprintf( "%0" . $count . "d", 1 )
|
||||
. qq{"/><input type="submit" value="Ok"/></form></body></html>} );
|
||||
. qq{"/><input type="submit" value="Ok"/></form></body></html>}
|
||||
);
|
||||
OK;
|
||||
}
|
||||
);
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ require Lemonldap::NG::Manager::_Response; #inherits
|
|||
require Lemonldap::NG::Manager::_i18n; #inherits
|
||||
require Lemonldap::NG::Manager::Help; #inherits
|
||||
use Lemonldap::NG::Common::Conf::Constants; #inherits
|
||||
use Lemonldap::NG::Common::Safelib; #link protected safe Safe object
|
||||
use LWP::UserAgent;
|
||||
use Safe;
|
||||
use MIME::Base64;
|
||||
|
|
@ -45,6 +46,9 @@ sub safe {
|
|||
eval "sub $_ {1}";
|
||||
$self->lmLog( $@, 'error' ) if ($@);
|
||||
}
|
||||
$safe->share_from( 'main', ['%ENV'] );
|
||||
$safe->share_from( 'Lemonldap::NG::Common::Safelib',
|
||||
$Lemonldap::NG::Common::Safelib::functions );
|
||||
$safe->share( '&encode_base64', @t );
|
||||
return $safe;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ sub extractFormInfo {
|
|||
if ($user) {
|
||||
$self->{sessionInfo}->{authenticationLevel} = 5;
|
||||
$self->{user} = $user;
|
||||
$self->{authFilter} ||=
|
||||
$self->{AuthLDAPFilter} ||=
|
||||
'(&(' . $self->{SSLLDAPField} . "=$user)(objectClass=inetOrgPerson))";
|
||||
return PE_OK;
|
||||
}
|
||||
|
|
@ -48,7 +48,7 @@ sub extractFormInfo {
|
|||
$self->_sub('userError',"No certificate found for $ENV{REMOTE_ADDR}");
|
||||
return PE_CERTIFICATEREQUIRED;
|
||||
}
|
||||
$self->{authFilter} = '';
|
||||
$self->{AuthLDAPFilter} = '';
|
||||
return $self->SUPER::extractFormInfo(@_);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ use Lemonldap::NG::Common::CGI;
|
|||
use CGI::Cookie;
|
||||
require POSIX;
|
||||
use Lemonldap::NG::Portal::_i18n; #inherits
|
||||
use Lemonldap::NG::Common::Safelib; #link protected safe Safe object
|
||||
use Safe;
|
||||
|
||||
# Special comments for doxygen
|
||||
|
|
@ -450,6 +451,8 @@ sub safe {
|
|||
$self->lmLog( $@, 'error' ) if ($@);
|
||||
}
|
||||
$safe->share_from( 'main', ['%ENV'] );
|
||||
$safe->share_from( 'Lemonldap::NG::Common::Safelib',
|
||||
$Lemonldap::NG::Common::Safelib::functions );
|
||||
$safe->share( '&encode_base64', @t );
|
||||
return $safe;
|
||||
}
|
||||
|
|
@ -1038,7 +1041,7 @@ Creates the ldap filter using $self->{user}. By default :
|
|||
|
||||
$self->{filter} = "(&(uid=" . $self->{user} . ")(objectClass=inetOrgPerson))";
|
||||
|
||||
If $self->{authFilter} is set, it is used instead of this. This is used by
|
||||
If $self->{AuthLDAPFilter} is set, it is used instead of this. This is used by
|
||||
Lemonldap::NG::Portal::Auth* modules to overload filter.
|
||||
|
||||
=head3 connectLDAP
|
||||
|
|
|
|||
|
|
@ -31,12 +31,12 @@ sub getUser {
|
|||
# @return Lemonldap::NG::Portal constant
|
||||
sub formateFilter {
|
||||
my $self = shift;
|
||||
$self->{filter} =
|
||||
$self->{authFilter}
|
||||
|| $self->{filter};
|
||||
$self->{filter} =~ s/\$(user|_?password)/$self->{$1}/g;
|
||||
$self->{filter} =~ s/\$(\w+)/$self->{sessionInfo}->{$1}/g;
|
||||
$self->{filter} ||= "(&(uid=" . $self->{user} . ")(objectClass=inetOrgPerson))";
|
||||
$self->{LDAPFilter} =
|
||||
$self->{AuthLDAPFilter}
|
||||
|| $self->{LDAPFilter};
|
||||
$self->{LDAPFilter} ||= '(&(uid=$user)(objectClass=inetOrgPerson))';
|
||||
$self->{LDAPFilter} =~ s/\$(user|_?password)/$self->{$1}/g;
|
||||
$self->{LDAPFilter} =~ s/\$(\w+)/$self->{sessionInfo}->{$1}/g;
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
|
|
@ -51,7 +51,7 @@ sub search {
|
|||
my $mesg = $self->ldap->search(
|
||||
base => $self->{ldapBase},
|
||||
scope => 'sub',
|
||||
filter => $self->{filter},
|
||||
filter => $self->{LDAPFilter},
|
||||
);
|
||||
if ( $mesg->code() != 0 ) {
|
||||
$self->lmLog( $mesg->error, 'error' );
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user