Allow wildcard with searching parameters (#1976) & Improve unit tests
This commit is contained in:
parent
554daba5fe
commit
846d6a3655
|
@ -83,6 +83,8 @@ sub defaultValues {
|
|||
'facebookExportedVars' => {},
|
||||
'facebookUserField' => 'id',
|
||||
'failedLoginNumber' => 5,
|
||||
'findUserControl' => '^[\\w]+$',
|
||||
'findUserWildcard' => '',
|
||||
'formTimeout' => 120,
|
||||
'githubAuthnLevel' => 1,
|
||||
'githubScope' => 'user:email',
|
||||
|
|
|
@ -1364,6 +1364,10 @@ qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-
|
|||
'default' => 0,
|
||||
'type' => 'bool'
|
||||
},
|
||||
'findUserControl' => {
|
||||
'default' => '^[\\w]+$',
|
||||
'type' => 'pcre'
|
||||
},
|
||||
'findUserExcludingAttributes' => {
|
||||
'keyTest' => qr/^\S+$/,
|
||||
'type' => 'keyTextContainer'
|
||||
|
@ -1372,6 +1376,10 @@ qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-
|
|||
'keyTest' => qr/^\S+$/,
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'findUserWildcard' => {
|
||||
'default' => '',
|
||||
'type' => 'text'
|
||||
},
|
||||
'forceGlobalStorageIssuerOTT' => {
|
||||
'type' => 'bool'
|
||||
},
|
||||
|
|
|
@ -544,6 +544,16 @@ sub attributes {
|
|||
keyTest => qr/^\S+$/,
|
||||
documentation => 'Attributes used for excluding accounts',
|
||||
},
|
||||
findUserWildcard => {
|
||||
type => 'text',
|
||||
default => '',
|
||||
documentation => 'Character used as wildcard',
|
||||
},
|
||||
findUserControl => {
|
||||
type => 'pcre',
|
||||
default => '^[\w]+$',
|
||||
documentation => 'Regular expression to validate parameters',
|
||||
},
|
||||
globalLogoutRule => {
|
||||
type => 'boolOrExpr',
|
||||
default => 0,
|
||||
|
|
|
@ -789,6 +789,8 @@ sub tree {
|
|||
help => 'finduser.html',
|
||||
nodes => [
|
||||
'findUser',
|
||||
'findUserWildcard',
|
||||
'findUserControl',
|
||||
'findUserSearchingAttributes',
|
||||
'findUserExcludingAttributes'
|
||||
]
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"الملف الذي ستحمله",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Search for user account",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserControl":"Parameters control",
|
||||
"findUserExcludingAttributes":"Excluding attributes",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserWildcard":"Character used as wildcard",
|
||||
"forbidden":"لست مخولا بعرض هذه الصفحة",
|
||||
"forceSave":"فرض الحفظ",
|
||||
"format":"الصيغة",
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"File to upload",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Search for user account",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserControl":"Parameters control",
|
||||
"findUserExcludingAttributes":"Excluding attributes",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserWildcard":"Character used as wildcard",
|
||||
"forbidden":"You're not authorized to show this page",
|
||||
"forceSave":"Force save",
|
||||
"format":"Format",
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"File to upload",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Search for user account",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserControl":"Parameters control",
|
||||
"findUserExcludingAttributes":"Excluding attributes",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserWildcard":"Character used as wildcard",
|
||||
"forbidden":"You're not authorized to show this page",
|
||||
"forceSave":"Force save",
|
||||
"format":"Format",
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"Fichero a cargar",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Search for user account",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserControl":"Parameters control",
|
||||
"findUserExcludingAttributes":"Excluding attributes",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserWildcard":"Character used as wildcard",
|
||||
"forbidden":"No está autorizado a mostrar esta página",
|
||||
"forceSave":"Forzar salvaguarda",
|
||||
"format":"Formato",
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"Fichier à télécharger",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Recherche de compte",
|
||||
"findUserSearchingAttributes":"Attributs de recherche",
|
||||
"findUserControl":"Contrôle des paramètres",
|
||||
"findUserExcludingAttributes":"Attributs d'exclusion",
|
||||
"findUserSearchingAttributes":"Attributs de recherche",
|
||||
"findUserWildcard":"Caractère utilisé comme joker",
|
||||
"forbidden":"Vous n'êtes pas autorisé à visualiser cette page",
|
||||
"forceSave":"Forcer la sauvegarde",
|
||||
"format":"Format",
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"File da caricare",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Search for user account",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserControl":"Parameters control",
|
||||
"findUserExcludingAttributes":"Excluding attributes",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserWildcard":"Character used as wildcard",
|
||||
"forbidden":"Non sei autorizzato a mostrare questa pagina",
|
||||
"forceSave":"Forza salvataggio",
|
||||
"format":"Formato",
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"Plik do przesłania",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Search for user account",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserControl":"Parameters control",
|
||||
"findUserExcludingAttributes":"Excluding attributes",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserWildcard":"Character used as wildcard",
|
||||
"forbidden":"Nie masz uprawnień do wyświetlania tej strony",
|
||||
"forceSave":"Wymuś zapis",
|
||||
"format":"Format",
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"Yüklenecek dosya",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Search for user account",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserControl":"Parameters control",
|
||||
"findUserExcludingAttributes":"Excluding attributes",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserWildcard":"Character used as wildcard",
|
||||
"forbidden":"Bu sayfayı görüntülemek için yetkili değilsiniz",
|
||||
"forceSave":"Kaydetmeye zorla",
|
||||
"format":"Biçim",
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"Tập tin để tải lên",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Search for user account",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserControl":"Parameters control",
|
||||
"findUserExcludingAttributes":"Excluding attributes",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserWildcard":"Character used as wildcard",
|
||||
"forbidden":"Bạn không được ủy quyền để hiển thị trang này",
|
||||
"forceSave":"Bắt buộc lưu",
|
||||
"format":"Định dạng",
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"上传的文件",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Search for user account",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserControl":"Parameters control",
|
||||
"findUserExcludingAttributes":"Excluding attributes",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserWildcard":"Character used as wildcard",
|
||||
"forbidden":"You're not authorized to show this page",
|
||||
"forceSave":"强制保存",
|
||||
"format":"格式",
|
||||
|
|
|
@ -331,8 +331,10 @@
|
|||
"fileToUpload":"上傳失敗",
|
||||
"findUser":"Activation",
|
||||
"findUsers":"Search for user account",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserControl":"Parameters control",
|
||||
"findUserExcludingAttributes":"Excluding attributes",
|
||||
"findUserSearchingAttributes":"Searching attributes",
|
||||
"findUserWildcard":"Character used as wildcard",
|
||||
"forbidden":"您無權顯示此頁面",
|
||||
"forceSave":"強制儲存",
|
||||
"format":"格式",
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -180,8 +180,18 @@ sub findUser {
|
|||
return PE_LDAPCONNECTFAILED unless $self->ldap;
|
||||
|
||||
$self->findUserFilter =~ /\bobjectClass=(\w+)\b/;
|
||||
my $filter = "(&(objectClass=$1)";
|
||||
$filter .= "($_->{key}=$_->{value})" foreach (@$searching);
|
||||
my $filter = "(&(objectClass=$1)";
|
||||
my $wildcard = $self->conf->{findUserWildcard};
|
||||
$self->logger->info("LDAP UserDB with wildcard ($wildcard)") if $wildcard;
|
||||
foreach (@$searching) {
|
||||
if ($wildcard) {
|
||||
$_->{value} =~ s/\Q$wildcard\E+/*/;
|
||||
}
|
||||
else {
|
||||
$_->{value} =~ s/\Q*\E+//;
|
||||
}
|
||||
$filter .= "($_->{key}=$_->{value})";
|
||||
}
|
||||
$filter .= "(!($_->{key}=$_->{value}))" foreach (@$excluding);
|
||||
$filter .= ')';
|
||||
$self->logger->debug("LDAP UserDB built filter: $filter");
|
||||
|
|
|
@ -60,13 +60,16 @@ sub findUser {
|
|||
eval { $self->p->_authentication->setSecurity($req) };
|
||||
return PE_OK unless scalar @$searching;
|
||||
|
||||
my $table = $self->table;
|
||||
my $pivot = $args{useMail} ? $self->mailField : $self->pivot;
|
||||
my $request = "SELECT $pivot FROM $table WHERE ";
|
||||
my $table = $self->table;
|
||||
my $pivot = $args{useMail} ? $self->mailField : $self->pivot;
|
||||
my @args;
|
||||
my $sth;
|
||||
my $request = "SELECT $pivot FROM $table WHERE ";
|
||||
my ( $iswc, $sth );
|
||||
my $wildcard = $self->conf->{findUserWildcard};
|
||||
$self->logger->info("DBI UserDB with wildcard ($wildcard)") if $wildcard;
|
||||
foreach (@$searching) {
|
||||
$request .= "$_->{key} = ? AND ";
|
||||
$iswc = $_->{value} =~ s/\Q$wildcard\E+/%/ if $wildcard;
|
||||
$request .= $iswc ? "$_->{key} LIKE ? AND " : "$_->{key} = ? AND ";
|
||||
push @args, $_->{value};
|
||||
}
|
||||
foreach (@$excluding) {
|
||||
|
@ -114,12 +117,12 @@ sub setSessionInfo {
|
|||
$req->{sessionInfo}->{$var} = $req->data->{dbientry}->{$attr}
|
||||
if ( defined $req->data->{dbientry}->{$attr} );
|
||||
}
|
||||
|
||||
|
||||
return PE_OK;
|
||||
}
|
||||
|
||||
sub setGroups {
|
||||
|
||||
|
||||
return PE_OK;
|
||||
}
|
||||
|
||||
|
|
|
@ -85,8 +85,23 @@ sub findUser {
|
|||
eval { $self->p->_authentication->setSecurity($req) };
|
||||
return PE_OK unless scalar @$searching;
|
||||
|
||||
my $cond = '';
|
||||
$cond .= '$' . $_->{key} . " eq '$_->{value}' && " foreach (@$searching);
|
||||
my $iswc;
|
||||
my $cond = '';
|
||||
my $wildcard = $self->conf->{findUserWildcard};
|
||||
$self->logger->info("Demo UserDB with wildcard ($wildcard)") if $wildcard;
|
||||
foreach (@$searching) {
|
||||
if ($wildcard) {
|
||||
$iswc = $_->{value} =~ s/\Q$wildcard\E+//;
|
||||
my $val = $_->{value};
|
||||
$cond .=
|
||||
$iswc
|
||||
? '( $' . $_->{key} . " =~ /$val/ ) && "
|
||||
: '$' . $_->{key} . " eq '$_->{value}' && ";
|
||||
}
|
||||
else {
|
||||
$cond .= '$' . $_->{key} . " eq '$_->{value}' && ";
|
||||
}
|
||||
}
|
||||
$cond .= '$' . $_->{key} . " ne '$_->{value}' && " foreach (@$excluding);
|
||||
$cond =~ s/&&\s$//;
|
||||
$self->logger->debug("Demo UserDB built condition: $cond");
|
||||
|
|
|
@ -5,7 +5,7 @@ use IO::String;
|
|||
|
||||
require 't/test-lib.pm';
|
||||
|
||||
my $maintests = 46;
|
||||
my $maintests = 54;
|
||||
my $userdb = tempdb();
|
||||
|
||||
SKIP: {
|
||||
|
@ -55,6 +55,7 @@ SKIP: {
|
|||
useSafeJail => 1,
|
||||
requireToken => 0,
|
||||
findUser => 1,
|
||||
findUserWildcard => '#',
|
||||
impersonationRule => 1,
|
||||
findUserSearchingAttributes => {
|
||||
uid => 'Login',
|
||||
|
@ -282,6 +283,38 @@ m%<input id="findUser_room" name="room" type="text" autocomplete="off" class="fo
|
|||
or explain( $json, 'result => 1' );
|
||||
ok( $json->{user} =~ /^(dwho|msmith|davros)$/, " Good user ($1)" )
|
||||
or explain( $json, "user => ?" );
|
||||
|
||||
$request = 'uid=d%';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/finduser', IO::String->new($request),
|
||||
accept => 'application/json',
|
||||
length => length($request)
|
||||
),
|
||||
'Post FindFuser request with bad wildcard'
|
||||
);
|
||||
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||
or print STDERR "$@\n" . Dumper($res);
|
||||
ok( $json->{result} == 0, ' Good result' )
|
||||
or explain( $json, 'result => 0' );
|
||||
ok( $json->{error} == PE_USERNOTFOUND, ' No user found' )
|
||||
or explain( $json, 'error => 4' );
|
||||
|
||||
$request = 'uid=d#';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/finduser', IO::String->new($request),
|
||||
accept => 'application/json',
|
||||
length => length($request)
|
||||
),
|
||||
'Post FindFuser request with wildcard'
|
||||
);
|
||||
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||
or print STDERR "$@\n" . Dumper($res);
|
||||
ok( $json->{result} == 1, ' Good result' )
|
||||
or explain( $json, 'result => 1' );
|
||||
ok( $json->{user} =~ /^(dwho|davros)$/, " Good user ($1)" )
|
||||
or explain( $json, "user => ?" );
|
||||
}
|
||||
count($maintests);
|
||||
done_testing( count() );
|
||||
|
|
|
@ -5,7 +5,7 @@ use IO::String;
|
|||
|
||||
require 't/test-lib.pm';
|
||||
|
||||
my $maintests = 42;
|
||||
my $maintests = 46;
|
||||
|
||||
my $res;
|
||||
my $json;
|
||||
|
@ -19,6 +19,7 @@ my $client = LLNG::Manager::Test->new( {
|
|||
requireToken => 0,
|
||||
findUser => 1,
|
||||
impersonationRule => 1,
|
||||
findUserWildcard => '*',
|
||||
findUserSearchingAttributes =>
|
||||
{ uid => 'Login', guy => 'Kind', cn => 'Name' },
|
||||
findUserExcludingAttributes =>
|
||||
|
@ -221,5 +222,21 @@ ok( $json->{result} == 0, ' Good result' )
|
|||
ok( $json->{error} == PE_USERNOTFOUND, ' No user found' )
|
||||
or explain( $json, 'error => 4' );
|
||||
|
||||
$request = 'uid=d*';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/finduser', IO::String->new($request),
|
||||
accept => 'application/json',
|
||||
length => length($request)
|
||||
),
|
||||
'Post FindFuser request with wildcard'
|
||||
);
|
||||
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||
or print STDERR "$@\n" . Dumper($res);
|
||||
ok( $json->{result} == 1, ' Good result' )
|
||||
or explain( $json, 'result => 1' );
|
||||
ok( $json->{user} =~ /^(dwho|davros)$/, " Good user ($1)" )
|
||||
or explain( $json, "user => ?" );
|
||||
|
||||
count($maintests);
|
||||
done_testing( count() );
|
||||
|
|
|
@ -8,7 +8,7 @@ require 't/test-lib.pm';
|
|||
my $res;
|
||||
my $json;
|
||||
my $request;
|
||||
my $maintests = 42;
|
||||
my $maintests = 46;
|
||||
|
||||
SKIP: {
|
||||
skip 'LLNGTESTLDAP is not set', $maintests unless ( $ENV{LLNGTESTLDAP} );
|
||||
|
@ -35,6 +35,7 @@ SKIP: {
|
|||
requireToken => 0,
|
||||
findUser => 1,
|
||||
impersonationRule => 1,
|
||||
findUserWildcard => '#',
|
||||
findUserSearchingAttributes =>
|
||||
{ uid => 'Login', roomNumber => 'Room', cn => 'Name' },
|
||||
findUserExcludingAttributes =>
|
||||
|
@ -238,6 +239,22 @@ m%<input id="findUser_cn" name="cn" type="text" autocomplete="off" class="form-c
|
|||
ok( $json->{error} == PE_USERNOTFOUND, ' No user found' )
|
||||
or explain( $json, 'error => 4' );
|
||||
|
||||
$request = 'uid=r#';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/finduser', IO::String->new($request),
|
||||
accept => 'application/json',
|
||||
length => length($request)
|
||||
),
|
||||
'Post FindFuser request with wildcard'
|
||||
);
|
||||
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||
or print STDERR "$@\n" . Dumper($res);
|
||||
ok( $json->{result} == 1, ' Good result' )
|
||||
or explain( $json, 'result => 1' );
|
||||
ok( $json->{user} =~ /^(reset|rtyler)$/, " Good user ($1)" )
|
||||
or explain( $json, "user => ?" );
|
||||
|
||||
clean_sessions();
|
||||
}
|
||||
count($maintests);
|
||||
|
|
Loading…
Reference in New Issue
Block a user