WIP - Fix groups merging (#1664)

2019-03-06 17:58:40 +01:00 · 2019-03-06 17:58:40 +01:00 · 8bc9e50947
commit 8bc9e50947
parent 13fdc5eda8
3 changed files with 26 additions and 23 deletions
--- a/_example/conf/lmConf-1.json
+++ b/_example/conf/lmConf-1.json
@ -119,25 +119,20 @@
      "namespace" : "lemonldap-ng-sessions"
   },
   "locationRules" : {
-    "auth.__DNSDOMAIN__" : {
-      "(?#checkUser)^/checkuser": "$uid eq \"dwho\"",
-      "(?#errors)^/lmerror/": "accept",
-      "default" : "accept"
-    },
-    "manager.__DNSDOMAIN__" : {
-      "(?#Configuration)^/(manager\\.html|conf/)" : "$uid eq \"dwho\"",
-      "(?#Notifications)/notifications" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
-      "(?#Sessions)/sessions" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
-      "default" : "$uid eq \"dwho\" or $uid eq \"rtyler\""
-    },
-    "test1.__DNSDOMAIN__" : {
-      "^/logout" : "logout_sso",
-      "default" : "accept"
-    },
-    "test2.__DNSDOMAIN__" : {
-      "^/logout" : "logout_sso",
-      "default" : "accept"
-    }
+      "manager.__DNSDOMAIN__" : {
+         "(?#Configuration)^/(manager\\.html|conf/)" : "$uid eq \"dwho\"",
+         "(?#Notifications)/notifications" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
+         "(?#Sessions)/sessions" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
+         "default" : "$uid eq \"dwho\" or $uid eq \"rtyler\""
+      },
+      "test1.__DNSDOMAIN__" : {
+         "^/logout" : "logout_sso",
+         "default" : "accept"
+      },
+      "test2.__DNSDOMAIN__" : {
+         "^/logout" : "logout_sso",
+         "default" : "accept"
+      }
   },
   "loginHistoryEnabled" : 1,
   "macros" : {
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@ -263,6 +263,8 @@ sub _splitAttributes {
            $grps = [ map { { value => $_ } } sort @tmp ];
            next;
        }
+        if ( %$macros ) {
+            $self->logger->debug('Macros found');
        foreach my $key ( sort keys %$macros ) {
            if ( $element->{key} eq $key ) {
                push @$mcrs, $element;
@ -270,6 +272,7 @@ sub _splitAttributes {
                last;
            }
        }
+    }
        push @$others, $element unless $ok;
    }
    return [ $grps, $mcrs, $others ];
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm
@ -77,17 +77,22 @@ sub run {
        my $spg       = "$self->{conf}->{impersonationPrefix}groups";
        my $sphg      = "$self->{conf}->{impersonationPrefix}hGroups";
        my $separator = $self->{conf}->{multiValuesSeparator};
-        if (    $spoofSession->{groups}
-            and $realSession->{$spg} )
+        if (   $spoofSession->{groups}
+            or $realSession->{$spg} )
        {
            $self->logger->debug("Processing groups...");
-            my @spoofGrps = split /\Q$separator/, $spoofSession->{groups};
-            my @realGrps  = split /\Q$separator/, $realSession->{$spg};
+            my @spoofGrps = my @realGrps = ();
+            @spoofGrps = split /\Q$separator/, $spoofSession->{groups}
+                if $spoofSession->{groups};
+            @realGrps = split /\Q$separator/, $realSession->{$spg}
+                if $realSession->{$spg};
            @spoofGrps = ( @spoofGrps, @realGrps );
            my %hash = map { $_, 1 } @spoofGrps;
            $spoofSession->{groups} = join $separator, sort keys %hash;

            $self->logger->debug("Processing hGroups...");
+            $spoofSession->{hGroups} ||= {};
+            $realSession->{$sphg} ||= {};
            $spoofSession->{hGroups} = { %{ $spoofSession->{hGroups} },
                %{ $realSession->{$sphg} } };
        }