dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Clean logs

Browse Source
This commit is contained in:
Xavier 2019-07-04 07:24:50 +02:00
parent d4fedbdfcf
commit a104db2f2d
11 changed files with 31 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
View File

@ -634,7 +634,7 @@ sub tests {
checkMailResetSecurity => sub {
return 1 unless ( $conf->{portalDisplayResetPassword} );
return ( -1,
'"passwordMailReset" plugin is enabled without CSRF Token neither Captcha required !!!'
'"passwordMailReset" plugin is enabled without CSRF Token neither Captcha required'
)
unless ( $conf->{requireToken}
or $conf->{captcha_mail_enabled} );

2
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Notifications.pm
View File

@ -283,7 +283,7 @@ sub newNotification {
# Check if posted date > today
unless ( $json->{date} ge $dDate ) {
$self->logger->debug("Posted Date < today !!! ");
$self->logger->debug("Posted Date < today");
$json->{date} = $dDate;
}
$self->logger->debug("Notification Date = $json->{date}");

4
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Viewer.pm
View File

@ -80,7 +80,7 @@ sub viewDiff {
# Check Diff activation rule
unless ( $self->diffRule->( $req, $req->{userData} ) ) {
my $user = $req->{userData}->{_whatToTrace} || 'anonymous';
$self->userLogger->warn("$user tried to compare configurations!!!");
$self->userLogger->warn("$user is not authorized to compare configurations");
return $self->sendJSONresponse( $req, { 'value' => '_Hidden_' } );
}
@ -144,7 +144,7 @@ sub viewKey {
$self->logger->debug(
" $req->{env}->{REQUEST_URI} -> URI FORBIDDEN");
my $user = $req->{userData}->{_whatToTrace} || 'anonymous';
$self->userLogger->warn("$user tried to browse configurations!!!");
$self->userLogger->warn("$user is not authorized to browse configurations");
$self->rejectKey( $req, @args );
}
}

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
View File

@ -195,7 +195,7 @@ sub run {
"Found $removed EXPIRED 2F device(s) => Update persistent session"
);
$self->userLogger->notice(
" -> $removed EXPIRED 2F device(s) removed");
" -> $removed expired 2F device(s) removed");
@$_2fDevices =
map { $_->{type} =~ /\bEXPIRED\b/ ? () : $_ } @$_2fDevices;
$self->p->updatePersistentSession( $req,

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/TOTP.pm
View File

@ -156,7 +156,7 @@ sub run {
my $maxSize = $self->conf->{max2FDevices};
$self->logger->debug("Nbr 2FDevices = $size / $maxSize");
if ( $size >= $maxSize ) {
$self->userLogger->error("Max number of 2F devices is reached !!!");
$self->userLogger->warn("Max number of 2F devices is reached");
return $self->p->sendError( $req, 'maxNumberof2FDevicesReached',
400 );
}

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm
View File

@ -61,7 +61,7 @@ sub run {
my $maxSize = $self->conf->{max2FDevices};
$self->logger->debug("Registered 2F Device(s) : $size / $maxSize");
if ( $size >= $maxSize ) {
$self->userLogger->error("Max number of 2F devices is reached !!!");
$self->userLogger->warn("Max number of 2F devices is reached");
return $self->p->sendError( $req, 'maxNumberof2FDevicesReached',
400 );
}

4
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm
View File

@ -103,8 +103,8 @@ sub run {
my $maxSize = $self->conf->{max2FDevices};
$self->logger->debug("Nbr 2FDevices = $size / $maxSize");
if ( $size >= $maxSize ) {
$self->userLogger->error(
"Max number of 2F devices is reached !!!");
$self->userLogger->warn(
"Max number of 2F devices is reached");
return $self->p->sendHtml(
$req, 'error',
params => {

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/U2F.pm
View File

@ -125,7 +125,7 @@ sub verify {
unless ( $session->{__ch} and $session->{__ch} eq $challenge ) {
$self->userLogger->error(
"U2F challenge changes by user !!! $session->{__ch} / $challenge"
"U2F challenge changed by user: $session->{__ch} / $challenge"
);
$req->error(PE_BADCREDENTIALS);
return $self->fail($req);

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm
View File

@ -188,7 +188,7 @@ sub _buildAuthLoop {
split( /[;\|]/, $self->conf->{authChoiceModules}->{$_} );
unless ( $_choiceRules->{$_} ) {
$self->logger->error("$_ has no rule !!!");
$self->logger->error("$_ has no rule");
$_choiceRules->{$_} = sub { 1 };
}
unless ( $_choiceRules->{$_}->( $req->env ) ) {

27
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
View File

@ -127,19 +127,17 @@ sub check {
);
}
if ( $user eq $req->{user} or !$user ) {
$self->logger->debug("checkUser requested for myself");
$self->userLogger->notice("Return userData...");
$self->userLogger->warn("Using spoofed SSO groups if exist!!!")
if ( !$user or $user eq $req->{user} ) {
$self->userLogger->info("checkUser requested for himself");
$self->userLogger->info("Using spoofed SSO groups if exist")
if ( $self->conf->{impersonationRule} );
$attrs = $req->userData;
$user = $req->{user};
}
else {
$self->logger->debug("checkUser requested for $user");
$self->userLogger->info("checkUser requested for $user");
# Try to retrieve session from sessions DB
$self->userLogger->notice('Try to retrieve session from DB...');
$self->logger->debug('Try to retrieve session from DB...');
my $moduleOptions = $self->conf->{globalStorageOptions} || {};
$moduleOptions->{backend} = $self->conf->{globalStorage};
@ -157,9 +155,7 @@ sub check {
}
unless ( defined $attrs->{_session_id} ) {
$req->{user} = $user;
$self->userLogger->notice(
"NO session found in DB. Compute userData...");
$self->logger->debug("NO session found in DB. Compute userData...");
$self->userLogger->info("No session found in DB. Compute userData...");
$attrs = $self->_userData($req);
$compute = 1;
}
@ -213,18 +209,16 @@ sub check {
$auth = $self->_authorization( $req, $url, $attrs );
if ( $auth >= 0 ) {
$auth = $auth ? "allowed" : "forbidden";
$self->userLogger->notice(
"checkUser -> $attrs->{ $self->{conf}->{whatToTrace} } is "
. uc($auth)
. " to access: $url" );
$self->logger->debug(
"checkUser: $attrs->{ $self->{conf}->{whatToTrace} } is "
. "$auth to access to $url" );
# Return VirtualHost headers
$array_hdrs = $self->_headers( $req, $url, $attrs );
}
else {
$auth = 'VHnotFound';
$self->userLogger->notice(
"checkUser -> URL: $url has no configuration");
$self->userLogger->info("checkUser: $url has no configuration");
}
}
@ -267,8 +261,7 @@ sub display {
my ( $attrs, $array_attrs ) = ( {}, [] );
$self->logger->debug("Display current session data...");
$self->userLogger->notice("Retrieve session from Sessions database");
$self->userLogger->warn("Using spoofed SSO groups if exist!!!")
$self->userLogger->info("Using spoofed SSO groups if exist")
if ( $self->conf->{impersonationRule} );
$attrs = $req->userData;

30
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm
View File

@ -73,7 +73,7 @@ sub display {
$req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"};
my $realSession;
unless ( $realSession = $self->p->getApacheSession($realSessionId) ) {
$self->userLogger->warn(
$self->userLogger->info(
"ContextSwitching -> session $realSession expired");
return $self->p->do( $req, [ sub { PE_SESSIONEXPIRED } ] );
}
@ -90,13 +90,8 @@ sub display {
if ( $req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"} ) {
$self->logger->debug('Request to stop ContextSwitching');
if ( $self->conf->{contextSwitchingStopWithLogout} ) {
$self->logger->debug(
"** STOP ContextSwitching ** for $req->{user}");
$self->logger->debug('Send logout request');
$self->userLogger->notice(
"** STOP ContextSwitching ** for $req->{user}");
$self->logger->debug("Remove real session $realSession");
$self->userLogger->notice("Remove real session $realSession");
$self->userLogger->notice("Stop ContextSwitching for $req->{user}");
$self->userLogger->info("Remove real session $realSession");
$realSession->remove;
return $self->p->do( $req,
[ @{ $self->p->beforeLogout }, 'authLogout', 'deleteSession' ]
@ -175,11 +170,9 @@ sub run {
# Main session
$self->p->updateSession( $req, $req->sessionInfo );
$self->logger->debug(
"ContextSwitching -> Update $realId session with $spoofId session data"
);
"ContextSwitching: Update $realId session with $spoofId session data");
$self->userLogger->notice(
"ContextSwitching -> Update $realId session with $spoofId session data"
);
"ContextSwitching: Update $realId session with $spoofId session data");
return $self->p->do( $req, [ sub { $statut } ] );
}
@ -226,7 +219,7 @@ sub _switchContext {
$req->sessionInfo->{"$self->{conf}->{impersonationPrefix}_session_id"} =
$realSessionId;
$self->userLogger->notice(
"** START ContextSwitching ** for $realId with uid: $spoofId ")
"Start ContextSwitching: $realId becomes $spoofId ")
unless $raz;
return $raz
@ -241,27 +234,24 @@ sub _abortImpersonation {
$req->{$type}->{"$self->{conf}->{impersonationPrefix}_session_id"};
my $session;
unless ( $session = $self->p->getApacheSession($realSessionId) ) {
$self->userLogger->warn("Session $session expired");
$self->userLogger->info("Session $session expired");
return $req->error(PE_SESSIONEXPIRED);
}
if ($abort) {
$self->logger->debug("ABORT ContextSwitching $spoofId for $realId");
$self->userLogger->notice(
"ABORT ContextSwitching $spoofId for $realId");
"Abort ContextSwitching: $spoofId by $realId");
if ( my $abortSession = $self->p->getApacheSession( $req->id ) ) {
$abortSession->remove;
}
else {
$self->userLogger->warn(
$self->userLogger->info(
"ContextSwitching: session " . $req->id . " expired" );
}
}
else {
$self->logger->debug(
"** STOP ContextSwitching ** for $realId with uid: $spoofId");
$self->userLogger->notice(
"** STOP ContextSwitching ** for $realId with uid: $spoofId");
"Stop ContextSwitching for $realId with uid $spoofId");
$self->p->deleteSession($req);
}