Merge branch 'v2.0'

lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Request.pm

@@ -70,7 +70,7 @@ sub data {
 sub wantJSON {
     return 1
       if ( defined $_[0]->accept
-        and $_[0]->accept =~ m#(?:application|text)/json# );
+        and $_[0]->env->{HTTP_ACCEPT} =~ m#(?:application|text)/json#i );
     return 0;
 }
 

lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm

@@ -20,8 +20,8 @@ sub fetchId {
     }
 
     # Get access token session
-    if ( my $infos = $class->getOIDCInfos($access_token) ) {
-        my $_session_id = $infos->{user_session_id};
+    my $infos = $class->getOIDCInfos($access_token);
+    if ( my $_session_id = $infos->{user_session_id} ) {
         $class->logger->debug( 'Get user session id ' . $_session_id );
         return $_session_id;
     }

lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm

@@ -142,11 +142,13 @@ sub javascript {
     my ( $self, $req ) = @_;
     my $res = $self->diffRule->( $req, $req->{userData} ) || 0;
     my $impPrefix = $self->{impersonationPrefix};
+    my $ttl = $self->{timeout} || 72000;
 
     return
 'var formPrefix=staticPrefix+"forms/";var confPrefix=scriptname+"confs/";var viewPrefix=scriptname+"view/";'
       . 'var allowDiff=' . "$res;"
       . 'var impPrefix=' . "'" . $impPrefix . "'" . ';'
+      . 'var sessionTTL=' . "$ttl;"
       . ( $self->links ? 'var links=' . to_json( $self->links ) . ';' : '' )
       . (
         $self->menuLinks

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm

@@ -642,6 +642,16 @@ sub tests {
             # Return
             return 1;
         },
+
+        # Warn if Impersonation is enabled without prefix
+        impersonationPrefix => sub {
+            return 1 unless ( $conf->{impersonationRule} );
+            return ( 1, "Impersonation is enabled without real attributes prefix" )
+              unless ( $conf->{impersonationPrefix} );
+
+            # Return
+            return 1;
+        },
     };
 }
 

lemonldap-ng-manager/site/coffee/sessions.coffee

@@ -108,6 +108,7 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
 	$scope.scriptname = scriptname
 	$scope.formPrefix = formPrefix
 	$scope.impPrefix = impPrefix
+	$scope.sessionTTL = sessionTTL
 	$scope.availableLanguages = availableLanguages
 	$scope.waiting = true
 	$scope.showM = false
@@ -352,6 +353,15 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
 		d = new Date(s * 1000)
 		return d.toLocaleString()
 
+	$scope.isValid = (epoch) ->
+		now = Date.now() / 1000
+		valid = now - epoch < $scope.sessionTTL
+		console.log "session epoch", epoch
+		console.log "current date", now
+		console.log "sessions TTL", sessionTTL
+		console.log "Valid ?", valid
+		return valid
+
 	$scope.strToLocaleDate = (s) ->
 		arrayDate = s.match /^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/
 		return s unless arrayDate.length

lemonldap-ng-manager/site/htdocs/static/js/sessions.js

@@ -131,6 +131,7 @@
       $scope.scriptname = scriptname;
       $scope.formPrefix = formPrefix;
       $scope.impPrefix = impPrefix;
+      $scope.sessionTTL = sessionTTL;
       $scope.availableLanguages = availableLanguages;
       $scope.waiting = true;
       $scope.showM = false;
@@ -432,6 +433,16 @@
         d = new Date(s * 1000);
         return d.toLocaleString();
       };
+      $scope.isValid = function(epoch) {
+        var now, valid;
+        now = Date.now() / 1000;
+        valid = now - epoch < $scope.sessionTTL;
+        console.log("session epoch", epoch);
+        console.log("current date", now);
+        console.log("sessions TTL", sessionTTL);
+        console.log("Valid ?", valid);
+        return valid;
+      };
       $scope.strToLocaleDate = function(s) {
         var arrayDate, d;
         arrayDate = s.match(/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/);

lemonldap-ng-manager/site/templates/sessions.tpl

@@ -118,7 +118,12 @@
         <a class="btn btn-node btn-sm" ng-click="displaySession(this)">
           <span class="glyphicon glyphicon-eye-open"></span>
         </a>
-        <span id="s-{{node.session}}" ng-click="displaySession(this)">{{localeDate(node.date)}}</span>
+        <span ng-if="isValid(node.date)">
+          <span id="s-{{node.session}}" ng-click="displaySession(this)">{{localeDate(node.date)}}</span>
+        </span>
+        <span ng-if="!isValid(node.date)">
+          <span id="s-{{node.session}}" ng-click="displaySession(this)" ng-style="{color: '#337Ab7'}">{{localeDate(node.date)}}</span>
+        </span>
       </span>
     </div>
     <ol ui-tree-nodes="" ng-model="node.nodes" ng-class="{hidden: collapsed}">

lemonldap-ng-portal/t/68-Impersonation.t

@@ -20,11 +20,12 @@ my $client = LLNG::Manager::Test->new( {
             checkUser                      => 1,
             impersonationRule              => '$uid ne "msmith"',
             impersonationIdRule            => '$uid ne "msmith"',
+            impersonationPrefix            => 'testPrefix_',
             checkUserDisplayPersistentInfo => 0,
             checkUserDisplayEmptyValues    => 0,
             impersonationMergeSSOgroups    => 0,
             macros                         => {
-                test_impersonation => '"$real__user/$_user"',
+                test_impersonation => '"$testPrefix__user/$_user"',
                 _whatToTrace =>
                   '$_auth eq "SAML" ? "$_user@$_idpConfKey" : $_user',
             },
@@ -263,13 +264,13 @@ ok( $res->[2]->[0] =~ m%<td class="align-middle">dwho</td>%, 'Found dwho' )
 ok( $res->[2]->[0] =~ m%<td class="align-middle">_whatToTrace</td>%,
     'Found _whatToTrace' )
   or explain( $res->[2]->[0], 'Macro Key _whatToTrace' );
-ok( $res->[2]->[0] =~ m%<td class="text-left">real_groups</td>%,
-    'Found real_groups' )
-  or explain( $res->[2]->[0], 'real_groups' );
+ok( $res->[2]->[0] =~ m%<td class="text-left">testPrefix_groups</td>%,
+    'Found testPrefix_groups' )
+  or explain( $res->[2]->[0], 'testPrefix_groups' );
 ok( $res->[2]->[0] =~ m%<td class="text-left">su</td>%, 'Found su' )
   or explain( $res->[2]->[0], 'su' );
-ok( $res->[2]->[0] =~ m%<td class="text-left">real_uid</td>%, 'Found real_uid' )
-  or explain( $res->[2]->[0], 'real_groups' );
+ok( $res->[2]->[0] =~ m%<td class="text-left">testPrefix_uid</td>%, 'Found testPrefix_uid' )
+  or explain( $res->[2]->[0], 'testPrefix_groups' );
 ok( $res->[2]->[0] =~ m%<td class="text-left">rtyler</td>%, 'Found rtyler' )
   or explain( $res->[2]->[0], 'su' );
 ok( $res->[2]->[0] =~ m%<td class="align-middle">test_impersonation</td>%,
@@ -280,6 +281,20 @@ ok( $res->[2]->[0] =~ m%<td class="align-middle">rtyler/dwho</td>%,
   or explain( $res->[2]->[0], 'Found rtyler/dwo' );
 count(16);
 
+my @attributes = map /<td class="text-left">(.+)?<\/td>/g, $res->[2]->[0];
+ok( scalar @attributes == 58, 'Found 58 attributes' )
+  or print STDERR "Missing attributes -> " . scalar @attributes;
+ok( $attributes[0] eq '_auth', '_auth' ) or print STDERR Dumper( \@attributes );
+ok( $attributes[1] eq 'Demo',  'Demo' )  or print STDERR Dumper( \@attributes );
+ok( $attributes[26] eq 'uid',  'uid' )   or print STDERR Dumper( \@attributes );
+ok( $attributes[28] eq 'testPrefix__auth', 'testPrefix__auth' )
+  or print STDERR Dumper( \@attributes );
+ok( $attributes[56] eq 'testPrefix_uid', 'testPrefix_uid' )
+  or print STDERR Dumper( \@attributes );
+ok( $attributes[57] eq 'rtyler', 'rtyler' )
+  or print STDERR Dumper( \@attributes );
+count(7);
+
 $client->logout($id);
 clean_sessions();