Restore GET activation global rule & Improve unit test (#1625)
This commit is contained in:
parent
094f205ecb
commit
b1048043e9
|
@ -4,17 +4,46 @@ use strict;
|
|||
use Mouse;
|
||||
use URI::Escape;
|
||||
use Lemonldap::NG::Common::FormEncode;
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_BADURL);
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_BADURL PE_GET_SERVICE_NOT_ALLOWED);
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
|
||||
extends 'Lemonldap::NG::Portal::Main::Issuer';
|
||||
|
||||
has rule => ( is => 'rw', default => sub { {} } );
|
||||
|
||||
# INITIALIZATION
|
||||
|
||||
sub init {
|
||||
my ($self) = @_;
|
||||
|
||||
# Parse activation rule
|
||||
my $hd = $self->p->HANDLER;
|
||||
$self->logger->debug(
|
||||
"GET rule -> " . $self->conf->{issuerDBGetRule} );
|
||||
my $rule =
|
||||
$hd->buildSub(
|
||||
$hd->substitute( $self->conf->{issuerDBGetRule} ) );
|
||||
unless ($rule) {
|
||||
$self->error( "Bad GET rule -> " . $hd->tsv->{jail}->error );
|
||||
return 0;
|
||||
}
|
||||
$self->{rule} = $rule;
|
||||
return 0 unless ( $self->SUPER::init() );
|
||||
return 1;
|
||||
}
|
||||
|
||||
# RUNNING METHODS
|
||||
|
||||
sub run {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
# Check activation rule
|
||||
unless ( $self->rule->( $req, $req->sessionInfo ) ) {
|
||||
$self->userLogger->error('GET service not authorized');
|
||||
return PE_GET_SERVICE_NOT_ALLOWED;
|
||||
}
|
||||
|
||||
# Session ID
|
||||
my $session_id = $req->{sessionInfo}->{_session_id} || $self->{id};
|
||||
|
||||
|
|
|
@ -97,6 +97,7 @@ use constant {
|
|||
PE_SAML_SERVICE_NOT_ALLOWED => 89,
|
||||
PE_OIDC_SERVICE_NOT_ALLOWED => 90,
|
||||
PE_OID_SERVICE_NOT_ALLOWED => 91,
|
||||
PE_GET_SERVICE_NOT_ALLOWED => 92,
|
||||
|
||||
};
|
||||
|
||||
|
@ -125,7 +126,7 @@ our @EXPORT_OK = qw( PE_SENDRESPONSE PE_INFO PE_REDIRECT PE_DONE PE_OK
|
|||
PE_REGISTERALREADYEXISTS PE_NOTOKEN PE_TOKENEXPIRED HANDLER PE_U2FFAILED
|
||||
PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTAUTHN
|
||||
PE_MUSTHAVEMAIL PE_SAML_SERVICE_NOT_ALLOWED PE_OIDC_SERVICE_NOT_ALLOWED
|
||||
PE_OID_SERVICE_NOT_ALLOWED
|
||||
PE_OID_SERVICE_NOT_ALLOWED PE_GET_SERVICE_NOT_ALLOWED
|
||||
);
|
||||
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
|
||||
|
||||
|
|
|
@ -8,9 +8,10 @@ my $res;
|
|||
|
||||
my $client = LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => 'error',
|
||||
logLevel => 'debug',
|
||||
useSafeJail => 1,
|
||||
issuerDBGetActivation => 1,
|
||||
issuerDBGetRule => '$uid eq "dwho"',
|
||||
issuerDBGetPath => '^/test/',
|
||||
issuerDBGetParameters =>
|
||||
{ 'test1.example.com' => { ID => '_session_id' } }
|
||||
|
|
Loading…
Reference in New Issue
Block a user