Fix OTT & minor improvements (#1658)

2019-03-02 11:45:59 +01:00 · 2019-03-02 11:45:59 +01:00 · b18fd9c9fe
parent c50b86cd51
commit b18fd9c9fe
2 changed files with 19 additions and 10 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm
@ -60,7 +60,7 @@ sub loadTemplate {
 sub accessCtrl {
    my ( $self, $req, $uri ) = @_;
    my $url = $self->conf->{portal} . $uri;
-    $self->logger->debug("Plugin call setSecurity for URL: $url");
+    $self->logger->debug("Plugin calls accessCtrl for URL: $url");

    # Check access rule
    my ( $vhost, $appuri ) = $url =~ m#^https?://([^/]*)(.*)#;
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@ -50,7 +50,8 @@ sub check {
            "user $req->{user} not allowed to access /checkuser");
        return $self->p->lmError( $req, 403 );
    }
-    $self->userLogger->notice("user $req->{user} is allowed to access /checkuser");
+    $self->userLogger->notice(
+        "user $req->{user} is allowed to access /checkuser");

    # Check token
    if ( $self->conf->{requireToken} ) {
@ -61,7 +62,7 @@ sub check {
            $token = $self->ott->createToken( $req->sessionInfo );
        }
        unless ( $self->ott->getToken($token) ) {
-            $self->userLogger->warn('Ask try with expired/bad token');
+            $self->userLogger->warn('Checkuser try with expired/bad token');
            $msg   = PE_TOKENEXPIRED;
            $token = $self->ott->createToken( $req->sessionInfo );
        }
@ -86,8 +87,8 @@ sub check {
    $self->logger->debug("Check requested for $req->{user}");
    $attrs = $self->_userDatas($req);
    if ( $req->error ) {
-        $msg   = 'PE' . $req->{error};
-        $array_attrs  = [ [], [], [] ];
+        $msg = 'PE' . $req->{error};
+        $array_attrs = [ [], [], [] ];
    }
    else {
        $msg = 'checkUser';
@ -130,7 +131,6 @@ sub check {
        # Return VirtualHost headers
        $array_hdrs = $self->_headers( $req, $url );
    }
-    my $token = $self->ott->createToken( $req->sessionInfo );

    # Display form
    return $self->p->sendHtml(
@ -158,7 +158,11 @@ sub check {
            ATTRIBUTES => $array_attrs->[2],
            MACROS     => $array_attrs->[1],
            GROUPS     => $array_attrs->[0],
-            TOKEN      => $token,
+            TOKEN      => (
+                  $self->conf->{requireToken}
+                ? $self->ott->createToken( $req->sessionInfo )
+                : ''
+            )
        }
    );
 }
@ -172,8 +176,8 @@ sub display {
            "user $req->{user} not allowed to access /checkuser");
        return $self->p->lmError( $req, 403 );
    }
-    $self->userLogger->notice("user $req->{user} is allowed to access /checkuser");
-    my $token = $self->ott->createToken( $req->sessionInfo );
+    $self->userLogger->notice(
+        "user $req->{user} is allowed to access /checkuser");

    # Display form
    return $self->p->sendHtml(
@ -190,7 +194,11 @@ sub display {
                ? ""
                : $req->{user}
            ),
-            TOKEN => $token,
+            TOKEN => (
+                  $self->conf->{requireToken}
+                ? $self->ott->createToken( $req->sessionInfo )
+                : ''
+            )
        }
    );
 }
@ -243,6 +251,7 @@ sub _splitAttributes {
        my $element = shift @$attrs;
        my $ok      = 0;
        if ( $element->{key} eq 'groups' ) {
+            $self->logger->debug('Key "groups" found');
            my $separator = $self->{conf}->{multiValuesSeparator};
            my @tmp = split /\Q$separator/, $element->{value};
            $grps = [ map { { value => $_ } } sort @tmp ];