Avoid assignment (#2360)

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm

@@ -5,7 +5,7 @@ use strict;
 use Exporter 'import';
 use base qw(Exporter);
 
-our $VERSION = '2.0.9';
+our $VERSION = '2.0.10';
 
 # CONSTANTS
 

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm

@@ -1,7 +1,7 @@
 # This file is generated by Lemonldap::NG::Manager::Build. Don't modify it by hand
 package Lemonldap::NG::Common::Conf::DefaultValues;
 
-our $VERSION = '2.0.9';
+our $VERSION = '2.0.10';
 
 sub defaultValues {
     return {

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm

@@ -5,7 +5,7 @@ use strict;
 use Exporter 'import';
 use base qw(Exporter);
 
-our $VERSION = '2.0.9';
+our $VERSION = '2.0.10';
 
 our %EXPORT_TAGS = ( 'all' => [qw($simpleHashKeys $doubleHashKeys $specialNodeKeys $casAppMetaDataNodeKeys $casSrvMetaDataNodeKeys $oidcOPMetaDataNodeKeys $oidcRPMetaDataNodeKeys $samlIDPMetaDataNodeKeys $samlSPMetaDataNodeKeys $virtualHostKeys $specialNodeHash $authParameters $issuerParameters $samlServiceParameters $oidcServiceParameters $casServiceParameters)] );
 our @EXPORT_OK   = ( @{ $EXPORT_TAGS{'all'} } );

lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm

@@ -4,7 +4,7 @@ package Lemonldap::NG::Handler::Lib::StatusConstants;
 use strict;
 use Exporter 'import';
 
-our $VERSION = '2.0.9';
+our $VERSION = '2.0.10';
 
 sub portalConsts {
     return {

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/2ndFA.pm

@@ -45,7 +45,8 @@ sub init {
     $self->setTypes($conf);
     $self->{multiValuesSeparator} ||= '; ';
     $self->{hiddenAttributes} //= "_password";
-    $self->{hiddenAttributes} .= ' _session_id' unless $conf->{displaySessionId};
+    $self->{hiddenAttributes} .= ' _session_id'
+      unless $conf->{displaySessionId};
     $self->{TOTPCheck} = $self->{U2FCheck} = $self->{UBKCheck} = '1';
     return 1;
 }

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm

@@ -1,7 +1,7 @@
 # This file is generated by Lemonldap::NG::Manager::Build. Don't modify it by hand
 package Lemonldap::NG::Manager::Attributes;
 
-our $VERSION = '2.0.9';
+our $VERSION = '2.0.10';
 
 sub perlExpr {
     my ( $val, $conf ) = @_;
@@ -22,7 +22,10 @@ sub perlExpr {
         grep( { $_ =~ /(?:Undefined subroutine|Devel::StackTrace)/ ? () : $_; }
             split( /\n/, $@, 0 ) )
     );
-    return $err ? ( -1, "__badExpression__: $err" ) : 1;
+    return -1, "__badExpression__: $err" if $err;
+    return $val =~ qr/(?<=[^=<!>\|\?])=(?![=~])/
+      ? ( 0, '__badExpressionAssignment__' )
+      : 1;
 }
 
 sub types {

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm

@@ -6,7 +6,7 @@
 
 package Lemonldap::NG::Manager::Build::Attributes;
 
-our $VERSION = '2.0.9';
+our $VERSION = '2.0.10';
 use strict;
 use Regexp::Common qw/URI/;
 
@@ -27,7 +27,10 @@ sub perlExpr {
     my $err = join( '',
         grep { $_ =~ /(?:Undefined subroutine|Devel::StackTrace)/ ? () : $_ }
           split( /\n/, $@ ) );
-    return $err ? ( -1, "__badExpression__: $err" ) : (1);
+    return ( -1, "__badExpression__: $err" ) if $err;
+    return $val =~ qr/(?<=[^=<!>\|\?])=(?![=~])/
+      ? ( -1, "__badExpressionAssignment__" )
+      : 1;
 }
 
 my $url_re = $RE{URI}{HTTP}{ -scheme => "https?" };
@@ -1090,9 +1093,10 @@ sub attributes {
             documentation => 'Display logout tab in portal',
         },
         portalDisplayCertificateResetByMail => {
-            type          => 'bool',
-            default       => 0,
-            documentation => 'Display certificate reset by mail button in portal',
+            type    => 'bool',
+            default => 0,
+            documentation =>
+              'Display certificate reset by mail button in portal',
         },
         portalDisplayRegister => {
             default       => 1,
@@ -2118,14 +2122,14 @@ sub attributes {
             documentation => 'List of auto signin rules',
         },
 
-	# Adaptative Authentication Level plugin
+        # Adaptative Authentication Level plugin
         adaptativeAuthenticationLevelRules => {
-            type => 'keyTextContainer',
-                keyTest => sub {
-                    eval { qr/$_[0]/ };
-                    return $@ ? 0 : 1;
-                },
-                keyMsgFail => '__badRegexp__',
+            type    => 'keyTextContainer',
+            keyTest => sub {
+                eval { qr/$_[0]/ };
+                return $@ ? 0 : 1;
+            },
+            keyMsgFail    => '__badRegexp__',
             documentation => 'Adaptative authentication level rules',
             flags         => 'p',
         },
@@ -2345,8 +2349,9 @@ sub attributes {
             documentation => 'CAS User attribute',
         },
         casAppMetaDataOptionsAuthnLevel => {
-            type          => 'int',
-            documentation => 'Authentication level requires to access to this CAS application',
+            type => 'int',
+            documentation =>
+              'Authentication level requires to access to this CAS application',
         },
         casAppMetaDataOptionsRule => {
             type          => 'text',
@@ -2984,8 +2989,9 @@ sub attributes {
             default => 1,
         },
         samlSPMetaDataOptionsAuthnLevel => {
-            type          => 'int',
-            documentation => 'Authentication level requires to access to this SP',
+            type => 'int',
+            documentation =>
+              'Authentication level requires to access to this SP',
         },
         samlSPMetaDataOptionsRule => {
             type          => 'text',
@@ -3345,12 +3351,14 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
             default => 'require',
         },
         ldapCAFile => {
-            type          => 'text',
-            documentation => 'Location of the certificate file for LDAP connections',
+            type => 'text',
+            documentation =>
+              'Location of the certificate file for LDAP connections',
         },
         ldapCAPath => {
-            type          => 'text',
-            documentation => 'Location of the CA directory for LDAP connections',
+            type => 'text',
+            documentation =>
+              'Location of the CA directory for LDAP connections',
         },
 
         # SSL
@@ -4167,8 +4175,9 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
             documentation => 'Issue refresh tokens',
         },
         oidcRPMetaDataOptionsAuthnLevel => {
-            type          => 'int',
-            documentation => 'Authentication level requires to access to this RP',
+            type => 'int',
+            documentation =>
+              'Authentication level requires to access to this RP',
         },
         oidcRPMetaDataOptionsRule => {
             type          => 'text',

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Sessions.pm

@@ -56,7 +56,8 @@ sub init {
     $self->{multiValuesSeparator} ||= '; ';
     $self->{impersonationPrefix} = $conf->{impersonationPrefix} || 'real_';
     $self->{hiddenAttributes} //= '_password';
-    $self->{hiddenAttributes} .= ' _session_id' unless $conf->{displaySessionId};
+    $self->{hiddenAttributes} .= ' _session_id'
+      unless $conf->{displaySessionId};
     return 1;
 }
 

lemonldap-ng-manager/site/htdocs/static/languages/ar.json

@@ -79,6 +79,7 @@
 "badDomainName":"اسم النطاق سيئ",
 "badEncoding":"تشفير خاطئ",
 "badExpression":"تعبير خاطئ",
+"badExpressionAssignment":"Expression containing an assignment",
 "badHeaderName":" حقل الهيدر خاطئ",
 "badHostname":"اسم الخادم خاطئ",
 "badLdapUri":"\n URI LDAP خاطئ",

lemonldap-ng-manager/site/htdocs/static/languages/de.json

@@ -79,6 +79,7 @@
 "badDomainName":"Ungültiger Domainname",
 "badEncoding":"Ungültige Codierung",
 "badExpression":"Bad expression",
+"badExpressionAssignment":"Expression containing an assignment",
 "badHeaderName":"Bad header name",
 "badHostname":"Ungültiger Hostname",
 "badLdapUri":"Bad LDAP URI",

lemonldap-ng-manager/site/htdocs/static/languages/en.json

@@ -79,6 +79,7 @@
 "badDomainName":"Bad domain name",
 "badEncoding":"Bad encoding",
 "badExpression":"Bad expression",
+"badExpressionAssignment":"Expression containing an assignment",
 "badHeaderName":"Bad header name",
 "badHostname":"Bad hostname",
 "badLdapUri":"Bad LDAP URI",

lemonldap-ng-manager/site/htdocs/static/languages/fr.json

@@ -79,6 +79,7 @@
 "badDomainName":"Mauvais nom de domaine",
 "badEncoding":"Mauvais encodage",
 "badExpression":"Mauvaise expression",
+"badExpressionAssignment":"Expression contenant une affectation",
 "badHeaderName":"Mauvais nom d'en-tête",
 "badHostname":"Mauvais nom d'hôte",
 "badLdapUri":"Mauvaise URI LDAP",

lemonldap-ng-manager/site/htdocs/static/languages/it.json

@@ -79,6 +79,7 @@
 "badDomainName":"Nome di dominio errato",
 "badEncoding":"Codifica errata",
 "badExpression":"Espressione errata",
+"badExpressionAssignment":"Expression containing an assignment",
 "badHeaderName":"Nome intestazione errato",
 "badHostname":"Hostname errato",
 "badLdapUri":"LDAP URI errata",

lemonldap-ng-manager/site/htdocs/static/languages/pl.json

@@ -79,6 +79,7 @@
 "badDomainName":"Błędna nazwa domeny",
 "badEncoding":"Błędne kodowanie",
 "badExpression":"Błędne wyrażenie",
+"badExpressionAssignment":"Expression containing an assignment",
 "badHeaderName":"Błędna nazwa nagłówka",
 "badHostname":"Błędna nazwa hosta",
 "badLdapUri":"Błędny identyfikator URI LDAP",

lemonldap-ng-manager/site/htdocs/static/languages/tr.json

@@ -79,6 +79,7 @@
 "badDomainName":"Hatalı etki alanı adı",
 "badEncoding":"Hatalı kodlama",
 "badExpression":"Hatalı ifade",
+"badExpressionAssignment":"Expression containing an assignment",
 "badHeaderName":"Hatalı başlık adı",
 "badHostname":"Hatalı konak adı",
 "badLdapUri":"Hatalı LDAP URI",

lemonldap-ng-manager/site/htdocs/static/languages/vi.json

@@ -79,6 +79,7 @@
 "badDomainName":"Tên miền không hợp lệ",
 "badEncoding":"Mã hoá không hợp lệ",
 "badExpression":"Biểu thức không hợp lệ",
+"badExpressionAssignment":"Expression containing an assignment",
 "badHeaderName":"Tên tiêu đề không hợp lệ",
 "badHostname":"Tên máy chủ không hợp lệ",
 "badLdapUri":"URI LDAP không đúng",

lemonldap-ng-manager/site/htdocs/static/languages/zh.json

@@ -79,6 +79,7 @@
 "badDomainName":"无效的域名",
 "badEncoding":"无效的编码",
 "badExpression":"无效的表达式",
+"badExpressionAssignment":"Expression containing an assignment",
 "badHeaderName":"无效的头部名称",
 "badHostname":"无效的主机名",
 "badLdapUri":"无效的 LDAP URI ",

lemonldap-ng-manager/t/14-bad-changes-in-conf.t

@@ -22,9 +22,9 @@ ok( $resBody->{result} == 0, "JSON response contains \"result:0\"" )
   or print STDERR Dumper($res);
 ok( (
         $resBody->{details}->{__errors__}
-          and @{ $resBody->{details}->{__errors__} } == 1
+          and @{ $resBody->{details}->{__errors__} } == 2
     ),
-    '1 error detected'
+    '2 errors detected'
 ) or print STDERR Dumper($resBody);
 
 count(5);

lemonldap-ng-manager/t/jsonfiles/14-bad.json

@@ -1822,7 +1822,7 @@
         "data": "logout_sso",
         "re": "^/logout"
       }, {
-        "data": "accept",
+        "data": "$uid = 1",
         "re": "default",
         "title": "default",
         "comment": "",

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm

@@ -4,7 +4,7 @@ package Lemonldap::NG::Portal::Main::Constants;
 use strict;
 use Exporter 'import';
 
-our $VERSION = '2.0.9';
+our $VERSION = '2.0.10';
 
 use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main';
 use constant {