Fix default value (#1825)

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm

@@ -24,7 +24,7 @@ use constant MANAGERSECTION  => "manager";
 use constant SESSIONSEXPLORERSECTION => "sessionsExplorer";
 use constant APPLYSECTION            => "apply";
 our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|c(?:as(?:S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions)|A(?:ppMetaData(?:(?:ExportedVar|Option)s|Node)|ttributes))|(?:ustomAddParam|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
-our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|ingle(?:Session(?:UserByIP)?|(?:UserBy)?IP)|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|kipRenewConfirmation|fRemovedUseNotif|howLanguages|slByAjax)|o(?:idc(?:ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|RPMetaDataOptions(?:LogoutSessionRequired|BypassConsent|RequirePKCE|Public)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|c(?:a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:User(?:Display(?:PersistentInfo|EmptyValues))?|State|XSS)|o(?:ntextSwitchingStopWithLogout|rsEnabled)|da)|p(?:ortal(?:ErrorOn(?:ExpiredSession|MailNotFound)|DisplayRe(?:setPassword|gister)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|RequireOldPassword|ForceAuthn|AntiFrame)|roxyUseSoap)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl)|oginHistoryEnabled)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|(?:mai(?:lOnPasswordChang|ntenanc)|enablePersistentStorag|vhostMaintenanc)e|no(?:tif(?:ication(?:Server)?|y(?:Deleted|Other))|AjaxHook)|rest(?:(?:Session|Config)Server|ExportSecretKeys)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|(?:activeTim|wsdlServ)er|krb(?:RemoveDomain|ByJs)|dbiDynamicHashEnabled|bruteForceProtection)$/;
+our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|ingle(?:Session(?:UserByIP)?|(?:UserBy)?IP)|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|kipRenewConfirmation|fRemovedUseNotif|howLanguages|slByAjax)|o(?:idc(?:ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|RPMetaDataOptions(?:LogoutSessionRequired|BypassConsent|RequirePKCE|Public)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|c(?:a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:User(?:Display(?:PersistentInfo|EmptyValues))?|State|XSS)|o(?:ntextSwitchingStopWithLogout|rsEnabled)|da)|p(?:ortal(?:ErrorOn(?:ExpiredSession|MailNotFound)|DisplayRe(?:setPassword|gister)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|RequireOldPassword|ForceAuthn|AntiFrame)|roxyUseSoap)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl)|oginHistoryEnabled)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|no(?:tif(?:ication(?:Server)?|y(?:Deleted|Other))|AjaxHook)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|d(?:isablePersistentStorage|biDynamicHashEnabled)|rest(?:(?:Session|Config)Server|ExportSecretKeys)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|(?:activeTim|wsdlServ)er|krb(?:RemoveDomain|ByJs)|bruteForceProtection)$/;
 
 our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' );
 

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm

@@ -57,9 +57,8 @@ sub defaultValues {
             'mail' => 'mail',
             'uid'  => 'uid'
         },
-        'domain'                  => 'example.com',
-        'enablePersistentStorage' => 1,
-        'exportedVars'            => {
+        'domain'       => 'example.com',
+        'exportedVars' => {
             'UA' => 'HTTP_USER_AGENT'
         },
         'ext2fActivation'      => 0,

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm

@@ -1095,6 +1095,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'test'       => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
             'type'       => 'keyTextContainer'
         },
+        'disablePersistentStorage' => {
+            'default' => 0,
+            'type'    => 'bool'
+        },
         'domain' => {
             'default' => 'example.com',
             'msgFail' => '__badDomainName__',
@@ -1102,10 +1106,6 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
 qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/,
             'type' => 'text'
         },
-        'enablePersistentStorage' => {
-            'default' => 1,
-            'type'    => 'bool'
-        },
         'exportedAttr' => {
             'type' => 'text'
         },

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm

@@ -1143,8 +1143,8 @@ sub attributes {
             keyMsgFail    => '__invalidSessionData__',
             documentation => 'Data to remember in login history',
         },
-        enablePersistentStorage => {
-            default       => 1,
+        disablePersistentStorage => {
+            default       => 0,
             type          => 'bool',
             documentation => 'Enabled persistent storage',
         },

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm

@@ -542,7 +542,7 @@ sub tree {
                         {
                             title => 'persistentSessions',
                             nodes => [
-                                'enablePersistentStorage',
+                                'disablePersistentStorage',
                                 'persistentStorage',
                                 'persistentStorageOptions'
                             ]

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm

@@ -655,7 +655,7 @@ sub tests {
 
         # Warn if persistent storage is disabled with 2FA, History, OIDCConsents and Notifications
         persistentStorage => sub {
-            return 1 if ( $conf->{enablePersistentStorage} );
+            return 1 unless ( $conf->{disablePersistentStorage} );
             return ( 1, "2FA enabled WITHOUT persistent session storage" )
               if ( $conf->{totp2fActivation}
                 || $conf->{yubikey2fActivation}

lemonldap-ng-manager/site/htdocs/static/languages/ar.json

@@ -256,7 +256,7 @@
 "emptyConf":"إعدادات فارغة",
 "emptyValueNotAllowed":"القيمة الفارغة غير مسموح بها",
 "enabled":"مفعلة",
-"enablePersistentStorage":"Storage",
+"disablePersistentStorage":"Disable storage",
 "enterPassword":"أدخل كلمة المرور (اختياري)",
 "error":"خطأ",
 "errors":"ERRORS",

lemonldap-ng-manager/site/htdocs/static/languages/de.json

@@ -256,7 +256,7 @@
 "emptyConf":"Empty configuration",
 "emptyValueNotAllowed":"Empty value not allowed",
 "enabled":"Aktiviert",
-"enablePersistentStorage":"Storage",
+"disablePersistentStorage":"Disable storage",
 "enterPassword":"Enter password (optional)",
 "error":"Error",
 "errors":"ERRORS",

lemonldap-ng-manager/site/htdocs/static/languages/en.json

@@ -256,7 +256,7 @@
 "emptyConf":"Empty configuration",
 "emptyValueNotAllowed":"Empty value not allowed",
 "enabled":"Enabled",
-"enablePersistentStorage":"Storage",
+"disablePersistentStorage":"Disable storage",
 "enterPassword":"Enter password (optional)",
 "error":"Error",
 "errors":"ERRORS",

lemonldap-ng-manager/site/htdocs/static/languages/fr.json

@@ -256,7 +256,7 @@
 "emptyConf":"Configuration vide",
 "emptyValueNotAllowed":"Valeur nulle non accordé",
 "enabled":"Activé",
-"enablePersistentStorage":"Stockage",
+"disablePersistentStorage":"Désactiver le stockage",
 "enterPassword":"Entrer le mot de passe (optionnel)",
 "error":"Erreur",
 "errors":"ERREURS",

lemonldap-ng-manager/site/htdocs/static/languages/it.json

@@ -256,7 +256,7 @@
 "emptyConf":"Configurazione vuota",
 "emptyValueNotAllowed":"Valore vuoto non consentito",
 "enabled":"Abilitato",
-"enablePersistentStorage":"Storage",
+"disablePersistentStorage":"Disable storage",
 "enterPassword":"Inserisci password (opzionale)",
 "error":"Errore",
 "errors":"ERRORI",

lemonldap-ng-manager/site/htdocs/static/languages/vi.json

@@ -256,7 +256,7 @@
 "emptyConf":"Cấu hình trống rỗng",
 "emptyValueNotAllowed":"Không cho phép giá trị trống",
 "enabled":"Đã bật",
-"enablePersistentStorage":"Storage",
+"disablePersistentStorage":"Disable storage",
 "enterPassword":"Nhập mật khẩu (tùy chọn)",
 "error":"Lỗi",
 "errors":"ERRORS",

lemonldap-ng-manager/site/htdocs/static/languages/zh.json

@@ -256,7 +256,7 @@
 "emptyConf":"Empty configuration",
 "emptyValueNotAllowed":"Empty value not allowed",
 "enabled":"开启",
-"enablePersistentStorage":"Storage",
+"disablePersistentStorage":"Disable storage",
 "enterPassword":"输入密码（可选）",
 "error":"错误",
 "errors":"ERRORS",

lemonldap-ng-manager/t/jsonfiles/11-modified-with-confirmation.json

@@ -1348,11 +1348,11 @@
       "id": "persistentSessions",
       "title": "persistentSessions",
       "nodes": [{
-        "default": 1,
-        "id": "enablePersistentStorage",
-        "title": "enablePersistentStorage",
+        "default": 0,
+        "id": "disablePersistentStorage",
+        "title": "disablePersistentStorage",
         "type": "bool",
-        "data": 1
+        "data": 0
       }, {
         "id": "persistentStorage",
         "title": "persistentStorage",

lemonldap-ng-manager/t/jsonfiles/12-modified.json

@@ -1348,11 +1348,11 @@
       "id": "persistentSessions",
       "title": "persistentSessions",
       "nodes": [{
-        "default": 1,
-        "id": "enablePersistentStorage",
-        "title": "enablePersistentStorage",
+        "default": 0,
+        "id": "disablePersistentStorage",
+        "title": "disablePersistentStorage",
         "type": "bool",
-        "data": 1
+        "data": 0
       }, {
         "id": "persistentStorage",
         "title": "persistentStorage",

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm

@@ -403,9 +403,8 @@ sub getApacheSession {
 # Try to recover the persistent session corresponding to uid and return session data.
 sub getPersistentSession {
     my ( $self, $uid, $info ) = @_;
-    my $enabledStorage = $self->conf->{enablePersistentStorage} // 1;
 
-    return unless ( defined $uid and $enabledStorage );
+    return unless ( defined $uid and !$self->conf->{disablePersistentStorage} );
 
     # Compute persistent identifier
     my $pid = $self->_md5hash($uid);
@@ -450,10 +449,9 @@ sub getPersistentSession {
 # @return nothing
 sub updatePersistentSession {
     my ( $self, $req, $infos, $uid, $id ) = @_;
-    my $enabledStorage = $self->conf->{enablePersistentStorage} // 1;
 
     # Return if no infos to update
-    return () unless ( ref $infos eq 'HASH' and %$infos and $enabledStorage );
+    return () unless ( ref $infos eq 'HASH' and %$infos and !$self->conf->{disablePersistentStorage} );
 
     $uid ||= $req->{sessionInfo}->{ $self->conf->{whatToTrace} }
       || $req->userData->{ $self->conf->{whatToTrace} };

lemonldap-ng-portal/t/38-No-persistent-session.t

@@ -24,7 +24,7 @@ SKIP: {
                 totp2fDigits            => 8,
                 totp2fTTL               => -1,
                 loginHistoryEnabled     => 1,
-                enablePersistentStorage => 0,
+                disablePersistentStorage => 1,
             }
         }
     );