Append search parameters & improve unit test (#1938)

2019-09-19 22:51:10 +02:00 · 2019-09-19 22:51:10 +02:00 · c34c6e646e
commit c34c6e646e
parent dc0a8f7848
14 changed files with 73 additions and 16 deletions
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@ -807,6 +807,9 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
            },
            'type' => 'text'
        },
+        'checkUserSearchAttributes' => {
+            'type' => 'text'
+        },
        'checkXSS' => {
            'default' => 1,
            'type'    => 'bool'
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@ -449,6 +449,11 @@ sub attributes {
            documentation => 'Attributes to hide in CheckUser plugin',
            flags         => 'p',
        },
+        checkUserSearchAttributes => {
+            type          => 'text',
+            documentation => 'Attributes used for retrieving sessions in user DataBase',
+            flags         => 'p',
+        },
        checkUserDisplayPersistentInfo => {
            default       => 0,
            type          => 'bool',
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
@ -685,6 +685,7 @@ sub tree {
                                'checkUser',
                                'checkUserIdRule',
                                'checkUserHiddenAttributes',
+                                'checkUserSearchAttributes',
                                'checkUserDisplayPersistentInfo',
                                'checkUserDisplayEmptyValues',
                            ]
--- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
@ -174,6 +174,7 @@
 "checkUserHiddenAttributes":"السمات المخفية",
 "checkUserDisplayPersistentInfo":"Display persistent session",
 "checkUserDisplayEmptyValues":"Display empty values",
+"checkUserSearchAttributes":"Attributes used for searching sessions",
 "choiceParams":"اختيارالإعدادات",
 "chooseLogo":"اختيار الشعار",
 "chooseSkin":"اختيار الغلاف",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
@ -174,6 +174,7 @@
 "checkUserHiddenAttributes":"Hidden attributes",
 "checkUserDisplayPersistentInfo":"Display persistent session",
 "checkUserDisplayEmptyValues":"Display empty values",
+"checkUserSearchAttributes":"Attributes used for searching sessions",
 "choiceParams":"Choice parameters",
 "chooseLogo":"Choose logo",
 "chooseSkin":"Choose skin",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
@ -174,6 +174,7 @@
 "checkUserHiddenAttributes":"Hidden attributes",
 "checkUserDisplayPersistentInfo":"Display persistent session",
 "checkUserDisplayEmptyValues":"Display empty values",
+"checkUserSearchAttributes":"Attributes used for searching sessions",
 "choiceParams":"Choice parameters",
 "chooseLogo":"Choose logo",
 "chooseSkin":"Choose skin",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
@ -174,6 +174,7 @@
 "checkUserHiddenAttributes":"Attributs masqués",
 "checkUserDisplayPersistentInfo":"Afficher les données de session persistante",
 "checkUserDisplayEmptyValues":"Afficher les valeurs nulles",
+"checkUserSearchAttributes":"Attributes utilisés pour rechercher les sessions",
 "choiceParams":"Paramètres des choix",
 "chooseLogo":"Choisir le logo",
 "chooseSkin":"Choisir le thème",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
@ -174,6 +174,7 @@
 "checkUserHiddenAttributes":"Attributi nascosti",
 "checkUserDisplayPersistentInfo":"Mostra sessione persistente",
 "checkUserDisplayEmptyValues":"Mostra valori vuoti",
+"checkUserSearchAttributes":"Attributes used for searching sessions",
 "choiceParams":"Scelta parametri",
 "chooseLogo":"Scegli logo",
 "chooseSkin":"Scegli interfaccia",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
@ -174,6 +174,7 @@
 "checkUserHiddenAttributes":"Thuộc tính ẩn",
 "checkUserDisplayPersistentInfo":"Display persistent session",
 "checkUserDisplayEmptyValues":"Display empty values",
+"checkUserSearchAttributes":"Attributes used for searching sessions",
 "choiceParams":"Các tham số lựa chọn",
 "chooseLogo":"Chọn logo",
 "chooseSkin":"Chọn giao diện",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
@ -174,6 +174,7 @@
 "checkUserHiddenAttributes":"Hidden attributes",
 "checkUserDisplayPersistentInfo":"Display persistent session",
 "checkUserDisplayEmptyValues":"Display empty values",
+"checkUserSearchAttributes":"Attributes used for searching sessions",
 "choiceParams":"Choice parameters",
 "chooseLogo":"Choose logo",
 "chooseSkin":"Choose skin",
--- a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
+++ b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
--- a/lemonldap-ng-manager/site/htdocs/static/struct.json
+++ b/lemonldap-ng-manager/site/htdocs/static/struct.json
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@ -40,7 +40,7 @@ sub hAttr {
 sub init {
    my ($self) = @_;
    my $hd = $self->p->HANDLER;
-    $self->addAuthRoute( checkuser => 'check',               ['POST'] );
+    $self->addAuthRoute( checkuser => 'check', ['POST'] );
    $self->addAuthRouteWithRedirect( checkuser => 'display', ['GET'] );

    # Parse identity rule
@ -143,9 +143,17 @@ sub check {
        $self->logger->debug('Try to retrieve session from DB...');
        my $moduleOptions = $self->conf->{globalStorageOptions} || {};
        $moduleOptions->{backend} = $self->conf->{globalStorage};
-        my $sessions =
-          $self->module->searchOn( $moduleOptions, $self->conf->{whatToTrace},
-            $user );
+
+        my $sessions    = {};
+        my $searchAttrs = $self->conf->{checkUserSearchAttributes}
+          || $self->conf->{whatToTrace};
+
+        foreach ( split /\s+/, $searchAttrs ) {
+            $self->logger->debug("Searching with: $_ = $user");
+            $sessions = $self->module->searchOn( $moduleOptions, $_, $user );
+            last if (keys %$sessions);
+        }
+
        my $age = '1';
        foreach my $id ( keys %$sessions ) {
            my $session = $self->p->getApacheSession($id) or next;
@ -272,7 +280,7 @@ sub check {
 }

 sub display {
-    my ( $self,  $req )         = @_;
+    my ( $self, $req ) = @_;
    my ( $attrs, $array_attrs ) = ( {}, [] );

    $self->logger->debug("Display current session data...");
--- a/lemonldap-ng-portal/t/67-CheckUser.t
+++ b/lemonldap-ng-portal/t/67-CheckUser.t
@ -10,14 +10,15 @@ my $res;

 my $client = LLNG::Manager::Test->new( {
        ini => {
-            logLevel                       => 'error',
-            authentication                 => 'Demo',
-            userDB                         => 'Same',
-            loginHistoryEnabled            => 0,
-            brutForceProtection            => 0,
-            checkUser                      => 1,
-            requireToken                   => 0,
-            checkUserIdRule                => '$uid ne "msmith"',
+            logLevel                  => 'error',
+            authentication            => 'Demo',
+            userDB                    => 'Same',
+            loginHistoryEnabled       => 0,
+            brutForceProtection       => 0,
+            checkUser                 => 1,
+            requireToken              => 0,
+            checkUserIdRule           => '$uid ne "msmith"',
+            checkUserSearchAttributes => 'employee_nbr  test1 _user test2 mail',
            checkUserDisplayPersistentInfo => 1,
            checkUserDisplayEmptyValues    => 1,
            totp2fSelfRegistration         => 1,
@ -239,8 +240,40 @@ ok( $res->[2]->[0] =~ m%<td scope="row">dwho</td>%, 'Found dwho' )
  or explain( $res->[2]->[0], 'Macro Value dwho' );
 count(3);

+# Request with mail
+$query =~ s/user=dwho/user=dwho%40badwolf.org/;
+ok(
+    $res = $client->_post(
+        '/checkuser',
+        IO::String->new($query),
+        cookie => "lemonldap=$id",
+        length => length($query),
+        accept => 'text/html',
+    ),
+    'POST checkuser'
+);
+count(1);
+
+( $host, $url, $query ) =
+  expectForm( $res, undef, '/checkuser', 'user', 'url' );
+ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
+  or explain( $res->[2]->[0], 'trspan="checkUser"' );
+ok( $res->[2]->[0] =~ m%value="dwho\@badwolf.org" trplaceholder="user"%, 'Found trplaceholder with mail' )
+  or explain( $res->[2]->[0], 'trplaceholder with mail' );
+count(3);
+ok( $res->[2]->[0] =~ m%Auth-User: %, 'Found Auth-User' )
+  or explain( $res->[2]->[0], 'Header Key: Auth-User' );
+ok( $res->[2]->[0] =~ m%: dwho<br/>%, 'Found dwho' )
+  or explain( $res->[2]->[0], 'Header Value: dwho' );
+ok( $res->[2]->[0] =~ m%<td scope="row">_whatToTrace</td>%,
+    'Found _whatToTrace' )
+  or explain( $res->[2]->[0], 'Macro Key _whatToTrace' );
+ok( $res->[2]->[0] =~ m%<td scope="row">dwho</td>%, 'Found dwho' )
+  or explain( $res->[2]->[0], 'Macro Value dwho' );
+count(3);
+
 # Request with bad VH
-$query =~ s/user=dwho/user=rtyler/;
+$query =~ s/user=dwho%40badwolf.org/user=rtyler/;
 $query =~
  s/url=http%3A%2F%2Ftest1.example.com/url=http%3A%2F%2Ftry.example.com/;
 ok(