Set user and oldpassword fields into reset password form & Improve unit tests (#2377)
This commit is contained in:
Christophe Maudoux
parent
d5d97825a7
commit
c742d8320e
|
|
@ -1,5 +1,5 @@
|
||||||
Stay connected plugin
|
Stay connected plugin
|
||||||
=================
|
=====================
|
||||||
|
|
||||||
This plugin enables persistent connection. It allows us to connect
|
This plugin enables persistent connection. It allows us to connect
|
||||||
automatically from the same browser.
|
automatically from the same browser.
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@ use Mouse;
|
||||||
|
|
||||||
#use Lemonldap::NG::Handler::Main qw(:jailSharedVars);
|
#use Lemonldap::NG::Handler::Main qw(:jailSharedVars);
|
||||||
|
|
||||||
our $VERSION = '2.0.6';
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
has protection => ( is => 'rw', isa => 'Str' );
|
has protection => ( is => 'rw', isa => 'Str' );
|
||||||
has rule => ( is => 'rw', isa => 'Str' );
|
has rule => ( is => 'rw', isa => 'Str' );
|
||||||
|
|
@ -198,9 +198,14 @@ sub custom {
|
||||||
# @return user identifier to log
|
# @return user identifier to log
|
||||||
sub userId {
|
sub userId {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
return $req->userData->{ $Lemonldap::NG::Handler::Main::tsv->{whatToTrace}
|
my $userId =
|
||||||
|
$req->userData->{ $Lemonldap::NG::Handler::Main::tsv->{whatToTrace}
|
||||||
|| '_whatToTrace' }
|
|| '_whatToTrace' }
|
||||||
|
|| $req->userData->{'uid'} # Fix 2377
|
||||||
|| 'anonymous';
|
|| 'anonymous';
|
||||||
|
|
||||||
|
$self->logger->debug("Returned userId: $userId");
|
||||||
|
return $userId;
|
||||||
}
|
}
|
||||||
|
|
||||||
## @method boolean group(string group)
|
## @method boolean group(string group)
|
||||||
|
|
|
||||||
|
|
@ -7,15 +7,17 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
PE_DONE
|
PE_DONE
|
||||||
PE_ERROR
|
PE_ERROR
|
||||||
PE_LDAPCONNECTFAILED
|
PE_LDAPCONNECTFAILED
|
||||||
PE_PP_CHANGE_AFTER_RESET
|
|
||||||
PE_PP_PASSWORD_EXPIRED
|
PE_PP_PASSWORD_EXPIRED
|
||||||
|
PE_PP_CHANGE_AFTER_RESET
|
||||||
);
|
);
|
||||||
|
|
||||||
our $VERSION = '2.0.5';
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
# Inheritance: UserDB::LDAP provides all needed ldap functions
|
# Inheritance: UserDB::LDAP provides all needed ldap functions
|
||||||
extends
|
extends qw(
|
||||||
qw(Lemonldap::NG::Portal::Auth::_WebForm Lemonldap::NG::Portal::Lib::LDAP);
|
Lemonldap::NG::Portal::Lib::LDAP
|
||||||
|
Lemonldap::NG::Portal::Auth::_WebForm
|
||||||
|
);
|
||||||
|
|
||||||
sub init {
|
sub init {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
|
|
@ -84,7 +86,7 @@ sub authenticate {
|
||||||
and $self->conf->{ldapAllowResetExpiredPassword} )
|
and $self->conf->{ldapAllowResetExpiredPassword} )
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
$req->data->{oldpassword} = $self->{password};
|
$req->data->{oldpassword} = $req->data->{password}; # Fix 2377
|
||||||
$req->data->{noerror} = 1;
|
$req->data->{noerror} = 1;
|
||||||
$self->setSecurity($req);
|
$self->setSecurity($req);
|
||||||
}
|
}
|
||||||
|
|
@ -94,7 +96,7 @@ sub authenticate {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub authLogout {
|
sub authLogout {
|
||||||
PE_OK;
|
return PE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
|
||||||
|
|
@ -8,21 +8,23 @@ package Lemonldap::NG::Portal::Auth::_WebForm;
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use Lemonldap::NG::Portal::Main::Constants qw(
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
|
PE_OK
|
||||||
|
PE_NOTOKEN
|
||||||
|
PE_FORMEMPTY
|
||||||
|
PE_FIRSTACCESS
|
||||||
PE_CAPTCHAEMPTY
|
PE_CAPTCHAEMPTY
|
||||||
PE_CAPTCHAERROR
|
PE_CAPTCHAERROR
|
||||||
PE_FIRSTACCESS
|
|
||||||
PE_FORMEMPTY
|
|
||||||
PE_NOTOKEN
|
|
||||||
PE_OK
|
|
||||||
PE_PASSWORDFORMEMPTY
|
|
||||||
PE_TOKENEXPIRED
|
PE_TOKENEXPIRED
|
||||||
PE_MALFORMEDUSER
|
PE_MALFORMEDUSER
|
||||||
|
PE_PASSWORDFORMEMPTY
|
||||||
);
|
);
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Portal::Main::Auth',
|
extends qw(
|
||||||
'Lemonldap::NG::Portal::Lib::_tokenRule';
|
Lemonldap::NG::Portal::Main::Auth
|
||||||
|
Lemonldap::NG::Portal::Lib::_tokenRule
|
||||||
|
);
|
||||||
|
|
||||||
has authnLevel => (
|
has authnLevel => (
|
||||||
is => 'rw',
|
is => 'rw',
|
||||||
|
|
@ -138,7 +140,7 @@ sub extractFormInfo {
|
||||||
# Other parameters
|
# Other parameters
|
||||||
$req->data->{timezone} = $req->param('timezone');
|
$req->data->{timezone} = $req->param('timezone');
|
||||||
|
|
||||||
PE_OK;
|
return PE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Set password in session data if wanted.
|
# Set password in session data if wanted.
|
||||||
|
|
@ -158,7 +160,7 @@ sub setAuthSessionInfo {
|
||||||
# Store user timezone
|
# Store user timezone
|
||||||
$req->{sessionInfo}->{'_timezone'} = $self->{'timezone'};
|
$req->{sessionInfo}->{'_timezone'} = $self->{'timezone'};
|
||||||
|
|
||||||
PE_OK;
|
return PE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
# @return display type
|
# @return display type
|
||||||
|
|
|
||||||
|
|
@ -1096,7 +1096,9 @@ sub _handlePasswordGrant {
|
||||||
|
|
||||||
my $user_id = $self->getUserIDForRP( $req, $rp, $req->sessionInfo );
|
my $user_id = $self->getUserIDForRP( $req, $rp, $req->sessionInfo );
|
||||||
|
|
||||||
$self->logger->debug("Found corresponding user: $user_id");
|
$self->logger->debug( $user_id
|
||||||
|
? "Found corresponding user: $user_id"
|
||||||
|
: 'Corresponding user not found' );
|
||||||
|
|
||||||
# Generate access_token
|
# Generate access_token
|
||||||
my $accessTokenSession = $self->newAccessToken(
|
my $accessTokenSession = $self->newAccessToken(
|
||||||
|
|
|
||||||
|
|
@ -3,12 +3,14 @@ package Lemonldap::NG::Portal::Lib::LDAP;
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use Lemonldap::NG::Portal::Lib::Net::LDAP;
|
use Lemonldap::NG::Portal::Lib::Net::LDAP;
|
||||||
use Lemonldap::NG::Portal::Main::Constants
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
qw(PE_OK PE_LDAPCONNECTFAILED PE_LDAPERROR PE_BADCREDENTIALS);
|
PE_OK PE_LDAPCONNECTFAILED
|
||||||
|
PE_LDAPERROR PE_BADCREDENTIALS
|
||||||
|
);
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Module';
|
extends 'Lemonldap::NG::Common::Module';
|
||||||
|
|
||||||
our $VERSION = '2.0.9';
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
# PROPERTIES
|
# PROPERTIES
|
||||||
|
|
||||||
|
|
@ -149,7 +151,8 @@ sub getUser {
|
||||||
return PE_BADCREDENTIALS;
|
return PE_BADCREDENTIALS;
|
||||||
}
|
}
|
||||||
$req->data->{dn} = $req->data->{ldapentry}->dn();
|
$req->data->{dn} = $req->data->{ldapentry}->dn();
|
||||||
PE_OK;
|
|
||||||
|
return PE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Validate LDAP connection before use
|
# Validate LDAP connection before use
|
||||||
|
|
@ -169,12 +172,13 @@ sub bind {
|
||||||
|
|
||||||
$self->validateLdap;
|
$self->validateLdap;
|
||||||
return undef unless $self->ldap;
|
return undef unless $self->ldap;
|
||||||
|
|
||||||
my $msg = $self->ldap->bind(@_);
|
my $msg = $self->ldap->bind(@_);
|
||||||
if ( $msg->code ) {
|
if ( $msg->code ) {
|
||||||
$self->logger->error( $msg->error );
|
$self->logger->error( $msg->error );
|
||||||
return undef;
|
return undef;
|
||||||
}
|
}
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -503,7 +503,7 @@ sub display {
|
||||||
eval { $self->_authentication->getDisplayType($req) }
|
eval { $self->_authentication->getDisplayType($req) }
|
||||||
|| 'logo';
|
|| 'logo';
|
||||||
|
|
||||||
$self->logger->debug("Display type $displayType ");
|
$self->logger->debug("Display type $displayType");
|
||||||
|
|
||||||
%templateParams = (
|
%templateParams = (
|
||||||
%templateParams,
|
%templateParams,
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,7 @@ require 't/test-lib.pm';
|
||||||
use lib 't/lib';
|
use lib 't/lib';
|
||||||
|
|
||||||
my $res;
|
my $res;
|
||||||
my $maintests = 26;
|
my $maintests = 32;
|
||||||
|
|
||||||
SKIP: {
|
SKIP: {
|
||||||
skip( 'LLNGTESTLDAP is not set', $maintests ) unless ( $ENV{LLNGTESTLDAP} );
|
skip( 'LLNGTESTLDAP is not set', $maintests ) unless ( $ENV{LLNGTESTLDAP} );
|
||||||
|
|
@ -22,6 +22,7 @@ SKIP: {
|
||||||
userDB => 'Same',
|
userDB => 'Same',
|
||||||
passwordDB => 'LDAP',
|
passwordDB => 'LDAP',
|
||||||
portalRequireOldPassword => 1,
|
portalRequireOldPassword => 1,
|
||||||
|
hideOldPassword => 1,
|
||||||
ldapServer => 'ldap://127.0.0.1:19389/',
|
ldapServer => 'ldap://127.0.0.1:19389/',
|
||||||
ldapBase => 'ou=users,dc=example,dc=com',
|
ldapBase => 'ou=users,dc=example,dc=com',
|
||||||
managerDn => 'cn=lemonldapng,ou=dsa,dc=example,dc=com',
|
managerDn => 'cn=lemonldapng,ou=dsa,dc=example,dc=com',
|
||||||
|
|
@ -35,12 +36,21 @@ SKIP: {
|
||||||
passwordPolicyMinDigit => 1,
|
passwordPolicyMinDigit => 1,
|
||||||
passwordPolicyMinSpeChar => 1,
|
passwordPolicyMinSpeChar => 1,
|
||||||
passwordPolicySpecialChar => '# &',
|
passwordPolicySpecialChar => '# &',
|
||||||
|
whatToTrace => 'uid',
|
||||||
|
macros => {
|
||||||
|
_whatToTrace => '' # Test 2377
|
||||||
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
use Lemonldap::NG::Portal::Main::Constants 'PE_PP_CHANGE_AFTER_RESET',
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
'PE_PP_PASSWORD_EXPIRED', 'PE_PASSWORD_OK', 'PE_PP_ACCOUNT_LOCKED',
|
PE_PP_GRACE
|
||||||
'PE_PP_PASSWORD_TOO_SHORT', 'PE_PP_GRACE';
|
PE_PASSWORD_OK
|
||||||
|
PE_PP_ACCOUNT_LOCKED
|
||||||
|
PE_PP_PASSWORD_EXPIRED
|
||||||
|
PE_PP_PASSWORD_TOO_SHORT
|
||||||
|
PE_PP_CHANGE_AFTER_RESET
|
||||||
|
);
|
||||||
|
|
||||||
my ( $user, $code, $postString, $match );
|
my ( $user, $code, $postString, $match );
|
||||||
|
|
||||||
|
|
@ -74,13 +84,31 @@ SKIP: {
|
||||||
my ( $host, $url, $query ) =
|
my ( $host, $url, $query ) =
|
||||||
expectForm( $res, '#', undef, 'user', 'oldpassword', 'newpassword',
|
expectForm( $res, '#', undef, 'user', 'oldpassword', 'newpassword',
|
||||||
'confirmpassword' );
|
'confirmpassword' );
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] =~
|
||||||
|
m%<input name="user" type="hidden" value="$user" />%,
|
||||||
|
' Hidden user input found'
|
||||||
|
) or print STDERR Dumper( $res->[2]->[0], 'Hidden user input' );
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] =~
|
||||||
|
m%<input id="oldpassword" name="oldpassword" type="hidden" value="$user" aria-required="true">%,
|
||||||
|
' Hidden oldpassword input found'
|
||||||
|
)
|
||||||
|
or print STDERR Dumper( $res->[2]->[0], 'Hidden oldpassword input' );
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] =~
|
||||||
|
m%<input id="staticUser" type="text" readonly class="form-control" value="$user" />%,
|
||||||
|
' staticUser found'
|
||||||
|
) or print STDERR Dumper( $res->[2]->[0], 'staticUser' );
|
||||||
ok( $res->[2]->[0] !~ m%<span trspan="passwordPolicyMinSize">%,
|
ok( $res->[2]->[0] !~ m%<span trspan="passwordPolicyMinSize">%,
|
||||||
' passwordPolicyMinSize' )
|
' passwordPolicyMinSize' )
|
||||||
or print STDERR Dumper( $res->[2]->[0], 'passwordPolicyMinSize' );
|
or print STDERR Dumper( $res->[2]->[0], 'passwordPolicyMinSize' );
|
||||||
ok( $query =~ /user=$user/, "User is $user" )
|
ok( $query =~ /user=$user/, "User is $user" )
|
||||||
or explain( $query, "user=$user" );
|
or explain( $query, "user=$user" );
|
||||||
$query =~ s/(oldpassword)=/$1=$user/g;
|
|
||||||
|
#$query =~ s/(oldpassword)=$user/$1=$user/g; -> Now old password is defined #2377
|
||||||
$query =~ s/((?:confirm|new)password)=/$1=newp/g;
|
$query =~ s/((?:confirm|new)password)=/$1=newp/g;
|
||||||
|
|
||||||
ok(
|
ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
'/', IO::String->new($query),
|
'/', IO::String->new($query),
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,7 @@ require 't/test-lib.pm';
|
||||||
use lib 't/lib';
|
use lib 't/lib';
|
||||||
|
|
||||||
my $res;
|
my $res;
|
||||||
my $maintests = 36;
|
my $maintests = 42;
|
||||||
|
|
||||||
SKIP: {
|
SKIP: {
|
||||||
skip( 'LLNGTESTLDAP is not set', $maintests ) unless ( $ENV{LLNGTESTLDAP} );
|
skip( 'LLNGTESTLDAP is not set', $maintests ) unless ( $ENV{LLNGTESTLDAP} );
|
||||||
|
|
@ -34,13 +34,21 @@ SKIP: {
|
||||||
passwordPolicyMinDigit => 1,
|
passwordPolicyMinDigit => 1,
|
||||||
passwordPolicyMinSpeChar => 1,
|
passwordPolicyMinSpeChar => 1,
|
||||||
passwordPolicySpecialChar => '__ALL__',
|
passwordPolicySpecialChar => '__ALL__',
|
||||||
portalDisplayPasswordPolicy => 1
|
portalDisplayPasswordPolicy => 1,
|
||||||
|
whatToTrace => 'uid',
|
||||||
|
macros => {
|
||||||
|
_whatToTrace => '' # Test 2377
|
||||||
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
use Lemonldap::NG::Portal::Main::Constants 'PE_PP_CHANGE_AFTER_RESET',
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
'PE_PP_PASSWORD_EXPIRED', 'PE_PASSWORD_OK', 'PE_PP_ACCOUNT_LOCKED',
|
PE_PASSWORD_OK
|
||||||
'PE_PP_PASSWORD_TOO_SHORT', 'PE_PP_GRACE';
|
PE_PP_ACCOUNT_LOCKED
|
||||||
|
PE_PP_PASSWORD_EXPIRED
|
||||||
|
PE_PP_CHANGE_AFTER_RESET
|
||||||
|
PE_PP_PASSWORD_TOO_SHORT PE_PP_GRACE
|
||||||
|
);
|
||||||
|
|
||||||
my ( $user, $code, $postString, $match );
|
my ( $user, $code, $postString, $match );
|
||||||
|
|
||||||
|
|
@ -74,6 +82,21 @@ SKIP: {
|
||||||
my ( $host, $url, $query ) =
|
my ( $host, $url, $query ) =
|
||||||
expectForm( $res, '#', undef, 'user', 'oldpassword', 'newpassword',
|
expectForm( $res, '#', undef, 'user', 'oldpassword', 'newpassword',
|
||||||
'confirmpassword' );
|
'confirmpassword' );
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] =~
|
||||||
|
m%<input name="user" type="hidden" value="$user" />%,
|
||||||
|
' Hidden user input found'
|
||||||
|
) or print STDERR Dumper( $res->[2]->[0], 'Hidden user input' );
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] =~
|
||||||
|
m%<input id="oldpassword" name="oldpassword" type="password" value="$user"%,
|
||||||
|
' oldpassword input found'
|
||||||
|
) or print STDERR Dumper( $res->[2]->[0], 'oldpassword input' );
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] =~
|
||||||
|
m%<input id="staticUser" type="text" readonly class="form-control" value="$user" />%,
|
||||||
|
' staticUser found'
|
||||||
|
) or print STDERR Dumper( $res->[2]->[0], 'staticUser' );
|
||||||
ok( $res->[2]->[0] =~ m%<span trspan="passwordPolicyMinSize">%,
|
ok( $res->[2]->[0] =~ m%<span trspan="passwordPolicyMinSize">%,
|
||||||
' passwordPolicyMinSize' )
|
' passwordPolicyMinSize' )
|
||||||
or print STDERR Dumper( $res->[2]->[0], 'passwordPolicyMinSize' );
|
or print STDERR Dumper( $res->[2]->[0], 'passwordPolicyMinSize' );
|
||||||
|
|
@ -94,8 +117,10 @@ SKIP: {
|
||||||
or print STDERR Dumper( $res->[2]->[0], 'passwordPolicySpecialChar' );
|
or print STDERR Dumper( $res->[2]->[0], 'passwordPolicySpecialChar' );
|
||||||
ok( $query =~ /user=$user/, "User is $user" )
|
ok( $query =~ /user=$user/, "User is $user" )
|
||||||
or explain( $query, "user=$user" );
|
or explain( $query, "user=$user" );
|
||||||
$query =~ s/(oldpassword)=/$1=$user/g;
|
|
||||||
|
#$query =~ s/(oldpassword)=/$1=$user/g; -> Now old password is defined #2377
|
||||||
$query =~ s/((?:confirm|new)password)=/$1=Newp1@/g;
|
$query =~ s/((?:confirm|new)password)=/$1=Newp1@/g;
|
||||||
|
|
||||||
ok(
|
ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
'/', IO::String->new($query),
|
'/', IO::String->new($query),
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user