Manage exported variables for LDAP (#636)
This commit is contained in:
Clément Oudot
parent
b691acdff8
commit
cb6df779be
|
|
@ -367,6 +367,13 @@ has 'ldapBase' => (
|
|||
documentation => 'LDAP search base',
|
||||
);
|
||||
|
||||
has 'ldapExportedVars' => (
|
||||
is => 'rw',
|
||||
isa => 'HashRef',
|
||||
default => sub { return { cn => 'cn', mail => 'mail', uid => 'uid', }; },
|
||||
documentation => 'LDAP exported variables',
|
||||
);
|
||||
|
||||
has 'ldapGroupAttributeName' => (
|
||||
is => 'rw',
|
||||
isa => 'Str',
|
||||
|
|
|
|||
|
|
@ -112,6 +112,7 @@ sub unserialize {
|
|||
|globalStorageOptions
|
||||
|grantSessionRules
|
||||
|groups
|
||||
|ldapExportedVars
|
||||
|locationRules
|
||||
|logoutServices
|
||||
|macros
|
||||
|
|
|
|||
|
|
@ -423,10 +423,15 @@ sub struct {
|
|||
# LDAP
|
||||
ldapParams => {
|
||||
_nodes => [
|
||||
qw(ldapAuthnLevel n:ldapConnection n:ldapFilters n:ldapGroups n:ldapPassword)
|
||||
qw(ldapAuthnLevel cn:ldapExportedVars n:ldapConnection n:ldapFilters n:ldapGroups n:ldapPassword)
|
||||
],
|
||||
_help => 'authLDAP',
|
||||
ldapAuthnLevel => 'int:/ldapAuthnLevel:authLDAPLevel:int',
|
||||
_help => 'authLDAP',
|
||||
ldapAuthnLevel => 'int:/ldapAuthnLevel:authLDAPLevel:int',
|
||||
ldapExportedVars => {
|
||||
_nodes => ['hash:/ldapExportedVars:vars:btext'],
|
||||
_js => 'hashRoot',
|
||||
_help => 'authLDAP',
|
||||
},
|
||||
ldapConnection => {
|
||||
_nodes => [
|
||||
qw(ldapServer ldapPort ldapBase managerDn managerPassword ldapTimeout ldapVersion ldapRaw)
|
||||
|
|
@ -1533,6 +1538,12 @@ sub testStruct {
|
|||
test => qr/^(?:\w+=.*|)$/,
|
||||
msgFail => 'Bad LDAP base',
|
||||
},
|
||||
ldapExportedVars => {
|
||||
keyTest => qr/^!?[a-zA-Z][\w-]*$/,
|
||||
keyMsgFail => 'Bad variable name',
|
||||
test => qr/^[a-zA-Z][\w:\-]*$/,
|
||||
msgFail => 'Bad attribute name',
|
||||
},
|
||||
ldapPort => {
|
||||
test => qr/^\d*$/,
|
||||
msgFail => 'Bad port number'
|
||||
|
|
@ -2021,10 +2032,10 @@ sub subDefaultConf {
|
|||
my $h;
|
||||
|
||||
my $confSubAttributes = Lemonldap::NG::Common::Conf::SubAttributes->new();
|
||||
my @attributes = $confSubAttributes->meta()->get_attribute_list();
|
||||
my @attributes = $confSubAttributes->meta()->get_attribute_list();
|
||||
|
||||
foreach my $name (@attributes) {
|
||||
$h->{$name} = $confSubAttributes->$name;
|
||||
$h->{$name} = $confSubAttributes->$name;
|
||||
}
|
||||
|
||||
return $h;
|
||||
|
|
|
|||
|
|
@ -186,6 +186,7 @@ sub en {
|
|||
ldapBase => 'Users search base',
|
||||
ldapChangePasswordAsUser => 'Change as user',
|
||||
ldapConnection => 'Connection',
|
||||
ldapExportedVars => 'Exported variables',
|
||||
ldapFilters => 'Filters',
|
||||
LDAPFilter => 'Default filter',
|
||||
ldapGroupAttributeName => 'Target attribute',
|
||||
|
|
@ -669,6 +670,7 @@ sub fr {
|
|||
ldapBase => 'Base de recherche des utilisateurs',
|
||||
ldapChangePasswordAsUser => 'Changement en tant qu\'utilisateur',
|
||||
ldapConnection => 'Connexion',
|
||||
ldapExportedVars => 'Variables exportées',
|
||||
ldapFilters => 'Filtres',
|
||||
LDAPFilter => 'Filtre par défaut',
|
||||
ldapGroupAttributeName => 'Attribut cible',
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ use strict;
|
|||
use Lemonldap::NG::Portal::Simple;
|
||||
use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap
|
||||
|
||||
our $VERSION = '1.2.2';
|
||||
our $VERSION = '1.4.0';
|
||||
|
||||
## @method int userDBInit()
|
||||
# Transform ldapGroupAttributeNameSearch in ARRAY ref
|
||||
|
|
@ -68,8 +68,10 @@ sub search {
|
|||
unless ( $self->ldap ) {
|
||||
return PE_LDAPCONNECTFAILED;
|
||||
}
|
||||
my @attrs =
|
||||
ref( $self->{exportedVars} ) ? values( %{ $self->{exportedVars} } ) : ();
|
||||
my @attrs = (
|
||||
values %{ $self->{exportedVars} },
|
||||
values %{ $self->{ldapExportedVars} }
|
||||
);
|
||||
my $mesg = $self->ldap->search(
|
||||
base => $self->{ldapBase},
|
||||
scope => 'sub',
|
||||
|
|
@ -109,23 +111,21 @@ sub search {
|
|||
sub setSessionInfo {
|
||||
my $self = shift;
|
||||
$self->{sessionInfo}->{dn} = $self->{dn};
|
||||
unless ( $self->{exportedVars} ) {
|
||||
foreach (qw(uid cn mail)) {
|
||||
$self->{sessionInfo}->{$_} =
|
||||
$self->{ldap}->getLdapValue( $self->{entry}, $_ ) || "";
|
||||
}
|
||||
|
||||
foreach ( keys %{ $self->{exportedVars} } ) {
|
||||
$self->{sessionInfo}->{$_} =
|
||||
$self->{ldap}
|
||||
->getLdapValue( $self->{entry}, $self->{exportedVars}->{$_} )
|
||||
|| "";
|
||||
}
|
||||
elsif ( ref( $self->{exportedVars} ) eq 'HASH' ) {
|
||||
foreach ( keys %{ $self->{exportedVars} } ) {
|
||||
$self->{sessionInfo}->{$_} =
|
||||
$self->{ldap}
|
||||
->getLdapValue( $self->{entry}, $self->{exportedVars}->{$_} )
|
||||
|| "";
|
||||
}
|
||||
}
|
||||
else {
|
||||
$self->abort('Only hash reference are supported now in exportedVars');
|
||||
|
||||
foreach ( keys %{ $self->{ldapExportedVars} } ) {
|
||||
$self->{sessionInfo}->{$_} =
|
||||
$self->{ldap}
|
||||
->getLdapValue( $self->{entry}, $self->{ldapExportedVars}->{$_} )
|
||||
|| "";
|
||||
}
|
||||
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user