Better fix & De-duplicate groups (#2129)

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/SecondFactor.pm

@@ -127,7 +127,6 @@ sub _verify {
         $self->logger->debug(
             "Update sessionInfo with new authenticationLevel: $l");
         $req->sessionInfo->{authenticationLevel} = $l;
-        delete $req->sessionInfo->{groups};
 
         # Compute groups & macros again with new authenticationLevel
         $req->steps( [ 'setMacros', 'setLocalGroups' ] );
@@ -136,6 +135,13 @@ sub _verify {
             $req->error($error);
             return $self->p->do( $req, [ sub { $error } ] );
         }
+        $self->logger->debug("Deduplicate groups...");
+        $req->sessionInfo->{groups} = join $self->conf->{multiValuesSeparator},
+          keys %{ {
+                map { $_ => 1 } split $self->conf->{multiValuesSeparator},
+                $req->sessionInfo->{groups}
+            }
+          };
         $self->p->updateSession( $req, $req->sessionInfo );
     }
 

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Demo.pm

@@ -89,7 +89,7 @@ sub setSessionInfo {
 # @return Lemonldap::NG::Portal constant
 sub setGroups {
     my ( $self, $req ) = @_;
-    my $user = $req->user || $req->sessionInfo->{ $self->conf->{whatToTrace} };
+    my $user = $req->user;
     my $groups  = $req->sessionInfo->{groups}  || '';
     my $hGroups = $req->sessionInfo->{hGroups} || {};
     for my $grp ( keys %demoGroups ) {

lemonldap-ng-portal/t/lmConf-1.json

@@ -34,7 +34,7 @@
     "LockDirectory": "t/sessions/lock",
     "generateModule": "Lemonldap::NG::Common::Apache::Session::Generate::SHA256"
   },
-  "groups": { "su":"$uid and $uid eq \"rtyler\"", "test_su": "$uid and $uid eq \"rtyler\"", "su_test": "$uid and $uid eq \"rtyler\"" },
+  "groups": { "su":"$uid and $uid =~ /(?:rtyler|dwho)/", "test_su": "$uid and $uid eq \"rtyler\"", "su_test": "$uid and $uid eq \"rtyler\"" },
   "key": "qwertyui",
   "locationRules": {
     "auth.example.com" : {