LEMONLDAP::NG : new customFunctions feature (+ perltidy everywhere)
This commit is contained in:
parent
e5d13fdf17
commit
d88ae29227
|
@ -9,7 +9,7 @@ BEGIN {
|
|||
while(<F>) {
|
||||
next if(/^\s*$/ or /^\s*#/);
|
||||
chomp;
|
||||
s/\r//g;
|
||||
s/\r//g;
|
||||
/^\s*([\w]+)(?:\s*[:=]\s*|\s+)(["']?)([\S].*[\S])\2.*$/ or next;
|
||||
$configStorage->{$1} = $3;
|
||||
my $k = $1;
|
||||
|
|
|
@ -34,6 +34,7 @@ sub scan {
|
|||
scan( $script, "$1.js", "lmQuery=$1js" );
|
||||
}
|
||||
elsif (s/__SCRIPTNAME__\?lmQuery=upload/#/) {
|
||||
|
||||
# Nothing to do here
|
||||
}
|
||||
elsif (s/__SCRIPTNAME__\?lmQuery=conf/conf.xml/) {
|
||||
|
@ -43,6 +44,7 @@ sub scan {
|
|||
scan( $script, "style$1.css", "lmQuery=$1css" );
|
||||
}
|
||||
elsif (s/__SCRIPTNAME__\?lmQuery=help&help="\+s/help_"+s+".html"/) {
|
||||
|
||||
# Nothing to do here
|
||||
}
|
||||
elsif (s/__SCRIPTNAME__\?lmQuery=([^"'&]*)&?[^"']*/$1/) {
|
||||
|
@ -53,14 +55,14 @@ sub scan {
|
|||
elsif (/help\((['"])(\w+)\1/) {
|
||||
scan( $script, "help_$2.html", "lmQuery=help&help=$2" );
|
||||
}
|
||||
# but+=button('$text{saveConf}','saveConf',nodeId);
|
||||
elsif (s/(but\+=)button\((['"])([^'"]*)\2,'saveConf.*$/$1'<input type=button value="$3" onclick="alert(\\'This is a demo\\');saveConf;"> ';/) {
|
||||
# '<input type=button value="'+text+'" onclick="'+func+'('+"'"+nodeId+"'"+')"> '
|
||||
|
||||
# but+=button('$text{saveConf}','saveConf',nodeId);
|
||||
elsif ( s/(but\+=)button\((['"])([^'"]*)\2,'saveConf.*$/$1'<input type=button value="$3" onclick="alert(\\'This is a demo\\');saveConf;"> ';/ ) {
|
||||
# Nothing to do here
|
||||
}
|
||||
s#tree.setImagePath\(["'][^"']*["']\);#tree.setImagePath("imgs/")#;
|
||||
print $OUT $_ if ($ind);
|
||||
$ind++ if /^$/;
|
||||
$ind++ if /^$/;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -20,5 +20,8 @@ __PACKAGE__->init ( {
|
|||
https => 0,
|
||||
# Uncomment this to activate status module
|
||||
# status => 1,
|
||||
|
||||
# CUSTOM FUNCTION : if you want to create customFunctions in rules, declare them here
|
||||
#customFunctions => 'function1 function2',
|
||||
} );
|
||||
1;
|
||||
|
|
|
@ -21,6 +21,9 @@ __PACKAGE__->init(
|
|||
https => 0,
|
||||
# Uncomment this to activate status module
|
||||
# status => 1,
|
||||
|
||||
# CUSTOM FUNCTION : if you want to create customFunctions in rules, declare them here
|
||||
#customFunctions => 'function1 function2',
|
||||
}
|
||||
);
|
||||
|
||||
|
|
|
@ -55,24 +55,8 @@ sub defaultValuesInit {
|
|||
my ( $class, $args ) = @_;
|
||||
|
||||
# Local configuration overrides global configuration
|
||||
$cookieName =
|
||||
$localConfig->{cookieName}
|
||||
|| $args->{cookieName}
|
||||
|| 'lemonldap';
|
||||
$cookieSecured =
|
||||
$localConfig->{cookieSecured}
|
||||
|| $args->{cookieSecured}
|
||||
|| 0;
|
||||
$whatToTrace =
|
||||
$localConfig->{whatToTrace}
|
||||
|| $args->{whatToTrace}
|
||||
|| '$uid';
|
||||
$whatToTrace =~ s/\$//g;
|
||||
$https = $localConfig->{https} unless defined($https);
|
||||
$https = $args->{https} unless defined($https);
|
||||
$https = 1 unless defined($https);
|
||||
$port = $args->{port} || 0 unless defined($port);
|
||||
1;
|
||||
my %h = (%$args,%$localConfig);
|
||||
return $class->SUPER::defaultValuesInit(\%h);
|
||||
}
|
||||
|
||||
sub localInit {
|
||||
|
|
|
@ -25,6 +25,7 @@ our (
|
|||
$localStorageOptions, $whatToTrace, $https,
|
||||
$refLocalStorage, $safe, $cookieSecured,
|
||||
$port, $statusPipe, $statusOut,
|
||||
$customFunctions,
|
||||
);
|
||||
|
||||
##########################################
|
||||
|
@ -40,6 +41,7 @@ BEGIN {
|
|||
qw(
|
||||
$locationCondition $defaultCondition $locationCount
|
||||
$locationRegexp $apacheRequest $datas $safe $portal
|
||||
safe $customFunctions
|
||||
)
|
||||
],
|
||||
import => [qw( import @EXPORT_OK @EXPORT %EXPORT_TAGS )],
|
||||
|
@ -260,8 +262,23 @@ sub statusProcess {
|
|||
##############################
|
||||
|
||||
# Security jail
|
||||
$safe = new Safe;
|
||||
$safe->share( '&encode_base64', '$datas', '&lmSetHeaderIn', '$apacheRequest' );
|
||||
sub safe {
|
||||
my $class = shift;
|
||||
return $safe if($safe);
|
||||
$safe = new Safe;
|
||||
my @t = split /\s+/, $customFunctions;
|
||||
$safe->share( '&encode_base64', '$datas', '&lmSetHeaderIn', '$apacheRequest', @t );
|
||||
foreach(@t) {
|
||||
$class->lmLog("Custom function : $_",'debug');
|
||||
eval "sub $_ {
|
||||
return $class\::$_(\$apacheRequest->uri
|
||||
. ( \$apacheRequest->args ? '?' . \$apacheRequest->args : '' )
|
||||
, \@_)
|
||||
}";
|
||||
$class->lmLog($@,'error')if($@);
|
||||
}
|
||||
return $safe;
|
||||
}
|
||||
|
||||
# init() : by default, it calls localInit and globalInit, but with
|
||||
# a shared configuration, init() is overloaded to call only
|
||||
|
@ -412,7 +429,7 @@ sub conditionSub {
|
|||
$cond =~ s/\$date/&POSIX::strftime("%Y%m%d%H%M%S",localtime())/e;
|
||||
$cond =~ s/\$(\w+)/\$datas->{$1}/g;
|
||||
my $sub;
|
||||
$sub = $safe->reval("sub {return ( $cond )}");
|
||||
$sub = $class->safe->reval("sub {return ( $cond )}");
|
||||
return $sub;
|
||||
}
|
||||
|
||||
|
@ -428,6 +445,7 @@ sub defaultValuesInit {
|
|||
$https = $args->{https} unless defined($https);
|
||||
$https = 1 unless defined($https);
|
||||
$port = $args->{port} || 0 unless defined($port);
|
||||
$customFunctions = $args->{customFunctions};
|
||||
1;
|
||||
}
|
||||
|
||||
|
@ -475,7 +493,7 @@ sub forgeHeadersInit {
|
|||
|
||||
#$sub = "\$forgeHeaders = sub {$sub};";
|
||||
#eval "$sub";
|
||||
$forgeHeaders = $safe->reval("sub {$sub};");
|
||||
$forgeHeaders = $class->safe->reval("sub {$sub};");
|
||||
$class->lmLog( "$class: Unable to forge headers: $@: sub {$sub}", 'error' )
|
||||
if ($@);
|
||||
1;
|
||||
|
|
|
@ -52,7 +52,7 @@ sub forgeHeadersInit {
|
|||
|
||||
#$sub = "\$forgeHeaders->{'$vhost'} = sub {$sub};";
|
||||
#eval "$sub";
|
||||
$forgeHeaders->{$vhost} = $safe->reval("sub {$sub}");
|
||||
$forgeHeaders->{$vhost} = $class->safe->reval("sub {$sub}");
|
||||
$class->lmLog( "$class: Unable to forge headers: $@: sub {$sub}",
|
||||
'error' )
|
||||
if ($@);
|
||||
|
|
|
@ -13,7 +13,7 @@ our $cgi = Lemonldap::NG::Manager::Sessions->new({
|
|||
'cache_root' => '/tmp',
|
||||
'cache_depth' => 5,
|
||||
},
|
||||
# Use configStorage with Debian
|
||||
# Use configStorage with Debian
|
||||
#configStorage => $Lemonldap::NG::Conf::configStorage,
|
||||
configStorage => {
|
||||
type => 'File',
|
||||
|
|
|
@ -546,7 +546,11 @@ sub checkConf {
|
|||
|
||||
# Load and check macros
|
||||
my $safe = new Safe;
|
||||
$safe->share('&encode_base64');
|
||||
my @t = split /\s+/, $self->{customFunctions};
|
||||
foreach(@t) {
|
||||
eval "sub $_ {1}";
|
||||
}
|
||||
$safe->share('&encode_base64', @t);
|
||||
$safe->reval($expr);
|
||||
if ($@) {
|
||||
$result = 0;
|
||||
|
|
|
@ -79,7 +79,7 @@ sub getConf {
|
|||
if ( $v !~ /^\$/ ) {
|
||||
print STDERR "Lemonldap::NG : Warning: configuration is in old format, you've to migrate !\n";
|
||||
eval 'require Storable;require MIME::Base64;';
|
||||
die($@) if($@);
|
||||
die($@) if($@);
|
||||
$conf->{$k} = Storable::thaw(MIME::Base64::decode_base64($v));
|
||||
}
|
||||
else {
|
||||
|
|
|
@ -1,79 +1,78 @@
|
|||
#!/usr/bin/perl
|
||||
|
||||
use strict ;
|
||||
use warnings ;
|
||||
use strict;
|
||||
use warnings;
|
||||
|
||||
use HTML::Template ;
|
||||
use HTML::Template;
|
||||
use Lemonldap::NG::Portal::AuthLA;
|
||||
|
||||
# Local parameter to set the installation directory
|
||||
|
||||
my $portal = Lemonldap::NG::Portal::AuthLA->new({
|
||||
configStorage => {
|
||||
type => 'File' ,
|
||||
dirName => '__CONFDIR__' ,
|
||||
} ,
|
||||
my $portal = Lemonldap::NG::Portal::AuthLA->new(
|
||||
{
|
||||
configStorage => {
|
||||
type => 'File',
|
||||
dirName => '__CONFDIR__',
|
||||
},
|
||||
|
||||
# Liberty Parameters
|
||||
laSp => {
|
||||
certificate => "__DIR__/ressources/lemonsp-key-public.pem" ,
|
||||
metadata => "__DIR__/ressources/lemonsp-metadata.xml" ,
|
||||
privkey => "__DIR__/ressources/lemonsp-key-private.pem" ,
|
||||
secretkey => "__DIR__/ressources/lemonsp-key-private.pem" ,
|
||||
} ,
|
||||
laIdpsFile => "__DIR__/idps.xml" ,
|
||||
laDebug => 0 ,
|
||||
laLdapLoginAttribute => "uid" ,
|
||||
# Liberty Parameters
|
||||
laSp => {
|
||||
certificate => "__DIR__/ressources/lemonsp-key-public.pem",
|
||||
metadata => "__DIR__/ressources/lemonsp-metadata.xml",
|
||||
privkey => "__DIR__/ressources/lemonsp-key-private.pem",
|
||||
secretkey => "__DIR__/ressources/lemonsp-key-private.pem",
|
||||
},
|
||||
laIdpsFile => "__DIR__/idps.xml",
|
||||
laDebug => 0,
|
||||
laLdapLoginAttribute => "uid",
|
||||
|
||||
# Liberty Storage Options are now generic CGI::Session options
|
||||
laStorage => "File",
|
||||
laStorageOptions => {
|
||||
Directory => "__DIR__/var/assertion" ,
|
||||
} ,
|
||||
# Liberty Storage Options are now generic CGI::Session options
|
||||
laStorage => "File",
|
||||
laStorageOptions => { Directory => "__DIR__/var/assertion", },
|
||||
|
||||
# Parameters that permit to access lemonldap::NG::Handler local cache
|
||||
localStorage => 'Cache::FileCache' ,
|
||||
localStorageOptions => {} ,
|
||||
});
|
||||
# Parameters that permit to access lemonldap::NG::Handler local cache
|
||||
localStorage => 'Cache::FileCache',
|
||||
localStorageOptions => {},
|
||||
}
|
||||
);
|
||||
|
||||
if ( $portal->process() ) {
|
||||
|
||||
print $portal->header('text/html; charset=utf8');
|
||||
my $template = HTML::Template->new( filename => "__DIR__/tpl/menu.tpl" );
|
||||
|
||||
if( $portal->process() ) {
|
||||
my @sites = ();
|
||||
foreach ( $portal->getProtectedSites ) {
|
||||
my %row_data;
|
||||
$row_data{SITE_NAME} = $_;
|
||||
push( @sites, \%row_data );
|
||||
}
|
||||
@sites = sort { $a cmp $b } @sites;
|
||||
$template->param( AUTH_SITES => \@sites );
|
||||
|
||||
print $portal->header('text/html; charset=utf8');
|
||||
my $template = HTML::Template->new( filename => "__DIR__/tpl/menu.tpl");
|
||||
print $template->output;
|
||||
|
||||
my @sites = ();
|
||||
foreach ($portal->getProtectedSites) {
|
||||
my %row_data ;
|
||||
$row_data{SITE_NAME} = $_ ;
|
||||
push (@sites, \%row_data) ;
|
||||
}
|
||||
@sites = sort {$a cmp $b} @sites ;
|
||||
$template->param( AUTH_SITES => \@sites );
|
||||
}
|
||||
else {
|
||||
|
||||
print $template->output;
|
||||
# Retrieve IDP list.
|
||||
|
||||
} else {
|
||||
my @idps = ();
|
||||
foreach ( $portal->getIdpIDs ) {
|
||||
my %row_data;
|
||||
$row_data{IDPNAME} = $_;
|
||||
push( @idps, \%row_data );
|
||||
}
|
||||
@idps = sort { $a cmp $b } @idps;
|
||||
|
||||
# Retrieve IDP list.
|
||||
# Print template
|
||||
|
||||
my @idps = () ;
|
||||
foreach ($portal->getIdpIDs) {
|
||||
my %row_data ;
|
||||
$row_data{IDPNAME} = $_ ;
|
||||
push (@idps, \%row_data) ;
|
||||
}
|
||||
@idps = sort {$a cmp $b} @idps ;
|
||||
|
||||
# Print template
|
||||
|
||||
print $portal->header ;
|
||||
my $template = HTML::Template->new( filename => "__DIR__/tpl/auth.tpl" ) ;
|
||||
$template->param( AUTH_ERROR => $portal->error ) ;
|
||||
$template->param( AUTH_URL => $portal->param('url') ) ;
|
||||
$template->param( AUTH_IDPS => \@idps ) ;
|
||||
print $template->output ;
|
||||
print $portal->header;
|
||||
my $template = HTML::Template->new( filename => "__DIR__/tpl/auth.tpl" );
|
||||
$template->param( AUTH_ERROR => $portal->error );
|
||||
$template->param( AUTH_URL => $portal->param('url') );
|
||||
$template->param( AUTH_IDPS => \@idps );
|
||||
print $template->output;
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -22,11 +22,12 @@ else {
|
|||
print $portal->header('text/html; charset=utf8');
|
||||
print $portal->start_html;
|
||||
print 'Error: ' . $portal->error . '<br />';
|
||||
print '<form method="post" action="'.$ENV{SCRIPTNAME}.'">';
|
||||
print '<form method="post" action="' . $ENV{SCRIPTNAME} . '">';
|
||||
print '<input type="hidden" name="url" value="'
|
||||
. $portal->param('url') . '" />';
|
||||
print 'Login : <input name="user" /><br />';
|
||||
print 'Password : <input name="password" type="password" autocomplete="off"><br>';
|
||||
print
|
||||
'Password : <input name="password" type="password" autocomplete="off"><br>';
|
||||
print '<input type="submit" value="OK" />';
|
||||
print '</form>';
|
||||
print $portal->end_html;
|
||||
|
|
|
@ -15,9 +15,9 @@ my $portal = Lemonldap::NG::Portal::SharedConf->new(
|
|||
type => 'File',
|
||||
dirName => '__CONFDIR__',
|
||||
},
|
||||
existingSession => sub {PE_DONE}, # Required to display the menu to a connected user
|
||||
#ldapPpolicyControl => 1, # Remove comment to use LDAP Password Policy
|
||||
#storePassword => 1, # Remove comment to store password in session (use with caution)
|
||||
existingSession => sub { PE_DONE }, # Required to display the menu to a connected user
|
||||
#ldapPpolicyControl => 1, # Remove comment to use LDAP Password Policy
|
||||
#storePassword => 1, # Remove comment to store password in session (use with caution)
|
||||
}
|
||||
);
|
||||
|
||||
|
@ -25,40 +25,42 @@ if ( $portal->process() ) {
|
|||
|
||||
# HTML::Template object creation
|
||||
my $template = HTML::Template->new(
|
||||
filename => "$skin_dir/$skin/menu.tpl",
|
||||
die_on_bad_params => 0,
|
||||
cache => 0,
|
||||
filter => sub{$portal->translate_template(@_)}
|
||||
filename => "$skin_dir/$skin/menu.tpl",
|
||||
die_on_bad_params => 0,
|
||||
cache => 0,
|
||||
filter => sub { $portal->translate_template(@_) }
|
||||
);
|
||||
|
||||
# Menu creation
|
||||
use Lemonldap::NG::Portal::Menu;
|
||||
my $menu = Lemonldap::NG::Portal::Menu->new(
|
||||
{
|
||||
portalObject => $portal,
|
||||
apps => {
|
||||
xmlfile => "$appsxmlfile",
|
||||
imgpath => "$appsimgpath",
|
||||
},
|
||||
modules => {
|
||||
appslist => 1,
|
||||
password => 1,
|
||||
logout => 1,
|
||||
},
|
||||
}
|
||||
{
|
||||
portalObject => $portal,
|
||||
apps => {
|
||||
xmlfile => "$appsxmlfile",
|
||||
imgpath => "$appsimgpath",
|
||||
},
|
||||
modules => {
|
||||
appslist => 1,
|
||||
password => 1,
|
||||
logout => 1,
|
||||
},
|
||||
# CUSTOM FUNCTION : if you want to create customFunctions in rules, declare them here
|
||||
#customFunctions => 'function1 function2',
|
||||
}
|
||||
);
|
||||
|
||||
$template->param( AUTH_ERROR => $menu->error );
|
||||
$template->param( AUTH_ERROR_TYPE => $menu->error_type );
|
||||
$template->param( DISPLAY_APPSLIST => $menu->displayModule("appslist") );
|
||||
$template->param( DISPLAY_PASSWORD => $menu->displayModule("password") );
|
||||
$template->param( DISPLAY_LOGOUT => $menu->displayModule("logout") );
|
||||
$template->param( DISPLAY_TAB => $menu->displayTab );
|
||||
$template->param( LOGOUT_URL => "$ENV{SCRIPT_NAME}?logout=1" );
|
||||
$template->param( AUTH_ERROR => $menu->error );
|
||||
$template->param( AUTH_ERROR_TYPE => $menu->error_type );
|
||||
$template->param( DISPLAY_APPSLIST => $menu->displayModule("appslist") );
|
||||
$template->param( DISPLAY_PASSWORD => $menu->displayModule("password") );
|
||||
$template->param( DISPLAY_LOGOUT => $menu->displayModule("logout") );
|
||||
$template->param( DISPLAY_TAB => $menu->displayTab );
|
||||
$template->param( LOGOUT_URL => "$ENV{SCRIPT_NAME}?logout=1" );
|
||||
if ( $menu->displayModule("appslist") ) {
|
||||
$template->param( APPSLIST_MENU => $menu->appslistMenu );
|
||||
$template->param( APPSLIST_DESC => $menu->appslistDescription );
|
||||
}
|
||||
}
|
||||
|
||||
print $portal->header('text/html; charset=utf8');
|
||||
print $template->output;
|
||||
|
@ -73,10 +75,10 @@ else {
|
|||
filter => sub { $portal->translate_template(@_) }
|
||||
);
|
||||
|
||||
$template->param( AUTH_ERROR => $portal->error );
|
||||
$template->param( AUTH_ERROR_TYPE => $portal->error_type );
|
||||
$template->param( AUTH_URL => $portal->param('url') );
|
||||
$template->param( DISPLAY_FORM => 1 );
|
||||
$template->param( AUTH_ERROR => $portal->error );
|
||||
$template->param( AUTH_ERROR_TYPE => $portal->error_type );
|
||||
$template->param( AUTH_URL => $portal->param('url') );
|
||||
$template->param( DISPLAY_FORM => 1 );
|
||||
|
||||
print $portal->header('text/html; charset=utf8');
|
||||
print $template->output;
|
||||
|
|
|
@ -14,14 +14,21 @@ our @ISA = qw(Exporter);
|
|||
|
||||
### ACCESS CONTROL DISPLAY SYSTEM
|
||||
|
||||
our ( $defaultCondition, $locationCondition, $locationRegexp, $cfgNum ) =
|
||||
our ( $defaultCondition, $locationCondition, $locationRegexp, $cfgNum, $path ) =
|
||||
( undef, undef, undef, 0 );
|
||||
|
||||
sub _safe {
|
||||
my $self = shift;
|
||||
return $self->{_safe} if($self->{_safe});
|
||||
$self->{_safe} = new Safe;
|
||||
$self->{_safe}->share('&encode_base64');
|
||||
my @t = split /\s+/, $self->{customFunctions};
|
||||
foreach(@t) {
|
||||
eval "sub $_ {
|
||||
return $self->{caller}::$_(\$path,\@_);
|
||||
}";
|
||||
print STDERR "$@\n" if($@);
|
||||
}
|
||||
$self->{_safe}->share('&encode_base64', @t);
|
||||
return $self->{_safe};
|
||||
}
|
||||
|
||||
|
@ -51,6 +58,7 @@ sub new {
|
|||
$self->{modules}->{password} = 0
|
||||
unless defined $self->{modules}->{password};
|
||||
$self->{modules}->{logout} = 1 unless defined $self->{modules}->{logout};
|
||||
$self->{'caller'} = caller;
|
||||
|
||||
# Set error to 0 by default
|
||||
$self->{error} = PE_OK;
|
||||
|
@ -467,8 +475,10 @@ sub _ppolicyWarning {
|
|||
sub _grant {
|
||||
my $self = shift;
|
||||
my ($uri) = @_;
|
||||
$uri =~ m#(\w+)://([^/:]+)(:\d+)?(/.*)#;
|
||||
my ( $protocol, $vhost, $port, $path ) = ( $1, $2, $3, $4 );
|
||||
$uri =~ m{(\w+)://([^/:]+)(:\d+)?(/.*)?$};
|
||||
my ( $protocol, $vhost, $port );
|
||||
( $protocol, $vhost, $port, $path ) = ( $1, $2, $3, $4 );
|
||||
$path ||= '/';
|
||||
$self->_compileRules() if ( $cfgNum != $self->{portalObject}->{cfgNum} );
|
||||
return -1 unless ( defined( $defaultCondition->{$vhost} ) );
|
||||
if ( defined $locationRegexp->{$vhost} ) { # Not just a default rule
|
||||
|
|
Loading…
Reference in New Issue
Block a user