Append ContextSwitching plugin (#1783)
This commit is contained in:
parent
c24ff711a0
commit
e5f03f34d9
|
@ -140,7 +140,7 @@
|
||||||
"categoryName":"Nom de la catégorie",
|
"categoryName":"Nom de la catégorie",
|
||||||
"cda":"Domaines multiples",
|
"cda":"Domaines multiples",
|
||||||
"contentSecurityPolicy":"Politique de sécurité de contenu",
|
"contentSecurityPolicy":"Politique de sécurité de contenu",
|
||||||
"contextSwitching":"Endossement d'identités",
|
"contextSwitching":"Endossement d'identité",
|
||||||
"contextSwitchingHiddenAttributes":"Attributs masqués",
|
"contextSwitchingHiddenAttributes":"Attributs masqués",
|
||||||
"contextSwitchingIdRule":"Règle d'utilisation des identités",
|
"contextSwitchingIdRule":"Règle d'utilisation des identités",
|
||||||
"contextSwitchingRule":"Règle d'utilisation",
|
"contextSwitchingRule":"Règle d'utilisation",
|
||||||
|
|
|
@ -60,7 +60,7 @@ sub init {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
$self->idRule($rule);
|
$self->idRule($rule);
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -79,8 +79,16 @@ sub display {
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( $req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"} ) {
|
if ( $req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"} ) {
|
||||||
$self->p->updateSession( $req, $self->stopImpersonation($req) );
|
if ( $self->conf->{contextSwitchingStopWithLogout} ) {
|
||||||
return $self->p->do( $req, [ sub { PE_REDIRECT } ] );
|
$self->logger->debug('Stop context switching -> Logout requested');
|
||||||
|
return $self->p->do( $req,
|
||||||
|
[ @{ $self->p->beforeLogout }, 'authLogout', 'deleteSession' ]
|
||||||
|
);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$self->p->updateSession( $req, $self->_stopImpersonation($req) );
|
||||||
|
return $self->p->do( $req, [ sub { PE_REDIRECT } ] );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Display form
|
# Display form
|
||||||
|
@ -106,10 +114,18 @@ sub run {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
my $statut = PE_OK;
|
my $statut = PE_OK;
|
||||||
|
|
||||||
if ( $req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"} ) {
|
# if ( $req->userData->{"$self->{conf}->{impersonationPrefix}_session_id"} ) {
|
||||||
$self->p->updateSession( $req, $self->stopImpersonation($req) );
|
# if ( $self->conf->{contextSwitchingStopWithLogout} ) {
|
||||||
return $self->p->do( $req, [ sub { PE_REDIRECT } ] );
|
# $self->userLogger->error('Stop context switching -> Logout requested');
|
||||||
}
|
# return $self->p->do( $req,
|
||||||
|
# [ @{ $self->p->beforeLogout }, 'authLogout', 'deleteSession' ]
|
||||||
|
# );
|
||||||
|
# }
|
||||||
|
# else {
|
||||||
|
# $self->p->updateSession( $req, $self->_stopImpersonation($req) );
|
||||||
|
# return $self->p->do( $req, [ sub { PE_REDIRECT } ] );
|
||||||
|
# }
|
||||||
|
# }
|
||||||
|
|
||||||
my $spoofId = $req->param('spoofId') || ''; # Impersonation required ?
|
my $spoofId = $req->param('spoofId') || ''; # Impersonation required ?
|
||||||
|
|
||||||
|
@ -139,9 +155,11 @@ sub run {
|
||||||
# Fill spoof session
|
# Fill spoof session
|
||||||
my ( $realSession, $spoofSession ) = ( {}, {} );
|
my ( $realSession, $spoofSession ) = ( {}, {} );
|
||||||
$self->logger->debug("Rename real attributes...");
|
$self->logger->debug("Rename real attributes...");
|
||||||
my $spk = '';
|
|
||||||
foreach ( keys %{ $req->{userData} } ) {
|
foreach ( grep { !/^$self->{conf}->{impersonationPrefix}/ }
|
||||||
$spk = "$self->{conf}->{impersonationPrefix}$_";
|
keys %{ $req->{userData} } )
|
||||||
|
{
|
||||||
|
my $spk = "$self->{conf}->{impersonationPrefix}$_";
|
||||||
$realSession->{$spk} = $req->{userData}->{$_};
|
$realSession->{$spk} = $req->{userData}->{$_};
|
||||||
$self->logger->debug("-> Store $_ in realSession key: $spk");
|
$self->logger->debug("-> Store $_ in realSession key: $spk");
|
||||||
$self->logger->debug("Delete $_");
|
$self->logger->debug("Delete $_");
|
||||||
|
@ -149,8 +167,6 @@ sub run {
|
||||||
}
|
}
|
||||||
|
|
||||||
$spoofSession = $self->_userData( $req, $spoofId, $realSession );
|
$spoofSession = $self->_userData( $req, $spoofId, $realSession );
|
||||||
$self->logger->debug(
|
|
||||||
"..............." . Data::Dumper::Dumper($spoofSession) );
|
|
||||||
if ( $req->error ) {
|
if ( $req->error ) {
|
||||||
if ( $req->error == PE_BADCREDENTIALS ) {
|
if ( $req->error == PE_BADCREDENTIALS ) {
|
||||||
$statut = PE_MALFORMEDUSER;
|
$statut = PE_MALFORMEDUSER;
|
||||||
|
@ -214,7 +230,7 @@ sub _userData {
|
||||||
$raz = 1;
|
$raz = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return $raz ? $self->abortImpersonation($req) : $req->{sessionInfo};
|
return $raz ? $self->_abortImpersonation($req) : $req->{sessionInfo};
|
||||||
}
|
}
|
||||||
|
|
||||||
sub displaySwitchContext {
|
sub displaySwitchContext {
|
||||||
|
@ -224,7 +240,7 @@ sub displaySwitchContext {
|
||||||
return 'ON' if $self->rule->( $req, $req->userData );
|
return 'ON' if $self->rule->( $req, $req->userData );
|
||||||
}
|
}
|
||||||
|
|
||||||
sub stopImpersonation {
|
sub _stopImpersonation {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
$self->logger->debug("stopImpersonation required");
|
$self->logger->debug("stopImpersonation required");
|
||||||
$req->{user} = $req->{userData}->{real__user};
|
$req->{user} = $req->{userData}->{real__user};
|
||||||
|
@ -234,15 +250,18 @@ sub stopImpersonation {
|
||||||
my $key = $_;
|
my $key = $_;
|
||||||
$key =~ s/^$self->{conf}->{impersonationPrefix}//;
|
$key =~ s/^$self->{conf}->{impersonationPrefix}//;
|
||||||
$realSession->{$key} = $req->{userData}->{$_};
|
$realSession->{$key} = $req->{userData}->{$_};
|
||||||
|
$realSession->{$_} = '';
|
||||||
$self->logger->debug("Rename userData keys -> $_");
|
$self->logger->debug("Rename userData keys -> $_");
|
||||||
delete $req->{userData}->{$_};
|
delete $req->{userData}->{$_};
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$req->urldc( $self->conf->{portal} );
|
$req->urldc( $self->conf->{portal} );
|
||||||
|
$req->{id} = $realSession->{_session_id};
|
||||||
|
|
||||||
return $realSession;
|
return $realSession;
|
||||||
}
|
}
|
||||||
|
|
||||||
sub abortImpersonation {
|
sub _abortImpersonation {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
$self->logger->debug("abortImpersonation required");
|
$self->logger->debug("abortImpersonation required");
|
||||||
$req->{user} = $req->{sessionInfo}->{real__user};
|
$req->{user} = $req->{sessionInfo}->{real__user};
|
||||||
|
@ -257,7 +276,9 @@ sub abortImpersonation {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$req->urldc( $self->conf->{portal} );
|
$req->urldc( $self->conf->{portal} );
|
||||||
$req->{userData} = { $realSession };
|
$req->{userData} = {$realSession};
|
||||||
|
$req->{id} = $realSession->{_session_id};
|
||||||
|
|
||||||
return $realSession;
|
return $realSession;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -143,7 +143,7 @@
|
||||||
"groups_sso":"SSO GROUPS",
|
"groups_sso":"SSO GROUPS",
|
||||||
"headers":"HEADERS",
|
"headers":"HEADERS",
|
||||||
"id":"Id",
|
"id":"Id",
|
||||||
"cocontextSwitching_ON":"Impersonate another user",
|
"contextSwitching_ON":"Impersonate another user",
|
||||||
"contextSwitching_OFF":"Stop impersonation",
|
"contextSwitching_OFF":"Stop impersonation",
|
||||||
"imSure":"I'm sure",
|
"imSure":"I'm sure",
|
||||||
"info":"Information",
|
"info":"Information",
|
||||||
|
|
|
@ -143,7 +143,7 @@
|
||||||
"groups_sso":"SSO GROUPS",
|
"groups_sso":"SSO GROUPS",
|
||||||
"headers":"HEADERS",
|
"headers":"HEADERS",
|
||||||
"id":"Id",
|
"id":"Id",
|
||||||
"cocontextSwitching_ON":"Impersonate another user",
|
"contextSwitching_ON":"Impersonate another user",
|
||||||
"contextSwitching_OFF":"Stop impersonation",
|
"contextSwitching_OFF":"Stop impersonation",
|
||||||
"imSure":"I'm sure",
|
"imSure":"I'm sure",
|
||||||
"info":"Information",
|
"info":"Information",
|
||||||
|
|
|
@ -143,7 +143,7 @@
|
||||||
"groups_sso":"SSO GROUPS",
|
"groups_sso":"SSO GROUPS",
|
||||||
"headers":"HEADERS",
|
"headers":"HEADERS",
|
||||||
"id":"Id",
|
"id":"Id",
|
||||||
"cocontextSwitching_ON":"Impersonate another user",
|
"contextSwitching_ON":"Impersonate another user",
|
||||||
"contextSwitching_OFF":"Stop impersonation",
|
"contextSwitching_OFF":"Stop impersonation",
|
||||||
"imSure":"Tôi chắc chắn",
|
"imSure":"Tôi chắc chắn",
|
||||||
"info":"Thông tin",
|
"info":"Thông tin",
|
||||||
|
|
|
@ -143,7 +143,7 @@
|
||||||
"groups_sso":"SSO GROUPS",
|
"groups_sso":"SSO GROUPS",
|
||||||
"headers":"HEADERS",
|
"headers":"HEADERS",
|
||||||
"id":"Id",
|
"id":"Id",
|
||||||
"cocontextSwitching_ON":"Impersonate another user",
|
"contextSwitching_ON":"Impersonate another user",
|
||||||
"contextSwitching_OFF":"Stop impersonation",
|
"contextSwitching_OFF":"Stop impersonation",
|
||||||
"imSure":"我确认",
|
"imSure":"我确认",
|
||||||
"info":"信息",
|
"info":"信息",
|
||||||
|
|
Loading…
Reference in New Issue
Block a user