Merge branch 'v2.0'
This commit is contained in:
Christophe Maudoux
commit
f0031cc7f6
|
|
@ -4,6 +4,8 @@ use strict;
|
|||
use Mouse;
|
||||
use Lemonldap::NG::Common::Conf;
|
||||
|
||||
extends 'Lemonldap::NG::Common::PSGI::Cli::Lib';
|
||||
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
has confAccess => (
|
||||
|
|
|
|||
|
|
@ -53,6 +53,7 @@ sub defaultValues {
|
|||
'cspDefault' => '\'self\'',
|
||||
'cspFont' => '\'self\'',
|
||||
'cspFormAction' => '*',
|
||||
'cspFrameAncestors' => '',
|
||||
'cspImg' => '\'self\' data:',
|
||||
'cspScript' => '\'self\'',
|
||||
'cspStyle' => '\'self\'',
|
||||
|
|
|
|||
|
|
@ -1051,6 +1051,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'default' => '*',
|
||||
'type' => 'text'
|
||||
},
|
||||
'cspFrameAncestors' => {
|
||||
'default' => '',
|
||||
'type' => 'text'
|
||||
},
|
||||
'cspImg' => {
|
||||
'default' => '\'self\' data:',
|
||||
'type' => 'text'
|
||||
|
|
|
|||
|
|
@ -877,6 +877,11 @@ sub attributes {
|
|||
default => "'self'",
|
||||
documentation => 'Font source for Content-Security-Policy',
|
||||
},
|
||||
cspFrameAncestors => {
|
||||
type => 'text',
|
||||
default => '',
|
||||
documentation => 'Frame-Ancestors for Content-Security-Policy',
|
||||
},
|
||||
portalAntiFrame => {
|
||||
default => 1,
|
||||
type => 'bool',
|
||||
|
|
|
|||
|
|
@ -949,7 +949,7 @@ sub tree {
|
|||
'cspDefault', 'cspImg',
|
||||
'cspScript', 'cspStyle',
|
||||
'cspFont', 'cspFormAction',
|
||||
'cspConnect',
|
||||
'cspConnect', 'cspFrameAncestors'
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
|
|||
|
|
@ -30,6 +30,7 @@ has force => ( is => 'rw', isa => 'Bool', default => 0 );
|
|||
has logger => ( is => 'ro', lazy => 1, builder => sub { $_[0]->mgr->logger } );
|
||||
has userLogger =>
|
||||
( is => 'ro', lazy => 1, builder => sub { $_[0]->mgr->userLogger } );
|
||||
has localConf => ( is => 'ro', lazy => 1, builder => sub { $_[0]->mgr } );
|
||||
|
||||
sub get {
|
||||
my ( $self, @keys ) = @_;
|
||||
|
|
@ -275,13 +276,15 @@ sub _save {
|
|||
req => $self->req
|
||||
}
|
||||
);
|
||||
unless ( $parser->testNewConf() ) {
|
||||
$self->logger->error("CLI: Configuration rejected with message: $parser->{message}");
|
||||
unless ( $parser->testNewConf( $self->localConf ) ) {
|
||||
$self->logger->error(
|
||||
"CLI: Configuration rejected with message: $parser->{message}");
|
||||
printf STDERR "Modifications rejected: %s:\n", $parser->{message};
|
||||
}
|
||||
my $saveParams = { force => $self->force };
|
||||
if ( $self->force and $self->cfgNum ) {
|
||||
$self->logger->debug("CLI: cfgNum forced with $self->cfgNum()");
|
||||
$self->logger->debug( "CLI: cfgNum forced with " . $self->cfgNum );
|
||||
print STDERR "cfgNum forced with ", $self->cfgNum;
|
||||
$saveParams->{cfgNum} = $self->cfgNum;
|
||||
$saveParams->{cfgNumFixed} = 1;
|
||||
}
|
||||
|
|
@ -297,7 +300,8 @@ sub _save {
|
|||
|
||||
my $s = $self->mgr->confAcc->saveConf( $new, %$saveParams );
|
||||
if ( $s > 0 ) {
|
||||
$self->logger->debug("CLI: Configuration $s has been saved by $new->{cfgAuthor}");
|
||||
$self->logger->debug(
|
||||
"CLI: Configuration $s has been saved by $new->{cfgAuthor}");
|
||||
$self->logger->info("CLI: Configuration $s saved");
|
||||
print STDERR "Saved under number $s\n";
|
||||
$parser->{status} = [ $self->mgr->applyConf($new) ];
|
||||
|
|
@ -343,8 +347,7 @@ sub run {
|
|||
$self->cfgNum( $self->lastCfg ) unless ( $self->cfgNum );
|
||||
my $action = shift;
|
||||
unless ( $action =~ /^(?:get|set|addKey|delKey|save|restore)$/ ) {
|
||||
die
|
||||
"Unknown action $action. Only get, set, addKey or delKey allowed";
|
||||
die "Unknown action $action. Only get, set, addKey or delKey allowed";
|
||||
}
|
||||
|
||||
$self->$action(@_);
|
||||
|
|
@ -355,7 +358,7 @@ package Lemonldap::NG::Manager::Cli::Request;
|
|||
use Mouse;
|
||||
|
||||
has cfgNum => ( is => 'rw' );
|
||||
has error => ( is => 'rw' );
|
||||
has error => ( is => 'rw' );
|
||||
|
||||
sub params {
|
||||
my ( $self, $key ) = @_;
|
||||
|
|
|
|||
|
|
@ -94,8 +94,7 @@ sub hdebug {
|
|||
# Main method
|
||||
#@return result
|
||||
sub check {
|
||||
my $self = shift;
|
||||
my $localConf = shift;
|
||||
my ( $self, $localConf ) = @_;
|
||||
|
||||
hdebug("# check()");
|
||||
unless ( $self->newConf ) {
|
||||
|
|
@ -107,7 +106,7 @@ sub check {
|
|||
}
|
||||
my $separator = $self->newConf->{multiValuesSeparator} || '; ';
|
||||
hdebug(" tests succeed");
|
||||
my %conf = %{ $self->newConf() };
|
||||
my %conf = %{ $self->newConf };
|
||||
my %compactedConf = %{ $self->compactConf( $self->newConf ) };
|
||||
my @removedKeys = ();
|
||||
unless ( $self->confChanged ) {
|
||||
|
|
@ -115,11 +114,10 @@ sub check {
|
|||
$self->message('__confNotChanged__');
|
||||
return 0;
|
||||
}
|
||||
if ( $self->newConf->{compactConf} ) {
|
||||
foreach ( sort keys %conf ) {
|
||||
push @removedKeys, $_ unless exists $compactedConf{$_};
|
||||
}
|
||||
}
|
||||
|
||||
# Return removed keys if conf compacted
|
||||
@removedKeys = map { exists $compactedConf{$_} ? () : $_ } sort keys %conf
|
||||
if ( $self->newConf->{compactConf} );
|
||||
push @{ $self->changes },
|
||||
(
|
||||
$self->{newConf}->{compactConf}
|
||||
|
|
@ -129,6 +127,7 @@ sub check {
|
|||
}
|
||||
: { confCompacted => '0' }
|
||||
);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
@ -1093,8 +1092,7 @@ sub defaultValue {
|
|||
#
|
||||
#@return true if tests succeed
|
||||
sub testNewConf {
|
||||
my $self = shift;
|
||||
my $localConf = shift;
|
||||
my ( $self, $localConf ) = @_;
|
||||
|
||||
hdebug('# testNewConf()');
|
||||
return $self->_unitTest( $self->newConf(), $localConf )
|
||||
|
|
@ -1121,7 +1119,7 @@ sub _unitTest {
|
|||
}
|
||||
hdebug("Testing $key");
|
||||
my $attr = $attrs->{$key};
|
||||
my $type = $types->{ $attr->{type} };
|
||||
my $type = $types->{ $attr->{type} } if $attr;
|
||||
unless ( $type or $attr->{test} ) {
|
||||
$localConf->logger->debug("Unknown attribute $key, deleting it\n");
|
||||
delete $conf->{$key};
|
||||
|
|
|
|||
|
|
@ -687,7 +687,8 @@ sub tests {
|
|||
|| $conf->{yubikey2fActivation}
|
||||
|| $conf->{u2fActivation}
|
||||
|| $conf->{utotp2fActivation} );
|
||||
return ( 1, "History enabled WITHOUT persistent session storage" )
|
||||
return ( 1,
|
||||
"History plugin enabled WITHOUT persistent session storage" )
|
||||
if ( $conf->{loginHistoryEnabled} );
|
||||
return ( 1,
|
||||
"OIDC consents enabled WITHOUT persistent session storage" )
|
||||
|
|
|
|||
|
|
@ -95,7 +95,7 @@ if (`diff $refFile $editFile`) {
|
|||
print STDERR "Configuration has changed\n";
|
||||
}
|
||||
elsif ( $res == DATABASE_LOCKED ) {
|
||||
print STDERR "Configuration database is or can nor be locked\n";
|
||||
print STDERR "Configuration database is or can not be locked\n";
|
||||
}
|
||||
elsif ( $res == UPLOAD_DENIED ) {
|
||||
print STDERR "You're not authorized to save this configuration\n";
|
||||
|
|
|
|||
|
|
@ -159,13 +159,14 @@
|
|||
"contextSwitchingIdRule":"Identities use rule",
|
||||
"contextSwitchingRule":"استخدام القاعدة",
|
||||
"contextSwitchingStopWithLogout":"Stop by logout",
|
||||
"cspConnect":"وجهات أجاكس",
|
||||
"cspDefault":"القيمة الاعتيادية ",
|
||||
"cspFont":" مصدر نوع الخط",
|
||||
"cspFormAction":"Form destinations",
|
||||
"cspFrameAncestors":"Frame ancestors URL",
|
||||
"cspImg":"مصدر الصورة",
|
||||
"cspScript":"مصدر السكربت",
|
||||
"cspStyle":"مصدر الأسلوب ",
|
||||
"cspConnect":"وجهات أجاكس",
|
||||
"cspFont":" مصدر نوع الخط",
|
||||
"crossOrigineResourceSharing":"Cross-Origin Resource Sharing",
|
||||
"corsEnabled":"Activation",
|
||||
"corsAllow_Credentials":"Access-Control-Allow-Credentials",
|
||||
|
|
|
|||
|
|
@ -159,13 +159,14 @@
|
|||
"contextSwitchingIdRule":"Identities use rule",
|
||||
"contextSwitchingRule":"Use rule",
|
||||
"contextSwitchingStopWithLogout":"Stop by logout",
|
||||
"cspConnect":"Ajax destinations",
|
||||
"cspDefault":"Default value",
|
||||
"cspFont":"Font source",
|
||||
"cspFormAction":"Form destinations",
|
||||
"cspFrameAncestors":"Frame ancestors URL",
|
||||
"cspImg":"Image source",
|
||||
"cspScript":"Script source",
|
||||
"cspStyle":"Style source",
|
||||
"cspConnect":"Ajax destinations",
|
||||
"cspFont":"Font source",
|
||||
"crossOrigineResourceSharing":"Cross-Origin Resource Sharing",
|
||||
"corsEnabled":"Activation",
|
||||
"corsAllow_Credentials":"Access-Control-Allow-Credentials",
|
||||
|
|
|
|||
|
|
@ -159,13 +159,14 @@
|
|||
"contextSwitchingIdRule":"Identities use rule",
|
||||
"contextSwitchingRule":"Use rule",
|
||||
"contextSwitchingStopWithLogout":"Stop by logout",
|
||||
"cspConnect":"Ajax destinations",
|
||||
"cspDefault":"Default value",
|
||||
"cspFont":"Font source",
|
||||
"cspFormAction":"Form destinations",
|
||||
"cspFrameAncestors":"Frame ancestors URL",
|
||||
"cspImg":"Image source",
|
||||
"cspScript":"Script source",
|
||||
"cspStyle":"Style source",
|
||||
"cspConnect":"Ajax destinations",
|
||||
"cspFont":"Font source",
|
||||
"crossOrigineResourceSharing":"Cross-Origin Resource Sharing",
|
||||
"corsEnabled":"Activation",
|
||||
"corsAllow_Credentials":"Access-Control-Allow-Credentials",
|
||||
|
|
|
|||
|
|
@ -159,13 +159,14 @@
|
|||
"contextSwitchingIdRule":"Règle d'utilisation des identités",
|
||||
"contextSwitchingRule":"Règle d'utilisation",
|
||||
"contextSwitchingStopWithLogout":"Arrêt par déconnexion",
|
||||
"cspConnect":"Destinations des requêtes AJAX",
|
||||
"cspDefault":"Valeur par défaut",
|
||||
"cspFont":"Sources des polices",
|
||||
"cspFormAction":"Destinations des formulaires",
|
||||
"cspFrameAncestors":"URL parentes des iFrames",
|
||||
"cspImg":"Sources des images",
|
||||
"cspScript":"Sources des scripts",
|
||||
"cspStyle":"Sources des styles",
|
||||
"cspConnect":"Destinations des requêtes AJAX",
|
||||
"cspFont":"Sources des polices",
|
||||
"crossOrigineResourceSharing":"Partage des ressources entre origines multiples",
|
||||
"corsEnabled":"Activation",
|
||||
"corsAllow_Credentials":"Access-Control-Allow-Credentials",
|
||||
|
|
|
|||
|
|
@ -159,13 +159,14 @@
|
|||
"contextSwitchingIdRule":"Le identità usano la regola",
|
||||
"contextSwitchingRule":"Utilizza la regola",
|
||||
"contextSwitchingStopWithLogout":"Stop by logout",
|
||||
"cspConnect":"Destinazioni Ajax",
|
||||
"cspDefault":"Valore di default",
|
||||
"cspFont":"Origine carattere",
|
||||
"cspFormAction":"Formare le destinazioni",
|
||||
"cspFrameAncestors":"Frame ancestors URL",
|
||||
"cspImg":"Origine immagine",
|
||||
"cspScript":"Origine script",
|
||||
"cspStyle":"Origine di stile",
|
||||
"cspConnect":"Destinazioni Ajax",
|
||||
"cspFont":"Origine carattere",
|
||||
"crossOrigineResourceSharing":"Cross-Origin Resource Sharing",
|
||||
"corsEnabled":"Attivazione",
|
||||
"corsAllow_Credentials":"Access-Control-Allow-Credentials",
|
||||
|
|
|
|||
|
|
@ -159,13 +159,14 @@
|
|||
"contextSwitchingIdRule":"Kimlik kullanım kuralı",
|
||||
"contextSwitchingRule":"Kuralı kullan",
|
||||
"contextSwitchingStopWithLogout":"Çıkış yapmayı durdur",
|
||||
"cspConnect":"Ajax hedefleri",
|
||||
"cspDefault":"Varsayılan değer",
|
||||
"cspFont":"Font kaynağı",
|
||||
"cspFormAction":"Hedefleri biçimlendir",
|
||||
"cspFrameAncestors":"Frame ancestors URL",
|
||||
"cspImg":"Görüntü kaynağı",
|
||||
"cspScript":"Betik kaynağı",
|
||||
"cspStyle":"Stil kaynağı",
|
||||
"cspConnect":"Ajax hedefleri",
|
||||
"cspFont":"Font kaynağı",
|
||||
"crossOrigineResourceSharing":"Kökler Arası Kaynak Paylaşımı (CORS)",
|
||||
"corsEnabled":"Aktivasyon",
|
||||
"corsAllow_Credentials":"Access-Control-Allow-Credentials",
|
||||
|
|
|
|||
|
|
@ -159,13 +159,14 @@
|
|||
"contextSwitchingIdRule":"Identities use rule",
|
||||
"contextSwitchingRule":"Quy tắc sử dụng",
|
||||
"contextSwitchingStopWithLogout":"Stop by logout",
|
||||
"cspConnect":"Đích cúa Ajax",
|
||||
"cspDefault":"Giá trị mặc định",
|
||||
"cspFont":"Nguồn phông chữ",
|
||||
"cspFormAction":"Form destinations",
|
||||
"cspFrameAncestors":"Frame ancestors URL",
|
||||
"cspImg":"Nguồn ảnh",
|
||||
"cspScript":"Nguồn kịch bản",
|
||||
"cspStyle":"Nguồn phong cách",
|
||||
"cspConnect":"Đích cúa Ajax",
|
||||
"cspFont":"Nguồn phông chữ",
|
||||
"crossOrigineResourceSharing":"Cross-Origin Resource Sharing",
|
||||
"corsEnabled":"Kích hoạt",
|
||||
"corsAllow_Credentials":"Access-Control-Allow-Credentials",
|
||||
|
|
|
|||
|
|
@ -159,13 +159,14 @@
|
|||
"contextSwitchingIdRule":"Identities use rule",
|
||||
"contextSwitchingRule":"Use rule",
|
||||
"contextSwitchingStopWithLogout":"Stop by logout",
|
||||
"cspConnect":"Ajax destinations",
|
||||
"cspDefault":"Default value",
|
||||
"cspFont":"字体源",
|
||||
"cspFormAction":"Form destinations",
|
||||
"cspFrameAncestors":"Frame ancestors URL",
|
||||
"cspImg":"Image source",
|
||||
"cspScript":"Script source",
|
||||
"cspStyle":"Style source",
|
||||
"cspConnect":"Ajax destinations",
|
||||
"cspFont":"字体源",
|
||||
"crossOrigineResourceSharing":"Cross-Origin Resource Sharing",
|
||||
"corsEnabled":"Activation",
|
||||
"corsAllow_Credentials":"Access-Control-Allow-Credentials",
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -41,11 +41,20 @@ ok(
|
|||
@{ $resBody->{details}->{__changes__} } == 24,
|
||||
'JSON response contains 24 changes'
|
||||
) or print STDERR Dumper($resBody);
|
||||
ok(
|
||||
$resBody->{details}->{__changes__}->[23]->{confCompacted} == 1,
|
||||
'Conf. has been compacted'
|
||||
) or print STDERR Dumper($resBody);
|
||||
|
||||
my @removedKeys = split /; /, $resBody->{details}->{__changes__}->[23]->{removedKeys};
|
||||
ok(
|
||||
@removedKeys == 60, 'All removed keys found'
|
||||
) or print STDERR Dumper(\@removedKeys);
|
||||
|
||||
#print STDERR Dumper($resBody);
|
||||
|
||||
ok( -f $confFiles->[1], 'File is created' );
|
||||
count(4);
|
||||
count(6);
|
||||
|
||||
my @changes = @{&changes};
|
||||
my @cmsg = @{ $resBody->{details}->{__changes__} };
|
||||
my $bug;
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ use JSON;
|
|||
use strict;
|
||||
require 't/test-lib.pm';
|
||||
|
||||
my $tests = 9;
|
||||
my $tests = 14;
|
||||
|
||||
use_ok('Lemonldap::NG::Common::Cli');
|
||||
use_ok('Lemonldap::NG::Manager::Cli');
|
||||
|
|
@ -16,12 +16,14 @@ SKIP: {
|
|||
}
|
||||
my $client =
|
||||
Lemonldap::NG::Manager::Cli->new( iniFile => 't/lemonldap-ng.ini' );
|
||||
my $commonClient =
|
||||
Lemonldap::NG::Common::Cli->new( iniFile => 't/lemonldap-ng.ini' );
|
||||
my @cmd;
|
||||
my $res;
|
||||
|
||||
# Test 'set' command
|
||||
@cmd = qw(-yes 1 set notification 1);
|
||||
$res = Capture::Tiny::capture_stdout( sub { $client->run(@cmd) } );
|
||||
Capture::Tiny::capture_stdout( sub { $client->run(@cmd) } );
|
||||
|
||||
# Test 'get' command
|
||||
@cmd = qw(get notification);
|
||||
|
|
@ -45,12 +47,17 @@ SKIP: {
|
|||
'"delKey" OK'
|
||||
);
|
||||
|
||||
# Test 'get' command
|
||||
# Test 'get' command with key/subkey
|
||||
@cmd = qw(get locationRules/test1.example.com);
|
||||
$res = Capture::Tiny::capture_stdout( sub { $client->run(@cmd) } );
|
||||
ok( $res =~ m#(?:/logout|default)#, '"get key/subkey" OK' )
|
||||
or diag "$res";
|
||||
|
||||
# Test 'set' command with key/subkey
|
||||
@cmd = qw(-yes 1 set locationRules/test1.example.com/default deny);
|
||||
Capture::Tiny::capture_stdout( sub { $client->run(@cmd) } );
|
||||
|
||||
|
||||
# Test 'save' command
|
||||
@cmd = ('save');
|
||||
$res = Capture::Tiny::capture_stdout( sub { $client->run(@cmd) } );
|
||||
|
|
@ -64,6 +71,40 @@ SKIP: {
|
|||
@cmd = ( 'restore', '-' );
|
||||
Test::Output::combined_like( sub { $client->run(@cmd) },
|
||||
qr/"cfgNum"\s*:\s*"3"/s, 'New config: 3' );
|
||||
|
||||
# Test 'set' command with force
|
||||
@cmd = qw(-yes 1 -force 1 -cfgNum 2 set useSafeJail 0);
|
||||
Test::Output::combined_like(
|
||||
sub { $client->run(@cmd) },
|
||||
qr#cfgNum forced with 2#s,
|
||||
'"Force cfgNum" OK'
|
||||
);
|
||||
|
||||
# Test 'update-cache' command with force
|
||||
@cmd = qw(update-cache);
|
||||
Test::Output::combined_like(
|
||||
sub { $commonClient->run(@cmd) },
|
||||
qr#Cache updated to configuration 3#s,
|
||||
'"update-cache" OK'
|
||||
);
|
||||
|
||||
# Test 'info' command with force
|
||||
@cmd = qw(info);
|
||||
Test::Output::combined_like(
|
||||
$res = sub { $commonClient->run(@cmd) },
|
||||
qr#\bAuthor IP\b#s,
|
||||
'"Author IP" OK'
|
||||
);
|
||||
Test::Output::combined_like(
|
||||
$res = sub { $commonClient->run(@cmd) },
|
||||
qr#\bLog\b#s,
|
||||
'"Log" OK'
|
||||
);
|
||||
Test::Output::combined_like(
|
||||
$res = sub { $commonClient->run(@cmd) },
|
||||
qr#\bVersion\b#s,
|
||||
'"Version" OK'
|
||||
);
|
||||
}
|
||||
|
||||
count($tests);
|
||||
|
|
|
|||
|
|
@ -638,7 +638,7 @@ t/68-Impersonation-with-merge.t
|
|||
t/68-Impersonation-with-TOTP.t
|
||||
t/68-Impersonation.t
|
||||
t/69-FavApps.t
|
||||
t/70-2F-TOTP-8.t
|
||||
t/70-2F-TOTP-8-with-global-storage.t
|
||||
t/70-2F-TOTP-with-History.t
|
||||
t/70-2F-TOTP-with-TTL-and-JSON.t
|
||||
t/70-2F-TOTP-with-TTL-and-XML.t
|
||||
|
|
|
|||
|
|
@ -866,10 +866,18 @@ sub sendHtml {
|
|||
$csp .= ';';
|
||||
|
||||
# Deny using portal in frame except if it is required
|
||||
unless ( $req->frame or $self->conf->{portalAntiFrame} == 0 ) {
|
||||
unless ( $req->frame
|
||||
or $self->conf->{portalAntiFrame} == 0
|
||||
or $self->conf->{cspFrameAncestors} )
|
||||
{
|
||||
push @{ $res->[1] }, 'X-Frame-Options' => 'DENY';
|
||||
$csp .= "frame-ancestors 'none';";
|
||||
}
|
||||
if ( $self->conf->{cspFrameAncestors} ) {
|
||||
push @{ $res->[1] }, 'X-Frame-Options' => 'ALLOW-FROM '
|
||||
. "$self->{conf}->{cspFrameAncestors};";
|
||||
$csp .= "frame-ancestors $self->{conf}->{cspFrameAncestors};";
|
||||
}
|
||||
|
||||
# Check if frames need to be embedded
|
||||
my @url;
|
||||
|
|
|
|||
|
|
@ -14,9 +14,25 @@ use constant afterData => 'run';
|
|||
|
||||
sub init {
|
||||
my ($self) = @_;
|
||||
if ( $self->conf->{disablePersistentStorage} ) {
|
||||
$self->logger->error(
|
||||
'"BruteForceProtection" plugin enabled WITHOUT persistent session storage"'
|
||||
);
|
||||
return 0;
|
||||
}
|
||||
unless ( $self->conf->{loginHistoryEnabled} ) {
|
||||
$self->logger->error(
|
||||
'"History" plugin is required for "BruteForceProtection" plugin');
|
||||
'"BruteForceProtection" plugin enabled WITHOUT "History" plugin');
|
||||
return 0;
|
||||
}
|
||||
unless ( $self->conf->{failedLoginNumber} >
|
||||
$self->conf->{bruteForceProtectionMaxFailed} )
|
||||
{
|
||||
$self->logger->error( 'failedLoginNumber('
|
||||
. $self->conf->{failedLoginNumber}
|
||||
. ') must be higher than bruteForceProtectionMaxFailed('
|
||||
. $self->conf->{bruteForceProtectionMaxFailed}
|
||||
. ')' );
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ _go = 1
|
|||
stop = () ->
|
||||
_go = 0
|
||||
$('#divToHide').hide();
|
||||
$('#wait').hide();
|
||||
|
||||
go = () ->
|
||||
$("#form").submit() if _go
|
||||
|
|
@ -17,7 +18,8 @@ timer = () ->
|
|||
$('#timer').html(h)
|
||||
window.setTimeout timer, 1000
|
||||
|
||||
$(document).ready ->
|
||||
#$(document).ready ->
|
||||
$(window).on 'load', () ->
|
||||
if window.datas['activeTimer']
|
||||
window.setTimeout go, 30000
|
||||
window.setTimeout timer, 1000
|
||||
|
|
|
|||
|
|
@ -1 +1,2 @@
|
|||
(function(){$(document).ready(function(){return $("#upgrd").submit()})}).call(this);
|
||||
(function(){$(document).ready(function(){return $("#upgrd").submit()})}).call(this);
|
||||
//# sourceMappingURL=lemonldap-ng-portal/site/htdocs/static/common/js/autoRenew.min.js.map
|
||||
|
|
@ -1 +1 @@
|
|||
{"version":3,"sources":["lemonldap-ng-portal/site/htdocs/static/common/js/autoRenew.js"],"names":["$","document","ready","submit","call","this"],"mappings":"CACA,WACEA,EAAEC,UAAUC,MAAM,WAChB,OAAOF,EAAE,UAAUG,aAGpBC,KAAKC"}
|
||||
{"version":3,"sources":["lemonldap-ng-portal/site/htdocs/static/common/js/autoRenew.js"],"names":["$","document","ready","submit","call","this"],"mappings":"CACA,WACEA,EAAEC,UAAUC,MAAM,WAChB,MAAOF,GAAE,UAAUG,aAGpBC,KAAKC","file":"lemonldap-ng-portal/site/htdocs/static/common/js/autoRenew.min.js"}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
// Generated by CoffeeScript 1.12.8
|
||||
// Generated by CoffeeScript 1.12.7
|
||||
(function() {
|
||||
var _go, go, i, stop, timer;
|
||||
|
||||
|
|
@ -8,7 +8,8 @@
|
|||
|
||||
stop = function() {
|
||||
_go = 0;
|
||||
return $('#divToHide').hide();
|
||||
$('#divToHide').hide();
|
||||
return $('#wait').hide();
|
||||
};
|
||||
|
||||
go = function() {
|
||||
|
|
@ -28,7 +29,7 @@
|
|||
return window.setTimeout(timer, 1000);
|
||||
};
|
||||
|
||||
$(document).ready(function() {
|
||||
$(window).on('load', function() {
|
||||
if (window.datas['activeTimer']) {
|
||||
window.setTimeout(go, 30000);
|
||||
window.setTimeout(timer, 1000);
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
(function(){var t,i,e,n,r;e=30,t=1,n=function(){return t=0,$("#divToHide").hide()},i=function(){if(t)return $("#form").submit()},r=function(){var t;return t=$("#timer").html(),0<e&&e--,t=t.replace(/\d+/,e),$("#timer").html(t),window.setTimeout(r,1e3)},$(document).ready(function(){return window.datas.activeTimer&&(window.setTimeout(i,3e4),window.setTimeout(r,1e3)),$("#wait").on("click",function(){return n()})})}).call(this);
|
||||
(function(){var i,t,n,e,o;n=30,i=1,e=function(){return i=0,$("#divToHide").hide(),$("#wait").hide()},t=function(){if(i)return $("#form").submit()},o=function(){var i;return i=$("#timer").html(),0<n&&n--,i=i.replace(/\d+/,n),$("#timer").html(i),window.setTimeout(o,1e3)},$(window).on("load",function(){return window.datas.activeTimer&&(window.setTimeout(t,3e4),window.setTimeout(o,1e3)),$("#wait").on("click",function(){return e()})})}).call(this);
|
||||
|
|
@ -1 +1 @@
|
|||
{"version":3,"sources":["lemonldap-ng-portal/site/htdocs/static/common/js/info.js"],"names":["_go","go","i","stop","timer","$","hide","submit","h","html","replace","window","setTimeout","document","ready","datas","on","call","this"],"mappings":"CACA,WACE,IAAIA,EAAKC,EAAIC,EAAGC,EAAMC,EAEtBF,EAAI,GAEJF,EAAM,EAENG,EAAO,WAEL,OADAH,EAAM,EACCK,EAAE,cAAcC,QAGzBL,EAAK,WACH,GAAID,EACF,OAAOK,EAAE,SAASE,UAItBH,EAAQ,WACN,IAAII,EAOJ,OANAA,EAAIH,EAAE,UAAUI,OACR,EAAJP,GACFA,IAEFM,EAAIA,EAAEE,QAAQ,MAAOR,GACrBG,EAAE,UAAUI,KAAKD,GACVG,OAAOC,WAAWR,EAAO,MAGlCC,EAAEQ,UAAUC,MAAM,WAOhB,OANIH,OAAOI,MAAmB,cAC5BJ,OAAOC,WAAWX,EAAI,KACtBU,OAAOC,WAAWR,EAAO,MAIpBC,EAAE,SAASW,GAAG,QAAS,WAC5B,OAAOb,UAIVc,KAAKC"}
|
||||
{"version":3,"sources":["lemonldap-ng-portal/site/htdocs/static/common/js/info.js"],"names":["_go","go","i","stop","timer","$","hide","submit","h","html","replace","window","setTimeout","on","datas","call","this"],"mappings":"CACA,WACE,IAAIA,EAAKC,EAAIC,EAAGC,EAAMC,EAEtBF,EAAI,GAEJF,EAAM,EAENG,EAAO,WAGL,OAFAH,EAAM,EACNK,EAAE,cAAcC,OACTD,EAAE,SAASC,QAGpBL,EAAK,WACH,GAAID,EACF,OAAOK,EAAE,SAASE,UAItBH,EAAQ,WACN,IAAII,EAOJ,OANAA,EAAIH,EAAE,UAAUI,OACR,EAAJP,GACFA,IAEFM,EAAIA,EAAEE,QAAQ,MAAOR,GACrBG,EAAE,UAAUI,KAAKD,GACVG,OAAOC,WAAWR,EAAO,MAGlCC,EAAEM,QAAQE,GAAG,OAAQ,WAOnB,OANIF,OAAOG,MAAmB,cAC5BH,OAAOC,WAAWX,EAAI,KACtBU,OAAOC,WAAWR,EAAO,MAIpBC,EAAE,SAASQ,GAAG,QAAS,WAC5B,OAAOV,UAIVY,KAAKC"}
|
||||
|
|
@ -13,7 +13,8 @@ my $client = LLNG::Manager::Test->new( {
|
|||
corsAllow_Origin => '',
|
||||
corsAllow_Methods => 'POST',
|
||||
cspFormAction => '*',
|
||||
customToTrace => 'mail'
|
||||
cspFrameAncestors => 'test.example.com',
|
||||
customToTrace => 'mail',
|
||||
}
|
||||
}
|
||||
);
|
||||
|
|
@ -54,10 +55,13 @@ my %headers = @{ $res->[1] };
|
|||
#CSP
|
||||
ok(
|
||||
$headers{'Content-Security-Policy'} =~
|
||||
/default-src 'self';img-src 'self' data:;style-src 'self';font-src 'self';connect-src 'self';script-src 'self';form-action \*;frame-ancestors 'none'/,
|
||||
'CSP header value found'
|
||||
m%default-src 'self';img-src 'self' data:;style-src 'self';font-src 'self';connect-src 'self';script-src 'self';form-action \*;frame-ancestors test\.example\.com;%,
|
||||
'CSP header values found'
|
||||
) or print STDERR Dumper( $res->[1] );
|
||||
count(1);
|
||||
ok( $headers{'X-Frame-Options'} eq 'ALLOW-FROM test.example.com;',
|
||||
'X-Frame-Options "ALLOW-FROM" found' )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
count(2);
|
||||
|
||||
# Try to authenticate with good password
|
||||
# --------------------------------------
|
||||
|
|
@ -106,7 +110,10 @@ ok( $headers{'Lm-Remote-User'} eq 'dwho', "Lm-Remote-User found" )
|
|||
ok( $headers{'Lm-Remote-Custom'} eq 'dwho@badwolf.org',
|
||||
"Lm-Remote-Custom found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
count(2);
|
||||
ok( $headers{'X-Frame-Options'} eq 'ALLOW-FROM test.example.com;',
|
||||
'X-Frame-Options "ALLOW-FROM" found' )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
count(3);
|
||||
|
||||
checkCorsPolicy($res);
|
||||
|
||||
|
|
|
|||
|
|
@ -19,11 +19,15 @@ my $ini = {
|
|||
domain => 'example.com',
|
||||
templateDir => 'site/templates',
|
||||
staticPrefix => '/static',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Demo',
|
||||
passwordDB => 'Demo',
|
||||
registerDB => 'Demo',
|
||||
loginHistoryEnabled => 1,
|
||||
securedCookie => 0,
|
||||
https => 0,
|
||||
portalDisplayResetPassword => 1,
|
||||
# portalDisplayCertificateResetByMail => 1, Missing dependencies
|
||||
# portalDisplayCertificateResetByMail => 1, Missing dependencies
|
||||
portalStatus => 1,
|
||||
cda => 1,
|
||||
notification => 1,
|
||||
|
|
|
|||
Loading…
Reference in New Issue