173 lines
10 KiB
HTML
173 lines
10 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en" dir="ltr">
|
|
<head>
|
|
<meta charset="utf-8" />
|
|
<title>documentation:2.0:exportedvars</title>
|
|
<meta name="generator" content="DokuWiki"/>
|
|
<meta name="robots" content="index,follow"/>
|
|
<meta name="keywords" content="documentation,2.0,exportedvars"/>
|
|
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
|
|
<link rel="start" href="exportedvars.html"/>
|
|
<link rel="contents" href="exportedvars.html" title="Sitemap"/>
|
|
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
|
|
<!-- //if:usedebianlibs
|
|
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
|
|
//elsif:useexternallibs
|
|
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
|
|
//elsif:cssminified
|
|
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
|
|
//else -->
|
|
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
|
|
<!-- //endif -->
|
|
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:exportedvars","namespace":"documentation:2.0"};
|
|
/*!]]>*/</script>
|
|
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
|
|
<!-- //if:usedebianlibs
|
|
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
|
|
//elsif:useexternallibs
|
|
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
|
|
//elsif:jsminified
|
|
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
|
|
//else -->
|
|
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
|
|
<!-- //endif -->
|
|
<!-- //if:usedebianlibs
|
|
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
|
|
//elsif:useexternallibs
|
|
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
|
|
//elsif:jsminified
|
|
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
|
|
//else -->
|
|
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script>
|
|
<!-- //endif -->
|
|
</head>
|
|
<body>
|
|
<div class="dokuwiki export container">
|
|
|
|
<h1 class="sectionedit1" id="exported_variables">Exported variables</h1>
|
|
<div class="level1">
|
|
|
|
</div>
|
|
<!-- EDIT1 SECTION "Exported variables" [1-34] -->
|
|
<h2 class="sectionedit2" id="presentation">Presentation</h2>
|
|
<div class="level2">
|
|
|
|
<p>
|
|
Exported variables are the variables available to <a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">write rules and headers</a>. They are extracted from the users database by the <a href="start.html#authentication_users_and_password_databases" class="wikilink1" title="documentation:2.0:start">users module</a>.
|
|
</p>
|
|
|
|
<p>
|
|
To create a variable, you've just to map a user attributes in <abbr title="LemonLDAP::NG">LL::NG</abbr> using <code>Variables</code> » <code>Exported variables</code>. For each variable, The first field is the name which will be used in rules, macros or headers and the second field is the name of the user database field.
|
|
</p>
|
|
|
|
<p>
|
|
Examples for <a href="authldap.html" class="wikilink1" title="documentation:2.0:authldap">LDAP</a>:
|
|
</p>
|
|
<div class="table sectionedit3"><table class="inline table table-bordered table-striped">
|
|
<thead>
|
|
<tr class="row0 roweven">
|
|
<th class="col0 centeralign"> Variable name </th><th class="col1 centeralign"> LDAP attribute </th>
|
|
</tr>
|
|
</thead>
|
|
<tr class="row1 rowodd">
|
|
<td class="col0 centeralign"> uid </td><td class="col1 centeralign"> uid </td>
|
|
</tr>
|
|
<tr class="row2 roweven">
|
|
<td class="col0 centeralign"> number </td><td class="col1 centeralign"> employeeNumber </td>
|
|
</tr>
|
|
<tr class="row3 rowodd">
|
|
<td class="col0 centeralign"> name </td><td class="col1 centeralign"> sn </td>
|
|
</tr>
|
|
</table></div>
|
|
<!-- EDIT3 TABLE [587-693] -->
|
|
<p>
|
|
You can define exported variables for each module in the module configuration itself. Variables defined in the main <code>Exported variables</code> will be used for each backend. Variables defined in the exported variables node of the module will be used only for that module.
|
|
</p>
|
|
|
|
<p>
|
|
<img src="documentation/manager-exported-variables.png" class="mediacenter" title="Exported variables in the Manager" alt="Exported variables in the Manager" />
|
|
</p>
|
|
<div class="notetip">You can define environment variables in <code>Exported variables</code>, this allows one to populate user session with some environment values. Environment variables will not be queried in users database.
|
|
</div>
|
|
</div>
|
|
<!-- EDIT2 SECTION "Presentation" [35-1271] -->
|
|
<h2 class="sectionedit4" id="extend_variables_using_macros_and_groups">Extend variables using macros and groups</h2>
|
|
<div class="level2">
|
|
|
|
</div>
|
|
<!-- EDIT5 PLUGIN_INCLUDE_START_NOREDIRECT "documentation:2.0:performances" [0-] --><div class="plugin_include_content plugin_include__documentation:2.0:performances">
|
|
<div class="level3">
|
|
|
|
<p>
|
|
Macros and groups are calculated during authentication process by the portal:
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> macros are used to extend (or rewrite) <span class="curid"><a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">exported variables</a></span>. A macro is stored as attributes: it can contain boolean results or any string</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> macros can also be used to import environment variables <em>(these variables are in CGI format)</em>. Example: <code>$ENV{HTTP_COOKIE}</code></div>
|
|
</li>
|
|
<li class="level1"><div class="li"> groups are stored as a string with values separated by <code>; </code> (default values separator) in the special attribute <code>groups</code>: it contains the names of groups whose rules were returned true for the current user. For example:</div>
|
|
</li>
|
|
</ul>
|
|
<pre class="code perl"><span class="re0">$groups</span> <span class="sy0">=</span> group3<span class="sy0">;</span> admin</pre>
|
|
<ul>
|
|
<li class="level1"><div class="li"> You can also get groups in <code>$hGroups</code> which is a Hash Reference of this form:</div>
|
|
</li>
|
|
</ul>
|
|
<pre class="code perl"><span class="re0">$hGroups</span> <span class="sy0">=</span> <span class="br0">{</span>
|
|
<span class="st_h">'group3'</span> <span class="sy0">=></span> <span class="br0">{</span>
|
|
<span class="st_h">'description'</span> <span class="sy0">=></span> <span class="br0">[</span>
|
|
<span class="st_h">'Service 3'</span><span class="sy0">,</span>
|
|
<span class="st_h">'Service 3 TEST'</span>
|
|
<span class="br0">]</span><span class="sy0">,</span>
|
|
<span class="st_h">'cn'</span> <span class="sy0">=></span> <span class="br0">[</span>
|
|
<span class="st_h">'group3'</span>
|
|
<span class="br0">]</span><span class="sy0">,</span>
|
|
<span class="st_h">'name'</span> <span class="sy0">=></span> <span class="st_h">'group3'</span>
|
|
<span class="br0">}</span><span class="sy0">,</span>
|
|
<span class="st_h">'admin'</span> <span class="sy0">=></span> <span class="br0">{</span>
|
|
<span class="st_h">'name'</span> <span class="sy0">=></span> <span class="st_h">'admin'</span>
|
|
<span class="br0">}</span>
|
|
<span class="br0">}</span></pre>
|
|
|
|
<p>
|
|
Example for macros:
|
|
</p>
|
|
<pre class="code perl"><span class="co1"># boolean macro</span>
|
|
isAdmin <span class="sy0">-></span> <span class="re0">$uid</span> <span class="kw1">eq</span> <span class="st_h">'foo'</span> <span class="kw1">or</span> <span class="re0">$uid</span> <span class="kw1">eq</span> <span class="st_h">'bar'</span>
|
|
<span class="co1"># other macro </span>
|
|
displayName <span class="sy0">-></span> <span class="re0">$givenName</span><span class="sy0">.</span><span class="st0">" "</span><span class="sy0">.</span><span class="re0">$surName</span>
|
|
|
|
<span class="co1"># Use a boolean macro in a rule</span>
|
|
<span class="sy0">^/</span>admin <span class="sy0">-></span> <span class="re0">$isAdmin</span>
|
|
<span class="co1"># Use a string macro in a HTTP header</span>
|
|
Display<span class="sy0">-</span>Name <span class="sy0">-></span> <span class="re0">$displayName</span></pre>
|
|
|
|
<p>
|
|
Defining a group for admins
|
|
</p>
|
|
<pre class="code perl"><span class="co1"># group</span>
|
|
admin <span class="sy0">-></span> <span class="re0">$uid</span> <span class="kw1">eq</span> <span class="st_h">'foo'</span> <span class="kw1">or</span> <span class="re0">$uid</span> <span class="kw1">eq</span> <span class="st_h">'bar'</span></pre>
|
|
|
|
<p>
|
|
Using groups in a rule
|
|
</p>
|
|
<pre class="code perl"><span class="sy0">^/</span>admin <span class="sy0">-></span> <span class="re0">$groups</span> <span class="sy0">=~</span> <span class="co2">/\badmin\b/</span>
|
|
|
|
<span class="co1"># Or with hGroups</span>
|
|
<span class="sy0">^/</span>admin <span class="sy0">-></span> <a href="http://perldoc.perl.org/functions/defined.html"><span class="kw3">defined</span></a> <span class="re0">$hGroups</span><span class="sy0">-></span><span class="br0">{</span><span class="st_h">'admin'</span><span class="br0">}</span>
|
|
|
|
<span class="co1"># Since 2.0.8</span>
|
|
<span class="sy0">^/</span>admin <span class="sy0">-></span> <span class="me1">inGroup</span><span class="br0">(</span><span class="st_h">'admin'</span><span class="br0">)</span></pre>
|
|
<div class="noteclassic">Groups are computed after macros, so a group rule may involve a macro value.
|
|
</div><div class="noteimportant">Macros and groups are computed in alphanumeric order, that is, in the order they are displayed in the manager. For example, macro "macro1" will be computed before macro "macro2": so, expression of macro2 may involve value of macro1. As same for groups: a group rule may involve another, previously computed group.
|
|
</div>
|
|
</div>
|
|
<!-- EDIT6 PLUGIN_INCLUDE_END "documentation:2.0:performances" [0-] --></div>
|
|
<div class="level2">
|
|
|
|
</div>
|
|
<!-- EDIT4 SECTION "Extend variables using macros and groups" [1272-] --></div>
|
|
</body>
|
|
</html>
|