Append url AuthnLevel option (#1988)

lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm

@@ -10,7 +10,6 @@ use Lemonldap::NG::Common::Crypto;
 use Lemonldap::NG::Common::Safelib;            #link protected safe Safe object
 use Lemonldap::NG::Handler::Main::Jail;
 use Scalar::Util qw(weaken);
-use Data::Dumper;
 
 use constant UNPROTECT => 1;
 use constant SKIP      => 2;
@@ -282,10 +281,10 @@ sub locationRulesInit {
         $class->tsv->{locationProtection}->{$vhost}    = [];
         $class->tsv->{locationRegexp}->{$vhost}        = [];
         $class->tsv->{locationConditionText}->{$vhost} = [];
+        $class->tsv->{locationAuthnLevel}->{$vhost}    = [];
 
         foreach my $url ( sort keys %{$rules} ) {
             my ( $cond, $prot ) = $class->conditionSub( $rules->{$url} );
-            $class->logger->debug("+++ " . $cond);
             unless ($cond) {
                 $class->tsv->{maintenance}->{$vhost} = 1;
                 $class->logger->error(
@@ -302,15 +301,18 @@ sub locationRulesInit {
                 push @{ $class->tsv->{locationCondition}->{$vhost} },  $cond;
                 push @{ $class->tsv->{locationProtection}->{$vhost} }, $prot;
                 push @{ $class->tsv->{locationRegexp}->{$vhost} },     qr/$url/;
+                push @{ $class->tsv->{locationAuthnLevel}->{$vhost} },
+                  $url =~ /\(\?#AuthnLevel=(-?\d+)\)/
+                  ? $1
+                  : undef;
                 push @{ $class->tsv->{locationConditionText}->{$vhost} },
                     $url =~ /^\(\?#(.*?)\)/ ? $1
                   : $url =~ /^(.*?)##(.+)$/ ? $2
-                  :                            $url;
+                  :                           $url;
                 $class->tsv->{locationCount}->{$vhost}++;
             }
         }
-$class->logger->debug("**** " . Data::Dumper::Dumper($class->tsv));
-                    
+
         # Default policy set to 'accept'
         unless ( $class->tsv->{defaultCondition}->{$vhost} ) {
             $class->tsv->{defaultCondition}->{$vhost}  = sub { 1 };

lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm

@@ -267,10 +267,29 @@ sub checkMaintenanceMode {
 # @return True if the user is granted to access to the current URL
 sub grant {
     my ( $class, $req, $session, $uri, $cond, $vhost ) = @_;
+    my $level;
+
     return $cond->( $req, $session ) if ($cond);
 
     $vhost ||= $class->resolveAlias($req);
-    if ( my $level = $class->tsv->{authnLevel}->{$vhost} ) {
+    for (
+        my $i = 0 ;
+        $i < ( $class->tsv->{locationCount}->{$vhost} || 0 ) ;
+        $i++
+      )
+    {
+        if ( $uri =~ $class->tsv->{locationRegexp}->{$vhost}->[$i] ) {
+            $level = $class->tsv->{locationAuthnLevel}->{$vhost}->[$i];
+            $class->logger->debug( 'Found AuthnLevel='
+                  . $level
+                  . ' for "'
+                  . "$vhost/$class->tsv->{locationConditionText}->{$vhost}->[$i]"
+                  . '"' );
+            last;
+        }
+    }
+
+    if ( $level ||= $class->tsv->{authnLevel}->{$vhost} ) {
         if ( $session->{authenticationLevel} < $level ) {
             $class->logger->debug(
                 "User authentication level = $session->{authenticationLevel}");

lemonldap-ng-manager/site/htdocs/static/forms/ruleContainer.html

@@ -33,7 +33,7 @@
           <input type="number" class="form-control" ng-model="s.level"/>
         </td>
         <td ng-if="s.re=='default'">
-          <p><strong><span trspan="defaultVHLevel"></span></strong></p>
+          <input class="form-control" placeholder="defaultLevel" readonly/>
         </td>
         <td>
           <span ng-if="s.re!='default'" class="link text-danger glyphicon glyphicon-minus-sign" ng-click="del(currentNode.nodes,$index)"/>