worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Append url AuthnLevel option (#1988)

Browse Source
register-approval
Christophe Maudoux 6 years ago
parent 0ef23c70f0
commit 04428af556
3 changed files with 28 additions and 7 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 8
      lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm
  2. 21
      lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
  3. 2
      lemonldap-ng-manager/site/htdocs/static/forms/ruleContainer.html

8
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm
Unescape View File

@ -10,7 +10,6 @@ use Lemonldap::NG::Common::Crypto;
use Lemonldap::NG::Common::Safelib; #link protected safe Safe object use Lemonldap::NG::Common::Safelib; #link protected safe Safe object
use Lemonldap::NG::Handler::Main::Jail; use Lemonldap::NG::Handler::Main::Jail;
use Scalar::Util qw(weaken); use Scalar::Util qw(weaken);
use Data::Dumper;
use constant UNPROTECT => 1; use constant UNPROTECT => 1;
use constant SKIP => 2; use constant SKIP => 2;
@ -282,10 +281,10 @@ sub locationRulesInit {
$class->tsv->{locationProtection}->{$vhost} = []; $class->tsv->{locationProtection}->{$vhost} = [];
$class->tsv->{locationRegexp}->{$vhost} = []; $class->tsv->{locationRegexp}->{$vhost} = [];
$class->tsv->{locationConditionText}->{$vhost} = []; $class->tsv->{locationConditionText}->{$vhost} = [];
$class->tsv->{locationAuthnLevel}->{$vhost} = [];
foreach my $url ( sort keys %{$rules} ) { foreach my $url ( sort keys %{$rules} ) {
my ( $cond, $prot ) = $class->conditionSub( $rules->{$url} ); my ( $cond, $prot ) = $class->conditionSub( $rules->{$url} );
$class->logger->debug("+++ " . $cond);
unless ($cond) { unless ($cond) {
$class->tsv->{maintenance}->{$vhost} = 1; $class->tsv->{maintenance}->{$vhost} = 1;
$class->logger->error( $class->logger->error(
@ -302,6 +301,10 @@ sub locationRulesInit {
push @{ $class->tsv->{locationCondition}->{$vhost} }, $cond; push @{ $class->tsv->{locationCondition}->{$vhost} }, $cond;
push @{ $class->tsv->{locationProtection}->{$vhost} }, $prot; push @{ $class->tsv->{locationProtection}->{$vhost} }, $prot;
push @{ $class->tsv->{locationRegexp}->{$vhost} }, qr/$url/; push @{ $class->tsv->{locationRegexp}->{$vhost} }, qr/$url/;
push @{ $class->tsv->{locationAuthnLevel}->{$vhost} },
$url =~ /\(\?#AuthnLevel=(-?\d+)\)/
? $1
: undef;
push @{ $class->tsv->{locationConditionText}->{$vhost} }, push @{ $class->tsv->{locationConditionText}->{$vhost} },
$url =~ /^\(\?#(.*?)\)/ ? $1 $url =~ /^\(\?#(.*?)\)/ ? $1
: $url =~ /^(.*?)##(.+)$/ ? $2 : $url =~ /^(.*?)##(.+)$/ ? $2
@ -309,7 +312,6 @@ sub locationRulesInit {
$class->tsv->{locationCount}->{$vhost}++; $class->tsv->{locationCount}->{$vhost}++;
} }
} }
$class->logger->debug("**** " . Data::Dumper::Dumper($class->tsv));
# Default policy set to 'accept' # Default policy set to 'accept'
unless ( $class->tsv->{defaultCondition}->{$vhost} ) { unless ( $class->tsv->{defaultCondition}->{$vhost} ) {

21
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
Unescape View File

@ -267,10 +267,29 @@ sub checkMaintenanceMode {
# @return True if the user is granted to access to the current URL # @return True if the user is granted to access to the current URL
sub grant { sub grant {
my ( $class, $req, $session, $uri, $cond, $vhost ) = @_; my ( $class, $req, $session, $uri, $cond, $vhost ) = @_;
my $level;
return $cond->( $req, $session ) if ($cond); return $cond->( $req, $session ) if ($cond);
$vhost ||= $class->resolveAlias($req); $vhost ||= $class->resolveAlias($req);
if ( my $level = $class->tsv->{authnLevel}->{$vhost} ) { for (
my $i = 0 ;
$i < ( $class->tsv->{locationCount}->{$vhost} || 0 ) ;
$i++
)
{
if ( $uri =~ $class->tsv->{locationRegexp}->{$vhost}->[$i] ) {
$level = $class->tsv->{locationAuthnLevel}->{$vhost}->[$i];
$class->logger->debug( 'Found AuthnLevel='
. $level
. ' for "'
. "$vhost/$class->tsv->{locationConditionText}->{$vhost}->[$i]"
. '"' );
last;
}
}
if ( $level ||= $class->tsv->{authnLevel}->{$vhost} ) {
if ( $session->{authenticationLevel} < $level ) { if ( $session->{authenticationLevel} < $level ) {
$class->logger->debug( $class->logger->debug(
"User authentication level = $session->{authenticationLevel}"); "User authentication level = $session->{authenticationLevel}");

2
lemonldap-ng-manager/site/htdocs/static/forms/ruleContainer.html vendored
Unescape View File

@ -33,7 +33,7 @@
<input type="number" class="form-control" ng-model="s.level"/> <input type="number" class="form-control" ng-model="s.level"/>
</td> </td>
<td ng-if="s.re=='default'"> <td ng-if="s.re=='default'">
<p><strong><span trspan="defaultVHLevel"></span></strong></p> <input class="form-control" placeholder="defaultLevel" readonly/>
</td> </td>
<td> <td>
<span ng-if="s.re!='default'" class="link text-danger glyphicon glyphicon-minus-sign" ng-click="del(currentNode.nodes,$index)"/> <span ng-if="s.re!='default'" class="link text-danger glyphicon glyphicon-minus-sign" ng-click="del(currentNode.nodes,$index)"/>

Write Preview
Loading…
Cancel
Save