From 57715c8b697336d20ceec2c922bced4fc4384f2a Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Sat, 28 Apr 2018 09:09:34 +0200 Subject: [PATCH] Fix #1413 --- lemonldap-ng-portal/MANIFEST | 1 + .../lib/Lemonldap/NG/Portal/Lib/Choice.pm | 3 +- .../t/28-AuthChoice-with-rules.t | 71 +++++++++++++++++++ 3 files changed, 74 insertions(+), 1 deletion(-) create mode 100644 lemonldap-ng-portal/t/28-AuthChoice-with-rules.t diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST index f0d46b69e..346c69f89 100644 --- a/lemonldap-ng-portal/MANIFEST +++ b/lemonldap-ng-portal/MANIFEST @@ -360,6 +360,7 @@ t/24-AuthKerberos.t t/25-AuthSlave.t t/26-AuthRemote.t t/27-AuthProxy.t +t/28-AuthChoice-with-rules.t t/28-AuthChoice.t t/29-AuthSSL.t t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm index a9af741ae..bb1371518 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm @@ -57,7 +57,7 @@ sub init { my $cond = $mods[4]; if ( defined $cond ) { $self->logger->debug("Found a rule for $name"); - my $_choiceRules->{$name} = + $_choiceRules->{$name} = $safe->reval("sub{my(\$env)=\@_;return ($cond)}"); if ($@) { $self->logger->error("Bad condition $cond: $@"); @@ -144,6 +144,7 @@ sub _buildAuthLoop { ); } else { + $self->logger->debug("Displaying authentication choice $_"); if ( $auth and $userDB and $passwordDB ) { # Default URL diff --git a/lemonldap-ng-portal/t/28-AuthChoice-with-rules.t b/lemonldap-ng-portal/t/28-AuthChoice-with-rules.t new file mode 100644 index 000000000..9b80f6b5a --- /dev/null +++ b/lemonldap-ng-portal/t/28-AuthChoice-with-rules.t @@ -0,0 +1,71 @@ +use Test::More; +use strict; +use IO::String; + +require 't/test-lib.pm'; + +my $res; +my $maintests = 3; + +eval { unlink 't/userdb.db' }; + +SKIP: { + eval { require DBI; require DBD::SQLite; }; + if ($@) { + skip 'DBD::SQLite not found', $maintests; + } + require 't/test-ldap.pm'; + my $dbh = DBI->connect("dbi:SQLite:dbname=t/userdb.db"); + $dbh->do('CREATE TABLE users (user text,password text,name text)'); + $dbh->do("INSERT INTO users VALUES ('dwho','dwho','Doctor who')"); + + my $client = LLNG::Manager::Test->new( + { + ini => { + logLevel => 'error', + useSafeJail => 1, + authentication => 'Choice', + userDB => 'Same', + + authChoiceParam => 'test', + authChoiceModules => { + demo => 'Demo;Demo;Null;;0', + sql => 'DBI;DBI;DBI;;1', + }, + + dbiAuthChain => 'dbi:SQLite:dbname=t/userdb.db', + dbiAuthUser => '', + dbiAuthPassword => '', + dbiAuthTable => 'users', + dbiAuthLoginCol => 'user', + dbiAuthPasswordCol => 'password', + dbiAuthPasswordHash => '', + } + } + ); + + ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu' ); + ok( $res->[2]->[0] !~ /demo/, 'Demo not displayed' ); + + # Test SQL + my $postString = 'user=dwho&password=dwho&test=sql'; + + # Try yo authenticate + # ------------------- + ok( + $res = $client->_post( + '/', IO::String->new($postString), + length => length($postString) + ), + 'Auth query' + ); + expectOK($res); + my $id = expectCookie($res); + $client->logout($id); + clean_sessions(); +} +count($maintests); +eval { unlink 't/userdb.db' }; +stopLdapServer() if $ENV{LLNGTESTLDAP}; +clean_sessions(); +done_testing( count() );