$self->{id} was not well managed in portal

15 years ago · c37033b81a
parent 4f979bfe22
commit c37033b81a
9 changed files with 35 additions and 42 deletions
--- a/build/lemonldap-ng/Makefile
+++ b/build/lemonldap-ng/Makefile
@ -619,6 +619,6 @@ default-diff:
 	@$(DIFF) lemonldap-ng-manager/example/sessions.pl $(LMPREFIX)/htdocs/manager/sessions.pl ||true

 tidy: clean
-	find lemon*/ -type f \( -name '*.pm' -or -name '*.pl' \) -exec perltidy -b {} \;
+	find lemon*/ -type f \( -name '*.pm' -or -name '*.pl' -or -name '*.t' \) -exec perltidy -b {} \;
 	find lemon*/ -name '*.bak' -delete

--- a/modules/lemonldap-ng-common/t/01-Common-Conf.t
+++ b/modules/lemonldap-ng-common/t/01-Common-Conf.t
@ -14,7 +14,7 @@ BEGIN { use_ok('Lemonldap::NG::Common::Conf') }
 # its man page ( perldoc Test::More ) for help writing this test script.

 my $h;
-my $inifile = "lemonldap-ng.ini";
+my $inifile     = "lemonldap-ng.ini";
 my $confsection = "configuration";

 ok(
@ -28,10 +28,10 @@ ok(

 $h = bless {}, 'Lemonldap::NG::Common::Conf';

-ok( 
+ok(
    (
-        %$h = (%$h , %{ $h->getLocalConf( $confsection, $inifile, 0) })
-            and exists $h->{localStorage}
+        %$h = ( %$h, %{ $h->getLocalConf( $confsection, $inifile, 0 ) } )
+          and exists $h->{localStorage}
    ),
    "Read $inifile"
 );
--- a/modules/lemonldap-ng-common/t/05-Common-Conf-LDAP.t
+++ b/modules/lemonldap-ng-common/t/05-Common-Conf-LDAP.t
@ -17,11 +17,11 @@ my $h;
 ok(
    $h = new Lemonldap::NG::Common::Conf(
        {
-            type     => 'LDAP',
-	    ldapServer => 'ldap://localhost',
-	    ldapConfBase => 'ou=conf,ou=websso,dc=example,dc=com',
-	    ldapBindDN => 'cn=admin,dc=example,dc=com',
-	    ldapBindPassword => 'secret',
+            type             => 'LDAP',
+            ldapServer       => 'ldap://localhost',
+            ldapConfBase     => 'ou=conf,ou=websso,dc=example,dc=com',
+            ldapBindDN       => 'cn=admin,dc=example,dc=com',
+            ldapBindPassword => 'secret',
        }
    )
 );
--- a/modules/lemonldap-ng-common/t/20-Common-CGI.t
+++ b/modules/lemonldap-ng-common/t/20-Common-CGI.t
@ -82,8 +82,7 @@ ok( $cgi->_sub('mySubtest') eq 'OK2', '_sub mechanism 2' );
 # SOAP
 SKIP: {
    eval { require SOAP::Lite };
-    skip
-      "SOAP::Lite is not installed, so CGI SOAP functions will not work", 3
+    skip "SOAP::Lite is not installed, so CGI SOAP functions will not work", 3
      if ($@);
    $ENV{HTTP_SOAPACTION} =
      'http://localhost/Lemonldap/NG/Common/CGI/SOAPService#soapfunc';
--- a/modules/lemonldap-ng-handler/t/01-Lemonldap-NG-Handler-Simple.t
+++ b/modules/lemonldap-ng-handler/t/01-Lemonldap-NG-Handler-Simple.t
@ -38,7 +38,8 @@ ok(
 );

 ok( $h->defaultValuesInit(), 'defaultValuesInit' );
-ok( $h->portalInit( { portal => 'http://auth.example.com' } ) or 1, 'portalInit' );
+ok( $h->portalInit( { portal => 'http://auth.example.com' } )
+      or 1, 'portalInit' );
 ok(
    $h->globalStorageInit(
        {
--- a/modules/lemonldap-ng-handler/t/30-Lemonldap-NG-Handler-CGI.t
+++ b/modules/lemonldap-ng-handler/t/30-Lemonldap-NG-Handler-CGI.t
@ -6,9 +6,10 @@
 # change 'tests => 1' to 'tests => last_test_to_print';

 use Test::More tests => 1;
+
 BEGIN {
    use_ok('Lemonldap::NG::Handler::CGI');
-    sub Lemonldap::NG::Handler::CGI::lmLog {}
+    sub Lemonldap::NG::Handler::CGI::lmLog { }
 }

 #########################
--- a/modules/lemonldap-ng-manager/t/20-Manager-i18n.t
+++ b/modules/lemonldap-ng-manager/t/20-Manager-i18n.t
@ -10,10 +10,9 @@ BEGIN {
        fr => 'French',
    );
    require Test::More;
-    Test::More->import(tests => ( scalar keys(%lang) ));
+    Test::More->import( tests => ( scalar keys(%lang) ) );
 }

-
 use_ok('Lemonldap::NG::Manager::_i18n');

 foreach ( keys %lang ) {
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
@ -535,9 +535,10 @@ sub getApacheSession {
        }
        return 0;
    }
-    $self->setApacheUser( $h{ $self->{whatToTrace} } )
-      if ( $id and not $noInfo );
-    $self->{id} = $h{_session_id};
+    unless ($noInfo) {
+        $self->setApacheUser( $h{ $self->{whatToTrace} } ) if ($id);
+        $self->{id} = $h{_session_id};
+    }
    return \%h;
 }

@ -712,7 +713,7 @@ sub _deleteSession {

    # Try to find a linked http session (securedCookie=>2)
    if ( my $id2 = $h->{_httpSession} ) {
-        if ( my $h2 = $self->getApacheSession($id2) ) {
+        if ( my $h2 = $self->getApacheSession( $id2, 1 ) ) {

            # Try to purge local cache
            # (if an handler is running on the same server)
@ -1219,7 +1220,7 @@ sub removeOther {
            $self->{sessionInfo}->{ $self->{whatToTrace} } );
        foreach my $id ( keys %$sessions ) {
            next if ( $current and ( $current eq $id ) );
-            my $h = $self->getApacheSession($id) or next;
+            my $h = $self->getApacheSession( $id, 1 ) or next;
            if (
                $self->{singleSession}
                or (    $self->{singleIP}
@ -1250,7 +1251,7 @@ sub removeOther {
            $self->{ipAddr}, $ENV{REMOTE_ADDR} );
        foreach my $id ( keys %$sessions ) {
            next if ( $current and $current eq $id );
-            my $h = $self->getApacheSession($id) or next;
+            my $h = $self->getApacheSession( $id, 1 ) or next;
            unless ( $self->{sessionInfo}->{ $self->{whatToTrace} } eq
                $h->{ $self->{whatToTrace} } )
            {
@ -1284,10 +1285,6 @@ sub removeOther {
            $ENV{HTTP_ACCEPT_LANGUAGE} )
          . "</a></p>"
    ) if ( $self->{notifyOther} and @{ $self->{otherSessions} } );
-
-    # Since we have used getApacheSession, $self->{id} has been set, we must
-    # remove it
-    $self->{id} = '';
    PE_OK;
 }

@ -1353,7 +1350,7 @@ sub store {

    # Create second session for unsecure cookie
    if ( $self->{securedCookie} == 2 ) {
-        my $h2 = $self->getApacheSession(undef);
+        my $h2 = $self->getApacheSession( undef, 1 );
        $h2->{$_} = $self->{sessionInfo}->{$_}
          foreach ( keys %{ $self->{sessionInfo} } );
        $self->{sessionInfo}->{_httpSession} = $h2->{_session_id};
--- a/modules/lemonldap-ng-portal/t/01-Lemonldap-NG-Portal-Simple.t
+++ b/modules/lemonldap-ng-portal/t/01-Lemonldap-NG-Portal-Simple.t
@ -5,7 +5,7 @@

 # change 'tests => 1' to 'tests => last_test_to_print';

-use Test::More tests => 12;
+use Test::More tests => 10;

 BEGIN { use_ok( 'Lemonldap::NG::Portal::Simple', ':all' ) }

@ -38,8 +38,8 @@ ok(
            globalStorage  => 'Apache::Session::File',
            domain         => 'example.com',
            authentication => 'LDAP test=1',
-	    user           => '',
-	    password       => '',
+            user           => '',
+            password       => '',
        }
    ),
    'Portal object'
@ -71,8 +71,8 @@ ok( $p->{error} == PE_FORMEMPTY, 'Error code: missing password' );
 # No ldap
 $p->{extractFormInfo} = sub {
    my $self = shift;
-    $self->{user}        = 'user';
-    $self->{password}    = '';
+    $self->{user}     = 'user';
+    $self->{password} = '';
    PE_OK;
 };

@ -81,18 +81,14 @@ $p->{bind}           = sub { PE_OK };
 $p->{search}         = sub { PE_OK };
 $p->{setSessionInfo} = sub { PE_OK };
 $p->{unbind}         = sub { PE_OK };
-$p->{store}          = sub { PE_OK };
-$p->{authenticate}   = sub { PE_OK };
+$p->{store}          = sub {
+    my $self = shift;
+    $self->{id} = 1;
+    PE_OK;
+};
+$p->{authenticate} = sub { PE_OK };
 ok( $p->process > 0, 'User OK' );

 # Cookie test
-$p->{id} = 1;
-ok( $p->buildCookie == PE_OK, 'Cookie build' );
-ok(
-    (
-        ref( $p->{cookie} ) eq 'ARRAY' and $p->{cookie}->[0]->isa('CGI::Cookie')
-    ),
-    'Valid cookie'
-);
 ok( $p->{cookie}->[0]->value eq '1', 'Cookie value' );