Commit 3c5cb018 authored by Xavier Guimard's avatar Xavier Guimard

Compact conf

parent 1ccad937
......@@ -173,6 +173,8 @@ sub getConf {
unless ( ref( $self->{refLocalStorage} ) ) {
$msg .= "Get remote configuration (localStorage unavailable).\n";
$r = $self->getDBConf($args);
return undef unless ($r->{cfgNum});
$self->setDefault( $r, $args->{localPrm} );
$self->compactConf($r);
}
else {
......@@ -192,25 +194,7 @@ sub getConf {
$r = $self->getDBConf($args);
return undef unless ( $r->{cfgNum} );
# Convert old option useXForwardedForIP into trustedProxies
if ( defined $r->{useXForwardedForIP}
and $r->{useXForwardedForIP} == 1 )
{
$r->{trustedProxies} = '*';
delete $r->{useXForwardedForIP};
}
# Force Choice backend
if ( $r->{authentication} eq "Choice" ) {
$r->{userDB} = "Choice";
$r->{passwordDB} = "Choice";
}
# Some parameters expect key name (example), not variable ($example)
if ( defined $r->{whatToTrace} ) {
$r->{whatToTrace} =~ s/^\$//;
}
$self->setDefault( $r, $args->{localPrm} );
$self->compactConf($r);
# Store modified configuration in cache
......@@ -224,13 +208,6 @@ sub getConf {
# Create cipher object
unless ( $args->{raw} ) {
# Set default values
my $defaultValues =
Lemonldap::NG::Common::Conf::DefaultValues->defaultValues();
foreach my $k ( keys %$defaultValues ) {
$r->{$k} //= $defaultValues->{$k};
}
eval {
$r->{cipher} = Lemonldap::NG::Common::Crypto->new( $r->{key} );
};
......@@ -244,6 +221,42 @@ sub getConf {
}
}
# Set default values
sub setDefault {
my ( $self, $conf, $localPrm ) = @_;
my $defaultValues =
Lemonldap::NG::Common::Conf::DefaultValues->defaultValues();
if ( $localPrm and %$localPrm ) {
foreach my $k ( keys %$localPrm ) {
$conf->{$k} = $localPrm->{$k};
}
}
foreach my $k ( keys %$defaultValues ) {
$conf->{$k} //= $defaultValues->{$k};
}
# Convert old option useXForwardedForIP into trustedProxies
if ( defined $conf->{useXForwardedForIP}
and $conf->{useXForwardedForIP} == 1 )
{
$conf->{trustedProxies} = '*';
delete $conf->{useXForwardedForIP};
}
# Force Choice backend
if ( $conf->{authentication} eq "Choice" ) {
$conf->{userDB} = "Choice";
$conf->{passwordDB} = "Choice";
}
# Some parameters expect key name (example), not variable ($example)
if ( defined $conf->{whatToTrace} ) {
$conf->{whatToTrace} =~ s/^\$//;
}
return $conf;
}
## @method hashRef getLocalConf(string section, string file, int loaddefault)
# Get configuration from local file
#
......
......@@ -37,7 +37,7 @@ sub compactConf {
}
}
}
foreach my $key (%$authParameters) {
foreach my $key (keys %$authParameters) {
my $mod = $key;
$mod =~ s/Params$//;
unless ( $keep{$mod} ) {
......@@ -47,22 +47,22 @@ sub compactConf {
# Disabled for now:
## Remove unused issuerDB parameters
#foreach my $k ( keys %$issuerParameters ) {
# unless ( $conf->{ $k . "Activation" } ) {
# delete $conf->{$_} foreach ( @{ $issuerParameters->{$k} } );
# }
#}
# Remove unused issuerDB parameters
foreach my $k ( keys %$issuerParameters ) {
unless ( $conf->{ $k . "Activation" } ) {
delete $conf->{$_} foreach ( @{ $issuerParameters->{$k} } );
}
}
## Remove SAML service unless used
#unless ( $keep{saml} or $conf->{issuerDBSAMLActivation} ) {
# delete $conf->{$_} foreach (@$samlServiceParameters);
#}
# Remove SAML service unless used
unless ( $keep{saml} or $conf->{issuerDBSAMLActivation} ) {
delete $conf->{$_} foreach (@$samlServiceParameters);
}
## Remove OpenIF-Connect service unless used
#unless ( $keep{oidc} or $conf->{issuerDBOpenIDConnectActivation} ) {
# delete $conf->{$_} foreach (@$oidcServiceParameters);
#}
# Remove OpenID-Connect service unless used
unless ( $keep{oidc} or $conf->{issuerDBOpenIDConnectActivation} ) {
delete $conf->{$_} foreach (@$oidcServiceParameters);
}
return $conf;
}
......
......@@ -31,7 +31,8 @@ sub onReload {
# @return true if config is up to date or if reload config succeeded
sub checkConf {
my ( $class, $force ) = @_;
my $conf = $class->confAcc->getConf( { local => !$force } );
my $conf = $class->confAcc->getConf(
{ local => !$force, localPrm => $class->localConfig } );
unless ( ref($conf) ) {
$class->lmLog(
......@@ -51,8 +52,6 @@ sub checkConf {
$class->lmLog( 'No configuration available', 'error' );
return 0;
}
$conf->{$_} = $class->localConfig->{$_}
foreach ( keys %{ $class->localConfig } );
$class->configReload($conf);
}
$class->lmLog( "$class: configuration is up to date", 'debug' );
......
......@@ -41,6 +41,11 @@ sub types {
foreach my $f (@cf) {
$s = "sub $f {1} $s";
}
BEGIN {
${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55";
}
eval "$s $val";
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
}
......@@ -811,6 +816,11 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
foreach my $f (@cf) {
$s = "sub $f {1} $s";
}
BEGIN {
${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55";
}
eval $s;
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
}
......@@ -883,6 +893,11 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
foreach my $f (@cf) {
$s = "sub $f {1} $s";
}
BEGIN {
${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55";
}
eval "$s $val";
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
},
......@@ -913,6 +928,11 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
foreach my $f (@cf) {
$s = "sub $f {1} $s";
}
BEGIN {
${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55";
}
eval "$s $val";
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
},
......@@ -1232,6 +1252,11 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
foreach my $f (@cf) {
$s = "sub $f {1} $s";
}
BEGIN {
${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55";
}
eval $s;
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
}
......@@ -1273,6 +1298,11 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
foreach my $f (@cf) {
$s = "sub $f {1} $s";
}
BEGIN {
${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55";
}
eval "$s $val";
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
},
......@@ -1906,6 +1936,11 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
foreach my $f (@cf) {
$s = "sub $f {1} $s";
}
BEGIN {
${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55";
}
eval "$s $val";
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
},
......
......@@ -25,6 +25,7 @@ my $perlExpr = sub {
foreach my $f (@cf) {
$s = "sub $f {1} $s";
}
no warnings 'redefine';
eval "$s $val";
return $@ ? ( 1, "__badExpression__: $@" ) : (1);
};
......@@ -1010,6 +1011,7 @@ sub attributes {
foreach my $f (@cf) {
$s = "sub $f {1} $s";
}
no warnings 'redefine';
eval $s;
return $@ ? ( 1, "__badExpression__: $@" ) : (1);
},
......@@ -1043,6 +1045,7 @@ sub attributes {
foreach my $f (@cf) {
$s = "sub $f {1} $s";
}
no warnings 'redefine';
eval $s;
return $@ ? ( 1, "__badExpression__: $@" ) : (1);
}
......
......@@ -96,12 +96,12 @@ sub check {
unless ( $self->newConf ) {
return 0 unless ( $self->scanTree );
}
$self->compactConf( $self->newConf );
unless ( $self->testNewConf ) {
hdebug(" testNewConf() failed");
return 0;
}
hdebug(" tests succeed");
$self->compactConf( $self->newConf );
unless ( $self->confChanged ) {
hdebug(" no changes detected");
$self->message('__confNotChanged__');
......
......@@ -70,7 +70,8 @@ sub notifAccess {
return $self->_notifAccess if ( $self->_notifAccess );
# 1. Get notificationStorage or build it using globalStorage
my $conf = $self->_confAcc->getConf();
my $conf = $self->_confAcc->getConf(
{ localPrm => $self->confAcc->getLocalConf(MANAGERSECTION) } );
unless ($conf) {
$self->error($Lemonldap::NG::Common::Conf::msg);
return 0;
......
......@@ -39,13 +39,8 @@ sub addRoutes {
['DELETE']
);
#TODO: transfer this in Manager.pm ?
if ( my $localConf = $self->confAcc->getLocalConf(SESSIONSEXPLORERSECTION) )
{
$self->{$_} = $localConf->{$_} foreach ( keys %$localConf );
}
my $conf = $self->confAcc->getConf();
my $conf = $self->confAcc->getConf(
{ localPrm => $self->confAcc->getLocalConf(SESSIONSEXPLORERSECTION) } );
#
# Return unless configuration is available
return 0 unless ($conf);
......
......@@ -68,9 +68,9 @@ ok( $res = &client->jsonResponse('/diff/1/2'), 'Diff called' );
my ( @c1, @c2 );
ok( @c1 = sort ( keys %{ $res->[0] } ), 'diff() detects changes in conf 1' );
ok( @c2 = sort ( keys %{ $res->[1] } ), 'diff() detects changes in conf 2' );
ok( @c1 == 11, '11 keys changed in conf 1' )
ok( @c1 == 12, '12 keys changed in conf 1' )
or print STDERR "Expect: 11, get: " . @c1 . "\n";
ok( @c2 == 14, '14 keys changed or created in conf 2' )
ok( @c2 == 13, '13 keys changed or created in conf 2' )
or print STDERR "Expect: 14, get: " . @c2 . "\n";
count(5);
......
......@@ -23,8 +23,11 @@ ok( $res->[0] == 200, "Result code is 200" );
ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" );
ok( $resBody->{result} == 0, "JSON response contains \"result:0\"" )
or print STDERR Dumper($res);
ok( @{ $resBody->{details}->{__warnings__} } == 1, '1 error detected' )
or print STDERR Dumper($resBody);
ok(
$resBody->{details}->{__errors__}
and @{ $resBody->{details}->{__errors__} } == 1,
'1 error detected'
) or print STDERR Dumper($resBody);
count(5);
......
......@@ -275,17 +275,6 @@
"id": "captchaStorage",
"title": "captchaStorage",
"data": "Apache::Session::File"
}, {
"default": [{
"data": "/var/lib/lemonldap-ng/captcha/",
"id": "captchaStorageOptions/Directory",
"title": "Directory",
"type": "keyText"
}],
"id": "captchaStorageOptions",
"title": "captchaStorageOptions",
"type": "keyTextContainer",
"nodes": []
}]
}]
}, {
......@@ -1342,37 +1331,6 @@
"id": "localSessionStorage",
"title": "localSessionStorage",
"data": "Cache::FileCache"
}, {
"default": [{
"data": 3,
"id": "localSessionStorageOptions/cache_depth",
"title": "cache_depth",
"type": "keyText"
}, {
"data": "/tmp",
"id": "localSessionStorageOptions/cache_root",
"title": "cache_root",
"type": "keyText"
}, {
"data": 600,
"id": "localSessionStorageOptions/default_expires_in",
"title": "default_expires_in",
"type": "keyText"
}, {
"data": "007",
"id": "localSessionStorageOptions/directory_umask",
"title": "directory_umask",
"type": "keyText"
}, {
"data": "lemonldap-ng-sessions",
"id": "localSessionStorageOptions/namespace",
"title": "namespace",
"type": "keyText"
}],
"id": "localSessionStorageOptions",
"title": "localSessionStorageOptions",
"type": "keyTextContainer",
"nodes": []
}]
}, {
"id": "multipleSessions",
......
......@@ -285,17 +285,6 @@
"id": "captchaStorage",
"title": "captchaStorage",
"data": "Apache::Session::File"
}, {
"default": [{
"data": "/var/lib/lemonldap-ng/captcha/",
"id": "captchaStorageOptions/Directory",
"title": "Directory",
"type": "keyText"
}],
"id": "captchaStorageOptions",
"title": "captchaStorageOptions",
"type": "keyTextContainer",
"nodes": []
}]
}]
}, {
......@@ -1353,37 +1342,6 @@
"id": "localSessionStorage",
"title": "localSessionStorage",
"data": "Cache::FileCache"
}, {
"default": [{
"data": 3,
"id": "localSessionStorageOptions/cache_depth",
"title": "cache_depth",
"type": "keyText"
}, {
"data": "/tmp",
"id": "localSessionStorageOptions/cache_root",
"title": "cache_root",
"type": "keyText"
}, {
"data": 600,
"id": "localSessionStorageOptions/default_expires_in",
"title": "default_expires_in",
"type": "keyText"
}, {
"data": "007",
"id": "localSessionStorageOptions/directory_umask",
"title": "directory_umask",
"type": "keyText"
}, {
"data": "lemonldap-ng-sessions",
"id": "localSessionStorageOptions/namespace",
"title": "namespace",
"type": "keyText"
}],
"id": "localSessionStorageOptions",
"title": "localSessionStorageOptions",
"type": "keyTextContainer",
"nodes": []
}]
}, {
"id": "multipleSessions",
......
......@@ -5,10 +5,10 @@
"id": "portalParams",
"title": "portalParams",
"nodes": [{
"default": "ftp://auth.example.com/",
"default": "http://auth.example.com/",
"id": "portal",
"title": "portal",
"data": "http://auth.example.com/"
"data": "ftp://auth.example.com/"
}, {
"id": "portalMenu",
"title": "portalMenu",
......@@ -275,17 +275,6 @@
"id": "captchaStorage",
"title": "captchaStorage",
"data": "Apache::Session::File"
}, {
"default": [{
"data": "/var/lib/lemonldap-ng/captcha/",
"id": "captchaStorageOptions/Directory",
"title": "Directory",
"type": "keyText"
}],
"id": "captchaStorageOptions",
"title": "captchaStorageOptions",
"type": "keyTextContainer",
"nodes": []
}]
}]
}, {
......@@ -1342,37 +1331,6 @@
"id": "localSessionStorage",
"title": "localSessionStorage",
"data": "Cache::FileCache"
}, {
"default": [{
"data": 3,
"id": "localSessionStorageOptions/cache_depth",
"title": "cache_depth",
"type": "keyText"
}, {
"data": "/tmp",
"id": "localSessionStorageOptions/cache_root",
"title": "cache_root",
"type": "keyText"
}, {
"data": 600,
"id": "localSessionStorageOptions/default_expires_in",
"title": "default_expires_in",
"type": "keyText"
}, {
"data": "007",
"id": "localSessionStorageOptions/directory_umask",
"title": "directory_umask",
"type": "keyText"
}, {
"data": "lemonldap-ng-sessions",
"id": "localSessionStorageOptions/namespace",
"title": "namespace",
"type": "keyText"
}],
"id": "localSessionStorageOptions",
"title": "localSessionStorageOptions",
"type": "keyTextContainer",
"nodes": []
}]
}, {
"id": "multipleSessions",
......
......@@ -1139,7 +1139,7 @@ sub registration {
my $redirect_uris = $client_metadata->{redirect_uris};
# Register RP in global configuration
my $conf = $self->confAcc->getConf();
my $conf = $self->confAcc->getConf( { raw => 1 } );
$conf->{cfgAuthor} = "OpenID Connect Registration ($client_name)";
$conf->{cfgAuthorIP} = $source_ip;
......@@ -1227,7 +1227,7 @@ sub checkSession {
$req,
'../common/oidc_checksession',
params => {
COOKIENAME => $self->conf->{cookieName},
COOKIENAME => $self->conf->{cookieName},
}
);
}
......
......@@ -265,7 +265,7 @@ sub setAttributes {
sub getConfig {
my ( $self, $req, $id ) = @_;
my $conf = $self->confAcc->getConf( { cfgNum => $id } )
my $conf = $self->confAcc->getConf( { raw => 1, cfgNum => $id } )
or die("No configuration available");
return $conf;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment