Commit cc047402 authored by Christophe Maudoux's avatar Christophe Maudoux

Fix userControl (#1667)

parent ef4f1fb0
......@@ -74,15 +74,34 @@ sub check {
## Check user session datas
# Use submitted attribute if exists
my $url = $req->param('url') || '';
if ( $req->param('user') ) {
unless ( $req->param('user') =~ /$self->{conf}->{userControl}/o ) {
return PE_MALFORMEDUSER;
my $url = $req->param('url') || '';
my $user = $req->param('user') || '';
if ($user) {
unless ( $user =~ /$self->{conf}->{userControl}/o ) {
$user = '';
$attrs = {};
return $self->p->sendHtml(
$req,
'checkuser',
params => {
PORTAL => $self->conf->{portal},
MAIN_LOGO => $self->conf->{portalMainLogo},
LANGS => $self->conf->{showLanguages},
MSG => 'PE' . PE_MALFORMEDUSER,
ALERTE => 'alert-warning',
LOGIN => $req->{user},
TOKEN => (
$self->conf->{requireToken}
? $self->ott->createToken( $req->sessionInfo )
: ''
)
}
);
}
}
if ( $req->param('user') eq $req->{user} or !$req->param('user') ) {
if ( $user eq $req->{user} or !$user ) {
$self->userLogger->notice("Retrieve session from Sessions database");
$self->userLogger->warn("Using spoofed SSO groups if exist!!!")
if ( $self->conf->{impersonationRule} );
......@@ -90,7 +109,7 @@ sub check {
}
else {
$self->logger->debug("Check requested for $req->{user}");
$req->{user} = $req->param('user');
$req->{user} = $user;
$self->userLogger->notice(
"Retrieve session from userDB and compute Groups & Macros");
$attrs = $self->_userDatas($req);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment