Commit d8b59e05 authored by Yadd's avatar Yadd
Browse files

Authentication parameters now depends on 'authentication' and 'userDB' values

parent 23ee91c4
......@@ -76,6 +76,11 @@ function hashRoot(){
display('default','Lemonldap::NG Manager');
$('#newkbr').css('display','');
}
function authParams(id) {
currentId=id;
$('#authText').attr('value',lmdata(id));
display('authParams',lmtext(id));
}
function btext(id) {
currentId=id;
$('#btextKey').attr('value',lmtext(id));
......@@ -115,6 +120,23 @@ function rulesRoot(id){
display('default','Lemonldap::NG Manager');
$('#newrbr').css('display','');
}
function reloadAuthParams() {
setlmdata(currentId,$('#authText').attr('value'));
$.ajax({
type:"POST",
url:scriptname,
data:{node:'generalParameters/authParams',conf:'authentication userDB',cfgNum:lmdata('li_cm9vdA2'),authentication:lmdata('li_L3VzZXJEQg2'),userDB:lmdata('li_L3VzZXJEQg2')},
dataType:'html',
success:function(data){
var node=$('#li_Z2VuZXJhbFBhcmFtZXRlcnMvYXV0aFBhcmFtcw2 >ul');
node.html(data);
simpleTreeCollection[0].setTreeNodes(node, true);
},
error:function(xhr, ajaxOptions, thrownError){
$('#help_content').html('<h3>Request failed</h3> Error code: '+xhr.status+', '+thrownError);
}
});
}
var count=0;
var text4newKey='Key';
var value4newKey='Value';
......
......@@ -113,6 +113,10 @@ var scriptname='<TMPL_VAR NAME="SCRIPT_NAME">';var imagepath='<TMPL_VAR NAME="DI
<textarea id="rulKey" cols="30" rows="2" onchange="setlmtext(currentId,this.value)"></textarea>&nbsp;<textarea id="rulValue" cols="50" rows="2" onchange="setlmdata(currentId,this.value)"></textarea>
</div>
<div id="content_authParams" class="hidden">
<input type="text" id="authText" onchange="reloadAuthParams()"/>
</div>
</div>
</form>
</div>
......
......@@ -31,19 +31,7 @@ sub new {
my $self = $class->SUPER::new($args)
or $class->abort( 'Unable to start ' . __PACKAGE__,
'See Apache logs for more' );
if ( $ENV{PATH_INFO} eq "/css" ) {
print $self->header_public( $ENV{SCRIPT_FILENAME}, -type => 'text/css',
);
$self->css;
$self->quit();
}
elsif ( $ENV{PATH_INFO} eq "/js" ) {
print $self->header_public( $ENV{SCRIPT_FILENAME},
-type => 'text/javascript', );
$self->js;
$self->quit();
}
elsif ( $self->param('help') ) {
if ( $self->param('help') ) {
print $self->header_public( $ENV{SCRIPT_FILENAME},
-type => 'text/html; charset=utf8' );
Lemonldap::NG::Manager::Help::import( $self->{language}
......
......@@ -29,6 +29,11 @@ sub node {
# Menu node
if ( ref($tmp) ) {
# expand _nodes
if ( ref( $tmp->{_nodes} ) eq 'CODE' ) {
$tmp->{_nodes} = $tmp->{_nodes}->($self);
}
# Scan subnodes
foreach ( @{ $tmp->{_nodes} } ) {
my $flag = ( $_ =~ s/^(\w+):// ? $1 : '' );
......@@ -44,10 +49,16 @@ sub node {
$tmp->{$target}->{_help} || $help,
$tmp->{$target}->{_js}
);
next;
}
# Substitute sub by its value
if ( ref( $tmp->{$target} ) eq 'sub' ) {
$tmp->{$target} = &{ $tmp->{$target} }($self);
}
# subnode is a node
elsif ( ref( $tmp->{$target} ) ) {
if ( ref( $tmp->{$target} ) ) {
$res .= $self->li( "$node/$target", "closed" )
. $self->span(
"$node/$target", $target, '',
......@@ -137,6 +148,14 @@ sub confNode {
}
}
}
# subnode is a conditaional node
elsif ( $target =~ s/^sub:// ) {
foreach my $s ( $self->_sub($target) ) {
$res .= $self->confNode( $node, $s, $help );
}
}
else {
$target =~ s/^(\w+)://;
my $type = $1 || 'text';
......@@ -268,6 +287,9 @@ sub conf {
$self->abort( 'Unable to get configuration',
$Lemonldap::NG::Common::Conf::msg )
unless ( $self->{_conf} );
if(my $c = $self->param('conf')){
$self->{_conf}->{$_} = $self->param($_) foreach(split /\s+/,$c);
}
return $self->{_conf};
}
......
......@@ -59,7 +59,6 @@ sub confUpload {
$id =~ s/\r//g;
$id =~ s/^\///;
$id =~ s/(?:\/[^\/]*)?$/\/$name/ if ($NK);
print STDERR "$id\n" if ($NK);
next if ( $id =~ /^(generalParameters|virtualHosts)/ );
my ( $confKey, $test ) = $self->getConfTests($id);
my ( $res, $m );
......@@ -121,13 +120,12 @@ sub confUpload {
$self->setKeyToH( $newConf, $k, $v );
}
else {
$self->lmLog( "No default value found for $k", 'warn' );
$self->lmLog( "No default value found for $k", 'info' );
}
}
}
#print STDERR Dumper( $newConf, $errors );
print STDERR Dumper($errors);
if ( $errors->{errors} ) {
$errors->{result}->{cfgNum} = 0;
$errors->{result}->{msg} = $self->translate('syntaxError');
......@@ -212,6 +210,11 @@ sub getConfTests {
sub findAllConfKeys {
my ( $self, $h ) = @_;
my @res = ();
# expand _nodes
if ( ref( $h->{_nodes} ) eq 'CODE' ) {
$h->{_nodes} = $h->{_nodes}->($self);
}
foreach my $n ( @{ $h->{_nodes} } ) {
$n =~ s/^.*?:(.*?)(?:\:.*)?$/$1/;
if ( ref( $h->{$n} ) ) {
......
......@@ -40,29 +40,77 @@ sub cstruct {
#@param $k Name of the virtual host
#@return Tree structure
sub struct {
my $self = shift;
return {
_nodes => [qw(n:generalParameters n:groups n:virtualHosts)],
_help => 'default',
######################
# GENERAL PARAMETERS #
######################
generalParameters => {
_nodes => [
qw(n:authParams cookieParams cn:exportedVars cn:macros sessionParams ldapParams n:advancedParams)
qw(portal n:authParams logParams cookieParams cn:exportedVars cn:macros sessionParams n:advancedParams)
],
_help => 'default',
portal => 'text:/portal',
# AUTHENTICATION AND USERDB PARAMETERS
authParams => {
_nodes => [
qw(portal authentication userDB syslog whatToTrace singleSession singleIP singleUserByIP)
],
_help => 'authParams',
authentication => 'text:/authentication',
portal => 'text:/portal',
userDB => 'text:/userDB',
syslog => 'int:/syslog',
# Displayed nodes depend on authentication/userDB modules choosed
_nodes => sub {
my $self = shift;
my $auth =
$self->param('authentication')
|| $self->conf->{authentication}
|| $self->defaultConf()->{authentication};
my $udb =
$self->param('userDB')
|| $self->conf->{userDB}
|| $self->defaultConf()->{userDB};
$auth = lc($auth);
$udb = lc($udb);
my %res = qw(authentication 1 userDB 1 syslog 1);
foreach my $mod ( ( $auth, ( $auth ne $udb ? $udb : () ) ) )
{
my $tmp = {
ldap => ['ldapParams'],
ssl => [qw(ldapParams SSLRequired)],
}->{$mod};
if ($tmp) {
$res{$_}++ foreach (@$tmp);
}
}
my @u = keys %res;
return \@u;
},
_help => 'authParams',
authentication => 'text:/authentication:authParams:authParams',
userDB => 'text:/userDB:authParams:authParams',
syslog => 'text:/syslog',
ldapParams => {
_nodes => [
qw(ldapServer ldapPort ldapBase managerDn managerPassword)
],
_help => 'ldap',
ldapServer => 'text:/ldapServer',
ldapPort => 'int:/ldapPort',
ldapBase => 'text:/ldapBase',
managerDn => 'text:/managerDn',
managerPassword => 'text:/managerPassword',
},
SSLRequired => 'int:/SSLRequired',
},
# LOGS PARAMETERS
logParams => {
_nodes => [qw(useXForwardedForIP whatToTrace)],
useXForwardedForIP => 'int:/useXForwardedForIP',
whatToTrace => 'text:/whatToTrace:whatToTrace:text',
singleSession => 'int:/singleSession',
singleIP => 'int:/singleIP',
singleUserByIP => 'int:/singleUserByIP',
},
# COOKIE PARAMETERS
cookieParams => {
_nodes =>
[qw(cookieName domain securedCookie cookieExpiration)],
......@@ -73,14 +121,22 @@ sub struct {
'int:/securedCookie:securedCookie:securedCookieValues',
cookieExpiration => 'text:/cookieExpiration',
},
# EXPORTED ATTRIBUTES
exportedVars => {
_nodes => ['hash:/exportedVars:vars:btext'],
_js => 'hashRoot'
},
# MACROS
macros =>
{ _nodes => ['hash:/macros:macros:btext'], _js => 'hashRoot' },
# SESSIONS PARAMETERS
sessionParams => {
_nodes => [qw(sessionStorage timeout)],
_nodes => [
qw(sessionStorage singleSession singleIP singleUserByIP timeout storePassword)
],
_help => 'storage',
sessionStorage => {
_nodes => [qw(globalStorage globalStorageOptions)],
......@@ -90,26 +146,21 @@ sub struct {
_js => 'hashRoot'
},
},
timeout => 'text:/timeout:timeout:text',
},
ldapParams => {
_nodes =>
[qw(ldapServer ldapPort ldapBase managerDn managerPassword)],
_help => 'ldap',
ldapServer => 'text:/ldapServer',
ldapPort => 'int:/ldapPort',
ldapBase => 'text:/ldapBase',
managerDn => 'text:/managerDn',
managerPassword => 'text:/managerPassword',
singleSession => 'int:/singleSession',
singleIP => 'int:/singleIP',
singleUserByIP => 'int:/singleUserByIP',
storePassword => 'int:/storePassword',
timeout => 'text:/timeout:timeout:text',
},
# OTHER PARAMETERS
advancedParams => {
_nodes => [
qw(Soap exportedAttr storePassword trustedDomains status https notifications passwordManagement userControl)
qw(Soap exportedAttr trustedDomains https notifications passwordManagement userControl)
],
Soap => 'int:/Soap',
https => 'int:/https',
exportedAttr => 'text:/exportedAttr',
storePassword => 'int:/storePassword',
notifications => {
_nodes => [
qw(notification notificationStorage notificationStorageOptions)
......@@ -134,15 +185,22 @@ sub struct {
mailBody => 'text:/mailBody',
},
trustedDomains => 'text:/trustedDomains',
status => 'int:/status',
userControl => 'text:/userControl:userControl:text',
}
},
##########
# GROUPS #
##########
groups => {
_nodes => ['hash:/groups:groups:btext'],
_js => 'hashRoot',
_help => 'default',
},
#################
# VIRTUAL HOSTS #
#################
virtualHosts => {
_nodes => ['nhash:/locationRules:virtualHosts:none'],
_upload => ['/exportedHeaders'],
......@@ -171,6 +229,7 @@ sub testStruct {
return ( $@ ? ( 0, $@ ) : 1 );
};
my $testNotDefined = { test => sub { 1 }, msgFail => 'Ok' };
return {
mailFrom => $testNotDefined,
trustedDomains => $testNotDefined,
......@@ -186,34 +245,34 @@ sub testStruct {
test => qr/^[a-zA-Z][\w\:]*$/,
msgFail => 'Bad module name',
},
userDB => {
test => qr/^[a-zA-Z][\w\:]*$/,
msgFail => 'Bad module name',
},
whatToTrace => {
test => qr/^\$?[a-zA-Z]\w*$/,
msgFail => 'Bad value',
},
portal => {
test => qr/^https?:\/\/\S+$/,
msgFail => 'Bad portal value',
},
cda => $boolean,
cookieName => {
test => qr/^[a-zA-Z]\w*$/,
msgFail => 'Bad cookie name',
},
securedCookie => {
test => qr/^(?:0|1|2)$/,
msgFail => 'securedCookie must be 0, 1 or 2',
},
domain => {
test => qr/^\.?\w+(?:\.[a-zA-Z]\w*)*(?:\.[a-zA-Z]+)$/,
msgFail => 'Bad domain',
},
timeout => {
test => qr/^\d*$/,
msgFail => 'Bad number'
exportedHeaders => {
keyTest => qr/^[a-zA-Z](?:[\w\-\.]*\w)?$/,
keyMsgFail => 'Bad virtual host name',
'*' => {
keyTest => qr/^\w([\w\-]*\w)?$/,
keyMsgFail => 'Bad header name',
test => $perlExpr,
warnTest => sub {
my $e = shift;
return ( 0, $assignMsg ) if ( $e =~ $assignTest );
1;
},
},
},
exportedVars => {
keyTest => qr/^[a-zA-Z]\w*$/,
keyMsgFail => 'Bad variable name',
test => qr/^[a-zA-Z]\w*$/,
msgFail => 'Bad attribute name',
},
globalStorage => {
test => qr/^[\w:]+$/,
......@@ -223,6 +282,17 @@ sub testStruct {
keyTest => qr/^\w+$/,
keyMsgFail => 'Bad parameter',
},
groups => {
keyTest => qr/^\w[\w-]*$/,
keyMsgFail => 'Bad group name',
test => $perlExpr,
warnTest => sub {
my $e = shift;
return ( 0, $assignMsg ) if ( $e =~ $assignTest );
1;
},
},
https => $boolean,
ldapBase => {
test => qr/^(?:\w+=.*|)$/,
msgFail => 'Bad LDAP base',
......@@ -243,45 +313,6 @@ sub testStruct {
return 1;
},
},
managerDn => {
test => qr/^(?:\w+=.*,\w+=.*)?$/,
msgFail => 'Bad LDAP dn',
},
managerPassword => {},
notificationStorage => {
test => qr/^[\w:]+$/,
msgFail => 'Bad module name',
},
notificationStorageOptions => {
keyTest => qr/^\w+$/,
keyMsgFail => 'Bad parameter',
},
groups => {
keyTest => qr/^\w[\w-]*$/,
keyMsgFail => 'Bad group name',
test => $perlExpr,
warnTest => sub {
my $e = shift;
return ( 0, $assignMsg ) if ( $e =~ $assignTest );
1;
},
},
exportedVars => {
keyTest => qr/^[a-zA-Z]\w*$/,
keyMsgFail => 'Bad variable name',
test => qr/^[a-zA-Z]\w*$/,
msgFail => 'Bad attribute name',
},
macros => {
keyTest => qr/^[a-zA-Z]\w*$/,
keyMsgFail => 'Bad macro name',
test => $perlExpr,
warnTest => sub {
my $e = shift;
return ( 0, $assignMsg ) if ( $e =~ $assignTest );
1;
},
},
locationRules => {
keyTest => qr/^[a-zA-Z](?:[\w\-\.]*\w)?$/,
msgFail => 'Bad virtual host name',
......@@ -308,12 +339,9 @@ sub testStruct {
},
},
},
exportedHeaders => {
keyTest => qr/^[a-zA-Z](?:[\w\-\.]*\w)?$/,
keyMsgFail => 'Bad virtual host name',
'*' => {
keyTest => qr/^\w([\w\-]*\w)?$/,
keyMsgFail => 'Bad header name',
macros => {
keyTest => qr/^[a-zA-Z]\w*$/,
keyMsgFail => 'Bad macro name',
test => $perlExpr,
warnTest => sub {
my $e = shift;
......@@ -321,25 +349,63 @@ sub testStruct {
1;
},
},
managerDn => {
test => qr/^(?:\w+=.*,\w+=.*)?$/,
msgFail => 'Bad LDAP dn',
},
managerPassword => {
test => qr/^\S+$/,
msgFail => 'Bad LDAP password',
},
syslog => $boolean,
Soap => $boolean,
storePassword => $boolean,
notification => $boolean,
status => $boolean,
https => $boolean,
notificationStorage => {
test => qr/^[\w:]+$/,
msgFail => 'Bad module name',
},
notificationStorageOptions => {
keyTest => qr/^\w+$/,
keyMsgFail => 'Bad parameter',
},
portal => {
test => qr/^https?:\/\/\S+$/,
msgFail => 'Bad portal value',
},
protection => {
keyTest => qr/^(?:none|authentificate|manager|)$/,
msgFail => 'must be one of none authentificate manager',
},
useXForwardedForIP => $boolean,
securedCookie => {
test => qr/^(?:0|1|2)$/,
msgFail => 'securedCookie must be 0, 1 or 2',
},
singleSession => $boolean,
singleIP => $boolean,
singleUserByIP => $boolean,
Soap => $boolean,
SSLRequired => $boolean,
storePassword => $boolean,
syslog => {
test => qw/^(?:auth|authpriv|daemon|local\d|user)?$/,
msgFail =>
'Only auth|authpriv|daemon|local0-7|user is allowed here',
},
timeout => {
test => qr/^\d*$/,
msgFail => 'Bad number'
},
userControl => {
test => $pcre,
msgFail => 'Bad regular expression',
},
userDB => {
test => qr/^[a-zA-Z][\w\:]*$/,
msgFail => 'Bad module name',
},
useXForwardedForIP => $boolean,
whatToTrace => {
test => qr/^\$?[a-zA-Z]\w*$/,
msgFail => 'Bad value',
},
};
}
......@@ -348,16 +414,40 @@ sub testStruct {
sub defaultConf {
return {
authentication => 'LDAP',
userDB => 'LDAP',
ldapServer => 'localhost',
cda => '0',
cookieName => 'lemonldap',
domain => 'example.com',
exportedVars => { cn => 'cn', mail => 'mail', uid => 'uid', },
globalStorage => 'Apache::Session::File',
globalStorageOptions => {
'Directory' => '/var/lib/lemonldap-ng/sessions/',
'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/'
},
timeout => 7200,
userControl => '^[\w\.\-@]+$',
https => '0',
ldapBase => 'dc=example,dc=com',
ldapPort => '389',
ldapServer => 'localhost',
managerDn => '',
managerPassword => '',
notification => '0',
notificationStorage => 'File',
notificationStorageOptions =>
{ dirName => '/var/lib/lemonldap-ng/notifications', },
portal => 'http://auth.example.com/',
protection => 'none',
securedCookie => '0',
singleSession => '0',
singleIP => '0',
singleUserByIP => '0',
Soap => '1',
SSLRequired => '0',
storePassword => '0',
syslog => '',
timeout => '7200',
userControl => '^[\w\.\-@]+$',
userDB => 'LDAP',
useXForwardedForIP => '0',
whatToTrace => '$uid',
};
}
......