Commit 7b8ef210 authored by Xavier Guimard's avatar Xavier Guimard

* New feature: 'macros' parameter can be used to add exported variables

  calculated with other LDAP attributes. It can be used to simplify rules
  configuration
* Correction of bad use of Safe in portal: groups mechanism was not working
  well since we use Safe


git-svn-id: svn://svn.forge.objectweb.org/svnroot/lemonldap/trunk@20 1dbb9719-a921-0410-b57f-c3a383c2c641
parent b831875d
......@@ -14,7 +14,7 @@ BEGIN {
}
}
our $VERSION = '0.51';
our $VERSION = '0.52';
our @ISA = qw(Lemonldap::NG::Handler::SharedConf);
......@@ -142,6 +142,8 @@ stored configuration has changed and reload it if it has.
locationRules text,
globalStorage text,
globalStorageOptions text,
groups text,
macros text,
exportedHeaders text,
portal text,
domain text,
......
Revision history for Perl extension Lemonldap::NG::Manager.
0.4 Sat Jan 13 20:23:18 2007
- New configuration parameter named 'macros'. It can be used to
declare new attributes (exported vars) calculated with Perl
expressions on variables.
TODO: documentation (but french help is done)
0.3 Thu Jan 4 9:22:34 2007
- Help system skeleton and help in french
......
......@@ -12,7 +12,7 @@ require Lemonldap::NG::Manager::Help;
our @ISA = qw(Lemonldap::NG::Manager::Base);
our $VERSION = '0.3';
our $VERSION = '0.4';
sub new {
my ( $class, $args ) = @_;
......@@ -129,6 +129,9 @@ sub printXmlConf {
text => &exportedVars,
item => {},
},
macros => {
text => &macros,
},
ldapParameters => {
text => &ldapParameters,
item => {},
......@@ -156,17 +159,13 @@ sub printXmlConf {
};
my $generalParameters = $tree->{item}->{item}->{generalParameters}->{item};
my $exportedVars =
$tree->{item}->{item}->{generalParameters}->{item}->{exportedVars}
->{item};
$tree->{item}->{item}->{generalParameters}->{item}->{exportedVars}->{item};
my $ldapParameters =
$tree->{item}->{item}->{generalParameters}->{item}->{ldapParameters}
->{item};
$tree->{item}->{item}->{generalParameters}->{item}->{ldapParameters}->{item};
my $sessionStorage =
$tree->{item}->{item}->{generalParameters}->{item}->{sessionStorage}
->{item};
$tree->{item}->{item}->{generalParameters}->{item}->{sessionStorage}->{item};
my $globalStorageOptions =
$tree->{item}->{item}->{generalParameters}->{item}->{sessionStorage}
->{item}->{globalStorageOptions}->{item};
$tree->{item}->{item}->{generalParameters}->{item}->{sessionStorage}->{item}->{globalStorageOptions}->{item};
my $authParams =
$tree->{item}->{item}->{generalParameters}->{item}->{authParams}->{item};
$authParams->{authentication} =
......@@ -215,11 +214,9 @@ sub printXmlConf {
}
if ( $config->{globalStorageOptions} ) {
$tree->{item}->{item}->{generalParameters}->{item}->{sessionStorage}
->{item}->{globalStorageOptions}->{item} = {};
$tree->{item}->{item}->{generalParameters}->{item}->{sessionStorage}->{item}->{globalStorageOptions}->{item} = {};
$globalStorageOptions =
$tree->{item}->{item}->{generalParameters}->{item}->{sessionStorage}
->{item}->{globalStorageOptions}->{item};
$tree->{item}->{item}->{generalParameters}->{item}->{sessionStorage}->{item}->{globalStorageOptions}->{item};
while ( my ( $n, $opt ) = each( %{ $config->{globalStorageOptions} } ) )
{
$globalStorageOptions->{$n} = $self->xmlField( "both", $opt, $n );
......@@ -261,6 +258,13 @@ sub printXmlConf {
$groups->{$group} = $self->xmlField( 'both', $expr, $group );
}
}
if ( $config->{macros} ) {
$tree->{item}->{item}->{generalParameters}->{item}->{macros}->{item} = {};
my $macros = $tree->{item}->{item}->{generalParameters}->{item}->{macros}->{item};
while ( my ( $macro, $expr ) = each( %{ $config->{macros} } ) ) {
$macros->{$macro} = $self->xmlField( 'both', $expr, $macro );
}
}
print XMLout(
$tree,
......@@ -328,20 +332,15 @@ sub upload {
}
$config->{cookieName} = $tree->{generalParameters}->{cookieName}->{value};
$config->{domain} = $tree->{generalParameters}->{domain}->{value};
$config->{globalStorage} =
$tree->{generalParameters}->{sessionStorage}->{globalStorage}->{value};
while (
my ( $v, $h ) = each(
%{
$tree->{generalParameters}->{sessionStorage}
->{globalStorageOptions}
}
)
)
{
$config->{globalStorage} = $tree->{generalParameters}->{sessionStorage}->{globalStorage}->{value};
while ( my ( $v, $h ) = each( %{ $tree->{generalParameters}->{sessionStorage}->{globalStorageOptions} })) {
next unless ( ref($h) );
$config->{globalStorageOptions}->{ $h->{text} } = $h->{value};
}
while ( my ( $v, $h ) = each( %{ $tree->{generalParameters}->{macros} })) {
next unless ( ref($h) );
$config->{macros}->{ $h->{text} } = $h->{value};
}
foreach (qw(ldapBase ldapPort ldapServer managerDn managerPassword)) {
$config->{$_} =
$tree->{generalParameters}->{ldapParameters}->{$_}->{value};
......
......@@ -2,7 +2,7 @@ package Lemonldap::NG::Manager::Help;
use AutoLoader qw(AUTOLOAD);
use UNIVERSAL qw(can);
our $VERSION = '0.2';
our $VERSION = '0.21';
sub import {
my ($caller_package) = caller;
......@@ -18,7 +18,7 @@ sub import {
}
}
$l ||= "en";
foreach $h (qw(virtualHosts groups ldap vars storage)) {
foreach $h (qw(virtualHosts groups ldap vars storage macros)) {
*{"${caller_package}::help_$h"} = \&{"help_${h}_$l"};
}
}
......@@ -34,6 +34,12 @@ sub help_virtualHosts_en {
EOT
}
sub help_macros_en {
print <<EOT;
<h3>User Groups</h3>
EOT
}
sub help_groups_en {
print <<EOT;
<h3>User Groups</h3>
......@@ -91,6 +97,25 @@ comme suit&nbsp;: <tt>&lt;nom de l'en-t&ecirc;te&gt; =&gt; &lt;expression Perl&g
EOT
}
sub help_macros_fr {
print <<EOT;
<h3>Macros</h3>
<p> Les macros permettent d'ajouter des variables calculées à partir des
attributs LDAP (variables exportées). Elles évitent de répéter le même calcul
plusieurs fois dans la configuration. Exemple&nbsp;:</p>
<pre>
# macros
nom_complet => \$givenname . " " . \$surname
admin => \$uid eq "foo" or \$uid eq "bar"
# test.example.com - En-têtes
Nom => \$nom_complet
# test.example.com - Règles
^/admin/ => \$admin
EOT
}
sub help_groups_fr {
print <<EOT;
<h3>Groupes d'utilisateurs</h3>
......
......@@ -5,7 +5,7 @@ package Lemonldap::NG::Manager::_HTML;
# comes for the first time.
use AutoLoader qw(AUTOLOAD);
our $VERSION = '0.05';
our $VERSION = '0.1';
1;
__END__
......@@ -129,6 +129,10 @@ function onNodeSelect(nodeId) {
}
help('virtualHosts');
}
else if(nodeIs(nodeId,"macros")){
but+=button('Nouvelle macro','newMacro',nodeId);
help('macros');
}
else if(nodeIs(nodeId,"groups")){
but+=button('Nouveau groupe','newGroup',nodeId);
help('groups');
......@@ -214,6 +218,10 @@ function newGroup(id){
newValue('groups','New-group','both','');
}
function newMacro(id){
newValue('macros','newMacro','both','');
}
function newVar(id){
newValue('exportedVars','New-var','both','uid');
}
......
......@@ -2,7 +2,7 @@ package Lemonldap::NG::Manager::_i18n;
use AutoLoader qw(AUTOLOAD);
use UNIVERSAL qw(can);
our $VERSION = '0.1';
our $VERSION = '0.11';
sub import {
my ($caller_package) = caller;
......@@ -40,6 +40,7 @@ sub fr {
globalStorageOptions => 'Param&egrave;tres du module Apache::Session',
authParams => "Param&egrave;tres d'authentification",
userGroups => "Groupes d'utilisateurs",
macros => "Macros",
virtualHosts => "H&ocirc;tes virtuels",
authenticationType => "Type d'authentification",
securedCookie => 'Cookie s&eacute;curis&eacute; (SSL)',
......
......@@ -2,7 +2,7 @@ package Lemonldap::NG::Portal;
print STDERR
"See Lemonldap::NG::Portal(3) to know which Lemonldap::NG::Portal::* module to use.";
our $VERSION = "0.52";
our $VERSION = "0.6";
1;
......
......@@ -9,14 +9,14 @@ use Safe;
*EXPORT_TAGS = *Lemonldap::NG::Portal::Simple::EXPORT_TAGS;
*EXPORT = *Lemonldap::NG::Portal::Simple::EXPORT;
our $VERSION = "0.41";
our $VERSION = "0.42";
our @ISA = qw(Lemonldap::NG::Portal::Simple);
# Secure jail
our $safe = new Safe;
##################
# OVERLOADED sub #
# OVERLOADED SUB #
##################
# getConf: all parameters returned by the Lemonldap::NG::Manager::Conf object
......@@ -35,12 +35,24 @@ sub getConf {
1;
}
# Here is implemented the 'groups' mechanism. See Lemnldap::NG::Portal for
# more.
sub setGroups {
my $self = shift;
# Here is implemented the 'macro' mechanism.
our $self; # Safe cannot share a variable declared with my
sub setMacros {
local $self = shift;
die __PACKAGE__ . ": Unable to get configuration"
unless ( $self->getConf(@_) );
while ( my($n, $e) = each ( %{ $self->{macros} } ) ) {
$e =~ s/\$(\w+)/\$self->{sessionInfo}->{$1}/g;
$safe->share( '$self', '&encode_base64' );
$self->{sessionInfo}->{$n} = $safe->reval($e);
}
PE_OK;
}
# Here is implemented the 'groups' mechanism. See Lemonldap::NG::Portal for
# more.
sub setGroups {
local $self = shift;
my $groups;
foreach ( keys %{ $self->{groups} } ) {
my $filter = $self->scanexpr( $self->{groups}->{$_} );
......@@ -79,7 +91,7 @@ sub scanexpr {
# Perl expressions
if ( s/^{(.*)}$/$1/ or $_ !~ /^\(.*\)$/ ) {
s/\$(\w+)/\$self->{sessionInfo}->{$1}/g;
$safe->share( '$self', '$result' );
$safe->share( '$self', '&encode_base64' );
$result = $safe->reval($_);
return $result ? "1" : "0";
}
......
......@@ -10,7 +10,7 @@ use warnings;
use MIME::Base64;
use CGI;
our $VERSION = '0.42';
our $VERSION = '0.5';
our @ISA = qw(CGI Exporter);
......@@ -160,16 +160,17 @@ sub redirect {
}
}
###################################
# MAIN subroutine: call all steps #
###################################
###############################################################
# MAIN subroutine: call all steps until one returns something #
# different than PE_OK #
###############################################################
sub process {
my ($self) = @_;
$self->{error} = PE_OK;
foreach my $sub
qw(controlUrlOrigin extractFormInfo formateParams formateFilter
connectLDAP bind search setSessionInfo setGroups authenticate store unbind
buildCookie log autoRedirect) {
connectLDAP bind search setSessionInfo setMacros setGroups authenticate
store unbind buildCookie log autoRedirect) {
if ( $self->{$sub} )
{
last if ( $self->{error} = &{ $self->{$sub} }($self) );
......@@ -193,6 +194,8 @@ sub controlUrlOrigin {
# TODO: what to do with existing sessions ?
# - delete and create a new session
# - re-authentication (actual scheme)
# - nothing: user is authenticated and process
# returns true
sub controlExistingSession {
PE_OK;
}
......@@ -290,11 +293,16 @@ sub setSessionInfo {
}
# 9. Unused here, but overloaded in SharedConf.pm
sub setMacros {
PE_OK;
}
# 10. Unused here, but overloaded in SharedConf.pm
sub setGroups {
PE_OK;
}
# 10. Now, LDAP will not be used by Lemonldap except for LDAP
# 11. Now, LDAP will not be used by Lemonldap except for LDAP
# authentication scheme
sub unbind {
my $self = shift;
......@@ -303,7 +311,7 @@ sub unbind {
PE_OK;
}
# 11. Default authentication: LDAP bind with user credentials
# 12. Default authentication: LDAP bind with user credentials
sub authenticate {
my $self = shift;
return PE_OK if ( $self->{id} );
......@@ -315,7 +323,7 @@ sub authenticate {
PE_OK;
}
# 12. Now, the user is authenticated. It's time to store his parameters with
# 13. Now, the user is authenticated. It's time to store his parameters with
# Apache::Session::* module
sub store {
my ($self) = @_;
......@@ -332,7 +340,7 @@ sub store {
PE_OK;
}
# 13. If all is done, we build the Lemonldap::NG cookie
# 14. If all is done, we build the Lemonldap::NG cookie
sub buildCookie {
my $self = shift;
$self->{cookie} = $self->cookie(
......@@ -346,7 +354,7 @@ sub buildCookie {
PE_OK;
}
# 14. By default, nothing is logged. Users actions are logged on applications.
# 15. By default, nothing is logged. Users actions are logged on applications.
# It's easy to override this in the contructor :
# my $portal = new Lemonldap::NG::Portal ( {
# ...
......@@ -360,7 +368,7 @@ sub log {
PE_OK;
}
# 15. If the user was redirected to the portal, we will now redirect him
# 16. If the user was redirected to the portal, we will now redirect him
# to the requested URL
sub autoRedirect {
my $self = shift;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment