Commit b1048043 authored by Christophe Maudoux's avatar Christophe Maudoux

Restore GET activation global rule & Improve unit test (#1625)

parent 094f205e
......@@ -4,17 +4,46 @@ use strict;
use Mouse;
use URI::Escape;
use Lemonldap::NG::Common::FormEncode;
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_BADURL);
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_BADURL PE_GET_SERVICE_NOT_ALLOWED);
our $VERSION = '2.0.0';
extends 'Lemonldap::NG::Portal::Main::Issuer';
has rule => ( is => 'rw', default => sub { {} } );
# INITIALIZATION
sub init {
my ($self) = @_;
# Parse activation rule
my $hd = $self->p->HANDLER;
$self->logger->debug(
"GET rule -> " . $self->conf->{issuerDBGetRule} );
my $rule =
$hd->buildSub(
$hd->substitute( $self->conf->{issuerDBGetRule} ) );
unless ($rule) {
$self->error( "Bad GET rule -> " . $hd->tsv->{jail}->error );
return 0;
}
$self->{rule} = $rule;
return 0 unless ( $self->SUPER::init() );
return 1;
}
# RUNNING METHODS
sub run {
my ( $self, $req ) = @_;
# Check activation rule
unless ( $self->rule->( $req, $req->sessionInfo ) ) {
$self->userLogger->error('GET service not authorized');
return PE_GET_SERVICE_NOT_ALLOWED;
}
# Session ID
my $session_id = $req->{sessionInfo}->{_session_id} || $self->{id};
......
......@@ -97,6 +97,7 @@ use constant {
PE_SAML_SERVICE_NOT_ALLOWED => 89,
PE_OIDC_SERVICE_NOT_ALLOWED => 90,
PE_OID_SERVICE_NOT_ALLOWED => 91,
PE_GET_SERVICE_NOT_ALLOWED => 92,
};
......@@ -125,7 +126,7 @@ our @EXPORT_OK = qw( PE_SENDRESPONSE PE_INFO PE_REDIRECT PE_DONE PE_OK
PE_REGISTERALREADYEXISTS PE_NOTOKEN PE_TOKENEXPIRED HANDLER PE_U2FFAILED
PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTAUTHN
PE_MUSTHAVEMAIL PE_SAML_SERVICE_NOT_ALLOWED PE_OIDC_SERVICE_NOT_ALLOWED
PE_OID_SERVICE_NOT_ALLOWED
PE_OID_SERVICE_NOT_ALLOWED PE_GET_SERVICE_NOT_ALLOWED
);
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
......
......@@ -8,9 +8,10 @@ my $res;
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'error',
logLevel => 'debug',
useSafeJail => 1,
issuerDBGetActivation => 1,
issuerDBGetRule => '$uid eq "dwho"',
issuerDBGetPath => '^/test/',
issuerDBGetParameters =>
{ 'test1.example.com' => { ID => '_session_id' } }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment