Skip to content

A
acs-authentication
Commit 00d349ee authored by Frank Bergmann's avatar Frank Bergmann
Browse files
Options

- Comitting OpenACS 5.9

parent 8b91645b
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 305 additions and 307 deletions
acs-authentication.info
View file @ 00d349ee
......@@ -7,20 +7,19 @@
<initial-install-p>t</initial-install-p>
<singleton-p>t</singleton-p>
<version name="5.7.0" url="http://openacs.org/repository/download/apm/acs-authentication-5.7.0.apm">
<version name="5.10.0d1" url="http://openacs.org/repository/download/apm/acs-authentication-5.10.0d1.apm">
<owner url="mailto:lars@collaboraid.biz">Lars Pind</owner>
<summary>Authentication, account management, and related functionality.</summary>
<release-date>2011-06-12</release-date>
<maturity>3</maturity>
<release-date>2013-09-08</release-date>
<vendor url="http://www.collaboraid.biz">Collaboraid</vendor>
<maturity>3</maturity>
<license url="http://www.gnu.org/copyleft/gpl.html">GPL version 2</license>
<description format="text/html">Implements authentication-related security functions for OpenACS, including password, account and session management, bulk account creation etc. Provides a contract based interface for different authentication methods such as PAM or LDAP based authentication.</description>
<provides url="acs-authentication" version="5.7.0"/>
<requires url="acs-kernel" version="5.7.0"/>
<requires url="acs-service-contract" version="5.7.0"/>
<requires url="acs-mail-lite" version="5.7.0"/>
<provides url="acs-authentication" version="5.10.0d1"/>
<requires url="acs-kernel" version="5.10.0d1"/>
<requires url="acs-service-contract" version="5.10.0d1"/>
<requires url="acs-mail-lite" version="5.10.0d1"/>
<callbacks>
<callback type="after-install" proc="auth::package_install"/>
......@@ -28,7 +27,8 @@
<callback type="before-uninstall" proc="auth::package_uninstall"/>
</callbacks>
<parameters>
<parameter datatype="number" min_n_values="1" max_n_values="1" name="AcknowledgementFileName" default="{acs_root_dir}/batch-sync-ack-{authority}-{ansi_date}.xml" description="Full file path to where we should drop the acknowledgement file for batch syncs. You can use these special values: {acs_root_dir} will get replaced with the root directory for this OpenACS installation, e.g. '/var/lib/aolserver/service0' (no trailing slash). {ansi_date} will get replaced with today's date in ANSI format, e.g. '2003-10-29'. {authority} will get replaced with the short_name of the authority, e.g. 'rz_pam'." section_name="Batch Synchronization"/>
<parameter datatype="number" min_n_values="1" max_n_values="1" name="AcknowledgementFileName" default="{acs_root_dir}/batch-sync-ack-{authority}-{ansi_date}.xml" description="Full file path to where we should drop the acknowledgement file for batch syncs. You can use these special values: {acs_root_di
r} will get replaced with the root directory for this OpenACS installation, e.g. '/var/lib/aolserver/service0' (no trailing slash). {ansi_date} will get replaced with today's date in ANSI format, e.g. '2003-10-29'. {authority} will get replaced with the short_name of the authority, e.g. 'rz_pam'." section_name="Batch Synchronization"/>
<parameter datatype="number" min_n_values="1" max_n_values="1" name="KeepBatchLogDays" default="0" description="The number of days to keep the log for a batch user synchronization job around. Say 0 if you want to keep the log forever." section_name="Batch Synchronization"/>
<parameter datatype="string" min_n_values="1" max_n_values="1" name="RegisterAuthority" default="local" description="The short name of the authority in which users are registered. Is best set in the Authentication admin UI."/>
<parameter datatype="number" min_n_values="1" max_n_values="1" name="SyncAddUsersToDotLrnP" default="0" description="Should we add users to .LRN? This requires .LRN to be installed, and has serious performance implications." section_name="Batch Synchronization"/>
......
catalog/acs-authentication.ru_RU.utf-8.xml
View file @ 00d349ee
<?xml version="1.0" encoding="utf-8"?>
<message_catalog package_key="acs-authentication" locale="ru_RU" charset="utf-8">
<msg key="Add_to_Community">Добавить к сообществу</msg>
<msg key="Add_to_system_name">Добавить к %system_name%</msg>
<msg key="Does_not_have_an_account_on_system_name">Не имеет учётной записи для %system_name%</msg>
<msg key="Has_account_on_system_name">Имеет учётную запись для %system_name%</msg>
<msg key="Invalid_username_or_password">Неправильное имя пользователя или пароль</msg>
<msg key="lt_Not_getting_the_results_you_expected">Неожиданный результат? Попробуйте поиск:</msg>
</message_catalog>
lib/local-search.tcl
View file @ 00d349ee
......@@ -70,5 +70,5 @@ set orderby_column [lindex $orderby_list 0]
set direction [lindex $orderby_list 1]
set direction [string map {asc -increasing desc -decreasing} $direction]
if {$orderby_column ne ""} {
eval "template::multirow -ulevel 2 -local sort users $direction $orderby_column"
}
\ No newline at end of file
template::multirow -ulevel 2 -local sort users $direction $orderby_column
}
lib/search.adp
View file @ 00d349ee
......@@ -59,7 +59,7 @@ html>body #navbar { bottom: 0px }
</style>
<multiple name="authorities">
<if @authorities.authority_id@ eq @selected_authority_id@>
<include src="@authorities.form_include@" authority_id="@authorities.authority_id@" search_text="@search_text@" return_url="@return_url@" orderby="@orderby@" member_url="@member_url@" group_id="@group_id@" &="rel_type" &="object_id" &="privilege"></if>
<include src="@authorities.form_include;literal@" authority_id="@authorities.authority_id;literal@" search_text="@search_text;literal@" return_url="@return_url;literal@" orderby="@orderby;literal@" member_url="@member_url;literal@" group_id="@group_id;literal@" &="rel_type" &="object_id" &="privilege"></if>
</multiple>
<div id="navbar-div">
......
lib/search.tcl
View file @ 00d349ee
......@@ -16,12 +16,12 @@ ad_page_contract {
} {
{search_text ""}
{authority_id ""}
orderby:optional
{authority_id:naturalnum,notnull ""}
orderby:token,optional
}
set authority_options [auth::authority::get_authority_options]
set default_authority_id [lindex [lindex $authority_options 0] 1]
set default_authority_id [lindex $authority_options 0 1]
if {$authority_id eq ""} {
set authority_id $default_authority_id
}
......@@ -65,15 +65,18 @@ if {[info exists add_permission] && [llength $add_permission]} {
lappend bulk_actions $add_user_label $add_user_url $add_user_label
}
if {![regexp {\?} $add_user_url]} {
set add_user_url "${add_user_url}?"
set add_user_url "$add_user_url?"
}
if {![info exists group_id] || $group_id eq ""} {
set group_id [application_group::group_id_from_package_id -package_id $package_id]
}
# generate authority links
template::multirow create users first last username email auth_status group_member_p create_account_url actions extra_attributes user_id authority_id
template::multirow create users \
first last username email auth_status group_member_p create_account_url actions extra_attributes user_id authority_id
ns_log debug "MEMBER SEARCH TCL level='[template::adp_level]' [uplevel \#[template::adp_level] "info vars"]"
template::list::create \
-no_data "Search returned no results" \
-name users \
......@@ -87,16 +90,25 @@ ns_log debug "MEMBER SEARCH TCL level='[template::adp_level]' [uplevel \#[templa
display_template {<if @users.first@ not nil and @users.last@ not nil and @users.email@ not nil and @users.group_member_p@ false><input type="checkbox" name="userkey" value="@users.username@ @users.authority_id@" /></if>}} \
first [list label "First Name" link_url_eval "\[export_vars -base \"$member_url\" {user_id} \]"] \
last [list label "Last Name" link_url_eval "\[export_vars -base \"$member_url\" {user_id} \]"] \
username [list label "Username" link_url_eval "\[export_vars -base \"$member_url\" {user_id} \]"] \
email {label "Email"} \
auth_status {
label "Status"
} \
actions [list label "Actions" display_template "<if @users.first@ not nil and @users.last@ not nil and @users.email@ not nil and @users.group_member_p@ false><a href=\"${add_user_url}&userkey=@users.username@+@users.authority_id@&authority_id=${authority_id}&return_url=[ad_urlencode ${return_url}]&group_id=$group_id\" class=button>$add_user_label</a></if>"] \
extra_attributes {label "Extra Attributes"} \
user_id [list hide_p [expr {!$admin_p}] label "" display_template "<if @users.user_id@ not nil><a href=\"$member_admin_url?user_id=@users.user_id@\">User Admin Page</a></if>"] \
] -bulk_actions $bulk_actions \
-orderby {first {orderby first_names} last {orderby last_name} username {orderby username} email {orderby email} auth_status {orderby auth_status}}
username [list label "Username" link_url_eval "\[export_vars -base \"$member_url\" {user_id} \]"] \
email {label "Email"} \
auth_status { label "Status" } \
actions [list label "Actions" display_template [subst {
<if @users.first@ not nil and @users.last@ not nil and @users.email@ not nil
and @users.group_member_p@ false><a href="[ns_quotehtml ${add_user_url}&userkey=@users.username@+@users.authority_id@&authority_id=${authority_id}&return_url=[ad_urlencode ${return_url}]&group_id=$group_id]" class=button>$add_user_label</a></if>
}]] \
extra_attributes {label "Extra Attributes"} \
user_id [list hide_p [expr {!$admin_p}] label "" display_template [subst {
<if @users.user_id@ not nil><a href="[ns_quotehtml $member_admin_url?user_id=@users.user_id@]">User Admin Page</a></if>
}]] \
] -bulk_actions $bulk_actions \
-orderby {
first {orderby first_names}
last {orderby last_name}
username {orderby username}
email {orderby email}
auth_status {orderby auth_status}
}
template::multirow create authorities authority_id pretty_name local_authority_p search_url form_include
......@@ -107,12 +119,19 @@ foreach option_list [auth::authority::get_authority_options] {
set local_authority_id $this_authority_id
set form_include /packages/acs-authentication/lib/local-search
} else {
set form_include [acs_sc::invoke -impl_id [auth::authority::get_element -authority_id $this_authority_id -element search_impl_id] -operation FormInclude]
set form_include [acs_sc::invoke \
-impl_id [auth::authority::get_element -authority_id $this_authority_id -element search_impl_id] \
-operation FormInclude]
}
if {$this_authority_id eq $selected_authority_id} {
set selected_form_include $form_include
}
template::multirow append authorities $this_authority_id [lindex $option_list 0] $local_authority_p [export_vars -base [ad_conn url] -no_empty {{authority_id $this_authority_id} search_text object_id}] $form_include
template::multirow append authorities \
$this_authority_id \
[lindex $option_list 0] \
$local_authority_p \
[export_vars -base [ad_conn url] -no_empty {{authority_id $this_authority_id} search_text object_id}] \
$form_include
}
#template::multirow sort authorities -decreasing authority_id
......@@ -127,4 +146,4 @@ set authority_id $selected_authority_id
#<include src="@authorities.form_include@" authority_id="@authorities.authority_id@" search_text="@search_text@" return_url="@return_url@" orderby="@orderby@">
if {![info exists orderby]} {
set orderby ""
}
\ No newline at end of file
}
tcl/authentication-procs-oracle.xql
View file @ 00d349ee
<?xml version="1.0"?>
<queryset>
<rdbms><type>oracle</type><version>8.1.6</version></rdbms>
<rdbms><type>oracle</type><version>8.1.6</version></rdbms>
<fullquery name="auth::get_user_secret_token.select_secret_token">
<querytext>
select rowid from users where user_id = :user_id
</querytext>
<fullquery name="auth::create_local_account_helper.user_insert">
<querytext>
begin
:1 := acs.add_user(
user_id => :user_id,
email => :email,
url => :url,
authority_id => :authority_id,
username => :username,
first_names => :first_names,
last_name => :last_name,
screen_name => :screen_name,
password => :hashed_password,
salt => :salt,
creation_user => :creation_user,
creation_ip => :peeraddr,
email_verified_p => :email_verified_p,
member_state => :member_state
);
end;
</querytext>
</fullquery>
</queryset>
tcl/authentication-procs-postgresql.xql
View file @ 00d349ee
<?xml version="1.0"?>
<queryset>
<rdbms><type>postgresql</type><version>7.1</version></rdbms>
<fullquery name="auth::get_user_secret_token.select_secret_token">
<querytext>
select oid from users where user_id = :user_id
</querytext>
</fullquery>
<rdbms><type>postgresql</type><version>7.1</version></rdbms>
<fullquery name="auth::create_local_account_helper.user_insert">
<querytext>
select acs__add_user(
:user_id,
'user',
now(),
null,
:peeraddr,
:authority_id,
:username,
:email,
:url,
:first_names,
:last_name,
:hashed_password,
:salt,
:screen_name,
:email_verified_p,
:member_state
);
</querytext>
</fullquery>
</queryset>
tcl/authentication-procs.tcl
View file @ 00d349ee
This diff is collapsed.
tcl/authority-procs.tcl
View file @ 00d349ee
......@@ -84,7 +84,7 @@ ad_proc -public auth::authority::create {
# Check that the columns provided in the array are all valid
# Set array entries as local variables
foreach name $names {
if { [lsearch -exact $all_columns $name] == -1 } {
if {$name ni $all_columns} {
error "Attribute '$name' isn't valid for auth_authorities."
}
set $name $row($name)
......@@ -104,15 +104,15 @@ ad_proc -public auth::authority::create {
}
}
if { ![exists_and_not_null context_id] } {
if { ![info exists context_id] || $context_id eq "" } {
set context_id [ad_conn package_id]
}
if { ![exists_and_not_null creation_user] } {
if { ![info exists creation_user] || $creation_user eq "" } {
set creation_user [ad_conn user_id]
}
if { ![exists_and_not_null creation_ip] } {
if { ![info exists creation_ip] || $creation_ip eq "" } {
set creation_ip [ad_conn peeraddr]
}
......@@ -151,7 +151,7 @@ ad_proc -public auth::authority::create {
}
# Flush the cache, so that if we've tried to request this short_name while it didn't exist, we will now find it
if { [exists_and_not_null row(short_name)] } {
if { [info exists row(short_name)] && $row(short_name) ne "" } {
get_id_flush -short_name $row(short_name)
}
......@@ -248,7 +248,7 @@ ad_proc -public auth::authority::edit {
# Check that the columns provided in the array are all valid
# Set array entries as local variables
foreach name $names {
if { [lsearch -exact $columns $name] == -1 } {
if {$name ni $columns} {
error "Attribute '$name' isn't valid for auth_authorities."
}
if {$name eq "authority_id"} {
......@@ -361,7 +361,7 @@ ad_proc -public auth::authority::batch_sync {
if { $ack_file_name ne "" } {
# Interpolate
set pairs [list \
acs_root_dir [acs_root_dir] \
acs_root_dir $::acs::rootdir \
ansi_date [clock format [clock seconds] -format %Y-%m-%d] \
authority $authority(short_name)]
foreach { var value } $pairs {
......
tcl/local-procs.tcl
View file @ 00d349ee
......@@ -367,7 +367,7 @@ ad_proc -private auth::local::password::ResetPassword {
}
# Reset the password
if {[exists_and_not_null new_password]} {
if { $new_password ne "" } {
set password $new_password
} else {
set password [ad_generate_random_string]
......@@ -499,32 +499,28 @@ ad_proc -private auth::local::registration::Register {
set system_name [ad_system_name]
set system_url [ad_url]
# --------------------------------------------------------------------------------------
# PO Patch: notification is handled in /packages/intranet-core/www/users/user-add-3.tcl
# --------------------------------------------------------------------------------------
# LARS TODO: Move this out of the local driver and into the auth framework
# Send password confirmation email to user
#if { [set email_reg_confirm_p [parameter::get -parameter EmailRegistrationConfirmationToUserP -package_id [ad_conn subsite_id] -default 0]] != -1 } {
#if { $generated_pwd_p || \
# [parameter::get -parameter RegistrationProvidesRandomPasswordP -package_id [ad_conn subsite_id] -default 0] || \
# $email_reg_confirm_p } {
# with_catch errmsg {
# auth::password::email_password \
# -username $username \
# -authority_id $authority_id \
# -password $password \
# -from [parameter::get -parameter NewRegistrationEmailAddress -package_id [ad_conn subsite_id] -default [ad_system_owner]] \
# -subject_msg_key "acs-subsite.email_subject_Registration_password" \
# -body_msg_key "acs-subsite.email_body_Registration_password"
# } {
if { [set email_reg_confirm_p [parameter::get -parameter EmailRegistrationConfirmationToUserP -package_id [ad_conn subsite_id] -default 1]] != 0 } {
if { $generated_pwd_p || \
[parameter::get -parameter RegistrationProvidesRandomPasswordP -package_id [ad_conn subsite_id] -default 0] || \
$email_reg_confirm_p } {
with_catch errmsg {
auth::password::email_password \
-username $username \
-authority_id $authority_id \
-password $password \
-from [parameter::get -parameter NewRegistrationEmailAddress -package_id [ad_conn subsite_id] -default [ad_system_owner]] \
-subject_msg_key "acs-subsite.email_subject_Registration_password" \
-body_msg_key "acs-subsite.email_body_Registration_password"
} {
# We don't fail hard here, just log an error
# global errorInfo
# ns_log Error "Error sending registration confirmation to $email.\n$errorInfo"
# }
#}
#}
global errorInfo
ns_log Error "Error sending registration confirmation to $email.\n$errorInfo"
}
}
}
# LARS TODO: Move this out of the local driver and into the auth framework
# Notify admin on new registration
......
tcl/password-procs.tcl
View file @ 00d349ee
......@@ -128,7 +128,7 @@ ad_proc -public auth::password::change {
}
}
no_account - not_supported - old_password_bad - new_password_bad - change_error - failed_to_connect {
if { ![exists_and_not_null result(password_message)] } {
if { ![info exists result(password_message)] || $result(password_message) eq "" } {
array set default_message {
no_account {Unknown username}
not_supported {This operation is not supported}
......@@ -344,7 +344,7 @@ ad_proc -public auth::password::retrieve {
# Check the result code and provide canned responses
switch $result(password_status) {
ok {
if { [exists_and_not_null result(password)] } {
if { [info exists result(password)] && $result(password) ne "" } {
# We have retrieved or reset a forgotten password that we should email to the user
with_catch errmsg {
auth::password::email_password \
......@@ -361,12 +361,12 @@ ad_proc -public auth::password::retrieve {
ns_log Error "We had an error sending out email with new password to username $username, authority $authority_id:\n$errorInfo"
}
}
if { ![exists_and_not_null result(password_message)] } {
if { ![info exists result(password_message)] || $result(password_message) eq "" } {
set result(password_message) [_ acs-subsite.Check_Your_Inbox]
}
}
no_account - not_supported - retrieve_error - failed_to_connect {
if { ![exists_and_not_null result(password_message)] } {
if { ![info exists result(password_message)] || $result(password_message) eq "" } {
array set default_message {
no_account {Unknown username}
not_supported {This operation is not supported}
......@@ -449,14 +449,13 @@ ad_proc -public auth::password::reset {
} {
set result(password_status) failed_to_connect
set result(password_message) "Error invoking the password management driver."
global errorInfo
ns_log Error "Error invoking password management driver for authority_id = $authority_id: $errorInfo"
ns_log Error "Error invoking password management driver for authority_id = $authority_id: $::errorInfo"
}
# Check the result code and provide canned responses
switch $result(password_status) {
ok {
if { [exists_and_not_null result(password)] && \
if { ([info exists result(password)] && $result(password) ne "") && \
(!$admin_p || [parameter::get \
-parameter EmailChangedPasswordP \
-package_id [ad_conn subsite_id] \
......@@ -477,12 +476,12 @@ ad_proc -public auth::password::reset {
ns_log Error "We had an error sending out email with new password to username $username, authority $authority_id:\n$errorInfo"
}
}
if { ![exists_and_not_null result(password_message)] } {
if { ![info exists result(password_message)] || $result(password_message) eq "" } {
set result(password_message) [_ acs-subsite.Check_Your_Inbox]
}
}
no_account - not_supported - retrieve_error - failed_to_connect {
if { ![exists_and_not_null result(password_message)] } {
if { (![info exists result(password_message)] || $result(password_message) eq "") } {
array set default_message {
no_account {Unknown username}
not_supported {This operation is not supported}
......
tcl/sync-procs-postgresql.xql
View file @ 00d349ee
......@@ -13,7 +13,6 @@
authority_id,
(select aa.pretty_name from auth_authorities aa where aa.authority_id = j.authority_id) as authority_pretty_name,
message,
document,
creation_user,
to_char(doc_start_time, 'YYYY-MM-DD HH24:MI:SS') as doc_start_time,
to_char(doc_end_time, 'YYYY-MM-DD HH24:MI:SS') as doc_end_time,
......
tcl/sync-procs.tcl
View file @ 00d349ee
......@@ -11,9 +11,7 @@ namespace eval auth::sync {}
namespace eval auth::sync::job {}
namespace eval auth::sync::get_doc {}
namespace eval auth::sync::get_doc::http {}
namespace eval auth::sync::get_doc::ldap {}
namespace eval auth::sync::get_doc::file {}
namespace eval auth::sync::get_doc::ldap {}
namespace eval auth::sync::entry {}
namespace eval auth::sync::process_doc {}
namespace eval auth::sync::process_doc::ims {}
......@@ -513,14 +511,16 @@ ad_proc -public auth::sync::purge_jobs {
} {
Purge jobs that are older than KeepBatchLogDays days.
} {
if { ![exists_and_not_null num_days] } {
if { $num_days eq "" } {
set num_days [parameter::get_from_package_key \
-parameter KeepBatchLogDays \
-package_key "acs-authentication" \
-default 0]
}
validate_integer num_days $num_days
if {![string is integer -strict $num_days]} {
error "num_days ($num_days) has to be an integer"
}
if { $num_days > 0 } {
db_dml purge_jobs {}
......@@ -567,7 +567,6 @@ ad_proc -private auth::sync::GetDocument {
} {
Wrapper for the GetDocument operation of the auth_sync_retrieve service contract.
} {
ns_log Notice "auth::sync::GetDocument: authoriy_id=$authority_id"
set impl_id [auth::authority::get_element -authority_id $authority_id -element "get_doc_impl_id"]
if { $impl_id eq "" } {
......@@ -580,19 +579,12 @@ ad_proc -private auth::sync::GetDocument {
-authority_id $authority_id \
-impl_id $impl_id]
ns_log Notice "auth::sync::GetDocument: before acs_sc::invoke -contract auth_sync_retrieve -impl_id $impl_id -operation GetDocument -call_args $parameters"
return [acs_sc::invoke \
-error \
-contract "auth_sync_retrieve" \
-impl_id $impl_id \
-operation GetDocument \
-call_args [list $parameters]]
ad_return_complaint 1 "1 - auth::sync::GetDocument: impl_id=$impl_id, parameters=$parameters"
}
ad_proc -private auth::sync::ProcessDocument {
......@@ -722,7 +714,6 @@ ad_proc -private auth::sync::get_doc::http::GetDocument {
} {
Retrieve the document by HTTP
} {
ns_log Notice "auth::sync::get_doc::http::GetDocument: parameters=$parameters"
array set result {
doc_status failed_to_conntect
doc_message {}
......@@ -732,7 +723,7 @@ ad_proc -private auth::sync::get_doc::http::GetDocument {
array set param $parameters
if { ($param(SnapshotURL) ne "" && [string equal [clock format [clock seconds] -format "%d"] "01"]) || \
if { ($param(SnapshotURL) ne "" && [clock format [clock seconds] -format "%d"] eq "01") || \
$param(IncrementalURL) eq "" } {
# On the first day of the month, we get a snapshot
......@@ -747,7 +738,8 @@ ad_proc -private auth::sync::get_doc::http::GetDocument {
error "You must specify at least one URL to get."
}
set result(document) [util_httpget $url]
set dict [util::http::get -url $url]
set result(document) [dict get $dict page]
set result(doc_status) "ok"
......@@ -756,79 +748,6 @@ ad_proc -private auth::sync::get_doc::http::GetDocument {
#####
#
# auth::sync::get_doc::ldap namespace
#
#####
ad_proc -private auth::sync::get_doc::ldap::register_impl {} {
Register this implementation
} {
set spec {
contract_name "auth_sync_retrieve"
owner "acs-authentication"
name "LDAPGet"
pretty_name "LDAP GET"
aliases {
GetDocument auth::sync::get_doc::ldap::GetDocument
GetParameters auth::sync::get_doc::ldap::GetParameters
}
}
return [acs_sc::impl::new_from_spec -spec $spec]
}
ad_proc -private auth::sync::get_doc::ldap::unregister_impl {} {
Unregister this implementation
} {
acs_sc::impl::delete -contract_name "auth_sync_retrieve" -impl_name "LDAPGet"
}
ad_proc -private auth::sync::get_doc::ldap::GetParameters {} {
Parameters for LDAP GetDocument implementation.
} {
return {}
}
ad_proc -private auth::sync::get_doc::ldap::GetDocument { parameters } {
Retrieve the document by LDAP
} {
ns_log Notice "auth::sync::get_doc::ldap::GetDocument: parameters=$parameters"
array set result {
doc_status failed_to_conntect
doc_message {}
document {}
snapshot_p f
}
array set param $parameters
# Check 4 call levels upwards for an authority_id
upvar 3 authority_id authority_id
if {![info exists authority_id]} { set authority_id "" }
if {"" == $authority_id} {
ad_return_complaint 1 "Internal Error:<br>auth::sync::get_doc::ldap::GetDocument didn't find a valid authority_id.<br>&nbsp;"
ad_script_abort
}
set result(document) "!!!"
set result(doc_status) "ok"
return [array get result]
}
#####
#
# auth::sync::get_doc::file namespace
......@@ -882,7 +801,7 @@ ad_proc -private auth::sync::get_doc::file::GetDocument {
array set param $parameters
if { ($param(SnapshotPath) ne "" && [string equal [clock format [clock seconds] -format "%d"] "01"]) || \
if { ($param(SnapshotPath) ne "" && [clock format [clock seconds] -format "%d"] eq "01") || \
$param(IncrementalPath) eq "" } {
# On the first day of the month, we get a snapshot
......@@ -1069,67 +988,3 @@ ad_proc -public auth::sync::process_doc::ims::GetAcknowledgementDocument {
return $doc
}
#####
#
# auth::sync::get_doc::ldap namespace
#
#####
ad_proc -private auth::sync::get_doc::ldap::register_impl {} {
Register this implementation
} {
set spec {
contract_name "auth_sync_retrieve"
owner "acs-authentication"
name "LDAPGet"
pretty_name "LDAP GET"
aliases {
GetDocument auth::sync::get_doc::ldap::GetDocument
GetParameters auth::sync::get_doc::ldap::GetParameters
}
}
return [acs_sc::impl::new_from_spec -spec $spec]
}
ad_proc -private auth::sync::get_doc::ldap::unregister_impl {} {
Unregister this implementation
} {
acs_sc::impl::delete -contract_name "auth_sync_retrieve" -impl_name "LDAPGet"
}
ad_proc -private auth::sync::get_doc::ldap::GetParameters {} {
Parameters for LDAP GetDocument implementation.
} {
return {}
}
ad_proc -private auth::sync::get_doc::ldap::GetDocument { parameters } {
Retrieve the document by LDAP
} {
ns_log Notice "auth::sync::get_doc::ldap::GetDocument: parameters=$parameters"
array set result {
doc_status failed_to_conntect
doc_message {}
document {}
snapshot_p f
}
array set param $parameters
# Check 4 call levels upwards for an authority_id
upvar 3 authority_id authority_id
if {![info exists authority_id]} { set authority_id "" }
if {"" == $authority_id} {
ad_return_complaint 1 "Internal Error:<br>auth::sync::get_doc::ldap::GetDocument didn't find a valid authority_id.<br>&nbsp;"
ad_script_abort
}
set result(document) "!!!"
set result(doc_status) "ok"
return [array get result]
}
\ No newline at end of file
tcl/test/acs-authentication-procs.tcl
View file @ 00d349ee
......@@ -167,7 +167,8 @@ aa_register_case \
}
}
aa_false "No creation_message for successful creation" [exists_and_not_null user_info(creation_message)]
aa_false "No creation_message for successful creation" \
[expr {[info exists user_info(creation_message)] && $user_info(creation_message) ne ""}]
aa_true "returns user_id" [info exists user_info(user_id)]
if { [info exists user_info(user_id)] } {
......@@ -187,12 +188,14 @@ aa_register_case \
aa_equals "creation_status for duplicate email and username" $user_info(creation_status) "data_error"
aa_true "element_messages exists" [exists_and_not_null user_info(element_messages)]
if { [exists_and_not_null user_info(element_messages)] } {
aa_true "element_messages exists" [info exists user_info(element_messages)]
if { [info exists user_info(element_messages)] && $user_info(element_messages) ne "" } {
array unset elm_msgs
array set elm_msgs $user_info(element_messages)
aa_true "element_message for username exists" [exists_and_not_null elm_msgs(username)]
aa_true "element_message for email exists" [exists_and_not_null elm_msgs(email)]
aa_true "element_message for username exists" \
[expr {[info exists elm_msgs(username)] && $elm_msgs(username) ne ""}]
aa_true "element_message for email exists" \
[expr {[info exists elm_msgs(email)] && $elm_msgs(email) ne ""}]
}
set user_id [acs_user::get_by_username -username auth_create_user1]
if { $user_id ne "" } {
......@@ -212,18 +215,19 @@ aa_register_case \
aa_equals "creation_status is data_error" $user_info(creation_status) "data_error"
aa_true "element_messages exists" [exists_and_not_null user_info(element_messages)]
if { [exists_and_not_null user_info(element_messages)] } {
aa_true "element_messages exists" [info exists user_info(element_messages)]
if { [info exists user_info(element_messages)] && $user_info(element_messages) ne "" } {
array unset elm_msgs
array set elm_msgs $user_info(element_messages)
if { [aa_true "element_message(email) exists" [exists_and_not_null elm_msgs(email)]] } {
if { [aa_true "element_message(email) exists" \
[expr {[info exists elm_msgs(email)] && $elm_msgs(email) ne ""}] ]} {
aa_log "element_message(email) = $elm_msgs(email)"
}
if { [aa_true "element_message(first_names) exists" [exists_and_not_null elm_msgs(first_names)]] } {
if { [aa_true "element_message(first_names) exists" [info exists elm_msgs(first_names)] ]} {
aa_log "element_message(first_names) = $elm_msgs(first_names)"
}
if { [aa_true "element_message(last_name) exists" [exists_and_not_null elm_msgs(last_name)]] } {
if { [aa_true "element_message(last_name) exists" [info exists elm_msgs(last_name)] ]} {
aa_log "element_message(last_name) = $elm_msgs(last_name)"
}
}
......@@ -245,18 +249,18 @@ aa_register_case \
aa_equals "creation_status is data_error" $user_info(creation_status) "data_error"
aa_true "element_messages exists" [exists_and_not_null user_info(element_messages)]
if { [exists_and_not_null user_info(element_messages)] } {
aa_true "element_messages exists" [info exists user_info(element_messages)]
if { [info exists user_info(element_messages)] && $user_info(element_messages) ne "" } {
array unset elm_msgs
array set elm_msgs $user_info(element_messages)
if { [aa_true "element_message(email) exists" [exists_and_not_null elm_msgs(email)]] } {
if { [aa_true "element_message(email) exists" [info exists elm_msgs(email)]] } {
aa_log "element_message(email) = $elm_msgs(email)"
}
if { [aa_true "element_message(first_names) exists" [exists_and_not_null elm_msgs(first_names)]] } {
if { [aa_true "element_message(first_names) exists" [info exists elm_msgs(first_names)]] } {
aa_log "element_message(first_names) = $elm_msgs(first_names)"
}
if { [aa_true "element_message(last_name) exists" [exists_and_not_null elm_msgs(last_name)]] } {
if { [aa_true "element_message(last_name) exists" [info exists elm_msgs(last_name)]] } {
aa_log "element_message(last_name) = $elm_msgs(last_name)"
}
}
......@@ -655,7 +659,7 @@ aa_register_case \
}
array unset retrieved_value $parameter
}
aa_true "Only the right parameters were retrieved" [expr [llength [array names retrieved_value]] == 0]
aa_true "Only the right parameters were retrieved" [expr {[array size retrieved_value] == 0}]
}
}
......@@ -677,7 +681,7 @@ aa_register_case \
aa_false "Param UseEmailForLoginP 0 -> false" [auth::UseEmailForLoginP]
array set elms [auth::get_registration_elements]
aa_false "Registration elements do contain username" [expr [lsearch [concat $elms(required) $elms(optional)] "username"] == -1]
aa_false "Registration elements do contain username" [expr {"username" ni [concat $elms(required) $elms(optional)]}]
parameter::set_value -parameter UseEmailForLoginP -package_id [ad_acs_kernel_id] -value {}
aa_true "Param UseEmailForLoginP {} -> true" [auth::UseEmailForLoginP]
......@@ -692,7 +696,7 @@ aa_register_case \
# GetElements
array set elms [auth::get_registration_elements]
aa_true "Registration elements do NOT contain username" [expr {[lsearch [concat $elms(required) $elms(optional)] "username"] == -1}]
aa_true "Registration elements do NOT contain username" [expr {"username" ni [concat $elms(required) $elms(optional)]}]
# Create a user with no username
set email [string tolower "[ad_generate_random_string]@foobar.com"]
......
tcl/test/sync-test-procs.tcl
View file @ 00d349ee
......@@ -18,7 +18,7 @@ aa_register_case -cats {api db} sync_start_end {
set job_id [auth::sync::job::start \
-authority_id [auth::authority::local]]
aa_true "Returns a job_id" [exists_and_not_null job_id]
aa_true "Returns a job_id" [expr {$job_id ne ""}]
# Get doc
......@@ -92,7 +92,7 @@ aa_register_case -cats {api} sync_actions {
set job_id [auth::sync::job::start \
-authority_id [auth::authority::local]]
aa_true "Returns a job_id" [exists_and_not_null job_id]
aa_true "Returns a job_id" [expr {[info exists job_id]}]
#####
#
......@@ -128,7 +128,7 @@ aa_register_case -cats {api} sync_actions {
aa_log "entry.message = '$entry(message)'"
aa_log "entry.element_messages = '$entry(element_messages)'"
if { [aa_true "Entry has user_id set" [exists_and_not_null entry(user_id)]] } {
if { [aa_true "Entry has user_id set" [expr {$entry(user_id) ne ""}]] } {
array unset user
acs_user::get -user_id $entry(user_id) -array user
......@@ -166,7 +166,7 @@ aa_register_case -cats {api} sync_actions {
aa_equals "entry.success_p" $entry(success_p) "f"
aa_true "entry.message not empty" [exists_and_not_null entry(message)]
aa_true "entry.message not empty" [expr {$entry(message) ne ""}]
aa_log "entry.user_id = '$entry(user_id)'"
aa_log "entry.message = '$entry(message)'"
......@@ -203,7 +203,7 @@ aa_register_case -cats {api} sync_actions {
aa_log "entry.message = '$entry(message)'"
aa_log "entry.element_messages = '$entry(element_messages)'"
if { [aa_true "Entry has user_id set" [exists_and_not_null entry(user_id)]] } {
if { [aa_true "Entry has user_id set" [expr {$entry(user_id) ne ""}]] } {
array unset user
acs_user::get -user_id $entry(user_id) -array user
......@@ -243,7 +243,7 @@ aa_register_case -cats {api} sync_actions {
aa_log "entry.message = '$entry(message)'"
aa_log "entry.element_messages = '$entry(element_messages)'"
if { [aa_true "Entry has user_id set" [exists_and_not_null entry(user_id)]] } {
if { [aa_true "Entry has user_id set" [expr {$entry(user_id) ne ""}]] } {
array unset user
acs_user::get -user_id $entry(user_id) -array user
......@@ -280,7 +280,8 @@ aa_register_case -cats {api} sync_actions {
aa_equals "entry.success_p" $entry(success_p) "f"
aa_log "entry.message = '$entry(message)'"
if { [aa_true "entry.element_messages not empty" [exists_and_not_null entry(element_messages)]] } {
if { [aa_true "entry.element_messages not empty" \
[expr {[info exists entry(element_messages)] && $entry(element_messages) ne ""}]] } {
aa_log "entry.element_messages = '$entry(element_messages)'"
array unset elm_msgs
array set elm_msgs $entry(element_messages)
......@@ -308,7 +309,7 @@ aa_register_case -cats {api} sync_actions {
aa_equals "entry.success_p" $entry(success_p) "t"
aa_log "entry.message = '$entry(message)'"
if { [aa_true "Entry has user_id set" [exists_and_not_null entry(user_id)]] } {
if { [aa_true "Entry has user_id set" [expr {[info exists entry(user_id)] && $entry(user_id) ne ""}]] } {
array unset user
acs_user::get -user_id $entry(user_id) -array user
aa_equals "User member state is banned" $user(member_state) "banned"
......@@ -348,7 +349,7 @@ aa_register_case -cats {api db} sync_snapshot {
set job_id [auth::sync::job::start \
-authority_id [auth::authority::local]]
aa_true "Returns a job_id" [exists_and_not_null job_id]
aa_true "Returns a job_id" [expr {$job_id ne ""}]
#####
#
......@@ -383,7 +384,7 @@ aa_register_case -cats {api db} sync_snapshot {
aa_log "entry.message = '$entry(message)'"
aa_log "entry.element_messages = '$entry(element_messages)'"
if { [aa_true "Entry has user_id set" [exists_and_not_null entry(user_id)]] } {
if { [aa_true "Entry has user_id set" [expr {$entry(user_id) ne ""}]] } {
array unset user
acs_user::get -user_id $entry(user_id) -array user
......@@ -426,7 +427,7 @@ aa_register_case -cats {api db} sync_snapshot {
aa_log "entry.message = '$entry(message)'"
aa_log "entry.element_messages = '$entry(element_messages)'"
if { [aa_true "Entry has user_id set" [exists_and_not_null entry(user_id)]] } {
if { [aa_true "Entry has user_id set" [expr {$entry(user_id) ne ""}]] } {
array unset user
acs_user::get -user_id $entry(user_id) -array user
......@@ -491,7 +492,7 @@ aa_register_case -cats {api smoke} sync_batch_for_local {
auth::sync::job::get -job_id $job_id -array job
aa_log "job.message = '$job(message)'"
aa_true "job.message not empty when called for local authority" [exists_and_not_null job(message)]
aa_true "job.message not empty when called for local authority" [expr {$job(message) ne ""}]
}
}
......@@ -964,7 +965,7 @@ aa_register_case -cats {api smoke} sync_http_get_document {
aa_register_case -cats {api web} sync_file_get_document {
Test the HTTPGet implementation of GetDocument service contract.
} {
set path "[acs_root_dir]/www/SYSTEM/dbtest.tcl"
set path "$::acs::rootdir/www/SYSTEM/dbtest.tcl"
aa_log "Getting path '$path'"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment