From 2e59dff72ddbe369e8f781cdbc089e3750f99557 Mon Sep 17 00:00:00 2001
From: "renater.salaun" <renater.salaun@047e039d-479c-447e-8a29-aa6bf4a09bab>
Date: Thu, 2 Oct 2014 13:25:37 +0000
Subject: [PATCH] Fix verification of input parameters + create errors and
notices templates
git-svn-id: https://svn.geant.net/GEANT/edugain_testidp_account_manager/trunk@12 047e039d-479c-447e-8a29-aa6bf4a09bab
---
bin/account-manager-web.pl | 9 ++++++--
lib/IdPAccountManager/Tools.pm | 2 +-
templates/web/errors.tt2.html | 21 +++++++++++++++++++
templates/web/index.tt2.html | 38 ++--------------------------------
templates/web/notices.tt2.html | 15 ++++++++++++++
5 files changed, 46 insertions(+), 39 deletions(-)
create mode 100644 templates/web/errors.tt2.html
create mode 100644 templates/web/notices.tt2.html
diff --git a/bin/account-manager-web.pl b/bin/account-manager-web.pl
index 598eac1..6415ecd 100755
--- a/bin/account-manager-web.pl
+++ b/bin/account-manager-web.pl
@@ -25,6 +25,7 @@ my $domains_regex = '[\w\.\-]+(,[\w\.\-]+)*';
my %format = (
## URL
#'attributeauthority' => $url_regex,
+ 'sp_entityid' => $urn_or_url_regex,
);
my %actions = ('select_sp' => {'title_en' => 'Select your Service Provider' },
@@ -50,6 +51,8 @@ package WebRequest;
sub new {
my $pkg = shift;
my $request = {};
+ &IdPAccountManager::Tools::do_log('info', "");
+
my $http_query = new CGI;
@@ -117,7 +120,7 @@ sub execute {
my $status;
## Check input parameters format
- foreach my $key (keys %{$request->{'param_in'}}) {
+ foreach my $key (keys %{$self->{'param_in'}}) {
if ($self->{'param_in'}{$key} !~ /^\s*$/ &&
defined $format{$key} &&
! ref($format{$key})) {
@@ -222,7 +225,8 @@ sub respond {
## Return the list of known SPs
sub req_get_sp_list {
my $self = shift;
-
+ &IdPAccountManager::Tools::do_log('info', "");
+
my $federation_metadata = new IdPAccountManager::SAMLMetadata;
unless ($federation_metadata->load(federation_metadata_file_path => $IdPAccountManager::Conf::global{'federation_metadata_file_path'})) {
push @{$self->{'param_out'}{'errors'}}, "internal";
@@ -245,6 +249,7 @@ sub req_get_sp_list {
## Sample URL : https://dev-edugain.renater.fr/accountmanager?action=select_sp&sp_entityid=http%3A%2F%2Fsp.lat.csc.fi
sub req_select_sp {
my $self = shift;
+ &IdPAccountManager::Tools::do_log('info', "");
unless ($self->{'param_in'}{'sp_entityid'}) {
push @{$self->{'param_out'}{'errors'}}, "missing_sp_entityid";
diff --git a/lib/IdPAccountManager/Tools.pm b/lib/IdPAccountManager/Tools.pm
index 275e72a..4451346 100644
--- a/lib/IdPAccountManager/Tools.pm
+++ b/lib/IdPAccountManager/Tools.pm
@@ -131,7 +131,7 @@ sub do_log {
my $ip = $ENV{'REMOTE_HOST'}.'/'.$ENV{'REMOTE_ADDR'} || 'NOIP';
my $date = POSIX::strftime ("%Y:%m:%d %H:%M:%S", localtime(time));
my $user = lc($ENV{'mail'}) || 'NOEMAIL';
- open TMP, ">>".$IdPAccountManager::Conf::global{'log_file'}; printf TMP "$date - ($level) - $ip - $user - $caller_string $message\n", @_; close TMP;
+ open LOG, ">>".$IdPAccountManager::Conf::global{'log_file'}; printf LOG "$date - ($level) - $ip - $user - $caller_string $message\n", @_; close LOG;
}
return 1;
}
diff --git a/templates/web/errors.tt2.html b/templates/web/errors.tt2.html
new file mode 100644
index 0000000..5cfe4b4
--- /dev/null
+++ b/templates/web/errors.tt2.html
@@ -0,0 +1,21 @@
+ [% FOREACH err IN errors %]
+
+<p class="ui-state-error ui-corner-all" style="margin-top: 20px; padding: 0 .7em;"><span class="ui-icon ui-icon-info" style="float: left; margin-right: .3em;"></span>
+ Error:
+
+ [% IF err == 'unknown_action' %]
+ Unknown action
+
+ [% ELSIF err == 'internal' %]
+ internal error; administrators of the federation registry have been notified.
+
+ [% ELSIF (matches = err.match('missing_(\w+)')) %]
+ missing parameter '[% matches.0 %]'
+
+ [% ELSE %]
+ [% err %]
+
+ [% END %] <!-- autorisation -->
+</p>
+<br/>
+ [% END %] <!-- FOREACH -->
diff --git a/templates/web/index.tt2.html b/templates/web/index.tt2.html
index 273cd53..37e02b5 100644
--- a/templates/web/index.tt2.html
+++ b/templates/web/index.tt2.html
@@ -87,48 +87,14 @@ div.important{border-style:solid;border-color:black;border-width:1px;background-
[% IF errors %]
<div class="ui-widget">
- [% FOREACH err IN errors %]
-
-<p class="ui-state-error ui-corner-all" style="margin-top: 20px; padding: 0 .7em;"><span class="ui-icon ui-icon-info" style="float: left; margin-right: .3em;"></span>
- Error:
-
- [% IF err == 'unknown_action' %]
- Unknown action
-
- [% ELSIF err == 'internal' %]
- internal error; administrators of the federation registry have been notified.
-
- [% ELSIF (matches = err.match('missing_(\w+)')) %]
- missing parameter '[% matches.0 %]'
-
- [% ELSE %]
- [% err %]
-
- [% END %] <!-- autorisation -->
-</p>
-<br/>
- [% END %] <!-- FOREACH -->
+[% PROCESS 'templates/web/errors.tt2.html' %]
</div>
[% ELSE %]
[% IF notifications %]
<div class="ui-widget">
- [% FOREACH notif IN notifications %]
-<p class="ui-state-highlight ui-corner-all" style="border: 2px solid #10427a; background: #DFF1EE;padding: 0.7em;"><span class="ui-icon ui-icon-alert" style="float: left; margin-right: .3em;"></span>
- Notice:
-
- [% IF notif == 'done' %]
-
- Operation has been performed
-
- [% ELSE %]
-
- [% notif %]<br/>
-
- [% END %]
-
- [% END %] <!-- FOREACH -->
+[% PROCESS 'templates/web/notices.tt2.html' %]
</b></div>
[% END %] <!-- notifications -->
diff --git a/templates/web/notices.tt2.html b/templates/web/notices.tt2.html
new file mode 100644
index 0000000..c936d34
--- /dev/null
+++ b/templates/web/notices.tt2.html
@@ -0,0 +1,15 @@
+ [% FOREACH notif IN notifications %]
+<p class="ui-state-highlight ui-corner-all" style="border: 2px solid #10427a; background: #DFF1EE;padding: 0.7em;"><span class="ui-icon ui-icon-alert" style="float: left; margin-right: .3em;"></span>
+ Notice:
+
+ [% IF notif == 'done' %]
+
+ Operation has been performed
+
+ [% ELSE %]
+
+ [% notif %]<br/>
+
+ [% END %]
+
+ [% END %] <!-- FOREACH -->
\ No newline at end of file
--
GitLab