Skip to content
Snippets Groups Projects
Commit 72a82b6f authored by Guillaume ROUSSE's avatar Guillaume ROUSSE
Browse files

kill direct access to configuration from modules

parent 3835bef7
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
bin/account-manager-client.pl
+ 16
6
View file @ 72a82b6f
...@@ -67,7 +67,9 @@ if ($action eq 'add_test_account') { ...@@ -67,7 +67,9 @@ if ($action eq 'add_test_account') {
unless $test_account; unless $test_account;
die "Failed to save test account\n" die "Failed to save test account\n"
unless $test_account->save(); unless $test_account->save(
accounts_validity_period => $Conf::global{'accounts_validity_period'}
);
printf "Account created:\n\tuserid: user%d\n\tpassword: %s\n", printf "Account created:\n\tuserid: user%d\n\tpassword: %s\n",
$test_account->get('id'), $test_account->get('user_password'); $test_account->get('id'), $test_account->get('user_password');
...@@ -105,7 +107,10 @@ if ($action eq 'add_test_account') { ...@@ -105,7 +107,10 @@ if ($action eq 'add_test_account') {
printf "%d accounts removed\n", $#{$all} + 1; printf "%d accounts removed\n", $#{$all} + 1;
die "failed to update simpleSAMLphp configuration file\n" die "failed to update simpleSAMLphp configuration file\n"
unless IdPAccountManager::Tools::update_ssp_authsources(); unless IdPAccountManager::Tools::update_ssp_authsources(
$Conf::global{'root_manager_dir'},
\%Conf::global
);
printf "Update simpleSamlPhp configuration file...\n"; printf "Update simpleSamlPhp configuration file...\n";
} }
...@@ -295,10 +300,15 @@ if ($action eq 'add_test_account') { ...@@ -295,10 +300,15 @@ if ($action eq 'add_test_account') {
die "Failed to send mail notice to $options{'email_address'}\n" die "Failed to send mail notice to $options{'email_address'}\n"
unless IdPAccountManager::Tools::mail_notice( unless IdPAccountManager::Tools::mail_notice(
'template' => 'templates/mail/notification_generic_error.tt2.eml', 'template' => 'templates/mail/notification_generic_error.tt2.eml',
'data' => {}, 'data' => {},
'to' => $options{'email_address'}, 'to' => $options{'email_address'},
'logger' => $logger 'logger' => $logger,
'conf' => \%Conf::global,
'admin_email' => $Conf::global{'admin_email'},
'dev_no_mail_outside' => $Conf::global{'dev_no_mail_outside'},
'dev_sp_contact' => $Conf::global{'dev_sp_contact'},
'notice_from' => $Conf::global{'notice_from'}
); );
printf "Mail notice sent to $options{'email_address'}\n"; printf "Mail notice sent to $options{'email_address'}\n";
......
lib/IdPAccountManager/ServiceProvider.pm
+ 11
2
View file @ 72a82b6f
...@@ -13,7 +13,6 @@ use IdPAccountManager::Data::ServiceProvider; ...@@ -13,7 +13,6 @@ use IdPAccountManager::Data::ServiceProvider;
use IdPAccountManager::Data::ServiceProvider::Manager; use IdPAccountManager::Data::ServiceProvider::Manager;
use IdPAccountManager::Tools; use IdPAccountManager::Tools;
use Conf;
use Carp; use Carp;
...@@ -22,6 +21,16 @@ INIT { ...@@ -22,6 +21,16 @@ INIT {
IdPAccountManager::Data::ServiceProvider::Manager->error_mode('return'); IdPAccountManager::Data::ServiceProvider::Manager->error_mode('return');
} }
sub new {
my ($pkg, %args) = @_;
my $self = SUPER::new->(%args);
$self->{dev_sp_contact} = $args{dev_sp_contact};
return $self;
}
## Print the content of a test account ## Print the content of a test account
sub print { sub print {
my ($self, $fd) = @_; my ($self, $fd) = @_;
...@@ -42,7 +51,7 @@ sub list_contacts_as_array { ...@@ -42,7 +51,7 @@ sub list_contacts_as_array {
$contact_list{$contact_email}++; $contact_list{$contact_email}++;
} }
foreach my $contact_email (split /,/, $Conf::global{'dev_sp_contact'}) { foreach my $contact_email (split /,/, $self->{dev_sp_contact}) {
$contact_list{$contact_email}++; $contact_list{$contact_email}++;
} }
......
lib/IdPAccountManager/TestAccount.pm
+ 3
4
View file @ 72a82b6f
...@@ -11,7 +11,6 @@ use IdPAccountManager::Data::TestAccount; ...@@ -11,7 +11,6 @@ use IdPAccountManager::Data::TestAccount;
use IdPAccountManager::Data::TestAccount::Manager; use IdPAccountManager::Data::TestAccount::Manager;
use IdPAccountManager::Tools; use IdPAccountManager::Tools;
use Conf;
use POSIX qw(strftime); use POSIX qw(strftime);
use Carp; use Carp;
...@@ -53,13 +52,13 @@ sub get { ...@@ -53,13 +52,13 @@ sub get {
} }
sub save { sub save {
my ($self) = @_; my ($self, %args) = @_;
## If no id is defined, it is a new account ## If no id is defined, it is a new account
unless (defined $self->{'persistent'}->id) { unless (defined $self->{'persistent'}->id) {
$self->{'persistent'}->creation_date(time); $self->{'persistent'}->creation_date(time);
$self->{'persistent'}->expiration_date( $self->{'persistent'}->expiration_date(
time + ($Conf::global{'accounts_validity_period'} * 3600 * 24)); time + ($args{'accounts_validity_period'} * 3600 * 24));
$self->{'user_password'} = $self->{'user_password'} =
IdPAccountManager::Tools::generate_password(); IdPAccountManager::Tools::generate_password();
$self->{'persistent'}->user_password_hash( $self->{'persistent'}->user_password_hash(
...@@ -118,7 +117,7 @@ sub create_test_accounts_for_sp { ...@@ -118,7 +117,7 @@ sub create_test_accounts_for_sp {
return undef; return undef;
} }
foreach my $profile (@{ $Conf::global{'account_profiles'} }) { foreach my $profile (@{ $args{'account_profiles'} }) {
my $test_account = IdPAccountManager::TestAccount->new( my $test_account = IdPAccountManager::TestAccount->new(
account_profile => $profile, account_profile => $profile,
sp_entityid => $args{'sp_entityid'} sp_entityid => $args{'sp_entityid'}
......
lib/IdPAccountManager/Tools.pm
+ 13
16
View file @ 72a82b6f
...@@ -4,7 +4,6 @@ package IdPAccountManager::Tools; ...@@ -4,7 +4,6 @@ package IdPAccountManager::Tools;
## This software was developed by RENATER. The research leading to these results has received funding ## This software was developed by RENATER. The research leading to these results has received funding
## from the European Community¹s Seventh Framework Programme (FP7/2007-2013) under grant agreement nº 238875 (GÉANT). ## from the European Community¹s Seventh Framework Programme (FP7/2007-2013) under grant agreement nº 238875 (GÉANT).
use Conf;
use Template; use Template;
# load Template::Stash to make method tables visible # load Template::Stash to make method tables visible
...@@ -85,17 +84,15 @@ sub generate_password { ...@@ -85,17 +84,15 @@ sub generate_password {
## Updates simpleSamlPhp authsources.php configuration file ## Updates simpleSamlPhp authsources.php configuration file
sub update_ssp_authsources { sub update_ssp_authsources {
my ($root_manager_dir, $conf) = @_;
my $tt2 = Template->new( my $tt2 = Template->new({
{ 'INCLUDE_PATH' => $root_manager_dir . ':' .
'INCLUDE_PATH' => $Conf::global{'root_manager_dir'} . ':' $root_manager_dir . '/templates/accountProfiles'
. $Conf::global{'root_manager_dir'} });
. '/templates/accountProfiles'
}
);
my %args = ( my %args = (
'accounts' => IdPAccountManager::TestAccount::list_test_accounts(), 'accounts' => IdPAccountManager::TestAccount::list_test_accounts(),
'conf' => \%Conf::global 'conf' => $conf,
); );
#chdir $Conf::global{'root_manager_dir'}; #chdir $Conf::global{'root_manager_dir'};
...@@ -153,20 +150,20 @@ sub mail_notice { ...@@ -153,20 +150,20 @@ sub mail_notice {
my $mail_data = $args{'data'}; my $mail_data = $args{'data'};
my $logger = $args{'logger'}; my $logger = $args{'logger'};
$mail_data->{'conf'} ||= \%Conf::global; $mail_data->{'conf'} ||= $args{'conf'};
my $notice_email = $in{'to'} || $Conf::global{'admin_email'}; my $notice_email = $args{'to'} || $args{'admin_email'};
$mail_data->{'to'} = $notice_email; $mail_data->{'to'} = $notice_email;
## Protection to prevent notifications during test dev phases ## Protection to prevent notifications during test dev phases
## Notify only admin_email or dev_sp_contact addresses ## Notify only admin_email or dev_sp_contact addresses
if ($Conf::global{'dev_no_mail_outside'}) { if ($args{'dev_no_mail_outside'}) {
my %rcpt = map { $_ => 1 } split(/,/, $notice_email); my %rcpt = map { $_ => 1 } split(/,/, $notice_email);
my %authorized_rcpt = map { $_ => 1 } split( my %authorized_rcpt = map { $_ => 1 } split(
/,/, /,/,
join(',', join(',',
$Conf::global{'admin_email'}, $args{'admin_email'},
$Conf::global{'dev_sp_contact'}) $args{'dev_sp_contact'})
); );
my $change_rcpt = 0; my $change_rcpt = 0;
...@@ -185,7 +182,7 @@ sub mail_notice { ...@@ -185,7 +182,7 @@ sub mail_notice {
$notice_email $notice_email
) )
); );
$notice_email = $Conf::global{'admin_email'}; $notice_email = $args{'admin_email'};
} }
} }
...@@ -196,7 +193,7 @@ sub mail_notice { ...@@ -196,7 +193,7 @@ sub mail_notice {
open SENDMAIL, open SENDMAIL,
"|/usr/sbin/sendmail -f " "|/usr/sbin/sendmail -f "
. $Conf::global{'notice_from'} . $args{'notice_from'}
. " $notice_email"; . " $notice_email";
my $tt2 = Template->new(FILTERS => { qencode => [ \qencode, 0 ] }); my $tt2 = Template->new(FILTERS => { qencode => [ \qencode, 0 ] });
......
lib/IdPAccountManager/WebRequest.pm
+ 25
10
View file @ 72a82b6f
...@@ -196,9 +196,14 @@ sub respond { ...@@ -196,9 +196,14 @@ sub respond {
if (@errors_admin) { if (@errors_admin) {
$self->{'param_out'}{'subject'} = 'Error notification - web interface'; $self->{'param_out'}{'subject'} = 'Error notification - web interface';
IdPAccountManager::Tools::mail_notice( IdPAccountManager::Tools::mail_notice(
'template' => 'templates/mail/notification_generic_error.tt2.eml', 'template' => 'templates/mail/notification_generic_error.tt2.eml',
'data' => $self->{'param_out'}, 'data' => $self->{'param_out'},
'logger' => $self->{'logger'} 'logger' => $self->{'logger'},
'conf' => \%Conf::global,
'admin_email' => $Conf::global{'admin_email'},
'dev_no_mail_outside' => $Conf::global{'dev_no_mail_outside'},
'dev_sp_contact' => $Conf::global{'dev_sp_contact'},
'notice_from' => $Conf::global{'notice_from'}
); );
} }
} }
...@@ -290,7 +295,9 @@ sub req_select_sp { ...@@ -290,7 +295,9 @@ sub req_select_sp {
## Create a serviceprovider object to store major parameters for this SP in DB ## Create a serviceprovider object to store major parameters for this SP in DB
my $service_provider = IdPAccountManager::ServiceProvider->new( my $service_provider = IdPAccountManager::ServiceProvider->new(
entityid => $self->{'param_in'}{'sp_entityid'}); entityid => $self->{'param_in'}{'sp_entityid'},
dev_sp_contact => $Conf::global{'dev_sp_contact'}
);
## Prepare data ## Prepare data
my $sp_metadata_as_hashref = my $sp_metadata_as_hashref =
...@@ -328,9 +335,10 @@ sub req_select_sp { ...@@ -328,9 +335,10 @@ sub req_select_sp {
} else { } else {
$service_provider = IdPAccountManager::ServiceProvider->new( $service_provider = IdPAccountManager::ServiceProvider->new(
entityid => $self->{'param_in'}{'sp_entityid'}, entityid => $self->{'param_in'}{'sp_entityid'},
contacts => join(',', @contacts), contacts => join(',', @contacts),
displayname => $display_name displayname => $display_name,
dev_sp_contact => $Conf::global{'dev_sp_contact'}
); );
unless (defined $service_provider) { unless (defined $service_provider) {
push @{ $self->{'param_out'}{'errors'} }, "internal"; push @{ $self->{'param_out'}{'errors'} }, "internal";
...@@ -382,7 +390,9 @@ sub req_generate_token { ...@@ -382,7 +390,9 @@ sub req_generate_token {
## Create a serviceprovider object to load parameters for this SP from DB ## Create a serviceprovider object to load parameters for this SP from DB
my $service_provider = IdPAccountManager::ServiceProvider->new( my $service_provider = IdPAccountManager::ServiceProvider->new(
entityid => $self->{'param_in'}{'sp_entityid'}); entityid => $self->{'param_in'}{'sp_entityid'},
dev_sp_contact => $Conf::global{'dev_sp_contact'}
);
# Try loading DB object first # Try loading DB object first
unless ($service_provider->load(speculative => 1)) { unless ($service_provider->load(speculative => 1)) {
...@@ -550,7 +560,9 @@ sub req_validate_token { ...@@ -550,7 +560,9 @@ sub req_validate_token {
## create test accounts ## create test accounts
my @test_accounts = my @test_accounts =
IdPAccountManager::TestAccount::create_test_accounts_for_sp( IdPAccountManager::TestAccount::create_test_accounts_for_sp(
sp_entityid => $self->{'param_in'}{'sp_entityid'}); sp_entityid => $self->{'param_in'}{'sp_entityid'},
account_profiles => $Conf::global{'account_profiles'}
);
unless (@test_accounts) { unless (@test_accounts) {
push @{ $self->{'param_out'}{'errors'} }, "accounts_creation_failed"; push @{ $self->{'param_out'}{'errors'} }, "accounts_creation_failed";
...@@ -563,7 +575,10 @@ sub req_validate_token { ...@@ -563,7 +575,10 @@ sub req_validate_token {
} }
## Update simpleSAMLphp configuration to enable test accounts ## Update simpleSAMLphp configuration to enable test accounts
unless (IdPAccountManager::Tools::update_ssp_authsources()) { unless (IdPAccountManager::Tools::update_ssp_authsources(
$Conf::global{'root_manager_dir'},
\%Conf::global
)) {
push @{ $self->{'param_out'}{'errors'} }, "accounts_creation_failed"; push @{ $self->{'param_out'}{'errors'} }, "accounts_creation_failed";
$self->{logger}->log( $self->{logger}->log(
level => LOG_ERROR, level => LOG_ERROR,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment