You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl-cvs@perl.apache.org by jk...@apache.org on 2013/06/27 09:51:40 UTC

svn commit: r1497234 - in /perl/modperl/branches/httpd24/t/response/TestAPI: access2.pm access2_24.pm

Author: jkaluza
Date: Thu Jun 27 07:51:40 2013
New Revision: 1497234

URL: http://svn.apache.org/r1497234
Log:
Split t/response/TestAPI/access2.pm to httpd-2.4 and httpd-2.2 parts.

Added:
    perl/modperl/branches/httpd24/t/response/TestAPI/access2_24.pm
Modified:
    perl/modperl/branches/httpd24/t/response/TestAPI/access2.pm

Modified: perl/modperl/branches/httpd24/t/response/TestAPI/access2.pm
URL: http://svn.apache.org/viewvc/perl/modperl/branches/httpd24/t/response/TestAPI/access2.pm?rev=1497234&r1=1497233&r2=1497234&view=diff
==============================================================================
--- perl/modperl/branches/httpd24/t/response/TestAPI/access2.pm (original)
+++ perl/modperl/branches/httpd24/t/response/TestAPI/access2.pm Thu Jun 27 07:51:40 2013
@@ -33,41 +33,20 @@ use Apache2::RequestRec ();
 use Apache::TestTrace;
 
 use Apache2::Const -compile => qw(OK HTTP_UNAUTHORIZED SERVER_ERROR
-                                  AUTHZ_GRANTED AUTHZ_DENIED M_POST :satisfy
-                                  AUTHZ_DENIED_NO_USER);
+                                 M_POST :satisfy);
 
 my $users  = "goo bar";
-my $groups = "xar tar";
+my $groups = "bar tar";
 my %users = (
     goo => "goopass",
     bar => "barpass",
 );
 
-sub authz_handler {
-    my $self = shift;
+sub handler {
     my $r = shift;
-    my $requires = shift;
-
-    if (!$r->user) {
-        return Apache2::Const::AUTHZ_DENIED_NO_USER;
-    }
-
-    return Apache2::Const::SERVER_ERROR unless
-        $requires eq $users or $requires eq $groups;
-
-    my @require_args = split(/\s+/, $requires);
-    if (grep {$_ eq $r->user} @require_args) {
-        return Apache2::Const::AUTHZ_GRANTED;
-    }
-
-    return Apache2::Const::AUTHZ_DENIED;
-}
-
-sub authn_handler {
-    my $self = shift;
-    my $r = shift;
-
+	print 'xxxxx\n';
     die '$r->some_auth_required failed' unless $r->some_auth_required;
+	
 
     my $satisfies = $r->satisfies;
     die "wanted satisfies=" . Apache2::Const::SATISFY_ALL . ", got $satisfies"
@@ -76,10 +55,30 @@ sub authn_handler {
     my ($rc, $sent_pw) = $r->get_basic_auth_pw;
     return $rc if $rc != Apache2::Const::OK;
 
+    # extract just the requirement entries
+    my %require =
+        map { my ($k, $v) = split /\s+/, $_->{requirement}, 2; ($k, $v||'') }
+        @{ $r->requires };
+    debug \%require;
+
+    # silly (we don't check user/pass here), just checking when
+    # the Limit options are getting through
     if ($r->method_number == Apache2::Const::M_POST) {
-        return Apache2::Const::OK;
+        if (exists $require{"valid-user"}) {
+            return Apache2::Const::OK;
+        }
+        else {
+            return Apache2::Const::SERVER_ERROR;
+        }
+    }
+    else {
+        # non-POST requests shouldn't see the Limit enclosed entry
+        return Apache2::Const::SERVER_ERROR if exists $require{"valid-user"};
     }
 
+    return Apache2::Const::SERVER_ERROR unless $require{user}  eq $users;
+    return Apache2::Const::SERVER_ERROR unless $require{group} eq $groups;
+
     my $user = $r->user;
     my $pass = $users{$user} || '';
     unless (defined $pass and $sent_pw eq $pass) {
@@ -94,10 +93,9 @@ sub authn_handler {
 __DATA__
 
 <NoAutoConfig>
-PerlAddAuthzProvider my-user TestAPI::access2->authz_handler
-PerlAddAuthzProvider my-group TestAPI::access2->authz_handler
+<IfVersion < 2.3.0>
 <Location /TestAPI__access2>
-    PerlAuthenHandler TestAPI::access2->authn_handler
+    PerlAuthenHandler TestAPI::access2
     PerlResponseHandler Apache::TestHandler::ok1
     SetHandler modperl
 
@@ -107,8 +105,8 @@ PerlAddAuthzProvider my-group TestAPI::a
     </IfModule>
     AuthType Basic
     AuthName "Access"
-    Require my-user goo bar
-    Require my-group xar tar
+    Require user goo bar
+    Require group bar tar
     <Limit POST>
        Require valid-user
     </Limit>
@@ -122,4 +120,5 @@ PerlAddAuthzProvider my-group TestAPI::a
         AuthGroupFile @DocumentRoot@/api/auth-groups
     </IfModule>
 </Location>
+</IfVersion>
 </NoAutoConfig>

Added: perl/modperl/branches/httpd24/t/response/TestAPI/access2_24.pm
URL: http://svn.apache.org/viewvc/perl/modperl/branches/httpd24/t/response/TestAPI/access2_24.pm?rev=1497234&view=auto
==============================================================================
--- perl/modperl/branches/httpd24/t/response/TestAPI/access2_24.pm (added)
+++ perl/modperl/branches/httpd24/t/response/TestAPI/access2_24.pm Thu Jun 27 07:51:40 2013
@@ -0,0 +1,128 @@
+package TestAPI::access2;
+
+# testing $r->requires
+# in the POST test it returns:
+#
+#  [
+#    {
+#      'method_mask' => -1,
+#      'requirement' => 'user goo bar'
+#    },
+#    {
+#      'method_mask' => -1,
+#      'requirement' => 'group bar tar'
+#    }
+#    {
+#      'method_mask' => 4,
+#      'requirement' => 'valid-user'
+#    }
+#  ];
+#
+# otherwise it returns the same, sans the 'valid-user' entry
+#
+# also test:
+# - $r->some_auth_required when it's required
+# - $r->satisfies when Satisfy is set
+
+use strict;
+use warnings FATAL => 'all';
+
+use Apache2::Access ();
+use Apache2::RequestRec ();
+
+use Apache::TestTrace;
+
+use Apache2::Const -compile => qw(OK HTTP_UNAUTHORIZED SERVER_ERROR
+                                  AUTHZ_GRANTED AUTHZ_DENIED M_POST :satisfy
+                                  AUTHZ_DENIED_NO_USER);
+
+my $users  = "goo bar";
+my $groups = "xar tar";
+my %users = (
+    goo => "goopass",
+    bar => "barpass",
+);
+
+sub authz_handler {
+    my $self = shift;
+    my $r = shift;
+    my $requires = shift;
+
+    if (!$r->user) {
+        return Apache2::Const::AUTHZ_DENIED_NO_USER;
+    }
+
+    return Apache2::Const::SERVER_ERROR unless
+        $requires eq $users or $requires eq $groups;
+
+    my @require_args = split(/\s+/, $requires);
+    if (grep {$_ eq $r->user} @require_args) {
+        return Apache2::Const::AUTHZ_GRANTED;
+    }
+
+    return Apache2::Const::AUTHZ_DENIED;
+}
+
+sub authn_handler {
+    my $self = shift;
+    my $r = shift;
+
+    die '$r->some_auth_required failed' unless $r->some_auth_required;
+
+    my $satisfies = $r->satisfies;
+    die "wanted satisfies=" . Apache2::Const::SATISFY_ALL . ", got $satisfies"
+        unless $r->satisfies() == Apache2::Const::SATISFY_ALL;
+
+    my ($rc, $sent_pw) = $r->get_basic_auth_pw;
+    return $rc if $rc != Apache2::Const::OK;
+
+    if ($r->method_number == Apache2::Const::M_POST) {
+        return Apache2::Const::OK;
+    }
+
+    my $user = $r->user;
+    my $pass = $users{$user} || '';
+    unless (defined $pass and $sent_pw eq $pass) {
+        $r->note_basic_auth_failure;
+        return Apache2::Const::HTTP_UNAUTHORIZED;
+    }
+
+    Apache2::Const::OK;
+}
+
+1;
+__DATA__
+
+<NoAutoConfig>
+<IfVersion > 2.4.1>
+
+PerlAddAuthzProvider my-user TestAPI::access2_24->authz_handler
+PerlAddAuthzProvider my-group TestAPI::access2_24->authz_handler
+<Location /TestAPI__access2>
+    PerlAuthenHandler TestAPI::access2_24->authn_handler
+    PerlResponseHandler Apache::TestHandler::ok1
+    SetHandler modperl
+
+    <IfModule @ACCESS_MODULE@>
+        # needed to test $r->satisfies
+        Allow from All
+    </IfModule>
+    AuthType Basic
+    AuthName "Access"
+    Require my-user goo bar
+    Require my-group xar tar
+    <Limit POST>
+       Require valid-user
+    </Limit>
+    Satisfy All
+    <IfModule @AUTH_MODULE@>
+        # htpasswd -mbc auth-users goo foo
+        # htpasswd -mb auth-users bar mar
+        # using md5 password so it'll work on win32 too
+        AuthUserFile @DocumentRoot@/api/auth-users
+        # group: user1 user2 ...
+        AuthGroupFile @DocumentRoot@/api/auth-groups
+    </IfModule>
+</Location>
+</IfVersion>
+</NoAutoConfig>