You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl-cvs@perl.apache.org by jk...@apache.org on 2013/06/27 09:51:40 UTC
svn commit: r1497234 - in /perl/modperl/branches/httpd24/t/response/TestAPI:
access2.pm access2_24.pm
Author: jkaluza
Date: Thu Jun 27 07:51:40 2013
New Revision: 1497234
URL: http://svn.apache.org/r1497234
Log:
Split t/response/TestAPI/access2.pm to httpd-2.4 and httpd-2.2 parts.
Added:
perl/modperl/branches/httpd24/t/response/TestAPI/access2_24.pm
Modified:
perl/modperl/branches/httpd24/t/response/TestAPI/access2.pm
Modified: perl/modperl/branches/httpd24/t/response/TestAPI/access2.pm
URL: http://svn.apache.org/viewvc/perl/modperl/branches/httpd24/t/response/TestAPI/access2.pm?rev=1497234&r1=1497233&r2=1497234&view=diff
==============================================================================
--- perl/modperl/branches/httpd24/t/response/TestAPI/access2.pm (original)
+++ perl/modperl/branches/httpd24/t/response/TestAPI/access2.pm Thu Jun 27 07:51:40 2013
@@ -33,41 +33,20 @@ use Apache2::RequestRec ();
use Apache::TestTrace;
use Apache2::Const -compile => qw(OK HTTP_UNAUTHORIZED SERVER_ERROR
- AUTHZ_GRANTED AUTHZ_DENIED M_POST :satisfy
- AUTHZ_DENIED_NO_USER);
+ M_POST :satisfy);
my $users = "goo bar";
-my $groups = "xar tar";
+my $groups = "bar tar";
my %users = (
goo => "goopass",
bar => "barpass",
);
-sub authz_handler {
- my $self = shift;
+sub handler {
my $r = shift;
- my $requires = shift;
-
- if (!$r->user) {
- return Apache2::Const::AUTHZ_DENIED_NO_USER;
- }
-
- return Apache2::Const::SERVER_ERROR unless
- $requires eq $users or $requires eq $groups;
-
- my @require_args = split(/\s+/, $requires);
- if (grep {$_ eq $r->user} @require_args) {
- return Apache2::Const::AUTHZ_GRANTED;
- }
-
- return Apache2::Const::AUTHZ_DENIED;
-}
-
-sub authn_handler {
- my $self = shift;
- my $r = shift;
-
+ print 'xxxxx\n';
die '$r->some_auth_required failed' unless $r->some_auth_required;
+
my $satisfies = $r->satisfies;
die "wanted satisfies=" . Apache2::Const::SATISFY_ALL . ", got $satisfies"
@@ -76,10 +55,30 @@ sub authn_handler {
my ($rc, $sent_pw) = $r->get_basic_auth_pw;
return $rc if $rc != Apache2::Const::OK;
+ # extract just the requirement entries
+ my %require =
+ map { my ($k, $v) = split /\s+/, $_->{requirement}, 2; ($k, $v||'') }
+ @{ $r->requires };
+ debug \%require;
+
+ # silly (we don't check user/pass here), just checking when
+ # the Limit options are getting through
if ($r->method_number == Apache2::Const::M_POST) {
- return Apache2::Const::OK;
+ if (exists $require{"valid-user"}) {
+ return Apache2::Const::OK;
+ }
+ else {
+ return Apache2::Const::SERVER_ERROR;
+ }
+ }
+ else {
+ # non-POST requests shouldn't see the Limit enclosed entry
+ return Apache2::Const::SERVER_ERROR if exists $require{"valid-user"};
}
+ return Apache2::Const::SERVER_ERROR unless $require{user} eq $users;
+ return Apache2::Const::SERVER_ERROR unless $require{group} eq $groups;
+
my $user = $r->user;
my $pass = $users{$user} || '';
unless (defined $pass and $sent_pw eq $pass) {
@@ -94,10 +93,9 @@ sub authn_handler {
__DATA__
<NoAutoConfig>
-PerlAddAuthzProvider my-user TestAPI::access2->authz_handler
-PerlAddAuthzProvider my-group TestAPI::access2->authz_handler
+<IfVersion < 2.3.0>
<Location /TestAPI__access2>
- PerlAuthenHandler TestAPI::access2->authn_handler
+ PerlAuthenHandler TestAPI::access2
PerlResponseHandler Apache::TestHandler::ok1
SetHandler modperl
@@ -107,8 +105,8 @@ PerlAddAuthzProvider my-group TestAPI::a
</IfModule>
AuthType Basic
AuthName "Access"
- Require my-user goo bar
- Require my-group xar tar
+ Require user goo bar
+ Require group bar tar
<Limit POST>
Require valid-user
</Limit>
@@ -122,4 +120,5 @@ PerlAddAuthzProvider my-group TestAPI::a
AuthGroupFile @DocumentRoot@/api/auth-groups
</IfModule>
</Location>
+</IfVersion>
</NoAutoConfig>
Added: perl/modperl/branches/httpd24/t/response/TestAPI/access2_24.pm
URL: http://svn.apache.org/viewvc/perl/modperl/branches/httpd24/t/response/TestAPI/access2_24.pm?rev=1497234&view=auto
==============================================================================
--- perl/modperl/branches/httpd24/t/response/TestAPI/access2_24.pm (added)
+++ perl/modperl/branches/httpd24/t/response/TestAPI/access2_24.pm Thu Jun 27 07:51:40 2013
@@ -0,0 +1,128 @@
+package TestAPI::access2;
+
+# testing $r->requires
+# in the POST test it returns:
+#
+# [
+# {
+# 'method_mask' => -1,
+# 'requirement' => 'user goo bar'
+# },
+# {
+# 'method_mask' => -1,
+# 'requirement' => 'group bar tar'
+# }
+# {
+# 'method_mask' => 4,
+# 'requirement' => 'valid-user'
+# }
+# ];
+#
+# otherwise it returns the same, sans the 'valid-user' entry
+#
+# also test:
+# - $r->some_auth_required when it's required
+# - $r->satisfies when Satisfy is set
+
+use strict;
+use warnings FATAL => 'all';
+
+use Apache2::Access ();
+use Apache2::RequestRec ();
+
+use Apache::TestTrace;
+
+use Apache2::Const -compile => qw(OK HTTP_UNAUTHORIZED SERVER_ERROR
+ AUTHZ_GRANTED AUTHZ_DENIED M_POST :satisfy
+ AUTHZ_DENIED_NO_USER);
+
+my $users = "goo bar";
+my $groups = "xar tar";
+my %users = (
+ goo => "goopass",
+ bar => "barpass",
+);
+
+sub authz_handler {
+ my $self = shift;
+ my $r = shift;
+ my $requires = shift;
+
+ if (!$r->user) {
+ return Apache2::Const::AUTHZ_DENIED_NO_USER;
+ }
+
+ return Apache2::Const::SERVER_ERROR unless
+ $requires eq $users or $requires eq $groups;
+
+ my @require_args = split(/\s+/, $requires);
+ if (grep {$_ eq $r->user} @require_args) {
+ return Apache2::Const::AUTHZ_GRANTED;
+ }
+
+ return Apache2::Const::AUTHZ_DENIED;
+}
+
+sub authn_handler {
+ my $self = shift;
+ my $r = shift;
+
+ die '$r->some_auth_required failed' unless $r->some_auth_required;
+
+ my $satisfies = $r->satisfies;
+ die "wanted satisfies=" . Apache2::Const::SATISFY_ALL . ", got $satisfies"
+ unless $r->satisfies() == Apache2::Const::SATISFY_ALL;
+
+ my ($rc, $sent_pw) = $r->get_basic_auth_pw;
+ return $rc if $rc != Apache2::Const::OK;
+
+ if ($r->method_number == Apache2::Const::M_POST) {
+ return Apache2::Const::OK;
+ }
+
+ my $user = $r->user;
+ my $pass = $users{$user} || '';
+ unless (defined $pass and $sent_pw eq $pass) {
+ $r->note_basic_auth_failure;
+ return Apache2::Const::HTTP_UNAUTHORIZED;
+ }
+
+ Apache2::Const::OK;
+}
+
+1;
+__DATA__
+
+<NoAutoConfig>
+<IfVersion > 2.4.1>
+
+PerlAddAuthzProvider my-user TestAPI::access2_24->authz_handler
+PerlAddAuthzProvider my-group TestAPI::access2_24->authz_handler
+<Location /TestAPI__access2>
+ PerlAuthenHandler TestAPI::access2_24->authn_handler
+ PerlResponseHandler Apache::TestHandler::ok1
+ SetHandler modperl
+
+ <IfModule @ACCESS_MODULE@>
+ # needed to test $r->satisfies
+ Allow from All
+ </IfModule>
+ AuthType Basic
+ AuthName "Access"
+ Require my-user goo bar
+ Require my-group xar tar
+ <Limit POST>
+ Require valid-user
+ </Limit>
+ Satisfy All
+ <IfModule @AUTH_MODULE@>
+ # htpasswd -mbc auth-users goo foo
+ # htpasswd -mb auth-users bar mar
+ # using md5 password so it'll work on win32 too
+ AuthUserFile @DocumentRoot@/api/auth-users
+ # group: user1 user2 ...
+ AuthGroupFile @DocumentRoot@/api/auth-groups
+ </IfModule>
+</Location>
+</IfVersion>
+</NoAutoConfig>