Skip to content

Commit

Permalink
Merge pull request #97 from ericvaandering/add_autocreate
Browse files Browse the repository at this point in the history 
Automatically create account for shibboleth version
  • Loading branch information
@ericvaandering
ericvaandering authored Dec 26, 2018
2 parents f9b3ec7 + e00fe31 commit c7400c5
Show file tree
Hide file tree
Showing 6 changed files with 219 additions and 2 deletions.
1 change: 1 addition & 0 deletions DocDB/cgi/DocDBGlobals.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@ $Preferences{Security}{Certificates}{ShowCertInstructions} = $FALSE; # TRUE or
$Preferences{Security}{AuthName} = ""; # Set to override default AuthName of group1 or group2, etc.
$Preferences{Security}{SSOGroupVariables} = (); # Environmental variables with lists of groups
$Preferences{Security}{AutoCreateSSO} = $FALSE; # Automatically create an SSO user if none exists
$Preferences{Security}{AutoCreateShib} = $FALSE; # Automatically create a Shibboleth user if none exists
$Preferences{Security}{UseCertGroupsForSSO} = $FALSE; # If no SSO account exists, use the groups from the certificate
$Preferences{Security}{TransferCertToSSO} = $FALSE; # Automatically transfer certificate user information to SSO
# (implies AutoCreateSSO)
Expand Down
2 changes: 1 addition & 1 deletion DocDB/cgi/DocDBVersion.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,6 @@
# along with DocDB; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

$DocDBVersion = "8.8.9p1";
$DocDBVersion = "8.8.9p2";

1;
5 changes: 5 additions & 0 deletions DocDB/cgi/EmailLogin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,11 @@ $dbh = DBI->connect('DBI:mysql:'.$db_name.':'.$db_host,$db_rouser,$db_ropass);
print $query -> header( -charset => $HTTP_ENCODING );
&DocDBHeader("Personal Account Login");

if ($UserValidation eq "shibboleth" or $UserValidation eq "FNALSSO") {
push @ErrorStack,"This page is not valid for single sign-on methods.";
}
EndPage();

print "<p/>\n";
print "<b>This page is used to log into or create a personal $Project DocDB account. You
can use this account to set e-mail notifications. DocDB will e-mail
Expand Down
41 changes: 40 additions & 1 deletion DocDB/cgi/ShibbolethUtilities.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,11 +68,50 @@ sub FetchEmailUserIDForShib () {

my ($EmailUserID) = $EmailUserSelect -> fetchrow_array;

if (!$EmailUserID and $Preferences{Security}{AutoCreateShib}) {
$EmailUserID = CreateShibUser();
}

if ($EmailUserID) {
FetchEmailUser($EmailUserID)
}

return $EmailUserID;
}

1;
sub CreateShibUser() {
my ($FQUN, $UserName, $Email, $Name) = GetUserInfoShib();
if ($FQUN eq 'Unknown') {
push @DebugStack, 'Username is Unknown. Not inserting. SSO may not be set up correctly.';
return;
}

push @DebugStack, "Creating Shibboleth SSO user in EmailUser with Username=$FQUN, Email=$Email, Name=$Name";
CreateConnection(-type => "rw"); # Can't rely on connection setup by top script, may be read-only
my $UserInsert = $dbh_rw->prepare(
"insert into EmailUser (EmailUserID,Username,Name,EmailAddress,Password,Verified) " .
"values (0, ?, ?, ?, ?, 1)");
$UserInsert->execute($FQUN, $Name, $Email, 'x');
my $EmailUserID = $UserInsert -> {mysql_insertid}; # Works with MySQL only
DestroyConnection($dbh_rw);
push @DebugStack, "Created EmailUserID $EmailUserID for SSO";
return $EmailUserID;
}

sub GetUserInfoShib() {
my $Username = "Unknown";
my $EmailAddress = "Unknown";
my $Name = "Unknown";

if (exists $ENV{'ADFS_LOGIN'}) {
$Name = $ENV{ADFS_FULLNAME};
$EmailAddress = $ENV{ADFS_EMAIL};
$Username = $ENV{ADFS_LOGIN};
}

push @DebugStack, "GetUserInfoShib returning $Username, $Username, $EmailAddress, $Name";

return ($Username, $Username, $EmailAddress, $Name);
}

1;
4 changes: 4 additions & 0 deletions DocDB/doc/CHANGES
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
8.8.9p2
Add an option $Preferences{Security}{AutoCreateShib} (defaults to $FALSE) to automatically create shibboleth accounts
(following what was done for Fermilab SSO). Fixes a regression where it was difficult or impossible to make an account

8.8.9p1
Fix the author searching JS for old cases where first or last name may not exist
Include a patch from 8.7 branch that was never included
Expand Down
168 changes: 168 additions & 0 deletions DocDB/html/js/OldCMS.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,168 @@
// This code was in the CMS DocDB but was preventing the author fields from being pre-filled. It was removed as it doesn't
// seem to provide real value. Originally written by Vidmantis


var docDB_temp_hacks = 0;


function extended_author_search(){
jQuery.extend(jQuery.expr[':'], {
'containsi': function(elem, i, match, array)
{
return (elem.textContent || elem.innerText || '').toLowerCase()
.indexOf((match[3] || "").toLowerCase()) >= 0;
}
});
jQuery.extend({URLEncode:function(c){var o='';var x=0;c=c.toString();var r=/(^[a-zA-Z0-9_.]*)/;
while(x<c.length){var m=r.exec(c.substr(x));
if(m!=null && m.length>1 && m[1]!=''){o+=m[1];x+=m[1].length;
}else{if(c[x]==' ')o+='+';else{var d=c.charCodeAt(x);var h=d.toString(16);
o+='%'+(h.length<2?'0':'')+h.toUpperCase();}x++;}}return o;},
URLDecode:function(s){var o=s;var binVal,t;var r=/(%[^%]{2})/;
while((m=r.exec(o))!=null && m.length>1 && m[1]!=''){b=parseInt(m[1].substr(1),16);
t=String.fromCharCode(b);o=o.replace(m[1],t);}return o;}
});


// extract url parameter
jQuery.extend({
getUrlVars: function(){
var vars = [], hash;
var hashes = window.location.href.slice(window.location.href.indexOf('?') + 1).split('&');
for(var i = 0; i < hashes.length; i++)
{
hash = hashes[i].split('=');
vars.push(hash[0]);
vars[hash[0]] = hash[1];
}
return vars;
},
getUrlVar: function(name){
return jQuery.getUrlVars()[name];
}
});

var author_search = jQuery.getUrlVar('author');


if (author_search){
jQuery('h3').html(jQuery('<a href="#">show all authors</a>').click(function(){jQuery('table tr td ul li, table tr td a, table tr th').show(); })).show();


jQuery('table tr td ul li, table tr td a, table tr th').hide();

params = author_search.replace('.', ' ').replace('+', ' ').replace(',', ' ').split(' ')

filtered = jQuery('table tr td ul li a')

jQuery(params).each(function(i, param){
//TODO: handle special chars and international names
//console.log(param);

//clean up the string, leave only letters
param = param.replace(/[^a-zA-Z]/g, '');
if (!param)
return;

filtered = filtered.filter(':containsi('+param+')');
});
items = filtered.show().parent().show().addClass('search_matched')


//console.log(items)

/* If there was only one result, point to the documents by the author */
if (items.length == 1){
var target = items.find("a").first().attr('href');
//console.log("Blah:"+target);
location.href = target;
}
}

}


function apply_cms_styles(){
/* watermark the search */
var searchField = jQuery('div#header-search-container input[type=text][name=simpletext]');
/* we take the value of watermark from title attribute */
searchField.watermark(searchField.attr('title'), {className: 'watermark-search'});

jQuery('div#header-search-container form').submit(function(e){
//check if value has an ID
var value =jQuery('input#header-search-input').val();
//alert(value);
var regexp = /id:(\\d+)/i;
if (regexp.test(value)){
//alert('ID');
e.preventDefault();
value.match(regexp);
docid = RegExp.\$1;
window.location.href = 'ShowDocument?docid=' + docid
}
});


/* hide keywords */
if (jQuery('form#documentadd input[name=keywords]')) {
jQuery('form#documentadd input[name=keywords]').parents("tr").first().hide();
}

/* fix styles */
for (i=1; i<1000; i=i+2){
if (!jQuery('input[name=upload'+i+']'))
break;
jQuery('input[name=upload'+i+']').parents('tr').first().addClass('FileUpload');
jQuery('input[name=filedesc'+i+']').parents('tr').first().addClass('FileUpload');
jQuery('input[name=fileid'+i+']').parents('tr').first().addClass('FileUpload');
}




if (docDB_temp_hacks){
/* TODO: (temporaly) set up file input coloring */
for (i=1; i<1000; i=i+2){
if (!jQuery('input[name=upload'+i+']'))
break;
jQuery('input[name=upload'+i+']').parents('tr').first().addClass('file-upload-row-odd');
jQuery('input[name=filedesc'+i+']').parents('tr').first().addClass('file-upload-row-odd');
jQuery('input[name=fileid'+i+']').parents('tr').first().addClass('file-upload-row-odd');
}

/* add select all button */
if (jQuery('form#documentadd input[name=copyfile1]')){
jQuery('form#documentadd input[name=copyfile1]').parents("td").first().append(' <a>copy all files<a>').toggle(function(evt){evt.preventDefault();jQuery('[name^="copyfile"]').val(["on"])}, function(evt){evt.preventDefault();jQuery('[name^="copyfile"]').val([""])})
}

}


}

/* ========== set up the validation =========== */
function form_add_validation(){

jQuery.validator.messages.required = "";

/* pre-validate the form */
jQuery("form#documentadd").validate({onfocusout: true, onkeyup: true});
}


if (!(typeof jQuery === 'undefined') && !(typeof jQuery.validator === 'undefined')){
jQuery(document).ready(function() {
/* Here we could customize the validation (again) */
form_add_validation();
});
}

if (!(typeof jQuery === 'undefined')){
jQuery(document).ready(function() {
apply_cms_styles();
extended_author_search();
if (jQuery('form#documentadd select[name=security]').length == 1) { CmsTransformPermissions(); }
});
}


0 comments on commit c7400c5

Please sign in to comment.