diff options
| author | Martin van Es <martin@mrvanes.com> | 2016-02-22 11:44:49 +0100 |
|---|---|---|
| committer | Martin van Es <martin@mrvanes.com> | 2016-02-22 11:44:49 +0100 |
| commit | fc1837b27a6aee6a687740836fe2f4c2628f3b17 (patch) | |
| tree | 60198a03b9403cad47ab6050c410b83363847a55 | |
| parent | abf5b93b15382df9849436cb9ae66079db04c0bc (diff) | |
| download | simplesamlphp-fc1837b27a6aee6a687740836fe2f4c2628f3b17.zip simplesamlphp-fc1837b27a6aee6a687740836fe2f4c2628f3b17.tar.gz simplesamlphp-fc1837b27a6aee6a687740836fe2f4c2628f3b17.tar.bz2 | |
Rename filter
3 files changed, 0 insertions, 311 deletions
diff --git a/modules/core/docs/authproc_generateaffiliation.txt b/modules/core/docs/authproc_generateaffiliation.txt deleted file mode 100644 index 37d7e42..0000000 --- a/modules/core/docs/authproc_generateaffiliation.txt +++ /dev/null @@ -1,61 +0,0 @@ -`core:GenerateAffiliation` -=================== - -Filter that generate an attribute to the user based on value(s) in another attribute. - -Default member attribute is memberOf, default target attribute is eduPersonAffiliation. -%replace can be used to replace member attribute with target attribute, otherwise both will exist -after processing filter. If the member attribute does not exist, nothing will be done or replaced. - - -Examples --------- - -Add student affiliation based on LDAP groupmembership -Will add eduPersonAffiliation containing value "student" if memberOf attribute contains 'cn=student,o=some,o=organization,dc=org'. - - 'authproc' => array( - 50 => array( - 'class' => 'core:GenerateAffiliation', - 'values' => array( - 'student' => array( - 'cn=student,o=some,o=organization,dc=org', - ), - ), - ), - - -Add student and employee affiliation based on LDAP groupmembership - - 'authproc' => array( - 50 => array( - 'class' => 'core:GenerateAffiliation', - 'values' => array( - 'student' => array( - 'cn=student,o=some,o=organization,dc=org', - ), - 'employee' => array( - 'cn=employees,o=some,o=organization,dc=org', - ), - ), - ), - -Different memberof and target attributes, replace member attribute -Will add 'affiliation' containing 'student' and/or 'employee' depending on the values in 'groups' attribute and remove the latter. - - 'authproc' => array( - 50 => array( - 'class' => 'core:GenerateAffiliation', - '%replace', - 'attributename' => 'affiliation', - 'memberattribute' => 'groups', - 'values' => array( - 'student' => array( - 'cn=student,o=some,o=organization,dc=org', - ), - 'employee' => array( - 'cn=employees,o=some,o=organization,dc=org', - ), - ), - ), - diff --git a/modules/core/lib/Auth/Process/GenerateAffiliation.php b/modules/core/lib/Auth/Process/GenerateAffiliation.php deleted file mode 100644 index 7d3dda5..0000000 --- a/modules/core/lib/Auth/Process/GenerateAffiliation.php +++ /dev/null @@ -1,110 +0,0 @@ -<?php - -/** - * Filter to generate affiliation(s) based on groupmembership attribute - * - * @author Martin van Es, m7 - * @package simpleSAMLphp - */ -class sspmod_core_Auth_Process_GenerateAffiliation extends SimpleSAML_Auth_ProcessingFilter { - - /** - * The attributename we should assign affiliations to (target) - */ - private $attributename = 'eduPersonAffiliation'; - - /** - * The attributename we should generate affiliations from - */ - private $memberattribute = 'memberOf'; - - /** - * The required $memberattribute values and target affiliations - */ - private $values = array(); - - /** - * Wether $memberattribute should be replaced by target attribute - */ - private $replace = false; - - /** - * Initialize this filter. - * - * @param array $config Configuration information about this filter. - * @param mixed $reserved For future use. - */ - public function __construct($config, $reserved) { - parent::__construct($config, $reserved); - - assert('is_array($config)'); - - /* Validate configuration. */ - foreach ($config as $name => $value) { - if (is_int($name)) { - // check if this is an option - if ($value === '%replace') { - $this->replace = true; - } else { - throw new SimpleSAML_Error_Exception('Unknown flag : ' . var_export($value, true)); - } - continue; - } - - // Set attributename - if ($name === 'attributename') { - $this->attributename = $value; - } - - // Set memberattribute - if ($name === 'memberattribute') { - $this->memberattribute = $value; - } - - // Set values - if ($name === 'values') { - $this->values = $value; - } - } - } - - - /** - * Apply filter to add groups attribute. - * - * @param array &$request The current request - */ - public function process(&$request) { - assert('is_array($request)'); - assert('array_key_exists("Attributes", $request)'); - $attributes =& $request['Attributes']; - - $affiliations = array(); - - if (array_key_exists($this->memberattribute, $attributes)) { - $memberof = $attributes[$this->memberattribute]; - - if (is_array($memberof)) { - foreach ($this->values as $value => $require) { - if (count(array_intersect($require, $memberof)) > 0) { - SimpleSAML_Logger::debug('GenerateAffiliation - intersect match for ' . $value); - $affiliations[] = $value; - } - } - } - - if (count($affiliations) > 0) { - $attributes[$this->attributename] = $affiliations; - } - - if ($this->replace) { - unset($attributes[$this->memberattribute]); - } - - } else { - SimpleSAML_Logger::warning('GenerateAffiliation - memberattribute does not exist: ' . $this->memberattribute); - } - } -} - -?> diff --git a/tests/modules/core/lib/Auth/Process/GenerateAffiliationTest.php b/tests/modules/core/lib/Auth/Process/GenerateAffiliationTest.php deleted file mode 100644 index a947b46..0000000 --- a/tests/modules/core/lib/Auth/Process/GenerateAffiliationTest.php +++ /dev/null @@ -1,140 +0,0 @@ -<?php - -/** - * Test for the core:GenerateAffiliation filter. - */ -class Test_Core_Auth_Process_GenerateAffiliation extends PHPUnit_Framework_TestCase -{ - - /** - * Helper function to run the filter with a given configuration. - * - * @param array $config The filter configuration. - * @param array $request The request state. - * @return array The state array after processing. - */ - private static function processFilter(array $config, array $request) { - $filter = new sspmod_core_Auth_Process_GenerateAffiliation($config, null); - $filter->process($request); - return $request; - } - - /** - * Test the most basic functionality. - */ - public function testBasic() { - $config = array( - 'values' => array( - 'target' => array( - 'source', - ), - ), - ); - $request = array( - 'Attributes' => array( - 'memberOf' => array('source'), - ), - ); - $result = self::processFilter($config, $request); - $attributes = $result['Attributes']; - $this->assertArrayHasKey('eduPersonAffiliation', $attributes); - $this->assertArrayHasKey('memberOf', $attributes); - $this->assertEquals($attributes['eduPersonAffiliation'], array('target')); - } - - /** - * Test the %replace functionality. - */ - public function testReplace() { - $config = array( - '%replace', - 'values' => array( - 'target' => array( - 'source', - ), - ), - ); - $request = array( - 'Attributes' => array( - 'memberOf' => array('source'), - ), - ); - $result = self::processFilter($config, $request); - $attributes = $result['Attributes']; - $this->assertArrayHasKey('eduPersonAffiliation', $attributes); - $this->assertArrayNotHasKey('memberOf', $attributes); - $this->assertEquals($attributes['eduPersonAffiliation'], array('target')); - } - - /** - * Test the different Attribute configurations. - */ - public function testAttributeConfig() { - $config = array( - 'attributename' => 'affiliation', - 'memberattribute' => 'group', - 'values' => array( - 'target' => array( - 'source', - ), - ), - ); - $request = array( - 'Attributes' => array( - 'group' => array('source'), - ), - ); - $result = self::processFilter($config, $request); - $attributes = $result['Attributes']; - $this->assertArrayHasKey('affiliation', $attributes); - $this->assertEquals($attributes['affiliation'], array('target')); - } - - - /** - * Test unknown flag Exception - * - * @expectedException Exception - */ - public function testUnknownFlag() { - $config = array( - '%test', - 'values' => array( - 'target' => array( - 'source', - ), - ), - ); - $request = array( - 'Attributes' => array( - 'memberOf' => array('source'), - ), - ); - $result = self::processFilter($config, $request); - } - - /** - * Test missing member attribute - * - */ - public function testMissingMemberAttribute() { - $config = array( - '%replace', - 'values' => array( - 'target' => array( - 'source', - ), - ), - ); - $request = array( - 'Attributes' => array( - 'test' => array('source'), - ), - ); - $result = self::processFilter($config, $request); - $attributes = $result['Attributes']; - $this->assertArrayHasKey('test', $attributes); - $this->assertArrayNotHasKey('eduPersonAffiliation', $attributes); - $this->assertEquals($attributes['test'], array('source')); - } -} |