X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FAuthentication%2FStore%2FLDAP%2FBackend.pm;h=75e2a0f6de6efc5768c06ea8e987a8f9bf8ade8e;hb=0d3c4264e91902605a92fc2f3d4c5b76a7f581cd;hp=90b170ee9c0cf7c35b56cd3197b373a8cf44724b;hpb=d7ddb040641529c6c1b754ff1f4ac38e2d1166b5;p=catagits%2FCatalyst-Authentication-Store-LDAP.git diff --git a/lib/Catalyst/Authentication/Store/LDAP/Backend.pm b/lib/Catalyst/Authentication/Store/LDAP/Backend.pm index 90b170e..75e2a0f 100644 --- a/lib/Catalyst/Authentication/Store/LDAP/Backend.pm +++ b/lib/Catalyst/Authentication/Store/LDAP/Backend.pm @@ -74,11 +74,12 @@ use base qw( Class::Accessor::Fast ); use strict; use warnings; -our $VERSION = '1.015'; +our $VERSION = '1.016'; use Catalyst::Authentication::Store::LDAP::User; use Net::LDAP; use Catalyst::Utils (); +use Catalyst::Exception; BEGIN { __PACKAGE__->mk_accessors( @@ -120,13 +121,16 @@ sub new { $config_hash{'role_filter'} ||= '(memberUid=%s)'; $config_hash{'role_scope'} ||= 'sub'; $config_hash{'role_field'} ||= 'cn'; - $config_hash{'use_roles'} ||= '1'; + $config_hash{'use_roles'} = '1' + unless exists $config_hash{use_roles}; $config_hash{'start_tls'} ||= '0'; $config_hash{'entry_class'} ||= 'Catalyst::Model::LDAP::Entry'; $config_hash{'user_class'} ||= 'Catalyst::Authentication::Store::LDAP::User'; $config_hash{'role_search_as_user'} ||= 0; $config_hash{'persist_in_session'} ||= 'username'; + Catalyst::Exception->throw('persist_in_session must be either username or all') + unless $config_hash{'persist_in_session'} =~ /\A(?:username|all)\z/; Catalyst::Utils::ensure_class_loaded( $config_hash{'user_class'} ); my $self = \%config_hash; @@ -388,7 +392,7 @@ objects that match it's criteria. sub lookup_roles { my ( $self, $userobj, $ldap ) = @_; if ( $self->use_roles == 0 || $self->use_roles =~ /^false$/i ) { - return undef; + return (); } $ldap ||= $self->role_search_as_user ? $userobj->ldap_connection : $self->ldap_bind; @@ -446,17 +450,25 @@ sub user_supports { Catalyst::Authentication::Store::LDAP::User->supports(@_); } -=head2 from_session( I, I<$c> ) +=head2 from_session( I, I<$c>, $frozenuser ) + +Revives a serialized user from storage in the session. -Returns get_user() for I. +Supports users stored with a different persist_in_session setting. =cut sub from_session { my ( $self, $c, $frozenuser ) = @_; - if ( $self->persist_in_session eq 'all' ) { - return $self->user_class->new( $self, $frozenuser->{user}, $c, $frozenuser->{_roles} ); + # we need to restore the user depending on the current storage of the + # user in the session store which might differ from what + # persist_in_session is set to now + if ( ref $frozenuser eq 'HASH' ) { + # we can rely on the existance of this key if the user is a hashref + if ( $frozenuser->{persist_in_session} eq 'all' ) { + return $self->user_class->new( $self, $frozenuser->{user}, $c, $frozenuser->{_roles} ); + } } return $self->get_user( $frozenuser, $c );