[Rt-commit] rt branch 5.0/fix-web-remote-user-auth-logout-url-bug created. rt-5.0.3-86-g4e48cd5ba8

BPS Git Server git at git.bestpractical.com
Fri Sep 2 15:48:47 UTC 2022 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "rt".

The branch, 5.0/fix-web-remote-user-auth-logout-url-bug has been created
        at  4e48cd5ba8751f47f55a09a16331923144048279 (commit)

- Log -----------------------------------------------------------------
commit 4e48cd5ba8751f47f55a09a16331923144048279
Author: Brad Embree <brad at bestpractical.com>
Date:   Fri Sep 2 08:42:35 2022 -0700

    Fix bug in Logout menu option when using WebRemoteUserAuth
    
    When WebRemoteUserAuth is enabled and WebFallbackToRTLogin is not
    enabled the user would not see the Logout menu option.
    
    Changed the logic to use the default RT logout when using default RT
    login and only use the LogoutURL config option if the user is actually
    authorized externally and the LogoutURL config option is not set to the
    default RT logout.

diff --git a/lib/RT/Interface/Web/MenuBuilder.pm b/lib/RT/Interface/Web/MenuBuilder.pm
index 7260a75c78..7a1550eab4 100644
--- a/lib/RT/Interface/Web/MenuBuilder.pm
+++ b/lib/RT/Interface/Web/MenuBuilder.pm
@@ -338,10 +338,18 @@ sub BuildMainNav {
             );
         }
     }
-    my $logout_url = RT->Config->Get('LogoutURL');
+    my $logout_url = RT->Config->Get('LogoutURL') || '';
     if ( $current_user->Name
          && (   !RT->Config->Get('WebRemoteUserAuth')
               || RT->Config->Get('WebFallbackToRTLogin') )) {
+        # using RT login so use default RT logout
+        $about_me->child( logout => title => loc('Logout'), path => '/NoAuth/Logout.html' );
+    } elsif ( RT->Config->Get('WebRemoteUserAuth')
+        && $HTML::Mason::Commands::session{'WebExternallyAuthed'}
+        && ( $logout_url ne '/NoAuth/Logout.html' ) )
+    {
+        # using remote user auth so use logout url if it is not the default RT logout
+        # for remote user auth logout url should point to SP or IdP logout
         $about_me->child( logout => title => loc('Logout'), path => $logout_url );
     }
     if ( $request_path =~ m{^/Dashboards/(\d+)?}) {
@@ -1694,10 +1702,18 @@ sub BuildSelfServiceNav {
         $about_me->child( prefs => title => loc('Preferences'), path => '/SelfService/Prefs.html' );
     }
 
-    my $logout_url = RT->Config->Get('LogoutURL');
+    my $logout_url = RT->Config->Get('LogoutURL') || '';
     if ( $current_user->Name
          && (   !RT->Config->Get('WebRemoteUserAuth')
               || RT->Config->Get('WebFallbackToRTLogin') )) {
+        # using RT login so use default RT logout
+        $about_me->child( logout => title => loc('Logout'), path => '/NoAuth/Logout.html' );
+    } elsif ( RT->Config->Get('WebRemoteUserAuth')
+        && $HTML::Mason::Commands::session{'WebExternallyAuthed'}
+        && ( $logout_url ne '/NoAuth/Logout.html' ) )
+    {
+        # using remote user auth so use logout url if it is not the default RT logout
+        # for remote user auth logout url should point to SP or IdP logout
         $about_me->child( logout => title => loc('Logout'), path => $logout_url );
     }
 

-----------------------------------------------------------------------


hooks/post-receive
-- 
rt

More information about the rt-commit mailing list