[Rt-commit] rt branch 5.0/login-logout-adjustments created. rt-5.0.3-226-ge6ece68976

BPS Git Server git at git.bestpractical.com
Mon Jan 16 21:35:09 UTC 2023


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "rt".

The branch, 5.0/login-logout-adjustments has been created
        at  e6ece6897653cb3329a2639117f779676bfd5d70 (commit)

- Log -----------------------------------------------------------------
commit e6ece6897653cb3329a2639117f779676bfd5d70
Author: Ronaldo Richieri <ronaldo at bestpractical.com>
Date:   Fri Jan 6 17:43:05 2023 -0300

    Update basic_auth.t test since logout will be always available

diff --git a/t/web/basic_auth.t b/t/web/basic_auth.t
index ff77f29f26..2eea552fec 100644
--- a/t/web/basic_auth.t
+++ b/t/web/basic_auth.t
@@ -23,7 +23,7 @@ $m->content_like(
     qr{<span class="current-user">\Qroot\E</span>}i,
     "Has user on the page"
 );
-$m->content_unlike(qr/Logout/i, "Has no logout button, no WebFallbackToRTLogin");
+$m->content_like(qr/Logout/i, "Has logout button");
 
 # Again, testing the plack middleware
 $m->get($url);

commit 855b894a98427f3249c116592f3bc1769ebe41e6
Author: Ronaldo Richieri <ronaldo at bestpractical.com>
Date:   Fri Jan 6 17:20:51 2023 -0300

    Add REMOTE ADDRESS to the debug of auth web remote log in

diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index 7de6dcf3fc..d8e66866cd 100644
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -806,7 +806,8 @@ sub AttemptExternalAuth {
         }
 
         if ( _UserLoggedIn() ) {
-            RT->Logger->info("Session created from REMOTE_USER for user $user");
+            my $remote_addr = RequestENV('REMOTE_ADDR');
+            RT->Logger->info("Successful login for $user from $remote_addr");
             $HTML::Mason::Commands::session{'WebExternallyAuthed'} = 1;
             $m->callback( %$ARGS, CallbackName => 'ExternalAuthSuccessfulLogin', CallbackPage => '/autohandler' );
             # It is possible that we did a redirect to the login page,

commit 6729f2be980af1df5df0da069c60ea3e1e94b66a
Author: Ronaldo Richieri <ronaldo at bestpractical.com>
Date:   Fri Jan 6 17:18:39 2023 -0300

    Move LogoutURL logic from MenuBuilder.pm to Logout.html
    
    We will not hide the logout option anymore so there is no need to have
    logic in MenuBuilder for hidding it.
    In Logout.html we will check if the user is logged from Remote User
    Auth and also if LogoutURL is set in the config file.

diff --git a/lib/RT/Interface/Web/MenuBuilder.pm b/lib/RT/Interface/Web/MenuBuilder.pm
index b6260023a8..d7f395d963 100644
--- a/lib/RT/Interface/Web/MenuBuilder.pm
+++ b/lib/RT/Interface/Web/MenuBuilder.pm
@@ -339,8 +339,7 @@ sub BuildMainNav {
         }
     }
     if ( $current_user->Name ) {
-        _BuildLogoutMenu( $about_me );
-    }
+        $about_me->child( logout => title => loc('Logout'), path => '/NoAuth/Logout.html' );    }
     if ( $request_path =~ m{^/Dashboards/(\d+)?}) {
         if ( my $id = ( $1 || $HTML::Mason::Commands::DECODED_ARGS->{'id'} ) ) {
             my $obj = RT::Dashboard->new( $current_user );
@@ -1621,18 +1620,6 @@ sub _BuildAdminMenu {
     }
 }
 
-sub _BuildLogoutMenu {
-    my $about_me = shift;
-
-    my $logout_url = RT->Config->Get('LogoutURL') || '/NoAuth/Logout.html';
-    # If user is not externally authenticated, show the logout link
-    # otherwise, show the logout link if LogoutURL is set to something other than the default
-    if ( !$HTML::Mason::Commands::session{'WebExternallyAuthed'} || $logout_url ne '/NoAuth/Logout.html' )
-    {
-        $about_me->child( logout => title => loc('Logout'), path => '/NoAuth/Logout.html' );
-    }
-}
-
 sub BuildSelfServiceNav {
     my $request_path = shift;
     my $top          = shift;
@@ -1704,7 +1691,7 @@ sub BuildSelfServiceNav {
     }
 
     if ( $current_user->Name ) {
-        _BuildLogoutMenu($about_me);
+        $about_me->child( logout => title => loc('Logout'), path => '/NoAuth/Logout.html' );
     }
 
     if ( RT->Config->Get('SelfServiceShowArticleSearch') ) {
diff --git a/share/html/NoAuth/Logout.html b/share/html/NoAuth/Logout.html
index f6bd25ea3b..2897d487da 100644
--- a/share/html/NoAuth/Logout.html
+++ b/share/html/NoAuth/Logout.html
@@ -77,25 +77,41 @@ $m->callback( %ARGS, CallbackName => 'ModifyLoginRedirect', URL => \$URL );
 
 $m->callback( %ARGS, CallbackName => 'BeforeSessionDelete' );
 
-my $username;
-if (keys %session) {
-    $username = $session{'CurrentUser'}->Name;
-
-    # If WebRemoteUserAuth and LogoutURL are set, redirect to the LogoutURL set on Config
-    if (
-        $session{'WebExternallyAuthed'}
-        && RT->Config->Get('LogoutURL')
-    ) {
-        $URL = RT->Config->Get('LogoutURL');
+if (keys %session && $session{'CurrentUser'}->Name) {
+    my $username = $session{'CurrentUser'}->Name;
+    my $remote_addr = ( RT::Interface::Web::RequestENV('REMOTE_ADDR')
+                        || 'UNKNOWN');
+    my $logout_message = "Successful logout for $username from $remote_addr";
+    my $loglevel = 'info';
+    my $LogoutURL = RT->Config->Get('LogoutURL');
+    if ($session{'WebExternallyAuthed'}){
+        if ($LogoutURL
+            && $LogoutURL ne '/NoAuth/Logout.html'
+            ) {
+            $logout_message =
+                "Successfully cleared session for ".
+                $username . " for logout request from ".
+                $remote_addr;
+            $URL = $LogoutURL;
+        } else {
+            $loglevel = 'warn';
+            $logout_message =
+                "Successfully cleared session for ".
+                $username . " for logout request from ".
+                $remote_addr .
+                " but LogoutURL Config is undefined or invalid";
+        }
     }
 
     # Clear the session
     RT::Interface::Web::InstantiateNewSession();
     $session{'CurrentUser'} = RT::CurrentUser->new;
+
+    RT->Logger->$loglevel($logout_message);
 }
 
 $m->callback( %ARGS, CallbackName => 'AfterSessionDelete' );
+
 $m->notes->{RefreshURL} = $URL;
 
-RT->Logger->info("User $username logged out. Redirecting to $URL") if $username;
 </%INIT>

-----------------------------------------------------------------------


hooks/post-receive
-- 
rt


More information about the rt-commit mailing list