11.2 First mactch don´t win anymore.

[fdurand]

Describe the bug
2 authentication rules can match for the same user.

To Reproduce
Create a authentication rule in a ldap source.

The first one with filter sAMAccountName=zammit role=patate access duration = 1 day
A second one catch_all and time_balance = 3 days

Authenticate on the portal, the role patate is set with an access duration of 1 day and a time_balance of 3 days.

Expected behavior
First rule should only match.

[julsemaan]

It's due to the fact we filter on the action when matching rules, ex:
time_balance_from_source => sub { $_[0]->new_node_info->{time_balance} = pf::util::normalize_time(authentication_match_wrapper($_[0]->source->id, $_[0]->auth_source_params, $Actions::SET_TIME_BALANCE)); }

I'll rewrite this so that the auth actions in the portal don't filter on the action but grab the first unfiltered hit and extract the action from it

[julsemaan]

This will introduce a change of behavior though so we'll have to consider if we push this to the maintenance or not