inverse-inc · fgaudreault · Oct 11, 2012 · Aug 27, 2012 · Aug 28, 2012 · Aug 28, 2012
diff --git a/NEWS b/NEWS
@@ -16,7 +16,7 @@ For a list of compatibility related changes see the UPGRADE file.
 Version <develRelease> released on <releaseDate>
 
 Enhancements
- * Code cleanups (#1484)
+ * Code cleanups (#1484, #1485)
  * Important simplification of the Captive Portal code to make it harder to introduce problems
 
 --------------------------------------------------------------------------------
@@ -28,6 +28,7 @@ Bug Fixes
  * cosmetic fix in `pfcmd service ... status` regarding pfdhcplistener (#1515)
  * Guests are not able to confirm registration in some cases - take 2 (#1302)
  * Sponsored guests regressions (#1505)
+ * Guest management login and authentication regressions (#1518)
 
 --------------------------------------------------------------------------------
 Version 3.5.0 released on 2012-08-01

diff --git a/UPGRADE b/UPGRADE
@@ -8,6 +8,15 @@ Notes on upgrading from an older release
 Upgrading from a version prior to <develRelease>
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
+Template files movement
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Some templates were moved. Any custom changes should be re-made on the new
+file locations.
+
+* `html/captive-portal/templates/guest/register_guest.html` -> `html/admin/templates/register_guest.html`
+* `html/captive-portal/templates/guest/mgmt_login.html` -> `html/admin/templates/login.html`
+
 Changes to Web API
 ^^^^^^^^^^^^^^^^^^
 
@@ -17,11 +26,14 @@ you don't have to worry about anything below.
 Deprecations
 ~~~~~~~~~~~~
 
-`pf::web::web_get_locale` will disappear soon. See <_i18n,I18N> below for
-details.
+`pf::web::web_get_locale` moved into `pf::web::admin`. See <_i18n,I18N>
+below for details.
 
 `pf::web::_render_template` no longer exists. See below for details.
 
+`pf::web::get_client_ip` was migrated into `pf::Portal::Session` and is
+no longer available for public consumption.
+
 Core
 ~~~~
 
@@ -38,6 +50,9 @@ need to make sure to update it to use the stash mentionned above.
 `_render_template` is now `render_template` and it no longer needs the
 template vars hashref. It uses $portalSession's stash automatically.
 
+All admin-related subs were moved out of `pf::web` and `pf::web::guest`
+into `pf::web::admin`.
+
 I18N
 ~~~~
 
@@ -51,13 +66,41 @@ can get rid of the following lines from your custom code:
 Changes to Guest API
 ^^^^^^^^^^^^^^^^^^^^
 
+NOTE: Remember, if you don't have custom extensions or customized templates
+you don't have to worry about anything below.
+
 pf::web::guest::generate_selfregistration_page no longer takes a $post_uri
 parameter. If you want to customize it, change post_uri in the guest.html
 template.
 
 $pf::web::guest::LOGIN_TEMPLATE was moved to $pf::web::LOGIN_TEMPLATE.
 References should be updated.
 
+`pf::web::guest`'s `generate_registration_page` was moved in `pf::web::admin`,
+no longer takes a $post_uri parameter and was renamed generate_guestcreation_page.
+
+`pf::web::guest`'s `validate_sponsor` now takes an instance of
+pf::Portal::Session instead of $cgi and $session.
+
+`pf::web::guest`'s `$REGISTRATION_CONFIRMATION_TEMPLATE` was dropped.
+
+Several subroutines moved from `pf::web::guest` into `pf::web::admin`
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+* `valid_access_duration`
+* `valid_arrival_date`
+* `validate_registration` -> `validate_guest_creation`
+* `validate_registration_multiple` -> `validate_guest_creation_multiple`
+* `validate_registration_import` -> `validate_guest_import`
+* `preregister` -> `create_guest`
+* `preregister_multiple` -> `create_guest_multiple`
+* `generate_registration_confirmation_page` -> `generate_guestcreation_confirmation_page`
+* `import_csv`
+* `generate_admin_login_page` -> `generate_login_page`
+* `manager_authenticate` -> `authenticate`
+* `generate_registration_page` -> `generate_guestcreation_page`
+
+
 o Upgrading from a version prior to 3.5.0:
 
     - Database schema update

diff --git a/debian/packetfence.conffiles b/debian/packetfence.conffiles
@@ -55,6 +55,8 @@
 /usr/local/pf/conf/ui.conf.es_ES
 /usr/local/pf/conf/ui-global.conf
 /usr/local/pf/conf/violations.conf
+/usr/local/pf/html/admin/templates/login.html
+/usr/local/pf/html/admin/templates/register_guest.html
 /usr/local/pf/html/admin/templates/soh.html
 /usr/local/pf/html/captive-portal/content/responsive.css
 /usr/local/pf/html/captive-portal/content/styles.css
@@ -74,8 +76,6 @@
 /usr/local/pf/html/captive-portal/templates/guest/sms_confirmation.html
 /usr/local/pf/html/captive-portal/templates/guest/preregistration.html
 /usr/local/pf/html/captive-portal/templates/guest/sponsor_accepted.html
-/usr/local/pf/html/captive-portal/templates/guest/mgmt_login.html
-/usr/local/pf/html/captive-portal/templates/guest/register_guest.html
 /usr/local/pf/html/captive-portal/templates/guest/sponsor_login.html
 /usr/local/pf/html/captive-portal/templates/scan.html
 /usr/local/pf/html/captive-portal/templates/scan-in-progress.html

diff --git a/html/admin/guest-management.cgi b/html/admin/guest-management.cgi
@@ -26,7 +26,8 @@ use pf::node;
 use pf::util;
 use pf::violation;
 use pf::web;
-use pf::web::guest 1.20;
+use pf::web::admin 1.00;
+use pf::web::guest 1.40;
 # called last to allow redefinitions
 use pf::web::custom;
 
@@ -72,7 +73,7 @@ if (defined($session->param("username"))) {
           print $cgi->redirect("/login.php?logout=true");
         }
         else {
-          pf::web::guest::generate_custom_login_page($cgi, $session, undef, "guest/mgmt_login.html");
+          pf::web::admin::generate_login_page($cgi, $session);
         }
 
     }
@@ -81,15 +82,15 @@ if (defined($session->param("username"))) {
         # Single user registration
         #
 
-        my ($success, $error) = pf::web::guest::validate_registration($cgi, $session);
+        my ($success, $error) = pf::web::admin::validate_guest_creation($cgi, $session);
         if (!$success) {
             $logger->debug("guest registration form didn't pass validation");
-            pf::web::guest::generate_registration_page( $cgi, $session, "/guests/manage", $error, 'single' );
+            pf::web::admin::generate_guestcreation_page( $cgi, $session, $error, 'single' );
         }
         else {
             $logger->debug("guest registration form passed validation");
 
-            my $password = pf::web::guest::preregister( $cgi, $session );
+            my $password = pf::web::admin::create_guest( $cgi, $session );
 
             my $info = {
                 'firstname' => $session->param("firstname"),
@@ -98,7 +99,7 @@ if (defined($session->param("username"))) {
                 'username' => $session->param("pid"),
                 'password' => $password,
                 'valid_from' => $session->param("arrival_date"),
-                'duration' => pf::web::guest::valid_access_duration($session->param("access_duration")),
+                'duration' => pf::web::admin::valid_access_duration($session->param("access_duration")),
                 'notes' => $session->param("notes"),
             };
 
@@ -107,7 +108,7 @@ if (defined($session->param("username"))) {
 
             if (defined($cgi->param("action_print"))) {
                 # Print page
-                pf::web::guest::generate_registration_confirmation_page($cgi, $session, $info);
+                pf::web::admin::generate_guestcreation_confirmation_page($cgi, $session, $info);
             }
             else {
                 # Otherwise send email
@@ -122,54 +123,54 @@ if (defined($session->param("username"))) {
                 );
 
                 # Return user to the guest registration page
-                pf::web::guest::generate_registration_page($cgi, $session,"/guests/manage",
-                                                           $pf::web::guest::REGISTRATION_CONTINUE, 'single');
+                pf::web::admin::generate_guestcreation_page($cgi, $session,
+                                                           $pf::web::admin::REGISTRATION_CONTINUE, 'single');
             }
         }
     }
     elsif (defined($cgi->param("action_print_multiple"))) {
         #
         # Multiple user registration
         #
-        my ($success, $error) = pf::web::guest::validate_registration_multiple($cgi, $session);
+        my ($success, $error) = pf::web::admin::validate_guest_creation_multiple($cgi, $session);
         if (!$success) {
           $logger->debug("multiple guest creation form didn't pass validation");
-          pf::web::guest::generate_registration_page($cgi, $session, "/guests/manage", $error, 'multiple');
+          pf::web::admin::generate_guestcreation_page($cgi, $session, $error, 'multiple');
         }
         else {
           $logger->debug("multiple guest creation form passed validation");
-          my $info = pf::web::guest::preregister_multiple($cgi, $session);
+          my $info = pf::web::admin::create_guest_multiple($cgi, $session);
 
           if ($info) {
             # Print page
-            pf::web::guest::generate_registration_confirmation_page($cgi, $session, $info);
+            pf::web::admin::generate_guestcreation_confirmation_page($cgi, $session, $info);
           }
         }
     }
     elsif (defined($cgi->param("action_import"))) {
         #
         # CSV import
         #
-        my ($success, $error) = pf::web::guest::validate_registration_import($cgi, $session);
+        my ($success, $error) = pf::web::admin::validate_guest_import($cgi, $session);
         if (!$success) {
           $logger->debug("guest import form didn't pass validation");
-          pf::web::guest::generate_registration_page($cgi, $session, "/guests/manage", $error, 'import');
+          pf::web::admin::generate_guestcreation_page($cgi, $session, $error, 'import');
         }
         else {
           $logger->debug("guest import form passed validation");
 
           my $file = $cgi->upload('users_file');
           if (!$file && $cgi->cgi_error) {
             $logger->error("Import: Received corrupted file: " . $cgi->cgi_error);
-            pf::web::generate_admin_error_page( $cgi, $session, i18n("error: something went wrong creating the guest"));
+            pf::web::admin::generate_error_page( $cgi, $session, i18n("error: something went wrong creating the guest"));
           }
           else {
             my $filename = $cgi->param('users_file');
             my $tmpfilename = $cgi->tmpFileName($filename);
             my $delimiter = $cgi->param('delimiter');
             my $columns = $cgi->param('columns');
             $logger->info("CSV file import users from $tmpfilename ($filename, \"$delimiter\", \"$columns\")");
-            ($success, $error) = pf::web::guest::import_csv($tmpfilename, $delimiter, $columns, $session);
+            ($success, $error) = pf::web::admin::import_csv($tmpfilename, $delimiter, $columns, $session);
             if ($success) {
               my ($count, $skipped) = split(',',$error);
               $logger->info("CSV file import $count users, skip $skipped users");
@@ -178,24 +179,24 @@ if (defined($session->param("username"))) {
               # Tear down session information
               $session->clear([ "delimiter", "columns", "arrival_date", "access_duration" ]);
             }
-            pf::web::guest::generate_registration_page($cgi, $session, "/guests/manage", $error, 'import');
+            pf::web::admin::generate_guestcreation_page($cgi, $session, $error, 'import');
           }
         }
       }
     else {
       # No specific action, show guest registration page
-      pf::web::guest::generate_registration_page( $cgi, $session, "/guests/manage" );
+      pf::web::admin::generate_guestcreation_page( $cgi, $session );
     }
 }
 else {
     # User is not logged and didn't provide username or password: show login form
     if (!($cgi->param("username") && $cgi->param("password"))) {
-        pf::web::guest::generate_custom_login_page($cgi, $session, undef, "guest/mgmt_login.html");
+        pf::web::admin::generate_login_page($cgi, $session);
         exit(0);
     }
 
     # User provided username and password: authenticate
-    my ($auth_return, $authenticator) = pf::web::web_user_authenticate($cgi, $session, "guest_managers");
+    my ($auth_return, $authenticator) = pf::web::admin::authenticate($cgi, $session, "guest_managers");
     if ($auth_return != 1) {
         $logger->info("authentication failed for user ".$cgi->param("username"));
         my $error;
@@ -204,12 +205,12 @@ else {
         } else {
             $error = $authenticator->getLastError();
         }
-        pf::web::guest::generate_custom_login_page($cgi, $session, $error, "guest/mgmt_login.html");
+        pf::web::admin::generate_login_page($cgi, $session, $error);
         exit(0);
     }
 
     # auth succeeded: redirect to guest registration page
-    pf::web::guest::generate_registration_page( $cgi, $session, "/guests/manage" );
+    pf::web::admin::generate_guestcreation_page( $cgi, $session );
 }
 
 =head1 AUTHOR

diff --git a/html/admin/scan_fetch_report.cgi b/html/admin/scan_fetch_report.cgi
@@ -21,6 +21,7 @@ use lib '/usr/local/pf/lib';
 use pf::config;
 use pf::scan;
 use pf::web qw(i18n i18n_format);
+use pf::web::admin 1.00;
 use pf::web::custom;
 
 Log::Log4perl->init("$conf_dir/log.conf");
@@ -54,7 +55,7 @@ try {
     }
     else {
         $logger->info("Request to fetch a scan report with unrecognized or expired scan id: $params{'scanid'}");
-        pf::web::generate_admin_error_page($cgi, $session, i18n("The scan report code provided is invalid or expired."));
+        pf::web::admin::generate_error_page($cgi, $session, i18n("The scan report code provided is invalid or expired."));
     }
 
 } catch {

diff --git a/html/admin/soh.cgi b/html/admin/soh.cgi
@@ -26,6 +26,7 @@ use JSON;
 
 use pf::config;
 use pf::web;
+use pf::web::admin 1.00;
 use pf::web::custom;
 
 # If we can find an existing PHP session, we allow the user to proceed.
@@ -64,7 +65,7 @@ my $dbh = DBI->connect(
     { RaiseError => 0, PrintError => 0 }
 );
 
-setlocale(LC_MESSAGES, pf::web::web_get_locale($q, $csession));
+setlocale(LC_MESSAGES, pf::web::admin::web_get_locale($q, $csession));
 bindtextdomain("packetfence", "$conf_dir/locale");
 textdomain("packetfence");
 
@@ -335,13 +336,15 @@ elsif ($method eq 'POST' && $action =~ s/^filters\///) {
 # Anything else is an error
 
 else {
-    pf::web::generate_admin_error_page($q, $csession, i18n("Unrecognised request"));
+    pf::web::admin::generate_error_page($q, $csession, i18n("Unrecognised request"));
 }
 
 =head1 AUTHOR
 
 Abhijit Menon-Sen <amenonsen@inverse.ca>
 
+Olivier Bilodeau <obilodeau@inverse.ca>
+
 =head1 COPYRIGHT
 
 Copyright (C) 2011, 2012 Inverse inc.

diff --git a/html/admin/templates/footer.html b/html/admin/templates/footer.html
@@ -0,0 +1,9 @@
+[%# Footer %]
+    </div>
+    <div id="footer">
+      [% IF username %]<img src="/content/images/user.png" alt="Help" />
+      <p>[% i18n("You are logged in as") %] <strong>[% username %]</strong> (<a href="[% post_uri %]?action=logout">[% i18n("Logout") %]</a>)</p>[% END %]
+    </div>
+  </div>
+  </body>
+</html>
diff --git a/...ates/guest/registration_confirmation.html → ...templates/guestcreation_confirmation.html b/...ates/guest/registration_confirmation.html → ...templates/guestcreation_confirmation.html
diff --git a/...ve-portal/templates/guest/mgmt_login.html → html/admin/templates/login.html b/...ve-portal/templates/guest/mgmt_login.html → html/admin/templates/login.html
diff --git a/...ortal/templates/guest/register_guest.html → html/admin/templates/register_guest.html b/...ortal/templates/guest/register_guest.html → html/admin/templates/register_guest.html
@@ -21,7 +21,7 @@ <h1>[% i18n("guest registration form") %]</h1>
           </ul>
 
           <div id="single" class="tab">
-            <form method="post" action="[% post_uri %]" enctype="multipart/form-data">
+            <form method="post" action="[% URL_ADMIN_MANAGE_GUESTS %]" enctype="multipart/form-data">
             <div class="input">
               <span>[% i18n("Firstname") %]</span>
               <input class="field first" name="firstname" type="text" value="[% firstname | html %]" />
@@ -68,7 +68,7 @@ <h1>[% i18n("guest registration form") %]</h1>
           </div> <!-- tab#single -->
 
           <div id="multiple" class="tab">
-            <form method="post" action="[% post_uri %]" enctype="multipart/form-data">
+            <form method="post" action="[% URL_ADMIN_MANAGE_GUESTS %]" enctype="multipart/form-data">
             <div class="input">
               <span>[% i18n("Username Prefix") %]*</span>
               <input class="field first" name="prefix" type="text" value="[% prefix | html %]" />
@@ -120,7 +120,7 @@ <h1>[% i18n("guest registration form") %]</h1>
           </div> <!-- tab#multiple -->
 
           <div id="import" class="tab">
-            <form method="post" action="[% post_uri %]" enctype="multipart/form-data">
+            <form method="post" action="[% URL_ADMIN_MANAGE_GUESTS %]" enctype="multipart/form-data">
             <div class="input">
               <span>[% i18n("CSV file") %]*</span>
               <input type="file" name="users_file" id="users_file" />