Closed
Bug 226324
Opened 21 years ago
Closed 21 years ago
Move relogin.cgi code to Bugzilla::Auth::CGI
Categories
(Bugzilla :: User Accounts, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.18
People
(Reporter: kiko, Assigned: kiko)
References
Details
Attachments
(1 file, 4 obsolete files)
6.33 KB,
patch
|
kiko
:
review+
justdave
:
review+
|
Details | Diff | Splinter Review |
As per comment, move the login bits from the relogin.cgi code to
Bugzilla::Auth::CGI->logout.
Assignee | ||
Comment 1•21 years ago
|
||
I've tried to keep the same pattern followed for Bugzilla->login(), which takes
care of the globals, and handling off the backend bits (header/database) to the
CGI authentication module.
I'm not sure that Bugzilla::Auth::CGI is the correct place for the SendSQL, but
I couldn't a better place.
Assignee | ||
Updated•21 years ago
|
Attachment #135988 -
Flags: review?(gerv)
Comment 2•21 years ago
|
||
I'm not convinced this is right; given that we have pluggable auth, are we
supposed to be referring to Bugzilla::Auth::CGI directly from Bugzilla pm?
bbaetz should really be looking at this anyway; the Auth system is his baby.
Gerv
Assignee | ||
Comment 3•21 years ago
|
||
Well, we refer to Auth::CGI already (just see Bugzilla->login), and this at
least centralizes things more than they are today.
Assignee | ||
Comment 4•21 years ago
|
||
Attachment #135988 -
Attachment is obsolete: true
Assignee | ||
Comment 5•21 years ago
|
||
Comment on attachment 136005 [details] [diff] [review]
kiko_v2: use dbh instead of old crufty SqlQuote
I'm going to insist that this is correct :-)
The pluggable authentication code is in LDAP.pm and DB.pm; the Cookie and CGI
modules are used in both cases. The changes I make are to be used by all
backends regardless.
Attachment #136005 -
Flags: review?(gerv)
Assignee | ||
Comment 6•21 years ago
|
||
Attachment #136005 -
Attachment is obsolete: true
Assignee | ||
Updated•21 years ago
|
Attachment #136007 -
Flags: review?(gerv)
Assignee | ||
Updated•21 years ago
|
Attachment #135988 -
Flags: review?(gerv)
Assignee | ||
Updated•21 years ago
|
Attachment #136005 -
Flags: review?(gerv)
Comment 7•21 years ago
|
||
The ::CGI bit snn't that generic, and unilt we have another option I really
can't know what abstraction we'll need.
Assignee | ||
Comment 8•21 years ago
|
||
Which means hopefully you agree with my change :)
Comment 9•21 years ago
|
||
I recently checked in a fix for the JS security hole which assumed that logout()
just logged you out for this request rather than logged you out permanently.
You'll need to fix that, won't you? :-)
Otherwise it looks OK, but I still think bbaetz should look at it.
Gerv
Assignee | ||
Comment 10•21 years ago
|
||
I knew that was coming back, it was a matter of time!
Updated•21 years ago
|
Attachment #136007 -
Flags: review?(gerv) → review-
Comment 11•21 years ago
|
||
for the record, we have an Auth module for Zippy's bugzilla which doesn't use
the cookies... and the existing way the plugin system works it plugged right
in, with the exception of how it determines what parts of an account you're
allowed to modify. Since the "real" Auth module is consulted prior to
Auth::Cookie, ours returns a success or fail directly and it never falls through
to Auth::Cookie.
Comment 12•21 years ago
|
||
The CGI thing was meant to coexist with Bugzilla::Auth::Email,
Bugzilla::Auth::IRC, and so on. justdave's thing is more a replacement for ::Db
and ::LDAP, although its sort of in the middle a bit.
Assignee | ||
Comment 13•21 years ago
|
||
bbaetz: would the logincookies table be used in Net::Auth::IRC and Email? I can
place the SQL bits elsewhere, but I think it's too soon for that, since
Net::Auth::CGI contains SQL in login() too.
So apart from fixing Gerv's problem (a logout_once or something) is there
anything else I'm missing? Bradley?
Status: NEW → ASSIGNED
Assignee | ||
Comment 14•21 years ago
|
||
I've added a logout_session call which implements the original logout()
semantics. I've checked and only buglist.cgi and relogin.cgi used the call, so
we're safe to change this.
Assignee | ||
Updated•21 years ago
|
Attachment #136007 -
Attachment is obsolete: true
Assignee | ||
Updated•21 years ago
|
Attachment #136046 -
Flags: review?(bbaetz)
Comment 15•21 years ago
|
||
Comment on attachment 136046 [details] [diff] [review]
kiko_v4: add logout_session
logout_request seems ugly, but I don't have a better suggestion - unlogin is
uglier.
Re the hard coding of ::CGI, maybe we need to split these modules up into
separate directories for authn/authz like apache does. Or Bugzilla::Auth could
poke ISA for both types of modules, I guess.
Lets wait until we ahve a second user before doing that, though.
Attachment #136046 -
Flags: review?(bbaetz) → review+
Updated•21 years ago
|
Flags: approval+
Updated•21 years ago
|
Target Milestone: --- → Bugzilla 2.18
Comment 16•21 years ago
|
||
hmmm....
createaccount.cgi got missed. It nukes Bugzilla_logincookie when it should be
calling ->logout
userprefs.cgi still mentions $::COOKIE{'Bugzilla_logincookie'}, that one
probably needs something new... it's logging out all other logins of that user
except the current one when they change their password. ->logout_others? The
routine in globals that it's calling should move to Auth/CGI with the rest of
the stuff probably.
Flags: approval+
Assignee | ||
Comment 17•21 years ago
|
||
Yep, I did miss createaccount; this patch includes a cleanup to it.
I filed bug 226754 for the InvalidateLogins cleanup. I'm going to move forward
bbaetz's review since it's really a trivial change to the additional cgi; chide
me if this wasn't right.
Attachment #136046 -
Attachment is obsolete: true
Assignee | ||
Updated•21 years ago
|
Attachment #136300 -
Flags: review+
Assignee | ||
Updated•21 years ago
|
Flags: approval?
Comment 18•21 years ago
|
||
Comment on attachment 136300 [details] [diff] [review]
kiko_v5: include createaccount.cgi cleanup
looks good to me
Updated•21 years ago
|
Flags: approval? → approval+
Assignee | ||
Comment 19•21 years ago
|
||
Another happy customer served:
/cvsroot/mozilla/webtools/bugzilla/Bugzilla.pm,v <-- Bugzilla.pm
new revision: 1.9; previous revision: 1.8
done
Checking in relogin.cgi;
/cvsroot/mozilla/webtools/bugzilla/relogin.cgi,v <-- relogin.cgi
new revision: 1.24; previous revision: 1.23
done
Checking in buglist.cgi;
/cvsroot/mozilla/webtools/bugzilla/buglist.cgi,v <-- buglist.cgi
new revision: 1.240; previous revision: 1.239
done
Checking in createaccount.cgi;
/cvsroot/mozilla/webtools/bugzilla/createaccount.cgi,v <-- createaccount.cgi
new revision: 1.31; previous revision: 1.30
done
Checking in Bugzilla/Auth/CGI.pm;
/cvsroot/mozilla/webtools/bugzilla/Bugzilla/Auth/CGI.pm,v <-- CGI.pm
new revision: 1.5; previous revision: 1.4
Thanks.
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•