Monday, July 19, 2021

httpd / svn / ldap authentication Simple and mixed authorizations

i'll not make things hard and long.
Here is an configuration that i use to authenticate users thats use our svn server.


LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

# Add the following to allow a basic authentication and point Apache to where the actual
# repository resides.

        DAV svn
        SVNPath /var/www/html/svn/chartes
        AuthType Basic
        AuthName "My company repo"
	#AuthBasicAuthorative Off
	AuthBasicProvider ldap
	AuthLDAPURL "ldap://AD_IP/DC=DC_1,DC=local?sAMAccountName?sub?(objectClass=*)"
	AuthLDAPBindDN	"LOGIN_OF_AUTHORIZED_USER_TO_SEARCH"
	AuthLDAPBindPassword "PASSWORD_FOR_AUTHORIZED_USER"
	Require valid-user
Don't specify the port in the server ip
DC items may be more then 2, depending on your AD configuration.
Remark here we use sAMAccountName as research criteria Now imagine we want this scenario:
1-LDAP auth
2-Access rights granted from local file (rw rights)
We can do that by adding a simple directive in our .conf file
AuthzSVNAccessFile
so our new .conf file become:
LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

# Add the following to allow a basic authentication and point Apache to where the actual
# repository resides.

        DAV svn
        SVNPath /var/www/html/svn/chartes
        AuthType Basic
        AuthName "My company repo"
	#AuthBasicAuthorative Off
	AuthBasicProvider ldap
	AuthLDAPURL "ldap://AD_IP/DC=DC_1,DC=local?sAMAccountName?sub?(objectClass=*)"
	AuthLDAPBindDN	"LOGIN_OF_AUTHORIZED_USER_TO_SEARCH"
	AuthLDAPBindPassword "PASSWORD_FOR_AUTHORIZED_USER"
    AuthzSVNAccessFile /etc/svn-repo-chartes.authz
	Require valid-user
Where /etc/svn-repo-chartes.authzcontent is
[/] * = r

Now no-one has write right on repo here but only read
Let's see that
Sceanrio:
1- Login
2-Checkout
3-Create file
4-Add file to repo
5-commit

Craps!
We have that message :
Accès à '/svn/chartes/!svn/me' interdit' <=> 'Access to .... denied' 

Now you can set authorizations line by line and user by user

Let's continue...
I'll grant to Mr 66456 a write right
Our new authorizations file content become:
[/]
* = r
66456 = rw

Let's commit again...
All right !
Posted by at No comments:

Friday, May 14, 2021

Responsive width Facebook Page Plugin

 Facebook plugin can fit into any div by specifying the width attribute 
exemple (here width is set 200px) 


<div class="fb-page" data-href="https://www.facebook.com/facebook" data-tabs="timeline" data-width="200" data-height="" data-small-header="false" data-adapt-container-width="true" data-hide-cover="false" data-show-facepile="true"><blockquote cite="https://www.facebook.com/facebook" class="fb-xfbml-parse-ignore"><a href="https://www.facebook.com/facebook">Facebook</a></blockquote></div>

The only constraint is the 180px<=width <=500px

In case when we dont have the exact size of a div until the DOM load, an alternative is to differ the script load after DOM load and pass the correct width at that moment

in this few codes i m  trying to fit the fb feed into a 63.26% of  wrapper

   console.log('running fb script');
    var fb_block = document.getElementById('fb-wrapper');    
    if(fb_block !== null){
        var parent_width = $('.home-social-content').width();        
        var fb_width = parent_width * 63.26 / 100;        
        var rounded_fb_width = Math.round(fb_width);        
        if(fb_width < rounded_fb_width){
            rounded_fb_width -= 1;
        }        
        var inject_html = '<div class="fb-page" data-href="https://www.facebook.com/airbus" data-tabs="timeline" data-width="' + rounded_fb_width +'" data-height="732" data-small-header="true" data-adapt-container-width="true" data-hide-cover="true" data-show-facepile="false"><blockquote cite="https://www.facebook.com/airbus" class="fb-xfbml-parse-ignore"><a href="https://www.facebook.com/airbus">Airbus</a></blockquote></div>';
        inject_html +='<script async defer crossorigin="anonymous" src="https://connect.facebook.net/fr_FR/sdk.js#xfbml=1&version=v10.0&appId=337498777087670&autoLogAppEvents=1" nonce="qjuBX7Rb"></script>';        
        $('#fb-wrapper').html(inject_html); 
        console.log('done...');
Posted by at No comments:

Monday, January 11, 2021

Prestashop 1.6.x - PHP 5.x to PHP 7.x Uncaught Error: Access to undeclared static property:

When upgrading PHP version for prestashop 1.6.x websites from 5.x to 7.x
some errors may occure (Prestashop guys confirm that max allowed version is 5.5)

Typical error is:

Uncaught Error: Access to undeclared static property: CLASS_NAME::PROPERTY/METHOD_NAME in ....
Example:
Uncaught Error: Access to undeclared static property: Validate::$data in ZZZ/classes/ObjectModel.php:1113
So i made change in 2 calsses (up to now) to make the website working :


in classes/controller/AdminController.php (Line 886 ???)
i've changed:
$return = $this->{'process'.Tools::toCamelCase($this->action)}();

to
$return = call_user_func_array(array($this, 'process'.Tools::toCamelCase($this->action)), array());


in classes/ObjectModel: (Line 1135 ???)
if (isset($data['validate']) && !Validate::$data['validate']($value) && (!empty($value) || $data['required']))

to
if (isset($data['validate']) && !call_user_func('Validate::'.$data['validate'],$value) && (!empty($value) || $data['required']))

Notice:
Even your website will reUp, it will be from time to other somme 500erros, in general they are in the same kind of the last indicated php instruction :
related to the call call_user_func that became mondatory

Posted by at No comments:
Subscribe to: Posts (Atom)