Bug 438435: Need code hooks for authentication

Bugzilla/Auth/Login/Stack.pm

@@ -26,16 +26,24 @@ use fields qw(
     _stack
     successful
 );
+use Hash::Util qw(lock_keys);
+use Bugzilla::Hook;
 
 sub new {
     my $class = shift;
     my $self = $class->SUPER::new(@_);
     my $list = shift;
+    my %methods = map { $_ => "Bugzilla/Auth/Login/$_.pm" } split(',', $list);
+    lock_keys(%methods);
+    Bugzilla::Hook::process('auth-login_methods', { modules => \%methods });
+
     $self->{_stack} = [];
-    foreach my $login_method (split(',', $list)) {
-        require "Bugzilla/Auth/Login/${login_method}.pm";
-        push(@{$self->{_stack}}, 
-             "Bugzilla::Auth::Login::$login_method"->new(@_));
+    foreach my $login_method (keys %methods) {
+        my $module = $methods{$login_method};
+        require $module;
+        $module =~ s|/|::|g;
+        $module =~ s/.pm$//;
+        push(@{$self->{_stack}}, $module->new(@_));
     }
     return $self;
 }

Bugzilla/Auth/Verify/Stack.pm

@@ -21,16 +21,24 @@ use fields qw(
     _stack
     successful
 );
+use Hash::Util qw(lock_keys);
+use Bugzilla::Hook;
 
 sub new {
     my $class = shift;
     my $list = shift;
     my $self = $class->SUPER::new(@_);
+    my %methods = map { $_ => "Bugzilla/Auth/Verify/$_.pm" } split(',', $list);
+    lock_keys(%methods);
+    Bugzilla::Hook::process('auth-verify_methods', { modules => \%methods });
+
     $self->{_stack} = [];
-    foreach my $verify_method (split(',', $list)) {
-        require "Bugzilla/Auth/Verify/${verify_method}.pm";
-        push(@{$self->{_stack}}, 
-             "Bugzilla::Auth::Verify::$verify_method"->new(@_));
+    foreach my $verify_method (keys %methods) {
+        my $module = $methods{$verify_method};
+        require $module;
+        $module =~ s|/|::|g;
+        $module =~ s/.pm$//;
+        push(@{$self->{_stack}}, $module->new(@_));
     }
     return $self;
 }

Bugzilla/Config.pm

@@ -34,6 +34,7 @@ use strict;
 
 use base qw(Exporter);
 use Bugzilla::Constants;
+use Bugzilla::Hook;
 use Data::Dumper;
 use File::Temp;
 
@@ -54,15 +55,21 @@ our %params;
 # Load in the param definitions
 sub _load_params {
     my $panels = param_panels();
+    my %hook_panels;
     foreach my $panel (keys %$panels) {
         my $module = $panels->{$panel};
         eval("require $module") || die $@;
-        my @new_param_list = "$module"->get_param_list();
+        my @new_param_list = $module->get_param_list();
+        $hook_panels{lc($panel)} = { params => \@new_param_list };
         foreach my $item (@new_param_list) {
             $params{$item->{'name'}} = $item;
         }
         push(@param_list, @new_param_list);
     }
+    # This hook is also called in editparams.cgi. This call here is required
+    # to make SetParam work.
+    Bugzilla::Hook::process('config-modify_panels', 
+                            { panels => \%hook_panels });
 }
 # END INIT CODE
 
@@ -77,7 +84,8 @@ sub param_panels {
         $param_panels->{$module} = "Bugzilla::Config::$module" unless $module eq 'Common';
     }
     # Now check for any hooked params
-    Bugzilla::Hook::process('config', { config => $param_panels });
+    Bugzilla::Hook::process('config-add_panels', 
+                            { panel_modules => $param_panels });
     return $param_panels;
 }
 

Bugzilla/Config/Common.pm

@@ -277,10 +277,7 @@ sub check_user_verify_class {
     for my $class (split /,\s*/, $list) {
         my $res = check_multi($class, $entry);
         return $res if $res;
-        if ($class eq 'DB') {
-            # No params
-        }
-        elsif ($class eq 'RADIUS') {
+        if ($class eq 'RADIUS') {
             eval "require Authen::Radius";
             return "Error requiring Authen::Radius: '$@'" if $@;
             return "RADIUS servername (RADIUS_server) is missing" unless Bugzilla->params->{"RADIUS_server"};
@@ -292,9 +289,6 @@ sub check_user_verify_class {
             return "LDAP servername (LDAPserver) is missing" unless Bugzilla->params->{"LDAPserver"};
             return "LDAPBaseDN is empty" unless Bugzilla->params->{"LDAPBaseDN"};
         }
-        else {
-            return "Unknown user_verify_class '$class' in check_user_verify_class";
-        }
     }
     return "";
 }

Bugzilla/Hook.pm

@@ -198,6 +198,88 @@ The definition is structured as:
 
 =back
 
+=head2 auth-login_methods
+
+This allows you to add new login types to Bugzilla.
+(See L<Bugzilla::Auth::Login>.)
+
+Params:
+
+=over
+
+=item C<modules>
+
+This is a hash--a mapping from login-type "names" to the actual module on
+disk. The keys will be all the values that were passed to 
+L<Bugzilla::Auth/login> for the C<Login> parameter. The values are the
+actual path to the module on disk. (For example, if the key is C<DB>, the
+value is F<Bugzilla/Auth/Login/DB.pm>.)
+
+For your extension, the path will start with 
+F<extensions/yourextension/lib/>. (See the code in the example extension.)
+
+If your login type is in the hash as a key, you should set that key to the
+right path to your module. That module's C<new> method will be called,
+probably with empty parameters. If your login type is I<not> in the hash,
+you should not set it.
+
+You will be prevented from adding new keys to the hash, so make sure your
+key is in there before you modify it. (In other words, you can't add in
+login methods that weren't passed to L<Bugzilla::Auth/login>.)
+
+=back
+
+=head2 auth-verify_methods
+
+This works just like L</auth-login_methods> except it's for
+login verification methods (See L<Bugzilla::Auth::Verify>.) It also
+takes a C<modules> parameter, just like L</auth-login_methods>.
+
+=head2 config-add_panels
+
+If you want to add new panels to the Parameters administrative interface,
+this is where you do it.
+
+Params:
+
+=over
+
+=item C<panel_modules>
+
+A hashref, where the keys are the "name" of the module and the value
+is the Perl module containing that config module. For example, if
+the name is C<Auth>, the value would be C<Bugzilla::Config::Auth>.
+
+For your extension, the Perl module name must start with 
+C<extensions::yourextension::lib>. (See the code in the example
+extension.)
+
+=back
+
+=head2 config-modify_panels
+
+This is how you modify already-existing panels in the Parameters
+administrative interface. For example, if you wanted to add a new
+Auth method (modifying Bugzilla::Config::Auth) this is how you'd
+do it.
+
+Params:
+
+=over
+
+=item C<panels>
+
+A hashref, where the keys are lower-case panel "names" (like C<auth>, 
+C<admin>, etc.) and the values are hashrefs. The hashref contains a
+single key, C<params>. C<params> is an arrayref--the return value from
+C<get_param_list> for that module. You can modify C<params> and
+your changes will be reflected in the interface.
+
+Adding new keys to C<panels> will have no effect. You should use
+L</config-add_panels> if you want to add new panels.
+
+=back
+
 =head2 enter_bug-entrydefaultvars
 
 This happens right before the template is loaded on enter_bug.cgi.

editparams.cgi

@@ -71,12 +71,17 @@ foreach my $panel (keys %$param_panels) {
     $current_module = $panel if ($current_panel eq lc($panel));
 }
 
+my %hook_panels = map { $_->{name} => { params => $_->{param_list} } }
+                      @panels;
+# Note that this hook is also called in Bugzilla::Config.
+Bugzilla::Hook::process('config-modify_panels', { panels => \%hook_panels });
+
 $vars->{panels} = \@panels;
 
 if ($action eq 'save' && $current_module) {
     check_token_data($token, 'edit_parameters');
     my @changes = ();
-    my @module_param_list = "$param_panels->{$current_module}"->get_param_list(1);
+    my @module_param_list = @{ $hook_panels{lc($current_module)}->{params} };
 
     foreach my $i (@module_param_list) {
         my $name = $i->{'name'};

extensions/example/code/auth-login_methods.pl

+# -*- Mode: perl; indent-tabs-mode: nil -*-
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is the Bugzilla Example Plugin.
+#
+# The Initial Developer of the Original Code is Canonical Ltd.
+# Portions created by Canonical Ltd. are Copyright (C) 2008 
+# Canonical Ltd. All Rights Reserved.
+#
+# Contributor(s): Max Kanat-Alexander <mkanat@bugzilla.org>
+
+use strict;
+use warnings;
+use Bugzilla;
+my $modules = Bugzilla->hook_args->{modules};
+if (exists $modules->{Example}) {
+    $modules->{Example} = 'extensions/example/lib/AuthLogin.pm';
+}

extensions/example/code/auth-verify_methods.pl

+# -*- Mode: perl; indent-tabs-mode: nil -*-
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is the Bugzilla Example Plugin.
+#
+# The Initial Developer of the Original Code is Canonical Ltd.
+# Portions created by Canonical Ltd. are Copyright (C) 2008 
+# Canonical Ltd. All Rights Reserved.
+#
+# Contributor(s): Max Kanat-Alexander <mkanat@bugzilla.org>
+
+use strict;
+use warnings;
+use Bugzilla;
+my $modules = Bugzilla->hook_args->{modules};
+if (exists $modules->{Example}) {
+    $modules->{Example} = 'extensions/example/lib/AuthVerify.pm';
+}

extensions/example/code/config-add_panels.pl

+# -*- Mode: perl; indent-tabs-mode: nil -*-
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is the Bugzilla Example Plugin.
+#
+# The Initial Developer of the Original Code is Canonical Ltd.
+# Portions created by Canonical Ltd. are Copyright (C) 2008 
+# Canonical Ltd. All Rights Reserved.
+#
+# Contributor(s): Bradley Baetz <bbaetz@acm.org>
+
+use strict;
+use warnings;
+use Bugzilla;
+my $modules = Bugzilla->hook_args->{panel_modules};
+$modules->{Example} = "extensions::example::lib::ConfigExample";

extensions/example/code/config-modify_panels.pl

+# -*- Mode: perl; indent-tabs-mode: nil -*-
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is the Bugzilla Example Plugin.
+#
+# The Initial Developer of the Original Code is Canonical Ltd.
+# Portions created by Canonical Ltd. are Copyright (C) 2008 
+# Canonical Ltd. All Rights Reserved.
+#
+# Contributor(s): Max Kanat-Alexander <mkanat@bugzilla.org>
+
+use strict;
+use warnings;
+use Bugzilla;
+my $panels = Bugzilla->hook_args->{panels};
+
+# Add the "Example" auth methods.
+my $auth_params = $panels->{'auth'}->{params};
+my ($info_class)   = grep($_->{name} eq 'user_info_class', @$auth_params);
+my ($verify_class) = grep($_->{name} eq 'user_verify_class', @$auth_params);
+
+push(@{ $info_class->{choices} },   'CGI,Example');
+push(@{ $verify_class->{choices} }, 'Example');

extensions/example/lib/AuthLogin.pm

+# -*- Mode: perl; indent-tabs-mode: nil -*-
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is the Bugzilla Example Plugin.
+#
+# The Initial Developer of the Original Code is Canonical Ltd.
+# Portions created by Canonical are Copyright (C) 2008 Canonical Ltd.
+# All Rights Reserved.
+#
+# Contributor(s): Max Kanat-Alexander <mkanat@bugzilla.org>
+
+package extensions::example::lib::AuthLogin;
+use strict;
+use base qw(Bugzilla::Auth::Login);
+use constant user_can_create_account => 0;
+use Bugzilla::Constants;
+
+# Always returns no data.
+sub get_login_info {
+    return { failure => AUTH_NODATA };
+}
+
+1;

extensions/example/lib/AuthVerify.pm

+# -*- Mode: perl; indent-tabs-mode: nil -*-
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is the Bugzilla Example Plugin.
+#
+# The Initial Developer of the Original Code is Canonical Ltd.
+# Portions created by Canonical are Copyright (C) 2008 Canonical Ltd.
+# All Rights Reserved.
+#
+# Contributor(s): Max Kanat-Alexander <mkanat@bugzilla.org>
+
+package extensions::example::lib::AuthVerify;
+use strict;
+use base qw(Bugzilla::Auth::Verify);
+use Bugzilla::Constants;
+
+# A verifier that always fails.
+sub check_credentials {
+    return { failure => AUTH_NO_SUCH_USER };
+}
+
+1;