SID-00571: Module Function Overriding

Status:	Answered	TWiki version:	4.3.2	Perl version:
Category:	CategoryAuthentication	Server OS:	RHEL	Last update:	16 years ago

Hi Twiki Community.

I'm working on an additional module for the user mapping process. We're using ADFS and Single-Sing-On. From there we get the users group information. The code checks Allowtopicview names against our ADFS-group list. To use this information, i want to re-use the existing isInList function in Twiki/Users.pm.

For overriding this function, i need to use base classes in my module. here is what i did:

package TWiki::Users::ADFSUserMapping; 
use base 'TWiki::Users::TWikiUserMapping'; 

Now. my new redesigned function has exactly the same name: isInList. But still no overriding take place, the code from Users.pm gets used. And if I place some mistakes in it, the mapping process stops and throws errors.

So the in-bounding of my new Module is fine. But the code won't get executed. (btw: i placed my code direct into Users.pm for testing.. It works!)

Is this the right way to override?

Thanks to Sopan for helping me to get through the mapping process so far.

-- AlexBernegger - 2009-10-14

Discussion and Answer

Stupid question, you set the {UserMappingManager} configure setting to TWiki::Users::ADFSUserMapping?

-- PeterThoeny - 2009-10-14

yes, sorry - i forgot to say this.
and by matching the regex $ident (which should be the Allowtopicname entry without Main.) against my list, it should return 1.
eg. Main/RestrictedArea, Allowtopic = AdminGroup, IT-DES

Im not in AdminGroup, but in IT-DES the normal case gives access denied back.

heres the code:

sub isInlIst {   ...   

$adfs_groups = $ENV{HTTP_ADFS_GROUP};    

if ($adfs_groups =~ /$ident/){          

return 1;           

}   

return 0;   

} 

-- AlexBernegger - 2009-10-15

Hmm, I checked, the base class is TWiki::UserMapping, and it does not have a isInList, only a isInGroup. TWiki::Users has a isInList and a isInGroup, but it is not a baseclass of TWiki::UserMapping, so isInList is not available in subclasses such as TWiki::Users::TWikiUserMapping. May be you want to override isInGroup?

-- PeterThoeny - 2009-10-19

Isn't isInList the last checking instance for access rights? for example, this function checks the allowedview names against a list. In the end I want to control over allowed view entries.

So you think i should find a way to override isInGroup with a new function that handels isInGroup AND isInList as well?? I can hardly imagine that this will work but i don't see any other way at this point.

-- AlexBernegger - 2009-10-19

Additionally: I've seen that the Access.pm module handles this Allowtopicview things only over a pointer to isInList in Users.pm. Access.pm is not a base class of TWiki::UserMapping as well.

So therefor i don't have any other chance, by overriding isInGroup in base classes for example.

What would be a possible way to override a module which is not in Twiki::UserMapping process?

-- AlexBernegger - 2009-10-21

Ok now it works. The problem was the incorrect defining of the sub isInlist name. To override a function outside of the mapping process, just define the whole path like

sub TWiki::Users::isInList { }

that was all the problem.

-- AlexBernegger - 2009-10-22

I am happy for you that it worked out

-- PeterThoeny - 2009-10-22

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.