Bug 241900: Allow Bugzilla::Auth to have multiple login and validation styles

patch by erik
r=joel
a=justdave

4 files changed, 36 insertions, 19 deletions

diff --git a/Bugzilla/Auth/CGI.pm b/Bugzilla/Auth/Login/CGI.pm
index 471e538e9..2f8ca071d 100644
--- a/Bugzilla/Auth/CGI.pm
+++ b/Bugzilla/Auth/Login/CGI.pm
@@ -25,8 +25,9 @@
 #                 Gervase Markham <gerv@gerv.net>
 #                 Christian Reis <kiko@async.com.br>
 #                 Bradley Baetz <bbaetz@acm.org>
+#                 Erik Stambaugh <erik@dasbistro.com>
 
-package Bugzilla::Auth::CGI;
+package Bugzilla::Auth::Login::CGI;
 
 use strict;
 
@@ -49,7 +50,7 @@ sub login {
     my $username = $cgi->param("Bugzilla_login");
     my $passwd = $cgi->param("Bugzilla_password");
 
-    my $authmethod = Param("loginmethod");
+    my $authmethod = Param("user_verify_method");
     my ($authres, $userid, $extra, $info) =
       Bugzilla::Auth->authenticate($username, $passwd);
 
@@ -98,11 +99,11 @@ sub login {
         $username = $cgi->cookie("Bugzilla_login");
         $passwd = $cgi->cookie("Bugzilla_logincookie");
 
-        require Bugzilla::Auth::Cookie;
+        require Bugzilla::Auth::Login::CGI::Cookie;
         my $authmethod = "Cookie";
 
         ($authres, $userid, $extra) =
-          Bugzilla::Auth::Cookie->authenticate($username, $passwd);
+          Bugzilla::Auth::Login::CGI::Cookie->authenticate($username, $passwd);
 
         # If the data for the cookie was incorrect, then treat that as
         # NODATA. This could occur if the user's IP changed, for example.
@@ -143,7 +144,7 @@ sub login {
                            { 'target' => $cgi->url(-relative=>1),
                              'form' => \%::FORM,
                              'mform' => \%::MFORM,
-                             'caneditaccount' => Bugzilla::Auth->can_edit,
+                             'caneditaccount' => Bugzilla::Auth->can_edit->{'new'},
                            }
                           )
           || ThrowTemplateError($template->error());
@@ -233,7 +234,7 @@ __END__
 
 =head1 NAME
 
-Bugzilla::Auth::CGI - CGI-based logins for Bugzilla
+Bugzilla::Auth::Login::CGI - CGI-based logins for Bugzilla
 
 =head1 SUMMARY
 
@@ -246,7 +247,7 @@ Users are first authenticated against the default authentication handler,
 using the CGI parameters I<Bugzilla_login> and I<Bugzilla_password>.
 
 If no data is present for that, then cookies are tried, using
-L<Bugzilla::Auth::Cookie>.
+L<Bugzilla::Auth::Login::CGI::Cookie>.
 
 =head1 SEE ALSO
 
diff --git a/Bugzilla/Auth/Cookie.pm b/Bugzilla/Auth/Login/CGI/Cookie.pm
index b50acbe24..9c0e2e566 100644
--- a/Bugzilla/Auth/Cookie.pm
+++ b/Bugzilla/Auth/Login/CGI/Cookie.pm
@@ -26,7 +26,7 @@
 #                 Christian Reis <kiko@async.com.br>
 #                 Bradley Baetz <bbaetz@acm.org>
 
-package Bugzilla::Auth::Cookie;
+package Bugzilla::Auth::Login::CGI::Cookie;
 
 use strict;
 
@@ -93,7 +93,7 @@ __END__
 
 =head1 NAME
 
-Bugzilla::Cookie - cookie authentication for Bugzilla
+Bugzilla::Auth::Login::CGI::Cookie - cookie authentication for Bugzilla
 
 =head1 SUMMARY
 
@@ -108,8 +108,8 @@ restricted to certain IP addresses as a security meaure. The exact
 restriction can be specified by the admin via the C<loginnetmask> parameter.
 
 This module does not ever send a cookie (It has no way of knowing when a user
-is successfully logged in). Instead L<Bugzilla::Auth::CGI> handles this.
+is successfully logged in). Instead L<Bugzilla::Auth::Login::CGI> handles this.
 
 =head1 SEE ALSO
 
-L<Bugzilla::Auth>, L<Bugzilla::Auth::CGI>
+L<Bugzilla::Auth>, L<Bugzilla::Auth::Login::CGI>
diff --git a/Bugzilla/Auth/DB.pm b/Bugzilla/Auth/Verify/DB.pm
index dee3b5db9..4db34b5cf 100644
--- a/Bugzilla/Auth/DB.pm
+++ b/Bugzilla/Auth/Verify/DB.pm
@@ -25,8 +25,9 @@
 #                 Gervase Markham <gerv@gerv.net>
 #                 Christian Reis <kiko@async.com.br>
 #                 Bradley Baetz <bbaetz@acm.org>
+#                 Erik Stambaugh <erik@dasbistro.com>
 
-package Bugzilla::Auth::DB;
+package Bugzilla::Auth::Verify::DB;
 
 use strict;
 
@@ -34,6 +35,15 @@ use Bugzilla::Config;
 use Bugzilla::Constants;
 use Bugzilla::Util;
 
+# can_edit is now a hash.
+
+my $can_edit = {
+    'new' => 1,
+    'userid' => 0,
+    'login_name' => 1,
+    'realname' => 1,
+};
+
 sub authenticate {
     my ($class, $username, $passwd) = @_;
 
@@ -61,8 +71,6 @@ sub authenticate {
     return (AUTH_OK, $userid);
 }
 
-sub can_edit { return 1; }
-
 sub get_id_from_username {
     my ($class, $username) = @_;
     my $dbh = Bugzilla->dbh;
@@ -111,7 +119,7 @@ __END__
 
 =head1 NAME
 
-Bugzilla::Auth::DB - database authentication for Bugzilla
+Bugzilla::Auth::Verify::DB - database authentication for Bugzilla
 
 =head1 SUMMARY
 
diff --git a/Bugzilla/Auth/LDAP.pm b/Bugzilla/Auth/Verify/LDAP.pm
index c34c3698f..737827ee0 100644
--- a/Bugzilla/Auth/LDAP.pm
+++ b/Bugzilla/Auth/Verify/LDAP.pm
@@ -25,8 +25,9 @@
 #                 Gervase Markham <gerv@gerv.net>
 #                 Christian Reis <kiko@async.com.br>
 #                 Bradley Baetz <bbaetz@acm.org>
+#                 Erik Stambaugh <erik@dasbistro.com>
 
-package Bugzilla::Auth::LDAP;
+package Bugzilla::Auth::Verify::LDAP;
 
 use strict;
 
@@ -35,6 +36,15 @@ use Bugzilla::Constants;
 
 use Net::LDAP;
 
+# can_edit is now a hash.
+
+my $can_edit = {
+    'new' => 0,
+    'userid' => 0,
+    'login_name' => 0,
+    'realname' => 0,
+};
+
 sub authenticate {
     my ($class, $username, $passwd) = @_;
 
@@ -156,15 +166,13 @@ sub authenticate {
     return (AUTH_OK, $userid);
 }
 
-sub can_edit { return 0; }
-
 1;
 
 __END__
 
 =head1 NAME
 
-Bugzilla::Auth::LDAP - LDAP based authentication for Bugzilla
+Bugzilla::Auth::Verify::LDAP - LDAP based authentication for Bugzilla
 
 This is an L<authentication module|Bugzilla::Auth/"AUTHENTICATION"> for
 Bugzilla, which logs the user in using an LDAP directory.