From 470b262a22d1095ea5ca7ca4090a0d01f182b8b2 Mon Sep 17 00:00:00 2001
From: Luc Didry <luc@framasoft.org>
Date: Apr 04 2022 05:58:23 +0000
Subject: Merge branch 'auth_header' into 'development'


Ajout de vérification sur auth_headers dans le controlleur Files

See merge request fiat-tux/hat-softwares/lufi!100
---

diff --git a/lib/Lufi/Controller/Files.pm b/lib/Lufi/Controller/Files.pm
index af31c6b..56fba34 100644
--- a/lib/Lufi/Controller/Files.pm
+++ b/lib/Lufi/Controller/Files.pm
@@ -27,7 +27,7 @@ sub upload {
     my $invitation;
     my $token = $c->session->{guest_token};
     $invitation = Lufi::DB::Invitation->new(app => $c->app)->from_token($token) if $token;
-    if ((!defined($c->config('ldap')) && !defined($c->config('htpasswd'))) || $c->is_user_authenticated || $invitation) {
+    if ((!defined($c->config('ldap')) && !defined($c->config('htpasswd')) && !defined($c->config('auth_headers'))) || $c->is_user_authenticated || $invitation) {
         $c->inactivity_timeout(30000000);
 
         $c->app->log->debug('Client connected');
@@ -161,7 +161,7 @@ sub upload {
 
                         my $creator = $c->ip;
                         # Authenticated user logging
-                        if ((defined($c->config('ldap')) || defined($c->config('htpasswd'))) && !$invitation) {
+                        if ((defined($c->config('ldap')) || defined($c->config('htpasswd')) || defined($c->config('auth_headers'))) && !$invitation) {
                             $creator = sprintf('User: %s, IP: %s', $c->current_user->{username}, $creator);
                         }
                         # Guest user logging
@@ -401,7 +401,7 @@ sub get_counter {
     my $short = $c->param('short');
     my $token = $c->param('token');
 
-    if ((!defined($c->config('ldap')) && !defined($c->config('htpasswd'))) || $c->is_user_authenticated) {
+    if ((!defined($c->config('ldap')) && !defined($c->config('htpasswd')) && !defined($c->config('auth_headers'))) || $c->is_user_authenticated) {
         my $ldfile = Lufi::DB::File->new(app => $c->app)->from_short($short);
 
         if (defined $ldfile) {
@@ -451,7 +451,7 @@ sub delete {
     my $short = $c->param('short');
     my $token = $c->param('token');
 
-    if ((!defined($c->config('ldap')) && !defined($c->config('htpasswd'))) || $c->is_user_authenticated) {
+    if ((!defined($c->config('ldap')) && !defined($c->config('htpasswd')) && !defined($c->config('auth_headers'))) || $c->is_user_authenticated) {
         my $ldfile = Lufi::DB::File->new(app => $c->app)->from_short($short);
 
         $ldfile = undef unless (defined($ldfile) && $ldfile->mod_token eq $token);