Inside of Packetfence the guest module check the email against the local domain of the packetfence server so you can block your normal users from getting guest accounts. Since they expire in a short fashion and a limited network access it really does the trick.
I ran into a little problem, multiple email domains which need to be blocked. After a post to the listserv and a response that indicated to look in the guest.pm module here is what I did:
my $email_type = pf::Authentication::Source::EmailSource->meta->get_attribute('type')->default;
my $source = &pf::authentication::getAuthenticationSourceByType($email_type);
if ($source) {
unless (isenabled($source->{allow_localdomain})) {
# You should not register as a guest if you are part of the local network
my $localdomain = $Config{'general'}{'domain'};
# Added explicated second domain for check below
my $localdomain1 = ‘second domain name’;
if ($cgi->param('email') =~ /[@.]$localdomain$/i) {
return ($FALSE, $GUEST::ERROR_EMAIL_UNAUTHORIZED_AS_GUEST, [ $localdomain ]);
}
if ($cgi->param('email') =~ /[@.]$localdomain1$/i) {
return ($FALSE, $GUEST::ERROR_EMAIL_UNAUTHORIZED_AS_GUEST, [ $localdomain1 ]);
}
}
}
I added a second check for another explicitly defined domain $localdomain1 yes I could change that but it was quick and dirty. Added is the code in orange.
Tested and this does exactly what I wanted it to. Just thought I would share.
Updated: 7-25-2013
On the advice of Inverse, I took the above code blob with the surrounding sub and transferred it to the custom.pm and changed the section to reference the pf::web::guest so that this new sub would take precedence.
Thanks again to the Inverse Team.
Updated: 7-25-2013
On the advice of Inverse, I took the above code blob with the surrounding sub and transferred it to the custom.pm and changed the section to reference the pf::web::guest so that this new sub would take precedence.
Thanks again to the Inverse Team.
No comments:
Post a Comment