module.config.php 13.6 KB
Newer Older
Bertrand Gauthier's avatar
Bertrand Gauthier committed
1
<?php
2
$settings = [
3
4
5
    /**
     * Fournisseurs d'identité.
     */
6
    'identity_providers' => [
7
8
9
        300 => 'UnicaenAuth\Provider\Identity\Basic', // en 1er
        200 => 'UnicaenAuth\Provider\Identity\Db',    // en 2e
        100 => 'UnicaenAuth\Provider\Identity\Ldap',  // en 3e
10
11
    ],
];
12

13
$zfcuserSettings = [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
14
15
16
17
18
19
20
21
22
23
24
25
26
    /**
     * Enable registration
     * Allows users to register through the website.
     * Accepted values: boolean true or false
     */
    'enable_registration' => true,
    /**
     * Modes for authentication identity match
     * Specify the allowable identity modes, in the order they should be
     * checked by the Authentication plugin.
     * Default value: array containing 'email'
     * Accepted values: array containing one or more of: email, username
     */
27
    'auth_identity_fields' => ['username', 'email'],
Bertrand Gauthier's avatar
Bertrand Gauthier committed
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
    /**
     * Login Redirect Route
     * Upon successful login the user will be redirected to the entered route
     * Default value: 'zfcuser'
     * Accepted values: A valid route name within your application
     */
    'login_redirect_route' => 'home',
    /**
     * Logout Redirect Route
     * Upon logging out the user will be redirected to the enterd route
     * Default value: 'zfcuser/login'
     * Accepted values: A valid route name within your application
     */
    'logout_redirect_route' => 'home',
    /**
     * Enable Username
     * Enables username field on the registration form, and allows users to log
     * in using their username OR email address. Default is false.
     * Accepted values: boolean true or false
     */
48
    'enable_username' => false,
49
    /**
Bertrand Gauthier's avatar
Bertrand Gauthier committed
50
51
52
53
54
55
     * Enable Display Name
     * Enables a display name field on the registration form, which is persisted
     * in the database. Default value is false.
     * Accepted values: boolean true or false
     */
    'enable_display_name' => true,
56
    /**
Bertrand Gauthier's avatar
Bertrand Gauthier committed
57
58
59
60
61
     * Authentication Adapters
     * Specify the adapters that will be used to try and authenticate the user
     * Default value: array containing 'ZfcUser\Authentication\Adapter\Db' with priority 100
     * Accepted values: array containing services that implement 'ZfcUser\Authentication\Adapter\ChainableAdapter'
     */
62
    'auth_adapters' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
63
        300 => 'UnicaenAuth\Authentication\Adapter\Ldap', // notifié en 1er
64
        200 => 'UnicaenAuth\Authentication\Adapter\Db',   //         ensuite (si échec d'authentification Ldap)
Bertrand Gauthier's avatar
Bertrand Gauthier committed
65
        100 => 'UnicaenAuth\Authentication\Adapter\Cas',  //         ensuite (si échec d'authentification Db)
66
67
    ],

68
69
70
71
    // telling ZfcUser to use our own class
    'user_entity_class'       => 'UnicaenAuth\Entity\Db\User',
    // telling ZfcUserDoctrineORM to skip the entities it defines
    'enable_default_entities' => false,
72
73
74
];

$bjyauthorize = [
75
76
77
78
79
80
    /* this module uses a meta-role that inherits from any roles that should
     * be applied to the active user. the identity provider tells us which
     * roles the "identity role" should inherit from.
     *
     * for ZfcUser, this will be your default identity provider
     */
81
    'identity_provider' => 'UnicaenAuth\Provider\Identity\Chain',
82

83
84
85
86
87
    /* role providers simply provide a list of roles that should be inserted
     * into the Zend\Acl instance. the module comes with two providers, one
     * to specify roles in a config file and one to load roles using a
     * Zend\Db adapter.
     */
88
    'role_providers' => [
89
90
91
92
93
        /**
         * 2 rôles doivent systématiquement exister dans les ACL :
         * - le rôle par défaut 'guest', c'est le rôle de tout utilisateur non authentifié.
         * - le rôle 'user', c'est le rôle de tout utilisateur authentifié.
         */
94
95
96
97
98
        'UnicaenAuth\Provider\Role\Config' => [
            'guest' => ['name' => "Non authentifié(e)", 'selectable' => false, 'children' => [
                'user' => ['name' => "Authentifié(e)", 'selectable' => false]
            ]],
        ],
99
100
101
102
        /**
         * Fournit les rôles issus de la base de données éventuelle de l'appli.
         * NB: si le rôle par défaut 'guest' est fourni ici, il ne sera pas ajouté en double dans les ACL.
         * NB: si la connexion à la base échoue, ce n'est pas bloquant!
103
         */
104
        'UnicaenAuth\Provider\Role\DbRole' => [
105
106
            'object_manager'    => 'doctrine.entitymanager.orm_default',
            'role_entity_class' => 'UnicaenAuth\Entity\Db\Role',
107
        ],
108
109
110
111
112
        /**
         * Fournit le rôle correspondant à l'identifiant de connexion de l'utilisateur.
         * Cela est utile lorsque l'on veut gérer les habilitations d'un utilisateur unique
         * sur des ressources.
         */
113
114
        'UnicaenAuth\Provider\Role\Username' => [],
    ],
115
116

    // strategy service name for the strategy listener to be used when permission-related errors are detected
117
118
//    'unauthorized_strategy' => 'BjyAuthorize\View\RedirectionStrategy',
    'unauthorized_strategy' => 'UnicaenAuth\View\RedirectionStrategy',
119

120
121
    /* Currently, only controller and route guards exist
     */
122
    'guards' => [
123
124
125
126
        /* If this guard is specified here (i.e. it is enabled), it will block
         * access to all controllers and actions unless they are specified here.
         * You may omit the 'action' index to allow access to the entire controller
         */
127
128
129
130
        'BjyAuthorize\Guard\Controller' => [
            ['controller' => 'index', 'action' => 'index',   'roles' => []],
            ['controller' => 'zfcuser',                      'roles' => []],
            ['controller' => 'Application\Controller\Index', 'roles' => []],
131

132
133
134
135
136
137
138
139
140
141
142
            ['controller' => 'UnicaenApp\Controller\Application',  'action' => 'etab',                     'roles' => []],
            ['controller' => 'UnicaenApp\Controller\Application',  'action' => 'apropos',                  'roles' => []],
            ['controller' => 'UnicaenApp\Controller\Application',  'action' => 'contact',                  'roles' => []],
            ['controller' => 'UnicaenApp\Controller\Application',  'action' => 'plan',                     'roles' => []],
            ['controller' => 'UnicaenApp\Controller\Application',  'action' => 'mentions-legales',         'roles' => []],
            ['controller' => 'UnicaenApp\Controller\Application',  'action' => 'informatique-et-libertes', 'roles' => []],
            ['controller' => 'UnicaenApp\Controller\Application',  'action' => 'refresh-session',          'roles' => []],
            ['controller' => 'UnicaenAuth\Controller\Utilisateur', 'action' => 'selectionner-profil',      'roles' => []],
        ],
    ],
];
Bertrand Gauthier's avatar
Bertrand Gauthier committed
143

144
return [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
145
    'zfcuser' => $zfcuserSettings,
146
    'bjyauthorize' => $bjyauthorize,
Bertrand Gauthier's avatar
Bertrand Gauthier committed
147
    'unicaen-auth' => $settings,
148
149
    'doctrine' => [
        'driver' => [
150
            // overriding zfc-user-doctrine-orm's config
151
            'zfcuser_entity' => [
152
                'class' => 'Doctrine\ORM\Mapping\Driver\AnnotationDriver',
153
                'paths' => [
154
                    __DIR__ . '/../src/UnicaenAuth/Entity/Db'
155
156
157
                ]
            ],
            'orm_auth_driver' => [
158
159
                'class' => 'Doctrine\ORM\Mapping\Driver\AnnotationDriver',
                'cache' => 'array',
160
                'paths' => [
161
                    __DIR__ . '/../src/UnicaenAuth/Entity/Db'
162
163
164
                ]
            ],
            'orm_default' => [
165
                'class'   => 'Doctrine\ORM\Mapping\Driver\DriverChain',
166
                'drivers' => [
167
168
                    'UnicaenAuth\Entity\Db' => 'zfcuser_entity',
                    'UnicaenAuth\Entity\Db' => 'orm_auth_driver'
169
170
171
172
173
174
                ]
            ],
        ],
    ],
    'service_manager' => [
        'aliases' => [
175
            'Zend\Authentication\AuthenticationService' => 'zfcuser_auth_service',
176
177
        ],
        'invokables' => [
178
179
180
            'unicaen-auth_user_service'               => 'UnicaenAuth\Service\User',
            'UnicaenAuth\Authentication\Storage\Db'   => 'UnicaenAuth\Authentication\Storage\Db',
            'UnicaenAuth\Authentication\Storage\Ldap' => 'UnicaenAuth\Authentication\Storage\Ldap',
181
            'UnicaenAuth\View\RedirectionStrategy'    => 'UnicaenAuth\View\RedirectionStrategy',
182
            'authUserContext'                         => 'UnicaenAuth\Service\UserContext'
183
184
        ],
        'abstract_factories' => [
185
            'UnicaenAuth\Authentication\Adapter\AbstractFactory',
186
187
        ],
        'factories' => [
188
189
            'unicaen-auth_module_options'              => 'UnicaenAuth\Options\ModuleOptionsFactory',
            'zfcuser_auth_service'                     => 'UnicaenAuth\Authentication\AuthenticationServiceFactory',
190
191
192
193
            'UnicaenAuth\Authentication\Storage\Chain' => 'UnicaenAuth\Authentication\Storage\ChainServiceFactory',
            'UnicaenAuth\Provider\Identity\Chain'      => 'UnicaenAuth\Provider\Identity\ChainServiceFactory',
            'UnicaenAuth\Provider\Identity\Ldap'       => 'UnicaenAuth\Provider\Identity\LdapServiceFactory',
            'UnicaenAuth\Provider\Identity\Db'         => 'UnicaenAuth\Provider\Identity\DbServiceFactory',
194
            'UnicaenAuth\Provider\Identity\Basic'         => 'UnicaenAuth\Provider\Identity\BasicServiceFactory',
195
            'UnicaenAuth\Provider\Role\Config'         => 'UnicaenAuth\Provider\Role\ConfigServiceFactory',
196
            'UnicaenAuth\Provider\Role\DbRole'         => 'UnicaenAuth\Provider\Role\DbRoleServiceFactory',
197
            'UnicaenAuth\Provider\Role\Username'       => 'UnicaenAuth\Provider\Role\UsernameServiceFactory',
198
199
        ],
        'initializers' => [
200
            'UnicaenAuth\Service\UserAwareInitializer',
201
202
203
204
        ],
    ],
    'controllers' => [
        'invokables' => [
205
            'UnicaenAuth\Controller\Utilisateur' => 'UnicaenAuth\Controller\UtilisateurController',
206
207
208
209
        ],
    ],
    'view_manager' => [
        'template_map' => [
210
            'error/403' => __DIR__ . '/../view/error/403.phtml',
211
212
        ],
        'template_path_stack' => [
213
            'unicaen-auth' => __DIR__ . '/../view',
214
215
216
217
218
        ],
    ],
    'translator' => [
        'translation_file_patterns' => [
            [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
219
220
221
                'type'     => 'gettext',
                'base_dir' => __DIR__ . '/../language',
                'pattern'  => '%s.mo',
222
223
224
225
226
227
            ],
        ],
    ],
    'router' => [
        'routes' => [
            'zfcuser' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
228
229
                'type' => 'Literal',
                'priority' => 1000,
230
                'options' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
231
                    'route' => '/auth',
232
                    'defaults' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
233
234
                        'controller' => 'zfcuser',
                        'action'     => 'index',
235
236
                    ],
                ],
Bertrand Gauthier's avatar
Bertrand Gauthier committed
237
                'may_terminate' => true,
238
239
                'child_routes' => [
                    'login' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
240
                        'type' => 'Literal',
241
                        'options' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
242
                            'route' => '/connexion',
243
                            'defaults' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
244
245
                                'controller' => 'zfcuser',
                                'action'     => 'login',
246
247
248
249
                            ],
                        ],
                    ],
                    'logout' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
250
                        'type' => 'Literal',
251
                        'options' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
252
                            'route' => '/deconnexion',
253
                            'defaults' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
254
255
                                'controller' => 'zfcuser',
                                'action'     => 'logout',
256
257
258
259
                            ],
                        ],
                    ],
                    'register' => [
260
                        'type' => 'Literal',
261
                        'options' => [
262
                            'route' => '/creation-compte',
263
                            'defaults' => [
264
265
                                'controller' => 'zfcuser',
                                'action'     => 'register',
266
267
268
269
270
271
                            ],
                        ],
                    ],
                ],
            ],
            'utilisateur' => [
272
                'type'    => 'Literal',
273
                'options' => [
274
                    'route'    => '/utilisateur',
275
                    'defaults' => [
276
277
278
                        '__NAMESPACE__' => 'UnicaenAuth\Controller',
                        'controller'    => 'Utilisateur',
                        'action'        => 'index',
279
280
                    ],
                ],
281
                'may_terminate' => true,
282
283
                'child_routes' => [
                    'default' => [
284
                        'type'    => 'Segment',
285
                        'options' => [
286
                            'route'    => '/:action[/:id]',
287
                            'constraints' => [
288
289
                                'action' => '[a-zA-Z][a-zA-Z0-9_-]*',
                                'id'     => '[0-9]*',
290
291
                            ],
                            'defaults' => [
292
                                'action' => 'index',
293
294
295
296
297
298
299
                            ],
                        ],
                    ],
                ],
            ],
        ],
    ],
Bertrand Gauthier's avatar
Bertrand Gauthier committed
300
    // All navigation-related configuration is collected in the 'navigation' key
301
    'navigation' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
302
        // The DefaultNavigationFactory we configured uses 'default' as the sitemap key
303
        'default' => [
Bertrand Gauthier's avatar
Bertrand Gauthier committed
304
            // And finally, here is where we define our page hierarchy
305
306
307
            'home' => [
                'pages' => [
                    'login' => [
308
                        'label'    => _("Connexion"),
Bertrand Gauthier's avatar
Bertrand Gauthier committed
309
310
                        'route'    => 'zfcuser/login',
                        'visible'  => false,
311
312
                    ],
                    'register' => [
313
                        'label'   => _("Enregistrement"),
Bertrand Gauthier's avatar
Bertrand Gauthier committed
314
315
                        'route'   => 'zfcuser/register',
                        'visible' => false,
316
317
318
319
320
321
                    ],
                ],
            ],
        ],
    ],
];