diff --git a/config/module.config.php b/config/module.config.php
index 4fbfe79cb7756a20115a3d82b6625a5284c446c6..d2c37b177865cfc531b0d4a26ab42ac42aea3a1f 100644
--- a/config/module.config.php
+++ b/config/module.config.php
@@ -98,6 +98,12 @@ $bjyauthorize = array(
'object_manager' => 'doctrine.entitymanager.orm_default',
'role_entity_class' => 'UnicaenAuth\Entity\Db\Role',
),
+ /**
+ * Fournit le rôle correspondant à l'identifiant de connexion de l'utilisateur.
+ * Cela est utile lorsque l'on veut gérer les habilitations d'un utilisateur unique
+ * sur des ressources.
+ */
+ 'UnicaenAuth\Provider\Role\Username' => array(),
),
// strategy service name for the strategy listener to be used when permission-related errors are detected
@@ -175,6 +181,7 @@ return array(
'UnicaenAuth\Provider\Identity\Db' => 'UnicaenAuth\Provider\Identity\DbServiceFactory',
'UnicaenAuth\Provider\Role\Config' => 'UnicaenAuth\Provider\Role\ConfigServiceFactory',
'UnicaenAuth\Provider\Role\DbRole' => 'UnicaenAuth\Provider\Role\DbRoleServiceFactory',
+ 'UnicaenAuth\Provider\Role\Username' => 'UnicaenAuth\Provider\Role\UsernameServiceFactory',
),
),
'controllers' => array(
diff --git a/src/UnicaenAuth/Provider/Identity/Db.php b/src/UnicaenAuth/Provider/Identity/Db.php
index 65f1912a3bdf574535f085d46c0f34ec61fe145a..f89b8d5b65602251ee4b7c6a0bd4410500aac3f5 100644
--- a/src/UnicaenAuth/Provider/Identity/Db.php
+++ b/src/UnicaenAuth/Provider/Identity/Db.php
@@ -38,7 +38,8 @@ class Db extends AuthenticationIdentityProvider implements ChainableProvider
}
if ($identity instanceof User) {
- $roles = $identity->getRoles();
+ $roles = $identity->getRoles();
+ $roles[] = $identity->getUsername();
}
else {
$roles = array();
diff --git a/src/UnicaenAuth/Provider/Identity/Ldap.php b/src/UnicaenAuth/Provider/Identity/Ldap.php
index 5f1b9fdd96aa21b14157f676b90b7794f4de815d..193350fb6dc04b89378de54f5181998f8a00ff9d 100644
--- a/src/UnicaenAuth/Provider/Identity/Ldap.php
+++ b/src/UnicaenAuth/Provider/Identity/Ldap.php
@@ -38,7 +38,8 @@ class Ldap extends AuthenticationIdentityProvider implements ChainableProvider//
}
if ($identity instanceof People) {
- $roles = $identity->getRoles();
+ $roles = $identity->getRoles();
+ $roles[] = $identity->getUsername();
}
else {
$roles = array();
diff --git a/src/UnicaenAuth/Provider/Role/Username.php b/src/UnicaenAuth/Provider/Role/Username.php
new file mode 100644
index 0000000000000000000000000000000000000000..6ebf123d5bbc71f995fc1962ec748c2442504652
--- /dev/null
+++ b/src/UnicaenAuth/Provider/Role/Username.php
@@ -0,0 +1,64 @@
+<?php
+
+namespace UnicaenAuth\Provider\Role;
+
+use BjyAuthorize\Provider\Role\ProviderInterface;
+use Zend\Authentication\AuthenticationService;
+use ZfcUser\Entity\UserInterface;
+
+/**
+ * Fournisseur de rôle retournant le rôle correspondant à l'identifiant de connexion
+ * de d'utilisateur (username).
+ *
+ * Cela est utile lorsque l'on veut gérer les habilitations d'un utilisateur unique
+ * sur des ressources.
+ *
+ * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr>
+ */
+class Username implements ProviderInterface
+{
+ /**
+ * @var AuthenticationService
+ */
+ protected $authService;
+
+ /**
+ * @var array
+ */
+ protected $roles;
+
+ /**
+ *
+ * @param AuthenticationService $authService
+ */
+ public function __construct(AuthenticationService $authService)
+ {
+ $this->authService = $authService;
+ }
+
+ /**
+ * @return \Zend\Permissions\Acl\Role\RoleInterface[]
+ */
+ public function getRoles()
+ {
+ if (null === $this->roles) {
+ $this->roles = array();
+
+ if ($this->authService->hasIdentity()) {
+ $identity = $this->authService->getIdentity();
+ if (isset($identity['ldap'])) {
+ $identity = $identity['ldap'];
+ }
+ elseif (isset($identity['db'])) {
+ $identity = $identity['db'];
+ }
+ if ($identity instanceof UserInterface) {
+ $role = new \UnicaenAuth\Acl\NamedRole($identity->getUsername(), 'user', "Authentifié(e)");
+ $this->roles[] = $role;
+ }
+ }
+ }
+
+ return $this->roles;
+ }
+}
\ No newline at end of file
diff --git a/src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php b/src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php
new file mode 100644
index 0000000000000000000000000000000000000000..2d9cbd50f813ec42aa73fbb2d7c4ced93193f7ee
--- /dev/null
+++ b/src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace UnicaenAuth\Provider\Role;
+
+use Zend\ServiceManager\FactoryInterface;
+use Zend\ServiceManager\ServiceLocatorInterface;
+
+/**
+ * Description of UsernameServiceFactory
+ *
+ * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr>
+ */
+class UsernameServiceFactory implements FactoryInterface
+{
+ /**
+ * Create service
+ *
+ * @param ServiceLocatorInterface $serviceLocator
+ * @return Username
+ */
+ public function createService(ServiceLocatorInterface $serviceLocator)
+ {
+ $authService = $serviceLocator->get('zfcuser_auth_service'); /* @var $authService \Zend\Authentication\AuthenticationService */
+
+ return new Username($authService);
+ }
+}
\ No newline at end of file