From 1a8232a48f11cb73bebedaf00c353a1bb8e58101 Mon Sep 17 00:00:00 2001
From: Bertrand Gauthier <bertrand.gauthier@unicaen.fr>
Date: Wed, 9 Oct 2013 14:23:47 +0000
Subject: [PATCH] =?UTF-8?q?Ajour=20d'un=20Fournisseur=20de=20r=C3=B4le=20r?=
 =?UTF-8?q?etournant=20le=20r=C3=B4le=20correspondant=20=C3=A0=20l'identif?=
 =?UTF-8?q?iant=20de=20connexion=20de=20d'utilisateur=20(username).=20Cela?=
 =?UTF-8?q?=20est=20utile=20lorsque=20l'on=20veut=20g=C3=A9rer=20les=20hab?=
 =?UTF-8?q?ilitations=20d'un=20utilisateur=20unique=20sur=20des=20ressourc?=
 =?UTF-8?q?es.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 config/module.config.php                      |  7 ++
 src/UnicaenAuth/Provider/Identity/Db.php      |  3 +-
 src/UnicaenAuth/Provider/Identity/Ldap.php    |  3 +-
 src/UnicaenAuth/Provider/Role/Username.php    | 64 +++++++++++++++++++
 .../Provider/Role/UsernameServiceFactory.php  | 27 ++++++++
 5 files changed, 102 insertions(+), 2 deletions(-)
 create mode 100644 src/UnicaenAuth/Provider/Role/Username.php
 create mode 100644 src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php

diff --git a/config/module.config.php b/config/module.config.php
index 4fbfe79..d2c37b1 100644
--- a/config/module.config.php
+++ b/config/module.config.php
@@ -98,6 +98,12 @@ $bjyauthorize = array(
             'object_manager'    => 'doctrine.entitymanager.orm_default',
             'role_entity_class' => 'UnicaenAuth\Entity\Db\Role',
         ),
+        /**
+         * Fournit le rôle correspondant à l'identifiant de connexion de l'utilisateur.
+         * Cela est utile lorsque l'on veut gérer les habilitations d'un utilisateur unique
+         * sur des ressources.
+         */
+        'UnicaenAuth\Provider\Role\Username' => array(),
     ),
 
     // strategy service name for the strategy listener to be used when permission-related errors are detected
@@ -175,6 +181,7 @@ return array(
             'UnicaenAuth\Provider\Identity\Db'         => 'UnicaenAuth\Provider\Identity\DbServiceFactory',
             'UnicaenAuth\Provider\Role\Config'         => 'UnicaenAuth\Provider\Role\ConfigServiceFactory',
             'UnicaenAuth\Provider\Role\DbRole'         => 'UnicaenAuth\Provider\Role\DbRoleServiceFactory',
+            'UnicaenAuth\Provider\Role\Username'       => 'UnicaenAuth\Provider\Role\UsernameServiceFactory',
         ),
     ),
     'controllers' => array(
diff --git a/src/UnicaenAuth/Provider/Identity/Db.php b/src/UnicaenAuth/Provider/Identity/Db.php
index 65f1912..f89b8d5 100644
--- a/src/UnicaenAuth/Provider/Identity/Db.php
+++ b/src/UnicaenAuth/Provider/Identity/Db.php
@@ -38,7 +38,8 @@ class Db extends AuthenticationIdentityProvider implements ChainableProvider
         }
             
         if ($identity instanceof User) {
-            $roles = $identity->getRoles();
+            $roles   = $identity->getRoles();
+            $roles[] = $identity->getUsername();
         }
         else {
             $roles = array();
diff --git a/src/UnicaenAuth/Provider/Identity/Ldap.php b/src/UnicaenAuth/Provider/Identity/Ldap.php
index 5f1b9fd..193350f 100644
--- a/src/UnicaenAuth/Provider/Identity/Ldap.php
+++ b/src/UnicaenAuth/Provider/Identity/Ldap.php
@@ -38,7 +38,8 @@ class Ldap extends AuthenticationIdentityProvider implements ChainableProvider//
         }
             
         if ($identity instanceof People) {
-            $roles = $identity->getRoles();
+            $roles   = $identity->getRoles();
+            $roles[] = $identity->getUsername();
         }
         else {
             $roles = array();
diff --git a/src/UnicaenAuth/Provider/Role/Username.php b/src/UnicaenAuth/Provider/Role/Username.php
new file mode 100644
index 0000000..6ebf123
--- /dev/null
+++ b/src/UnicaenAuth/Provider/Role/Username.php
@@ -0,0 +1,64 @@
+<?php
+
+namespace UnicaenAuth\Provider\Role;
+
+use BjyAuthorize\Provider\Role\ProviderInterface;
+use Zend\Authentication\AuthenticationService;
+use ZfcUser\Entity\UserInterface;
+
+/**
+ * Fournisseur de rôle retournant le rôle correspondant à l'identifiant de connexion 
+ * de d'utilisateur (username).
+ * 
+ * Cela est utile lorsque l'on veut gérer les habilitations d'un utilisateur unique
+ * sur des ressources.
+ * 
+ * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr>
+ */
+class Username implements ProviderInterface
+{
+    /**
+     * @var AuthenticationService
+     */
+    protected $authService;
+    
+    /**
+     * @var array
+     */
+    protected $roles;
+    
+    /**
+     * 
+     * @param AuthenticationService $authService
+     */
+    public function __construct(AuthenticationService $authService)
+    {
+        $this->authService = $authService;
+    }
+    
+    /**
+     * @return \Zend\Permissions\Acl\Role\RoleInterface[]
+     */
+    public function getRoles()
+    {
+        if (null === $this->roles) {
+            $this->roles = array();
+            
+            if ($this->authService->hasIdentity()) {
+                $identity = $this->authService->getIdentity();
+                if (isset($identity['ldap'])) {
+                    $identity = $identity['ldap'];
+                }
+                elseif (isset($identity['db'])) {
+                    $identity = $identity['db'];
+                }
+                if ($identity instanceof UserInterface) {
+                    $role = new \UnicaenAuth\Acl\NamedRole($identity->getUsername(), 'user', "Authentifié(e)");
+                    $this->roles[] = $role;
+                }
+            }
+        }
+        
+        return $this->roles;
+    }
+}
\ No newline at end of file
diff --git a/src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php b/src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php
new file mode 100644
index 0000000..2d9cbd5
--- /dev/null
+++ b/src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace UnicaenAuth\Provider\Role;
+
+use Zend\ServiceManager\FactoryInterface;
+use Zend\ServiceManager\ServiceLocatorInterface;
+
+/**
+ * Description of UsernameServiceFactory
+ *
+ * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr>
+ */
+class UsernameServiceFactory implements FactoryInterface
+{
+    /**
+     * Create service
+     *
+     * @param ServiceLocatorInterface $serviceLocator
+     * @return Username
+     */
+    public function createService(ServiceLocatorInterface $serviceLocator)
+    {
+        $authService = $serviceLocator->get('zfcuser_auth_service'); /* @var $authService \Zend\Authentication\AuthenticationService */
+        
+        return new Username($authService);
+    }
+}
\ No newline at end of file
-- 
GitLab