From 1a8232a48f11cb73bebedaf00c353a1bb8e58101 Mon Sep 17 00:00:00 2001 From: Bertrand Gauthier <bertrand.gauthier@unicaen.fr> Date: Wed, 9 Oct 2013 14:23:47 +0000 Subject: [PATCH] =?UTF-8?q?Ajour=20d'un=20Fournisseur=20de=20r=C3=B4le=20r?= =?UTF-8?q?etournant=20le=20r=C3=B4le=20correspondant=20=C3=A0=20l'identif?= =?UTF-8?q?iant=20de=20connexion=20de=20d'utilisateur=20(username).=20Cela?= =?UTF-8?q?=20est=20utile=20lorsque=20l'on=20veut=20g=C3=A9rer=20les=20hab?= =?UTF-8?q?ilitations=20d'un=20utilisateur=20unique=20sur=20des=20ressourc?= =?UTF-8?q?es.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config/module.config.php | 7 ++ src/UnicaenAuth/Provider/Identity/Db.php | 3 +- src/UnicaenAuth/Provider/Identity/Ldap.php | 3 +- src/UnicaenAuth/Provider/Role/Username.php | 64 +++++++++++++++++++ .../Provider/Role/UsernameServiceFactory.php | 27 ++++++++ 5 files changed, 102 insertions(+), 2 deletions(-) create mode 100644 src/UnicaenAuth/Provider/Role/Username.php create mode 100644 src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php diff --git a/config/module.config.php b/config/module.config.php index 4fbfe79..d2c37b1 100644 --- a/config/module.config.php +++ b/config/module.config.php @@ -98,6 +98,12 @@ $bjyauthorize = array( 'object_manager' => 'doctrine.entitymanager.orm_default', 'role_entity_class' => 'UnicaenAuth\Entity\Db\Role', ), + /** + * Fournit le rôle correspondant à l'identifiant de connexion de l'utilisateur. + * Cela est utile lorsque l'on veut gérer les habilitations d'un utilisateur unique + * sur des ressources. + */ + 'UnicaenAuth\Provider\Role\Username' => array(), ), // strategy service name for the strategy listener to be used when permission-related errors are detected @@ -175,6 +181,7 @@ return array( 'UnicaenAuth\Provider\Identity\Db' => 'UnicaenAuth\Provider\Identity\DbServiceFactory', 'UnicaenAuth\Provider\Role\Config' => 'UnicaenAuth\Provider\Role\ConfigServiceFactory', 'UnicaenAuth\Provider\Role\DbRole' => 'UnicaenAuth\Provider\Role\DbRoleServiceFactory', + 'UnicaenAuth\Provider\Role\Username' => 'UnicaenAuth\Provider\Role\UsernameServiceFactory', ), ), 'controllers' => array( diff --git a/src/UnicaenAuth/Provider/Identity/Db.php b/src/UnicaenAuth/Provider/Identity/Db.php index 65f1912..f89b8d5 100644 --- a/src/UnicaenAuth/Provider/Identity/Db.php +++ b/src/UnicaenAuth/Provider/Identity/Db.php @@ -38,7 +38,8 @@ class Db extends AuthenticationIdentityProvider implements ChainableProvider } if ($identity instanceof User) { - $roles = $identity->getRoles(); + $roles = $identity->getRoles(); + $roles[] = $identity->getUsername(); } else { $roles = array(); diff --git a/src/UnicaenAuth/Provider/Identity/Ldap.php b/src/UnicaenAuth/Provider/Identity/Ldap.php index 5f1b9fd..193350f 100644 --- a/src/UnicaenAuth/Provider/Identity/Ldap.php +++ b/src/UnicaenAuth/Provider/Identity/Ldap.php @@ -38,7 +38,8 @@ class Ldap extends AuthenticationIdentityProvider implements ChainableProvider// } if ($identity instanceof People) { - $roles = $identity->getRoles(); + $roles = $identity->getRoles(); + $roles[] = $identity->getUsername(); } else { $roles = array(); diff --git a/src/UnicaenAuth/Provider/Role/Username.php b/src/UnicaenAuth/Provider/Role/Username.php new file mode 100644 index 0000000..6ebf123 --- /dev/null +++ b/src/UnicaenAuth/Provider/Role/Username.php @@ -0,0 +1,64 @@ +<?php + +namespace UnicaenAuth\Provider\Role; + +use BjyAuthorize\Provider\Role\ProviderInterface; +use Zend\Authentication\AuthenticationService; +use ZfcUser\Entity\UserInterface; + +/** + * Fournisseur de rôle retournant le rôle correspondant à l'identifiant de connexion + * de d'utilisateur (username). + * + * Cela est utile lorsque l'on veut gérer les habilitations d'un utilisateur unique + * sur des ressources. + * + * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr> + */ +class Username implements ProviderInterface +{ + /** + * @var AuthenticationService + */ + protected $authService; + + /** + * @var array + */ + protected $roles; + + /** + * + * @param AuthenticationService $authService + */ + public function __construct(AuthenticationService $authService) + { + $this->authService = $authService; + } + + /** + * @return \Zend\Permissions\Acl\Role\RoleInterface[] + */ + public function getRoles() + { + if (null === $this->roles) { + $this->roles = array(); + + if ($this->authService->hasIdentity()) { + $identity = $this->authService->getIdentity(); + if (isset($identity['ldap'])) { + $identity = $identity['ldap']; + } + elseif (isset($identity['db'])) { + $identity = $identity['db']; + } + if ($identity instanceof UserInterface) { + $role = new \UnicaenAuth\Acl\NamedRole($identity->getUsername(), 'user', "Authentifié(e)"); + $this->roles[] = $role; + } + } + } + + return $this->roles; + } +} \ No newline at end of file diff --git a/src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php b/src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php new file mode 100644 index 0000000..2d9cbd5 --- /dev/null +++ b/src/UnicaenAuth/Provider/Role/UsernameServiceFactory.php @@ -0,0 +1,27 @@ +<?php + +namespace UnicaenAuth\Provider\Role; + +use Zend\ServiceManager\FactoryInterface; +use Zend\ServiceManager\ServiceLocatorInterface; + +/** + * Description of UsernameServiceFactory + * + * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr> + */ +class UsernameServiceFactory implements FactoryInterface +{ + /** + * Create service + * + * @param ServiceLocatorInterface $serviceLocator + * @return Username + */ + public function createService(ServiceLocatorInterface $serviceLocator) + { + $authService = $serviceLocator->get('zfcuser_auth_service'); /* @var $authService \Zend\Authentication\AuthenticationService */ + + return new Username($authService); + } +} \ No newline at end of file -- GitLab