diff --git a/Module.php b/Module.php
index dfb62edd6593b14fa7425eb9241a9950db1c197f..42734fb2537737226c8862521c0b4c387d22a29d 100644
--- a/Module.php
+++ b/Module.php
@@ -5,14 +5,13 @@ namespace UnicaenAuth;
use Zend\ModuleManager\Feature\AutoloaderProviderInterface;
use Zend\ModuleManager\Feature\ConfigProviderInterface;
use Zend\ModuleManager\Feature\ServiceProviderInterface;
-use Zend\ModuleManager\Feature\ViewHelperProviderInterface;
/**
* Point d'entrée du module d'authentification Unicaen.
*
* @author Bertrand GAUTHIER <bertrand.gauthier@unicaen.fr>
*/
-class Module implements ConfigProviderInterface, ViewHelperProviderInterface, ServiceProviderInterface
+class Module implements ConfigProviderInterface, ServiceProviderInterface
{
/**
*
@@ -113,29 +112,6 @@ class Module implements ConfigProviderInterface, ViewHelperProviderInterface, Se
}
}
- /**
- *
- * @return array
- * @see ViewHelperProviderInterface
- */
- public function getViewHelperConfig()
- {
- return [
- 'factories' => [
- 'userConnection' => 'UnicaenAuth\View\Helper\UserConnectionFactory',
- 'userCurrent' => 'UnicaenAuth\View\Helper\UserCurrentFactory',
- 'userStatus' => 'UnicaenAuth\View\Helper\UserStatusFactory',
- 'userProfile' => 'UnicaenAuth\View\Helper\UserProfileFactory',
- 'userInfo' => 'UnicaenAuth\View\Helper\UserInfoFactory',
- 'userProfileSelect' => 'UnicaenAuth\View\Helper\UserProfileSelectFactory',
- 'userProfileSelectRadioItem' => 'UnicaenAuth\View\Helper\UserProfileSelectRadioItemFactory',
- ],
- 'invokables' => [
- 'appConnection' => 'UnicaenAuth\View\Helper\AppConnection',
- ],
- ];
- }
-
/**
*
* @return array
diff --git a/config/module.config.php b/config/module.config.php
index d4efc7307aa51e84c86a97fd7f5a10893789e1ae..6ad30f0423c92bb94ac59e78fc5125937a9981f2 100644
--- a/config/module.config.php
+++ b/config/module.config.php
@@ -16,7 +16,7 @@ $zfcuserSettings = [
* Allows users to register through the website.
* Accepted values: boolean true or false
*/
- 'enable_registration' => true,
+ 'enable_registration' => true,
/**
* Modes for authentication identity match
* Specify the allowable identity modes, in the order they should be
@@ -24,42 +24,42 @@ $zfcuserSettings = [
* Default value: array containing 'email'
* Accepted values: array containing one or more of: email, username
*/
- 'auth_identity_fields' => ['username', 'email'],
+ 'auth_identity_fields' => ['username', 'email'],
/**
* Login Redirect Route
* Upon successful login the user will be redirected to the entered route
* Default value: 'zfcuser'
* Accepted values: A valid route name within your application
*/
- 'login_redirect_route' => 'home',
+ 'login_redirect_route' => 'home',
/**
* Logout Redirect Route
* Upon logging out the user will be redirected to the enterd route
* Default value: 'zfcuser/login'
* Accepted values: A valid route name within your application
*/
- 'logout_redirect_route' => 'home',
+ 'logout_redirect_route' => 'home',
/**
* Enable Username
* Enables username field on the registration form, and allows users to log
* in using their username OR email address. Default is false.
* Accepted values: boolean true or false
*/
- 'enable_username' => false,
+ 'enable_username' => false,
/**
* Enable Display Name
* Enables a display name field on the registration form, which is persisted
* in the database. Default value is false.
* Accepted values: boolean true or false
*/
- 'enable_display_name' => true,
+ 'enable_display_name' => true,
/**
* Authentication Adapters
* Specify the adapters that will be used to try and authenticate the user
* Default value: array containing 'ZfcUser\Authentication\Adapter\Db' with priority 100
* Accepted values: array containing services that implement 'ZfcUser\Authentication\Adapter\ChainableAdapter'
*/
- 'auth_adapters' => [
+ 'auth_adapters' => [
300 => 'UnicaenAuth\Authentication\Adapter\Ldap', // notifié en 1er
200 => 'UnicaenAuth\Authentication\Adapter\Db', // ensuite (si échec d'authentification Ldap)
100 => 'UnicaenAuth\Authentication\Adapter\Cas', // ensuite (si échec d'authentification Db)
@@ -78,22 +78,22 @@ $bjyauthorize = [
*
* for ZfcUser, this will be your default identity provider
*/
- 'identity_provider' => 'UnicaenAuth\Provider\Identity\Chain',
+ 'identity_provider' => 'UnicaenAuth\Provider\Identity\Chain',
/* role providers simply provide a list of roles that should be inserted
* into the Zend\Acl instance. the module comes with two providers, one
* to specify roles in a config file and one to load roles using a
* Zend\Db adapter.
*/
- 'role_providers' => [
+ 'role_providers' => [
/**
* 2 rôles doivent systématiquement exister dans les ACL :
* - le rôle par défaut 'guest', c'est le rôle de tout utilisateur non authentifié.
* - le rôle 'user', c'est le rôle de tout utilisateur authentifié.
*/
- 'UnicaenAuth\Provider\Role\Config' => [
+ 'UnicaenAuth\Provider\Role\Config' => [
'guest' => ['name' => "Non authentifié(e)", 'selectable' => false, 'children' => [
- 'user' => ['name' => "Authentifié(e)", 'selectable' => false]
+ 'user' => ['name' => "Authentifié(e)", 'selectable' => false],
]],
],
/**
@@ -101,7 +101,7 @@ $bjyauthorize = [
* NB: si le rôle par défaut 'guest' est fourni ici, il ne sera pas ajouté en double dans les ACL.
* NB: si la connexion à la base échoue, ce n'est pas bloquant!
*/
- 'UnicaenAuth\Provider\Role\DbRole' => [
+ 'UnicaenAuth\Provider\Role\DbRole' => [
'object_manager' => 'doctrine.entitymanager.orm_default',
'role_entity_class' => 'UnicaenAuth\Entity\Db\Role',
],
@@ -114,106 +114,106 @@ $bjyauthorize = [
],
// strategy service name for the strategy listener to be used when permission-related errors are detected
-// 'unauthorized_strategy' => 'BjyAuthorize\View\RedirectionStrategy',
+ // 'unauthorized_strategy' => 'BjyAuthorize\View\RedirectionStrategy',
'unauthorized_strategy' => 'UnicaenAuth\View\RedirectionStrategy',
/* Currently, only controller and route guards exist
*/
- 'guards' => [
+ 'guards' => [
/* If this guard is specified here (i.e. it is enabled), it will block
* access to all controllers and actions unless they are specified here.
* You may omit the 'action' index to allow access to the entire controller
*/
'BjyAuthorize\Guard\Controller' => [
- ['controller' => 'index', 'action' => 'index', 'roles' => []],
- ['controller' => 'zfcuser', 'roles' => []],
+ ['controller' => 'index', 'action' => 'index', 'roles' => []],
+ ['controller' => 'zfcuser', 'roles' => []],
['controller' => 'Application\Controller\Index', 'roles' => []],
- ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'etab', 'roles' => []],
- ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'apropos', 'roles' => []],
- ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'contact', 'roles' => []],
- ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'plan', 'roles' => []],
- ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'mentions-legales', 'roles' => []],
- ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'informatique-et-libertes', 'roles' => []],
- ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'refresh-session', 'roles' => []],
- ['controller' => 'UnicaenAuth\Controller\Utilisateur', 'action' => 'selectionner-profil', 'roles' => []],
+ ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'etab', 'roles' => []],
+ ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'apropos', 'roles' => []],
+ ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'contact', 'roles' => []],
+ ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'plan', 'roles' => []],
+ ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'mentions-legales', 'roles' => []],
+ ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'informatique-et-libertes', 'roles' => []],
+ ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'refresh-session', 'roles' => []],
+ ['controller' => 'UnicaenAuth\Controller\Utilisateur', 'action' => 'selectionner-profil', 'roles' => []],
],
],
];
return [
- 'zfcuser' => $zfcuserSettings,
- 'bjyauthorize' => $bjyauthorize,
- 'unicaen-auth' => $settings,
- 'doctrine' => [
+ 'zfcuser' => $zfcuserSettings,
+ 'bjyauthorize' => $bjyauthorize,
+ 'unicaen-auth' => $settings,
+ 'doctrine' => [
'driver' => [
// overriding zfc-user-doctrine-orm's config
- 'zfcuser_entity' => [
+ 'zfcuser_entity' => [
'class' => 'Doctrine\ORM\Mapping\Driver\AnnotationDriver',
'paths' => [
- __DIR__ . '/../src/UnicaenAuth/Entity/Db'
- ]
+ __DIR__ . '/../src/UnicaenAuth/Entity/Db',
+ ],
],
'orm_auth_driver' => [
'class' => 'Doctrine\ORM\Mapping\Driver\AnnotationDriver',
'cache' => 'array',
'paths' => [
- __DIR__ . '/../src/UnicaenAuth/Entity/Db'
- ]
+ __DIR__ . '/../src/UnicaenAuth/Entity/Db',
+ ],
],
- 'orm_default' => [
+ 'orm_default' => [
'class' => 'Doctrine\ORM\Mapping\Driver\DriverChain',
'drivers' => [
'UnicaenAuth\Entity\Db' => 'zfcuser_entity',
- 'UnicaenAuth\Entity\Db' => 'orm_auth_driver'
- ]
+ 'UnicaenAuth\Entity\Db' => 'orm_auth_driver',
+ ],
],
],
],
'service_manager' => [
- 'aliases' => [
+ 'aliases' => [
'Zend\Authentication\AuthenticationService' => 'zfcuser_auth_service',
],
- 'invokables' => [
+ 'invokables' => [
'unicaen-auth_user_service' => 'UnicaenAuth\Service\User',
'UnicaenAuth\Authentication\Storage\Db' => 'UnicaenAuth\Authentication\Storage\Db',
'UnicaenAuth\Authentication\Storage\Ldap' => 'UnicaenAuth\Authentication\Storage\Ldap',
'UnicaenAuth\View\RedirectionStrategy' => 'UnicaenAuth\View\RedirectionStrategy',
- 'authUserContext' => 'UnicaenAuth\Service\UserContext'
+ 'authUserContext' => 'UnicaenAuth\Service\UserContext',
],
'abstract_factories' => [
'UnicaenAuth\Authentication\Adapter\AbstractFactory',
],
- 'factories' => [
+ 'factories' => [
'unicaen-auth_module_options' => 'UnicaenAuth\Options\ModuleOptionsFactory',
'zfcuser_auth_service' => 'UnicaenAuth\Authentication\AuthenticationServiceFactory',
'UnicaenAuth\Authentication\Storage\Chain' => 'UnicaenAuth\Authentication\Storage\ChainServiceFactory',
'UnicaenAuth\Provider\Identity\Chain' => 'UnicaenAuth\Provider\Identity\ChainServiceFactory',
'UnicaenAuth\Provider\Identity\Ldap' => 'UnicaenAuth\Provider\Identity\LdapServiceFactory',
'UnicaenAuth\Provider\Identity\Db' => 'UnicaenAuth\Provider\Identity\DbServiceFactory',
- 'UnicaenAuth\Provider\Identity\Basic' => 'UnicaenAuth\Provider\Identity\BasicServiceFactory',
+ 'UnicaenAuth\Provider\Identity\Basic' => 'UnicaenAuth\Provider\Identity\BasicServiceFactory',
'UnicaenAuth\Provider\Role\Config' => 'UnicaenAuth\Provider\Role\ConfigServiceFactory',
'UnicaenAuth\Provider\Role\DbRole' => 'UnicaenAuth\Provider\Role\DbRoleServiceFactory',
'UnicaenAuth\Provider\Role\Username' => 'UnicaenAuth\Provider\Role\UsernameServiceFactory',
],
- 'initializers' => [
+ 'initializers' => [
'UnicaenAuth\Service\UserAwareInitializer',
],
],
- 'controllers' => [
+ 'controllers' => [
'invokables' => [
'UnicaenAuth\Controller\Utilisateur' => 'UnicaenAuth\Controller\UtilisateurController',
],
],
- 'view_manager' => [
- 'template_map' => [
+ 'view_manager' => [
+ 'template_map' => [
'error/403' => __DIR__ . '/../view/error/403.phtml',
],
'template_path_stack' => [
'unicaen-auth' => __DIR__ . '/../view',
],
],
- 'translator' => [
+ 'translator' => [
'translation_file_patterns' => [
[
'type' => 'gettext',
@@ -222,34 +222,34 @@ return [
],
],
],
- 'router' => [
+ 'router' => [
'routes' => [
- 'zfcuser' => [
- 'type' => 'Literal',
- 'priority' => 1000,
- 'options' => [
- 'route' => '/auth',
+ 'zfcuser' => [
+ 'type' => 'Literal',
+ 'priority' => 1000,
+ 'options' => [
+ 'route' => '/auth',
'defaults' => [
'controller' => 'zfcuser',
'action' => 'index',
],
],
'may_terminate' => true,
- 'child_routes' => [
- 'login' => [
- 'type' => 'Literal',
+ 'child_routes' => [
+ 'login' => [
+ 'type' => 'Literal',
'options' => [
- 'route' => '/connexion',
+ 'route' => '/connexion',
'defaults' => [
'controller' => 'zfcuser',
'action' => 'login',
],
],
],
- 'logout' => [
- 'type' => 'Literal',
+ 'logout' => [
+ 'type' => 'Literal',
'options' => [
- 'route' => '/deconnexion',
+ 'route' => '/deconnexion',
'defaults' => [
'controller' => 'zfcuser',
'action' => 'logout',
@@ -257,9 +257,9 @@ return [
],
],
'register' => [
- 'type' => 'Literal',
+ 'type' => 'Literal',
'options' => [
- 'route' => '/creation-compte',
+ 'route' => '/creation-compte',
'defaults' => [
'controller' => 'zfcuser',
'action' => 'register',
@@ -269,8 +269,8 @@ return [
],
],
'utilisateur' => [
- 'type' => 'Literal',
- 'options' => [
+ 'type' => 'Literal',
+ 'options' => [
'route' => '/utilisateur',
'defaults' => [
'__NAMESPACE__' => 'UnicaenAuth\Controller',
@@ -279,16 +279,16 @@ return [
],
],
'may_terminate' => true,
- 'child_routes' => [
+ 'child_routes' => [
'default' => [
'type' => 'Segment',
'options' => [
- 'route' => '/:action[/:id]',
+ 'route' => '/:action[/:id]',
'constraints' => [
'action' => '[a-zA-Z][a-zA-Z0-9_-]*',
'id' => '[0-9]*',
],
- 'defaults' => [
+ 'defaults' => [
'action' => 'index',
],
],
@@ -298,16 +298,16 @@ return [
],
],
// All navigation-related configuration is collected in the 'navigation' key
- 'navigation' => [
+ 'navigation' => [
// The DefaultNavigationFactory we configured uses 'default' as the sitemap key
'default' => [
// And finally, here is where we define our page hierarchy
'home' => [
'pages' => [
- 'login' => [
- 'label' => _("Connexion"),
- 'route' => 'zfcuser/login',
- 'visible' => false,
+ 'login' => [
+ 'label' => _("Connexion"),
+ 'route' => 'zfcuser/login',
+ 'visible' => false,
],
'register' => [
'label' => _("Enregistrement"),
@@ -318,4 +318,19 @@ return [
],
],
],
+
+ 'view_helpers' => [
+ 'factories' => [
+ 'userConnection' => 'UnicaenAuth\View\Helper\UserConnectionFactory',
+ 'userCurrent' => 'UnicaenAuth\View\Helper\UserCurrentFactory',
+ 'userStatus' => 'UnicaenAuth\View\Helper\UserStatusFactory',
+ 'userProfile' => 'UnicaenAuth\View\Helper\UserProfileFactory',
+ 'userInfo' => 'UnicaenAuth\View\Helper\UserInfoFactory',
+ 'userProfileSelect' => 'UnicaenAuth\View\Helper\UserProfileSelectFactory',
+ 'userProfileSelectRadioItem' => 'UnicaenAuth\View\Helper\UserProfileSelectRadioItemFactory',
+ ],
+ 'invokables' => [
+ 'appConnection' => 'UnicaenAuth\View\Helper\AppConnection',
+ ],
+ ],
];
\ No newline at end of file
diff --git a/data/schema_mysql.sql b/data/schema_mysql.sql
index 031d576387a0e2b29e9cba7255bd082ee65ffb85..35854ecae8e7c815f657050830be98fc52a9c56c 100644
--- a/data/schema_mysql.sql
+++ b/data/schema_mysql.sql
@@ -14,6 +14,7 @@ CREATE TABLE IF NOT EXISTS `user_role` (
`role_id` VARCHAR(64) NOT NULL,
`is_default` TINYINT(1) NOT NULL DEFAULT 0,
`parent_id` INT(11) NULL DEFAULT NULL,
+ `ldap_filter` varchar(255) CHARACTER SET utf8 DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE INDEX `unique_role` (`role_id` ASC),
INDEX `idx_parent_id` (`parent_id` ASC),
diff --git a/src/UnicaenAuth/Entity/Db/Role.php b/src/UnicaenAuth/Entity/Db/Role.php
index fb5f49aa1a674cb12f9f7df7cc0ab7a8be0c2f2e..472740fac9e9abf6299621ed31f0a5745b5880fe 100644
--- a/src/UnicaenAuth/Entity/Db/Role.php
+++ b/src/UnicaenAuth/Entity/Db/Role.php
@@ -2,7 +2,7 @@
/**
* BjyAuthorize Module (https://github.com/bjyoungblood/BjyAuthorize)
*
- * @link https://github.com/bjyoungblood/BjyAuthorize for the canonical source repository
+ * @link https://github.com/bjyoungblood/BjyAuthorize for the canonical source repository
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
@@ -45,6 +45,12 @@ class Role implements HierarchicalRoleInterface
*/
protected $parent;
+ /**
+ * @var string
+ * @ORM\Column(name="ldap_filter", type="string", length=255, unique=true, nullable=true)
+ */
+ protected $ldapFilter;
+
/**
* @var \Doctrine\Common\Collections\Collection
* @ORM\ManyToMany(targetEntity="UnicaenAuth\Entity\Db\User")
@@ -55,6 +61,8 @@ class Role implements HierarchicalRoleInterface
*/
protected $users;
+
+
/**
* Get the id.
*
@@ -65,6 +73,8 @@ class Role implements HierarchicalRoleInterface
return $this->id;
}
+
+
/**
* Set the id.
*
@@ -75,9 +85,12 @@ class Role implements HierarchicalRoleInterface
public function setId($id)
{
$this->id = (int)$id;
+
return $this;
}
+
+
/**
* Get the role id.
*
@@ -88,6 +101,8 @@ class Role implements HierarchicalRoleInterface
return $this->roleId;
}
+
+
/**
* Set the role id.
*
@@ -97,10 +112,13 @@ class Role implements HierarchicalRoleInterface
*/
public function setRoleId($roleId)
{
- $this->roleId = (string) $roleId;
+ $this->roleId = (string)$roleId;
+
return $this;
}
+
+
/**
* Is this role the default one ?
*
@@ -111,6 +129,8 @@ class Role implements HierarchicalRoleInterface
return $this->isDefault;
}
+
+
/**
* Set this role as the default one.
*
@@ -120,10 +140,13 @@ class Role implements HierarchicalRoleInterface
*/
public function setIsDefault($isDefault)
{
- $this->isDefault = (boolean) $isDefault;
+ $this->isDefault = (boolean)$isDefault;
+
return $this;
}
+
+
/**
* Get the parent role
*
@@ -134,6 +157,8 @@ class Role implements HierarchicalRoleInterface
return $this->parent;
}
+
+
/**
* Set the parent role.
*
@@ -144,9 +169,36 @@ class Role implements HierarchicalRoleInterface
public function setParent(Role $parent)
{
$this->parent = $parent;
+
return $this;
}
+
+
+ /**
+ * @return string
+ */
+ public function getLdapFilter()
+ {
+ return $this->ldapFilter;
+ }
+
+
+
+ /**
+ * @param string $ldapFilter
+ *
+ * @return Role
+ */
+ public function setLdapFilter($ldapFilter)
+ {
+ $this->ldapFilter = $ldapFilter;
+
+ return $this;
+ }
+
+
+
/**
* Get users.
*
@@ -157,6 +209,8 @@ class Role implements HierarchicalRoleInterface
return $this->users->getValues();
}
+
+
/**
* Add a user to the role.
*
@@ -168,9 +222,11 @@ class Role implements HierarchicalRoleInterface
{
$this->users[] = $user;
}
-
+
+
+
/**
- *
+ *
* @return string
*/
public function __toString()