Commit b2842c20 authored by Laurent Lécluse's avatar Laurent Lécluse
Browse files

Correction de bug si on utilise un IdentityProvider spécifique.

Nouvelle config par défaut
parent fa2d34ad
......@@ -18,9 +18,11 @@ $settings = [
*/
'enable_registration' => false,
'enable_privileges' => true,
];
return [
$config = [
'unicaen-auth' => $settings,
'bjyauthorize' => [
/* this module uses a meta-role that inherits from any roles that should
......@@ -50,81 +52,96 @@ return [
*/
'UnicaenAuth\Provider\Role\Username' => [],
],
],
'zfcuser' => [
$k = 'enable_registration' => isset($settings[$k]) ? $settings[$k] : false,
],
];
'resource_providers' => [
/**
* Le service Privilèges peut aussi être une source de ressources,
* si on souhaite tester directement l'accès à un privilège
*/
'UnicaenAuth\Service\Privilege' => [],
],
if ($settings['enable_privileges']) {
$privileges = [
'bjyauthorize' => [
'resource_providers' => [
/**
* Le service Privilèges peut aussi être une source de ressources,
* si on souhaite tester directement l'accès à un privilège
*/
'UnicaenAuth\Service\Privilege' => [],
],
'guards' => [
'UnicaenAuth\Guard\PrivilegeController' => [
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['index'],
'privileges' => [
Privileges::DROIT_ROLE_VISUALISATION,
Privileges::DROIT_PRIVILEGE_VISUALISATION,
'rule_providers' => [
'UnicaenAuth\Provider\Rule\PrivilegeRuleProvider' => [],
],
'guards' => [
'UnicaenAuth\Guard\PrivilegeController' => [
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['index'],
'privileges' => [
\UnicaenAuth\Provider\Privilege\Privileges::DROIT_ROLE_VISUALISATION,
\UnicaenAuth\Provider\Privilege\Privileges::DROIT_PRIVILEGE_VISUALISATION,
],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['roles'],
'privileges' => [\UnicaenAuth\Provider\Privilege\Privileges::DROIT_ROLE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges'],
'privileges' => [\UnicaenAuth\Provider\Privilege\Privileges::DROIT_PRIVILEGE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['role-edition', 'role-suppression'],
'privileges' => [\UnicaenAuth\Provider\Privilege\Privileges::DROIT_ROLE_EDITION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges-modifier'],
'privileges' => [\UnicaenAuth\Provider\Privilege\Privileges::DROIT_PRIVILEGE_EDITION],
],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['roles'],
'privileges' => [Privileges::DROIT_ROLE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges'],
'privileges' => [Privileges::DROIT_PRIVILEGE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['role-edition', 'role-suppression'],
'privileges' => [Privileges::DROIT_ROLE_EDITION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges-modifier'],
'privileges' => [Privileges::DROIT_PRIVILEGE_EDITION],
],
],
],
],
'zfcuser' => [
$k = 'enable_registration' => isset($settings[$k]) ? $settings[$k] : false,
],
'navigation' => [
// The DefaultNavigationFactory we configured uses 'default' as the sitemap key
'default' => [
// And finally, here is where we define our page hierarchy
'home' => [
'pages' => [
'droits' => [
'label' => 'Droits d\'accès',
'title' => 'Gestion des droits d\'accès',
'route' => 'droits',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'index'),
'pages' => [
'roles' => [
'label' => "Rôles",
'title' => "Gestion des rôles",
'route' => 'droits/roles',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'roles'),
'withtarget' => true,
],
'privileges' => [
'label' => "Privilèges",
'title' => "Gestion des privilèges",
'route' => 'droits/privileges',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'privileges'),
'withtarget' => true,
'navigation' => [
// The DefaultNavigationFactory we configured uses 'default' as the sitemap key
'default' => [
// And finally, here is where we define our page hierarchy
'home' => [
'pages' => [
'droits' => [
'label' => 'Droits d\'accès',
'title' => 'Gestion des droits d\'accès',
'route' => 'droits',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'index'),
'pages' => [
'roles' => [
'label' => "Rôles",
'title' => "Gestion des rôles",
'route' => 'droits/roles',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'roles'),
'withtarget' => true,
],
'privileges' => [
'label' => "Privilèges",
'title' => "Gestion des privilèges",
'route' => 'droits/privileges',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'privileges'),
'withtarget' => true,
],
],
],
],
],
],
],
],
];
\ No newline at end of file
];
} else {
$privileges = [];
}
return array_merge_recursive($config, $privileges);
\ No newline at end of file
......@@ -4,6 +4,7 @@ namespace UnicaenAuth\Service;
use UnicaenApp\Exception\RuntimeException;
use UnicaenApp\Traits\SessionContainerTrait;
use UnicaenAuth\Provider\Identity\Chain;
use Zend\Session\Container as SessionContainer;
use Zend\Permissions\Acl\Role\RoleInterface;
use ZfcUser\Entity\UserInterface;
......@@ -95,7 +96,11 @@ class UserContext extends AbstractService
{
if (null === $this->identityRoles) {
$identityProvider = $this->getIdentityProvider();
$this->identityRoles = $identityProvider->getAllIdentityRoles();
if ($identityProvider instanceof Chain){
$this->identityRoles = $identityProvider->getAllIdentityRoles();
}else{
$this->identityRoles = $identityProvider->getIdentityRoles();
}
}
return $this->identityRoles;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment