Skip to content

GitLab

Commit b2842c20 authored by Laurent Lécluse's avatar Laurent Lécluse
Browse files

Correction de bug si on utilise un IdentityProvider spécifique. 

Nouvelle config par défaut
parent fa2d34ad
Hide whitespace changes
Inline Side-by-side
config/unicaen-auth.global.php.dist
View file @ b2842c20
......@@ -18,9 +18,11 @@ $settings = [
*/
'enable_registration' => false,
'enable_privileges' => true,
];
return [
$config = [
'unicaen-auth' => $settings,
'bjyauthorize' => [
/* this module uses a meta-role that inherits from any roles that should
......@@ -50,81 +52,96 @@ return [
*/
'UnicaenAuth\Provider\Role\Username' => [],
],
],
'zfcuser' => [
$k = 'enable_registration' => isset($settings[$k]) ? $settings[$k] : false,
],
];
'resource_providers' => [
/**
* Le service Privilèges peut aussi être une source de ressources,
* si on souhaite tester directement l'accès à un privilège
*/
'UnicaenAuth\Service\Privilege' => [],
],
if ($settings['enable_privileges']) {
$privileges = [
'bjyauthorize' => [
'resource_providers' => [
/**
* Le service Privilèges peut aussi être une source de ressources,
* si on souhaite tester directement l'accès à un privilège
*/
'UnicaenAuth\Service\Privilege' => [],
],
'guards' => [
'UnicaenAuth\Guard\PrivilegeController' => [
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['index'],
'privileges' => [
Privileges::DROIT_ROLE_VISUALISATION,
Privileges::DROIT_PRIVILEGE_VISUALISATION,
'rule_providers' => [
'UnicaenAuth\Provider\Rule\PrivilegeRuleProvider' => [],
],
'guards' => [
'UnicaenAuth\Guard\PrivilegeController' => [
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['index'],
'privileges' => [
\UnicaenAuth\Provider\Privilege\Privileges::DROIT_ROLE_VISUALISATION,
\UnicaenAuth\Provider\Privilege\Privileges::DROIT_PRIVILEGE_VISUALISATION,
],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['roles'],
'privileges' => [\UnicaenAuth\Provider\Privilege\Privileges::DROIT_ROLE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges'],
'privileges' => [\UnicaenAuth\Provider\Privilege\Privileges::DROIT_PRIVILEGE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['role-edition', 'role-suppression'],
'privileges' => [\UnicaenAuth\Provider\Privilege\Privileges::DROIT_ROLE_EDITION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges-modifier'],
'privileges' => [\UnicaenAuth\Provider\Privilege\Privileges::DROIT_PRIVILEGE_EDITION],
],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['roles'],
'privileges' => [Privileges::DROIT_ROLE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges'],
'privileges' => [Privileges::DROIT_PRIVILEGE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['role-edition', 'role-suppression'],
'privileges' => [Privileges::DROIT_ROLE_EDITION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges-modifier'],
'privileges' => [Privileges::DROIT_PRIVILEGE_EDITION],
],
],
],
],
'zfcuser' => [
$k = 'enable_registration' => isset($settings[$k]) ? $settings[$k] : false,
],
'navigation' => [
// The DefaultNavigationFactory we configured uses 'default' as the sitemap key
'default' => [
// And finally, here is where we define our page hierarchy
'home' => [
'pages' => [
'droits' => [
'label' => 'Droits d\'accès',
'title' => 'Gestion des droits d\'accès',
'route' => 'droits',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'index'),
'pages' => [
'roles' => [
'label' => "Rôles",
'title' => "Gestion des rôles",
'route' => 'droits/roles',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'roles'),
'withtarget' => true,
],
'privileges' => [
'label' => "Privilèges",
'title' => "Gestion des privilèges",
'route' => 'droits/privileges',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'privileges'),
'withtarget' => true,
'navigation' => [
// The DefaultNavigationFactory we configured uses 'default' as the sitemap key
'default' => [
// And finally, here is where we define our page hierarchy
'home' => [
'pages' => [
'droits' => [
'label' => 'Droits d\'accès',
'title' => 'Gestion des droits d\'accès',
'route' => 'droits',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'index'),
'pages' => [
'roles' => [
'label' => "Rôles",
'title' => "Gestion des rôles",
'route' => 'droits/roles',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'roles'),
'withtarget' => true,
],
'privileges' => [
'label' => "Privilèges",
'title' => "Gestion des privilèges",
'route' => 'droits/privileges',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'privileges'),
'withtarget' => true,
],
],
],
],
],
],
],
],
];
\ No newline at end of file
];
} else {
$privileges = [];
}
return array_merge_recursive($config, $privileges);
\ No newline at end of file
src/UnicaenAuth/Service/UserContext.php
View file @ b2842c20
......@@ -4,6 +4,7 @@ namespace UnicaenAuth\Service;
use UnicaenApp\Exception\RuntimeException;
use UnicaenApp\Traits\SessionContainerTrait;
use UnicaenAuth\Provider\Identity\Chain;
use Zend\Session\Container as SessionContainer;
use Zend\Permissions\Acl\Role\RoleInterface;
use ZfcUser\Entity\UserInterface;
......@@ -95,7 +96,11 @@ class UserContext extends AbstractService
{
if (null === $this->identityRoles) {
$identityProvider = $this->getIdentityProvider();
$this->identityRoles = $identityProvider->getAllIdentityRoles();
if ($identityProvider instanceof Chain){
$this->identityRoles = $identityProvider->getAllIdentityRoles();
}else{
$this->identityRoles = $identityProvider->getIdentityRoles();
}
}
return $this->identityRoles;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment