Correction : le rôle "user" n'était plus attribué systématiquement à l'utilisateur connecté!

config/module.config.php

@@ -4,8 +4,9 @@ $settings = array(
      * Fournisseurs d'identité.
      */
     'identity_providers' => array(
-        200 => 'UnicaenAuth\Provider\Identity\Db',
-        100 => 'UnicaenAuth\Provider\Identity\Ldap',
+        300 => 'UnicaenAuth\Provider\Identity\Db',
+        200 => 'UnicaenAuth\Provider\Identity\Ldap',
+        100 => 'UnicaenAuth\Provider\Identity\Basic',
     ),
 );
 
@@ -189,6 +190,7 @@ return array(
             'UnicaenAuth\Provider\Identity\Chain'      => 'UnicaenAuth\Provider\Identity\ChainServiceFactory',
             'UnicaenAuth\Provider\Identity\Ldap'       => 'UnicaenAuth\Provider\Identity\LdapServiceFactory',
             'UnicaenAuth\Provider\Identity\Db'         => 'UnicaenAuth\Provider\Identity\DbServiceFactory',
+            'UnicaenAuth\Provider\Identity\Basic'         => 'UnicaenAuth\Provider\Identity\BasicServiceFactory',
             'UnicaenAuth\Provider\Role\Config'         => 'UnicaenAuth\Provider\Role\ConfigServiceFactory',
             'UnicaenAuth\Provider\Role\DbRole'         => 'UnicaenAuth\Provider\Role\DbRoleServiceFactory',
             'UnicaenAuth\Provider\Role\Username'       => 'UnicaenAuth\Provider\Role\UsernameServiceFactory',

src/UnicaenAuth/Provider/Identity/Basic.php

+<?php
+namespace UnicaenAuth\Provider\Identity;
+
+use BjyAuthorize\Provider\Identity\AuthenticationIdentityProvider;
+
+/**
+ * Classe de fournisseur d'identité "authentifié" ou "non authentifié".
+ *
+ * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr>
+ */
+class Basic extends AuthenticationIdentityProvider implements ChainableProvider
+{
+    /**
+     * {@inheritDoc}
+     */
+    public function injectIdentityRoles(ChainEvent $event)
+    {
+        $event->addRoles($this->getIdentityRoles());
+    }
+    
+    /**
+     * {@inheritDoc}
+     */
+    public function getIdentityRoles()
+    {
+        if (! $identity = $this->authService->getIdentity()) {
+            return array($this->getDefaultRole());
+        }
+        
+        return array($this->getAuthenticatedRole());
+    }
+}
\ No newline at end of file

src/UnicaenAuth/Provider/Identity/BasicServiceFactory.php

+<?php
+
+namespace UnicaenAuth\Provider\Identity;
+
+use Zend\ServiceManager\FactoryInterface;
+use Zend\ServiceManager\ServiceLocatorInterface;
+
+/**
+ * Basic identity provider factory.
+ *
+ * @author Bertrand GAUTHIER <bertrand.gauthier@unicaen.fr>
+ */
+class BasicServiceFactory implements FactoryInterface
+{
+    /**
+     * {@inheritDoc}
+     */
+    public function createService(ServiceLocatorInterface $serviceLocator)
+    {
+        $user              = $serviceLocator->get('zfcuser_user_service');
+        $config            = $serviceLocator->get('BjyAuthorize\Config');
+        $identityProvider  = new Basic($user->getAuthService());
+
+        $identityProvider->setDefaultRole($config['default_role']);
+        $identityProvider->setAuthenticatedRole($config['authenticated_role']);
+
+        return $identityProvider;
+    }
+}
\ No newline at end of file

src/UnicaenAuth/Provider/Identity/Chain.php

@@ -92,9 +92,9 @@ class Chain implements ProviderInterface, ServiceLocatorAwareInterface, EventMan
             }
         }
         
-        if (count($registry->getRoles()) > 1 && $registry->has('user')) {
-            unset($this->roles['user']);
-        }
+//        if (count($registry->getRoles()) > 1 && $registry->has('user')) {
+//            unset($this->roles['user']);
+//        }
         
 //        var_dump($this->roles);
         

src/UnicaenAuth/Provider/Identity/Db.php

@@ -53,10 +53,6 @@ class Db extends AuthenticationIdentityProvider implements ChainableProvider
             $roles[] = $identity->getUsername();
         }
         
-        if (!$roles) {
-            $roles = array($this->authenticatedRole);
-        }
-        
         return $roles;
     }
 }
\ No newline at end of file

src/UnicaenAuth/Provider/Identity/Ldap.php

@@ -52,10 +52,6 @@ class Ldap extends AuthenticationIdentityProvider implements ChainableProvider
             $roles[] = $identity->getUsername();
         }
         
-        if (!$roles) {
-            $roles = array($this->authenticatedRole);
-        }
-        
         return $roles;
     }
 }
\ No newline at end of file