Skip to content
Snippets Groups Projects
Commit cf8eb594 authored by Laurent Lecluse's avatar Laurent Lecluse
Browse files

Finalisation de la possibilité de bloquer l'usage d'un ou plusieurs rôles...

Finalisation de la possibilité de bloquer l'usage d'un ou plusieurs rôles depuis l'extérieur de l'établissement
parent 532506f4
No related branches found
No related tags found
No related merge requests found
Pipeline #8495 failed
......@@ -494,7 +494,7 @@ return [
'UnicaenApp\HistoriqueListener' => HistoriqueListenerFactory::class,
'UnicaenAuth\HistoriqueListener' => HistoriqueListenerFactory::class,
\UnicaenAuth\Event\EventManager::class => \UnicaenAuth\Event\EventManagerFactory::class,
\UnicaenAuth\Event\EventManager::class => \UnicaenAuth\Event\EventManagerFactory::class
],
'lazy_services' => [
// Mapping services to their class names is required since the ServiceManager is not a declarative DIC.
......
......@@ -18,7 +18,7 @@ CREATE TABLE user_role (
is_default SMALLINT NOT NULL DEFAULT 0,
parent_id BIGINT DEFAULT NULL,
ldap_filter varchar(255) DEFAULT NULL,
accessible_exterieur SMALLINT NOT NULL DEFAULT 1,
accessible_exterieur BOOLEAN NOT NULL DEFAULT true,
FOREIGN KEY (parent_id) REFERENCES user_role (id) ON DELETE SET NULL
);
CREATE UNIQUE INDEX user_role_roleid_unique ON user_role (role_id);
......
......@@ -53,6 +53,16 @@ class RoleForm extends Form implements ServiceLocatorAwareInterface, InputFilter
],
]);
$this->add([
'type' => 'Checkbox',
'name' => 'accessible-exterieur',
'options' => [
'label' => 'Accessible de l\'extérieur',
'checked_value' => '1',
'unchecked_value' => '0',
],
]);
$this->add([
'name' => 'id',
'type' => 'Hidden',
......@@ -88,6 +98,9 @@ class RoleForm extends Form implements ServiceLocatorAwareInterface, InputFilter
'parent' => [
'required' => false,
],
'accessible-exterieur' => [
'required' => true,
],
];
}
}
......@@ -117,6 +130,7 @@ class RoleFormHydrator implements HydratorInterface
$object->setRoleId($data['role-id']);
$object->setLdapFilter($data['ldap-filter'] ?: null);
$object->setParent($this->getServiceRole()->get($data['parent']));
$object->setAccessibleExterieur($data['accessible-exterieur'] == '1');
return $object;
}
......@@ -135,6 +149,7 @@ class RoleFormHydrator implements HydratorInterface
'role-id' => $object->getRoleId(),
'ldap-filter' => $object->getLdapFilter(),
'parent' => $object->getParent() ? $object->getParent()->getId() : null,
'accessible-exterieur' => $object->getAccessibleExterieur() ? '1' : '0',
];
return $data;
......
......@@ -4,6 +4,7 @@ namespace UnicaenAuth\Provider\Identity;
use BjyAuthorize\Provider\Identity\AuthenticationIdentityProvider;
use BjyAuthorize\Provider\Role\ProviderInterface;
use UnicaenApp\Entity\Ldap\People;
use UnicaenApp\HostLocalization\HostLocalizationAwareTrait;
use UnicaenAuth\Entity\Db\AbstractRole;
use UnicaenAuth\Service\Traits\RoleServiceAwareTrait;
use Zend\Ldap\Ldap;
......@@ -23,12 +24,19 @@ use Traversable;
class Db extends AuthenticationIdentityProvider implements ChainableProvider, \BjyAuthorize\Provider\Identity\ProviderInterface
{
use RoleServiceAwareTrait;
use HostLocalizationAwareTrait;
/**
* @var Ldap
*/
private $ldap;
/**
* @var
*/
private $detectionContexteExecution;
/**
......@@ -84,6 +92,15 @@ class Db extends AuthenticationIdentityProvider implements ChainableProvider, \B
}
}
$inEtablissement = $this->getHostLocalization()->inEtablissement();
if (!$inEtablissement) { // Si on n'est pas dans l'établissement, alors on filtre les rôles disponibles
foreach ($roles as $i => $role) {
if ($role instanceof AbstractRole) {
if (!$role->getAccessibleExterieur()) unset($roles[$i]);
}
}
}
return $roles;
}
......
......@@ -27,6 +27,7 @@ class DbServiceFactory implements FactoryInterface
{
$user = $container->get('zfcuser_user_service');
$identityProvider = new Db($user->getAuthService());
$identityProvider->setHostLocalization($container->get('HostLocalization'));
$unicaenAppOptions = $container->get('unicaen-app_module_options');
/* @var $unicaenAppOptions ModuleOptions */
......
......@@ -13,7 +13,9 @@ if ($errors) {
echo $this->formControlGroup($form->get('role-id'));
echo $this->formControlGroup($form->get('parent'));
echo $this->formControlGroup($form->get('ldap-filter'));
echo $this->formControlGroup($form->get('accessible-exterieur'));
echo $this->formRow($form->get('submit'));
echo $this->formHidden($form->get('id'));
echo $this->form()->closeTag();
\ No newline at end of file
......@@ -14,6 +14,7 @@ $ajoutUrl = $this->url( 'droits/roles/edition' );
<th>Nom</th>
<th>Parent</th>
<th>Filtre LDAP</th>
<th>Accessible de l'extérieur</th>
<?php if ($canEdit): ?><th>Action</th><?php endif; ?>
</tr>
<?php foreach( $roles as $role ):
......@@ -24,6 +25,7 @@ $ajoutUrl = $this->url( 'droits/roles/edition' );
<td><?php echo $role->getRoleId(); ?></td>
<td><?php echo $role->getParent(); ?></td>
<td><?php echo $role->getLdapFilter(); ?></td>
<td><?php echo $role->getAccessibleExterieur() ? 'Oui' : 'Non'; ?></td>
<?php if ($canEdit): ?>
<td style="width:1%;white-space: nowrap;text-align: center">
<a href="<?php echo $editionUrl; ?>" class="ajax-modal" data-event="role-edition"><span class="glyphicon glyphicon-edit"></span></a>
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment