Commit fa2d34ad authored by Laurent Lécluse's avatar Laurent Lécluse
Browse files

Possibilité de désactiver le nouveau système de privilèges si on ne s'en sert pas

parent 2b13a20f
...@@ -142,39 +142,4 @@ class Module implements ConfigProviderInterface, ServiceProviderInterface ...@@ -142,39 +142,4 @@ class Module implements ConfigProviderInterface, ServiceProviderInterface
], ],
]; ];
} }
/**
* Retourne le menu de navigation (à placer où vous voulez)!!
*
* @return array
*/
static public function getDroitsNavigation($label=null, $title=null)
{
if (!$label) $label = "Droits d'accès";
if (!$title) $title = "Gestion des droits d'accès";
return [
'label' => $label,
'title' => $title,
'route' => 'droits',
'resource' => PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits','index'),
'pages' => [
'roles' => [
'label' => "Rôles",
'title' => "Gestion des rôles",
'route' => 'droits/roles',
'resource' => PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits','roles'),
'withtarget' => true,
],
'privileges' => [
'label' => "Privilèges",
'title' => "Gestion des privilèges",
'route' => 'droits/privileges',
'resource' => PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits','privileges'),
'withtarget' => true,
],
],
];
}
} }
\ No newline at end of file
...@@ -77,13 +77,6 @@ return [ ...@@ -77,13 +77,6 @@ return [
'enable_default_entities' => false, 'enable_default_entities' => false,
], ],
'bjyauthorize' => [ 'bjyauthorize' => [
/* this module uses a meta-role that inherits from any roles that should
* be applied to the active user. the identity provider tells us which
* roles the "identity role" should inherit from.
*
* for ZfcUser, this will be your default identity provider
*/
'identity_provider' => 'UnicaenAuth\Provider\Identity\Chain',
/* role providers simply provide a list of roles that should be inserted /* role providers simply provide a list of roles that should be inserted
* into the Zend\Acl instance. the module comes with two providers, one * into the Zend\Acl instance. the module comes with two providers, one
...@@ -101,26 +94,6 @@ return [ ...@@ -101,26 +94,6 @@ return [
'user' => ['name' => "Authentifié(e)", 'selectable' => false], 'user' => ['name' => "Authentifié(e)", 'selectable' => false],
]], ]],
], ],
/**
* Fournit les rôles issus de la base de données éventuelle de l'appli.
* NB: si le rôle par défaut 'guest' est fourni ici, il ne sera pas ajouté en double dans les ACL.
* NB: si la connexion à la base échoue, ce n'est pas bloquant!
*/
'UnicaenAuth\Provider\Role\DbRole' => [],
/**
* Fournit le rôle correspondant à l'identifiant de connexion de l'utilisateur.
* Cela est utile lorsque l'on veut gérer les habilitations d'un utilisateur unique
* sur des ressources.
*/
'UnicaenAuth\Provider\Role\Username' => [],
],
'rule_providers' => [
//'UnicaenAuth\Provider\Rule\PrivilegeRuleProvider' => [],
],
'resource_providers' => [
'UnicaenAuth\Service\Privilege' => [],
], ],
// strategy service name for the strategy listener to be used when permission-related errors are detected // strategy service name for the strategy listener to be used when permission-related errors are detected
...@@ -148,36 +121,6 @@ return [ ...@@ -148,36 +121,6 @@ return [
['controller' => 'UnicaenApp\Controller\Application', 'action' => 'refresh-session', 'roles' => []], ['controller' => 'UnicaenApp\Controller\Application', 'action' => 'refresh-session', 'roles' => []],
['controller' => 'UnicaenAuth\Controller\Utilisateur', 'action' => 'selectionner-profil', 'roles' => []], ['controller' => 'UnicaenAuth\Controller\Utilisateur', 'action' => 'selectionner-profil', 'roles' => []],
], ],
'UnicaenAuth\Guard\PrivilegeController' => [
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['index'],
'privileges' => [
Privileges::DROIT_ROLE_VISUALISATION,
Privileges::DROIT_PRIVILEGE_VISUALISATION,
],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['roles'],
'privileges' => [Privileges::DROIT_ROLE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges'],
'privileges' => [Privileges::DROIT_PRIVILEGE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['role-edition', 'role-suppression'],
'privileges' => [Privileges::DROIT_ROLE_EDITION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges-modifier'],
'privileges' => [Privileges::DROIT_PRIVILEGE_EDITION],
],
],
], ],
], ],
'unicaen-auth' => $settings, 'unicaen-auth' => $settings,
......
<?php <?php
/** /**
* Configuration globale du module UnicaenAuth. * UnicaenAuth Global Configuration
* *
* If you have a ./config/autoload/ directory set up for your project, you can * If you have a ./config/autoload/ directory set up for your project, you can
* drop this config file in it and change the values as you wish. * drop this config file in it and change the values as you wish.
...@@ -12,23 +12,119 @@ $settings = [ ...@@ -12,23 +12,119 @@ $settings = [
*/ */
'save_ldap_user_in_database' => false, 'save_ldap_user_in_database' => false,
/** /**
* Flag indiquant si l'utilisateur peut s'enregistrer auprès de l'application * Enable registration
* (i.e. créer un compte dans la table des utilisateurs). * Allows users to register through the website.
* Accepted values: boolean true or false
*/ */
'enable_registration' => false, 'enable_registration' => false,
/**
* Nom du gestionnaire d'entités doctrine qui sera utilisé pour accéder à la base de données des rôles,
* utilisateurs et privilèges.
*/
//'entity_manager_name' => 'doctrine.entitymanager.orm_default',
]; ];
/**
* You do not need to edit below this line
*/
return [ return [
'unicaen-auth' => $settings, 'unicaen-auth' => $settings,
'bjyauthorize' => [
/* this module uses a meta-role that inherits from any roles that should
* be applied to the active user. the identity provider tells us which
* roles the "identity role" should inherit from.
*
* for ZfcUser, this will be your default identity provider
*/
'identity_provider' => 'UnicaenAuth\Provider\Identity\Chain',
/* role providers simply provide a list of roles that should be inserted
* into the Zend\Acl instance. the module comes with two providers, one
* to specify roles in a config file and one to load roles using a
* Zend\Db adapter.
*/
'role_providers' => [
/**
* Fournit les rôles issus de la base de données éventuelle de l'appli.
* NB: si le rôle par défaut 'guest' est fourni ici, il ne sera pas ajouté en double dans les ACL.
* NB: si la connexion à la base échoue, ce n'est pas bloquant!
*/
'UnicaenAuth\Provider\Role\DbRole' => [],
/**
* Fournit le rôle correspondant à l'identifiant de connexion de l'utilisateur.
* Cela est utile lorsque l'on veut gérer les habilitations d'un utilisateur unique
* sur des ressources.
*/
'UnicaenAuth\Provider\Role\Username' => [],
],
'resource_providers' => [
/**
* Le service Privilèges peut aussi être une source de ressources,
* si on souhaite tester directement l'accès à un privilège
*/
'UnicaenAuth\Service\Privilege' => [],
],
'guards' => [
'UnicaenAuth\Guard\PrivilegeController' => [
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['index'],
'privileges' => [
Privileges::DROIT_ROLE_VISUALISATION,
Privileges::DROIT_PRIVILEGE_VISUALISATION,
],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['roles'],
'privileges' => [Privileges::DROIT_ROLE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges'],
'privileges' => [Privileges::DROIT_PRIVILEGE_VISUALISATION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['role-edition', 'role-suppression'],
'privileges' => [Privileges::DROIT_ROLE_EDITION],
],
[
'controller' => 'UnicaenAuth\Controller\Droits',
'action' => ['privileges-modifier'],
'privileges' => [Privileges::DROIT_PRIVILEGE_EDITION],
],
],
],
],
'zfcuser' => [ 'zfcuser' => [
'enable_registration' => isset($settings['enable_registration']) ? $settings['enable_registration'] : false, $k = 'enable_registration' => isset($settings[$k]) ? $settings[$k] : false,
],
'navigation' => [
// The DefaultNavigationFactory we configured uses 'default' as the sitemap key
'default' => [
// And finally, here is where we define our page hierarchy
'home' => [
'pages' => [
'droits' => [
'label' => 'Droits d\'accès',
'title' => 'Gestion des droits d\'accès',
'route' => 'droits',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'index'),
'pages' => [
'roles' => [
'label' => "Rôles",
'title' => "Gestion des rôles",
'route' => 'droits/roles',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'roles'),
'withtarget' => true,
],
'privileges' => [
'label' => "Privilèges",
'title' => "Gestion des privilèges",
'route' => 'droits/privileges',
'resource' => \UnicaenAuth\Guard\PrivilegeController::getResourceId('UnicaenAuth\Controller\Droits', 'privileges'),
'withtarget' => true,
],
],
],
],
],
],
], ],
]; ];
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment