Config : ajout de la config BjyAuthorize par défaut (était à tort dans le...

Config : ajout de la config BjyAuthorize par défaut (était à tort dans le module UnicaenApp!) et modif de la config "dist".

config/module.config.php

@@ -58,9 +58,60 @@ $zfcuserSettings = array(
         100 => 'UnicaenAuth\Authentication\Adapter\Cas',  //         ensuite (si échec d'authentification Db)
     ),
 );
+$bjyauthorize = array(
+    /* this module uses a meta-role that inherits from any roles that should
+     * be applied to the active user. the identity provider tells us which
+     * roles the "identity role" should inherit from.
+     *
+     * for ZfcUser, this will be your default identity provider
+     */
+    'identity_provider' => 'UnicaenAuth\Provider\Identity\LdapPeople',
+    
+    /* role providers simply provide a list of roles that should be inserted
+     * into the Zend\Acl instance. the module comes with two providers, one
+     * to specify roles in a config file and one to load roles using a
+     * Zend\Db adapter.
+     */
+    'role_providers' => array(
+        /* here, 'guest' and 'user are defined as top-level roles, with
+         * 'admin' inheriting from user
+         */
+        'BjyAuthorize\Provider\Role\Config' => array(
+            'guest' => array(), // rôle par défaut
+//            'user'  => array('children' => array(
+//                'admin' => array(),
+//            )),
+        ),
+    ),
+
+    // strategy service name for the strategy listener to be used when permission-related errors are detected
+    'unauthorized_strategy' => 'BjyAuthorize\View\RedirectionStrategy',
+        
+    /* Currently, only controller and route guards exist
+     */
+    'guards' => array(
+        /* If this guard is specified here (i.e. it is enabled), it will block
+         * access to all controllers and actions unless they are specified here.
+         * You may omit the 'action' index to allow access to the entire controller
+         */
+        'BjyAuthorize\Guard\Controller' => array(
+            array('controller' => 'index', 'action' => 'index',                                 'roles' => array('guest')),
+            array('controller' => 'zfcuser',                                                    'roles' => array('guest')),
+            array('controller' => 'Application\Controller\Index',                               'roles' => array('guest')),
+
+            array('controller' => 'UnicaenApp\Controller\Application:etab',                     'roles' => array('guest')),
+            array('controller' => 'UnicaenApp\Controller\Application:apropos',                  'roles' => array('guest')),
+            array('controller' => 'UnicaenApp\Controller\Application:contact',                  'roles' => array('guest')),
+            array('controller' => 'UnicaenApp\Controller\Application:plan',                     'roles' => array('guest')),
+            array('controller' => 'UnicaenApp\Controller\Application:mentions-legales',         'roles' => array('guest')),
+            array('controller' => 'UnicaenApp\Controller\Application:informatique-et-libertes', 'roles' => array('guest')),
+        ),
+    ),
+);
 
 return array(
     'zfcuser' => $zfcuserSettings,
+    'bjyauthorize' => $bjyauthorize,
     'unicaen-auth' => $settings,
     'service_manager' => array(
         'factories' => array(

config/module.unicaen-auth.local.php.dist

@@ -15,7 +15,7 @@ $settings = array(
 //        'connection' => array(
 //            'default' => array(
 //                'params' => array(
-//                    'hostname' => 'cas.unicaen.fr',
+//                    'hostname' => 'host.domain.fr',
 //                    'port' => 443,
 //                    'version' => "2.0",
 //                    'uri' => "",