From fe934407ddfd0e14967aff8ed084a69af7e7cb35 Mon Sep 17 00:00:00 2001
From: Bertrand Gauthier <bertrand.gauthier@unicaen.fr>
Date: Fri, 12 Apr 2013 11:41:52 +0000
Subject: [PATCH] =?UTF-8?q?Config=20:=20ajout=20de=20la=20config=20BjyAuth?=
=?UTF-8?q?orize=20par=20d=C3=A9faut=20(=C3=A9tait=20=C3=A0=20tort=20dans?=
=?UTF-8?q?=20le=20module=20UnicaenApp!)=20et=20modif=20de=20la=20config?=
=?UTF-8?q?=20"dist".?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
config/module.config.php | 51 +++++++++++++++++++++++
config/module.unicaen-auth.local.php.dist | 2 +-
2 files changed, 52 insertions(+), 1 deletion(-)
diff --git a/config/module.config.php b/config/module.config.php
index 6417843..d221922 100644
--- a/config/module.config.php
+++ b/config/module.config.php
@@ -58,9 +58,60 @@ $zfcuserSettings = array(
100 => 'UnicaenAuth\Authentication\Adapter\Cas', // ensuite (si échec d'authentification Db)
),
);
+$bjyauthorize = array(
+ /* this module uses a meta-role that inherits from any roles that should
+ * be applied to the active user. the identity provider tells us which
+ * roles the "identity role" should inherit from.
+ *
+ * for ZfcUser, this will be your default identity provider
+ */
+ 'identity_provider' => 'UnicaenAuth\Provider\Identity\LdapPeople',
+
+ /* role providers simply provide a list of roles that should be inserted
+ * into the Zend\Acl instance. the module comes with two providers, one
+ * to specify roles in a config file and one to load roles using a
+ * Zend\Db adapter.
+ */
+ 'role_providers' => array(
+ /* here, 'guest' and 'user are defined as top-level roles, with
+ * 'admin' inheriting from user
+ */
+ 'BjyAuthorize\Provider\Role\Config' => array(
+ 'guest' => array(), // rôle par défaut
+// 'user' => array('children' => array(
+// 'admin' => array(),
+// )),
+ ),
+ ),
+
+ // strategy service name for the strategy listener to be used when permission-related errors are detected
+ 'unauthorized_strategy' => 'BjyAuthorize\View\RedirectionStrategy',
+
+ /* Currently, only controller and route guards exist
+ */
+ 'guards' => array(
+ /* If this guard is specified here (i.e. it is enabled), it will block
+ * access to all controllers and actions unless they are specified here.
+ * You may omit the 'action' index to allow access to the entire controller
+ */
+ 'BjyAuthorize\Guard\Controller' => array(
+ array('controller' => 'index', 'action' => 'index', 'roles' => array('guest')),
+ array('controller' => 'zfcuser', 'roles' => array('guest')),
+ array('controller' => 'Application\Controller\Index', 'roles' => array('guest')),
+
+ array('controller' => 'UnicaenApp\Controller\Application:etab', 'roles' => array('guest')),
+ array('controller' => 'UnicaenApp\Controller\Application:apropos', 'roles' => array('guest')),
+ array('controller' => 'UnicaenApp\Controller\Application:contact', 'roles' => array('guest')),
+ array('controller' => 'UnicaenApp\Controller\Application:plan', 'roles' => array('guest')),
+ array('controller' => 'UnicaenApp\Controller\Application:mentions-legales', 'roles' => array('guest')),
+ array('controller' => 'UnicaenApp\Controller\Application:informatique-et-libertes', 'roles' => array('guest')),
+ ),
+ ),
+);
return array(
'zfcuser' => $zfcuserSettings,
+ 'bjyauthorize' => $bjyauthorize,
'unicaen-auth' => $settings,
'service_manager' => array(
'factories' => array(
diff --git a/config/module.unicaen-auth.local.php.dist b/config/module.unicaen-auth.local.php.dist
index a3cc2e9..5b051a3 100644
--- a/config/module.unicaen-auth.local.php.dist
+++ b/config/module.unicaen-auth.local.php.dist
@@ -15,7 +15,7 @@ $settings = array(
// 'connection' => array(
// 'default' => array(
// 'params' => array(
-// 'hostname' => 'cas.unicaen.fr',
+// 'hostname' => 'host.domain.fr',
// 'port' => 443,
// 'version' => "2.0",
// 'uri' => "",
--
GitLab