Commit 9f0cf3ea authored by David Surville's avatar David Surville
Browse files

Merge branch 'zf-3.0'

parents 617a8566 84b1adb6
CHANGELOG
=========
3.0.0 (01/10/2020)
------------------
- Adaptation du code pour le passage à ZF3.
- Scission des classes liées aux entités ("Generic", "Group", "People", "Root", "Structure" et "System") en deux classes :
- classe de base avec un setter pour (presque) chaque attribut Ldap
- classe qui hérite de la classe de base avec des fonctions spécifiques à l'entité
- Gestions des attributs "supannActivite", "ucbnSecteurDisciplinaire" et "supannEmpCorps"
- Ajout des getters pour les attributs de la classe "People" : "rid", "sambaSID", "uidNumber", "gidNumber", "loginShell" et "homeDirectory"
- Ajout des setters pour les différents attributs liés aux structures de la classe "People"
- Ajout des attributs cachés "createTimestamp" et "modifyTimestamp" comme DateTimeAttributes
- Ajout des setters pour les attributs de la classe "People" : "supannEtablissement", "supannEtuAnneeInscription", "supannEtuCursusAnnee", "supannEtuDiplome" et "supannEtuEtape"
- Ajout des setters pour les attributs de la classe "People" : "supannEtuInscription", "ucbnSiteLocalisation", "ucbnAnneePostBac", "ucbnCodeEtape", "ucbnEtuComplementInscription",
"ucbnPrivateAddress", "ucbnPrivateAddresseBis", "supannEtuElementPedagogique", "supannEtuRegimeInscription", "supannEtuSecteurDisciplinaire"
et "supannEtuTypeDiplome"
- Gestion de la modification de l'attribut "supannRefId" par étiquette
- Ajout de fonctions de vérification du statut d'une personne dans la classe "People"
- Fonction de récupération de champs date au format Php DateTime
- Mise en place d'une entité "Root" pour gérer la racine de l'annuaire Ldap et d'un service associé
- Ajout des setters pour les attributs de la classe "People" : "supannAutreMail" et "mailForwardingAddress"
# UnicaenLdap
* [Introduction](#introduction)
* [Installation](#installation)
* [Configuration](#configuration)
## Introduction
Ce module permet de se connecter à l'annuaire Ldap de l'université et de consulter/modifier ses données.
## Pré-requis
L'utilisation de ce module nécessite l'installation de l'extension `ext-ldap` de PHP.
## Installation
```bash
$ composer require unicaen/ldap
```
## Configuration
> Récupérer les fichiers de config du module
```bash
$ cp -n vendor/unicaen/zimbra/config/unicaen-ldap.local.php.dist config/autoload/unicaen-ldap.local.php
```
> Adapter le contenu à vos besoins en configurant notamment les paramètres de connexion au serveur Ldap.
```php
'unicaen-ldap' => [
'host' => 'ldap-test.unicaen.fr',
'port' => 389,
'version' => 3,
'baseDn' => "dc=unicaen,dc=fr", // racine de l'annuaire
'bindRequiresDn' => true,
'username' => "uid=xxxx,ou=system,dc=unicaen,dc=fr",
'password' => "xxxx",
'accountFilterFormat' => "(&(objectClass=supannPerson)(supannAliasLogin=%s))",
]
```
\ No newline at end of file
......@@ -14,51 +14,54 @@ use UnicaenLdap\Service\Group as LdapGroupService;
use UnicaenLdap\Service\GroupFactory as GroupServiceFactory;
use UnicaenLdap\Service\People as LdapPeopleService;
use UnicaenLdap\Service\PeopleFactory as PeopleServiceFactory;
use UnicaenLdap\Service\Root as LdapRootService;
use UnicaenLdap\Service\RootFactory as RootServiceFactory;
use UnicaenLdap\Service\Structure as LdapStructureService;
use UnicaenLdap\Service\StructureFactory as StructureServiceFactory;
use UnicaenLdap\Service\System as LdapSystemService;
use UnicaenLdap\Service\SystemFactory as SystemServiceFactory;
use Zend\ServiceManager\Proxy\LazyServiceFactory;
;;
return array(
'unicaen-ldap' => [
],
'service_manager' => [
'factories' => [
'Ldap' => LdapFactory::class,
'LdapOptions' => ModuleOptionsFactory::class,
'LdapServiceGeneric' => GenericServiceFactory::class,
'LdapServiceGroup' => GroupServiceFactory::class,
'LdapServicePeople' => PeopleServiceFactory::class,
'LdapServiceStructure' => StructureServiceFactory::class,
'LdapServiceSystem' => SystemServiceFactory::class,
'Ldap' => LdapFactory::class,
'LdapOptions' => ModuleOptionsFactory::class,
'LdapServiceGeneric' => GenericServiceFactory::class,
'LdapServiceGroup' => GroupServiceFactory::class,
'LdapServicePeople' => PeopleServiceFactory::class,
'LdapServiceRoot' => RootServiceFactory::class,
'LdapServiceStructure' => StructureServiceFactory::class,
'LdapServiceSystem' => SystemServiceFactory::class,
],
'aliases' => [
'ldap' => 'Ldap',
'ldapOptions' => 'LdapOptions',
'ldapServiceGeneric' => 'LdapServiceGeneric',
'ldapServiceGroup' => 'LdapServiceGroup',
'ldapServicePeople' => 'LdapServicePeople',
'ldapServiceStructure' => 'LdapServiceStructure',
'ldapServiceSystem' => 'LdapServiceSystem',
LdapGenericService::class => 'LdapServiceGeneric',
LdapPeopleService::class => 'LdapServicePeople',
LdapGroupService ::class => 'LdapServiceGroup',
LdapStructureService::class => 'LdapServiceStructure',
LdapSystemService::class => 'LdapServiceSystem',
'ldap' => 'Ldap',
'ldapOptions' => 'LdapOptions',
'ldapServiceGeneric' => 'LdapServiceGeneric',
'ldapServiceGroup' => 'LdapServiceGroup',
'ldapServicePeople' => 'LdapServicePeople',
'ldapServiceRoot' => 'LdapServiceRoot',
'ldapServiceStructure' => 'LdapServiceStructure',
'ldapServiceSystem' => 'LdapServiceSystem',
LdapGenericService::class => 'LdapServiceGeneric',
LdapGroupService ::class => 'LdapServiceGroup',
LdapPeopleService::class => 'LdapServicePeople',
LdapRootService::class => 'LdapServiceRoot',
LdapStructureService::class => 'LdapServiceStructure',
LdapSystemService::class => 'LdapServiceSystem',
],
'lazy_services' => [
// Mapping services to their class names is required since the ServiceManager is not a declarative DIC.
'class_map' => [
'LdapServicePeople' => LdapPeopleService::class,
'LdapServiceGeneric' => LdapGenericService::class,
'LdapServiceGroup' => LdapGroupService::class,
'LdapServiceStructure' => LdapStructureService::class,
'LdapServiceSystem' => LdapSystemService::class,
'LdapServicePeople' => LdapPeopleService::class,
'LdapServiceGeneric' => LdapGenericService::class,
'LdapServiceGroup' => LdapGroupService::class,
'LdapServiceRoot' => LdapRootService::class,
'LdapServiceStructure' => LdapStructureService::class,
'LdapServiceSystem' => LdapSystemService::class,
],
],
'delegators' => [
......@@ -71,14 +74,15 @@ return array(
'LdapServiceGroup' => [
LazyServiceFactory::class,
],
'LdapServiceRoot' => [
LazyServiceFactory::class,
],
'LdapServiceStructure' => [
LazyServiceFactory::class,
],
'LdapServiceSystem' => [
LazyServiceFactory::class,
],
],
],
);
<?php
return array(
'unicaen-ldap' => array(
'host' => 'host.domain.fr',
'port' => 389,
'version' => 3,
'baseDn' => "ou=xxxxxxxxxxx,dc=domain,dc=fr",
'bindRequiresDn' => true,
'username' => "uid=xxxxxxxxx,ou=xxxxxxxxxx,dc=domain,dc=fr",
'password' => "xxxxxxxxxxxx",
'accountFilterFormat' => "(&(objectClass=posixAccount)(supannAliasLogin=%s))",
)
);
return [
'unicaen-ldap' => [
'host' => 'host.domain.fr',
'port' => 389,
'version' => 3,
'baseDn' => "dc=domain,dc=fr", // racine de l'annuaire
'bindRequiresDn' => true,
'username' => "uid=xxxxxxxxx,ou=xxxxxxxxxx,dc=domain,dc=fr",
'password' => "xxxxxxxxxxxx",
'accountFilterFormat' => "(&(objectClass=posixAccount)(supannAliasLogin=%s))",
]
];
<?php
namespace UnicaenLdap\Entity\Base;
use UnicaenLdap\Entity\Entity;
use UnicaenLdap\Exception;
use Zend\Ldap\Attribute;
use Zend\Ldap\Exception\LdapException;
/**
* Classe mère des entités de la branche "generic" de l'annuaire LDAP.
*
* @author David Surville <david.surville@unicaen.fr>
*/
class Generic extends Entity
{
/**
* @var string
*/
protected $type = 'Generic';
/**
* Liste des classes d'objet nécessaires à la création d'une adresse générique
*
* @var array
*/
protected $objectClass = [
'top',
'inetOrgPerson',
'organizationalPerson',
'person',
];
/**
* Liste des attributs autorisés pour une entité "Generic"
*
* @var array
*/
protected $authorizedAttributes = [
// Attributes classes
'objectClass',
// Attributes
'cn',
'description',
'mail',
'sn',
'supannAliasLogin',
'ucbnServiceIMAP',
'userPassword',
];
/**
* Liste des attributs contenant des dates
*
* @var string[]
*/
protected $dateTimeAttributes = [
];
/**
* Liste des attributs monovalués
*
* @var array
*/
protected $monoValuedAttributes = [
'supannALiasLogin',
'ucbnServiceIMAP',
'userPassword',
];
/**
* Attribut Ldap "cn"
*
* @param array|string|null $value
* @param bool $append
* @return self
*/
public function setCn($value = null, $append = false)
{
$value = $this->preFormat($value);
$this->appendOrNot('cn', $value, $append);
return $this;
}
/**
* Attribut Ldap "description"
*
* @param array|string|null $value
* @param bool $append
* @return self
*/
public function setDescription($value = null, $append = false)
{
$value = $this->preFormat($value);
$this->appendOrNot('description', $value, $append);
return $this;
}
/**
* Attribut Ldap "mail"
*
* @param array|string|null $value
* @param bool $append
* @return self
* @throws Exception
* @throws LdapException
*/
public function setMail($value = null, $append = false)
{
$value = $this->preFormat($value);
$value = array_filter(filter_var_array($value, FILTER_VALIDATE_EMAIL));
$this->appendOrNot('mail', $value, $append);
return $this;
}
/**
* Attribut Ldap "sn"
*
* @param array|string|null $value
* @param bool $append
* @return self
*/
public function setSn($value = null, $append = false)
{
$value = $this->preFormat($value);
$this->appendOrNot('sn', $value, $append);
return $this;
}
/**
* Attribut Ldap "supannALiasLogin"
*
* @param array|string|null $value
* @param bool $append
* @return self
* @throws Exception
* @throws LdapException
*/
public function setSupannAliasLogin($value = null, $append = false)
{
$value = $this->preFormat($value);
$value = array_map('strtolower', $value);
$value = array_filter($value, function ($v) {
return preg_match('/^[0-9a-z\-]+$/', $v);
});
$this->appendOrNot('supannAliasLogin', $value, $append);
return $this;
}
/**
* Attribut Ldap "ucbnServiceIMAP"
*
* @param array|string|null $value
* @param bool $append
* @return self
* @throws Exception
* @throws LdapException
*/
public function setUcbnServiceIMAP($value = null, $append = false)
{
$value = $this->preFormat($value);
$value = array_map([$this, 'formatBoolean'], $value);
$this->appendOrNot('ucbnServiceIMAP', $value, $append);
return $this;
}
/**
* Attribut Ldap "userPassword"
*
* @param string $value
* @return self
* @throws LdapException
*/
public function setUserPassword(string $value)
{
$this->getNode()->setPasswordAttribute($value, Attribute::PASSWORD_HASH_SHA, 'userPassword');
return $this;
}
}
\ No newline at end of file
<?php
namespace UnicaenLdap\Entity\Base;
use UnicaenLdap\Entity\Entity;
use UnicaenLdap\Entity\People as PeopleEntity;
use UnicaenLdap\Entity\Structure as StructureEntity;
use UnicaenLdap\Entity\System as SystemEntity;
use UnicaenLdap\Exception;
use Zend\Ldap\Dn;
use Zend\Ldap\Exception\LdapException;
/**
* Classe mère des entités de la branche "groups" de l'annuaire LDAP.
*
* @author David Surville <david.surville@unicaen.fr>
*/
class Group extends Entity
{
/**
* Membre par défaut d'un groupe lorsque le groupe est vide
*/
const MEMBER_NOBODY = 'nobody';
/**
* @var string
*/
protected $type = 'Group';
/**
* Liste des classes d'objet nécessaires à la création d'un groupe
*
* @var string[]
*/
protected $objectClass = [
'top',
'groupOfNames',
'supannGroupe',
];
/**
* Liste des attributs autorisés pour une entité "Group"
*
* @var array
*/
protected $authorizedAttributes = [
// Attributes classes
'objectClass',
// Attributes
'description',
'member',
'owner',
'supannGroupeDateFin',
'supannGroupeLecteurDN',
'supannGroupeAdminDN',
'supannRefId',
];
/**
* Liste des attributs contenant des dates
*
* @var string[]
*/
protected $dateTimeAttributes = [
'supannGroupeDateFin',
];
/**
* Liste des attributs monovalués
*
* @var array
*/
protected $monoValuedAttributes = [
'supannGroupeDateFin',
];
/**
* Retourne le DN du membre par défaut
*
* @return string
*/
public function getMemberNobody()
{
return sprintf('uid=%s,%s',
self::MEMBER_NOBODY,
$this->service->getLdapSystemService()->getBranches()[0]
);
}
/**
* Attribut Ldap "description"
*
* @param array|string|null $value
* @param bool $append
* @return self
*/
public function setDescription($value = null, $append = false)
{
$value = $this->preFormat($value);
$this->appendOrNot('description', $value, $append);
return $this;
}
/**
* Attribut Ldap "member"
*
* @param array|string|Dn|PeopleEntity|null $value
* @param bool $append
* @return self
* @throws Exception
* @throws LdapException
*/
public function setMember($value = null, $append = false)
{
$value = $this->preFormat($value);
$value = array_map(function ($val) {
if (is_string($val)) {
return Dn::checkDn($val) ? $val : null;
} elseif ($val instanceof Dn) {
return $val->toString();
} elseif ($val instanceof PeopleEntity) {
return $val->getDn();
} else {
return null;
}
}, $value);
$this->appendOrNot('member', array_filter($value), $append);
return $this;
}
/**
* Attribut Ldap "owner"
*
* @param array|string|Dn|PeopleEntity|null $value
* @param bool $append
* @return self
* @throws Exception
* @throws LdapException
*/
public function setOwner($value = null, $append = false)
{
$value = $this->preFormat($value);
$value = array_map(function ($val) {
if (is_string($val)) {
return Dn::checkDn($val) ? $val : null;
} elseif ($val instanceof Dn) {
return $val->toString();
} elseif ($val instanceof PeopleEntity) {
return $val->getDn();
} else {
return null;
}
}, $value);
$this->appendOrNot('owner', array_filter($value), $append);
return $this;
}
/**
* Attribut Ldap "supannGroupeDateFin"
*
* @param array|string|DateTime|null $value
* @param bool $append
* @return self
* @throws Exception
* @throws LdapException
*/
public function setSupannGroupeDateFin($value = null, $append = false)
{
$value = $this->preFormat($value);
$value = array_map(function ($val) {
if (is_string($val)) {
$val = new DateTime($val, new \DateTimeZone('+0000')); // définition du timezone à +0h
}
return (int)$val->format('U');
}, $value);
$this->appendOrNot('supannGroupeDateFin', $value, $append);
return $this;
}
/**
* Attribut Ldap "supannGroupeLecteurDN"
*
* @param array|string|Dn|PeopleEntity|null $value
* @param bool $append
* @return self
* @throws Exception
* @throws LdapException
*/
public function setSupannGroupeLecteurDN($value = null, $append = false)
{
$value = $this->preFormat($value);
$value = array_map(function ($val) {
if (is_string($val)) {
return Dn::checkDn($val) ? $val : null;
} elseif ($val instanceof Dn) {
return $val->toString();
} elseif ($val instanceof PeopleEntity) {
return $val->getDn();
} elseif ($val instanceof SystemEntity) {
return $val->getDn();
}
else {
return null;
}
}, $value);
$this->appendOrNot('supannGroupeLecteurDN', array_filter($value), $append);
return $this;
}
/**
* Attribut Ldap "supannGroupeAdminDN"
*
* @param array|string|Dn|PeopleEntity|null $value
* @param bool $append
* @return self
* @throws Exception
* @throws LdapException
*/
public function setSupannGroupeAdminDN($value = null, $append = false)
{
$value = $this->preFormat($value);
$value = array_map(function ($val) {
if (is_string($val)) {