ninegate seth-aaf et seth-edu

2021-01-08 14:53:43 +01:00
parent a9c5b925fd
commit 0bc8bf71ce
6 changed files with 124 additions and 66 deletions
--- a/tmpl/ninegate-template.yml
+++ b/tmpl/ninegate-template.yml
@ -1,8 +1,5 @@
 # This file is auto-generated during the composer install
 parameters:
-    # Certaines trace seront visible via un passage à true de fgdebug
-    fgdebug: false
-
    # Determine qui est le maitre de l'identitité =  SQL / LDAP / SSO
    # Si SQL cela veut dire que c'est l'applicatif qui gère les utilisateurs
    # Sinon la source est externe soit via un annuaire soit via des attributs venant d'un SSO
@ -118,16 +115,25 @@ parameters:
 %end if

    # Information de base de l'annuaire
-    ldap_host: %%adresse_ip_ldap
+    ldap_host: ldap://%%adresse_ip_ldap
    ldap_port: %%ldap_port
+%if %%getVar("ldap_tls","non") == "oui"
+    ldap_tls: true
+%else
+    ldap_tls: false
+%end if
 %if %%getVar("activer_admin_passfile", 'non') == "oui"
+    %if %%getVar("ldap_writer", '') == ""
    ldap_user: cn=admin,o=gouv,c=fr
+    %else
+    ldap_user: %%ldap_writer
+    %end if
    ldap_password: %%pwdreader("",%%ldap_admin_passfile)
 %else
    ldap_user: %%ldap_reader
    ldap_password: %%pwdreader("",%%ldap_reader_passfile)
 %end if
-    ldap_basedn: o=gouv,c=fr
+    ldap_basedn: %%ldap_base_dn

    # Mise en page
    weburl: %%web_url
@ -162,15 +168,28 @@ parameters:
 %end if

 %if %%getVar("ninegate_test_conf_ldap", 'non') == "oui"    
-    ldap_baseuser: ou=users,ou=%%ninegate_organization,o=gouv,c=fr
-    ldap_baseniveau01: ou=%%ninegate_niveau01branche,ou=%%ninegate_organization,o=gouv,c=fr
-    ldap_baseniveau02: ou=%%ninegate_niveau02branche,ou=%%ninegate_organization,o=gouv,c=fr
-    ldap_basegroup: ou=groups,ou=%%ninegate_organization,o=gouv,c=fr
+    ldap_baseuser: ou=users,ou=%%ninegate_organization,%%ldap_base_dn
+    ldap_baseniveau01: ou=%%ninegate_niveau01branche,ou=%%ninegate_organization,%%ldap_base_dn
+    ldap_baseniveau02: ou=%%ninegate_niveau02branche,ou=%%ninegate_organization,%%ldap_base_dn
+    ldap_basegroup: ou=groups,ou=%%ninegate_organization,%%ldap_base_dn
+%else if %%getVar("ninegate_ldaptemplate", 'open') == "open"   
+    %if not %%is_empty(%%ninegate_openldapsubbranchuser)
+    ldap_baseuser: %%ninegate_openldapsubbranchuser
+    %else
+    ldap_baseuser: %%ldap_base_dn
+    %end if 
+    ldap_baseniveau01: %%ldap_base_dn
+    ldap_baseniveau02: %%ldap_base_dn
+    %if not %%is_empty(%%ninegate_openldapsubbranchgroup)
+    ldap_basegroup: %%ninegate_openldapsubbranchgroup
+    %else
+    ldap_basegroup: %%ldap_base_dn
+    %end if
 %else
-    ldap_baseuser: 
-    ldap_baseniveau01: 
-    ldap_baseniveau02: 
-    ldap_basegroup:     
+    ldap_baseuser: %%ldap_base_dn
+    ldap_baseniveau01: %%ldap_base_dn
+    ldap_baseniveau02: %%ldap_base_dn
+    ldap_basegroup: %%ldap_base_dn
 %end if

    # Si masteridentity est à LDAP = quel est le modele d'organisation
@ -183,10 +202,11 @@ parameters:
 %end if

    # Si masteridentity est à LDAP = quel champs sont à récupérer = faudrait templetiser dans genconfig
-    ldap_username: uid
+    ldap_username: %%ldap_match_attribute
    ldap_firstname: givenname
    ldap_lastname: sn
-    ldap_email: mail
+    ldap_email: %%ldap_fill_mail
+    ldap_member: %%ldap_member_group_attribute
    %if %%getVar("activer_addadmin", 'non') == "oui"
    ldap_usersadmin: [admin,%%uid_addadmin]
    %else
@ -472,7 +492,7 @@ parameters:

    # Si mode_auth = CAS
    cas_host: %%eolesso_adresse
-    cas_path: %%getVar("eolesso_cas_folder", '')
+    cas_path: %%eolesso_cas_folder
    cas_port: %%eolesso_port

    # Si mode_aut = SAML
@ -495,18 +515,10 @@ parameters:
    ssosynchrogroup: true
    user_attr_cas_group: %%ninegate_ssoreqgroup
 %else
-    ssosynchrogroup: false
+    ssosynchrogroup: fase
    user_attr_cas_group: 
 %end if

-%if %%getVar("ninegate_ssosynchroitem", 'non') == "oui" 
-    ssosynchroitem: true
-    user_attr_cas_item: %%ninegate_ssoreqitem
-%else
-    ssosynchroitem: false
-    user_attr_cas_item: 
-%end if
-
 %if %%is_defined("ninegate_smtpport")
    mailer_port: '%%ninegate_smtpport'
    mailer_encryption: %%ninegate_smtpencryption
@ -542,7 +554,6 @@ doctrine:
                    CadolesCronBundle: ~
                    CadolesPortalBundle: ~
                    CadolesWebsocketBundle: ~
-                    CadolesEdispatcherBundle: ~