From 923c6c0b42cb5782a8e52a72535d863ed0cf472d Mon Sep 17 00:00:00 2001 From: afornerot Date: Wed, 30 Sep 2020 13:55:31 +0200 Subject: [PATCH] resolution attribut sso en tableau --- .../Controller/SecurityController.php | 54 ++++++++++++++----- .../CASBundle/Resources/config/routing.yml | 4 ++ .../Resources/views/Test/test.html.twig | 35 ++++++++++++ .../CoreBundle/Command/InitDataCommand.php | 14 +++++ .../CoreBundle/Repository/GroupRepository.php | 10 ++-- .../Repository/Niveau01Repository.php | 10 ++-- sso/filtres/ninegate.ini | 12 ++--- 7 files changed, 108 insertions(+), 31 deletions(-) create mode 100644 src/ninegate-1.0/src/Cadoles/CASBundle/Resources/views/Test/test.html.twig diff --git a/src/ninegate-1.0/src/Cadoles/CASBundle/Controller/SecurityController.php b/src/ninegate-1.0/src/Cadoles/CASBundle/Controller/SecurityController.php index c351f5d5..a33dfec5 100644 --- a/src/ninegate-1.0/src/Cadoles/CASBundle/Controller/SecurityController.php +++ b/src/ninegate-1.0/src/Cadoles/CASBundle/Controller/SecurityController.php @@ -28,7 +28,7 @@ class SecurityController extends Controller $masteridentity=$this->getParameter("masteridentity"); // Init Client CAS - \phpCAS::setDebug(false); + \phpCAS::setDebug("/var/log/phpcas/phpCAS-ninegate.log"); \phpCAS::client(CAS_VERSION_2_0, $this->getParameter('cas_host'), $this->getParameter('cas_port'), is_null($this->getParameter('cas_path')) ? '' : $this->getParameter('cas_path'), false); \phpCAS::setNoCasServerValidation(); @@ -42,12 +42,6 @@ class SecurityController extends Controller // Récupération Attribut $attributes = \phpCAS::getAttributes(); - // Suppression des Attributs en tableaux - foreach ($attributes as $key => $value) { - if(is_array($value)) - unset($attributes[$key]); - } - // Rechercher l'utilisateur $em = $this->getDoctrine()->getManager(); if(isset($attributes[$this->getParameter('user_attr_cas_username')])) @@ -62,6 +56,7 @@ class SecurityController extends Controller if(isset($attributes[$this->getParameter('user_attr_cas_firstname')])) $firstname = $attributes[$this->getParameter('user_attr_cas_firstname')]; + $user = $em->getRepository('CadolesCoreBundle:User')->findOneBy(array("username"=>$username)); $exists = $user ? true : false; @@ -108,7 +103,8 @@ class SecurityController extends Controller $em->flush(); // On calcule les groupes de l'utilisateur - $groups=$em->getRepository('CadolesCoreBundle:Group')->calculateGroup($user,$attributes); + $user=$em->getRepository('CadolesCoreBundle:Group')->calculateGroup($user,$attributes); + } } else { @@ -122,14 +118,15 @@ class SecurityController extends Controller // On s'assure que le niveau 02 appartient bien au niveau 01 calculé $sameniveau01=(!is_null($user->getNiveau02())&&$niveau01==$user->getNiveau02()->getNiveau01()); - // On calcule les groupes de l'utilisateur - $user=$groups=$em->getRepository('CadolesCoreBundle:Group')->calculateGroup($user,$attributes); - $user->setLastname($lastname); $user->setFirstname($firstname); $user->setEmail($email); if(!$sameniveau01) $user->setNiveau02(null); - + + // On calcule les groupes de l'utilisateur + $user=$em->getRepository('CadolesCoreBundle:Group')->calculateGroup($user,$attributes); + + $em->persist($user); $em->flush(); } @@ -179,4 +176,37 @@ class SecurityController extends Controller $url=$this->generateUrl('cadoles_core_home', array(), UrlGeneratorInterface::ABSOLUTE_URL); \phpCAS::logout(array("service"=>$url)); } + + public function testAction() { + $em = $this->getDoctrine()->getManager(); + + // Init Client CAS + \phpCAS::setDebug("/var/log/phpcas/phpCAS-ninegate.log"); + \phpCAS::client(CAS_VERSION_2_0, $this->getParameter('cas_host'), $this->getParameter('cas_port'), is_null($this->getParameter('cas_path')) ? '' : $this->getParameter('cas_path'), false); + \phpCAS::setNoCasServerValidation(); + + + // Authentification + \phpCAS::forceAuthentication(); + + // Récupération UID + $username = \phpCAS::getUser(); + + // Récupération Attribut + $attributes = \phpCAS::getAttributes(); + $user = $em->getRepository('CadolesCoreBundle:User')->findOneBy(array("username"=>$username)); + $niveau01=$em->getRepository('CadolesCoreBundle:Niveau01')->calculateNiveau01($attributes); + $user=$em->getRepository('CadolesCoreBundle:Group')->calculateGroup($user,$attributes); + + return $this->render('CadolesCASBundle:Test:test.html.twig',[ + 'useheader' => true, + 'usemenu' => false, + 'usesidebar' => false, + 'attributes' => $attributes, + 'user' => $user, + 'username' => $username, + 'niveau01' => $niveau01, + ]); + + } } diff --git a/src/ninegate-1.0/src/Cadoles/CASBundle/Resources/config/routing.yml b/src/ninegate-1.0/src/Cadoles/CASBundle/Resources/config/routing.yml index 728e4a44..f97aa770 100644 --- a/src/ninegate-1.0/src/Cadoles/CASBundle/Resources/config/routing.yml +++ b/src/ninegate-1.0/src/Cadoles/CASBundle/Resources/config/routing.yml @@ -6,3 +6,7 @@ cas_sp.logout: path: /logout defaults: { _controller: CadolesCASBundle:Security:logout } +cas_sp.test: + path: /test + defaults: { _controller: CadolesCASBundle:Security:test } + diff --git a/src/ninegate-1.0/src/Cadoles/CASBundle/Resources/views/Test/test.html.twig b/src/ninegate-1.0/src/Cadoles/CASBundle/Resources/views/Test/test.html.twig new file mode 100644 index 00000000..a1c7b0c7 --- /dev/null +++ b/src/ninegate-1.0/src/Cadoles/CASBundle/Resources/views/Test/test.html.twig @@ -0,0 +1,35 @@ +{% extends '@CadolesCore/base.html.twig' %} + +{% block pagewrapper %} +

TEST SSO

+ +

Atttribut SSO

+ {% for key, attribute in attributes %} + {% if attribute is iterable %} + {% for value in attribute %} + {{ key }} = {{ value }}
+ {% endfor %} + {% else %} + {{ key }} = {{ attribute }}
+ {% endif %} + {% endfor %} + + +

Correspondance Utilisateur Ninegate

+ username = {{ user.username }}
+ firstname = {{ user.firstname }}
+ lastname = {{ user.lastname }}
+ email = {{ user.email }}
+ +

Appartient au Niveau 01

+ {{ niveau01.label }} = {{ niveau01.attributes }} + +

Appartient aux Groupes

+ {% for usergroup in user.groups %} + {% if not usergroup.group.attributes is empty %} + {{usergroup.group.label}} = {{usergroup.group.attributes}}
+ {% endif %} + {% endfor %} + +






+{% endblock %} \ No newline at end of file diff --git a/src/ninegate-1.0/src/Cadoles/CoreBundle/Command/InitDataCommand.php b/src/ninegate-1.0/src/Cadoles/CoreBundle/Command/InitDataCommand.php index ad1a08ff..cfe337ac 100644 --- a/src/ninegate-1.0/src/Cadoles/CoreBundle/Command/InitDataCommand.php +++ b/src/ninegate-1.0/src/Cadoles/CoreBundle/Command/InitDataCommand.php @@ -151,6 +151,20 @@ class InitDataCommand extends ContainerAwareCommand } } + // On s'assure si masteridentity est à SSO qu'au minimum un niveau01 possède un attribut + if($masteridentity=="SSO") { + $niveau01=$em->createQueryBuilder()->select('n')->from('CadolesCoreBundle:Niveau01','n')->where('n.attributes IS NOT NULL')->getQuery()->getResult(); + if(!$niveau01) { + // Si ce n'est pas le cas on positionne un attribut ultra large sur le niveau01 de base + $niveau01=$group=$em->getRepository('CadolesCoreBundle:Niveau01')->find(-100); + $niveau01->setAttributes('{"username":"*"}'); + + $em->persist($niveau01); + $em->flush(); + } + } + + $output->writeln(''); } diff --git a/src/ninegate-1.0/src/Cadoles/CoreBundle/Repository/GroupRepository.php b/src/ninegate-1.0/src/Cadoles/CoreBundle/Repository/GroupRepository.php index bf3922b8..85a9e554 100644 --- a/src/ninegate-1.0/src/Cadoles/CoreBundle/Repository/GroupRepository.php +++ b/src/ninegate-1.0/src/Cadoles/CoreBundle/Repository/GroupRepository.php @@ -21,15 +21,15 @@ class GroupRepository extends \Doctrine\ORM\EntityRepository foreach($attgroup as $key => $value) { if(array_key_exists($key,$attruser)) { - if(is_array($value)) { - foreach($value as $val) { - if($val=="*") + if(is_array($attruser[$key])) { + foreach($attruser[$key] as $val) { + if($value=="*") $retgroups->add($group); - elseif($val==$attruser[$key]) + elseif($val==$value) $retgroups->add($group); } } - elseif(array_key_exists($key,$attruser)) { + else { if($value=="*") $retgroups->add($group); elseif($value==$attruser[$key]) diff --git a/src/ninegate-1.0/src/Cadoles/CoreBundle/Repository/Niveau01Repository.php b/src/ninegate-1.0/src/Cadoles/CoreBundle/Repository/Niveau01Repository.php index b221d163..deac4a9c 100644 --- a/src/ninegate-1.0/src/Cadoles/CoreBundle/Repository/Niveau01Repository.php +++ b/src/ninegate-1.0/src/Cadoles/CoreBundle/Repository/Niveau01Repository.php @@ -15,15 +15,15 @@ class Niveau01Repository extends \Doctrine\ORM\EntityRepository foreach($attniveau as $key => $value) { if(array_key_exists($key,$attruser)) { - if(is_array($value)) { - foreach($value as $val) { - if($val=="*") + if(is_array($attruser[$key])) { + foreach($attruser[$key] as $val) { + if($value=="*") return $niveau01; - elseif($val==$attruser[$key]) + elseif($val==$value) return $niveau01; } } - else if(array_key_exists($key,$attruser)) { + else { if($value=="*") return $niveau01; elseif($value==$attruser[$key]) diff --git a/sso/filtres/ninegate.ini b/sso/filtres/ninegate.ini index f61e4ce0..97099a10 100644 --- a/sso/filtres/ninegate.ini +++ b/sso/filtres/ninegate.ini @@ -1,14 +1,8 @@ -[user] +[attributes] user=uid - -[username] username=uid - -[firstname] firstname=givenName - -[lastname] lastname=sn +email=mail +user_groups=user_groups -[email] -email=mail \ No newline at end of file