Cadoles/nineskeletor
10
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
nineskeletor/src/Command/SynchroCommand.php

917 lines
42 KiB
PHP
Raw Normal View History

first commit symfony 6
2022-07-21 16:15:47 +02:00
<?php
namespace App\Command;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Filesystem\Filesystem;
use Ramsey\Uuid\Uuid;
use App\Service\LdapService;
use App\Service\ApiService;
use App\Entity\Niveau01;
use App\Entity\Niveau02;
use App\Entity\User;
use App\Entity\Group;
use App\Entity\UserGroup;
class SynchroCommand extends Command
{
public function __construct(ContainerInterface $container,EntityManagerInterface $em,LdapService $ldapservice,ApiService $apiservice)
{
parent::__construct();
$this->container = $container;
$this->em = $em;
$this->ldap = $ldapservice;
$this->apiservice = $apiservice;
}
protected function configure()
{
$this
->setName('app:Synchro')
->setDescription('Synchronisation Annuaire')
->setHelp('This command Synchro for Core')
;
}
protected function execute(InputInterface $input, OutputInterface $output)
{
$this->output = $output;
$this->filesystem = new Filesystem();
$this->rootlog = $this->container->get('kernel')->getLogDir()."/";
$this->appMasteridentity = $this->container->getParameter('appMasteridentity');
$appSynchro = $this->container->getParameter('appSynchro');
$this->synchro = $this->container->getParameter("appSynchro");
$this->synchropurgeniveau01 = $this->container->getParameter("appSynchroPurgeNiveau01");
$this->synchropurgeniveau02 = $this->container->getParameter("appSynchroPurgeNiveau02");
$this->synchropurgegroup = $this->container->getParameter("appSynchroPurgeGroup");
$this->synchropurgeuser = $this->container->getParameter("appSynchroPurgeUser");
$this->host = $this->container->getParameter("ldapHost");
$this->port = $this->container->getParameter("ldapPort");
$this->usetls = $this->container->getParameter("ldapUsetls");
$this->userwriter = $this->container->getParameter("ldapUserwriter");
$this->user = $this->container->getParameter("ldapUser");
$this->password = $this->container->getParameter("ldapPassword");
$this->basedn = $this->container->getParameter("ldapBasedn");
$this->baseorganisation = $this->container->getParameter("ldapBaseorganisation");
$this->baseniveau01 = $this->container->getParameter("ldapBaseniveau01");
$this->baseniveau02 = $this->container->getParameter("ldapBaseniveau02");
$this->basegroup = $this->container->getParameter("ldapBasegroup");
$this->baseuser = $this->container->getParameter("ldapBaseuser");
$this->username = $this->container->getParameter("ldapUsername");
$this->firstname = $this->container->getParameter("ldapFirstname");
$this->lastname = $this->container->getParameter("ldapLastname");
$this->email = $this->container->getParameter("ldapEmail");
$this->avatar = $this->container->getParameter("ldapAvatar");
$this->memberof = $this->container->getParameter("ldapMemberof");
$this->groupgid = $this->container->getParameter("ldapGroupgid");
$this->groupname = $this->container->getParameter("ldapGroupname");
$this->groupmember = $this->container->getParameter("ldapGroupmember");
$this->groupmemberisdn = $this->container->getParameter("ldapGroupmemberisdn");
$this->filtergroup = $this->container->getParameter("ldapFiltergroup");
$this->filteruser = $this->container->getParameter("ldapFilteruser");
switch($appSynchro){
case "LDAP2NINE":
$return=$this->ldap2nine();
break;
case "NINE2LDAP":
$return=$this->nine2ldap();
break;
case "NINE2NINE":
$return=$this->nine2nine();
break;
first commit symfony 6
2022-07-22 13:35:04 +00:00
default:
$return=Command::SUCCESS;
break;
first commit symfony 6
2022-07-21 16:15:47 +02:00
}
$this->writeln('');
return $return;
}
private function ldap2nine()
{
$this->writelnred('');
$this->writelnred('== app:Synchro');
$this->writelnred('==========================================================================================================');
// Synchronisation ldap2nine possible uniquement si appMasteridentity=LDAP or SSO
if($this->appMasteridentity!="LDAP"&&$this->appMasteridentity!="SSO") {
$this->writeln("Synchronisation impossible si appMasteridentity!=LDAP et appMasteridentity!=SSO");
return Command::FAILURE;
}
// Synchronisation impossible si aucune connexion à l'annuaire
if(!$this->ldap->connect()) {
$this->writeln("Synchronisation impossible connexion impossible à l'annuaire");
return Command::FAILURE;
}
$this->writeln('');
$this->writeln('=====================================================');
$this->writeln('== SYNCHONISATION LDAP TO NINE ======================');
$this->writeln('=====================================================');
$tbniveau01members=[];
$tbgroupmembers=[];
$tbniveau01s=[];
$tbgroups=[];
$tbusers=[];
$ldapniveau01s=$this->em->createQueryBuilder()->select('entity')->from('App:Niveau01','entity')->where('entity.ldapfilter IS NOT NULL')->getQuery()->getResult();
$ldapgroups=$this->em->createQueryBuilder()->select('entity')->from('App:Group','entity')->where('entity.ldapfilter IS NOT NULL')->getQuery()->getResult();
$fgsynchroniveau01s=(!empty($this->baseniveau01)&&!empty($this->groupgid)&&!empty($this->groupname)&&!empty($this->filtergroup));
$fgsynchrogroups=(!empty($this->basegroup)&&!empty($this->groupgid)&&!empty($this->groupname)&&!empty($this->filtergroup));
$fgsynchrousers=(!empty($this->baseuser)&&!empty($this->username)&&!empty($this->email)&&!empty($this->filteruser));
$fgsynchropurgeniveau01s=($fgsynchroniveau01s&&$this->synchropurgeniveau01);
$fgsynchropurgegroups=($fgsynchrogroups&&$this->synchropurgegroup);
$fgsynchropurgeusers=($fgsynchrousers&&$this->synchropurgeuser);
// Synchronisation des niveau01s
if($fgsynchroniveau01s) {
$this->writeln('');
$this->writeln('== NIVEAU01 =========================================');
$ldapentrys=$this->ldap->search($this->filtergroup,[$this->groupgid,$this->groupname,$this->groupmember],$this->baseniveau01);
foreach($ldapentrys as $ldapentry) {
$niveau01other=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["label"=>$ldapentry[$this->groupname]]);
if($niveau01other&&$niveau01other->getIdexternal()!=$ldapentry[$this->groupgid]) {
$this->writelnred(" > ".$ldapentry[$this->groupname]." = Impossible à synchroniser un autre niveau01 existe déjà avec ce label");
continue;
}
// On recherche le groupe via le gid
$this->writeln(' > '.$ldapentry[$this->groupname]);
$niveau01=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["idexternal"=>$ldapentry[$this->groupgid]]);
if(!$niveau01) {
$niveau01=new Niveau01();
$niveau01->setApikey(Uuid::uuid4());
$this->em->persist($niveau01);
}
$niveau01->setIdexternal($ldapentry[$this->groupgid]);
$niveau01->setLabel($ldapentry[$this->groupname]);
$niveau01->setLdapfilter("(".$this->groupname."=".$ldapentry[$this->groupname].")");
$this->em->flush();
// Sauvegarde du niveau01ldap
array_push($tbniveau01s,$ldapentry[$this->groupname]);
// Sauvegarde des membres du niveau01
if(!empty($ldapentry[$this->groupmember])) {
if(!is_array($ldapentry[$this->groupmember])) {
$member=$ldapentry[$this->groupmember];
if(!array_key_exists($member,$tbniveau01members)) $tbniveau01members[$member]=[];
array_push($tbniveau01members[$member],$ldapentry[$this->groupname]);
}
else {
foreach($ldapentry[$this->groupmember] as $member) {
if(!array_key_exists($member,$tbniveau01members)) $tbniveau01members[$member]=[];
array_push($tbniveau01members[$member],$ldapentry[$this->groupname]);
}
}
}
}
}
else {
$this->writeln('');
$this->writeln('== NIVEAU01 =========================================');
$this->writelnred(" > Synchronisation impossible il vous manque des paramétres ldap pour le faire");
}
// Synchronisation des groups
if($fgsynchrogroups) {
$this->writeln('');
$this->writeln('== GROUP ============================================');
$ldapentrys=$this->ldap->search($this->filtergroup,[$this->groupgid,$this->groupname,$this->groupmember],$this->basegroup);
foreach($ldapentrys as $ldapentry) {
$groupother=$this->em->getRepository("App\Entity\Group")->findOneBy(["label"=>$ldapentry[$this->groupname]]);
if($groupother&&$groupother->getIdexternal()!=$ldapentry[$this->groupgid]) {
$this->writelnred(" > ".$ldapentry[$this->groupname]." = Impossible à synchroniser un autre groupe existe déjà avec ce label");
continue;
}
// On recherche le groupe via le gid
$this->writeln(' > '.$ldapentry[$this->groupname]);
$group=$this->em->getRepository("App\Entity\Group")->findOneBy(["idexternal"=>$ldapentry[$this->groupgid]]);
if(!$group) {
$group=new Group();
$group->setIsopen(false);
$group->setIsworkgroup(false);
$group->setApikey(Uuid::uuid4());
$this->em->persist($group);
}
$group->setIdexternal($ldapentry[$this->groupgid]);
$group->setLabel($ldapentry[$this->groupname]);
$group->setLdapfilter("(".$this->groupname."=".$ldapentry[$this->groupname].")");
$this->em->flush();
// Sauvegarde du groupldap
array_push($tbgroups,$ldapentry[$this->groupname]);
// Sauvegarde des membres du group
if(!empty($ldapentry[$this->groupmember])) {
if(!is_array($ldapentry[$this->groupmember])) {
$member=$ldapentry[$this->groupmember];
if(!array_key_exists($member,$tbgroupmembers)) $tbgroupmembers[$member]=[];
array_push($tbgroupmembers[$member],$ldapentry[$this->groupname]);
}
else {
foreach($ldapentry[$this->groupmember] as $member) {
if(!array_key_exists($member,$tbgroupmembers)) $tbgroupmembers[$member]=[];
array_push($tbgroupmembers[$member],$ldapentry[$this->groupname]);
}
}
}
}
}
else {
$this->writeln('');
$this->writeln('== GROUP ============================================');
$this->writelnred(" > Synchronisation impossible il vous manque des paramétres ldap pour le faire");
}
// Synchronisation des users
if($fgsynchrousers) {
$this->writeln('');
$this->writeln('== USER =============================================');
$ldapentrys=$this->ldap->search($this->filteruser,[$this->username,$this->firstname,$this->lastname,$this->email,$this->avatar,$this->memberof],$this->baseuser);
foreach($ldapentrys as $ldapentry) {
$userother=$this->em->getRepository("App\Entity\User")->findOneBy(["email"=>$ldapentry[$this->email]]);
if($userother&&$userother->getUSername()!=$ldapentry[$this->username]) {
$this->writelnred(" > ".$ldapentry[$this->groupname]." = Impossible à synchroniser un autre user existe déjà avec ce mail");
continue;
}
$userother=$this->em->getRepository("App\Entity\Registration")->findOneBy(["email"=>$ldapentry[$this->email]]);
if($userother&&$userother->getUSername()!=$ldapentry[$this->username]) {
$this->writelnred(" > ".$ldapentry[$this->username]." = Impossible à synchroniser un autre user existe déjà avec ce mail");
continue;
}
// On recherche le user via le username
$this->writeln(' > '.$ldapentry[$this->username]);
$user=$this->em->getRepository("App\Entity\User")->findOneBy(["username"=>$ldapentry[$this->username]]);
if(!$user) {
$user=new User();
$user->setUsername($ldapentry[$this->username]);
$user->setIsvisible(true);
$user->setApikey(Uuid::uuid4());
$user->setPassword("LDAPPWD-".$ldapentry[$this->username]);
$user->setRole("ROLE_USER");
$user->setAvatar("noavatar.png");
$this->em->persist($user);
}
// Recherche du niveau01
$niveau01=null;
if($user->getNiveau01()&&empty($user->getNiveau01()->getIdexternal()))
$niveau01=$user->getNiveau01();
if(array_key_exists($ldapentry[$this->username],$tbniveau01members))
$niveau01=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["label"=>$tbniveau01members[$ldapentry[$this->username]][0]]);
if(!$niveau01)
$niveau01=$this->em->getRepository('App\Entity\Niveau01')->find(-1);
// Mise à jour des attributs
if(!empty($ldapentry[$this->lastname])) $user->setLastname($ldapentry[$this->lastname]);
if(!empty($ldapentry[$this->firstname])) $user->setFirstname($ldapentry[$this->firstname]);
if(!empty($ldapentry[$this->email])) $user->setEmail($ldapentry[$this->email]);
if(!empty($ldapentry[$this->avatar])) $user->setAvatar($ldapentry[$this->avatar]);
// Mise à jour du niveau01
if($niveau01!=$user->getNiveau01()) $user->setNiveau02(null);
$user->setNiveau01($niveau01);
// Mise à jour du role
if(in_array($ldapentry[$this->username],$this->container->getParameter("appAdmins")))
$user->setRole("ROLE_ADMIN");
// Sauvegarde en bdd
$this->em->flush();
// Sauvegarde du userldap
array_push($tbusers,$ldapentry[$this->username]);
// Inscription au groupe
if(array_key_exists($ldapentry[$this->username],$tbgroupmembers)) {
foreach($tbgroupmembers[$ldapentry[$this->username]] as $grouplabel) {
$group=$this->em->getRepository("App\Entity\Group")->findOneBy(["label"=>$grouplabel]);
if($group) {
$usergroup=$this->em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$user,"group"=>$group]);
if(!$usergroup) {
$usergroup=new UserGroup();
$usergroup->setUser($user);
$usergroup->setGroup($group);
$usergroup->setApikey(Uuid::uuid4());
$usergroup->setRolegroup(0);
$this->em->persist($usergroup);
$this->em->flush();
}
}
}
}
// Desinscription des group ldap
foreach($ldapgroups as $group) {
if(!array_key_exists($ldapentry[$this->username],$tbgroupmembers)||!in_array($group->getLabel(),$tbgroupmembers[$ldapentry[$this->username]])) {
$usergroup=$this->em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$user,"group"=>$group]);
if($usergroup) {
$this->em->remove($usergroup);
$this->em->flush();
}
}
}
}
}
else {
$this->writeln('');
$this->writeln('== USER =============================================');
$this->writelnred(" > Synchronisation impossible il vous manque des paramétres ldap pour le faire");
}
// Purge des users
if($fgsynchropurgeusers) {
$this->writeln('');
$this->writeln('== PURGE USER =============================================');
$users=$this->em->getRepository("App\Entity\User")->findAll();
foreach($users as $user) {
if(!in_array($user->getUsername(),$tbusers)) {
if($user->getId()>0) {
$this->writeln(' > '.$user->getUSername());
$this->em->remove($user);
$this->em->flush();
}
}
}
}
// Purge des groups
if($fgsynchropurgegroups) {
$this->writeln('');
$this->writeln('== PURGE GROUP =============================================');
foreach($ldapgroups as $group) {
if(!in_array($group->getLabel(),$tbgroups)) {
if($group->getId()>0) {
$this->writeln(' > '.$group->getLabel());
$this->em->remove($group);
}
else {
$group->setLdapfilter(null);
$group->setIdexternal(null);
}
$this->em->flush();
}
}
}
// Purge des niveau01s
if($fgsynchropurgeniveau01s) {
$this->writeln('');
$this->writeln('== PURGE NIVEAU01 =============================================');
foreach($ldapniveau01s as $niveau01) {
if(!in_array($niveau01->getLabel(),$tbniveau01s)) {
if($niveau01->getId()>0) {
$user=$this->em->getRepository("App\Entity\User")->findOneBy(["niveau01"=>$niveau01]);
if($user) {
$resetniveau01=$this->em->getRepository("App\Entity\User")->find(-1);
$user->setNiveau01($resetniveau01);
$user->setNiveau02(null);
}
$this->writeln(' > '.$niveau01->getLabel());
$this->em->remove($niveau01);
}
else {
$niveau01->setLdapfilter(null);
$niveau01->setIdexternal(null);
}
$this->em->flush();
}
}
}
return Command::SUCCESS;
}
private function nine2ldap()
{
$this->writelnred('');
$this->writelnred('== app:Synchro');
$this->writelnred('==========================================================================================================');
// Synchronisation impossible si aucune connexion à l'annuaire
if(!$this->ldap->isNine2Ldap()) {
$this->writeln("Synchronisation impossible soit :");
$this->writeln("- connexion impossible à l'annuaire");
$this->writeln("- appMasteridentity!=SQL");
$this->writeln("- votre user ldap n'a pas de permission en écriture");
$this->writeln("- vous n'avez pas renseigné les bases de votre organisation");
return Command::FAILURE;
}
$this->writeln('');
$this->writeln('=====================================================');
$this->writeln('== SYNCHONISATION NINE TO LDAP ======================');
$this->writeln('=====================================================');
$this->writeln('');
$this->writeln('== ORGANISATION =====================================');
$this->writeln($this->baseorganisation);
$this->writeln($this->baseniveau01);
$this->writeln($this->baseniveau02);
$this->writeln($this->basegroup);
$this->writeln($this->baseuser);
$this->ldap->addOrganisations();
$this->writeln('');
$this->writeln('== USER =============================================');
$users=$this->em->getRepository("App\Entity\User")->findAll();
$attributes=$this->ldap->listAttributesUser();
foreach($users as $user) {
$filter=str_replace("*",$user->getUsername(),$this->filteruser);
$ldapentrys=$this->ldap->search($filter,$attributes,$this->baseuser);
if(empty($ldapentrys)) {
$this->writeln($user->getUsername()." = SUBMIT");
$this->ldap->addUser($user);
}
elseif($this->ldap->ismodifyUser($user,$ldapentrys[0])) {
$this->writeln($user->getUsername()." = UPDATE");
$this->ldap->modifyUser($user);
}
}
$ldapentrys=$this->ldap->search($this->filteruser,$attributes,$this->baseuser);
foreach($ldapentrys as $ldapentry) {
$user=$this->em->getRepository("App\Entity\User")->findOneBy(["username"=>$ldapentry["uid"]]);
if(!$user) {
$this->writeln($ldapentry["uid"]." = DELETE");
$dn=$this->ldap->getUserDN($ldapentry["uid"]);
$this->ldap->deleteByDN($dn);
}
}
$this->writeln('');
$this->writeln('== GROUP ============================================');
$groups=$this->em->getRepository("App\Entity\Group")->findAll();
$attributes=$this->ldap->listAttributesGroup();
foreach($groups as $group) {
if($group->getLdapfilter()) {
$group->setLdapfilter(null);
$this->em->flush();
}
$filter="gidnumber=".$group->getId();
$ldapentrys=$this->ldap->search($filter,$attributes,$this->basegroup);
if(empty($ldapentrys)) {
$this->writeln($group->getLabel()." = SUBMIT");
$this->ldap->addGroup($group);
}
elseif($this->ldap->ismodifyGroup($group,$ldapentrys[0])) {
$this->writeln($group->getLabel()." = UPDATE");
$this->ldap->modifyGroup($group,$ldapentrys[0]["cn"]);
}
}
$ldapentrys=$this->ldap->search($this->filtergroup,$attributes,$this->basegroup);
foreach($ldapentrys as $ldapentry) {
$group=$this->em->getRepository("App\Entity\Group")->find($ldapentry["gidnumber"]);
if(!$group) {
$this->writeln($ldapentry["cn"]." = DELETE");
$dn=$this->ldap->getGroupDN($ldapentry["cn"]);
$this->ldap->deleteByDN($dn);
}
}
$this->writeln('');
$this->writeln('== NIVEAU02 =========================================');
$niveau02s=$this->em->getRepository("App\Entity\Niveau02")->findAll();
$attributes=$this->ldap->listAttributesNiveau02();
foreach($niveau02s as $niveau02) {
$filter="gidnumber=".$niveau02->getId();
$ldapentrys=$this->ldap->search($filter,$attributes,$this->baseniveau02);
if(empty($ldapentrys)) {
$this->writeln($niveau02->getLabel()." = SUBMIT");
$this->ldap->addNiveau02($niveau02);
}
elseif($this->ldap->ismodifyNiveau02($niveau02,$ldapentrys[0])) {
$this->writeln($niveau02->getLabel()." = UPDATE");
$this->ldap->modifyNiveau02($niveau02,$ldapentrys[0]["cn"]);
}
}
$ldapentrys=$this->ldap->search($this->filtergroup,$attributes,$this->baseniveau02);
foreach($ldapentrys as $ldapentry) {
$niveau02=$this->em->getRepository("App\Entity\Niveau02")->find($ldapentry["gidnumber"]);
if(!$niveau02) {
$this->writeln($ldapentry["cn"]." = DELETE");
$dn=$this->ldap->getNiveau02DN($ldapentry["cn"]);
$this->ldap->deleteByDN($dn);
}
}
$this->writeln('');
$this->writeln('== NIVEAU01 =========================================');
$niveau01s=$this->em->getRepository("App\Entity\Niveau01")->findAll();
$attributes=$this->ldap->listAttributesNiveau01();
foreach($niveau01s as $niveau01) {
if($niveau01->getLdapfilter()) {
$niveau01->setLdapfilter(null);
$this->em->flush();
}
$filter="gidnumber=".$niveau01->getId();
$ldapentrys=$this->ldap->search($filter,$attributes,$this->baseniveau01);
if(empty($ldapentrys)) {
$this->writeln($niveau01->getLabel()." = SUBMIT");
$this->ldap->addNiveau01($niveau01);
}
elseif($this->ldap->ismodifyNiveau01($niveau01,$ldapentrys[0])) {
$this->writeln($niveau01->getLabel()." = UPDATE");
$this->ldap->modifyNiveau01($niveau01,$ldapentrys[0]["cn"]);
}
}
$ldapentrys=$this->ldap->search($this->filtergroup,$attributes,$this->baseniveau01);
foreach($ldapentrys as $ldapentry) {
$niveau01=$this->em->getRepository("App\Entity\Niveau01")->find($ldapentry["gidnumber"]);
if(!$niveau01) {
$this->writeln($ldapentry["cn"]." = DELETE");
$dn=$this->ldap->getNiveau01DN($ldapentry["cn"]);
$this->ldap->deleteByDN($dn);
}
}
return Command::SUCCESS;
}
private function nine2nine()
{
$this->writelnred('');
$this->writelnred('== app:Synchro');
$this->writelnred('==========================================================================================================');
// Synchronisation ldap2nine possible uniquement si appMasteridentity=NINE
if($this->appMasteridentity!="NINE") {
$this->writeln("Synchronisation impossible si appMasteridentity!=NINE");
return Command::FAILURE;
}
$nineurl = $this->container->getParameter("nineUrl");
$ninesecret = $this->container->getParameter("nineSecret");
if(!$nineurl||!$ninesecret) {
$this->writeln("Synchronisation impossible soit parametres NINE_URL et/ou NINE_SECRET manquant");
return Command::FAILURE;
}
$nineurl.="/rest/";
$this->writeln('');
$this->writeln('=====================================================');
$this->writeln('== SYNCHONISATION NINE TO NINE ======================');
$this->writeln('=====================================================');
$nineniveau01s=$this->em->createQueryBuilder()->select('entity')->from('App:Niveau01','entity')->where('entity.idexternal IS NOT NULL')->getQuery()->getResult();
$ninegroups=$this->em->createQueryBuilder()->select('entity')->from('App:Group','entity')->where('entity.idexternal IS NOT NULL')->getQuery()->getResult();
$tbniveau01members=[];
$tbgroupmembers=[];
$tbniveau01s=[];
$tbgroups=[];
$tbusers=[];
$fgsynchropurgeniveau01s=($this->synchropurgeniveau01);
$fgsynchropurgegroups=($this->synchropurgegroup);
$fgsynchropurgeusers=($this->synchropurgeuser);
$this->writeln('');
$this->writeln('== NIVEAU01 =========================================');
$response = $this->apiservice->run("GET",$nineurl."getAllNiveau01s",null,["key"=>$ninesecret]);
if($response->code!="200") return Command::FAILURE;
foreach($response->body as $nineniveau01 ) {
$niveau01other=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["label"=>$nineniveau01->niveau01label]);
if($niveau01other&&$niveau01other->getIdexternal()!=$nineniveau01->niveau01id) {
$this->writelnred(" > ".$nineniveau01->niveau01label." = Impossible à synchroniser un autre niveau01 existe déjà avec ce label");
continue;
}
// On recherche le groupe via le gid
$this->writeln(' > '.$nineniveau01->niveau01label);
$niveau01=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["idexternal"=>$nineniveau01->niveau01id]);
if(!$niveau01) {
$niveau01=new Niveau01();
$niveau01->setApikey(Uuid::uuid4());
$this->em->persist($niveau01);
}
$niveau01->setIdexternal($nineniveau01->niveau01id);
$niveau01->setLabel($nineniveau01->niveau01label);
$this->em->flush();
// Sauvegarde du niveau01nine
array_push($tbniveau01s,$nineniveau01->niveau01label);
// Sauvegarde des membres du niveau01
if(!empty($nineniveau01->niveau01users)) {
foreach($nineniveau01->niveau01users as $member) {
if(!array_key_exists($member->userlogin,$tbniveau01members)) $tbniveau01members[$member->userlogin]=[];
array_push($tbniveau01members[$member->userlogin],$nineniveau01->niveau01label);
}
}
}
$this->writeln('');
$this->writeln('== GROUP ============================================');
$response = $this->apiservice->run("GET",$nineurl."getAllGroups",null,["key"=>$ninesecret]);
if($response->code!="200") return Command::FAILURE;
foreach($response->body as $ninegroup ) {
$groupother=$this->em->getRepository("App\Entity\Group")->findOneBy(["label"=>$ninegroup->grouplabel]);
if($groupother&&$groupother->getIdexternal()!=$ninegroup->groupid) {
$this->writelnred(" > ".$ninegroup->grouplabel." = Impossible à synchroniser un autre group existe déjà avec ce label");
continue;
}
// On recherche le groupe via le gid
$this->writeln(' > '.$ninegroup->grouplabel);
$group=$this->em->getRepository("App\Entity\Group")->findOneBy(["idexternal"=>$ninegroup->groupid]);
if(!$group) {
$group=new Group();
$group->setIsopen(false);
$group->setIsworkgroup(false);
$group->setApikey(Uuid::uuid4());
$this->em->persist($group);
}
$group->setIdexternal($ninegroup->groupid);
$group->setLabel($ninegroup->grouplabel);
$this->em->flush();
// Sauvegarde du groupnine
array_push($tbgroups,$ninegroup->grouplabel);
// Sauvegarde des membres du group
if(!empty($ninegroup->groupusers)) {
foreach($ninegroup->groupusers as $member) {
if(!array_key_exists($member->userlogin,$tbgroupmembers)) $tbgroupmembers[$member->userlogin]=[];
array_push($tbgroupmembers[$member->userlogin],$ninegroup->grouplabel);
}
}
}
$this->writeln('');
$this->writeln('== USER =============================================');
$response = $this->apiservice->run("GET",$nineurl."getAllUsers",null,["key"=>$ninesecret]);
if($response->code!="200") return Command::FAILURE;
$nineusers=$response->body;
foreach($nineusers as $nineuser) {
$userother=$this->em->getRepository("App\Entity\User")->findOneBy(["email"=>$nineuser->useremail]);
if($userother&&$userother->getUsername()!=$nineuser->userlogin) {
$this->writelnred(" > ".$nineuser->userlogin." = Impossible à synchroniser un autre user existe déjà avec ce mail");
continue;
}
$userother=$this->em->getRepository("App\Entity\Registration")->findOneBy(["email"=>$nineuser->useremail]);
if($userother&&$userother->getUSername()!=$nineuser->userlogin) {
$this->writelnred(" > ".$nineuser->userlogin." = Impossible à synchroniser un autre user existe déjà avec ce mail");
continue;
}
// On recherche le user via le username
$this->writeln(' > '.$nineuser->userlogin);
$user=$this->em->getRepository("App\Entity\User")->findOneBy(["username"=>$nineuser->userlogin]);
if(!$user) {
$user=new User();
$user->setUsername($nineuser->userlogin);
$user->setIsvisible(true);
$user->setApikey(Uuid::uuid4());
$user->setPassword("NINEPWD-".$nineuser->userlogin);
$user->setRole("ROLE_USER");
$user->setAvatar($nineuser->useravatar);
$this->em->persist($user);
}
// Recherche du niveau01
$niveau01=null;
if($user->getNiveau01()&&empty($user->getNiveau01()->getIdexternal()))
$niveau01=$user->getNiveau01();
if(array_key_exists($nineuser->userlogin,$tbniveau01members))
$niveau01=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["label"=>$tbniveau01members[$nineuser->userlogin][0]]);
if(!$niveau01)
$niveau01=$this->em->getRepository('App\Entity\Niveau01')->find(-1);
// Mise à jour des attributs
if(!empty($nineuser->userlastname)) $user->setLastname($nineuser->userlastname);
if(!empty($nineuser->userfirstname)) $user->setFirstname($nineuser->userfirstname);
if(!empty($nineuser->useremail)) $user->setEmail($nineuser->useremail);
if(!empty($nineuser->useravatar)) $user->setAvatar($nineuser->useravatar);
// Mise à jour du niveau01
if($niveau01!=$user->getNiveau01()) $user->setNiveau02(null);
$user->setNiveau01($niveau01);
// Mise à jour du role
if(in_array($nineuser->userlogin,$this->container->getParameter("appAdmins")))
$user->setRole("ROLE_ADMIN");
// Sauvegarde en bdd
$this->em->flush();
// Sauvegarde du userldap
array_push($tbusers,$nineuser->userlogin);
// Inscription au groupe
if(array_key_exists($nineuser->userlogin,$tbgroupmembers)) {
foreach($tbgroupmembers[$nineuser->userlogin] as $grouplabel) {
$group=$this->em->getRepository("App\Entity\Group")->findOneBy(["label"=>$grouplabel]);
if($group) {
$usergroup=$this->em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$user,"group"=>$group]);
if(!$usergroup) {
$usergroup=new UserGroup();
$usergroup->setUser($user);
$usergroup->setGroup($group);
$usergroup->setApikey(Uuid::uuid4());
$usergroup->setRolegroup(0);
$this->em->persist($usergroup);
$this->em->flush();
}
}
}
}
// Desinscription des group ldap
foreach($ninegroups as $group) {
if(!array_key_exists($nineuser->userlogin,$tbgroupmembers)||!in_array($group->getLabel(),$tbgroupmembers[$nineuser->userlogin])) {
$usergroup=$this->em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$user,"group"=>$group]);
if($usergroup) {
$this->em->remove($usergroup);
$this->em->flush();
}
}
}
}
// Purge des users
if($fgsynchropurgeusers) {
$this->writeln('');
$this->writeln('== PURGE USER =============================================');
$users=$this->em->getRepository("App\Entity\User")->findAll();
foreach($users as $user) {
if(!in_array($user->getUsername(),$tbusers)) {
if($user->getId()>0) {
$this->writeln(' > '.$user->getUsername());
$this->em->remove($user);
$this->em->flush();
}
}
}
}
// Purge des groups
if($fgsynchropurgegroups) {
$this->writeln('');
$this->writeln('== PURGE GROUP =============================================');
foreach($ninegroups as $group) {
if(!in_array($group->getLabel(),$tbgroups)) {
if($group->getId()>0) {
$this->writeln(' > '.$group->getLabel());
$this->em->remove($group);
}
else {
$group->setLdapfilter(null);
$group->setIdexternal(null);
}
$this->em->flush();
}
}
}
// Purge des niveau01s
if($fgsynchropurgeniveau01s) {
$this->writeln('');
$this->writeln('== PURGE NIVEAU01 =============================================');
foreach($nineniveau01s as $niveau01) {
if(!in_array($niveau01->getLabel(),$tbniveau01s)) {
if($niveau01->getId()>0) {
$user=$this->em->getRepository("App\Entity\User")->findOneBy(["niveau01"=>$niveau01]);
if($user) {
$resetniveau01=$this->em->getRepository("App\Entity\User")->find(-1);
$user->setNiveau01($resetniveau01);
$user->setNiveau02(null);
}
$this->writeln(' > '.$niveau01->getLabel());
$this->em->remove($niveau01);
}
else {
$niveau01->setLdapfilter(null);
$niveau01->setIdexternal(null);
}
$this->em->flush();
}
}
}
return Command::SUCCESS;
}
private function writelnred($string) {
$this->output->writeln('<fg=red>'.$string.'</>');
$this->filesystem->appendToFile($this->rootlog.'cron.log', $string."\n");
}
private function writeln($string) {
$this->output->writeln($string);
$this->filesystem->appendToFile($this->rootlog.'cron.log', $string."\n");
}
protected function addUser($niveau01,$username,$firstname,$lastname,$email,$usersadmin) {
$user = new User();
$user->setUsername($username);
$user->setLastname($lastname);
$user->setFirstname($firstname);
$user->setEmail($email);
$user->setNiveau01($niveau01);
$user->setSiren($niveau01->getSiren());
$user->setPassword("PASSWORDFROMEXTERNE");
$user->setVisible(true);
$user->setAuthlevel("simple");
$user->setBelongingpopulation("agent");
if(in_array($username,$usersadmin))
$user->setRole("ROLE_ADMIN");
else {
$user->setRole("ROLE_USER");
// Si modèle scribe
$ldap_template = $this->container->getParameter('ldap_template');
if($ldap_template=="scribe") {
$ldapfilter="(|(&(uid=".$user->getUsername().")(ENTPersonProfils=enseignant))(&(uid=".$user->getUsername().")(typeadmin=0))(&(uid=".$user->getUsername().")(typeadmin=2)))";
$results = $this->ldap->search($ldapfilter, ['uid'], $this->ldap_basedn);
if($results) $user->setRole("ROLE_ANIM");
}
}
$this->em->persist($user);
$this->em->flush();
}
protected function modUser($user,$username,$firstname,$lastname,$email,$usersadmin) {
$user->setLastname($lastname);
$user->setFirstname($firstname);
$user->setEmail($email);
if(in_array($username,$usersadmin))
$user->setRole("ROLE_ADMIN");
$this->em->persist($user);
$this->em->flush();
}
}
Reference in New Issue Copy Permalink