svg
This commit is contained in:
parent
b5f7aa4b0a
commit
35d061ff82
|
@ -12,3 +12,6 @@ twig:
|
|||
appName: '%appName%'
|
||||
appCron: '%appCron%'
|
||||
appMasteridentity: '%appMasteridentity'
|
||||
sondeUse: '%sondeUse%'
|
||||
sondeUrl: '%sondeUrl%'
|
||||
|
||||
|
|
|
@ -47,15 +47,24 @@ parameters:
|
|||
casLastname: '%env(resolve:CAS_LASTNAME)%'
|
||||
casFirstname: '%env(resolve:CAS_FIRSTNAME)%'
|
||||
|
||||
proxyUser: '%env(resolve:PROXY_USE)%'
|
||||
proxyUse: '%env(resolve:PROXY_USE)%'
|
||||
proxyHost: '%env(resolve:PROXY_HOST)%'
|
||||
proxyPort: '%env(resolve:PROXY_PORT)%'
|
||||
|
||||
sondeUse: '%env(resolve:SONDE_USE)%'
|
||||
sondeUrl: '%env(resolve:SONDE_URL)%'
|
||||
|
||||
services:
|
||||
# default configuration for services in *this* file
|
||||
_defaults:
|
||||
autowire: true # Automatically injects dependencies in your services.
|
||||
autoconfigure: true # Automatically registers your services as commands, event subscribers, etc.
|
||||
bind:
|
||||
$ldapHost: '%ldapHost%'
|
||||
$ldapPort: '%ldapPort%'
|
||||
$ldapUser: '%ldapUser%'
|
||||
$ldapPassword: '%ldapPassword%'
|
||||
$ldapBasedn: '%ldapBasedn%'
|
||||
|
||||
# makes classes in src/ available to be used as services
|
||||
# this creates a service per class whose id is the fully-qualified class name
|
||||
|
@ -71,13 +80,6 @@ services:
|
|||
|
||||
# add more service definitions when explicit configuration is needed
|
||||
# please note that last definitions always *replace* previous ones
|
||||
app.session.listener:
|
||||
public: true
|
||||
class: App\Service\sessionListener
|
||||
arguments: ['@service_container','@doctrine.orm.entity_manager',"@security.token_storage"]
|
||||
tags:
|
||||
- { name: kernel.event_listener, event: kernel.request, method: onDomainParse }
|
||||
|
||||
app.password.encoder:
|
||||
public: true
|
||||
class: App\Service\passwordEncoder
|
||||
|
|
|
@ -55,4 +55,9 @@ CAS_FIRSTNAME=firstname
|
|||
# Proxy
|
||||
PROXY_USE=false
|
||||
PROXY_HOST=
|
||||
PROXY_PORT=
|
||||
PROXY_PORT=
|
||||
|
||||
|
||||
# Sonde statistic
|
||||
SONDE_USE=false
|
||||
SONDE_URL=
|
||||
|
|
|
@ -47,7 +47,6 @@ class CronCommand extends Command
|
|||
$appCron = $this->container->getParameter('appCron');
|
||||
if(!$appCron)
|
||||
{
|
||||
$this->writelnred('CRON désactivé');
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
@ -122,9 +122,9 @@ class SynchroUsersCommand extends Command
|
|||
// Options
|
||||
$this->writeln('');
|
||||
$this->writeln('== OPTIONS ==========================================');
|
||||
$cn=$result["cn"];
|
||||
$results = $this->ldap->search("type=Option", ['cn','description','gidNumber'], $this->ldap_basedn);
|
||||
foreach($results as $result) {
|
||||
$cn=$result["cn"];
|
||||
$ldapfilter="(|(&(type=Option)(cn=$cn))(&(type=Equipe)(cn=profs-$cn))(&(ENTPersonProfils=Administratif)(divcod=$cn)))";
|
||||
|
||||
$label="OPTION = ".$result["cn"];
|
||||
|
@ -396,40 +396,63 @@ class SynchroUsersCommand extends Command
|
|||
$appmasterurl = $this->container->getParameter("appMasterurl");
|
||||
$appmasterkey = $this->container->getParameter("appMasterkey");
|
||||
|
||||
// Déclaration du proxy
|
||||
// Généraltion de l'urol de communication
|
||||
if(stripos($appmasterurl,"/")===0) {
|
||||
$url="https://".$this->container->getParameter("appWeburl").$appmasterurl;
|
||||
}
|
||||
else
|
||||
$url=$appmasterurl;
|
||||
|
||||
$indomaine = (stripos($url,$this->container->getParameter("appWeburl"))!==false);
|
||||
|
||||
|
||||
$url="http://172.27.7.67/ninegate";
|
||||
$indomaine=true;
|
||||
|
||||
// Recherche des élèments de masterIdentify
|
||||
// Entete
|
||||
$headers = ['Accept' => 'application/json'];
|
||||
$query = [];
|
||||
|
||||
// Paramétrage unirest
|
||||
\Unirest\Request::verifyPeer(false);
|
||||
\Unirest\Request::verifyHost(false);
|
||||
\Unirest\Request::timeout(5);
|
||||
|
||||
/* si hor domaine on utilise le proxy si proxy il y a */
|
||||
if(!$indomaine) {
|
||||
$proxyUse = $this->container->getParameter("proxyUser");
|
||||
// Login sans proxy
|
||||
try{
|
||||
$response = \Unirest\Request::post($url.'/rest/login',$headers,["key"=>$appmasterkey]);
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
// On tente avec le proxy s'il y en a un
|
||||
$proxyUse = $this->container->getParameter("proxyUse");
|
||||
if($proxyUse) {
|
||||
$proxyHost = $this->container->getParameter("proxyHost");
|
||||
$proxyPort = $this->container->getParameter("proxyPort");
|
||||
\Unirest\Request::proxy($proxyHost, $proxyPort, CURLPROXY_HTTP, true);
|
||||
|
||||
try{
|
||||
$response = \Unirest\Request::post($url.'/rest/login/'.$appmasterkey,$headers,$query);
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
die("Erreur de communication API = ".$e->getMessage()."\n");
|
||||
}
|
||||
}
|
||||
else {
|
||||
die("Erreur de communication API = ".$e->getMessage()."\n");
|
||||
}
|
||||
}
|
||||
|
||||
if($response->code!="200")
|
||||
die("Erreur sur clé API\n");
|
||||
|
||||
|
||||
$this->writeln('');
|
||||
$this->writeln('== GROUPS ============================================');
|
||||
|
||||
// Récupération des informations groups issus du masteridentity
|
||||
$response = \Unirest\Request::get($url.'/rest/groups/'.$appmasterkey,$headers,$query);
|
||||
try{
|
||||
$response = \Unirest\Request::post($url.'/rest/groups',$headers,["key"=>$appmasterkey]);
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
die("Erreur de communication API = ".$e->getMessage()."\n");
|
||||
}
|
||||
|
||||
$lstgroups=[];
|
||||
if($response->code="200" && is_object($response->body)) {
|
||||
if($response->code=="200" && is_object($response->body)) {
|
||||
$apigroups=$response->body;
|
||||
foreach($apigroups as $apigroup) {
|
||||
array_push($lstgroups,$apigroup->id);
|
||||
|
@ -449,15 +472,21 @@ class SynchroUsersCommand extends Command
|
|||
}
|
||||
}
|
||||
}
|
||||
else die("Erreur de communication");
|
||||
else die("Erreur de communication = ".print_r($response,true));
|
||||
|
||||
$this->writeln('');
|
||||
$this->writeln('== USERS ============================================');
|
||||
|
||||
// Récupération des informations utilisateurs issus du masteridentity
|
||||
$response = \Unirest\Request::get($url.'/rest/users/'.$appmasterkey,$headers,$query);
|
||||
try{
|
||||
$response = \Unirest\Request::post($url.'/rest/users',$headers,["key"=>$appmasterkey]);
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
die("Erreur de communication API = ".$e->getMessage()."\n");
|
||||
}
|
||||
|
||||
$lstusers=[];
|
||||
if($response->code="200"&&is_object($response->body)) {
|
||||
if($response->code=="200"&&is_object($response->body)) {
|
||||
$apiusers=$response->body;
|
||||
foreach($apiusers as $apiuser) {
|
||||
array_push($lstusers,$apiuser->username);
|
||||
|
@ -476,6 +505,17 @@ class SynchroUsersCommand extends Command
|
|||
$user->setFirstname($apiuser->firstname);
|
||||
$user->setEmail($apiuser->email);
|
||||
$user->setAvatar($apiuser->avatar);
|
||||
|
||||
if(in_array($apiuser->username,$this->container->getParameter("ldapAdmins")))
|
||||
$role="ROLE_ADMIN";
|
||||
else
|
||||
$role=($apiuser->role=="ROLE_ANIM"?"ROLE_MASTER":$apiuser->role);
|
||||
|
||||
if(!$user->hasRole($role)) {
|
||||
$roles=$user->getRoles();
|
||||
array_push($roles,$role);
|
||||
$user->setRoles($roles);
|
||||
}
|
||||
|
||||
$this->em->persist($user);
|
||||
$this->em->flush();
|
||||
|
@ -494,7 +534,9 @@ class SynchroUsersCommand extends Command
|
|||
|
||||
$this->writeln($group->getName());
|
||||
|
||||
$usergroups = $tabgroups[$group->getIdexternal()]["users"];
|
||||
$usergroups=[];
|
||||
if($tabgroups[$group->getIdexternal()])
|
||||
$usergroups = $tabgroups[$group->getIdexternal()]["users"];
|
||||
$tbusers=[];
|
||||
foreach($usergroups as $user) {
|
||||
array_push($tbusers,$user["username"]);
|
||||
|
@ -622,14 +664,20 @@ class SynchroUsersCommand extends Command
|
|||
$user->setFirstname($firstname);
|
||||
$user->setEmail($email);
|
||||
|
||||
// Definition du role
|
||||
if(in_array($username,$usersadmin))
|
||||
$user->setRoles(["ROLE_ADMIN"]);
|
||||
$role="ROLE_ADMIN";
|
||||
else {
|
||||
$ldapfilter="(|(&(uid=".$user->getUsername().")(ENTPersonProfils=enseignant))(&(uid=".$user->getUsername().")(typeadmin=0))(&(uid=".$user->getUsername().")(typeadmin=2)))";
|
||||
$results = $this->ldap->search($ldapfilter, ['uid'], $this->ldap_basedn);
|
||||
if($results) $user->setRoles(["ROLE_MASTER"]);
|
||||
else $user->setRoles(["ROLE_USER"]);
|
||||
if($results) $role="ROLE_MASTER";
|
||||
else $role="ROLE_USER";
|
||||
}
|
||||
if(!$user->hasRole($role)) {
|
||||
$roles=$user->getRoles();
|
||||
array_push($roles,$role);
|
||||
$user->setRoles($roles);
|
||||
}
|
||||
|
||||
$this->em->persist($user);
|
||||
$this->em->flush();
|
||||
|
@ -640,8 +688,20 @@ class SynchroUsersCommand extends Command
|
|||
$user->setFirstname($firstname);
|
||||
$user->setEmail($email);
|
||||
|
||||
// Definition du role
|
||||
if(in_array($username,$usersadmin))
|
||||
$user->setRole("ROLE_ADMIN");
|
||||
$role="ROLE_ADMIN";
|
||||
else {
|
||||
$ldapfilter="(|(&(uid=".$user->getUsername().")(ENTPersonProfils=enseignant))(&(uid=".$user->getUsername().")(typeadmin=0))(&(uid=".$user->getUsername().")(typeadmin=2)))";
|
||||
$results = $this->ldap->search($ldapfilter, ['uid'], $this->ldap_basedn);
|
||||
if($results) $role="ROLE_MASTER";
|
||||
else $role="ROLE_USER";
|
||||
}
|
||||
if(!$user->hasRole($role)) {
|
||||
$roles=$user->getRoles();
|
||||
array_push($roles,$role);
|
||||
$user->setRoles($roles);
|
||||
}
|
||||
|
||||
$this->em->persist($user);
|
||||
$this->em->flush();
|
||||
|
|
|
@ -4,6 +4,8 @@
|
|||
namespace App\Controller;
|
||||
|
||||
use App\Entity\User;
|
||||
use App\Entity\Group;
|
||||
use App\Service\ldapService as ldapService;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
@ -20,6 +22,13 @@ use jasig\phpcas\CAS;
|
|||
|
||||
class SecurityController extends AbstractController
|
||||
{
|
||||
private $ldapService;
|
||||
|
||||
public function __construct(ldapService $ldapService)
|
||||
{
|
||||
$this->ldapService = $ldapService;
|
||||
}
|
||||
|
||||
public function login(Request $request, AuthenticationUtils $authenticationUtils)
|
||||
{
|
||||
$auth_mode=$this->getParameter("appAuth");
|
||||
|
@ -45,7 +54,7 @@ class SecurityController extends AbstractController
|
|||
public function logincas(Request $request, AuthenticationUtils $authenticationUtils)
|
||||
{
|
||||
// Récupération de la cible de navigation
|
||||
$redirect = $request->get("redirect");
|
||||
$redirect = $this->get('session')->get("_security.main.target_path");
|
||||
|
||||
// Init Client CAS
|
||||
$alias=$this->getParameter('appAlias');
|
||||
|
@ -97,9 +106,7 @@ class SecurityController extends AbstractController
|
|||
|
||||
$user->setPassword("CASPWD-".$username);
|
||||
$user->setSalt("CASPWD-".$username);
|
||||
|
||||
$user->setRoles(["ROLE_STUDENT"]);
|
||||
|
||||
|
||||
$em->persist($user);
|
||||
$em->flush();
|
||||
}
|
||||
|
@ -112,6 +119,14 @@ class SecurityController extends AbstractController
|
|||
$em->flush();
|
||||
}
|
||||
|
||||
$masteridentity=$this->getParameter("appMasteridentity");
|
||||
if($masteridentity=="Ninegate") {
|
||||
$this->updateNinegate($user);
|
||||
}
|
||||
else {
|
||||
$this->updateLDAP($user);
|
||||
}
|
||||
|
||||
|
||||
// Autoconnexion
|
||||
// Récupérer le token de l'utilisateur
|
||||
|
@ -170,4 +185,174 @@ class SecurityController extends AbstractController
|
|||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
|
||||
private function updateNinegate($user) {
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
$appmasterurl = $this->getParameter("appMasterurl");
|
||||
$appmasterkey = $this->getParameter("appMasterkey");
|
||||
|
||||
// Généraltion de l'urol de communication
|
||||
if(stripos($appmasterurl,"/")===0) {
|
||||
$url="https://".$this->getParameter("appWeburl").$appmasterurl;
|
||||
}
|
||||
else
|
||||
$url=$appmasterurl;
|
||||
|
||||
// Entete
|
||||
$headers = ['Accept' => 'application/json'];
|
||||
$query = [];
|
||||
|
||||
// Paramétrage unirest
|
||||
\Unirest\Request::verifyPeer(false);
|
||||
\Unirest\Request::verifyHost(false);
|
||||
\Unirest\Request::timeout(5);
|
||||
|
||||
// Login sans proxy
|
||||
try{
|
||||
$response = \Unirest\Request::post($url.'/rest/login',$headers,["key"=>$appmasterkey]);
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
// On tente avec le proxy s'il y en a un
|
||||
$proxyUse = $this->getParameter("proxyUse");
|
||||
if($proxyUse) {
|
||||
$proxyHost = $this->getParameter("proxyHost");
|
||||
$proxyPort = $this->getParameter("proxyPort");
|
||||
\Unirest\Request::proxy($proxyHost, $proxyPort, CURLPROXY_HTTP, true);
|
||||
|
||||
try{
|
||||
$response = \Unirest\Request::post($url.'/rest/login',$headers,["key"=>$appmasterkey]);
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
die("Erreur de communication API = ".$e->getMessage()."\n");
|
||||
}
|
||||
}
|
||||
else {
|
||||
die("Erreur de communication API = ".$e->getMessage()."\n");
|
||||
}
|
||||
}
|
||||
|
||||
if($response->code!="200")
|
||||
die("Erreur sur clé API\n");
|
||||
|
||||
// Récupération des informations du user
|
||||
try{
|
||||
$response = \Unirest\Request::post($url.'/rest/user/'.$user->getUsername(),$headers,["key"=>$appmasterkey]);
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
die("Erreur de communication API = ".$e->getMessage()."\n");
|
||||
}
|
||||
|
||||
if($response->code=="200"&&is_object($response->body)) {
|
||||
// Mise à jour du user
|
||||
$user->setLastname($response->body->user->lastname);
|
||||
$user->setFirstname($response->body->user->firstname);
|
||||
$user->setEmail($response->body->user->email);
|
||||
$user->setAvatar($response->body->user->avatar);
|
||||
|
||||
// Definition du role du user
|
||||
if(in_array($user->getUsername(),$this->getParameter("ldapAdmins")))
|
||||
$role="ROLE_ADMIN";
|
||||
else
|
||||
$role=($response->body->user->role=="ROLE_ANIM"?"ROLE_MASTER":$response->body->user->role);
|
||||
|
||||
if(!$user->hasRole($role)) {
|
||||
$roles=$user->getRoles();
|
||||
array_push($roles,$role);
|
||||
$user->setRoles($roles);
|
||||
}
|
||||
|
||||
// Sauvegarde user
|
||||
$em->persist($user);
|
||||
$em->flush();
|
||||
|
||||
// Mise à jour des groupes
|
||||
$groups=$response->body->groups;
|
||||
$mygroup=[];
|
||||
|
||||
foreach($groups as $groupexternal) {
|
||||
array_push($mygroup,$groupexternal->id);
|
||||
|
||||
// Le groupe existe-t-il
|
||||
$group=$em->getRepository("App:Group")->findOneBy(["idexternal"=>$groupexternal->id]);
|
||||
if(!$group)
|
||||
$group = new Group();
|
||||
$group->setIdexternal($groupexternal->id);
|
||||
$group->setName($groupexternal->title);
|
||||
|
||||
if(!$group->getUsers()->contains($user))
|
||||
$group->addUser($user);
|
||||
|
||||
$em->persist($group);
|
||||
$em->flush();
|
||||
}
|
||||
|
||||
foreach($user->getGroups() as $group) {
|
||||
if($group->getIdexternal()) {
|
||||
if(!in_array($group->getIdexternal(),$mygroup)) {
|
||||
$user->removeGroup($group);
|
||||
|
||||
$em->persist($user);
|
||||
$em->flush();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private function updateLDAP($user) {
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
|
||||
$ldap_basedn = $this->getParameter('ldapBasedn');
|
||||
$ldap_username = $this->getParameter('ldapUsername');
|
||||
$ldap_firstname = $this->getParameter('ldapFirstname');
|
||||
$ldap_lastname = $this->getParameter('ldapLastname');
|
||||
$ldap_email = $this->getParameter('ldapEmail');
|
||||
$ldap_admins = $this->getParameter('ldapAdmins');
|
||||
$ldap_model = $this->getParameter('ldapModel');
|
||||
$fieldstoread = array($ldap_username,$ldap_firstname,$ldap_lastname,$ldap_email);
|
||||
|
||||
if($ldap_model=="scribe") {
|
||||
$ldap_filtergroup="(&(type=Groupe)(cn=*))";
|
||||
$ldap_filteruser="(&(uid=*)(objectclass=inetOrgPerson)(!(description=Computer)))";
|
||||
}
|
||||
else {
|
||||
$ldap_filtergroup=$this->getParameter('ldapFiltergroup');
|
||||
$ldap_filteruser=$this->getParameter('ldapFilteruser');
|
||||
}
|
||||
|
||||
// On recherche l'utilisateur dans l'annuaire
|
||||
$results = $this->ldapService->search(str_replace("*",$user->getUsername(),$ldap_filteruser), $fieldstoread, $ldap_basedn);
|
||||
foreach($results as $result) {
|
||||
if(!isset($result[$ldap_lastname])) $result[$ldap_lastname] = "";
|
||||
if(!isset($result[$ldap_firstname])) $result[$ldap_firstname] = "";
|
||||
$result[$ldap_email]=strtolower($result[$ldap_email]);
|
||||
$result[$ldap_email]=utf8_encode($result[$ldap_email]);
|
||||
|
||||
// Mise à jour du user
|
||||
$user->setLastname($result[$ldap_lastname]);
|
||||
$user->setFirstname($result[$ldap_firstname]);
|
||||
$user->setEmail($result[$ldap_email]);
|
||||
|
||||
// Definition du role
|
||||
if(in_array($user->getUsername(),$ldap_admins))
|
||||
$role="ROLE_ADMIN";
|
||||
else {
|
||||
$ldapfilter="(|(&(uid=".$user->getUsername().")(ENTPersonProfils=enseignant))(&(uid=".$user->getUsername().")(typeadmin=0))(&(uid=".$user->getUsername().")(typeadmin=2)))";
|
||||
$results = $this->ldapService->search($ldapfilter, ['uid'], $ldap_basedn);
|
||||
if($results) $role="ROLE_MASTER";
|
||||
else $role="ROLE_USER";
|
||||
}
|
||||
if(!$user->hasRole($role)) {
|
||||
$roles=$user->getRoles();
|
||||
array_push($roles,$role);
|
||||
$user->setRoles($roles);
|
||||
}
|
||||
|
||||
// Sauvegarde user
|
||||
$em->persist($user);
|
||||
$em->flush();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -91,10 +91,9 @@ class User implements UserInterface, \Serializable
|
|||
private $groups;
|
||||
|
||||
|
||||
public function __construct(Container $container)
|
||||
public function __construct()
|
||||
{
|
||||
$this->groups = new ArrayCollection();
|
||||
|
||||
}
|
||||
|
||||
public function getUsername(): ?string
|
||||
|
|
|
@ -16,13 +16,13 @@ class ldapService
|
|||
|
||||
private $connection = null;
|
||||
|
||||
public function __construct($host, $port, $user, $password, $basedn)
|
||||
public function __construct($ldapHost, $ldapPort, $ldapUser, $ldapPassword, $ldapBasedn)
|
||||
{
|
||||
$this->host = $host;
|
||||
$this->port = $port;
|
||||
$this->user = $user;
|
||||
$this->password = $password;
|
||||
$this->basedn = $basedn;
|
||||
$this->host = $ldapHost;
|
||||
$this->port = $ldapPort;
|
||||
$this->user = $ldapUser;
|
||||
$this->password = $ldapPassword;
|
||||
$this->basedn = $ldapBasedn;
|
||||
}
|
||||
|
||||
public function connect() {
|
||||
|
|
|
@ -1,69 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace App\Service;
|
||||
|
||||
use Symfony\Component\DependencyInjection\ContainerInterface;
|
||||
use Symfony\Component\EventDispatcher\EventDispatcher;
|
||||
use Symfony\Component\EventDispatcher\Event;
|
||||
use Symfony\Component\HttpFoundation\Session\Session;
|
||||
use Doctrine\ORM\EntityManager;
|
||||
|
||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
|
||||
|
||||
class sessionListener {
|
||||
protected $container;
|
||||
protected $em;
|
||||
|
||||
public function __construct($container, EntityManager $em, TokenStorageInterface $token_storage)
|
||||
{
|
||||
$this->container = $container;
|
||||
$this->em = $em;
|
||||
$this->token_storage = $token_storage;
|
||||
}
|
||||
|
||||
public function haveRole($roles,$tohave) {
|
||||
$haverole=false;
|
||||
if($roles=="") {
|
||||
if(empty($tohave)) $haverole=true;
|
||||
}
|
||||
else {
|
||||
foreach($roles as $role) {
|
||||
if(in_array($role,$tohave))
|
||||
$haverole=true;
|
||||
}
|
||||
}
|
||||
|
||||
return $haverole;
|
||||
}
|
||||
|
||||
public function onDomainParse(Event $event) {
|
||||
$session = new Session();
|
||||
|
||||
// Utilisateur en cours
|
||||
$curentuserid=0;
|
||||
$token = $this->token_storage->getToken();
|
||||
if(!$token) return;
|
||||
$curentuser=$token->getUser();
|
||||
|
||||
// Roles actif
|
||||
if($curentuser=="anon.") $roles=[];
|
||||
else $roles=$curentuser->getRoles();
|
||||
|
||||
$regen=false;
|
||||
if (!$session->get('isuser') && $curentuser!="anon.") {
|
||||
$regen=true;
|
||||
$session->set('isuser',true);
|
||||
}
|
||||
|
||||
if ($session->get('isuser') && $curentuser=="anon.") {
|
||||
$regen=true;
|
||||
$session->set('isuser',false);
|
||||
}
|
||||
|
||||
// Initialisation de la session
|
||||
if($regen) {
|
||||
$session->set('activeactivity',true);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -10,7 +10,7 @@ APP_WEBURL=%%web_url
|
|||
APP_AUTH=CAS
|
||||
APP_ALIAS=nineskeletor
|
||||
APP_NAME=Nineskeletor
|
||||
APP_CRON=true
|
||||
APP_CRON=1
|
||||
APP_MASTERIDENTITY=%%nineskeletor_masteridentity
|
||||
%if %%getVar("nineskeletor_masteridentity", 'LDAP') == "LDAP"
|
||||
APP_MASTERURL=
|
||||
|
@ -99,11 +99,24 @@ CAS_FIRSTNAME=firstname
|
|||
|
||||
# Proxy
|
||||
%if %%activer_proxy_client == 'oui'
|
||||
PROXY_USE=true
|
||||
PROXY_USE=1
|
||||
PROXY_HOST=%%proxy_client_adresse
|
||||
PROXY_PORT=%%proxy_client_port
|
||||
%else
|
||||
PROXY_USE=false
|
||||
PROXY_USE=0
|
||||
PROXY_HOST=
|
||||
PROXY_PORT=
|
||||
%end if
|
||||
|
||||
|
||||
# Sonde statistic
|
||||
%if %%getVar("activer_sondepiwik_local", 'non') == "oui"
|
||||
SONDE_USE=1
|
||||
SONDE_URL=/sondepiwik/envoleTrackeur.js.php
|
||||
%else if %%getVar("activer_piwik", 'non') == "oui"
|
||||
SONDE_USE=1
|
||||
SONDE_URL=/piwik/envoleTrackeur.js.php
|
||||
%else
|
||||
SONDE_USE=0
|
||||
SONDE_URL=
|
||||
%end if
|
Loading…
Reference in New Issue