This commit is contained in:
root 2020-07-02 15:00:08 +02:00
parent 04273d0596
commit 38239d4b02
16 changed files with 575 additions and 242 deletions

View File

@ -16,44 +16,165 @@
<!-- template -->
<file filelist='nineskeletor' name='/etc/apache2/sites-available/nineskeletor' source='nineskeletor-apache.conf' />
<file filelist='nineskeletor' name='/var/www/html/nineskeletor/.env.local' source='nineskeletor-env.local' rm='True'/>
<file filelist='nineskeletor' name='/var/www/html/nineskeletor/scripts/proxy.sh' source='nineskeletor-proxy.sh' rm='True'/>
<file filelist='nineskeletor' name='/var/www/html/nineskeletor/scripts/proxy.sh' source='nineskeletor-proxy.sh' rm='True' mode="700" />
<file filelist='nineskeletor' name='/var/www/html/nineskeletor/scripts/genkey.sh' source='nineskeletor-genkey.sh' rm='True' mode="700" />
<file filelist='ninegate' name='/etc/cron.d/nineskeletor' source='nineskeletor.cron' rm='True'/>
</container>
</containers>
<variables>
<family name='applications web'>
<family name='nineskeletor'>
<variable name="ninegate_test_ninegate" type="oui/non" hidden='True' exists='False'><value>non</value></variable>
<variable name='activer_nineskeletor' type='oui/non' description='Activer nineskeletor'>
<value>oui</value>
</variable>
</family>
<variable type='string' name='nineskeletor_api_key' description="Fichier déclarant la clé d'accès API" mandatory='True'><value>/var/www/html/nineskeletor/.key</value></variable>
<family name='nineskeletor' mode='expert'>
<variable type='string' name='nineskeletor_db_mode' description='Serveur de bases de données à utiliser'/>
<variable type='string' name='nineskeletor_dbserver' description='Adresse du serveur de base de données'/>
<variable type='number' name='nineskeletor_dbport' description="Port d'écoute du serveur de base de données"/>
<variable type='string' name='nineskeletor_allow_hosts' description="Hôtes authorisés à utiliser la base de données" multi='True'/>
<variable type='string' name='nineskeletor_dbuser' description='Utilisateur du serveur de base de données'/>
<variable type='string' name='nineskeletor_dbpass' description='Fichier de mot de passe du serveur'/>
<variable type='mail' name='nineskeletor_email_global_notif' description='Email pour envoie de notifications'/>
<variable type='string' name='nineskeletor_mode_auth' description="Mode Authentification" mandatory='True'><value>CAS</value></variable>
<variable type='string' name='nineskeletor_masteridentity' description="Maître de l'Identité" mandatory='True'><value>Ninegate</value></variable>
<variable type='string' name='nineskeletor_urlidentity' description="URL complète de l'Identité" mandatory='True'><value>/ninegate</value></variable>
<variable type='string' name='nineskeletor_apikeyidentity' description="API Key de l'Identité" mandatory='True'><value>APIKeyNinegate</value></variable>
<!-- LDAP -->
<variable type='string' name='nineskeletor_ldaptemplate' description="Modèle d'annuaire"><value>scribe</value></variable>
<variable type='string' name='nineskeletor_ldapfiltergroup' description="Filtre LDAP des groupes (bien mettre votre filtre entre parenthèses)" mandatory='True'><value>(&amp;(ObjectClass=posixGroup)(cn=*))</value></variable>
<variable type='string' name='nineskeletor_ldapfilteruser' description="Filtre LDAP des utilisateurs (bien mettre votre filtre entre parenthèses)" mandatory='True'><value>(&amp;(ObjectClass=person)(uid=*))</value></variable>
<variable type='string' name='nineskeletor_ldapuid' description="Attribut LDAP uid" mandatory='True'><value>uid</value></variable>
<variable type='string' name='nineskeletor_ldapfirstname' description="Attribut LDAP firstname" mandatory='True'><value>givenname</value></variable>
<variable type='string' name='nineskeletor_ldaplastname' description="Attribut LDAP lastname" mandatory='True'><value>sn</value></variable>
<variable type='string' name='nineskeletor_ldapmail' description="Attribut LDAP email" mandatory='True'><value>mail</value></variable>
<!-- EMAIL -->
<variable type='string' name='nineskeletor_noreply' description='Adresse mail utilisé pour le noreply' mandatory='True' />
<variable type="oui/non" name='nineskeletor_activer_localmail' description="Utiliser le serveur d'envoi de mail local" mandatory='True'>
<value>oui</value>
</variable>
<variable type='string' name='nineskeletor_smtphost' description='Host du serveur SMTP' mandatory='True' />
<variable type='string' name='nineskeletor_smtpport' description='Port du serveur SMTP' mandatory='True' />
<variable type='string' name='nineskeletor_smtpuser' description='Compte du serveur SMTP' mandatory='True' />
<variable type='string' name='nineskeletor_smtppwd' description='Mot de passe associé du compte SMTP' mandatory='True' />
<variable type='string' name='nineskeletor_smtpencryption' description='Type Encryptage du serveur SMTP' mandatory='True' />
<variable type='string' name='nineskeletor_smtpauthmode' description='Mode Authentification du serveur SMTP' mandatory='True' />
<!-- BDD -->
<variable type='string' name='nineskeletor_db_mode' description='Serveur de bases de données à utiliser' mode='expert'/>
<variable type='string' name='nineskeletor_dbserver' description='Adresse du serveur de base de données' mode='expert'/>
<variable type='number' name='nineskeletor_dbport' description="Port d'écoute du serveur de base de données" mode='expert'/>
<variable type='string' name='nineskeletor_allow_hosts' description="Hôtes autorisés à utiliser la base de données" multi='True' mode='expert'/>
<variable type='string' name='nineskeletor_dbuser' description='Utilisateur du serveur de base de données' mode='expert'/>
<variable type='string' name='nineskeletor_dbpass' description='Fichier de mot de passe du serveur' mode='expert'/>
</family>
<separators>
<separator name="nineskeletor_ldaptemplate">Paramètres associés à l'Annuaire</separator>
<separator name="nineskeletor_noreply">Paramètres associés aux Mails</separator>
<separator name="nineskeletor_db_mode">Paramètres associés à la Base de Données</separator>
</separators>
</variables>
<constraints>
<!-- AFFICHAGE EN FONCTION DE APACHE -->
<condition name='hidden_if_in' source='activer_apache'>
<param>non</param>
<target type='filelist'>nineskeletor</target>
<target type='servicelist'>nineskeletor</target>
</condition>
<!-- AFFICHAGE EN FONCTION DE NINESKELETOR -->
<condition name='hidden_if_in' source='activer_nineskeletor'>
<param>non</param>
<target type='variable'>nineskeletor_masteridentity</target>
<target type='variable'>nineskeletor_urlidentity</target>
<target type='variable'>nineskeletor_apikeyidentity</target>
<target type='variable'>nineskeletor_mode_auth</target>
<target type='variable'>nineskeletor_api_key</target>
<target type='variable'>nineskeletor_ldaptemplate</target>
<target type='variable'>nineskeletor_noreply</target>
<target type='variable'>nineskeletor_activer_localmail</target>
<target type='variable'>nineskeletor_smtphost</target>
<target type='variable'>nineskeletor_smtpport</target>
<target type='variable'>nineskeletor_smtpuser</target>
<target type='variable'>nineskeletor_smtppwd</target>
<target type='variable'>nineskeletor_smtpencryption</target>
<target type='variable'>nineskeletor_smtpauthmode</target>
<target type='variable'>nineskeletor_db_mode</target>
<target type='variable'>nineskeletor_dbserver</target>
<target type='variable'>nineskeletor_dbport</target>
<target type='variable'>nineskeletor_allow_hosts</target>
<target type='variable'>nineskeletor_dbuser</target>
<target type='variable'>nineskeletor_dbpass</target>
<target type='filelist'>nineskeletor</target>
<target type='servicelist'>nineskeletor</target>
</condition>
<check name='valid_enum' target='nineskeletor_db_mode'>
<param>['default', 'externe', 'local']</param>
</check>
<!-- AFFICHAGE EN FONCTION DE NINEGATE -->
<fill name='calc_multi_condition' target='nineskeletor_masteridentity'>
<param>oui</param>
<param type='eole' name='condition_1' hidden='False'>ninegate_test_ninegate</param>
<param name='match'>Ninegate</param>
<param name='mismatch'>LDAP</param>
<param name='default_mismatch'>LDAP</param>
</fill>
<!-- AFFICHAGE EN FONCTION DU MASTERIDENTITY -->
<condition name='hidden_if_in' source='nineskeletor_masteridentity'>
<param>LDAP</param>
<target type='variable'>nineskeletor_urlidentity</target>
<target type='variable'>nineskeletor_apikeyidentity</target>
</condition>
<condition name='hidden_if_in' source='nineskeletor_masteridentity'>
<param>Ninegate</param>
<target type='variable'>nineskeletor_ldaptemplate</target>
</condition>
<!-- AFFICHAGE EN FONCTION DU LDAP -->
<condition name='hidden_if_in' source='nineskeletor_ldaptemplate'>
<param>scribe</param>
<target type='variable'>nineskeletor_ldapfiltergroup</target>
<target type='variable'>nineskeletor_ldapfilteruser</target>
<target type='variable'>nineskeletor_ldapuid</target>
<target type='variable'>nineskeletor_ldapfirstname</target>
<target type='variable'>nineskeletor_ldaplastname</target>
<target type='variable'>nineskeletor_ldapmail</target>
</condition>
<!-- AFFICHAGE EN FONCTION DU MAIL -->
<fill name='concat' target='nineskeletor_noreply'>
<param>noreply@</param>
<param type='eole'>domaine_messagerie_etab</param>
</fill>
<condition name='hidden_if_in' source='nineskeletor_activer_localmail'>
<param>oui</param>
<target type='variable'>nineskeletor_smtphost</target>
<target type='variable'>nineskeletor_smtpport</target>
<target type='variable'>nineskeletor_smtpuser</target>
<target type='variable'>nineskeletor_smtppwd</target>
<target type='variable'>nineskeletor_smtpencryption</target>
<target type='variable'>nineskeletor_smtpauthmode</target>
</condition>
<!-- AFFICHAGE EN FONCTION DU MODE DE BDD -->
<condition name='disabled_if_in' source='nineskeletor_db_mode'>
<param>local</param>
<target type='variable'>nineskeletor_dbserver</target>
@ -69,6 +190,32 @@
<target type='variable'>nineskeletor_dbpass</target>
<target type='variable'>nineskeletor_allow_hosts</target>
</condition>
<!-- VALID EMUN DES DIFFRENTES COMBO -->
<check name='valid_enum' target='nineskeletor_masteridentity'>
<param>['LDAP','Ninegate']</param>
</check>
<check name='valid_enum' target='nineskeletor_mode_auth'>
<param>['CAS', 'LDAP', 'SQL']</param>
</check>
<check name='valid_enum' target='nineskeletor_ldaptemplate'>
<param>['scribe','open']</param>
</check>
<check name='valid_enum' target='nineskeletor_smtpencryption'>
<param>['tls', 'ssl', 'null']</param>
</check>
<check name='valid_enum' target='nineskeletor_smtpauthmode'>
<param>['plain', 'login', 'cram-md5', 'null']</param>
</check>
<check name='valid_enum' target='nineskeletor_db_mode'>
<param>['default', 'externe', 'local']</param>
</check>
</constraints>
<help>

View File

@ -42,12 +42,8 @@ security:
# ROLE_ADMIN = accède à tout
# ROLE_VALIDATOR = accède aux validations de planning
# ROLE_MASTER = accède à la gestion de client / projet / commande / tache
# ROLE_USER = accède
# ROLE_VISITOR = accède à rien
access_control:
- { path: ^/user, roles: [ROLE_ADMIN, ROLE_MASTER, ROLE_STUDENT, ROLE_USER] }
- { path: ^/master, roles: [ROLE_ADMIN, ROLE_MASTER] }
- { path: ^/user, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_MASTER, ROLE_USER] }
- { path: ^/master, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_MASTER] }
- { path: ^/modo, roles: [ROLE_ADMIN, ROLE_MODO] }
- { path: ^/admin, roles: [ROLE_ADMIN] }

View File

@ -60,9 +60,12 @@ app_cron_exec:
defaults: { _controller: App\Controller\CronController:exec }
app_cron_log:
path: /admin/cron/log/{id}
controller: App\Controller\Cron:log
defaults: { id: "cron" }
path: /admin/cron/log
defaults: { _controller: App\Controller\CronController:log }
app_cron_getlog:
path: /admin/cron/getlog/{id}
defaults: { _controller: App\Controller\CronController:getlog }
#== User ========================================================================================================
app_user:

View File

@ -4,13 +4,27 @@
# Put parameters here that don't need to change on each machine where the app is deployed
# https://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
parameters:
appAlias: '%env(resolve:APP_ALIAS)%'
appAuth: '%env(resolve:APP_AUTH)%'
appName: '%env(resolve:APP_NAME)%'
appEnv: '%env(resolve:APP_ENV)%'
appSecret: '%env(resolve:APP_SECRET)%'
appAuth: '%env(resolve:APP_AUTH)%'
appAlias: '%env(resolve:APP_ALIAS)%'
appName: '%env(resolve:APP_NAME)%'
appCron: '%env(resolve:APP_CRON)%'
appMasteridentity: '%env(resolve:APP_MASTERIDENTITY)%'
appMasterurl: '%env(resolve:APP_MASTERURL)%'
appMasterkey: '%env(resolve:APP_MASTERKEY)%'
databaseName: '%env(resolve:DATABASE_NAME)%'
databaseUser: '%env(resolve:DATABASE_USER)%'
databasePassword: '%env(resolve:DATABASE_PASSWORD)%'
databaseHost: '%env(resolve:DATABASE_HOST)%'
appMailmethod: '%env(resolve:MAILER_METHOD)%'
appMailurl: '%env(resolve:MAILER_URL)%'
appMailnoreply: '%env(resolve:MAILER_NOREPLY)%'
ldapModel: '%env(resolve:LDAP_MODEL)%'
ldapHost: '%env(resolve:LDAP_HOST)%'
ldapPort: '%env(resolve:LDAP_PORT)%'
ldapUser: '%env(resolve:LDAP_USER)%'
@ -20,7 +34,10 @@ parameters:
ldapFirstname: '%env(resolve:LDAP_FIRSTNAME)%'
ldapLastname: '%env(resolve:LDAP_LASTNAME)%'
ldapEmail: '%env(resolve:LDAP_EMAIL)%'
ldapFiltergroup: '%env(resolve:LDAP_FILTERGROUP)%'
ldapFilteruser: '%env(resolve:LDAP_FILTERUSER)%'
ldapAdmins: '%env(json:LDAP_ADMINS)%'
casHost: '%env(resolve:CAS_HOST)%'
casPort: '%env(resolve:CAS_PORT)%'
casPath: '%env(resolve:CAS_PATH)%'
@ -29,6 +46,10 @@ parameters:
casLastname: '%env(resolve:CAS_LASTNAME)%'
casFirstname: '%env(resolve:CAS_FIRSTNAME)%'
proxyUser: '%env(resolve:PROXY_USE)%'
proxyHost: '%env(resolve:PROXY_HOST)%'
proxyPort: '%env(resolve:PROXY_PORT)%'
services:
# default configuration for services in *this* file
_defaults:

View File

@ -1,36 +1,19 @@
# In all environments, the following files are loaded if they exist,
# the latter taking precedence over the former:
#
# * .env contains default values for the environment variables needed by the app
# * .env.local uncommitted file with local overrides
# * .env.$APP_ENV committed environment-specific defaults
# * .env.$APP_ENV.local uncommitted environment-specific overrides
#
# Real environment variables win over .env files.
#
# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
#
# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
# https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration
###> symfony/framework-bundle ###
APP_SECRET=52c1cb88ee822cd2643abe29e16a68a6
# Symfony
APP_ENV=PROD
APP_SECRET=changemeinenvlocal
#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
#TRUSTED_HOSTS='^(localhost|example\.com)$'
###< symfony/framework-bundle ###
###> symfony/mailer ###
# MAILER_DSN=smtp://localhost
###< symfony/mailer ###
###< doctrine/doctrine-bundle ###
# Basic
APP_WEBURL=
APP_MASTERIDENTITY=LDAP
APP_AUTH=MYSQL
APP_ALIAS=
APP_NAME=
APP_AUTH=MYSQL
APP_ENV=PROD
APP_CRON=true
APP_MASTERURL=
APP_MASTERKEY=
# BDD
DATABASE_NAME=
@ -38,6 +21,27 @@ DATABASE_USER=
DATABASE_PASSWORD=
DATABASE_HOST=
# MAIL sendmail / smtp
MAILER_METHOD=sendmail
MAILER_URL=
MAILER_NOREPLY=noreply@noreply.fr
# LDAP
LDAP_MODEL=open
LDAP_HOST=
LDAP_PORT=
LDAP_USER=
LDAP_PASSWORD=
LDAP_BASEDN=
LDAP_USERNAME=uid
LDAP_FIRSTNAME=givenname
LDAP_LASTNAME=sn
LDAP_EMAIL=mail
LDAP_ADMINS='["admin"]'
# If APP_AUTH = CAS
CAS_HOST=
CAS_PORT=
@ -46,3 +50,9 @@ CAS_USERNAME=username
CAS_EMAIL=email
CAS_LASTNAME=lastname
CAS_FIRSTNAME=firstname
# Proxy
PROXY_USE=false
PROXY_HOST=
PROXY_PORT=

View File

@ -1,12 +1,9 @@
#!/bin/bash
# Se positionner sur la racine du projet
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
cd ${DIR}
cd ..
DIR=$(pwd)
DIR="/var/www/html/nineskeletor/.key"
# Génération d'une clé d'API
if [ ! -f $DIR/.key ]; then
openssl rand -hex 32 > $DIR/.key
if [ ! -f $DIR ]; then
openssl rand -hex 32 > $DIR
fi

View File

@ -23,6 +23,8 @@ class AppInitCommand extends Command
private $output;
private $filesystem;
private $rootlog;
private $appname;
private $appmailnoreply;
public function __construct(ContainerInterface $container,EntityManagerInterface $em)
{
@ -43,9 +45,11 @@ class AppInitCommand extends Command
protected function execute(InputInterface $input, OutputInterface $output)
{
$this->output = $output;
$this->filesystem = new Filesystem();
$this->rootlog = $this->container->get('kernel')->getProjectDir()."/../var/log/";
$this->output = $output;
$this->filesystem = new Filesystem();
$this->rootlog = $this->container->get('kernel')->getProjectDir()."/../var/log/";
$this->appname = $this->container->getParameter('appName');
$this->appmailnoreply = $this->container->getParameter('appMailnoreply');
$output->writeln('APP = Default Data');
@ -73,10 +77,10 @@ class AppInitCommand extends Command
$entity->setId(0);
$entity->setUsername("admin");
$entity->setPassword("admin");
$entity->setFirstname("schedule");
$entity->setLastname("admin");
$entity->setEmail("admin@noreply@com");
$entity->setRoles(["ROLE_ADMIN","ROLE_USER"]);
$entity->setFirstname($this->appname);
$entity->setLastname("Admin");
$entity->setEmail($this->appmailnoreply);
$entity->setRoles(["ROLE_ADMIN"]);
$entity->setAvatar("admin.jpg");
$this->em->persist($entity);
}

View File

@ -105,7 +105,7 @@ class CronInitCommand extends Command
$nextdate=$entity->getSubmitdate();
$nextdate->setTime(3,0);
$entity->setCommand("app:synchroUsers");
$entity->setDescription("Synchronisation des Comptes Utilisateurs");
$entity->setDescription("Synchronisation des comptes utilisateurs");
$entity->setId(100);
$entity->setStatut(2);
$entity->setRepeatcall(0);
@ -116,52 +116,16 @@ class CronInitCommand extends Command
$this->em->persist($entity);
}
/*
// Job Récupératoin la table de référence des articles
// Toute les 1mn
$entity = $this->em->getRepository('App:Cron')->find(10);
if(!$entity) {
$entity = new Cron;
$entity->setId(10);
$entity->setCommand("app:CrousGo");
$entity->setDescription("Récupératoin des commandes CROUS & GO");
$entity->setStatut(2);
$entity->setRepeatcall(0);
$entity->setRepeatexec(0);
$entity->setRepeatinterval(60);
$entity->setNextexecdate($entity->getSubmitdate());
$this->em->persist($entity);
}
// Job Fermeture automatique des guichets
// Toute les 1mn
$entity = $this->em->getRepository('App:Cron')->find(20);
if(!$entity) {
$entity = new Cron;
$entity->setId(20);
$entity->setCommand("app:FermetureGuichet");
$entity->setDescription("Fermeture automatique des guichets");
$entity->setStatut(2);
$entity->setRepeatcall(0);
$entity->setRepeatexec(0);
$entity->setRepeatinterval(60);
$entity->setNextexecdate($entity->getSubmitdate());
$this->em->persist($entity);
}
// Job Récupératoin la table de référence des articles
// Toute les 24h à 3h00
$entity = $this->em->getRepository('App:Cron')->find(1000);
// Job Dump
// Toute les 24h à 2h00
$entity = $this->em->getRepository('App:Cron')->find(220);
if(!$entity) {
$entity = new Cron;
$nextdate=$entity->getSubmitdate();
$nextdate->setTime(3,0);
$entity->setId(1000);
$entity->setCommand("app:CodeArticle");
$entity->setDescription("Récupératoin la table de référence des articles");
$nextdate->setTime(2,0);
$entity->setCommand("app:dumpBdd");
$entity->setDescription("Sauvegarde de la BDD");
$entity->setId(220);
$entity->setStatut(2);
$entity->setRepeatcall(0);
$entity->setRepeatexec(0);
@ -170,45 +134,6 @@ class CronInitCommand extends Command
$this->em->persist($entity);
}
// Job reinit des piles à 0
// Toute les 24h à 3h00
$entity = $this->em->getRepository('App:Cron')->find(1010);
if(!$entity) {
$entity = new Cron;
$nextdate=$entity->getSubmitdate();
$nextdate->setTime(3,0);
$entity->setId(1010);
$entity->setCommand("app:RazPile");
$entity->setDescription("Remet les piles des services à 0");
$entity->setStatut(2);
$entity->setRepeatcall(0);
$entity->setRepeatexec(0);
$entity->setRepeatinterval(86400);
$entity->setNextexecdate($nextdate);
$this->em->persist($entity);
}
// Job reinit des piles à 0
// Toute les 24h à 3h00
$entity = $this->em->getRepository('App:Cron')->find(1020);
if(!$entity) {
$entity = new Cron;
$nextdate=$entity->getSubmitdate();
$nextdate->setTime(3,0);
$entity->setId(1020);
$entity->setCommand("app:RazCommande");
$entity->setDescription("Cloture et Purge des Commandes");
$entity->setStatut(2);
$entity->setRepeatcall(0);
$entity->setRepeatexec(0);
$entity->setRepeatinterval(86400);
$entity->setNextexecdate($nextdate);
$this->em->persist($entity);
}
*/
// On flush
$this->em->flush();

View File

@ -0,0 +1,92 @@
<?php
namespace App\Command;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\Filesystem\Filesystem;
use Symfony\Component\Security\Core\Encoder\EncoderFactory;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
use Symfony\Component\Finder\Finder;
class DumpBddCommand extends Command
{
private $container;
private $em;
private $output;
private $filesystem;
private $rootlog;
private $byexec;
public function __construct(ContainerInterface $container,EntityManagerInterface $em)
{
parent::__construct();
$this->container = $container;
$this->em = $em;
}
protected function configure()
{
$this
->setName('app:dumpBdd')
->setDescription('Sauvegarde de la BDD')
->setHelp('Sauvegarde de la BDD')
->addArgument('cronid', InputArgument::OPTIONAL, 'ID Cron Job')
->addArgument('lastchance', InputArgument::OPTIONAL, 'Lastchance to run the cron')
;
}
protected function execute(InputInterface $input, OutputInterface $output)
{
$this->output = $output;
$this->filesystem = new Filesystem();
$this->rootlog = $this->container->get('kernel')->getRootDir()."/../var/log/";
$alias = $this->container->getParameter('appAlias');
$this->writelnred('');
$this->writelnred('== app:dumpBdd');
$this->writelnred('==========================================================================================================');
$this->datahost = $this->container->getParameter('databaseHost');
$this->database = $this->container->getParameter('databaseName') ;
$this->username = $this->container->getParameter('databaseUser') ;
$this->password = $this->container->getParameter('databasePassword') ;
$cmd = sprintf('mysqldump -h %s -B %s -u %s --password=%s'
, $this->datahost
, $this->database
, $this->username
, $this->password
);
$result = $this->runCommand($cmd);
if($result['exit_status'] == 0) {
$this->filesystem->dumpFile($this->rootlog.$alias.".sql", $result['output']);
}
$this->writeln('');
return 1;
}
protected function runCommand($command)
{
$command .=" >&1";
exec($command, $output, $exit_status);
return array(
"output" => $output
, "exit_status" => $exit_status
);
}
private function writelnred($string) {
$this->output->writeln('<fg=red>'.$string.'</>');
$this->filesystem->appendToFile($this->rootlog.'cron.log', $string."\n");
}
private function writeln($string) {
$this->output->writeln($string);
$this->filesystem->appendToFile($this->rootlog.'cron.log', $string."\n");
}
}

View File

@ -43,7 +43,7 @@ class PurgeFileCommand extends Command
{
$this->output = $output;
$this->filesystem = new Filesystem();
$this->rootlog = $this->container->get('kernel')->getRootDir()."/../var/logs/";
$this->rootlog = $this->container->get('kernel')->getRootDir()."/../var/log/";
$alias = $this->container->getParameter('appAlias');
$this->writelnred('');

View File

@ -44,7 +44,7 @@ class SendMailCommand extends Command
{
$this->output = $output;
$this->filesystem = new Filesystem();
$this->rootlog = $this->container->get('kernel')->getRootDir()."/../var/logs/";
$this->rootlog = $this->container->get('kernel')->getRootDir()."/../var/log/";
$this->writelnred('');
$this->writelnred('== app:sendMail');

View File

@ -23,6 +23,7 @@ class SynchroUsersCommand extends Command
private $rootlog;
private $ldap;
private $ldap_basedn;
private $ldapgroups=[];
public function __construct(ContainerInterface $container,EntityManagerInterface $em)
{
@ -47,7 +48,7 @@ class SynchroUsersCommand extends Command
{
$this->output = $output;
$this->filesystem = new Filesystem();
$this->rootlog = $this->container->get('kernel')->getRootDir()."/../var/logs/";
$this->rootlog = $this->container->get('kernel')->getRootDir()."/../var/log/";
$this->writelnred('');
$this->writelnred('== app:synchroUsers');
@ -66,6 +67,16 @@ class SynchroUsersCommand extends Command
if($simulate) $this->writeln('** SIMULATION');
else $this->writeln('** REEL');
// Synchro
if($this->container->getParameter('appMasteridentity')=="LDAP")
$this->synchroLdap($simulate);
else
$this->synchroNinegate($simulate);
return 1;
}
protected function synchroLdap($simulate) {
$this->writeln('');
$this->writeln('=====================================================');
$this->writeln('== SYNCHONISATION ANNUAIRE ==========================');
@ -85,43 +96,57 @@ class SynchroUsersCommand extends Command
$ldap_lastname = $this->container->getParameter('ldapLastname');
$ldap_email = $this->container->getParameter('ldapEmail');
$ldap_admins = $this->container->getParameter('ldapAdmins');
$ldap_model = $this->container->getParameter('ldapModel');
$fieldstoread = array($ldap_username,$ldap_firstname,$ldap_lastname,$ldap_email);
$ldapusers = array();
$ldapmails = array();
// Classes
$this->writeln('');
$this->writeln('== CLASSES ==========================================');
$results = $this->ldap->search("type=Classe", ['cn','description','gidNumber'], $this->ldap_basedn);
foreach($results as $result) {
$cn=$result["cn"];
$ldapfilter="(|(&(type=Classe)(cn=$cn))(&(type=Equipe)(cn=profs-$cn))(&(ENTPersonProfils=Administratif)(divcod=$cn)))";
$label="CLASSE = ".$result["cn"];
$this->writeln(" - $label");
if(!$simulate) $this->addmodGroup($label,$ldapfilter,true);
if($ldap_model=="scribe") {
$this->writeln('');
$this->writeln('== SCRIBE ===========================================');
// Classes
$this->writeln('');
$this->writeln('== CLASSES ==========================================');
$results = $this->ldap->search("type=Classe", ['cn','description','gidNumber'], $this->ldap_basedn);
foreach($results as $result) {
$cn=$result["cn"];
$ldapfilter="(|(&(type=Classe)(cn=$cn))(&(type=Equipe)(cn=profs-$cn))(&(ENTPersonProfils=Administratif)(divcod=$cn)))";
$label="CLASSE = ".$result["cn"];
$this->writeln(" - $label");
if(!$simulate) $this->addmodGroup($label,$ldapfilter,true);
}
// Options
$this->writeln('');
$this->writeln('== OPTIONS ==========================================');
$results = $this->ldap->search("type=Option", ['cn','description','gidNumber'], $this->ldap_basedn);
foreach($results as $result) {
$cn=$result["cn"];
$ldapfilter="(|(&(type=Option)(cn=$cn))(&(type=Equipe)(cn=profs-$cn))(&(ENTPersonProfils=Administratif)(divcod=$cn)))";
$label="OPTION = ".$result["cn"];
$this->writeln(" - $label");
if(!$simulate) $this->addmodGroup($label,$ldapfilter,true);
}
$ldap_filtergroup="(type=Groupe)";
$ldap_filteruser="(&(uid=*)(objectclass=inetOrgPerson)(!(description=Computer)))";
}
// Options
$this->writeln('');
$this->writeln('== OPTIONS ==========================================');
$results = $this->ldap->search("type=Option", ['cn','description','gidNumber'], $this->ldap_basedn);
foreach($results as $result) {
$cn=$result["cn"];
$ldapfilter="(|(&(type=Option)(cn=$cn))(&(type=Equipe)(cn=profs-$cn))(&(ENTPersonProfils=Administratif)(divcod=$cn)))";
$label="OPTION = ".$result["cn"];
$this->writeln(" - $label");
if(!$simulate) $this->addmodGroup($label,$ldapfilter,true);
else {
$ldap_filtergroup=$this->container->getParameter('ldapFiltergroup');
$ldap_filteruser=$this->container->getParameter('ldapFilteruser');
}
// Groupes
$this->writeln('');
$this->writeln('== GROUPES ==========================================');
$results = $this->ldap->search("type=Groupe", ['cn','description','gidNumber'], $this->ldap_basedn);
$results = $this->ldap->search($ldap_filtergroup, ['cn','description','gidNumber'], $this->ldap_basedn);
foreach($results as $result) {
$cn=$result["cn"];
$ldapfilter="(&(type=Groupe)(cn=$cn))";
$ldapfilter="(&(&".$ldap_filtergroup.")(cn=$cn))";
$label="GROUPE = ".$result["cn"];
$this->writeln(" - $label");
@ -141,11 +166,12 @@ class SynchroUsersCommand extends Command
// Sur l'ensemble des utilisateurs de l'anuaire
$this->writeln("== Récupération des utilisateurs de l'annuaire");
$results = $this->ldap->search("(&(uid=*)(objectclass=inetOrgPerson)(!(description=Computer)))", $fieldstoread, $this->ldap_basedn);
$results = $this->ldap->search($ldap_filteruser, $fieldstoread, $this->ldap_basedn);
$nbuserstotal=count($results);
$nbusers=0;
$tberrors=[];
// Pour chaque utilisateur ldap
$this->writeln('== Traitement des utilisateurs');
foreach($results as $result) {
@ -224,6 +250,8 @@ class SynchroUsersCommand extends Command
$groups=$this->em->getRepository('App:Group')->findAll();
foreach($groups as $group) {
if(!$group->getldapfilter()) continue;
$ldapusersgroup=array();
$ldapfilter=$group->getLdapfilter();
@ -325,7 +353,61 @@ class SynchroUsersCommand extends Command
}
$this->writeln('');
return 1;
$this->writeln('== GROUPS ============================================');
$groups=$this->em->getRepository("App:Group")->findAll();
foreach($groups as $group) {
if(!$group->getLdapfilter()) continue;
if(!in_array($group->getId(),$this->ldapgroups)) {
$this->writeln(" - Suppression dans Bundle >> ".$group->getName());
if(!$simulate) {
$this->em->remove($group);
$this->em->flush();
}
}
}
$this->writeln('');
}
protected function synchroNinegate($simulate) {
$this->writeln('');
$this->writeln('=====================================================');
$this->writeln('== SYNCHONISATION NINEGATE ==========================');
$this->writeln('=====================================================');
$this->writeln('');
$this->writeln('=====================================================');
$this->writeln('== SYNCHONISATION NINEGATE TO BUNDLE ================');
$this->writeln('=====================================================');
$appmasterurl = $this->getParameter("appmasterurl");
if(stripos($appmasterurl,"/")===0)
$url="https://".$this->getParameter("appWeburl").$appmasterurl;
else
$url=$masterurl;
$indomaine = (stripos($url,$this->getParameter("appWeburl"))!==false);
// Recherche des élèments de masterIdentify
$headers = ['Accept' => 'application/json'];
$query = [];
/* si hor domaine on utilise le proxy si proxy il y a */
if(!$indomaine) {
$PROXYactivate = $em->getRepository("CadolesCoreBundle:Config")->find("PROXYactivate")->getValue();
if($PROXYactivate) {
$PROXYserver = $em->getRepository("CadolesCoreBundle:Config")->find("PROXYserver")->getValue();
$PROXYport = $em->getRepository("CadolesCoreBundle:Config")->find("PROXYport")->getValue();
\Unirest\Request::proxy($PROXYserver, $PROXYport, CURLPROXY_HTTP, true);
}
}
// Récupération des informations utilisateurs issus du masteridentity
$response = \Unirest\Request::get($url.'/rest/user/'.$masterapikey.'/'.$user->getUsername(),$headers,$query);
}
private function writelnred($string) {
@ -348,6 +430,8 @@ class SynchroUsersCommand extends Command
$this->em->persist($group);
$this->em->flush();
array_push($this->ldapgroups,$group->getId());
}
protected function addtoGroup($user,$group) {
@ -373,7 +457,7 @@ class SynchroUsersCommand extends Command
$ldapfilter="(|(&(uid=".$user->getUsername().")(ENTPersonProfils=enseignant))(&(uid=".$user->getUsername().")(typeadmin=0))(&(uid=".$user->getUsername().")(typeadmin=2)))";
$results = $this->ldap->search($ldapfilter, ['uid'], $this->ldap_basedn);
if($results) $user->setRoles(["ROLE_MASTER"]);
else $user->setRoles(["ROLE_STUDENT"]);
else $user->setRoles(["ROLE_USER"]);
}
$this->em->persist($user);

View File

@ -11,6 +11,8 @@ use Symfony\Bundle\FrameworkBundle\Console\Application;
use Symfony\Component\Console\Input\ArrayInput;
use Symfony\Component\Console\Output\BufferedOutput;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\HttpFoundation\BinaryFileResponse;
use Symfony\Component\HttpFoundation\ResponseHeaderBag;
use App\Entity\Cron as Entity;
use App\Form\CronType as Form;
@ -70,52 +72,26 @@ class CronController extends AbstractController
]);
}
public function execAction(Request $request, $id)
public function log()
{
set_time_limit(0);
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) {
throw $this->createNotFoundException('Unable to find entity.');
}
$kernel = $this->get('kernel');
$application = new Application($kernel);
$application->setAutoExit(false);
$command = $application->find($entity->getCommand());
$jsonparameter=json_decode($entity->getJsonargument(),true);
$parameter = ($jsonparameter?new ArrayInput($jsonparameter):new ArrayInput([]));
$output = new BufferedOutput(OutputInterface::VERBOSITY_NORMAL,false);
$command->run($parameter, $output);
$content = $output->fetch();
return $this->render('CadolesCoreBundle:Core:command.html.twig', [
return $this->render($this->render.'logs.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => true,
"title" => $entity->getDescription(),
"return_path" =>"cadoles_cron_config",
"content" =>$content
]);
}
public function logAction(Request $request, $id)
public function getlog(Request $request, $id)
{
$kernel = $this->get('kernel');
$path = $this->get('kernel')->getRootDir() . '/../var/logs/'.$id.'.log';
$content = file_get_contents($path);
return $this->render('CadolesCronBundle:Cron:logs.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => true,
"title" => "LOG = ".$id,
"content" => $content
]);
$path = $this->getParameter('kernel.project_dir');
if($id=="dump")
$file = $path . '/var/log/' . $this->getParameter("appAlias") . '.sql';
else
$file = $path . '/var/log/'.$id.'.log';
$response = new BinaryFileResponse($file);
$response->setContentDisposition(ResponseHeaderBag::DISPOSITION_ATTACHMENT);
return $response;
}

View File

@ -56,8 +56,8 @@ class UserType extends AbstractType
if($options["mode"]!="profil") {
$choices=[];
$choices['Administrateur']='ROLE_ADMIN';
$choices['Professeur']='ROLE_MASTER';
$choices['Elève']='ROLE_STUDENT';
$choices['Modérateur']='ROLE_MODO';
$choices['Master']='ROLE_MASTER';
$choices['Utilisateur']='ROLE_USER';
$builder->add('roles',

View File

@ -1,24 +1,33 @@
# Basic = Redefine local
# SYMFONY
APP_ENV=PROD
APP_SECRET=%%pwdreader("",%%nineskeletor_api_key)
#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
#TRUSTED_HOSTS='^(localhost|example\.com)$'
# BASIC
APP_WEBURL=%%web_url
APP_AUTH=CAS
APP_ALIAS=nineskeletor
APP_NAME=Nineskeletor
APP_ENV=prod
APP_SECRET=%%pwdreader("","/var/www/html/nineskeletor/.key")
APP_AUTH=CAS
APP_CRON=true
APP_MASTERIDENTITY=%%nineskeletor_masteridentity
%if %%getVar("nineskeletor_masteridentity", 'LDAP') == "LDAP"
APP_MASTERURL=
APP_MASTERKEY=
%else
APP_MASTERURL=%%nineskeletor_urlidentity
APP_MASTERKEY=%%nineskeletor_apikeyidentity
%end if
# MAIL sendmail / smtp
MAILER_METHOD=sendmail
MAILER_URL=
MAILER_NOREPLY=noreply@noreply.fr
# Bdd = Redefine local
# BDD
DATABASE_NAME=nineskeletor
DATABASE_USER=nineskeletor
DATABASE_PASSWORD=tochange
%if %%getVar("ninegate_db_mode", 'non') == "externe"
DATABASE_HOST=%%ninegate_dbserver
%else if %%getVar("ninegate_db_mode", 'non') == "default"
%if %%getVar("nineskeletor_db_mode", 'non') == "externe"
DATABASE_HOST=%%nineskeletor_dbserver
%else if %%getVar("nineskeletor_db_mode", 'non') == "default"
%set dbhost = %%getVar('edb_host', 'non')
%if %%dbhost == 'non' and %%mode_conteneur_actif == 'oui':
DATABASE_HOST=%%adresse_ip_mysql
@ -34,7 +43,67 @@ DATABASE_HOST=%%adresse_ip_mysql
%end if
# CAS = Redefine local
# MAIL sendmail / smtp
%if %%getVar("nineskeletor_activer_localmail", "oui") == "oui"
MAILER_METHOD=sendmail
MAILER_URL=
%else
MAILER_METHOD=smtp
MAILER_URL=smtp://%%nineskeletor_smtphost:%%nineskeletor_smtpport?encryption=%%nineskeletor_smtpencryption&auth_mode=%%nineskeletor_smtpauthmode&username=%%nineskeletor_smtpuser&password=%%nineskeletor_smtppwd
%end if
MAILER_NOREPLY=noreply@noreply.fr
# LDAP
%if %%getVar("nineskeletor_masteridentity", 'LDAP') == "LDAP"
LDAP_MODEL=%%nineskeletor_ldaptemplate
%else
LDAP_MODEL=open
%end if
LDAP_HOST=%%adresse_ip_ldap
LDAP_PORT=%%ldap_port
LDAP_USER=%%ldap_reader
LDAP_PASSWORD=%%pwdreader("",%%ldap_reader_passfile)
LDAP_BASEDN=%%ldap_base_dn
%if %%getVar("nineskeletor_ldaptemplate", 'scribe') == "scribe"
LDAP_USERNAME=uid
LDAP_FIRSTNAME=givenname
LDAP_LASTNAME=sn
LDAP_EMAIL=mail
LDAP_FILTERGROUP=(cn=*)
LDAP_FILTERUSER=(uid=*)
%else
LDAP_USERNAME=%%nineskeletor_ldapuid
LDAP_FIRSTNAME=%%nineskeletor_ldapfirstname
LDAP_LASTNAME=%%nineskeletor_ldaplastname
LDAP_EMAIL=%%nineskeletor_ldapmail
LDAP_FILTERGROUP=%%nineskeletor_ldapfiltergroup
LDAP_FILTERUSER=%%nineskeletor_ldapfilteruser
%end if
%if %%getVar("activer_addadmin", "non") == "non"
LDAP_ADMINS='["admin"]'
%else
LDAP_ADMINS='["admin","%%uid_addadmin"]'
%end if
# CAS
CAS_HOST=%%eolesso_adresse
CAS_PORT=%%eolesso_port
CAS_PATH=%%eolesso_cas_folder
CAS_USERNAME=username
CAS_EMAIL=email
CAS_LASTNAME=lastname
CAS_FIRSTNAME=firstname
# Proxy
%if %%activer_proxy_client == 'oui'
PROXY_USE=true
PROXY_HOST=%%proxy_client_adresse
PROXY_PORT=%%proxy_client_port
%else
PROXY_USE=false
PROXY_HOST=
PROXY_PORT=
%end if

View File

@ -0,0 +1,9 @@
#!/bin/bash
# Se positionner sur la racine du projet
DIR="%%nineskeletor_api_key"
# Génération d'une clé d'API
if [ ! -f $DIR ]; then
openssl rand -hex 32 > $DIR
fi