container = $container; $this->em = $em; $this->ldap = $ldapservice; $this->apiservice = $apiservice; } protected function configure() { $this ->setName('app:Synchro') ->setDescription('Synchronisation Annuaire') ->setHelp('This command Synchro for Core') ; } protected function execute(InputInterface $input, OutputInterface $output) { $this->output = $output; $this->filesystem = new Filesystem(); $this->rootlog = $this->container->get('kernel')->getLogDir().'/'; $this->appMasteridentity = $this->container->getParameter('appMasteridentity'); $appSynchro = $this->container->getParameter('appSynchro'); $this->synchro = $this->container->getParameter('appSynchro'); $this->synchropurgeniveau01 = $this->container->getParameter('appSynchroPurgeNiveau01'); $this->synchropurgeniveau02 = $this->container->getParameter('appSynchroPurgeNiveau02'); $this->synchropurgeniveau03 = $this->container->getParameter('appSynchroPurgeNiveau03'); $this->synchropurgeniveau04 = $this->container->getParameter('appSynchroPurgeNiveau04'); $this->synchropurgegroup = $this->container->getParameter('appSynchroPurgeGroup'); $this->synchropurgeuser = $this->container->getParameter('appSynchroPurgeUser'); $this->host = $this->container->getParameter('ldapHost'); $this->port = $this->container->getParameter('ldapPort'); $this->usetls = $this->container->getParameter('ldapUsetls'); $this->userwriter = $this->container->getParameter('ldapUserwriter'); $this->user = $this->container->getParameter('ldapUser'); $this->password = $this->container->getParameter('ldapPassword'); $this->basedn = $this->container->getParameter('ldapBasedn'); $this->baseorganisation = $this->container->getParameter('ldapBaseorganisation'); $this->baseniveau01 = $this->container->getParameter('ldapBaseniveau01'); $this->baseniveau02 = $this->container->getParameter('ldapBaseniveau02'); $this->baseniveau03 = $this->container->getParameter('ldapBaseniveau03'); $this->baseniveau04 = $this->container->getParameter('ldapBaseniveau04'); $this->basegroup = $this->container->getParameter('ldapBasegroup'); $this->baseuser = $this->container->getParameter('ldapBaseuser'); $this->username = $this->container->getParameter('ldapUsername'); $this->firstname = $this->container->getParameter('ldapFirstname'); $this->lastname = $this->container->getParameter('ldapLastname'); $this->email = $this->container->getParameter('ldapEmail'); $this->avatar = $this->container->getParameter('ldapAvatar'); $this->memberof = $this->container->getParameter('ldapMemberof'); $this->groupgid = $this->container->getParameter('ldapGroupgid'); $this->groupname = $this->container->getParameter('ldapGroupname'); $this->groupmember = $this->container->getParameter('ldapGroupmember'); $this->groupmemberisdn = $this->container->getParameter('ldapGroupmemberisdn'); $this->filtergroup = $this->container->getParameter('ldapFiltergroup'); $this->filteruser = $this->container->getParameter('ldapFilteruser'); switch ($appSynchro) { case 'LDAP2NINE': $return = $this->ldap2nine(); break; case 'NINE2LDAP': $return = $this->nine2ldap(); break; case 'NINE2NINE': $return = $this->nine2nine(); break; default: $return = Command::SUCCESS; break; } $this->writeln(''); return $return; } private function ldap2nine() { $this->writelnred(''); $this->writelnred('== app:Synchro'); $this->writelnred('=========================================================================================================='); // Synchronisation ldap2nine possible uniquement si appMasteridentity=LDAP or SSO if ('LDAP' != $this->appMasteridentity && 'SSO' != $this->appMasteridentity) { $this->writeln('Synchronisation impossible si appMasteridentity!=LDAP et appMasteridentity!=SSO'); return Command::FAILURE; } // Synchronisation impossible si aucune connexion à l'annuaire if (!$this->ldap->connect()) { $this->writeln("Synchronisation impossible connexion impossible à l'annuaire"); return Command::FAILURE; } $this->writeln(''); $this->writeln('====================================================='); $this->writeln('== SYNCHONISATION LDAP TO NINE ======================'); $this->writeln('====================================================='); $tbniveau01members = []; $tbgroupmembers = []; $tbniveau01s = []; $tbgroups = []; $tbusers = []; $ldapniveau01s = $this->em->createQueryBuilder()->select('entity')->from('App:Niveau01', 'entity')->where('entity.ldapfilter IS NOT NULL')->getQuery()->getResult(); $ldapgroups = $this->em->createQueryBuilder()->select('entity')->from('App:Group', 'entity')->where('entity.ldapfilter IS NOT NULL')->getQuery()->getResult(); $fgsynchroniveau01s = (!empty($this->baseniveau01) && !empty($this->groupgid) && !empty($this->groupname) && !empty($this->filtergroup)); $fgsynchrogroups = (!empty($this->basegroup) && !empty($this->groupgid) && !empty($this->groupname) && !empty($this->filtergroup)); $fgsynchrousers = (!empty($this->baseuser) && !empty($this->username) && !empty($this->email) && !empty($this->filteruser)); $fgsynchropurgeniveau01s = ($fgsynchroniveau01s && $this->synchropurgeniveau01); $fgsynchropurgegroups = ($fgsynchrogroups && $this->synchropurgegroup); $fgsynchropurgeusers = ($fgsynchrousers && $this->synchropurgeuser); // Synchronisation des niveau01s if ($fgsynchroniveau01s) { $this->writeln(''); $this->writeln('== NIVEAU01 ========================================='); $ldapentrys = $this->ldap->search($this->filtergroup, [$this->groupgid, $this->groupname, $this->groupmember], $this->baseniveau01); foreach ($ldapentrys as $ldapentry) { $niveau01other = $this->em->getRepository("App\Entity\Niveau01")->findOneBy(['label' => $ldapentry[$this->groupname]]); if ($niveau01other && $niveau01other->getIdexternal() != $ldapentry[$this->groupgid]) { $this->writelnred(' > '.$ldapentry[$this->groupname].' = Impossible à synchroniser un autre niveau01 existe déjà avec ce label'); continue; } // On recherche le groupe via le gid $this->writeln(' > '.$ldapentry[$this->groupname]); $niveau01 = $this->em->getRepository("App\Entity\Niveau01")->findOneBy(['idexternal' => $ldapentry[$this->groupgid]]); if (!$niveau01) { $niveau01 = new Niveau01(); $niveau01->setApikey(Uuid::uuid4()); $this->em->persist($niveau01); } $niveau01->setIdexternal($ldapentry[$this->groupgid]); $niveau01->setLabel($ldapentry[$this->groupname]); $niveau01->setLdapfilter('('.$this->groupname.'='.$ldapentry[$this->groupname].')'); $this->em->flush(); // Sauvegarde du niveau01ldap array_push($tbniveau01s, $ldapentry[$this->groupname]); // Sauvegarde des membres du niveau01 if (!empty($ldapentry[$this->groupmember])) { if (!is_array($ldapentry[$this->groupmember])) { $member = $ldapentry[$this->groupmember]; if (!array_key_exists($member, $tbniveau01members)) { $tbniveau01members[$member] = []; } array_push($tbniveau01members[$member], $ldapentry[$this->groupname]); } else { foreach ($ldapentry[$this->groupmember] as $member) { if (!array_key_exists($member, $tbniveau01members)) { $tbniveau01members[$member] = []; } array_push($tbniveau01members[$member], $ldapentry[$this->groupname]); } } } } } else { $this->writeln(''); $this->writeln('== NIVEAU01 ========================================='); $this->writelnred(' > Synchronisation impossible il vous manque des paramétres ldap pour le faire'); } // Synchronisation des groups if ($fgsynchrogroups) { $this->writeln(''); $this->writeln('== GROUP ============================================'); $ldapentrys = $this->ldap->search($this->filtergroup, [$this->groupgid, $this->groupname, $this->groupmember], $this->basegroup); foreach ($ldapentrys as $ldapentry) { $groupother = $this->em->getRepository("App\Entity\Group")->findOneBy(['label' => $ldapentry[$this->groupname]]); if ($groupother && $groupother->getIdexternal() != $ldapentry[$this->groupgid]) { $this->writelnred(' > '.$ldapentry[$this->groupname].' = Impossible à synchroniser un autre groupe existe déjà avec ce label'); continue; } // On recherche le groupe via le gid $this->writeln(' > '.$ldapentry[$this->groupname]); $group = $this->em->getRepository("App\Entity\Group")->findOneBy(['idexternal' => $ldapentry[$this->groupgid]]); if (!$group) { $group = new Group(); $group->setIsopen(false); $group->setIsworkgroup(false); $group->setApikey(Uuid::uuid4()); $this->em->persist($group); } $group->setIdexternal($ldapentry[$this->groupgid]); $group->setLabel($ldapentry[$this->groupname]); $group->setLdapfilter('('.$this->groupname.'='.$ldapentry[$this->groupname].')'); $this->em->flush(); // Sauvegarde du groupldap array_push($tbgroups, $ldapentry[$this->groupname]); // Sauvegarde des membres du group if (!empty($ldapentry[$this->groupmember])) { if (!is_array($ldapentry[$this->groupmember])) { $member = $ldapentry[$this->groupmember]; if (!array_key_exists($member, $tbgroupmembers)) { $tbgroupmembers[$member] = []; } array_push($tbgroupmembers[$member], $ldapentry[$this->groupname]); } else { foreach ($ldapentry[$this->groupmember] as $member) { if (!array_key_exists($member, $tbgroupmembers)) { $tbgroupmembers[$member] = []; } array_push($tbgroupmembers[$member], $ldapentry[$this->groupname]); } } } } } else { $this->writeln(''); $this->writeln('== GROUP ============================================'); $this->writelnred(' > Synchronisation impossible il vous manque des paramétres ldap pour le faire'); } // Synchronisation des users if ($fgsynchrousers) { $this->writeln(''); $this->writeln('== USER ============================================='); $ldapentrys = $this->ldap->search($this->filteruser, [$this->username, $this->firstname, $this->lastname, $this->email, $this->avatar, $this->memberof], $this->baseuser); foreach ($ldapentrys as $ldapentry) { $userother = $this->em->getRepository("App\Entity\User")->findOneBy(['email' => $ldapentry[$this->email]]); if ($userother && $userother->getUSername() != $ldapentry[$this->username]) { $this->writelnred(' > '.$ldapentry[$this->groupname].' = Impossible à synchroniser un autre user existe déjà avec ce mail'); continue; } $userother = $this->em->getRepository("App\Entity\Registration")->findOneBy(['email' => $ldapentry[$this->email]]); if ($userother && $userother->getUSername() != $ldapentry[$this->username]) { $this->writelnred(' > '.$ldapentry[$this->username].' = Impossible à synchroniser un autre user existe déjà avec ce mail'); continue; } // On recherche le user via le username $this->writeln(' > '.$ldapentry[$this->username]); $user = $this->em->getRepository("App\Entity\User")->findOneBy(['username' => $ldapentry[$this->username]]); if (!$user) { $user = new User(); $user->setUsername($ldapentry[$this->username]); $user->setIsactive(true); $user->setIsvisible(true); $user->setApikey(Uuid::uuid4()); $user->setRole('ROLE_USER'); $user->setAvatar('noavatar.png'); $uuid = Uuid::uuid4(); $user->setPassword('PWD-'.$ldapentry[$this->username].'-'.$uuid); $this->em->persist($user); } // Recherche du niveau01 $niveau01 = null; if ($user->getNiveau01() && empty($user->getNiveau01()->getIdexternal())) { $niveau01 = $user->getNiveau01(); } if (array_key_exists($ldapentry[$this->username], $tbniveau01members)) { $niveau01 = $this->em->getRepository("App\Entity\Niveau01")->findOneBy(['label' => $tbniveau01members[$ldapentry[$this->username]][0]]); } if (!$niveau01) { $niveau01 = $this->em->getRepository('App\Entity\Niveau01')->find(-1); } // Mise à jour des attributs if (!empty($ldapentry[$this->lastname])) { $user->setLastname($ldapentry[$this->lastname]); } if (!empty($ldapentry[$this->firstname])) { $user->setFirstname($ldapentry[$this->firstname]); } if (!empty($ldapentry[$this->email])) { $user->setEmail($ldapentry[$this->email]); } if (!empty($ldapentry[$this->avatar])) { $user->setAvatar($ldapentry[$this->avatar]); } // Mise à jour du niveau01 if ($niveau01 != $user->getNiveau01()) { $user->setNiveau02(null); $user->setNiveau03(null); $user->setNiveau04(null); } $user->setNiveau01($niveau01); // Mise à jour du role if (in_array($ldapentry[$this->username], $this->container->getParameter('appAdmins'))) { $user->setRole('ROLE_ADMIN'); } // Sauvegarde en bdd $this->em->flush(); // Sauvegarde du userldap array_push($tbusers, $ldapentry[$this->username]); // Inscription au groupe if (array_key_exists($ldapentry[$this->username], $tbgroupmembers)) { foreach ($tbgroupmembers[$ldapentry[$this->username]] as $grouplabel) { $group = $this->em->getRepository("App\Entity\Group")->findOneBy(['label' => $grouplabel]); if ($group) { $usergroup = $this->em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $user, 'group' => $group]); if (!$usergroup) { $usergroup = new UserGroup(); $usergroup->setUser($user); $usergroup->setGroup($group); $usergroup->setApikey(Uuid::uuid4()); $usergroup->setRolegroup(0); $this->em->persist($usergroup); $this->em->flush(); } } } } // Desinscription des group ldap foreach ($ldapgroups as $group) { if (!array_key_exists($ldapentry[$this->username], $tbgroupmembers) || !in_array($group->getLabel(), $tbgroupmembers[$ldapentry[$this->username]])) { $usergroup = $this->em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $user, 'group' => $group]); if ($usergroup) { $this->em->remove($usergroup); $this->em->flush(); } } } } } else { $this->writeln(''); $this->writeln('== USER ============================================='); $this->writelnred(' > Synchronisation impossible il vous manque des paramétres ldap pour le faire'); } // Purge des users if ($fgsynchropurgeusers) { $this->writeln(''); $this->writeln('== PURGE USER ============================================='); $users = $this->em->getRepository("App\Entity\User")->findAll(); foreach ($users as $user) { if (!in_array($user->getUsername(), $tbusers)) { if ($user->getId() > 0) { $this->writeln(' > '.$user->getUSername()); try { $this->em->remove($user); $this->em->flush(); } catch (\Exception $e) { $user->setIsactive(false); $this->em->flush(); } } } } } // Purge des groups if ($fgsynchropurgegroups) { $this->writeln(''); $this->writeln('== PURGE GROUP ============================================='); foreach ($ldapgroups as $group) { if (!in_array($group->getLabel(), $tbgroups)) { if ($group->getId() > 0) { $this->writeln(' > '.$group->getLabel()); $this->em->remove($group); } else { $group->setLdapfilter(null); $group->setIdexternal(null); } $this->em->flush(); } } } // Purge des niveau01s if ($fgsynchropurgeniveau01s) { $this->writeln(''); $this->writeln('== PURGE NIVEAU01 ============================================='); foreach ($ldapniveau01s as $niveau01) { if (!in_array($niveau01->getLabel(), $tbniveau01s)) { if ($niveau01->getId() > 0) { $user = $this->em->getRepository("App\Entity\User")->findOneBy(['niveau01' => $niveau01]); if ($user) { $resetniveau01 = $this->em->getRepository("App\Entity\User")->find(-1); $user->setNiveau01($resetniveau01); $user->setNiveau02(null); $user->setNiveau03(null); $user->setNiveau04(null); } $this->writeln(' > '.$niveau01->getLabel()); $this->em->remove($niveau01); } else { $niveau01->setLdapfilter(null); $niveau01->setIdexternal(null); } $this->em->flush(); } } } return Command::SUCCESS; } private function nine2ldap() { $this->writelnred(''); $this->writelnred('== app:Synchro'); $this->writelnred('=========================================================================================================='); // Synchronisation impossible si aucune connexion à l'annuaire if (!$this->ldap->isNine2Ldap()) { $this->writeln('Synchronisation impossible soit :'); $this->writeln("- connexion impossible à l'annuaire"); $this->writeln('- appMasteridentity!=SQL'); $this->writeln("- votre user ldap n'a pas de permission en écriture"); $this->writeln("- vous n'avez pas renseigné les bases de votre organisation"); return Command::FAILURE; } $this->writeln(''); $this->writeln('====================================================='); $this->writeln('== SYNCHONISATION NINE TO LDAP ======================'); $this->writeln('====================================================='); $this->writeln(''); $this->writeln('== ORGANISATION ====================================='); $this->writeln($this->baseorganisation); $this->writeln($this->baseniveau01); $this->writeln($this->baseniveau02); $this->writeln($this->baseniveau03); $this->writeln($this->baseniveau04); $this->writeln($this->basegroup); $this->writeln($this->baseuser); $this->ldap->addOrganisations(); $this->writeln(''); $this->writeln('== USER ============================================='); $users = $this->em->getRepository("App\Entity\User")->findBy(['isactive' => true]); $attributes = $this->ldap->listAttributesUser(); foreach ($users as $user) { $filter = str_replace('*', $user->getUsername(), $this->filteruser); $ldapentrys = $this->ldap->search($filter, $attributes, $this->baseuser); if (empty($ldapentrys)) { $this->writeln($user->getUsername().' = SUBMIT'); $this->ldap->addUser($user); } elseif ($this->ldap->ismodifyUser($user, $ldapentrys[0])) { $this->writeln($user->getUsername().' = UPDATE'); $this->ldap->modifyUser($user); } } $ldapentrys = $this->ldap->search($this->filteruser, $attributes, $this->baseuser); foreach ($ldapentrys as $ldapentry) { $user = $this->em->getRepository("App\Entity\User")->findOneBy(['username' => $ldapentry['uid'], 'isactive' => true]); if (!$user) { $this->writeln($ldapentry['uid'].' = DELETE'); $dn = $this->ldap->getUserDN($ldapentry['uid']); $this->ldap->deleteByDN($dn); } } $this->writeln(''); $this->writeln('== GROUP ============================================'); $groups = $this->em->getRepository("App\Entity\Group")->findAll(); $attributes = $this->ldap->listAttributesGroup(); foreach ($groups as $group) { if ($group->getLdapfilter()) { $group->setLdapfilter(null); $this->em->flush(); } $filter = 'gidnumber='.$group->getId(); $ldapentrys = $this->ldap->search($filter, $attributes, $this->basegroup); if (empty($ldapentrys)) { $filter = str_replace('*', $group->getLabel(), $this->filtergroup); $ldapentrys = $this->ldap->search($filter, $attributes, $this->baseniveau01); } if (empty($ldapentrys)) { $this->writeln($group->getLabel().' = SUBMIT'); $this->ldap->addGroup($group); } elseif ($this->ldap->ismodifyGroup($group, $ldapentrys[0])) { $this->writeln($group->getLabel().' = UPDATE'); $this->ldap->modifyGroup($group, $ldapentrys[0]['cn']); } } $ldapentrys = $this->ldap->search($this->filtergroup, $attributes, $this->basegroup); foreach ($ldapentrys as $ldapentry) { $group = $this->em->getRepository("App\Entity\Group")->find($ldapentry['gidnumber']); if (!$group) { $this->writeln($ldapentry['cn'].' = DELETE'); $dn = $this->ldap->getGroupDN($ldapentry['cn']); $this->ldap->deleteByDN($dn); } } $this->writeln(''); $this->writeln('== NIVEAU04 ========================================='); $niveau04s = $this->em->getRepository("App\Entity\Niveau04")->findAll(); $attributes = $this->ldap->listAttributesNiveau04(); foreach ($niveau04s as $niveau04) { $filter = 'gidnumber='.$niveau04->getId(); $ldapentrys = $this->ldap->search($filter, $attributes, $this->baseniveau04); if (empty($ldapentrys)) { $filter = str_replace('*', $niveau04->getLabel(), $this->filtergroup); $ldapentrys = $this->ldap->search($filter, $attributes, $this->baseniveau01); } if (empty($ldapentrys)) { $this->writeln($niveau04->getLabel().' = SUBMIT'); $this->ldap->addNiveau04($niveau04); } elseif ($this->ldap->ismodifyNiveau04($niveau04, $ldapentrys[0])) { $this->writeln($niveau04->getLabel().' = UPDATE'); $this->ldap->modifyNiveau04($niveau04, $ldapentrys[0]['cn']); } } $ldapentrys = $this->ldap->search($this->filtergroup, $attributes, $this->baseniveau04); foreach ($ldapentrys as $ldapentry) { $niveau04 = $this->em->getRepository("App\Entity\Niveau04")->find($ldapentry['gidnumber']); if (!$niveau04) { $this->writeln($ldapentry['cn'].' = DELETE'); $dn = $this->ldap->getNiveau04DN($ldapentry['cn']); $this->ldap->deleteByDN($dn); } } $this->writeln(''); $this->writeln('== NIVEAU03 ========================================='); $niveau03s = $this->em->getRepository("App\Entity\Niveau03")->findAll(); $attributes = $this->ldap->listAttributesNiveau03(); foreach ($niveau03s as $niveau03) { $filter = 'gidnumber='.$niveau03->getId(); $ldapentrys = $this->ldap->search($filter, $attributes, $this->baseniveau03); if (empty($ldapentrys)) { $filter = str_replace('*', $niveau03->getLabel(), $this->filtergroup); $ldapentrys = $this->ldap->search($filter, $attributes, $this->baseniveau01); } if (empty($ldapentrys)) { $this->writeln($niveau03->getLabel().' = SUBMIT'); $this->ldap->addNiveau03($niveau03); } elseif ($this->ldap->ismodifyNiveau03($niveau03, $ldapentrys[0])) { $this->writeln($niveau03->getLabel().' = UPDATE'); $this->ldap->modifyNiveau03($niveau03, $ldapentrys[0]['cn']); } } $ldapentrys = $this->ldap->search($this->filtergroup, $attributes, $this->baseniveau03); foreach ($ldapentrys as $ldapentry) { $niveau03 = $this->em->getRepository("App\Entity\Niveau03")->find($ldapentry['gidnumber']); if (!$niveau03) { $this->writeln($ldapentry['cn'].' = DELETE'); $dn = $this->ldap->getNiveau03DN($ldapentry['cn']); $this->ldap->deleteByDN($dn); } } $this->writeln(''); $this->writeln('== NIVEAU02 ========================================='); $niveau02s = $this->em->getRepository("App\Entity\Niveau02")->findAll(); $attributes = $this->ldap->listAttributesNiveau02(); foreach ($niveau02s as $niveau02) { $filter = 'gidnumber='.$niveau02->getId(); $ldapentrys = $this->ldap->search($filter, $attributes, $this->baseniveau02); if (empty($ldapentrys)) { $filter = str_replace('*', $niveau02->getLabel(), $this->filtergroup); $ldapentrys = $this->ldap->search($filter, $attributes, $this->baseniveau01); } if (empty($ldapentrys)) { $this->writeln($niveau02->getLabel().' = SUBMIT'); $this->ldap->addNiveau02($niveau02); } elseif ($this->ldap->ismodifyNiveau02($niveau02, $ldapentrys[0])) { $this->writeln($niveau02->getLabel().' = UPDATE'); $this->ldap->modifyNiveau02($niveau02, $ldapentrys[0]['cn']); } } $ldapentrys = $this->ldap->search($this->filtergroup, $attributes, $this->baseniveau02); foreach ($ldapentrys as $ldapentry) { $niveau02 = $this->em->getRepository("App\Entity\Niveau02")->find($ldapentry['gidnumber']); if (!$niveau02) { $this->writeln($ldapentry['cn'].' = DELETE'); $dn = $this->ldap->getNiveau02DN($ldapentry['cn']); $this->ldap->deleteByDN($dn); } } $this->writeln(''); $this->writeln('== NIVEAU01 ========================================='); $niveau01s = $this->em->getRepository("App\Entity\Niveau01")->findAll(); $attributes = $this->ldap->listAttributesNiveau01(); foreach ($niveau01s as $niveau01) { if ($niveau01->getLdapfilter()) { $niveau01->setLdapfilter(null); $this->em->flush(); } $filter = 'gidnumber='.$niveau01->getId(); $ldapentrys = $this->ldap->search($filter, $attributes, $this->baseniveau01); if (empty($ldapentrys)) { $filter = str_replace('*', $niveau01->getLabel(), $this->filtergroup); $ldapentrys = $this->ldap->search($filter, $attributes, $this->baseniveau01); } if (empty($ldapentrys)) { $this->writeln($niveau01->getLabel().' = SUBMIT'); $this->ldap->addNiveau01($niveau01); } elseif ($this->ldap->ismodifyNiveau01($niveau01, $ldapentrys[0])) { $this->writeln($niveau01->getLabel().' = UPDATE'); $this->ldap->modifyNiveau01($niveau01, $ldapentrys[0]['cn']); } } $ldapentrys = $this->ldap->search($this->filtergroup, $attributes, $this->baseniveau01); foreach ($ldapentrys as $ldapentry) { $niveau01 = $this->em->getRepository("App\Entity\Niveau01")->find($ldapentry['gidnumber']); if (!$niveau01) { $this->writeln($ldapentry['cn'].' = DELETE'); $dn = $this->ldap->getNiveau01DN($ldapentry['cn']); $this->ldap->deleteByDN($dn); } } return Command::SUCCESS; } private function nine2nine() { $this->writelnred(''); $this->writelnred('== app:Synchro'); $this->writelnred('=========================================================================================================='); // Synchronisation ldap2nine possible uniquement si appMasteridentity=NINE if ('NINE' != $this->appMasteridentity) { $this->writeln('Synchronisation impossible si appMasteridentity!=NINE'); return Command::FAILURE; } $nineurl = $this->container->getParameter('nineUrl'); $ninesecret = $this->container->getParameter('nineSecret'); if (!$nineurl || !$ninesecret) { $this->writeln('Synchronisation impossible soit parametres NINE_URL et/ou NINE_SECRET manquant'); return Command::FAILURE; } $nineurl .= '/rest/'; $this->writeln(''); $this->writeln('====================================================='); $this->writeln('== SYNCHONISATION NINE TO NINE ======================'); $this->writeln('====================================================='); $nineniveau01s = $this->em->createQueryBuilder()->select('entity')->from('App:Niveau01', 'entity')->where('entity.idexternal IS NOT NULL')->getQuery()->getResult(); $ninegroups = $this->em->createQueryBuilder()->select('entity')->from('App:Group', 'entity')->where('entity.idexternal IS NOT NULL')->getQuery()->getResult(); $tbniveau01members = []; $tbgroupmembers = []; $tbniveau01s = []; $tbgroups = []; $tbusers = []; $fgsynchropurgeniveau01s = $this->synchropurgeniveau01; $fgsynchropurgegroups = $this->synchropurgegroup; $fgsynchropurgeusers = $this->synchropurgeuser; $this->writeln(''); $this->writeln('== NIVEAU01 ========================================='); $response = $this->apiservice->run('GET', $nineurl.'getAllNiveau01s', null, ['key' => $ninesecret]); if ('200' != $response->code) { return Command::FAILURE; } foreach ($response->body as $nineniveau01) { $niveau01other = $this->em->getRepository("App\Entity\Niveau01")->findOneBy(['label' => $nineniveau01->niveau01label]); if ($niveau01other && $niveau01other->getIdexternal() != $nineniveau01->niveau01id) { $this->writelnred(' > '.$nineniveau01->niveau01label.' = Impossible à synchroniser un autre niveau01 existe déjà avec ce label'); continue; } // On recherche le groupe via le gid $this->writeln(' > '.$nineniveau01->niveau01label); $niveau01 = $this->em->getRepository("App\Entity\Niveau01")->findOneBy(['idexternal' => $nineniveau01->niveau01id]); if (!$niveau01) { $niveau01 = new Niveau01(); $niveau01->setApikey(Uuid::uuid4()); $this->em->persist($niveau01); } $niveau01->setIdexternal($nineniveau01->niveau01id); $niveau01->setLabel($nineniveau01->niveau01label); $this->em->flush(); // Sauvegarde du niveau01nine array_push($tbniveau01s, $nineniveau01->niveau01label); // Sauvegarde des membres du niveau01 if (!empty($nineniveau01->niveau01users)) { foreach ($nineniveau01->niveau01users as $member) { if (!array_key_exists($member->userlogin, $tbniveau01members)) { $tbniveau01members[$member->userlogin] = []; } array_push($tbniveau01members[$member->userlogin], $nineniveau01->niveau01label); } } } $this->writeln(''); $this->writeln('== GROUP ============================================'); $response = $this->apiservice->run('GET', $nineurl.'getAllGroups', null, ['key' => $ninesecret]); if ('200' != $response->code) { return Command::FAILURE; } foreach ($response->body as $ninegroup) { $groupother = $this->em->getRepository("App\Entity\Group")->findOneBy(['label' => $ninegroup->grouplabel]); if ($groupother && $groupother->getIdexternal() != $ninegroup->groupid) { $this->writelnred(' > '.$ninegroup->grouplabel.' = Impossible à synchroniser un autre group existe déjà avec ce label'); continue; } // On recherche le groupe via le gid $this->writeln(' > '.$ninegroup->grouplabel); $group = $this->em->getRepository("App\Entity\Group")->findOneBy(['idexternal' => $ninegroup->groupid]); if (!$group) { $group = new Group(); $group->setIsopen(false); $group->setIsworkgroup(false); $group->setApikey(Uuid::uuid4()); $this->em->persist($group); } $group->setIdexternal($ninegroup->groupid); $group->setLabel($ninegroup->grouplabel); $this->em->flush(); // Sauvegarde du groupnine array_push($tbgroups, $ninegroup->grouplabel); // Sauvegarde des membres du group if (!empty($ninegroup->groupusers)) { foreach ($ninegroup->groupusers as $member) { if (!array_key_exists($member->userlogin, $tbgroupmembers)) { $tbgroupmembers[$member->userlogin] = []; } array_push($tbgroupmembers[$member->userlogin], $ninegroup->grouplabel); } } } $this->writeln(''); $this->writeln('== USER ============================================='); $response = $this->apiservice->run('GET', $nineurl.'getAllUsers', null, ['key' => $ninesecret]); if ('200' != $response->code) { return Command::FAILURE; } $nineusers = $response->body; foreach ($nineusers as $nineuser) { $userother = $this->em->getRepository("App\Entity\User")->findOneBy(['email' => $nineuser->useremail]); if ($userother && $userother->getUsername() != $nineuser->userlogin) { $this->writelnred(' > '.$nineuser->userlogin.' = Impossible à synchroniser un autre user existe déjà avec ce mail'); continue; } $userother = $this->em->getRepository("App\Entity\Registration")->findOneBy(['email' => $nineuser->useremail]); if ($userother && $userother->getUSername() != $nineuser->userlogin) { $this->writelnred(' > '.$nineuser->userlogin.' = Impossible à synchroniser un autre user existe déjà avec ce mail'); continue; } // On recherche le user via le username $this->writeln(' > '.$nineuser->userlogin); $user = $this->em->getRepository("App\Entity\User")->findOneBy(['username' => $nineuser->userlogin]); if (!$user) { $user = new User(); $user->setUsername($nineuser->userlogin); $user->setIsactive(true); $user->setIsvisible(true); $user->setApikey(Uuid::uuid4()); $user->setRole('ROLE_USER'); $user->setAvatar($nineuser->useravatar); $uuid = Uuid::uuid4(); $user->setPassword('PWD-'.$nineuser->userlogin.'-'.$uuid); $this->em->persist($user); } // Recherche du niveau01 $niveau01 = null; if ($user->getNiveau01() && empty($user->getNiveau01()->getIdexternal())) { $niveau01 = $user->getNiveau01(); } if (array_key_exists($nineuser->userlogin, $tbniveau01members)) { $niveau01 = $this->em->getRepository("App\Entity\Niveau01")->findOneBy(['label' => $tbniveau01members[$nineuser->userlogin][0]]); } if (!$niveau01) { $niveau01 = $this->em->getRepository('App\Entity\Niveau01')->find(-1); } // Mise à jour des attributs if (!empty($nineuser->userlastname)) { $user->setLastname($nineuser->userlastname); } if (!empty($nineuser->userfirstname)) { $user->setFirstname($nineuser->userfirstname); } if (!empty($nineuser->useremail)) { $user->setEmail($nineuser->useremail); } if (!empty($nineuser->useravatar)) { $user->setAvatar($nineuser->useravatar); } // Mise à jour du niveau01 if ($niveau01 != $user->getNiveau01()) { $user->setNiveau02(null); $user->setNiveau03(null); $user->setNiveau04(null); } $user->setNiveau01($niveau01); // Mise à jour du role if (in_array($nineuser->userlogin, $this->container->getParameter('appAdmins'))) { $user->setRole('ROLE_ADMIN'); } // Sauvegarde en bdd $this->em->flush(); // Sauvegarde du userldap array_push($tbusers, $nineuser->userlogin); // Inscription au groupe if (array_key_exists($nineuser->userlogin, $tbgroupmembers)) { foreach ($tbgroupmembers[$nineuser->userlogin] as $grouplabel) { $group = $this->em->getRepository("App\Entity\Group")->findOneBy(['label' => $grouplabel]); if ($group) { $usergroup = $this->em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $user, 'group' => $group]); if (!$usergroup) { $usergroup = new UserGroup(); $usergroup->setUser($user); $usergroup->setGroup($group); $usergroup->setApikey(Uuid::uuid4()); $usergroup->setRolegroup(0); $this->em->persist($usergroup); $this->em->flush(); } } } } // Desinscription des group ldap foreach ($ninegroups as $group) { if (!array_key_exists($nineuser->userlogin, $tbgroupmembers) || !in_array($group->getLabel(), $tbgroupmembers[$nineuser->userlogin])) { $usergroup = $this->em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $user, 'group' => $group]); if ($usergroup) { $this->em->remove($usergroup); $this->em->flush(); } } } } // Purge des users if ($fgsynchropurgeusers) { $this->writeln(''); $this->writeln('== PURGE USER ============================================='); $users = $this->em->getRepository("App\Entity\User")->findAll(); foreach ($users as $user) { if (!in_array($user->getUsername(), $tbusers)) { if ($user->getId() > 0) { $this->writeln(' > '.$user->getUsername()); try { $this->em->remove($user); $this->em->flush(); } catch (\Exception $e) { $user->setIsactive(false); $this->em->flush(); } } } } } // Purge des groups if ($fgsynchropurgegroups) { $this->writeln(''); $this->writeln('== PURGE GROUP ============================================='); foreach ($ninegroups as $group) { if (!in_array($group->getLabel(), $tbgroups)) { if ($group->getId() > 0) { $this->writeln(' > '.$group->getLabel()); $this->em->remove($group); } else { $group->setLdapfilter(null); $group->setIdexternal(null); } $this->em->flush(); } } } // Purge des niveau01s if ($fgsynchropurgeniveau01s) { $this->writeln(''); $this->writeln('== PURGE NIVEAU01 ============================================='); foreach ($nineniveau01s as $niveau01) { if (!in_array($niveau01->getLabel(), $tbniveau01s)) { if ($niveau01->getId() > 0) { $user = $this->em->getRepository("App\Entity\User")->findOneBy(['niveau01' => $niveau01]); if ($user) { $resetniveau01 = $this->em->getRepository("App\Entity\User")->find(-1); $user->setNiveau01($resetniveau01); $user->setNiveau02(null); $user->setNiveau03(null); $user->setNiveau04(null); } $this->writeln(' > '.$niveau01->getLabel()); $this->em->remove($niveau01); } else { $niveau01->setLdapfilter(null); $niveau01->setIdexternal(null); } $this->em->flush(); } } } return Command::SUCCESS; } private function writelnred($string) { $this->output->writeln(''.$string.''); $this->filesystem->appendToFile($this->rootlog.'cron.log', $string."\n"); } private function writeln($string) { $this->output->writeln($string); $this->filesystem->appendToFile($this->rootlog.'cron.log', $string."\n"); } protected function addUser($niveau01, $username, $firstname, $lastname, $email, $usersadmin) { $user = new User(); $user->setUsername($username); $user->setLastname($lastname); $user->setFirstname($firstname); $user->setEmail($email); $user->setNiveau01($niveau01); $user->setSiren($niveau01->getSiren()); $user->setVisible(true); $user->setAuthlevel('simple'); $user->setBelongingpopulation('agent'); $uuid = Uuid::uuid4(); $user->setPassword('PWD-'.$username.'-'.$uuid); if (in_array($username, $usersadmin)) { $user->setRole('ROLE_ADMIN'); } else { $user->setRole('ROLE_USER'); } $this->em->persist($user); $this->em->flush(); } protected function modUser($user, $username, $firstname, $lastname, $email, $usersadmin) { $user->setLastname($lastname); $user->setFirstname($firstname); $user->setEmail($email); if (in_array($username, $usersadmin)) { $user->setRole('ROLE_ADMIN'); } $this->em->persist($user); $this->em->flush(); } }