container = $container; $this->em = $em; $this->ldap = $ldapservice; $this->apiservice = $apiservice; } protected function configure() { $this ->setName('app:Synchro') ->setDescription('Synchronisation Annuaire') ->setHelp('This command Synchro for Core') ; } protected function execute(InputInterface $input, OutputInterface $output) { $this->output = $output; $this->filesystem = new Filesystem(); $this->rootlog = $this->container->get('kernel')->getLogDir()."/"; $this->appMasteridentity = $this->container->getParameter('appMasteridentity'); $appSynchro = $this->container->getParameter('appSynchro'); $this->synchro = $this->container->getParameter("appSynchro"); $this->synchropurgeniveau01 = $this->container->getParameter("appSynchroPurgeNiveau01"); $this->synchropurgeniveau02 = $this->container->getParameter("appSynchroPurgeNiveau02"); $this->synchropurgegroup = $this->container->getParameter("appSynchroPurgeGroup"); $this->synchropurgeuser = $this->container->getParameter("appSynchroPurgeUser"); $this->host = $this->container->getParameter("ldapHost"); $this->port = $this->container->getParameter("ldapPort"); $this->usetls = $this->container->getParameter("ldapUsetls"); $this->userwriter = $this->container->getParameter("ldapUserwriter"); $this->user = $this->container->getParameter("ldapUser"); $this->password = $this->container->getParameter("ldapPassword"); $this->basedn = $this->container->getParameter("ldapBasedn"); $this->baseorganisation = $this->container->getParameter("ldapBaseorganisation"); $this->baseniveau01 = $this->container->getParameter("ldapBaseniveau01"); $this->baseniveau02 = $this->container->getParameter("ldapBaseniveau02"); $this->basegroup = $this->container->getParameter("ldapBasegroup"); $this->baseuser = $this->container->getParameter("ldapBaseuser"); $this->username = $this->container->getParameter("ldapUsername"); $this->firstname = $this->container->getParameter("ldapFirstname"); $this->lastname = $this->container->getParameter("ldapLastname"); $this->email = $this->container->getParameter("ldapEmail"); $this->avatar = $this->container->getParameter("ldapAvatar"); $this->memberof = $this->container->getParameter("ldapMemberof"); $this->groupgid = $this->container->getParameter("ldapGroupgid"); $this->groupname = $this->container->getParameter("ldapGroupname"); $this->groupmember = $this->container->getParameter("ldapGroupmember"); $this->groupmemberisdn = $this->container->getParameter("ldapGroupmemberisdn"); $this->filtergroup = $this->container->getParameter("ldapFiltergroup"); $this->filteruser = $this->container->getParameter("ldapFilteruser"); switch($appSynchro){ case "LDAP2NINE": $return=$this->ldap2nine(); break; case "NINE2LDAP": $return=$this->nine2ldap(); break; case "NINE2NINE": $return=$this->nine2nine(); break; default: $return=Command::SUCCESS; break; } $this->writeln(''); return $return; } private function ldap2nine() { $this->writelnred(''); $this->writelnred('== app:Synchro'); $this->writelnred('=========================================================================================================='); // Synchronisation ldap2nine possible uniquement si appMasteridentity=LDAP or SSO if($this->appMasteridentity!="LDAP"&&$this->appMasteridentity!="SSO") { $this->writeln("Synchronisation impossible si appMasteridentity!=LDAP et appMasteridentity!=SSO"); return Command::FAILURE; } // Synchronisation impossible si aucune connexion à l'annuaire if(!$this->ldap->connect()) { $this->writeln("Synchronisation impossible connexion impossible à l'annuaire"); return Command::FAILURE; } $this->writeln(''); $this->writeln('====================================================='); $this->writeln('== SYNCHONISATION LDAP TO NINE ======================'); $this->writeln('====================================================='); $tbniveau01members=[]; $tbgroupmembers=[]; $tbniveau01s=[]; $tbgroups=[]; $tbusers=[]; $ldapniveau01s=$this->em->createQueryBuilder()->select('entity')->from('App:Niveau01','entity')->where('entity.ldapfilter IS NOT NULL')->getQuery()->getResult(); $ldapgroups=$this->em->createQueryBuilder()->select('entity')->from('App:Group','entity')->where('entity.ldapfilter IS NOT NULL')->getQuery()->getResult(); $fgsynchroniveau01s=(!empty($this->baseniveau01)&&!empty($this->groupgid)&&!empty($this->groupname)&&!empty($this->filtergroup)); $fgsynchrogroups=(!empty($this->basegroup)&&!empty($this->groupgid)&&!empty($this->groupname)&&!empty($this->filtergroup)); $fgsynchrousers=(!empty($this->baseuser)&&!empty($this->username)&&!empty($this->email)&&!empty($this->filteruser)); $fgsynchropurgeniveau01s=($fgsynchroniveau01s&&$this->synchropurgeniveau01); $fgsynchropurgegroups=($fgsynchrogroups&&$this->synchropurgegroup); $fgsynchropurgeusers=($fgsynchrousers&&$this->synchropurgeuser); // Synchronisation des niveau01s if($fgsynchroniveau01s) { $this->writeln(''); $this->writeln('== NIVEAU01 ========================================='); $ldapentrys=$this->ldap->search($this->filtergroup,[$this->groupgid,$this->groupname,$this->groupmember],$this->baseniveau01); foreach($ldapentrys as $ldapentry) { $niveau01other=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["label"=>$ldapentry[$this->groupname]]); if($niveau01other&&$niveau01other->getIdexternal()!=$ldapentry[$this->groupgid]) { $this->writelnred(" > ".$ldapentry[$this->groupname]." = Impossible à synchroniser un autre niveau01 existe déjà avec ce label"); continue; } // On recherche le groupe via le gid $this->writeln(' > '.$ldapentry[$this->groupname]); $niveau01=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["idexternal"=>$ldapentry[$this->groupgid]]); if(!$niveau01) { $niveau01=new Niveau01(); $niveau01->setApikey(Uuid::uuid4()); $this->em->persist($niveau01); } $niveau01->setIdexternal($ldapentry[$this->groupgid]); $niveau01->setLabel($ldapentry[$this->groupname]); $niveau01->setLdapfilter("(".$this->groupname."=".$ldapentry[$this->groupname].")"); $this->em->flush(); // Sauvegarde du niveau01ldap array_push($tbniveau01s,$ldapentry[$this->groupname]); // Sauvegarde des membres du niveau01 if(!empty($ldapentry[$this->groupmember])) { if(!is_array($ldapentry[$this->groupmember])) { $member=$ldapentry[$this->groupmember]; if(!array_key_exists($member,$tbniveau01members)) $tbniveau01members[$member]=[]; array_push($tbniveau01members[$member],$ldapentry[$this->groupname]); } else { foreach($ldapentry[$this->groupmember] as $member) { if(!array_key_exists($member,$tbniveau01members)) $tbniveau01members[$member]=[]; array_push($tbniveau01members[$member],$ldapentry[$this->groupname]); } } } } } else { $this->writeln(''); $this->writeln('== NIVEAU01 ========================================='); $this->writelnred(" > Synchronisation impossible il vous manque des paramétres ldap pour le faire"); } // Synchronisation des groups if($fgsynchrogroups) { $this->writeln(''); $this->writeln('== GROUP ============================================'); $ldapentrys=$this->ldap->search($this->filtergroup,[$this->groupgid,$this->groupname,$this->groupmember],$this->basegroup); foreach($ldapentrys as $ldapentry) { $groupother=$this->em->getRepository("App\Entity\Group")->findOneBy(["label"=>$ldapentry[$this->groupname]]); if($groupother&&$groupother->getIdexternal()!=$ldapentry[$this->groupgid]) { $this->writelnred(" > ".$ldapentry[$this->groupname]." = Impossible à synchroniser un autre groupe existe déjà avec ce label"); continue; } // On recherche le groupe via le gid $this->writeln(' > '.$ldapentry[$this->groupname]); $group=$this->em->getRepository("App\Entity\Group")->findOneBy(["idexternal"=>$ldapentry[$this->groupgid]]); if(!$group) { $group=new Group(); $group->setIsopen(false); $group->setIsworkgroup(false); $group->setApikey(Uuid::uuid4()); $this->em->persist($group); } $group->setIdexternal($ldapentry[$this->groupgid]); $group->setLabel($ldapentry[$this->groupname]); $group->setLdapfilter("(".$this->groupname."=".$ldapentry[$this->groupname].")"); $this->em->flush(); // Sauvegarde du groupldap array_push($tbgroups,$ldapentry[$this->groupname]); // Sauvegarde des membres du group if(!empty($ldapentry[$this->groupmember])) { if(!is_array($ldapentry[$this->groupmember])) { $member=$ldapentry[$this->groupmember]; if(!array_key_exists($member,$tbgroupmembers)) $tbgroupmembers[$member]=[]; array_push($tbgroupmembers[$member],$ldapentry[$this->groupname]); } else { foreach($ldapentry[$this->groupmember] as $member) { if(!array_key_exists($member,$tbgroupmembers)) $tbgroupmembers[$member]=[]; array_push($tbgroupmembers[$member],$ldapentry[$this->groupname]); } } } } } else { $this->writeln(''); $this->writeln('== GROUP ============================================'); $this->writelnred(" > Synchronisation impossible il vous manque des paramétres ldap pour le faire"); } // Synchronisation des users if($fgsynchrousers) { $this->writeln(''); $this->writeln('== USER ============================================='); $ldapentrys=$this->ldap->search($this->filteruser,[$this->username,$this->firstname,$this->lastname,$this->email,$this->avatar,$this->memberof],$this->baseuser); foreach($ldapentrys as $ldapentry) { $userother=$this->em->getRepository("App\Entity\User")->findOneBy(["email"=>$ldapentry[$this->email]]); if($userother&&$userother->getUSername()!=$ldapentry[$this->username]) { $this->writelnred(" > ".$ldapentry[$this->groupname]." = Impossible à synchroniser un autre user existe déjà avec ce mail"); continue; } $userother=$this->em->getRepository("App\Entity\Registration")->findOneBy(["email"=>$ldapentry[$this->email]]); if($userother&&$userother->getUSername()!=$ldapentry[$this->username]) { $this->writelnred(" > ".$ldapentry[$this->username]." = Impossible à synchroniser un autre user existe déjà avec ce mail"); continue; } // On recherche le user via le username $this->writeln(' > '.$ldapentry[$this->username]); $user=$this->em->getRepository("App\Entity\User")->findOneBy(["username"=>$ldapentry[$this->username]]); if(!$user) { $user=new User(); $user->setUsername($ldapentry[$this->username]); $user->setIsvisible(true); $user->setApikey(Uuid::uuid4()); $user->setRole("ROLE_USER"); $user->setAvatar("noavatar.png"); $uuid=Uuid::uuid4(); $user->setPassword("PWD-".$ldapentry[$this->username]."-".$uuid); $this->em->persist($user); } // Recherche du niveau01 $niveau01=null; if($user->getNiveau01()&&empty($user->getNiveau01()->getIdexternal())) $niveau01=$user->getNiveau01(); if(array_key_exists($ldapentry[$this->username],$tbniveau01members)) $niveau01=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["label"=>$tbniveau01members[$ldapentry[$this->username]][0]]); if(!$niveau01) $niveau01=$this->em->getRepository('App\Entity\Niveau01')->find(-1); // Mise à jour des attributs if(!empty($ldapentry[$this->lastname])) $user->setLastname($ldapentry[$this->lastname]); if(!empty($ldapentry[$this->firstname])) $user->setFirstname($ldapentry[$this->firstname]); if(!empty($ldapentry[$this->email])) $user->setEmail($ldapentry[$this->email]); if(!empty($ldapentry[$this->avatar])) $user->setAvatar($ldapentry[$this->avatar]); // Mise à jour du niveau01 if($niveau01!=$user->getNiveau01()) $user->setNiveau02(null); $user->setNiveau01($niveau01); // Mise à jour du role if(in_array($ldapentry[$this->username],$this->container->getParameter("appAdmins"))) $user->setRole("ROLE_ADMIN"); // Sauvegarde en bdd $this->em->flush(); // Sauvegarde du userldap array_push($tbusers,$ldapentry[$this->username]); // Inscription au groupe if(array_key_exists($ldapentry[$this->username],$tbgroupmembers)) { foreach($tbgroupmembers[$ldapentry[$this->username]] as $grouplabel) { $group=$this->em->getRepository("App\Entity\Group")->findOneBy(["label"=>$grouplabel]); if($group) { $usergroup=$this->em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$user,"group"=>$group]); if(!$usergroup) { $usergroup=new UserGroup(); $usergroup->setUser($user); $usergroup->setGroup($group); $usergroup->setApikey(Uuid::uuid4()); $usergroup->setRolegroup(0); $this->em->persist($usergroup); $this->em->flush(); } } } } // Desinscription des group ldap foreach($ldapgroups as $group) { if(!array_key_exists($ldapentry[$this->username],$tbgroupmembers)||!in_array($group->getLabel(),$tbgroupmembers[$ldapentry[$this->username]])) { $usergroup=$this->em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$user,"group"=>$group]); if($usergroup) { $this->em->remove($usergroup); $this->em->flush(); } } } } } else { $this->writeln(''); $this->writeln('== USER ============================================='); $this->writelnred(" > Synchronisation impossible il vous manque des paramétres ldap pour le faire"); } // Purge des users if($fgsynchropurgeusers) { $this->writeln(''); $this->writeln('== PURGE USER ============================================='); $users=$this->em->getRepository("App\Entity\User")->findAll(); foreach($users as $user) { if(!in_array($user->getUsername(),$tbusers)) { if($user->getId()>0) { $this->writeln(' > '.$user->getUSername()); $this->em->remove($user); $this->em->flush(); } } } } // Purge des groups if($fgsynchropurgegroups) { $this->writeln(''); $this->writeln('== PURGE GROUP ============================================='); foreach($ldapgroups as $group) { if(!in_array($group->getLabel(),$tbgroups)) { if($group->getId()>0) { $this->writeln(' > '.$group->getLabel()); $this->em->remove($group); } else { $group->setLdapfilter(null); $group->setIdexternal(null); } $this->em->flush(); } } } // Purge des niveau01s if($fgsynchropurgeniveau01s) { $this->writeln(''); $this->writeln('== PURGE NIVEAU01 ============================================='); foreach($ldapniveau01s as $niveau01) { if(!in_array($niveau01->getLabel(),$tbniveau01s)) { if($niveau01->getId()>0) { $user=$this->em->getRepository("App\Entity\User")->findOneBy(["niveau01"=>$niveau01]); if($user) { $resetniveau01=$this->em->getRepository("App\Entity\User")->find(-1); $user->setNiveau01($resetniveau01); $user->setNiveau02(null); } $this->writeln(' > '.$niveau01->getLabel()); $this->em->remove($niveau01); } else { $niveau01->setLdapfilter(null); $niveau01->setIdexternal(null); } $this->em->flush(); } } } return Command::SUCCESS; } private function nine2ldap() { $this->writelnred(''); $this->writelnred('== app:Synchro'); $this->writelnred('=========================================================================================================='); // Synchronisation impossible si aucune connexion à l'annuaire if(!$this->ldap->isNine2Ldap()) { $this->writeln("Synchronisation impossible soit :"); $this->writeln("- connexion impossible à l'annuaire"); $this->writeln("- appMasteridentity!=SQL"); $this->writeln("- votre user ldap n'a pas de permission en écriture"); $this->writeln("- vous n'avez pas renseigné les bases de votre organisation"); return Command::FAILURE; } $this->writeln(''); $this->writeln('====================================================='); $this->writeln('== SYNCHONISATION NINE TO LDAP ======================'); $this->writeln('====================================================='); $this->writeln(''); $this->writeln('== ORGANISATION ====================================='); $this->writeln($this->baseorganisation); $this->writeln($this->baseniveau01); $this->writeln($this->baseniveau02); $this->writeln($this->basegroup); $this->writeln($this->baseuser); $this->ldap->addOrganisations(); $this->writeln(''); $this->writeln('== USER ============================================='); $users=$this->em->getRepository("App\Entity\User")->findAll(); $attributes=$this->ldap->listAttributesUser(); foreach($users as $user) { $filter=str_replace("*",$user->getUsername(),$this->filteruser); $ldapentrys=$this->ldap->search($filter,$attributes,$this->baseuser); if(empty($ldapentrys)) { $this->writeln($user->getUsername()." = SUBMIT"); $this->ldap->addUser($user); } elseif($this->ldap->ismodifyUser($user,$ldapentrys[0])) { $this->writeln($user->getUsername()." = UPDATE"); $this->ldap->modifyUser($user); } } $ldapentrys=$this->ldap->search($this->filteruser,$attributes,$this->baseuser); foreach($ldapentrys as $ldapentry) { $user=$this->em->getRepository("App\Entity\User")->findOneBy(["username"=>$ldapentry["uid"]]); if(!$user) { $this->writeln($ldapentry["uid"]." = DELETE"); $dn=$this->ldap->getUserDN($ldapentry["uid"]); $this->ldap->deleteByDN($dn); } } $this->writeln(''); $this->writeln('== GROUP ============================================'); $groups=$this->em->getRepository("App\Entity\Group")->findAll(); $attributes=$this->ldap->listAttributesGroup(); foreach($groups as $group) { if($group->getLdapfilter()) { $group->setLdapfilter(null); $this->em->flush(); } $filter="gidnumber=".$group->getId(); $ldapentrys=$this->ldap->search($filter,$attributes,$this->basegroup); if(empty($ldapentrys)) { $filter=str_replace("*",$group->getLabel(),$this->filtergroup); $ldapentrys=$this->ldap->search($filter,$attributes,$this->baseniveau01); } if(empty($ldapentrys)) { $this->writeln($group->getLabel()." = SUBMIT"); $this->ldap->addGroup($group); } elseif($this->ldap->ismodifyGroup($group,$ldapentrys[0])) { $this->writeln($group->getLabel()." = UPDATE"); $this->ldap->modifyGroup($group,$ldapentrys[0]["cn"]); } } $ldapentrys=$this->ldap->search($this->filtergroup,$attributes,$this->basegroup); foreach($ldapentrys as $ldapentry) { $group=$this->em->getRepository("App\Entity\Group")->find($ldapentry["gidnumber"]); if(!$group) { $this->writeln($ldapentry["cn"]." = DELETE"); $dn=$this->ldap->getGroupDN($ldapentry["cn"]); $this->ldap->deleteByDN($dn); } } $this->writeln(''); $this->writeln('== NIVEAU02 ========================================='); $niveau02s=$this->em->getRepository("App\Entity\Niveau02")->findAll(); $attributes=$this->ldap->listAttributesNiveau02(); foreach($niveau02s as $niveau02) { $filter="gidnumber=".$niveau02->getId(); $ldapentrys=$this->ldap->search($filter,$attributes,$this->baseniveau02); if(empty($ldapentrys)) { $filter=str_replace("*",$niveau02->getLabel(),$this->filtergroup); $ldapentrys=$this->ldap->search($filter,$attributes,$this->baseniveau01); } if(empty($ldapentrys)) { $this->writeln($niveau02->getLabel()." = SUBMIT"); $this->ldap->addNiveau02($niveau02); } elseif($this->ldap->ismodifyNiveau02($niveau02,$ldapentrys[0])) { $this->writeln($niveau02->getLabel()." = UPDATE"); $this->ldap->modifyNiveau02($niveau02,$ldapentrys[0]["cn"]); } } $ldapentrys=$this->ldap->search($this->filtergroup,$attributes,$this->baseniveau02); foreach($ldapentrys as $ldapentry) { $niveau02=$this->em->getRepository("App\Entity\Niveau02")->find($ldapentry["gidnumber"]); if(!$niveau02) { $this->writeln($ldapentry["cn"]." = DELETE"); $dn=$this->ldap->getNiveau02DN($ldapentry["cn"]); $this->ldap->deleteByDN($dn); } } $this->writeln(''); $this->writeln('== NIVEAU01 ========================================='); $niveau01s=$this->em->getRepository("App\Entity\Niveau01")->findAll(); $attributes=$this->ldap->listAttributesNiveau01(); foreach($niveau01s as $niveau01) { if($niveau01->getLdapfilter()) { $niveau01->setLdapfilter(null); $this->em->flush(); } $filter="gidnumber=".$niveau01->getId(); $ldapentrys=$this->ldap->search($filter,$attributes,$this->baseniveau01); if(empty($ldapentrys)) { $filter=str_replace("*",$niveau01->getLabel(),$this->filtergroup); $ldapentrys=$this->ldap->search($filter,$attributes,$this->baseniveau01); } if(empty($ldapentrys)) { $this->writeln($niveau01->getLabel()." = SUBMIT"); $this->ldap->addNiveau01($niveau01); } elseif($this->ldap->ismodifyNiveau01($niveau01,$ldapentrys[0])) { $this->writeln($niveau01->getLabel()." = UPDATE"); $this->ldap->modifyNiveau01($niveau01,$ldapentrys[0]["cn"]); } } $ldapentrys=$this->ldap->search($this->filtergroup,$attributes,$this->baseniveau01); foreach($ldapentrys as $ldapentry) { $niveau01=$this->em->getRepository("App\Entity\Niveau01")->find($ldapentry["gidnumber"]); if(!$niveau01) { $this->writeln($ldapentry["cn"]." = DELETE"); $dn=$this->ldap->getNiveau01DN($ldapentry["cn"]); $this->ldap->deleteByDN($dn); } } return Command::SUCCESS; } private function nine2nine() { $this->writelnred(''); $this->writelnred('== app:Synchro'); $this->writelnred('=========================================================================================================='); // Synchronisation ldap2nine possible uniquement si appMasteridentity=NINE if($this->appMasteridentity!="NINE") { $this->writeln("Synchronisation impossible si appMasteridentity!=NINE"); return Command::FAILURE; } $nineurl = $this->container->getParameter("nineUrl"); $ninesecret = $this->container->getParameter("nineSecret"); if(!$nineurl||!$ninesecret) { $this->writeln("Synchronisation impossible soit parametres NINE_URL et/ou NINE_SECRET manquant"); return Command::FAILURE; } $nineurl.="/rest/"; $this->writeln(''); $this->writeln('====================================================='); $this->writeln('== SYNCHONISATION NINE TO NINE ======================'); $this->writeln('====================================================='); $nineniveau01s=$this->em->createQueryBuilder()->select('entity')->from('App:Niveau01','entity')->where('entity.idexternal IS NOT NULL')->getQuery()->getResult(); $ninegroups=$this->em->createQueryBuilder()->select('entity')->from('App:Group','entity')->where('entity.idexternal IS NOT NULL')->getQuery()->getResult(); $tbniveau01members=[]; $tbgroupmembers=[]; $tbniveau01s=[]; $tbgroups=[]; $tbusers=[]; $fgsynchropurgeniveau01s=($this->synchropurgeniveau01); $fgsynchropurgegroups=($this->synchropurgegroup); $fgsynchropurgeusers=($this->synchropurgeuser); $this->writeln(''); $this->writeln('== NIVEAU01 ========================================='); $response = $this->apiservice->run("GET",$nineurl."getAllNiveau01s",null,["key"=>$ninesecret]); if($response->code!="200") return Command::FAILURE; foreach($response->body as $nineniveau01 ) { $niveau01other=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["label"=>$nineniveau01->niveau01label]); if($niveau01other&&$niveau01other->getIdexternal()!=$nineniveau01->niveau01id) { $this->writelnred(" > ".$nineniveau01->niveau01label." = Impossible à synchroniser un autre niveau01 existe déjà avec ce label"); continue; } // On recherche le groupe via le gid $this->writeln(' > '.$nineniveau01->niveau01label); $niveau01=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["idexternal"=>$nineniveau01->niveau01id]); if(!$niveau01) { $niveau01=new Niveau01(); $niveau01->setApikey(Uuid::uuid4()); $this->em->persist($niveau01); } $niveau01->setIdexternal($nineniveau01->niveau01id); $niveau01->setLabel($nineniveau01->niveau01label); $this->em->flush(); // Sauvegarde du niveau01nine array_push($tbniveau01s,$nineniveau01->niveau01label); // Sauvegarde des membres du niveau01 if(!empty($nineniveau01->niveau01users)) { foreach($nineniveau01->niveau01users as $member) { if(!array_key_exists($member->userlogin,$tbniveau01members)) $tbniveau01members[$member->userlogin]=[]; array_push($tbniveau01members[$member->userlogin],$nineniveau01->niveau01label); } } } $this->writeln(''); $this->writeln('== GROUP ============================================'); $response = $this->apiservice->run("GET",$nineurl."getAllGroups",null,["key"=>$ninesecret]); if($response->code!="200") return Command::FAILURE; foreach($response->body as $ninegroup ) { $groupother=$this->em->getRepository("App\Entity\Group")->findOneBy(["label"=>$ninegroup->grouplabel]); if($groupother&&$groupother->getIdexternal()!=$ninegroup->groupid) { $this->writelnred(" > ".$ninegroup->grouplabel." = Impossible à synchroniser un autre group existe déjà avec ce label"); continue; } // On recherche le groupe via le gid $this->writeln(' > '.$ninegroup->grouplabel); $group=$this->em->getRepository("App\Entity\Group")->findOneBy(["idexternal"=>$ninegroup->groupid]); if(!$group) { $group=new Group(); $group->setIsopen(false); $group->setIsworkgroup(false); $group->setApikey(Uuid::uuid4()); $this->em->persist($group); } $group->setIdexternal($ninegroup->groupid); $group->setLabel($ninegroup->grouplabel); $this->em->flush(); // Sauvegarde du groupnine array_push($tbgroups,$ninegroup->grouplabel); // Sauvegarde des membres du group if(!empty($ninegroup->groupusers)) { foreach($ninegroup->groupusers as $member) { if(!array_key_exists($member->userlogin,$tbgroupmembers)) $tbgroupmembers[$member->userlogin]=[]; array_push($tbgroupmembers[$member->userlogin],$ninegroup->grouplabel); } } } $this->writeln(''); $this->writeln('== USER ============================================='); $response = $this->apiservice->run("GET",$nineurl."getAllUsers",null,["key"=>$ninesecret]); if($response->code!="200") return Command::FAILURE; $nineusers=$response->body; foreach($nineusers as $nineuser) { $userother=$this->em->getRepository("App\Entity\User")->findOneBy(["email"=>$nineuser->useremail]); if($userother&&$userother->getUsername()!=$nineuser->userlogin) { $this->writelnred(" > ".$nineuser->userlogin." = Impossible à synchroniser un autre user existe déjà avec ce mail"); continue; } $userother=$this->em->getRepository("App\Entity\Registration")->findOneBy(["email"=>$nineuser->useremail]); if($userother&&$userother->getUSername()!=$nineuser->userlogin) { $this->writelnred(" > ".$nineuser->userlogin." = Impossible à synchroniser un autre user existe déjà avec ce mail"); continue; } // On recherche le user via le username $this->writeln(' > '.$nineuser->userlogin); $user=$this->em->getRepository("App\Entity\User")->findOneBy(["username"=>$nineuser->userlogin]); if(!$user) { $user=new User(); $user->setUsername($nineuser->userlogin); $user->setIsvisible(true); $user->setApikey(Uuid::uuid4()); $user->setRole("ROLE_USER"); $user->setAvatar($nineuser->useravatar); $uuid=Uuid::uuid4(); $user->setPassword("PWD-".$nineuser->userlogin."-".$uuid); $this->em->persist($user); } // Recherche du niveau01 $niveau01=null; if($user->getNiveau01()&&empty($user->getNiveau01()->getIdexternal())) $niveau01=$user->getNiveau01(); if(array_key_exists($nineuser->userlogin,$tbniveau01members)) $niveau01=$this->em->getRepository("App\Entity\Niveau01")->findOneBy(["label"=>$tbniveau01members[$nineuser->userlogin][0]]); if(!$niveau01) $niveau01=$this->em->getRepository('App\Entity\Niveau01')->find(-1); // Mise à jour des attributs if(!empty($nineuser->userlastname)) $user->setLastname($nineuser->userlastname); if(!empty($nineuser->userfirstname)) $user->setFirstname($nineuser->userfirstname); if(!empty($nineuser->useremail)) $user->setEmail($nineuser->useremail); if(!empty($nineuser->useravatar)) $user->setAvatar($nineuser->useravatar); // Mise à jour du niveau01 if($niveau01!=$user->getNiveau01()) $user->setNiveau02(null); $user->setNiveau01($niveau01); // Mise à jour du role if(in_array($nineuser->userlogin,$this->container->getParameter("appAdmins"))) $user->setRole("ROLE_ADMIN"); // Sauvegarde en bdd $this->em->flush(); // Sauvegarde du userldap array_push($tbusers,$nineuser->userlogin); // Inscription au groupe if(array_key_exists($nineuser->userlogin,$tbgroupmembers)) { foreach($tbgroupmembers[$nineuser->userlogin] as $grouplabel) { $group=$this->em->getRepository("App\Entity\Group")->findOneBy(["label"=>$grouplabel]); if($group) { $usergroup=$this->em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$user,"group"=>$group]); if(!$usergroup) { $usergroup=new UserGroup(); $usergroup->setUser($user); $usergroup->setGroup($group); $usergroup->setApikey(Uuid::uuid4()); $usergroup->setRolegroup(0); $this->em->persist($usergroup); $this->em->flush(); } } } } // Desinscription des group ldap foreach($ninegroups as $group) { if(!array_key_exists($nineuser->userlogin,$tbgroupmembers)||!in_array($group->getLabel(),$tbgroupmembers[$nineuser->userlogin])) { $usergroup=$this->em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$user,"group"=>$group]); if($usergroup) { $this->em->remove($usergroup); $this->em->flush(); } } } } // Purge des users if($fgsynchropurgeusers) { $this->writeln(''); $this->writeln('== PURGE USER ============================================='); $users=$this->em->getRepository("App\Entity\User")->findAll(); foreach($users as $user) { if(!in_array($user->getUsername(),$tbusers)) { if($user->getId()>0) { $this->writeln(' > '.$user->getUsername()); $this->em->remove($user); $this->em->flush(); } } } } // Purge des groups if($fgsynchropurgegroups) { $this->writeln(''); $this->writeln('== PURGE GROUP ============================================='); foreach($ninegroups as $group) { if(!in_array($group->getLabel(),$tbgroups)) { if($group->getId()>0) { $this->writeln(' > '.$group->getLabel()); $this->em->remove($group); } else { $group->setLdapfilter(null); $group->setIdexternal(null); } $this->em->flush(); } } } // Purge des niveau01s if($fgsynchropurgeniveau01s) { $this->writeln(''); $this->writeln('== PURGE NIVEAU01 ============================================='); foreach($nineniveau01s as $niveau01) { if(!in_array($niveau01->getLabel(),$tbniveau01s)) { if($niveau01->getId()>0) { $user=$this->em->getRepository("App\Entity\User")->findOneBy(["niveau01"=>$niveau01]); if($user) { $resetniveau01=$this->em->getRepository("App\Entity\User")->find(-1); $user->setNiveau01($resetniveau01); $user->setNiveau02(null); } $this->writeln(' > '.$niveau01->getLabel()); $this->em->remove($niveau01); } else { $niveau01->setLdapfilter(null); $niveau01->setIdexternal(null); } $this->em->flush(); } } } return Command::SUCCESS; } private function writelnred($string) { $this->output->writeln(''.$string.''); $this->filesystem->appendToFile($this->rootlog.'cron.log', $string."\n"); } private function writeln($string) { $this->output->writeln($string); $this->filesystem->appendToFile($this->rootlog.'cron.log', $string."\n"); } protected function addUser($niveau01,$username,$firstname,$lastname,$email,$usersadmin) { $user = new User(); $user->setUsername($username); $user->setLastname($lastname); $user->setFirstname($firstname); $user->setEmail($email); $user->setNiveau01($niveau01); $user->setSiren($niveau01->getSiren()); $user->setVisible(true); $user->setAuthlevel("simple"); $user->setBelongingpopulation("agent"); $uuid=Uuid::uuid4(); $user->setPassword("PWD-".$username."-".$uuid); if(in_array($username,$usersadmin)) $user->setRole("ROLE_ADMIN"); else { $user->setRole("ROLE_USER"); } $this->em->persist($user); $this->em->flush(); } protected function modUser($user,$username,$firstname,$lastname,$email,$usersadmin) { $user->setLastname($lastname); $user->setFirstname($firstname); $user->setEmail($email); if(in_array($username,$usersadmin)) $user->setRole("ROLE_ADMIN"); $this->em->persist($user); $this->em->flush(); } }