Commit a5276c8152681a9d4ab31c51698dc891b80bbf58
1 parent
aa52e447
Exists in
master
and in
3 other branches
ajout du mode ldap authentifié
- attention, modif de la BD, il faut executer le script db-update-2019-01-09.sh ("-CRAL.sh" pour le CRAL) - renommé tous les champs et variables *_ldap en ldap_* pour meilleure lisibilité - adapté la section LDAP de la config
Showing
23 changed files
with
221 additions
and
94 deletions
Show diff stats
README.md
... | ... | @@ -48,10 +48,10 @@ Logiciel testé et validé sur les configurations suivantes : |
48 | 48 | |
49 | 49 | VERSION ACTUELLE |
50 | 50 | |
51 | -Date: 08/01/2019 | |
52 | -Version: 2.9.1.5 | |
51 | +Date: 09/01/2019 | |
52 | +Version: 2.9.1.6 | |
53 | 53 | Author: EP |
54 | - - improving ldap | |
54 | + - improving ldap... | |
55 | 55 | |
56 | 56 | Version majeure en cours : 2.9 (https://projects.irap.omp.eu/versions/207) |
57 | 57 | ... | ... |
... | ... | @@ -0,0 +1,40 @@ |
1 | +#!/bin/bash | |
2 | + | |
3 | +#myname=`basename $0 .sh` | |
4 | +myname=`basename $0` | |
5 | +myname=${myname%%.*} | |
6 | + | |
7 | +# Pour Mac OS recent (10.10, Yosemite), la syntaxe du SED est differente | |
8 | +# Il faut donc faire une copie de ce fichier et transformer les instructions sed a l'interieur | |
9 | +# Pour cela, il suffit d'executer ces 2 lignes : | |
10 | +# cp ce_script.sh ce_script_macosx.sh | |
11 | +# sed -e "s/ -i / -i '' /" -i '' ce_script_macosx.sh | |
12 | + | |
13 | +if [ ! -f ../../config/app.php ] ; then | |
14 | +echo "Vous devez executer ce script depuis le dossier database/update/" | |
15 | +exit 1 | |
16 | +fi | |
17 | + | |
18 | + | |
19 | +# Get login, pass, dbname, and hostname | |
20 | +username=$(grep "/\*d\*/'username'" ../../config/app.php | cut -d"'" -f4) | |
21 | +password=$(grep "/\*d\*/'password'" ../../config/app.php | cut -d"'" -f4) | |
22 | +database=$(grep "/\*d\*/'database'" ../../config/app.php | cut -d"'" -f4) | |
23 | +host=$(grep "/\*d\*/'host'" ../../config/app.php | cut -d"'" -f4) | |
24 | + | |
25 | + | |
26 | +#cp -p ./script_sql/db-update-2016-07-01-irap.sql ./script_sql/db-update-2016-07-01-irap-build.sql | |
27 | +cp -p ./script_sql/$myname.sql ./script_sql/$myname-build.sql | |
28 | + | |
29 | +# Execute sql update script | |
30 | +sed -e "s/database/$database/" -i ./script_sql/$myname-build.sql | |
31 | +mysql --user=$username --password=$password -h $host < ./script_sql/$myname-build.sql | |
32 | + | |
33 | +# Delete cakephp cache | |
34 | +sudo rm ../../tmp/cache/models/* | |
35 | +sudo rm ../../tmp/cache/persistent/* | |
36 | + | |
37 | +# Faire ca aussi si ca suffit pas... | |
38 | +#sudo chmod -R 777 ../../tmp | |
39 | +#sudo chmod -R 777 ../../vendor | |
40 | +#sudo chmod -R 777 ../../webroot | ... | ... |
... | ... | @@ -0,0 +1,40 @@ |
1 | +#!/bin/bash | |
2 | + | |
3 | +#myname=`basename $0 .sh` | |
4 | +myname=`basename $0` | |
5 | +myname=${myname%%.*} | |
6 | + | |
7 | +# Pour Mac OS recent (10.10, Yosemite), la syntaxe du SED est differente | |
8 | +# Il faut donc faire une copie de ce fichier et transformer les instructions sed a l'interieur | |
9 | +# Pour cela, il suffit d'executer ces 2 lignes : | |
10 | +# cp ce_script.sh ce_script_macosx.sh | |
11 | +# sed -e "s/ -i / -i '' /" -i '' ce_script_macosx.sh | |
12 | + | |
13 | +if [ ! -f ../../config/app.php ] ; then | |
14 | +echo "Vous devez executer ce script depuis le dossier database/update/" | |
15 | +exit 1 | |
16 | +fi | |
17 | + | |
18 | + | |
19 | +# Get login, pass, dbname, and hostname | |
20 | +username=$(grep "/\*d\*/'username'" ../../config/app.php | cut -d"'" -f4) | |
21 | +password=$(grep "/\*d\*/'password'" ../../config/app.php | cut -d"'" -f4) | |
22 | +database=$(grep "/\*d\*/'database'" ../../config/app.php | cut -d"'" -f4) | |
23 | +host=$(grep "/\*d\*/'host'" ../../config/app.php | cut -d"'" -f4) | |
24 | + | |
25 | + | |
26 | +#cp -p ./script_sql/db-update-2016-07-01-irap.sql ./script_sql/db-update-2016-07-01-irap-build.sql | |
27 | +cp -p ./script_sql/$myname.sql ./script_sql/$myname-build.sql | |
28 | + | |
29 | +# Execute sql update script | |
30 | +sed -e "s/database/$database/" -i ./script_sql/$myname-build.sql | |
31 | +mysql --user=$username --password=$password -h $host < ./script_sql/$myname-build.sql | |
32 | + | |
33 | +# Delete cakephp cache | |
34 | +sudo rm ../../tmp/cache/models/* | |
35 | +sudo rm ../../tmp/cache/persistent/* | |
36 | + | |
37 | +# Faire ca aussi si ca suffit pas... | |
38 | +#sudo chmod -R 777 ../../tmp | |
39 | +#sudo chmod -R 777 ../../vendor | |
40 | +#sudo chmod -R 777 ../../webroot | |
0 | 41 | \ No newline at end of file | ... | ... |
database/update/script_sql/db-update-2019-01-09-CRAL.sql
0 → 100755
... | ... | @@ -0,0 +1,14 @@ |
1 | +use database; | |
2 | + | |
3 | + | |
4 | +ALTER TABLE `configurations` CHANGE `anonymous_ldap` `ldap_anonymous` BOOLEAN NOT NULL DEFAULT TRUE; | |
5 | +ALTER TABLE `configurations` CHANGE `bindDn_ldap` `ldap_bindDn` VARCHAR(250) NULL DEFAULT NULL ; | |
6 | +ALTER TABLE `configurations` CHANGE `bindPass_ldap` `ldap_bindPass` VARCHAR(50) NULL DEFAULT NULL ; | |
7 | + | |
8 | + | |
9 | +ALTER TABLE `configurations` CHANGE `host_ldap` `ldap_host` VARCHAR(250) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_bindPass`; | |
10 | +ALTER TABLE `configurations` CHANGE `use_ldap` `ldap_used` BOOLEAN NOT NULL DEFAULT FALSE AFTER `ldap_anonymous`; | |
11 | +ALTER TABLE `configurations` CHANGE `baseDn_ldap` `ldap_baseDn` VARCHAR(300) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_host`; | |
12 | +ALTER TABLE `configurations` CHANGE `port_ldap` `ldap_port` VARCHAR(10) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_host`; | |
13 | +ALTER TABLE `configurations` CHANGE `authentificationType_ldap` `ldap_authenticationType` VARCHAR(30) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_port`; | |
14 | +ALTER TABLE `configurations` CHANGE `filter_ldap` `ldap_filter` VARCHAR(300) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_baseDn`; | ... | ... |
... | ... | @@ -0,0 +1,13 @@ |
1 | +use database; | |
2 | + | |
3 | + | |
4 | +ALTER TABLE `configurations` ADD `ldap_anonymous` BOOLEAN NOT NULL DEFAULT TRUE ; | |
5 | +ALTER TABLE `configurations` ADD `ldap_bindDn` VARCHAR(250) NULL DEFAULT NULL ; | |
6 | +ALTER TABLE `configurations` ADD `ldap_bindPass` VARCHAR(50) NULL DEFAULT NULL ; | |
7 | + | |
8 | +ALTER TABLE `configurations` CHANGE `host_ldap` `ldap_host` VARCHAR(250) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_bindPass`; | |
9 | +ALTER TABLE `configurations` CHANGE `use_ldap` `ldap_used` BOOLEAN NOT NULL DEFAULT FALSE AFTER `ldap_anonymous`; | |
10 | +ALTER TABLE `configurations` CHANGE `baseDn_ldap` `ldap_baseDn` VARCHAR(300) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_host`; | |
11 | +ALTER TABLE `configurations` CHANGE `port_ldap` `ldap_port` VARCHAR(10) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_host`; | |
12 | +ALTER TABLE `configurations` CHANGE `authentificationType_ldap` `ldap_authenticationType` VARCHAR(30) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_port`; | |
13 | +ALTER TABLE `configurations` CHANGE `filter_ldap` `ldap_filter` VARCHAR(300) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_baseDn`; | ... | ... |
src/Controller/AppController.php
... | ... | @@ -475,7 +475,7 @@ class AppController extends Controller |
475 | 475 | { |
476 | 476 | if (! $this->CURRENT_PRIVILEDGED_USER) { |
477 | 477 | $configuration = $this->confLabinvent; |
478 | - $username = $user ? $user[$configuration->authentificationType_ldap][0] : $this->LdapAuth->user($configuration->authentificationType_ldap)[0]; | |
478 | + $username = $user ? $user[$configuration->ldap_authenticationType][0] : $this->LdapAuth->user($configuration->ldap_authenticationType)[0]; | |
479 | 479 | $priviledgedUser = TableRegistry::get('Users')->find() |
480 | 480 | ->where([ |
481 | 481 | 'username' => $username |
... | ... | @@ -642,7 +642,7 @@ class AppController extends Controller |
642 | 642 | |
643 | 643 | $configuration = $this->confLabinvent; |
644 | 644 | $this->set('configuration', $configuration); |
645 | - $this->request->session()->write("authType", $configuration->authentificationType_ldap); | |
645 | + $this->request->session()->write("authType", $configuration->ldap_authenticationType); | |
646 | 646 | |
647 | 647 | // ATTENTION, $priviledgedUser = NULL si l'utilisateur courant n'est pas un utilisateur privilégié |
648 | 648 | // (c'est à dire s'il n'est pas dans la table "utilisateurs") | ... | ... |
src/Controller/ConfigurationsController.php
... | ... | @@ -108,7 +108,7 @@ class ConfigurationsController extends AppController |
108 | 108 | |
109 | 109 | // Gestion du lieu de stockage : soit on cache la DIV 'interne' et on affiche la DIV 'externe', soit on fait l'inverse (par defaut, interne) |
110 | 110 | $disp = 'display:block'; |
111 | - $ldap = $configurationObj->get('use_ldap'); | |
111 | + $ldap = $configurationObj->get('ldap_used'); | |
112 | 112 | if ($ldap !== null) { |
113 | 113 | if ($ldap) { |
114 | 114 | $disp = 'display:block'; | ... | ... |
src/Controller/DocumentsController.php
... | ... | @@ -65,7 +65,7 @@ class DocumentsController extends AppController |
65 | 65 | } |
66 | 66 | $u = TableRegistry::get('Users')->find() |
67 | 67 | ->where([ |
68 | - 'username' => $user[$configuration->authentificationType_ldap][0] | |
68 | + 'username' => $user[$configuration->ldap_authenticationType][0] | |
69 | 69 | ]) |
70 | 70 | ->first(); |
71 | 71 | ... | ... |
src/Controller/FormulesController.php
... | ... | @@ -40,7 +40,7 @@ class FormulesController extends AppController |
40 | 40 | $id = $this->getIdPassed(); |
41 | 41 | if ($this->isOwnedBy($id, $user['sn'][0] . ' ' . $user['givenname'][0])) |
42 | 42 | return true; |
43 | - if ($role == 'Responsable' && $this->isRespGroup($id, $user[$configuration->authentificationType_ldap][0])) | |
43 | + if ($role == 'Responsable' && $this->isRespGroup($id, $user[$configuration->ldap_authenticationType][0])) | |
44 | 44 | return true; |
45 | 45 | } |
46 | 46 | ... | ... |
src/Controller/MaterielsController.php
... | ... | @@ -185,7 +185,7 @@ class MaterielsController extends AppController |
185 | 185 | { |
186 | 186 | $user = $userFromSession; |
187 | 187 | $configuration = $this->confLabinvent; |
188 | - $userCname = $user[$configuration->authentificationType_ldap][0]; | |
188 | + $userCname = $user[$configuration->ldap_authenticationType][0]; | |
189 | 189 | /* |
190 | 190 | * $role = TableRegistry::get('Users')->find() |
191 | 191 | * ->where(['username' => $user[$configuration->authentificationType_ldap][0]]) | ... | ... |
src/Controller/PagesController.php
... | ... | @@ -79,7 +79,7 @@ class PagesController extends AppController |
79 | 79 | // @todo : faire plus proprement, dans isAuthorized() |
80 | 80 | // Si l'utilisateur n'est pas connecté, on le redirige vers la page login.ctp |
81 | 81 | // sauf si l'action demandée est 'about' ou si le mode install est activé |
82 | - if (! ($this->LdapAuth->user($configuration->authentificationType_ldap)[0]) && $path[0] != 'about' && ! ($configuration->mode_install)) { | |
82 | + if (! ($this->LdapAuth->user($configuration->ldap_authenticationType)[0]) && $path[0] != 'about' && ! ($configuration->mode_install)) { | |
83 | 83 | return $this->redirect([ |
84 | 84 | 'controller' => 'users', |
85 | 85 | 'action' => 'login' | ... | ... |
src/Controller/SuivisController.php
... | ... | @@ -45,7 +45,7 @@ class SuivisController extends AppController |
45 | 45 | $id = $this->getIdPassed(); |
46 | 46 | if ($this->isOwnedBy($id, $user['sn'][0] . ' ' . $user['givenname'][0])) |
47 | 47 | return true; |
48 | - if ($role == 'Responsable' && $this->isRespGroup($id, $user[$configuration->authentificationType_ldap][0])) | |
48 | + if ($role == 'Responsable' && $this->isRespGroup($id, $user[$configuration->ldap_authenticationType][0])) | |
49 | 49 | return true; |
50 | 50 | } |
51 | 51 | return parent::isAuthorized($user); | ... | ... |
src/Model/Entity/Configuration.php
... | ... | @@ -10,12 +10,12 @@ use Cake\ORM\Entity; |
10 | 10 | * @property string $nom |
11 | 11 | * @property bool $mode_install |
12 | 12 | * @property bool $mode_debug |
13 | - * @property bool $use_ldap | |
14 | - * @property string $host_ldap | |
15 | - * @property string $port_ldap | |
16 | - * @property string $authentificationType_ldap | |
17 | - * @property string $baseDn_ldap | |
18 | - * @property string $filter_ldap | |
13 | + * @property bool $ldap_used | |
14 | + * @property string $ldap_host | |
15 | + * @property string $ldap_port | |
16 | + * @property string $ldap_authenticationType | |
17 | + * @property string $ldap_baseDn | |
18 | + * @property string $ldap_filter | |
19 | 19 | * @property string $labName |
20 | 20 | * @property string $labNameShort |
21 | 21 | * @property string $labPresent | ... | ... |
src/Model/Table/ConfigurationsTable.php
... | ... | @@ -50,17 +50,17 @@ class ConfigurationsTable extends AppTable |
50 | 50 | |
51 | 51 | $validator->boolean('mode_debug')->allowEmpty('mode_debug'); |
52 | 52 | |
53 | - $validator->boolean('use_ldap')->allowEmpty('use_ldap'); | |
53 | + $validator->boolean('ldap_used')->allowEmpty('ldap_used'); | |
54 | 54 | |
55 | - $validator->allowEmpty('host_ldap'); | |
55 | + $validator->allowEmpty('ldap_host'); | |
56 | 56 | |
57 | - $validator->allowEmpty('port_ldap'); | |
57 | + $validator->allowEmpty('ldap_port'); | |
58 | 58 | |
59 | - $validator->allowEmpty('authentificationType_ldap'); | |
59 | + $validator->allowEmpty('ldap_authenticationType'); | |
60 | 60 | |
61 | - $validator->allowEmpty('baseDn_ldap'); | |
61 | + $validator->allowEmpty('ldap_baseDn'); | |
62 | 62 | |
63 | - $validator->allowEmpty('filter_ldap'); | |
63 | + $validator->allowEmpty('ldap_filter'); | |
64 | 64 | |
65 | 65 | $validator->notEmpty('labName'); |
66 | 66 | ... | ... |
src/Model/Table/LdapConnectionsTable.php
... | ... | @@ -24,12 +24,12 @@ class LdapConnectionsTable extends AppTable |
24 | 24 | /*MCM*/ |
25 | 25 | // EP |
26 | 26 | //private $anonymous; |
27 | - private $anonymous_ldap; | |
27 | + private $ldap_anonymous; | |
28 | 28 | private $bindDn; |
29 | 29 | private $bindPass; |
30 | 30 | /* fin MCM*/ |
31 | 31 | |
32 | - private $USE_LDAP = TRUE; | |
32 | + private $LDAP_USED = TRUE; | |
33 | 33 | |
34 | 34 | private $fakeLDAPUsers = []; |
35 | 35 | |
... | ... | @@ -47,7 +47,7 @@ class LdapConnectionsTable extends AppTable |
47 | 47 | public function useLdap() |
48 | 48 | { |
49 | 49 | $this->checkConfiguration(); |
50 | - return $this->USE_LDAP; | |
50 | + return $this->LDAP_USED; | |
51 | 51 | } |
52 | 52 | |
53 | 53 | private function buildFakeLdapUsers() |
... | ... | @@ -140,10 +140,10 @@ class LdapConnectionsTable extends AppTable |
140 | 140 | ]) |
141 | 141 | ->first(); |
142 | 142 | |
143 | - $this->USE_LDAP = $config->use_ldap ? TRUE : FALSE; | |
143 | + $this->LDAP_USED = $config->ldap_used ? TRUE : FALSE; | |
144 | 144 | |
145 | - if (! $this->USE_LDAP) { | |
146 | - $this->authenticationType = $config->authentificationType_ldap; | |
145 | + if (! $this->LDAP_USED) { | |
146 | + $this->authenticationType = $config->ldap_authenticationType; | |
147 | 147 | if (empty($this->fakeLDAPUsers)) |
148 | 148 | $this->fakeLDAPUsers = $this->buildFakeLdapUsers(); |
149 | 149 | return true; |
... | ... | @@ -152,24 +152,28 @@ class LdapConnectionsTable extends AppTable |
152 | 152 | |
153 | 153 | $ldapConfig = $config->toArray(); |
154 | 154 | |
155 | - if (! empty($config->host_ldap) && ! empty($config->port_ldap) && ! empty($config->baseDn_ldap) && ! empty($config->authentificationType_ldap) && ! empty($config->filter_ldap)) { | |
156 | - $this->host = $config->host_ldap; | |
157 | - $this->port = $config->port_ldap; | |
158 | - $this->baseDn = $config->baseDn_ldap; | |
159 | - $this->filter = $config->filter_ldap; | |
160 | - $this->authenticationType = $config->authentificationType_ldap; | |
155 | + if (! empty($config->ldap_host) && ! empty($config->ldap_port) && ! empty($config->ldap_baseDn) && ! empty($config->ldap_authenticationType) && ! empty($config->ldap_filter)) { | |
156 | + $this->host = $config->ldap_host; | |
157 | + $this->port = $config->ldap_port; | |
158 | + $this->baseDn = $config->ldap_baseDn; | |
159 | + $this->filter = $config->ldap_filter; | |
160 | + $this->authenticationType = $config->ldap_authenticationType; | |
161 | 161 | /*MCM*/ |
162 | - $NEW_CONF=FALSE; | |
162 | + /* | |
163 | + $NEW_CONF=TRUE; | |
163 | 164 | if ($NEW_CONF) { |
164 | - $this->anonymous_ldap = $config->anonymous_ldap; | |
165 | - $this->bindDn = $config->bindDn_ldap; | |
166 | - $this->bindPass = $config->bindPass_ldap; | |
165 | + */ | |
166 | + $this->ldap_anonymous = $config->ldap_anonymous; | |
167 | + $this->bindDn = $config->ldap_bindDn; | |
168 | + $this->bindPass = $config->ldap_bindPass; | |
169 | + /* | |
167 | 170 | } |
168 | 171 | else { |
169 | - $this->anonymous_ldap = TRUE; | |
172 | + $this->ldap_anonymous = TRUE; | |
170 | 173 | $this->bindDn = NULL; |
171 | 174 | $this->bindPass = NULL; |
172 | 175 | } |
176 | + */ | |
173 | 177 | /* fin MCM*/ |
174 | 178 | |
175 | 179 | return true; |
... | ... | @@ -190,7 +194,7 @@ class LdapConnectionsTable extends AppTable |
190 | 194 | try { |
191 | 195 | if ($this->checkConfiguration()) { |
192 | 196 | // REAL LDAP |
193 | - if ($this->USE_LDAP) { | |
197 | + if ($this->LDAP_USED) { | |
194 | 198 | $ldapConnection = ldap_connect($this->host, $this->port); |
195 | 199 | ldap_set_option($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3); |
196 | 200 | |
... | ... | @@ -215,7 +219,7 @@ class LdapConnectionsTable extends AppTable |
215 | 219 | try { |
216 | 220 | |
217 | 221 | if ($this->checkConfiguration()) { |
218 | - if ($this->USE_LDAP) { | |
222 | + if ($this->LDAP_USED) { | |
219 | 223 | /* Code inutile car redondant: |
220 | 224 | $ldapConnection = ldap_connect($this->host, $this->port); |
221 | 225 | ldap_set_option($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3); |
... | ... | @@ -275,7 +279,7 @@ class LdapConnectionsTable extends AppTable |
275 | 279 | $u = $this->getAllLdapUsers(); |
276 | 280 | $utilisateurs = []; |
277 | 281 | |
278 | - if ($this->USE_LDAP) { | |
282 | + if ($this->LDAP_USED) { | |
279 | 283 | for ($i = 0; $i < $u['count']; $i ++) { |
280 | 284 | $utilisateurs[$u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]] = $u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]; |
281 | 285 | } |
... | ... | @@ -296,7 +300,7 @@ class LdapConnectionsTable extends AppTable |
296 | 300 | $u = $this->getAllLdapUsers(); |
297 | 301 | $utilisateurs = []; |
298 | 302 | |
299 | - if ($this->USE_LDAP) { | |
303 | + if ($this->LDAP_USED) { | |
300 | 304 | for ($i = 0; $i < $u['count']; $i ++) { |
301 | 305 | $utilisateurs[$u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]] = $u[$i][$this->authenticationType][0]; |
302 | 306 | } |
... | ... | @@ -317,7 +321,7 @@ class LdapConnectionsTable extends AppTable |
317 | 321 | $u = $this->getAllLdapUsers(); |
318 | 322 | $utilisateurs = []; |
319 | 323 | |
320 | - if ($this->USE_LDAP) { | |
324 | + if ($this->LDAP_USED) { | |
321 | 325 | for ($i = 0; $i < $u['count']; $i ++) { |
322 | 326 | if (isset($u[$i]['mail'][0])) { |
323 | 327 | $utilisateurs[$u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]] = $u[$i]['mail'][0]; |
... | ... | @@ -341,7 +345,7 @@ class LdapConnectionsTable extends AppTable |
341 | 345 | { |
342 | 346 | $u = $this->getAllLdapUsers(); |
343 | 347 | |
344 | - if ($this->USE_LDAP) { | |
348 | + if ($this->LDAP_USED) { | |
345 | 349 | $nbUsers = $u['count']; |
346 | 350 | } else { |
347 | 351 | $nbUsers = sizeof($u) - 1; |
... | ... | @@ -364,7 +368,7 @@ class LdapConnectionsTable extends AppTable |
364 | 368 | try { |
365 | 369 | if ($this->checkConfiguration()) { |
366 | 370 | // We are using LDAP |
367 | - if ($this->USE_LDAP) { | |
371 | + if ($this->LDAP_USED) { | |
368 | 372 | // CRAL must set this to FALSE |
369 | 373 | //$LDAP_ANONYMOUS = TRUE; |
370 | 374 | |
... | ... | @@ -435,7 +439,7 @@ class LdapConnectionsTable extends AppTable |
435 | 439 | /*MCM*/ |
436 | 440 | // bind optionnel |
437 | 441 | //if ($anonymous == '0') |
438 | - if (! $this->anonymous_ldap) | |
442 | + if (! $this->ldap_anonymous) | |
439 | 443 | //$ldapbind = ldap_bind($ldapConnection, $binddn, $ldappass) or die("Could not bind to LDAP server.". ldap_error($ldapConnection) ); |
440 | 444 | $ldapbind = ldap_bind($ldapConnection, $this->bindDn, $this->bindPass) or die("Could not bind to LDAP server.". ldap_error($ldapConnection) ); |
441 | 445 | // EP: bind obligatoire | ... | ... |
src/Model/Table/UsersTable.php
... | ... | @@ -81,7 +81,7 @@ class UsersTable extends AppTable |
81 | 81 | 'id =' => 1 |
82 | 82 | ]) |
83 | 83 | ->first(); |
84 | - if ($configuration->use_ldap) { | |
84 | + if ($configuration->ldap_used) { | |
85 | 85 | $validator->allowEmpty('email'); |
86 | 86 | } else { |
87 | 87 | $validator->email('email')->notEmpty('email', 'Un adresse mail est nécessaire'); | ... | ... |
src/Template/Configurations/edit.ctp
... | ... | @@ -128,46 +128,59 @@ |
128 | 128 | ]); |
129 | 129 | echo '</div>'; |
130 | 130 | |
131 | + | |
132 | + // LDAP SECTION | |
131 | 133 | echo '<h3 id="t_fichiers" style="cursor: pointer;">'; |
132 | 134 | echo '<i class="icon-chevron-down" style="font-size: 14px;" id="i_fichiers"></i>'; |
133 | 135 | echo '<span style="text-decoration: underline;">LDAP</span>'; |
134 | 136 | echo '</h3>'; |
135 | 137 | echo '<div id="fichiers" style="margin-bottom: 20px;">'; |
136 | - echo $this->Form->input('use_ldap', [ | |
138 | + echo $this->Form->input('ldap_used', [ | |
137 | 139 | 'label' => 'Utilisation du LDAP', |
138 | 140 | 'onchange' => 'display_ldap();' |
139 | 141 | ]); |
142 | + | |
143 | + // start LDAP DIV | |
140 | 144 | echo '<div id="ldap" style="border-top: 1px solid #CCC; border-bottom: 1px solid #CCC; margin-bottom: 0; background: #EEE; ' . $disp . '">'; |
141 | - echo $this->Form->input('host_ldap', [ | |
145 | + echo $this->Form->input('ldap_host', [ | |
142 | 146 | 'label' => 'Host du LDAP' |
143 | 147 | ]); |
144 | - echo $this->Form->input('port_ldap', [ | |
148 | + echo $this->Form->input('ldap_port', [ | |
145 | 149 | 'label' => 'Port du LDAP' |
146 | 150 | ]); |
147 | - echo $this->Form->input('authentificationType_ldap', [ | |
151 | + echo $this->Form->input('ldap_authenticationType', [ | |
148 | 152 | 'label' => 'Type d\'authentification du LDAP' |
149 | 153 | ]); |
150 | - echo $this->Form->input('baseDn_ldap', [ | |
154 | + echo $this->Form->input('ldap_baseDn', [ | |
151 | 155 | 'label' => 'Base DN du LDAP' |
152 | 156 | ]); |
153 | - echo $this->Form->input('filter_ldap', [ | |
157 | + echo $this->Form->input('ldap_filter', [ | |
154 | 158 | 'label' => 'Filtre du LDAP' |
155 | 159 | ]); |
156 | 160 | |
157 | 161 | /*MCM*/ |
158 | - echo $this->Form->input('anonymous_ldap', [ | |
159 | - 'label' => 'LDAP anonyme' | |
160 | - ]); | |
161 | - echo $this->Form->input('bindDn_ldap', [ | |
162 | - 'label' => 'Bind du LDAP' | |
163 | - ]); | |
164 | - echo $this->Form->input('bindPass_ldap', [ | |
165 | - 'label' => 'Password Bind du LDAP' | |
166 | - ]); | |
162 | + // start LDAP auth subsection (DIV) | |
163 | + echo $this->Form->input('ldap_anonymous', [ | |
164 | + 'label' => 'LDAP anonyme', | |
165 | + 'onchange' => 'display_ldap_auth();' | |
166 | + ]); | |
167 | + echo '<div id="ldap_auth" style="border-top: 1px solid #CCC; border-bottom: 1px solid #CCC; margin-bottom: 0; background: #EEE; ' . $disp . '">'; | |
168 | + echo $this->Form->input('ldap_bindDn', [ | |
169 | + 'label' => 'Bind du LDAP' | |
170 | + ]); | |
171 | + echo $this->Form->input('ldap_bindPass', [ | |
172 | + 'label' => 'Password Bind du LDAP' | |
173 | + ]); | |
174 | + echo '</div>'; | |
175 | + // end LDAP auth subsection (DIV) | |
167 | 176 | /* fin MCM */ |
168 | 177 | |
169 | 178 | echo '</div>'; |
179 | + // end LDAP DIV | |
180 | + | |
170 | 181 | echo '</div>'; |
182 | + // END LDAP SECTION | |
183 | + | |
171 | 184 | |
172 | 185 | echo '<h3 id="t_fichiers" style="cursor: pointer;">'; |
173 | 186 | echo '<i class="icon-chevron-down" style="font-size: 14px;" id="i_fichiers"></i>'; | ... | ... |
src/Template/Configurations/view.ctp
... | ... | @@ -30,7 +30,7 @@ |
30 | 30 | $print = "Non"; |
31 | 31 | } |
32 | 32 | |
33 | - if (h($configurationObj->use_ldap) == 1) { | |
33 | + if (h($configurationObj->ldap_used) == 1) { | |
34 | 34 | $ldap = "Oui"; |
35 | 35 | } else { |
36 | 36 | $ldap = "Non"; |
... | ... | @@ -145,16 +145,16 @@ |
145 | 145 | echo '<table>'; |
146 | 146 | echo '<tr><th style="width: 250px;"></th><th></th></tr>'; |
147 | 147 | $displayElement(__('Utilisation du LDAP'), $ldap); |
148 | - $displayElement(__('Host du LDAP'), h($configurationObj->host_ldap)); | |
149 | - $displayElement(__('Port du LDAP'), h($configurationObj->port_ldap)); | |
150 | - $displayElement(__('Type d\'authentification du LDAP'), h($configurationObj->authentificationType_ldap)); | |
151 | - $displayElement(__('Base DN du LDAP'), h($configurationObj->baseDn_ldap)); | |
152 | - $displayElement(__('Filtre du LDAP'), h($configurationObj->filter_ldap)); | |
148 | + $displayElement(__('Host du LDAP'), h($configurationObj->ldap_host)); | |
149 | + $displayElement(__('Port du LDAP'), h($configurationObj->ldap_port)); | |
150 | + $displayElement(__('Type d\'authentification du LDAP'), h($configurationObj->ldap_authenticationType)); | |
151 | + $displayElement(__('Base DN du LDAP'), h($configurationObj->ldap_baseDn)); | |
152 | + $displayElement(__('Filtre du LDAP'), h($configurationObj->ldap_filter)); | |
153 | 153 | |
154 | 154 | /*MCM*/ |
155 | - $displayElement(__('LDAP anonyme'), h($configurationObj->anonymous_ldap)); | |
156 | - $displayElement(__('Bind du LDAP'), h($configurationObj->bindDn_ldap)); | |
157 | - $displayElement(__('Password Bind du LDAP'), h($configurationObj->bindPass_ldap)); | |
155 | + $displayElement(__('LDAP anonyme'), h($configurationObj->ldap_anonymous)?"Oui":"Non" ); | |
156 | + $displayElement(__('Bind du LDAP'), h($configurationObj->ldap_bindDn)); | |
157 | + $displayElement(__('Password Bind du LDAP'), h($configurationObj->ldap_bindPass)); | |
158 | 158 | /*fin MCM*/ |
159 | 159 | |
160 | 160 | echo '</table>'; | ... | ... |
src/Template/Users/add.ctp
1 | 1 | |
2 | 2 | <div class="utilisateurs form"> |
3 | 3 | <?= $this->Form->create($user) ?> |
4 | - <?php $USE_LDAP = $configuration->use_ldap; ?> | |
4 | + <?php $LDAP_USED = $configuration->ldap_used; ?> | |
5 | 5 | <fieldset> |
6 | 6 | <h2> |
7 | 7 | <i class="icon-plus"></i> Ajouter un utilisateur privilégié |
... | ... | @@ -9,7 +9,7 @@ |
9 | 9 | <?php |
10 | 10 | |
11 | 11 | // fake LDAP |
12 | - if (! $USE_LDAP) { | |
12 | + if (! $LDAP_USED) { | |
13 | 13 | echo $this->Form->input('newname', [ |
14 | 14 | 'label' => 'Nom', |
15 | 15 | 'div' => 'input required' |
... | ... | @@ -28,7 +28,7 @@ |
28 | 28 | } |
29 | 29 | echo '<div style="color: grey; font-size: 10px;">Note: un utilisateur ne peut pas être présent deux fois dans l\'inventaire.</div>'; |
30 | 30 | |
31 | - $READONLY = $USE_LDAP ? true : false; | |
31 | + $READONLY = $LDAP_USED ? true : false; | |
32 | 32 | |
33 | 33 | echo $this->Form->input('username', [ |
34 | 34 | 'label' => 'Login', |
... | ... | @@ -36,7 +36,7 @@ |
36 | 36 | 'readonly' => $READONLY |
37 | 37 | ]); |
38 | 38 | |
39 | - if (! $USE_LDAP) { | |
39 | + if (! $LDAP_USED) { | |
40 | 40 | echo $this->Form->input('password'); |
41 | 41 | } |
42 | 42 | |
... | ... | @@ -89,7 +89,7 @@ echo $this->element('menu_form', [ |
89 | 89 | </div> |
90 | 90 | |
91 | 91 | <?php |
92 | -if ($USE_LDAP) { | |
92 | +if ($LDAP_USED) { | |
93 | 93 | ?> |
94 | 94 | <script type="text/javascript"> |
95 | 95 | ... | ... |
src/Template/Users/edit.ctp
1 | 1 | |
2 | 2 | <div class="utilisateurs form"> |
3 | 3 | <?= $this->Form->create($user) ?> |
4 | - <?php $USE_LDAP = $configuration->use_ldap; ?> | |
4 | + <?php $LDAP_USED = $configuration->ldap_used; ?> | |
5 | 5 | <fieldset> |
6 | 6 | <h2> |
7 | 7 | <i class="icon-edit"></i> Editer un utilisateur privilégié |
... | ... | @@ -15,7 +15,7 @@ |
15 | 15 | 'div' => 'input required' |
16 | 16 | ]); |
17 | 17 | |
18 | - $READONLY = $USE_LDAP ? true : false; | |
18 | + $READONLY = $LDAP_USED ? true : false; | |
19 | 19 | |
20 | 20 | echo $this->Form->input('username', [ |
21 | 21 | 'label' => 'Login', |
... | ... | @@ -23,7 +23,7 @@ |
23 | 23 | 'readonly' => $READONLY |
24 | 24 | ]); |
25 | 25 | |
26 | - if (! $USE_LDAP) { | |
26 | + if (! $LDAP_USED) { | |
27 | 27 | echo $this->Form->input('password'); |
28 | 28 | } |
29 | 29 | ... | ... |
src/Template/Users/login.ctp
... | ... | @@ -5,7 +5,7 @@ |
5 | 5 | <p>Vous n'êtes pas connecté, veuillez vous authentifier.</p> |
6 | 6 | <?= $this->Flash->render('auth') ?> |
7 | 7 | <?= $this->Form->create() ?> |
8 | - <?php if($configuration->use_ldap) { $label = 'Login (LDAP)'; } else { $label = 'Login'; }?> | |
8 | + <?php if($configuration->ldap_used) { $label = 'Login (LDAP)'; } else { $label = 'Login'; }?> | |
9 | 9 | <fieldset> |
10 | 10 | <?= $this->Form->input('ldap', ['label' => $label, 'div' => 'input required']) ?> |
11 | 11 | <?= $this->Form->input('password', ['label' => 'Mot de passe', 'div' => 'input required']) ?> | ... | ... |
tests/Fixture/ConfigurationsFixture.php
... | ... | @@ -21,12 +21,12 @@ class ConfigurationsFixture extends TestFixture |
21 | 21 | 'nom' => ['type' => 'string', 'length' => 45, 'null' => false, 'default' => null, 'comment' => 'obligatoire (et unique)', 'precision' => null, 'fixed' => null], |
22 | 22 | 'mode_install' => ['type' => 'boolean', 'length' => null, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null], |
23 | 23 | 'mode_debug' => ['type' => 'boolean', 'length' => null, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null], |
24 | - 'use_ldap' => ['type' => 'boolean', 'length' => null, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null], | |
25 | - 'host_ldap' => ['type' => 'text', 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], | |
26 | - 'port_ldap' => ['type' => 'string', 'length' => 10, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], | |
27 | - 'authentificationType_ldap' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], | |
28 | - 'baseDn_ldap' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], | |
29 | - 'filter_ldap' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], | |
24 | + 'ldap_used' => ['type' => 'boolean', 'length' => null, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null], | |
25 | + 'ldap_host' => ['type' => 'text', 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], | |
26 | + 'ldap_port' => ['type' => 'string', 'length' => 10, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], | |
27 | + 'ldap_authenticationType' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], | |
28 | + 'ldap_baseDn' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], | |
29 | + 'ldap_filter' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], | |
30 | 30 | 'labName' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], |
31 | 31 | 'labNameShort' => ['type' => 'string', 'length' => 20, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], |
32 | 32 | 'labPresent' => ['type' => 'string', 'length' => 10, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], |
... | ... | @@ -77,12 +77,12 @@ class ConfigurationsFixture extends TestFixture |
77 | 77 | 'nom' => 'Lorem ipsum dolor sit amet', |
78 | 78 | 'mode_install' => 0, |
79 | 79 | 'mode_debug' => 0, |
80 | - 'use_ldap' => 0, | |
81 | - 'host_ldap' => 'Lorem ipsum dolor sit amet', | |
82 | - 'port_ldap' => 'Lorem ip', | |
83 | - 'authentificationType_ldap' => 'cn', | |
84 | - 'baseDn_ldap' => 'Lorem ipsum dolor sit amet', | |
85 | - 'filter_ldap' => 'Lorem ipsum dolor sit amet', | |
80 | + 'ldap_used' => 0, | |
81 | + 'ldap_host' => 'Lorem ipsum dolor sit amet', | |
82 | + 'ldap_port' => 'Lorem ip', | |
83 | + 'ldap_authenticationType' => 'cn', | |
84 | + 'ldap_baseDn' => 'Lorem ipsum dolor sit amet', | |
85 | + 'ldap_filter' => 'Lorem ipsum dolor sit amet', | |
86 | 86 | 'labName' => 'TestLong', |
87 | 87 | 'labNameShort' => 'TEST', |
88 | 88 | 'labPresent' => 'de ', | ... | ... |
webroot/js/script.js
... | ... | @@ -105,6 +105,9 @@ function emprunt_interne_externe() { |
105 | 105 | function display_ldap() { |
106 | 106 | $('#ldap').toggle(); |
107 | 107 | } |
108 | +function display_ldap_auth() { | |
109 | + $('#ldap_auth').toggle(); | |
110 | +} | |
108 | 111 | |
109 | 112 | function selectAll() { |
110 | 113 | for(i = 0; i < document.getElementsByTagName("input").length; i++) | ... | ... |