Commit a5276c8152681a9d4ab31c51698dc891b80bbf58

Authored by Etienne Pallier
1 parent aa52e447

ajout du mode ldap authentifié

- attention, modif de la BD, il faut executer le script
db-update-2019-01-09.sh ("-CRAL.sh" pour le CRAL)
- renommé tous les champs et variables *_ldap en ldap_* pour meilleure
lisibilité
- adapté la section LDAP de la config
@@ -48,10 +48,10 @@ Logiciel testé et validé sur les configurations suivantes : @@ -48,10 +48,10 @@ Logiciel testé et validé sur les configurations suivantes :
48 48
49 VERSION ACTUELLE 49 VERSION ACTUELLE
50 50
51 -Date: 08/01/2019  
52 -Version: 2.9.1.5 51 +Date: 09/01/2019
  52 +Version: 2.9.1.6
53 Author: EP 53 Author: EP
54 - - improving ldap 54 + - improving ldap...
55 55
56 Version majeure en cours : 2.9 (https://projects.irap.omp.eu/versions/207) 56 Version majeure en cours : 2.9 (https://projects.irap.omp.eu/versions/207)
57 57
database/update/db-update-2019-01-09-CRAL.sh 0 → 100755
@@ -0,0 +1,40 @@ @@ -0,0 +1,40 @@
  1 +#!/bin/bash
  2 +
  3 +#myname=`basename $0 .sh`
  4 +myname=`basename $0`
  5 +myname=${myname%%.*}
  6 +
  7 +# Pour Mac OS recent (10.10, Yosemite), la syntaxe du SED est differente
  8 +# Il faut donc faire une copie de ce fichier et transformer les instructions sed a l'interieur
  9 +# Pour cela, il suffit d'executer ces 2 lignes :
  10 +# cp ce_script.sh ce_script_macosx.sh
  11 +# sed -e "s/ -i / -i '' /" -i '' ce_script_macosx.sh
  12 +
  13 +if [ ! -f ../../config/app.php ] ; then
  14 +echo "Vous devez executer ce script depuis le dossier database/update/"
  15 +exit 1
  16 +fi
  17 +
  18 +
  19 +# Get login, pass, dbname, and hostname
  20 +username=$(grep "/\*d\*/'username'" ../../config/app.php | cut -d"'" -f4)
  21 +password=$(grep "/\*d\*/'password'" ../../config/app.php | cut -d"'" -f4)
  22 +database=$(grep "/\*d\*/'database'" ../../config/app.php | cut -d"'" -f4)
  23 +host=$(grep "/\*d\*/'host'" ../../config/app.php | cut -d"'" -f4)
  24 +
  25 +
  26 +#cp -p ./script_sql/db-update-2016-07-01-irap.sql ./script_sql/db-update-2016-07-01-irap-build.sql
  27 +cp -p ./script_sql/$myname.sql ./script_sql/$myname-build.sql
  28 +
  29 +# Execute sql update script
  30 +sed -e "s/database/$database/" -i ./script_sql/$myname-build.sql
  31 +mysql --user=$username --password=$password -h $host < ./script_sql/$myname-build.sql
  32 +
  33 +# Delete cakephp cache
  34 +sudo rm ../../tmp/cache/models/*
  35 +sudo rm ../../tmp/cache/persistent/*
  36 +
  37 +# Faire ca aussi si ca suffit pas...
  38 +#sudo chmod -R 777 ../../tmp
  39 +#sudo chmod -R 777 ../../vendor
  40 +#sudo chmod -R 777 ../../webroot
database/update/db-update-2019-01-09.sh 0 → 100755
@@ -0,0 +1,40 @@ @@ -0,0 +1,40 @@
  1 +#!/bin/bash
  2 +
  3 +#myname=`basename $0 .sh`
  4 +myname=`basename $0`
  5 +myname=${myname%%.*}
  6 +
  7 +# Pour Mac OS recent (10.10, Yosemite), la syntaxe du SED est differente
  8 +# Il faut donc faire une copie de ce fichier et transformer les instructions sed a l'interieur
  9 +# Pour cela, il suffit d'executer ces 2 lignes :
  10 +# cp ce_script.sh ce_script_macosx.sh
  11 +# sed -e "s/ -i / -i '' /" -i '' ce_script_macosx.sh
  12 +
  13 +if [ ! -f ../../config/app.php ] ; then
  14 +echo "Vous devez executer ce script depuis le dossier database/update/"
  15 +exit 1
  16 +fi
  17 +
  18 +
  19 +# Get login, pass, dbname, and hostname
  20 +username=$(grep "/\*d\*/'username'" ../../config/app.php | cut -d"'" -f4)
  21 +password=$(grep "/\*d\*/'password'" ../../config/app.php | cut -d"'" -f4)
  22 +database=$(grep "/\*d\*/'database'" ../../config/app.php | cut -d"'" -f4)
  23 +host=$(grep "/\*d\*/'host'" ../../config/app.php | cut -d"'" -f4)
  24 +
  25 +
  26 +#cp -p ./script_sql/db-update-2016-07-01-irap.sql ./script_sql/db-update-2016-07-01-irap-build.sql
  27 +cp -p ./script_sql/$myname.sql ./script_sql/$myname-build.sql
  28 +
  29 +# Execute sql update script
  30 +sed -e "s/database/$database/" -i ./script_sql/$myname-build.sql
  31 +mysql --user=$username --password=$password -h $host < ./script_sql/$myname-build.sql
  32 +
  33 +# Delete cakephp cache
  34 +sudo rm ../../tmp/cache/models/*
  35 +sudo rm ../../tmp/cache/persistent/*
  36 +
  37 +# Faire ca aussi si ca suffit pas...
  38 +#sudo chmod -R 777 ../../tmp
  39 +#sudo chmod -R 777 ../../vendor
  40 +#sudo chmod -R 777 ../../webroot
0 \ No newline at end of file 41 \ No newline at end of file
database/update/script_sql/db-update-2019-01-09-CRAL.sql 0 → 100755
@@ -0,0 +1,14 @@ @@ -0,0 +1,14 @@
  1 +use database;
  2 +
  3 +
  4 +ALTER TABLE `configurations` CHANGE `anonymous_ldap` `ldap_anonymous` BOOLEAN NOT NULL DEFAULT TRUE;
  5 +ALTER TABLE `configurations` CHANGE `bindDn_ldap` `ldap_bindDn` VARCHAR(250) NULL DEFAULT NULL ;
  6 +ALTER TABLE `configurations` CHANGE `bindPass_ldap` `ldap_bindPass` VARCHAR(50) NULL DEFAULT NULL ;
  7 +
  8 +
  9 +ALTER TABLE `configurations` CHANGE `host_ldap` `ldap_host` VARCHAR(250) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_bindPass`;
  10 +ALTER TABLE `configurations` CHANGE `use_ldap` `ldap_used` BOOLEAN NOT NULL DEFAULT FALSE AFTER `ldap_anonymous`;
  11 +ALTER TABLE `configurations` CHANGE `baseDn_ldap` `ldap_baseDn` VARCHAR(300) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_host`;
  12 +ALTER TABLE `configurations` CHANGE `port_ldap` `ldap_port` VARCHAR(10) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_host`;
  13 +ALTER TABLE `configurations` CHANGE `authentificationType_ldap` `ldap_authenticationType` VARCHAR(30) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_port`;
  14 +ALTER TABLE `configurations` CHANGE `filter_ldap` `ldap_filter` VARCHAR(300) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_baseDn`;
database/update/script_sql/db-update-2019-01-09.sql 0 → 100755
@@ -0,0 +1,13 @@ @@ -0,0 +1,13 @@
  1 +use database;
  2 +
  3 +
  4 +ALTER TABLE `configurations` ADD `ldap_anonymous` BOOLEAN NOT NULL DEFAULT TRUE ;
  5 +ALTER TABLE `configurations` ADD `ldap_bindDn` VARCHAR(250) NULL DEFAULT NULL ;
  6 +ALTER TABLE `configurations` ADD `ldap_bindPass` VARCHAR(50) NULL DEFAULT NULL ;
  7 +
  8 +ALTER TABLE `configurations` CHANGE `host_ldap` `ldap_host` VARCHAR(250) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_bindPass`;
  9 +ALTER TABLE `configurations` CHANGE `use_ldap` `ldap_used` BOOLEAN NOT NULL DEFAULT FALSE AFTER `ldap_anonymous`;
  10 +ALTER TABLE `configurations` CHANGE `baseDn_ldap` `ldap_baseDn` VARCHAR(300) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_host`;
  11 +ALTER TABLE `configurations` CHANGE `port_ldap` `ldap_port` VARCHAR(10) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_host`;
  12 +ALTER TABLE `configurations` CHANGE `authentificationType_ldap` `ldap_authenticationType` VARCHAR(30) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_port`;
  13 +ALTER TABLE `configurations` CHANGE `filter_ldap` `ldap_filter` VARCHAR(300) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL AFTER `ldap_baseDn`;
src/Controller/AppController.php
@@ -475,7 +475,7 @@ class AppController extends Controller @@ -475,7 +475,7 @@ class AppController extends Controller
475 { 475 {
476 if (! $this->CURRENT_PRIVILEDGED_USER) { 476 if (! $this->CURRENT_PRIVILEDGED_USER) {
477 $configuration = $this->confLabinvent; 477 $configuration = $this->confLabinvent;
478 - $username = $user ? $user[$configuration->authentificationType_ldap][0] : $this->LdapAuth->user($configuration->authentificationType_ldap)[0]; 478 + $username = $user ? $user[$configuration->ldap_authenticationType][0] : $this->LdapAuth->user($configuration->ldap_authenticationType)[0];
479 $priviledgedUser = TableRegistry::get('Users')->find() 479 $priviledgedUser = TableRegistry::get('Users')->find()
480 ->where([ 480 ->where([
481 'username' => $username 481 'username' => $username
@@ -642,7 +642,7 @@ class AppController extends Controller @@ -642,7 +642,7 @@ class AppController extends Controller
642 642
643 $configuration = $this->confLabinvent; 643 $configuration = $this->confLabinvent;
644 $this->set('configuration', $configuration); 644 $this->set('configuration', $configuration);
645 - $this->request->session()->write("authType", $configuration->authentificationType_ldap); 645 + $this->request->session()->write("authType", $configuration->ldap_authenticationType);
646 646
647 // ATTENTION, $priviledgedUser = NULL si l'utilisateur courant n'est pas un utilisateur privilégié 647 // ATTENTION, $priviledgedUser = NULL si l'utilisateur courant n'est pas un utilisateur privilégié
648 // (c'est à dire s'il n'est pas dans la table "utilisateurs") 648 // (c'est à dire s'il n'est pas dans la table "utilisateurs")
src/Controller/ConfigurationsController.php
@@ -108,7 +108,7 @@ class ConfigurationsController extends AppController @@ -108,7 +108,7 @@ class ConfigurationsController extends AppController
108 108
109 // Gestion du lieu de stockage : soit on cache la DIV 'interne' et on affiche la DIV 'externe', soit on fait l'inverse (par defaut, interne) 109 // Gestion du lieu de stockage : soit on cache la DIV 'interne' et on affiche la DIV 'externe', soit on fait l'inverse (par defaut, interne)
110 $disp = 'display:block'; 110 $disp = 'display:block';
111 - $ldap = $configurationObj->get('use_ldap'); 111 + $ldap = $configurationObj->get('ldap_used');
112 if ($ldap !== null) { 112 if ($ldap !== null) {
113 if ($ldap) { 113 if ($ldap) {
114 $disp = 'display:block'; 114 $disp = 'display:block';
src/Controller/DocumentsController.php
@@ -65,7 +65,7 @@ class DocumentsController extends AppController @@ -65,7 +65,7 @@ class DocumentsController extends AppController
65 } 65 }
66 $u = TableRegistry::get('Users')->find() 66 $u = TableRegistry::get('Users')->find()
67 ->where([ 67 ->where([
68 - 'username' => $user[$configuration->authentificationType_ldap][0] 68 + 'username' => $user[$configuration->ldap_authenticationType][0]
69 ]) 69 ])
70 ->first(); 70 ->first();
71 71
src/Controller/FormulesController.php
@@ -40,7 +40,7 @@ class FormulesController extends AppController @@ -40,7 +40,7 @@ class FormulesController extends AppController
40 $id = $this->getIdPassed(); 40 $id = $this->getIdPassed();
41 if ($this->isOwnedBy($id, $user['sn'][0] . ' ' . $user['givenname'][0])) 41 if ($this->isOwnedBy($id, $user['sn'][0] . ' ' . $user['givenname'][0]))
42 return true; 42 return true;
43 - if ($role == 'Responsable' && $this->isRespGroup($id, $user[$configuration->authentificationType_ldap][0])) 43 + if ($role == 'Responsable' && $this->isRespGroup($id, $user[$configuration->ldap_authenticationType][0]))
44 return true; 44 return true;
45 } 45 }
46 46
src/Controller/MaterielsController.php
@@ -185,7 +185,7 @@ class MaterielsController extends AppController @@ -185,7 +185,7 @@ class MaterielsController extends AppController
185 { 185 {
186 $user = $userFromSession; 186 $user = $userFromSession;
187 $configuration = $this->confLabinvent; 187 $configuration = $this->confLabinvent;
188 - $userCname = $user[$configuration->authentificationType_ldap][0]; 188 + $userCname = $user[$configuration->ldap_authenticationType][0];
189 /* 189 /*
190 * $role = TableRegistry::get('Users')->find() 190 * $role = TableRegistry::get('Users')->find()
191 * ->where(['username' => $user[$configuration->authentificationType_ldap][0]]) 191 * ->where(['username' => $user[$configuration->authentificationType_ldap][0]])
src/Controller/PagesController.php
@@ -79,7 +79,7 @@ class PagesController extends AppController @@ -79,7 +79,7 @@ class PagesController extends AppController
79 // @todo : faire plus proprement, dans isAuthorized() 79 // @todo : faire plus proprement, dans isAuthorized()
80 // Si l'utilisateur n'est pas connecté, on le redirige vers la page login.ctp 80 // Si l'utilisateur n'est pas connecté, on le redirige vers la page login.ctp
81 // sauf si l'action demandée est 'about' ou si le mode install est activé 81 // sauf si l'action demandée est 'about' ou si le mode install est activé
82 - if (! ($this->LdapAuth->user($configuration->authentificationType_ldap)[0]) && $path[0] != 'about' && ! ($configuration->mode_install)) { 82 + if (! ($this->LdapAuth->user($configuration->ldap_authenticationType)[0]) && $path[0] != 'about' && ! ($configuration->mode_install)) {
83 return $this->redirect([ 83 return $this->redirect([
84 'controller' => 'users', 84 'controller' => 'users',
85 'action' => 'login' 85 'action' => 'login'
src/Controller/SuivisController.php
@@ -45,7 +45,7 @@ class SuivisController extends AppController @@ -45,7 +45,7 @@ class SuivisController extends AppController
45 $id = $this->getIdPassed(); 45 $id = $this->getIdPassed();
46 if ($this->isOwnedBy($id, $user['sn'][0] . ' ' . $user['givenname'][0])) 46 if ($this->isOwnedBy($id, $user['sn'][0] . ' ' . $user['givenname'][0]))
47 return true; 47 return true;
48 - if ($role == 'Responsable' && $this->isRespGroup($id, $user[$configuration->authentificationType_ldap][0])) 48 + if ($role == 'Responsable' && $this->isRespGroup($id, $user[$configuration->ldap_authenticationType][0]))
49 return true; 49 return true;
50 } 50 }
51 return parent::isAuthorized($user); 51 return parent::isAuthorized($user);
src/Model/Entity/Configuration.php
@@ -10,12 +10,12 @@ use Cake\ORM\Entity; @@ -10,12 +10,12 @@ use Cake\ORM\Entity;
10 * @property string $nom 10 * @property string $nom
11 * @property bool $mode_install 11 * @property bool $mode_install
12 * @property bool $mode_debug 12 * @property bool $mode_debug
13 - * @property bool $use_ldap  
14 - * @property string $host_ldap  
15 - * @property string $port_ldap  
16 - * @property string $authentificationType_ldap  
17 - * @property string $baseDn_ldap  
18 - * @property string $filter_ldap 13 + * @property bool $ldap_used
  14 + * @property string $ldap_host
  15 + * @property string $ldap_port
  16 + * @property string $ldap_authenticationType
  17 + * @property string $ldap_baseDn
  18 + * @property string $ldap_filter
19 * @property string $labName 19 * @property string $labName
20 * @property string $labNameShort 20 * @property string $labNameShort
21 * @property string $labPresent 21 * @property string $labPresent
src/Model/Table/ConfigurationsTable.php
@@ -50,17 +50,17 @@ class ConfigurationsTable extends AppTable @@ -50,17 +50,17 @@ class ConfigurationsTable extends AppTable
50 50
51 $validator->boolean('mode_debug')->allowEmpty('mode_debug'); 51 $validator->boolean('mode_debug')->allowEmpty('mode_debug');
52 52
53 - $validator->boolean('use_ldap')->allowEmpty('use_ldap'); 53 + $validator->boolean('ldap_used')->allowEmpty('ldap_used');
54 54
55 - $validator->allowEmpty('host_ldap'); 55 + $validator->allowEmpty('ldap_host');
56 56
57 - $validator->allowEmpty('port_ldap'); 57 + $validator->allowEmpty('ldap_port');
58 58
59 - $validator->allowEmpty('authentificationType_ldap'); 59 + $validator->allowEmpty('ldap_authenticationType');
60 60
61 - $validator->allowEmpty('baseDn_ldap'); 61 + $validator->allowEmpty('ldap_baseDn');
62 62
63 - $validator->allowEmpty('filter_ldap'); 63 + $validator->allowEmpty('ldap_filter');
64 64
65 $validator->notEmpty('labName'); 65 $validator->notEmpty('labName');
66 66
src/Model/Table/LdapConnectionsTable.php
@@ -24,12 +24,12 @@ class LdapConnectionsTable extends AppTable @@ -24,12 +24,12 @@ class LdapConnectionsTable extends AppTable
24 /*MCM*/ 24 /*MCM*/
25 // EP 25 // EP
26 //private $anonymous; 26 //private $anonymous;
27 - private $anonymous_ldap; 27 + private $ldap_anonymous;
28 private $bindDn; 28 private $bindDn;
29 private $bindPass; 29 private $bindPass;
30 /* fin MCM*/ 30 /* fin MCM*/
31 31
32 - private $USE_LDAP = TRUE; 32 + private $LDAP_USED = TRUE;
33 33
34 private $fakeLDAPUsers = []; 34 private $fakeLDAPUsers = [];
35 35
@@ -47,7 +47,7 @@ class LdapConnectionsTable extends AppTable @@ -47,7 +47,7 @@ class LdapConnectionsTable extends AppTable
47 public function useLdap() 47 public function useLdap()
48 { 48 {
49 $this->checkConfiguration(); 49 $this->checkConfiguration();
50 - return $this->USE_LDAP; 50 + return $this->LDAP_USED;
51 } 51 }
52 52
53 private function buildFakeLdapUsers() 53 private function buildFakeLdapUsers()
@@ -140,10 +140,10 @@ class LdapConnectionsTable extends AppTable @@ -140,10 +140,10 @@ class LdapConnectionsTable extends AppTable
140 ]) 140 ])
141 ->first(); 141 ->first();
142 142
143 - $this->USE_LDAP = $config->use_ldap ? TRUE : FALSE; 143 + $this->LDAP_USED = $config->ldap_used ? TRUE : FALSE;
144 144
145 - if (! $this->USE_LDAP) {  
146 - $this->authenticationType = $config->authentificationType_ldap; 145 + if (! $this->LDAP_USED) {
  146 + $this->authenticationType = $config->ldap_authenticationType;
147 if (empty($this->fakeLDAPUsers)) 147 if (empty($this->fakeLDAPUsers))
148 $this->fakeLDAPUsers = $this->buildFakeLdapUsers(); 148 $this->fakeLDAPUsers = $this->buildFakeLdapUsers();
149 return true; 149 return true;
@@ -152,24 +152,28 @@ class LdapConnectionsTable extends AppTable @@ -152,24 +152,28 @@ class LdapConnectionsTable extends AppTable
152 152
153 $ldapConfig = $config->toArray(); 153 $ldapConfig = $config->toArray();
154 154
155 - if (! empty($config->host_ldap) && ! empty($config->port_ldap) && ! empty($config->baseDn_ldap) && ! empty($config->authentificationType_ldap) && ! empty($config->filter_ldap)) {  
156 - $this->host = $config->host_ldap;  
157 - $this->port = $config->port_ldap;  
158 - $this->baseDn = $config->baseDn_ldap;  
159 - $this->filter = $config->filter_ldap;  
160 - $this->authenticationType = $config->authentificationType_ldap; 155 + if (! empty($config->ldap_host) && ! empty($config->ldap_port) && ! empty($config->ldap_baseDn) && ! empty($config->ldap_authenticationType) && ! empty($config->ldap_filter)) {
  156 + $this->host = $config->ldap_host;
  157 + $this->port = $config->ldap_port;
  158 + $this->baseDn = $config->ldap_baseDn;
  159 + $this->filter = $config->ldap_filter;
  160 + $this->authenticationType = $config->ldap_authenticationType;
161 /*MCM*/ 161 /*MCM*/
162 - $NEW_CONF=FALSE; 162 + /*
  163 + $NEW_CONF=TRUE;
163 if ($NEW_CONF) { 164 if ($NEW_CONF) {
164 - $this->anonymous_ldap = $config->anonymous_ldap;  
165 - $this->bindDn = $config->bindDn_ldap;  
166 - $this->bindPass = $config->bindPass_ldap; 165 + */
  166 + $this->ldap_anonymous = $config->ldap_anonymous;
  167 + $this->bindDn = $config->ldap_bindDn;
  168 + $this->bindPass = $config->ldap_bindPass;
  169 + /*
167 } 170 }
168 else { 171 else {
169 - $this->anonymous_ldap = TRUE; 172 + $this->ldap_anonymous = TRUE;
170 $this->bindDn = NULL; 173 $this->bindDn = NULL;
171 $this->bindPass = NULL; 174 $this->bindPass = NULL;
172 } 175 }
  176 + */
173 /* fin MCM*/ 177 /* fin MCM*/
174 178
175 return true; 179 return true;
@@ -190,7 +194,7 @@ class LdapConnectionsTable extends AppTable @@ -190,7 +194,7 @@ class LdapConnectionsTable extends AppTable
190 try { 194 try {
191 if ($this->checkConfiguration()) { 195 if ($this->checkConfiguration()) {
192 // REAL LDAP 196 // REAL LDAP
193 - if ($this->USE_LDAP) { 197 + if ($this->LDAP_USED) {
194 $ldapConnection = ldap_connect($this->host, $this->port); 198 $ldapConnection = ldap_connect($this->host, $this->port);
195 ldap_set_option($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3); 199 ldap_set_option($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3);
196 200
@@ -215,7 +219,7 @@ class LdapConnectionsTable extends AppTable @@ -215,7 +219,7 @@ class LdapConnectionsTable extends AppTable
215 try { 219 try {
216 220
217 if ($this->checkConfiguration()) { 221 if ($this->checkConfiguration()) {
218 - if ($this->USE_LDAP) { 222 + if ($this->LDAP_USED) {
219 /* Code inutile car redondant: 223 /* Code inutile car redondant:
220 $ldapConnection = ldap_connect($this->host, $this->port); 224 $ldapConnection = ldap_connect($this->host, $this->port);
221 ldap_set_option($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3); 225 ldap_set_option($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3);
@@ -275,7 +279,7 @@ class LdapConnectionsTable extends AppTable @@ -275,7 +279,7 @@ class LdapConnectionsTable extends AppTable
275 $u = $this->getAllLdapUsers(); 279 $u = $this->getAllLdapUsers();
276 $utilisateurs = []; 280 $utilisateurs = [];
277 281
278 - if ($this->USE_LDAP) { 282 + if ($this->LDAP_USED) {
279 for ($i = 0; $i < $u['count']; $i ++) { 283 for ($i = 0; $i < $u['count']; $i ++) {
280 $utilisateurs[$u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]] = $u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]; 284 $utilisateurs[$u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]] = $u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0];
281 } 285 }
@@ -296,7 +300,7 @@ class LdapConnectionsTable extends AppTable @@ -296,7 +300,7 @@ class LdapConnectionsTable extends AppTable
296 $u = $this->getAllLdapUsers(); 300 $u = $this->getAllLdapUsers();
297 $utilisateurs = []; 301 $utilisateurs = [];
298 302
299 - if ($this->USE_LDAP) { 303 + if ($this->LDAP_USED) {
300 for ($i = 0; $i < $u['count']; $i ++) { 304 for ($i = 0; $i < $u['count']; $i ++) {
301 $utilisateurs[$u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]] = $u[$i][$this->authenticationType][0]; 305 $utilisateurs[$u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]] = $u[$i][$this->authenticationType][0];
302 } 306 }
@@ -317,7 +321,7 @@ class LdapConnectionsTable extends AppTable @@ -317,7 +321,7 @@ class LdapConnectionsTable extends AppTable
317 $u = $this->getAllLdapUsers(); 321 $u = $this->getAllLdapUsers();
318 $utilisateurs = []; 322 $utilisateurs = [];
319 323
320 - if ($this->USE_LDAP) { 324 + if ($this->LDAP_USED) {
321 for ($i = 0; $i < $u['count']; $i ++) { 325 for ($i = 0; $i < $u['count']; $i ++) {
322 if (isset($u[$i]['mail'][0])) { 326 if (isset($u[$i]['mail'][0])) {
323 $utilisateurs[$u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]] = $u[$i]['mail'][0]; 327 $utilisateurs[$u[$i]['sn'][0] . ' ' . $u[$i]['givenname'][0]] = $u[$i]['mail'][0];
@@ -341,7 +345,7 @@ class LdapConnectionsTable extends AppTable @@ -341,7 +345,7 @@ class LdapConnectionsTable extends AppTable
341 { 345 {
342 $u = $this->getAllLdapUsers(); 346 $u = $this->getAllLdapUsers();
343 347
344 - if ($this->USE_LDAP) { 348 + if ($this->LDAP_USED) {
345 $nbUsers = $u['count']; 349 $nbUsers = $u['count'];
346 } else { 350 } else {
347 $nbUsers = sizeof($u) - 1; 351 $nbUsers = sizeof($u) - 1;
@@ -364,7 +368,7 @@ class LdapConnectionsTable extends AppTable @@ -364,7 +368,7 @@ class LdapConnectionsTable extends AppTable
364 try { 368 try {
365 if ($this->checkConfiguration()) { 369 if ($this->checkConfiguration()) {
366 // We are using LDAP 370 // We are using LDAP
367 - if ($this->USE_LDAP) { 371 + if ($this->LDAP_USED) {
368 // CRAL must set this to FALSE 372 // CRAL must set this to FALSE
369 //$LDAP_ANONYMOUS = TRUE; 373 //$LDAP_ANONYMOUS = TRUE;
370 374
@@ -435,7 +439,7 @@ class LdapConnectionsTable extends AppTable @@ -435,7 +439,7 @@ class LdapConnectionsTable extends AppTable
435 /*MCM*/ 439 /*MCM*/
436 // bind optionnel 440 // bind optionnel
437 //if ($anonymous == '0') 441 //if ($anonymous == '0')
438 - if (! $this->anonymous_ldap) 442 + if (! $this->ldap_anonymous)
439 //$ldapbind = ldap_bind($ldapConnection, $binddn, $ldappass) or die("Could not bind to LDAP server.". ldap_error($ldapConnection) ); 443 //$ldapbind = ldap_bind($ldapConnection, $binddn, $ldappass) or die("Could not bind to LDAP server.". ldap_error($ldapConnection) );
440 $ldapbind = ldap_bind($ldapConnection, $this->bindDn, $this->bindPass) or die("Could not bind to LDAP server.". ldap_error($ldapConnection) ); 444 $ldapbind = ldap_bind($ldapConnection, $this->bindDn, $this->bindPass) or die("Could not bind to LDAP server.". ldap_error($ldapConnection) );
441 // EP: bind obligatoire 445 // EP: bind obligatoire
src/Model/Table/UsersTable.php
@@ -81,7 +81,7 @@ class UsersTable extends AppTable @@ -81,7 +81,7 @@ class UsersTable extends AppTable
81 'id =' => 1 81 'id =' => 1
82 ]) 82 ])
83 ->first(); 83 ->first();
84 - if ($configuration->use_ldap) { 84 + if ($configuration->ldap_used) {
85 $validator->allowEmpty('email'); 85 $validator->allowEmpty('email');
86 } else { 86 } else {
87 $validator->email('email')->notEmpty('email', 'Un adresse mail est nécessaire'); 87 $validator->email('email')->notEmpty('email', 'Un adresse mail est nécessaire');
src/Template/Configurations/edit.ctp
@@ -128,46 +128,59 @@ @@ -128,46 +128,59 @@
128 ]); 128 ]);
129 echo '</div>'; 129 echo '</div>';
130 130
  131 +
  132 + // LDAP SECTION
131 echo '<h3 id="t_fichiers" style="cursor: pointer;">'; 133 echo '<h3 id="t_fichiers" style="cursor: pointer;">';
132 echo '<i class="icon-chevron-down" style="font-size: 14px;" id="i_fichiers"></i>'; 134 echo '<i class="icon-chevron-down" style="font-size: 14px;" id="i_fichiers"></i>';
133 echo '<span style="text-decoration: underline;">LDAP</span>'; 135 echo '<span style="text-decoration: underline;">LDAP</span>';
134 echo '</h3>'; 136 echo '</h3>';
135 echo '<div id="fichiers" style="margin-bottom: 20px;">'; 137 echo '<div id="fichiers" style="margin-bottom: 20px;">';
136 - echo $this->Form->input('use_ldap', [ 138 + echo $this->Form->input('ldap_used', [
137 'label' => 'Utilisation du LDAP', 139 'label' => 'Utilisation du LDAP',
138 'onchange' => 'display_ldap();' 140 'onchange' => 'display_ldap();'
139 ]); 141 ]);
  142 +
  143 + // start LDAP DIV
140 echo '<div id="ldap" style="border-top: 1px solid #CCC; border-bottom: 1px solid #CCC; margin-bottom: 0; background: #EEE; ' . $disp . '">'; 144 echo '<div id="ldap" style="border-top: 1px solid #CCC; border-bottom: 1px solid #CCC; margin-bottom: 0; background: #EEE; ' . $disp . '">';
141 - echo $this->Form->input('host_ldap', [ 145 + echo $this->Form->input('ldap_host', [
142 'label' => 'Host du LDAP' 146 'label' => 'Host du LDAP'
143 ]); 147 ]);
144 - echo $this->Form->input('port_ldap', [ 148 + echo $this->Form->input('ldap_port', [
145 'label' => 'Port du LDAP' 149 'label' => 'Port du LDAP'
146 ]); 150 ]);
147 - echo $this->Form->input('authentificationType_ldap', [ 151 + echo $this->Form->input('ldap_authenticationType', [
148 'label' => 'Type d\'authentification du LDAP' 152 'label' => 'Type d\'authentification du LDAP'
149 ]); 153 ]);
150 - echo $this->Form->input('baseDn_ldap', [ 154 + echo $this->Form->input('ldap_baseDn', [
151 'label' => 'Base DN du LDAP' 155 'label' => 'Base DN du LDAP'
152 ]); 156 ]);
153 - echo $this->Form->input('filter_ldap', [ 157 + echo $this->Form->input('ldap_filter', [
154 'label' => 'Filtre du LDAP' 158 'label' => 'Filtre du LDAP'
155 ]); 159 ]);
156 160
157 /*MCM*/ 161 /*MCM*/
158 - echo $this->Form->input('anonymous_ldap', [  
159 - 'label' => 'LDAP anonyme'  
160 - ]);  
161 - echo $this->Form->input('bindDn_ldap', [  
162 - 'label' => 'Bind du LDAP'  
163 - ]);  
164 - echo $this->Form->input('bindPass_ldap', [  
165 - 'label' => 'Password Bind du LDAP'  
166 - ]); 162 + // start LDAP auth subsection (DIV)
  163 + echo $this->Form->input('ldap_anonymous', [
  164 + 'label' => 'LDAP anonyme',
  165 + 'onchange' => 'display_ldap_auth();'
  166 + ]);
  167 + echo '<div id="ldap_auth" style="border-top: 1px solid #CCC; border-bottom: 1px solid #CCC; margin-bottom: 0; background: #EEE; ' . $disp . '">';
  168 + echo $this->Form->input('ldap_bindDn', [
  169 + 'label' => 'Bind du LDAP'
  170 + ]);
  171 + echo $this->Form->input('ldap_bindPass', [
  172 + 'label' => 'Password Bind du LDAP'
  173 + ]);
  174 + echo '</div>';
  175 + // end LDAP auth subsection (DIV)
167 /* fin MCM */ 176 /* fin MCM */
168 177
169 echo '</div>'; 178 echo '</div>';
  179 + // end LDAP DIV
  180 +
170 echo '</div>'; 181 echo '</div>';
  182 + // END LDAP SECTION
  183 +
171 184
172 echo '<h3 id="t_fichiers" style="cursor: pointer;">'; 185 echo '<h3 id="t_fichiers" style="cursor: pointer;">';
173 echo '<i class="icon-chevron-down" style="font-size: 14px;" id="i_fichiers"></i>'; 186 echo '<i class="icon-chevron-down" style="font-size: 14px;" id="i_fichiers"></i>';
src/Template/Configurations/view.ctp
@@ -30,7 +30,7 @@ @@ -30,7 +30,7 @@
30 $print = "Non"; 30 $print = "Non";
31 } 31 }
32 32
33 - if (h($configurationObj->use_ldap) == 1) { 33 + if (h($configurationObj->ldap_used) == 1) {
34 $ldap = "Oui"; 34 $ldap = "Oui";
35 } else { 35 } else {
36 $ldap = "Non"; 36 $ldap = "Non";
@@ -145,16 +145,16 @@ @@ -145,16 +145,16 @@
145 echo '<table>'; 145 echo '<table>';
146 echo '<tr><th style="width: 250px;"></th><th></th></tr>'; 146 echo '<tr><th style="width: 250px;"></th><th></th></tr>';
147 $displayElement(__('Utilisation du LDAP'), $ldap); 147 $displayElement(__('Utilisation du LDAP'), $ldap);
148 - $displayElement(__('Host du LDAP'), h($configurationObj->host_ldap));  
149 - $displayElement(__('Port du LDAP'), h($configurationObj->port_ldap));  
150 - $displayElement(__('Type d\'authentification du LDAP'), h($configurationObj->authentificationType_ldap));  
151 - $displayElement(__('Base DN du LDAP'), h($configurationObj->baseDn_ldap));  
152 - $displayElement(__('Filtre du LDAP'), h($configurationObj->filter_ldap)); 148 + $displayElement(__('Host du LDAP'), h($configurationObj->ldap_host));
  149 + $displayElement(__('Port du LDAP'), h($configurationObj->ldap_port));
  150 + $displayElement(__('Type d\'authentification du LDAP'), h($configurationObj->ldap_authenticationType));
  151 + $displayElement(__('Base DN du LDAP'), h($configurationObj->ldap_baseDn));
  152 + $displayElement(__('Filtre du LDAP'), h($configurationObj->ldap_filter));
153 153
154 /*MCM*/ 154 /*MCM*/
155 - $displayElement(__('LDAP anonyme'), h($configurationObj->anonymous_ldap));  
156 - $displayElement(__('Bind du LDAP'), h($configurationObj->bindDn_ldap));  
157 - $displayElement(__('Password Bind du LDAP'), h($configurationObj->bindPass_ldap)); 155 + $displayElement(__('LDAP anonyme'), h($configurationObj->ldap_anonymous)?"Oui":"Non" );
  156 + $displayElement(__('Bind du LDAP'), h($configurationObj->ldap_bindDn));
  157 + $displayElement(__('Password Bind du LDAP'), h($configurationObj->ldap_bindPass));
158 /*fin MCM*/ 158 /*fin MCM*/
159 159
160 echo '</table>'; 160 echo '</table>';
src/Template/Users/add.ctp
1 1
2 <div class="utilisateurs form"> 2 <div class="utilisateurs form">
3 <?= $this->Form->create($user) ?> 3 <?= $this->Form->create($user) ?>
4 - <?php $USE_LDAP = $configuration->use_ldap; ?> 4 + <?php $LDAP_USED = $configuration->ldap_used; ?>
5 <fieldset> 5 <fieldset>
6 <h2> 6 <h2>
7 <i class="icon-plus"></i> Ajouter un utilisateur privilégié 7 <i class="icon-plus"></i> Ajouter un utilisateur privilégié
@@ -9,7 +9,7 @@ @@ -9,7 +9,7 @@
9 <?php 9 <?php
10 10
11 // fake LDAP 11 // fake LDAP
12 - if (! $USE_LDAP) { 12 + if (! $LDAP_USED) {
13 echo $this->Form->input('newname', [ 13 echo $this->Form->input('newname', [
14 'label' => 'Nom', 14 'label' => 'Nom',
15 'div' => 'input required' 15 'div' => 'input required'
@@ -28,7 +28,7 @@ @@ -28,7 +28,7 @@
28 } 28 }
29 echo '<div style="color: grey; font-size: 10px;">Note: un utilisateur ne peut pas être présent deux fois dans l\'inventaire.</div>'; 29 echo '<div style="color: grey; font-size: 10px;">Note: un utilisateur ne peut pas être présent deux fois dans l\'inventaire.</div>';
30 30
31 - $READONLY = $USE_LDAP ? true : false; 31 + $READONLY = $LDAP_USED ? true : false;
32 32
33 echo $this->Form->input('username', [ 33 echo $this->Form->input('username', [
34 'label' => 'Login', 34 'label' => 'Login',
@@ -36,7 +36,7 @@ @@ -36,7 +36,7 @@
36 'readonly' => $READONLY 36 'readonly' => $READONLY
37 ]); 37 ]);
38 38
39 - if (! $USE_LDAP) { 39 + if (! $LDAP_USED) {
40 echo $this->Form->input('password'); 40 echo $this->Form->input('password');
41 } 41 }
42 42
@@ -89,7 +89,7 @@ echo $this-&gt;element(&#39;menu_form&#39;, [ @@ -89,7 +89,7 @@ echo $this-&gt;element(&#39;menu_form&#39;, [
89 </div> 89 </div>
90 90
91 <?php 91 <?php
92 -if ($USE_LDAP) { 92 +if ($LDAP_USED) {
93 ?> 93 ?>
94 <script type="text/javascript"> 94 <script type="text/javascript">
95 95
src/Template/Users/edit.ctp
1 1
2 <div class="utilisateurs form"> 2 <div class="utilisateurs form">
3 <?= $this->Form->create($user) ?> 3 <?= $this->Form->create($user) ?>
4 - <?php $USE_LDAP = $configuration->use_ldap; ?> 4 + <?php $LDAP_USED = $configuration->ldap_used; ?>
5 <fieldset> 5 <fieldset>
6 <h2> 6 <h2>
7 <i class="icon-edit"></i> Editer un utilisateur privilégié 7 <i class="icon-edit"></i> Editer un utilisateur privilégié
@@ -15,7 +15,7 @@ @@ -15,7 +15,7 @@
15 'div' => 'input required' 15 'div' => 'input required'
16 ]); 16 ]);
17 17
18 - $READONLY = $USE_LDAP ? true : false; 18 + $READONLY = $LDAP_USED ? true : false;
19 19
20 echo $this->Form->input('username', [ 20 echo $this->Form->input('username', [
21 'label' => 'Login', 21 'label' => 'Login',
@@ -23,7 +23,7 @@ @@ -23,7 +23,7 @@
23 'readonly' => $READONLY 23 'readonly' => $READONLY
24 ]); 24 ]);
25 25
26 - if (! $USE_LDAP) { 26 + if (! $LDAP_USED) {
27 echo $this->Form->input('password'); 27 echo $this->Form->input('password');
28 } 28 }
29 29
src/Template/Users/login.ctp
@@ -5,7 +5,7 @@ @@ -5,7 +5,7 @@
5 <p>Vous n'êtes pas connecté, veuillez vous authentifier.</p> 5 <p>Vous n'êtes pas connecté, veuillez vous authentifier.</p>
6 <?= $this->Flash->render('auth') ?> 6 <?= $this->Flash->render('auth') ?>
7 <?= $this->Form->create() ?> 7 <?= $this->Form->create() ?>
8 - <?php if($configuration->use_ldap) { $label = 'Login (LDAP)'; } else { $label = 'Login'; }?> 8 + <?php if($configuration->ldap_used) { $label = 'Login (LDAP)'; } else { $label = 'Login'; }?>
9 <fieldset> 9 <fieldset>
10 <?= $this->Form->input('ldap', ['label' => $label, 'div' => 'input required']) ?> 10 <?= $this->Form->input('ldap', ['label' => $label, 'div' => 'input required']) ?>
11 <?= $this->Form->input('password', ['label' => 'Mot de passe', 'div' => 'input required']) ?> 11 <?= $this->Form->input('password', ['label' => 'Mot de passe', 'div' => 'input required']) ?>
tests/Fixture/ConfigurationsFixture.php
@@ -21,12 +21,12 @@ class ConfigurationsFixture extends TestFixture @@ -21,12 +21,12 @@ class ConfigurationsFixture extends TestFixture
21 'nom' => ['type' => 'string', 'length' => 45, 'null' => false, 'default' => null, 'comment' => 'obligatoire (et unique)', 'precision' => null, 'fixed' => null], 21 'nom' => ['type' => 'string', 'length' => 45, 'null' => false, 'default' => null, 'comment' => 'obligatoire (et unique)', 'precision' => null, 'fixed' => null],
22 'mode_install' => ['type' => 'boolean', 'length' => null, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null], 22 'mode_install' => ['type' => 'boolean', 'length' => null, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null],
23 'mode_debug' => ['type' => 'boolean', 'length' => null, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null], 23 'mode_debug' => ['type' => 'boolean', 'length' => null, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null],
24 - 'use_ldap' => ['type' => 'boolean', 'length' => null, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null],  
25 - 'host_ldap' => ['type' => 'text', 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],  
26 - 'port_ldap' => ['type' => 'string', 'length' => 10, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],  
27 - 'authentificationType_ldap' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],  
28 - 'baseDn_ldap' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],  
29 - 'filter_ldap' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], 24 + 'ldap_used' => ['type' => 'boolean', 'length' => null, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null],
  25 + 'ldap_host' => ['type' => 'text', 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],
  26 + 'ldap_port' => ['type' => 'string', 'length' => 10, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],
  27 + 'ldap_authenticationType' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],
  28 + 'ldap_baseDn' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],
  29 + 'ldap_filter' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],
30 'labName' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], 30 'labName' => ['type' => 'string', 'length' => 30, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],
31 'labNameShort' => ['type' => 'string', 'length' => 20, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], 31 'labNameShort' => ['type' => 'string', 'length' => 20, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],
32 'labPresent' => ['type' => 'string', 'length' => 10, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null], 32 'labPresent' => ['type' => 'string', 'length' => 10, 'null' => true, 'default' => null, 'comment' => '', 'precision' => null, 'fixed' => null],
@@ -77,12 +77,12 @@ class ConfigurationsFixture extends TestFixture @@ -77,12 +77,12 @@ class ConfigurationsFixture extends TestFixture
77 'nom' => 'Lorem ipsum dolor sit amet', 77 'nom' => 'Lorem ipsum dolor sit amet',
78 'mode_install' => 0, 78 'mode_install' => 0,
79 'mode_debug' => 0, 79 'mode_debug' => 0,
80 - 'use_ldap' => 0,  
81 - 'host_ldap' => 'Lorem ipsum dolor sit amet',  
82 - 'port_ldap' => 'Lorem ip',  
83 - 'authentificationType_ldap' => 'cn',  
84 - 'baseDn_ldap' => 'Lorem ipsum dolor sit amet',  
85 - 'filter_ldap' => 'Lorem ipsum dolor sit amet', 80 + 'ldap_used' => 0,
  81 + 'ldap_host' => 'Lorem ipsum dolor sit amet',
  82 + 'ldap_port' => 'Lorem ip',
  83 + 'ldap_authenticationType' => 'cn',
  84 + 'ldap_baseDn' => 'Lorem ipsum dolor sit amet',
  85 + 'ldap_filter' => 'Lorem ipsum dolor sit amet',
86 'labName' => 'TestLong', 86 'labName' => 'TestLong',
87 'labNameShort' => 'TEST', 87 'labNameShort' => 'TEST',
88 'labPresent' => 'de ', 88 'labPresent' => 'de ',
webroot/js/script.js
@@ -105,6 +105,9 @@ function emprunt_interne_externe() { @@ -105,6 +105,9 @@ function emprunt_interne_externe() {
105 function display_ldap() { 105 function display_ldap() {
106 $('#ldap').toggle(); 106 $('#ldap').toggle();
107 } 107 }
  108 +function display_ldap_auth() {
  109 + $('#ldap_auth').toggle();
  110 +}
108 111
109 function selectAll() { 112 function selectAll() {
110 for(i = 0; i < document.getElementsByTagName("input").length; i++) 113 for(i = 0; i < document.getElementsByTagName("input").length; i++)