add inventory service; add school role and attach after login via cas; load...

add inventory service; add school role and attach after login via cas; load role from database and add to session
parent 7bb4c62f
......@@ -13,10 +13,10 @@ return [
'module/assets_manager/bootstrap.php',
'module/authentication/bootstrap.php',
'module/authorization/bootstrap.php',
// 'module/sch_ldap/bootstrap.php',
'module/sch_ldap/bootstrap.php',
'module/sch_sso/bootstrap.php',
'module/sch_mm/bootstrap.php',
// 'module/sch_auto_create/bootstrap.php',
'module/sch_inventory/bootstrap.php',
'module/schools/bootstrap.php',
'module/application/bootstrap.php',
],
......
......@@ -11,9 +11,10 @@ return [
'acl' => [
'default_role' => 'guest',
'roles' => [
'guest' => [],
'user' => [],
'admin' => ['user'],
'guest' => [],
'user' => [],
'school' => ['user'],
'admin' => ['user'],
],
'resoures' => [],
'guards' => [
......
<?php return [
'inventory' => [
'base_uri' => '',
],
];
\ No newline at end of file
......@@ -11,10 +11,10 @@ return [
'acl' => [
'guards' => [
'routes' => [
['/school', ['user'], ['get']],
['/school/labs', ['user'], ['get']],
['/school/staff', ['user'], ['get']],
['/school/assets', ['user'], ['get']],
['/school', ['school'], ['get']],
['/school/labs', ['school'], ['get']],
['/school/staff', ['school'], ['get']],
['/school/assets', ['school'], ['get']],
],
],
],
......
......@@ -22,6 +22,10 @@ return function (Slim\App $app) {
return new GrEduLabs\Authorization\Acl($settings['acl'], $c);
};
$container['acl'] = $container->protect(function () use ($container) {
return $container[GrEduLabs\Authorization\Acl::class];
});
$container['current_role'] = $container->protect(function () use ($container) {
$settings = $container['settings'];
$defaultRole = $settings['acl']['default_role'];
......@@ -40,14 +44,17 @@ return function (Slim\App $app) {
return new GrEduLabs\Authorization\RouteGuard($c[GrEduLabs\Authorization\Acl::class], $role);
};
$container[GrEduLabs\Authorization\RoleListener::class] = function ($c) {
return new GrEduLabs\Authorization\RoleListener($c['authentication_storage']);
$container[GrEduLabs\Authorization\Listener\RoleProvider::class] = function ($c) {
return new GrEduLabs\Authorization\Listener\RoleProvider(
$c['authentication_storage'],
$c[GrEduLabs\Authorization\Acl::class]
);
};
$events = $container['events'];
$events('on', 'authenticate.success', function ($stop, $identity) use ($container) {
$listener = $container[GrEduLabs\Authorization\RoleListener::class];
$listener = $container[GrEduLabs\Authorization\Listener\RoleProvider::class];
$listener($stop, $identity);
});
......
......@@ -8,22 +8,32 @@
* @license GNU GPLv3 http://www.gnu.org/licenses/gpl-3.0-standalone.html
*/
namespace GrEduLabs\Authorization;
namespace GrEduLabs\Authorization\Listener;
use GrEduLabs\Authorization\RoleAwareInterface;
use RedBeanPHP\R;
use Zend\Authentication\Storage\StorageInterface;
use Zend\Permissions\Acl\AclInterface;
class RoleListener
class RoleProvider
{
private $session;
public function __construct(StorageInterface $session)
private $acl;
public function __construct(StorageInterface $session, AclInterface $acl)
{
$this->session = $session;
$this->acl = $acl;
}
public function __invoke(callable $stop, RoleAwareInterface $identity)
{
$identity->setRole('user');
$user = R::findOne('user', 'mail = ?', [$identity->mail]);
$role = ($user && isset($user->role)) ? $user->role : 'user';
$validRoles = $this->acl->getRoles();
$role = (in_array($role, $validRoles)) ? $role : 'user';
$identity->setRole($role);
$this->session->write($identity);
}
}
......@@ -12,17 +12,13 @@ return function (Slim\App $app) {
$container = $app->getContainer();
$container['autoloader']->addPsr4('SchAutoCreate\\', __DIR__ . '/src');
$container['autoloader']->addPsr4('SchInventory\\', __DIR__ . '/src/');
$events = $container['events'];
$container['SchInventory\\Service'] = function ($c) {
$settings = $c['settings'];
$container[SchAutoCreate\Listener\User::class] = function ($c) {
return new SchAutoCreate\Listener\User($c['logger']);
return new SchInventory\GuzzleHttpService(
new GuzzleHttp\Client($settings['inventory'])
);
};
$events('on', 'authenticate.success', function ($stop, $identity) use ($container) {
$listener = $container[SchAutoCreate\Listener\User::class];
return $listener($stop, $identity);
});
};
<?php
/**
* gredu_labs
*
* @link https://github.com/eellak/gredu_labs for the canonical source repository
* @copyright Copyright (c) 2008-2015 Greek Free/Open Source Software Society (https://gfoss.ellak.gr/)
* @license GNU GPLv3 http://www.gnu.org/licenses/gpl-3.0-standalone.html
*/
namespace SchInventory;
class Equipment
{
protected $id;
protected $category;
protected $description;
protected $location;
protected $manufacturer;
protected $propertyNumber;
public function __construct($id, $category, $description, $location, $manufacturer, $propertyNumber)
{
$this->id = $id;
$this->category = $category;
$this->description = $description;
$this->location = $location;
$this->manufacturer = $manufacturer;
$this->propertyNumber = $propertyNumber;
}
public function __get($name)
{
if (property_exists($this, $name)) {
return $this->{$name};
}
return;
}
public function toArray()
{
return [
'id' => $this->id,
'category' => $this->category,
'description' => $this->description,
'location' => $this->location,
'manufacturer' => $this->manufacturer,
'propertyNumber' => $this->propertyNumber,
];
}
}
<?php
/**
* gredu_labs
*
* @link https://github.com/eellak/gredu_labs for the canonical source repository
* @copyright Copyright (c) 2008-2015 Greek Free/Open Source Software Society (https://gfoss.ellak.gr/)
* @license GNU GPLv3 http://www.gnu.org/licenses/gpl-3.0-standalone.html
*/
namespace SchInventory;
use CallbackFilterIterator;
use InvalidArgumentException;
use Traversable;
class EquipmentCollection extends ImmutableArrayObject
{
/**
* Collection constructor
*
* @param array|Traversable
*/
public function __construct($equipmentObjects)
{
if ($equipmentObjects instanceof Traversable) {
$equipmentObjects = iterator_to_array($equipmentObjects);
}
$previousHandler = set_error_handler(['self', 'handleErrors']);
parent::__construct(array_map(function (Equipment $equipment) {
return $equipment;
}, $equipmentObjects));
set_error_handler($previousHandler);
}
/**
* Returns a new Equipment collection with equimpment matching the given location
*
* @param string $location
* @retun EquipmentCollection
*/
public function withLocation($location)
{
return new self(new CallbackFilterIterator($this->getIterator(), function (Equipment $equipment) use ($location) {
return $equipment->location === $location;
}));
}
/**
* Returns a new Equipment collection with equimpment matching the given category
*
* @param string $category
* @retun EquipmentCollection
*/
public function withCategory($category)
{
return new self(new CallbackFilterIterator($this->getIterator(), function (Equipment $equipment) use ($category) {
return $equipment->category === $category;
}));
}
private static function handleErrors($severity, $message, $file, $line)
{
throw new InvalidArgumentException($message);
}
}
<?php
/**
* gredu_labs
*
* @link https://github.com/eellak/gredu_labs for the canonical source repository
* @copyright Copyright (c) 2008-2015 Greek Free/Open Source Software Society (https://gfoss.ellak.gr/)
* @license GNU GPLv3 http://www.gnu.org/licenses/gpl-3.0-standalone.html
*/
namespace SchInventory;
use GuzzleHttp\ClientInterface;
/**
* Inventory service implementation using GuzzleHttp library
*/
class GuzzleHttpService implements ServiceInterface
{
/**
* @var ClientInterface
*/
protected $httpClient;
/**
* Class constructor
*
* @param ClientInterface $httpClient
*/
public function __construct(ClientInterface $httpClient)
{
$this->httpClient = $httpClient;
}
/**
* Retrieves all equipment data for unit
*
* @param mixed $unit
* @return EquipmentCollection
*/
public function getUnitEquipment($unit)
{
$response = $this->httpClient->request('GET', $this->createBaseUri($unit));
$responseData = json_decode($response->getBody()->getContents(), true);
return new EquipmentCollection(
array_map([$this, 'hydrateEquipment'], $responseData['flat_results'])
);
}
/**
* Creates the uri with the unit query parameter
*
* @param mixed $unit
* @return Psr\Http\Message\UriInterface
*/
private function createBaseUri($unit)
{
$config = $this->httpClient->getConfig();
$baseUri = $config['base_uri'];
return $baseUri->withQueryValue($baseUri, 'unit', $unit);
}
private function hydrateEquipment(array $data)
{
return new Equipment(
(isset($data['id']) ? $data['id'] : null),
(isset($data['item_template.category.name']) ? $data['item_template.category.name'] : null),
(isset($data['item_template.description']) ? $data['item_template.description'] : null),
(isset($data['location.name']) ? $data['location.name'] : null),
(isset($data['item_template.manufacturer.name']) ? $data['item_template.manufacturer.name'] : null),
(isset($data['property_number']) ? $data['property_number'] : null)
);
}
}
<?php
/**
* gredu_labs
*
* @link https://github.com/eellak/gredu_labs for the canonical source repository
* @copyright Copyright (c) 2008-2015 Greek Free/Open Source Software Society (https://gfoss.ellak.gr/)
* @license GNU GPLv3 http://www.gnu.org/licenses/gpl-3.0-standalone.html
*/
namespace SchInventory;
use ArrayObject;
use LogicException;
class ImmutableArrayObject extends ArrayObject
{
public function append($value)
{
throw new LogicException('Attempting to write to an immutable array');
}
public function exchangeArray($input)
{
throw new LogicException('Attempting to write to an immutable array');
}
public function offsetSet($index, $newval)
{
throw new LogicException('Attempting to write to an immutable array');
}
public function offsetUnset($index)
{
throw new LogicException('Attempting to write to an immutable array');
}
}
<?php
/**
* gredu_labs
*
* @link https://github.com/eellak/gredu_labs for the canonical source repository
* @copyright Copyright (c) 2008-2015 Greek Free/Open Source Software Society (https://gfoss.ellak.gr/)
* @license GNU GPLv3 http://www.gnu.org/licenses/gpl-3.0-standalone.html
*/
namespace SchInventory;
/**
* Inventory service interface
*/
interface ServiceInterface
{
/**
* Retrieves all equipment data for unit
*
* @param mixed $unit
* @return EquipmentCollection
*/
public function getUnitEquipment($unit);
}
......@@ -73,6 +73,11 @@ return function (Slim\App $app) {
);
};
$container[SchSSO\Listener\User::class] = function ($c) {
return new SchSSO\Listener\User($c['logger']);
};
$container[SchSSO\Action\Login::class] = function ($c) {
$authService = $c['authentication_service'];
$authService->setAdapter($c[SchSSO\Adapter\Cas::class]);
......@@ -114,6 +119,13 @@ return function (Slim\App $app) {
}
});
$events('on', 'authenticate.success', function ($stop, $identity) use ($container) {
$listener = $container[SchSSO\Listener\User::class];
return $listener($stop, $identity);
}, 1000);
$app->get('/user/login/sso', SchSSO\Action\Login::class)->setName('user.login.sso');
$app->get('/user/logout/sso', SchSSO\Action\Logout::class)->setName('user.logout.sso');
};
......@@ -8,7 +8,7 @@
* @license GNU GPLv3 http://www.gnu.org/licenses/gpl-3.0-standalone.html
*/
namespace SchAutoCreate\Listener;
namespace SchSSO\Listener;
use Psr\Log\LoggerInterface;
use RedBeanPHP\R;
......@@ -34,7 +34,8 @@ class User
$user->authentication_source = $identity->authenticationSource;
$user->password = '';
$user->created = time();
$this->logger->info(sprintf('User %s added to database after login', $identity->mail));
$user->role = 'school';
$this->logger->info(sprintf('User %s imported from sso.sch.gr to database', $identity->mail));
}
$user->last_login = time();
R::store($user);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment