nur-sery/nur_src/b/authnz/CasUserManager.php

<?php
namespace nur\b\authnz;

use nur\A;
use nur\str;

/**
 * Class CasUserManager: un utilisateur CAS v3
 */
class CasUserManager extends SimpleUserManager {
  function __construct(?string $appcode=null) {
    $this->appcode = $appcode;
  }

  protected $appcode;

  function _getUser(string $username): ?array {
    return ["username" => $username];
  }

  function getUser(string $username, ?array $overrides, ?bool &$found=null): array {
    $user = parent::getUser($username, $overrides, $found);
    # support des attributs CAS
    $cas_attrs = A::get($overrides, "cas_attrs");
    if ($cas_attrs !== null) {
      $authzs = A::get($cas_attrs, "rununivauthorization");
      if ($authzs !== null) {
        $authzs = explode(",", $authzs);
        $appcode = $this->appcode;
        $groups = [];
        $role = null;
        $perms = [];
        foreach ($authzs as $authz) {
          if ($authz == "*:*") {
            $perms[] = "*";
          } elseif (str::del_prefix($authz, "$appcode:")) {
            if ($authz == "*") $perms[] = "*";
            elseif (str::del_prefix($authz, "@")) $groups[] = $authz;
            elseif (str::del_prefix($authz, "*")) $role = $authz;
            else $perms[] = $authz;
          }
        }
        A::merge($user["groups"], $groups);
        if ($role !== null) $user["role"] = $role;
        A::merge($user["perms"], $perms);
      }
    }
    return $user;
  }
}
ajout nur/* 2023-12-03 22:10:18 +04:00			`<?php`
			`namespace nur\b\authnz;`

			`use nur\A;`
			`use nur\str;`

			`/**`
			`* Class CasUserManager: un utilisateur CAS v3`
			`*/`
			`class CasUserManager extends SimpleUserManager {`
			`function __construct(?string $appcode=null) {`
			`$this->appcode = $appcode;`
			`}`

			`protected $appcode;`

			`function _getUser(string $username): ?array {`
			`return ["username" => $username];`
			`}`

			`function getUser(string $username, ?array $overrides, ?bool &$found=null): array {`
			`$user = parent::getUser($username, $overrides, $found);`
			`# support des attributs CAS`
			`$cas_attrs = A::get($overrides, "cas_attrs");`
			`if ($cas_attrs !== null) {`
			`$authzs = A::get($cas_attrs, "rununivauthorization");`
			`if ($authzs !== null) {`
			`$authzs = explode(",", $authzs);`
			`$appcode = $this->appcode;`
			`$groups = [];`
support des roles dans CAS 2024-04-29 11:02:44 +04:00			`$role = null;`
ajout nur/* 2023-12-03 22:10:18 +04:00			`$perms = [];`
			`foreach ($authzs as $authz) {`
			`if ($authz == ":") {`
			`$perms[] = "*";`
			`} elseif (str::del_prefix($authz, "$appcode:")) {`
support des roles dans CAS 2024-04-29 11:02:44 +04:00			`if ($authz == "") $perms[] = "";`
			`elseif (str::del_prefix($authz, "@")) $groups[] = $authz;`
			`elseif (str::del_prefix($authz, "*")) $role = $authz;`
			`else $perms[] = $authz;`
ajout nur/* 2023-12-03 22:10:18 +04:00			`}`
			`}`
			`A::merge($user["groups"], $groups);`
support des roles dans CAS 2024-04-29 11:02:44 +04:00			`if ($role !== null) $user["role"] = $role;`
ajout nur/* 2023-12-03 22:10:18 +04:00			`A::merge($user["perms"], $perms);`
			`}`
			`}`
			`return $user;`
			`}`
			`}`