szabogyula / ldaporm-bundle
Symfony2 的 LDAP ORM
5.0.2
2022-01-11 13:14 UTC
Requires
- php: >=5.6.14
- symfony/flex: ^1.17|^2
README
一个提供 LDAP ORM 的 Symfony 扩展包。
此代码最初基于 Mathieu Goulin 的 Mathieu Goulin 的 GorgLdapOrmBundle。我们永远感激他为 UCSF IT 身份 & 访问管理提供的优秀基础。最初我们分叉了 GorgLdapOrmBundle,但随着我们开发的继续分叉并添加了新的功能,我们到了应该独立发展的时刻。UcsfLdapOrm 仓库就是在这样的新起点上创建的。
到目前为止的变化和新增内容
- 添加了
LdapEntity
类。这是一个 Symfony 实体,表示top
LDAP 对象类。 - 添加了许多
LdapEntity
的子类,以描述从top
到InetOrgPerson
的对象类。 - 添加了
Repository::filterByComplex()
,这使得实体管理器/仓库能够使用自定义构造的复杂布尔逻辑进行过滤。(详见代码注释 API 文档以获取详细信息。) - 移除了对 r1pp3rj4ck 的 TwigstringBundle 的依赖,并用 Symfony 2.6+ 的使用 Twig 的新字符串模板功能的能力来代替。
安装
需要 PHP5.5+ 和 Symphony 2.7+
- 添加到 composer.json
"ucsf/ldaporm": "dev-master"
- 将扩展包添加到 AppKernel.php
new Ucsf\LdapOrmBundle\UcsfLdapOrmBundle()
- 使用 composer 安装
$ composer update ucsf/ldaporm-bundle
文档
使用 UcsfLdapOrm 进行开发
在 config.yml 中配置 LDAP 服务
parameters:
some_ldap_server:
uri: ldaps://ldap.example.com
use_tls: true
bind_dn: cn=admin,dc=example,dc=com
password: shhhItsASecret
password_type: plaintext
ucsfldaporm_test: false
- uri: 连接到 LDAP 服务的 URI。
- use_tls: 'true' 或 'false' 来决定是否使用 TLS 连接
- bind_dn: 绑定到 LDAP 服务的 DN
- password: 与给定 bind DN 关联的密码
- password_type:
sha1
或plaintext
。当 URI 是 LDAPS 时,我使用 plaintext。
为 LDAP 实体管理器和服务的依赖注入
services:
myldap_entity_manager:
class: Ucsf\LdapOrmBundle\Ldap\LdapEntityManager
public: true
arguments: ["@logger", "@annotation_reader", "%some_ldap_server%"]
comexample_person_service:
class: MyBundle\ComExamplePersonService
arguments: [ @myldap_entity_manager ]
创建实体(通常用于表示对象类)
/**
* Represents a ComExamplePerson object class, which is a subclass of InetOrgPerson
*
* @ObjectClass("comExamplePerson")
* @SearchDn("ou=people,dc=example,dc=come")
* @Dn("uid={{ entity.uid }},ou=people,dc=example,dc=com")
*/
class ComExamplePerson extends InetOrgPerson
{
/**
* @Attribute("comExampleFavoriteIceCreamFlavor")
* @Must()
* @ArrayField()
*
* The @Attribute annotation relates the $comExampleFavoriteIceCreamFlavor member variable to the
* 'comExampleFavoriteIceCreamFlavor' attribute within the ComExamplePerson object class in LDAP.
* You don't have to name the PHP variable the same as your attribute name, but it helps to be
* consistent in this way.
*
* The @Must annotation requires this attribute to not be empty when persisting back to LDAP. If
* a @Must requirement is not satisfied, attempting to persist the entry will throw
* a MissingMustAttributeException.
*
* The @ArrayField aannotation tells the LDAP Entity Manager, repositories and services to treat
* this attribute as a multi-value LDAP field. This is unfortunately backwards from LDAP's default
* to multi-value an attribute. Baring miracles (i.e. finding the time), this will probably not be "fixed".
*
*/
protected $comExampleFavoriteIceCreamFlavor;
...
public function getComExampleFavoriteIceCreamFlavor() {
return $this->comExampleFavoriteIceCreamFlavor;
}
public function setComExampleFavoriteIceCreamFlavor($comExampleFavoriteIceCreamFlavor) {
$this->comExampleFavoriteIceCreamFlavor = $comExampleFavoriteIceCreamFlavor;
}
...
}
编写服务代码
class ComExamplePersonService {
protected $comExamplePersonRepository;
public function __construct(LdapEntityManager $entityManager) {
// Make a repo for ComExamplePerson entities
$this->comExamplePersonRepository = $entityManager->getRepository(ComExamplePerson::class);
// Make a another repo for SomethignElse entities (just another example...)
$this->somethingElseRepository = $entityManager->getRepository(SomethingElse::class);
...
}
public function getPersonByUid($uid, $includeAddress = false, $attributes = null) {
$person = $this->comExampePersonRepository->findByUid($uid, $attributes);
...
return $person;
}
一个控制器...来完善它
class PeopleController extends Controller {
/**
* @Route("/person/detail/{uid}")
* @Template()
*/
public function detailAction(Request $request, $uid)
{
$comExamplePersonService = $this->get('comexample_person_service');
$person = $comExamplePersonService->getPersonByUid($uid);
...
return array('person' => $person);
}
待办事项
去除对通用 LDAP 配置的需求配置文档开发示例- 重写测试套件(进行中...)
- 移除过时的搜索结果迭代器