YunoHost-Apps/aeneria_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/aeneria_ynh.git synced 2024-09-03 18:06:15 +02:00
Code Issues Activity Actions

Merge ba217c6e2a into e8f2b3d1a6

Browse source
This commit is contained in:
YunoHost Bot 2024-08-31 13:06:33 +02:00 committed by GitHub
commit 87191671de
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
12 changed files with 86 additions and 310 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
conf/aeneria.cron
View file

@ -1,2 +1,2 @@
__MINUTES__ __HOUR__-23/3 * * * __APP__ /usr/bin/php__PHPVERSION__ __INSTALL_DIR__/bin/console aeneria:fetch-data
*/15 * * * * __APP__ /usr/bin/php__PHPVERSION__ __INSTALL_DIR__/bin/console aeneria:pending-action:process-expired
__MINUTES__ __HOUR__-23/3 * * * __APP__ /usr/bin/php__PHP_VERSION__ __INSTALL_DIR__/bin/console aeneria:fetch-data
*/15 * * * * __APP__ /usr/bin/php__PHP_VERSION__ __INSTALL_DIR__/bin/console aeneria:pending-action:process-expired

4
conf/extra_php-fpm.conf
View file

@ -1,4 +0,0 @@
; Additional php.ini defines, specific to this pool of workers.
php_admin_value[upload_max_filesize] = 50M
php_admin_value[post_max_size] = 50M

6
conf/nginx.conf
View file

@ -9,7 +9,7 @@ location __PATH__/ {
fastcgi_read_timeout 60m;
client_max_body_size 50M;
try_files $uri @__NAME__;
try_files $uri @__APP__;
location ~ ^__PATH__/index\.php(/|$) {
include fastcgi_params;
@ -17,7 +17,7 @@ location __PATH__/ {
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock;
fastcgi_intercept_errors on;
}
@ -31,6 +31,6 @@ location __PATH__/ {
include conf.d/yunohost_panel.conf.inc;
}
location @__NAME__ {
location @__APP__ {
rewrite ^ __PATH__/index.php/$is_args$args;
}

4
manifest.toml
View file

@ -17,7 +17,8 @@ code = "https://gitlab.com/aeneria/aeneria-app"
demo = "https://demo.aeneria.com"
[integration]
yunohost = ">= 11.2"
yunohost = ">= 11.2.18"
helpers_version = "2.1"
architectures = "all"
multi_instance = true
@ -51,6 +52,7 @@ ram.runtime = "50M"
[resources.system_user]
[resources.install_dir]
group = "www-data:r-x"
[resources.permissions]
main.url = "/"

18
scripts/_common.sh
View file

@ -1,11 +1,7 @@
#!/bin/bash
#=================================================
# COMMON VARIABLES
#=================================================
#=================================================
# PERSONAL HELPERS
# COMMON VARIABLES AND CUSTOM HELPERS
#=================================================
# Assign two variables:
@ -19,14 +15,10 @@
generate_random_minutes_hour () {
minutes="$(ynh_string_random --length=1 --filter=0-5)$(ynh_string_random --length=1 --filter=0-9)"
hour="$(ynh_string_random --length=1 --filter=0-2)"
ynh_app_setting_set --app=$app --key=minutes --value=$minutes
ynh_app_setting_set --app=$app --key=hour --value=$hour
ynh_app_setting_set --key=minutes --value=$minutes
ynh_app_setting_set --key=hour --value=$hour
}
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
# Check available space before creating a temp directory.
#
# usage: ynh_smart_mktemp --min_size="Min size"
@ -63,7 +55,3 @@ ynh_smart_mktemp () {
echo "$(mktemp --directory --tmpdir="$tmpdir")"
}
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================

25
scripts/backup
View file

@ -1,37 +1,28 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
ynh_print_info "Declaring files to be backed up..."
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$install_dir"
ynh_backup "$install_dir"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
@ -39,17 +30,17 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="/etc/cron.d/$app"
ynh_backup "/etc/cron.d/$app"
#=================================================
# BACKUP THE PSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the PSQL database..."
ynh_print_info "Backing up the PSQL database..."
ynh_psql_dump_db --database="$db_name" > db.sql
ynh_psql_dump_db > db.sql
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

16
scripts/change_url
View file

@ -1,11 +1,5 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
@ -19,21 +13,19 @@ source /usr/share/yunohost/helpers
# If the app is currently installed under a path, we warn the admin
# that he should move the app under its own domain
if [ "$path" != "/" ]; then
ynh_die --message="Since version 2.0.0, $app need to be installed under its own domain. \
ynh_die "Since version 2.0.0, $app need to be installed under its own domain. \
Before upgrading, change $app URL: delete the path and switch to a new domain if needed."
fi
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=3
ynh_script_progression "Updating NGINX web server configuration..."
ynh_change_url_nginx_config
ynh_config_change_url_nginx
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for $app" --last
ynh_script_progression "Change of URL completed for $app"

45
scripts/install
View file

@ -1,11 +1,5 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
@ -14,70 +8,69 @@ source /usr/share/yunohost/helpers
#=================================================
deskey=$(ynh_string_random --length=24)
ynh_app_setting_set --app=$app --key=deskey --value=$deskey
ynh_app_setting_set --key=deskey --value=$deskey
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=1
ynh_script_progression "Setting up source files..."
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir"
chown -R $app:www-data "$install_dir"
chmod -R 750 "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R 750 "$install_dir"
#=================================================
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
ynh_script_progression "Adding system configurations related to $app..."
# Create a dedicated NGINX config
ynh_add_nginx_config
ynh_config_add_nginx
# Create a dedicated PHP-FPM config
ynh_add_fpm_config
ynh_config_add_phpfpm
#=================================================
# SPECIFIC SETUP
#=================================================
# CONFIGURE AENERIA
#=================================================
ynh_script_progression --message="Configuring $app..." --weight=1
ynh_script_progression "Configuring $app..."
ynh_add_config --template=".env" --destination="$install_dir/.env"
ynh_config_add --template=".env" --destination="$install_dir/.env"
# Restrict rights to aeneria user only
chmod 600 "$install_dir/.env"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 600 "$install_dir/.env"
#=================================================
# INSTALL AENERIA
#=================================================
ynh_script_progression --message="Installing aeneria..." --weight=1
ynh_script_progression "Installing aeneria..."
# Install aeneria
pushd $install_dir
ynh_exec_as $app php$phpversion bin/console aeneria:install "$app" -n
ynh_exec_as_app php$php_version bin/console aeneria:install "$app" -n
# Create admin user
mail=$(ynh_user_get_info --username="$admin" --key='mail')
ynh_exec_as $app php$phpversion bin/console aeneria:user:add "$mail" "$(ynh_string_random)" -n
ynh_exec_as $app php$phpversion bin/console aeneria:user:grant "$mail"
ynh_exec_as_app php$php_version bin/console aeneria:user:add "$mail" "$(ynh_string_random)" -n
ynh_exec_as_app php$php_version bin/console aeneria:user:grant "$mail"
popd
#=================================================
# SET UP CRON JOB
#=================================================
ynh_script_progression --message="Setuping a cron..." --weight=1
ynh_script_progression "Setuping a cron..."
# Generate random running schedule, and save $hour and $minutes as app parameters
generate_random_minutes_hour
ynh_add_config --template="aeneria.cron" --destination="/etc/cron.d/$app"
chown root: "/etc/cron.d/$app"
chmod 644 "/etc/cron.d/$app"
ynh_config_add --template="aeneria.cron" --destination="/etc/cron.d/$app"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown root: "/etc/cron.d/$app"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 "/etc/cron.d/$app"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last
ynh_script_progression "Installation of $app completed"

16
scripts/remove
View file

@ -1,30 +1,24 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
ynh_script_progression "Removing system configurations related to $app..."
# Remove the dedicated NGINX config
ynh_remove_nginx_config
ynh_config_remove_nginx
# Remove the dedicated PHP-FPM config
ynh_remove_fpm_config
ynh_config_remove_phpfpm
# Remove a cron file
ynh_secure_remove --file="/etc/cron.d/$app"
ynh_safe_rm "/etc/cron.d/$app"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --last
ynh_script_progression "Removal of $app completed"

37
scripts/restore
View file

@ -1,11 +1,5 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
@ -13,46 +7,43 @@ source /usr/share/yunohost/helpers
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1
ynh_script_progression "Restoring the app main directory..."
ynh_restore_file --origin_path="$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
ynh_restore "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
#=================================================
# RESTORE THE PSQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the PSQL database..." --weight=1
ynh_script_progression "Restoring the PSQL database..."
ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
ynh_psql_db_shell < ./db.sql
#=================================================
# RESTORE SYSTEM CONFIGURATIONS
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
ynh_script_progression "Restoring system configurations related to $app..."
# Restore the file first, so it can have a backup if different
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
ynh_restore "/etc/php/$php_version/fpm/pool.d/$app.conf"
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/cron.d/$app"
ynh_restore "/etc/cron.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1
ynh_script_progression "Reloading NGINX web server and PHP-FPM..."
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemctl --service=php$php_version-fpm --action=reload
ynh_systemctl --service=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --last
ynh_script_progression "Restoration completed for $app"

64
scripts/upgrade
View file

@ -1,26 +1,12 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
ynh_script_progression "Ensuring downward compatibility..."
# If minutes or hour do not exist, create them
if [ -z "${minutes:-}" ] || [ -z "${hour:-}" ]; then
@ -34,7 +20,7 @@ fi
# If the app is currently installed under a path, we warn the admin
# that he should move the app under its own domain
if [ "$path" != "/" ]; then
ynh_die --message="Since version 2.0.0, $app need to be installed under its own domain. \
ynh_die "Since version 2.0.0, $app need to be installed under its own domain. \
Before upgrading, change $app URL: delete the path and switch to a new domain if needed."
fi
@ -42,9 +28,10 @@ fi
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed
if ynh_app_upstream_version_changed
then
ynh_script_progression --message="Upgrading source files..."
ynh_script_progression "Upgrading source files..."
# For aeneria source update, we use a temporary directory because
# without it, patches can't be apply correctly:
@ -62,66 +49,65 @@ then
mv "$install_dir/private" "$tmpdir"
# Replace the old aeneria by the new one
ynh_secure_remove --file="$install_dir"
ynh_safe_rm "$install_dir"
mv "$tmpdir" "$install_dir"
ynh_secure_remove --file="$tmpdir"
ynh_safe_rm "$tmpdir"
fi
chown -R $app:www-data "$install_dir"
chmod -R 750 "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R 750 "$install_dir"
#=================================================
# REAPPLY SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
ynh_script_progression "Upgrading system configurations related to $app..."
# Create a dedicated NGINX config
ynh_add_nginx_config
ynh_config_add_nginx
# Create a dedicated PHP-FPM config
ynh_add_fpm_config
ynh_config_add_phpfpm
ynh_add_config --template="aeneria.cron" --destination="/etc/cron.d/$app"
chown root: "/etc/cron.d/$app"
chmod 644 "/etc/cron.d/$app"
ynh_config_add --template="aeneria.cron" --destination="/etc/cron.d/$app"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown root: "/etc/cron.d/$app"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 "/etc/cron.d/$app"
#=================================================
# SPECIFIC SETUP
#=================================================
# CONFIGURE AENERIA
#=================================================
ynh_script_progression --message="Configuring $app..." --weight=1
ynh_script_progression "Configuring $app..."
ynh_add_config --template=".env" --destination="$install_dir/.env"
ynh_config_add --template=".env" --destination="$install_dir/.env"
# Restrict rights to aeneria user only
chmod 600 "$install_dir/.env"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 600 "$install_dir/.env"
#=================================================
# UPGRADE AENERIA
#=================================================
ynh_script_progression --message="Upgrading $app..." --weight=1
ynh_script_progression "Upgrading $app..."
# Install dependencies and aeneria
pushd $install_dir
ynh_exec_as $app php$phpversion bin/console cache:clear -n
ynh_exec_as $app php$phpversion bin/console doctrine:migrations:migrate -n
ynh_exec_as_app php$php_version bin/console cache:clear -n
ynh_exec_as_app php$php_version bin/console doctrine:migrations:migrate -n
# Set admin user
mail=$(ynh_user_get_info --username="$admin" --key='mail')
user_exists=$(ynh_exec_as $app php$phpversion bin/console aeneria:user:exist "$mail")
user_exists=$(ynh_exec_as_app php$php_version bin/console aeneria:user:exist "$mail")
if [ $user_exists -eq 0 ]
then
user_pass=$(ynh_string_random)
ynh_exec_as $app php$phpversion bin/console aeneria:user:add "$mail" "$user_pass" -n
ynh_exec_as_app php$php_version bin/console aeneria:user:add "$mail" "$user_pass" -n
fi
# Regenerate RSA keys
ynh_exec_as $app php$phpversion bin/console aeneria:generate-key -n
ynh_exec_as_app php$php_version bin/console aeneria:generate-key -n
popd
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last
ynh_script_progression "Upgrade of $app completed"

157
sources/patches/main-00-ldap-auth.patch
View file

@ -1,157 +0,0 @@
commit 7a3e622666fa16ab124158cffec73d9a3e6748bf
Author: Simon Mellerin <simon.mellerin@makina-corpus.com>
Date: Sun Jan 7 16:25:06 2024 +0100
YNH LDAP
diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 6c4457f1..e716ba39 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -11,6 +11,11 @@ security:
entity:
class: App\Entity\User
property: username
+ ldap_user_provider:
+ id: ynh.ldap.user.provider
+ all_users:
+ chain:
+ providers: ['ldap_user_provider', 'app_user_provider']
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
@@ -22,7 +27,12 @@ security:
form_login:
login_path: security.login
check_path: security.login
+ provider: app_user_provider
enable_csrf: true
+ http_basic_ldap:
+ provider: ldap_user_provider
+ service: ynh.ldap
+ dn_string: 'uid={username},ou=users,dc=yunohost,dc=org'
logout:
path: security.logout
target: security.login
diff --git a/config/services.yaml b/config/services.yaml
index 3e770913..83fbec0d 100644
--- a/config/services.yaml
+++ b/config/services.yaml
@@ -104,3 +104,21 @@ services:
Aeneria\GrdfAdictApi\Client\GrdfAdictClientInterface:
alias: Aeneria\GrdfAdictApi\Client\GrdfAdictClient
+
+ ynh.ldap.user.provider:
+ class: App\Security\YnhLdapUserProvider
+ arguments:
+ $ldap: '@ynh.ldap'
+ $baseDn: "dc=yunohost,dc=org"
+ # $searchDn: 'uid={username},ou=users,dc=yunohost,dc=org'
+ $uidKey: "uid"
+
+ ynh.ldap:
+ class: Symfony\Component\Ldap\Ldap
+ arguments: ['@ynh.ldap.adapter']
+ tags: ['ldap']
+
+ ynh.ldap.adapter:
+ class: Symfony\Component\Ldap\Adapter\ExtLdap\Adapter
+ arguments:
+ - host: "localhost"
diff --git a/src/Security/YnhLdapUserProvider.php b/src/Security/YnhLdapUserProvider.php
new file mode 100755
index 00000000..eb8b1149
--- /dev/null
+++ b/src/Security/YnhLdapUserProvider.php
@@ -0,0 +1,89 @@
+<?php
+
+namespace App\Security;
+
+use App\Entity\User;
+use App\Repository\UserRepository;
+use Doctrine\ORM\EntityManagerInterface;
+use Symfony\Component\Ldap\Entry;
+use Symfony\Component\Ldap\LdapInterface;
+use Symfony\Component\Ldap\Security\LdapUserProvider as SecurityLdapUserProvider;
+use Symfony\Component\Security\Core\User\UserInterface;
+
+class YnhLdapUserProvider extends SecurityLdapUserProvider
+{
+ public function __construct(
+ private EntityManagerInterface $entityManager,
+ private UserRepository $userRepository,
+ LdapInterface $ldap,
+ string $baseDn,
+ string $searchDn = null,
+ string $searchPassword = null,
+ array $defaultRoles = [],
+ string $uidKey = null,
+ string $filter = null,
+ string $passwordAttribute = null,
+ array $extraFields = [])
+ {
+ parent::__construct(
+ $ldap,
+ $baseDn,
+ $searchDn,
+ $searchPassword,
+ $defaultRoles,
+ $uidKey,
+ $filter,
+ $passwordAttribute,
+ $extraFields,
+ );
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function upgradePassword($user, string $newHashedPassword): void
+ {
+ return;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function supportsClass(string $class)
+ {
+ return User::class === $class;
+ }
+
+ /**
+ * Loads a user from an LDAP entry.
+ *
+ * @return UserInterface
+ */
+ protected function loadUser(string $identifier, Entry $entry)
+ {
+ $email = $entry->getAttribute('mail');
+
+ // Dans le cadre de la connexion LDAP Yunohost,
+ // on cherche l'utilisateur par son mail.
+ //
+ $user = $this->userRepository->findOneBy(['username' => $email]);
+
+ // Si l'utilisateur n'existe pas encore, on le crée.
+ if (!$user) {
+ $user = (new User())
+ ->setUsername(\reset($email))
+ ->setPassword(\bin2hex(\random_bytes(32)))
+ ->setActive(true)
+ ->setUpdatedAt(new \DateTimeImmutable())
+ ;
+
+ $this->entityManager->persist($user);
+ $this->entityManager->flush();
+ }
+
+ return $user
+ ->setUsername(\reset($email))
+ ->setUserIdentifier($identifier)
+ ;
+ }
+}
+