-
Notifications
You must be signed in to change notification settings - Fork 0
/
carte-pro.php
75 lines (62 loc) · 2.33 KB
/
carte-pro.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
<?php // -*-PHP-*-
require_once ('config/config.inc.php');
require_once ('lib/supannPerson.inc.php');
$CARTE_ETU_ALLOWED_ATTRS = [
'sn' => 'sn', 'givenName' => 'givenName',
'supannEmpId' => 'supannEmpId',
'employeeNumber' => 'employeeNumber',
'employeeType' => 'employeeType',
'eduPersonPrimaryAffiliation' => 'eduPersonPrimaryAffiliation',
'up1Profile' => 'MULTI',
];
initPhpCAS();
if (!phpCAS::checkAuthentication()) {
echoJson([ "error" => "Unauthorized", "cas_login_url" => 'https://' . $GLOBALS['CAS_HOST'] . $GLOBALS['CAS_CONTEXT'] . '/login' ]);
exit(0);
}
$uid = phpCAS::getUser();
// to access supannCodeINE, employeeNumber
$LDAP_CONNECT = $GLOBALS['LDAP_CONNECT_LEVEL2'];
$impersonate = GET_or_NULL("uid");
if ($impersonate) {
if (existsLdap($GLOBALS['PEOPLE_DN'], "(&(uid=$uid)" . $GLOBALS['LEVEL1_FILTER'] . ")")) {
$uid = $impersonate;
} else {
error_log("not allowing $uid to impersonate");
}
}
$attrs = getFirstLdapInfo($PEOPLE_DN, "(&(uid=$uid)(employeeNumber=*)(supannEntiteAffectationPrincipale=*))", $CARTE_ETU_ALLOWED_ATTRS);
if (!$attrs) {
echoJson([ "error" => "Unauthorized" ]);
exit(0);
}
$profiles = getAndUnset($attrs, 'up1Profile');
if ($profiles) {
foreach ($profiles as $profile) {
if (!preg_match('/^\[up1Source={HARPEGE}(\w+)/', $profile, $m)) continue;
$pro_profile = $m[1];
if ($pro_profile === 'carriere') {
$attrs['statut'] = 'Fonctionnaire';
break;
}
if ($pro_profile === 'contrat') {
$attrs['statut'] = getAndUnset($attrs, 'employeeType');
}
if ($pro_profile === 'heberge') {
if (in_array($attrs['employeeType'], ['Chargé de recherche', 'Directeur de recherche'])) {
$attrs['statut'] = "Chercheur statutaire";
} else if (in_array($attrs['employeeType'], ['Professeur émérite', 'Professeur invité', 'Personnel EPST/'])) {
$attrs['statut'] = getAndUnset($attrs, 'employeeType');
} else {
getAndUnset($attrs, 'employeeType');
$attrs['statut'] = $attrs['eduPersonPrimaryAffiliation'] === 'researcher' ? 'Chercheur' : 'Personnel hébergé';
}
}
}
}
if (!$attrs) {
echoJson([ "error" => "Unauthorized" ]);
exit(0);
}
echoJson($attrs);
?>