From bad25a24caad458692d0644dbae4da9fabbded88 Mon Sep 17 00:00:00 2001
From: Sergey Tverskikh <tverskih@gmail.com>
Date: Fri, 11 Oct 2013 23:07:51 +0400
Subject: [PATCH 1/2] make role prefix configurable

---
 Manager/LdapManagerUser.php          | 7 ++++---
 Manager/LdapManagerUserInterface.php | 2 +-
 Resources/config/security_ldap.xml   | 2 ++
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/Manager/LdapManagerUser.php b/Manager/LdapManagerUser.php
index 789a892..cfb27e0 100644
--- a/Manager/LdapManagerUser.php
+++ b/Manager/LdapManagerUser.php
@@ -8,13 +8,14 @@ class LdapManagerUser implements LdapManagerUserInterface
 {
     private
         $ldapConnection,
+        $rolePrefix,
         $username,
         $password,
         $params,
         $ldapUser
         ;
 
-    public function __construct(LdapConnectionInterface $conn)
+    public function __construct(LdapConnectionInterface $conn, $rolePrefix)
     {
         $this->ldapConnection = $conn;
         $this->params = $this->ldapConnection->getParameters();
@@ -33,7 +34,7 @@ public function auth()
         if (strlen($this->password) === 0) {
             return false;
         }
-        
+
         if (null === $this->ldapUser) {
             return ($this->bindByUsername() && $this->doPass());
         }
@@ -207,7 +208,7 @@ private function addLdapRoles()
             ));
 
         for ($i = 0; $i < $entries['count']; $i++) {
-            array_push($tab, sprintf('ROLE_%s',
+            array_push($tab, sprintf($this->rolePrefix . '%s',
                                      self::slugify($entries[$i][$this->params['role']['name_attribute']][0])
             ));
         }
diff --git a/Manager/LdapManagerUserInterface.php b/Manager/LdapManagerUserInterface.php
index 0198cf6..a002f16 100644
--- a/Manager/LdapManagerUserInterface.php
+++ b/Manager/LdapManagerUserInterface.php
@@ -4,7 +4,7 @@
 
 interface LdapManagerUserInterface
 {
-  function __construct(LdapConnectionInterface $conn);
+  function __construct(LdapConnectionInterface $conn, $rolePrefix);
   function exists($username);
   function auth();
   function doPass();
diff --git a/Resources/config/security_ldap.xml b/Resources/config/security_ldap.xml
index bf7cba1..1354419 100644
--- a/Resources/config/security_ldap.xml
+++ b/Resources/config/security_ldap.xml
@@ -7,6 +7,7 @@
     <parameter key="imag_ldap.security.user.provider.class">IMAG\LdapBundle\Provider\LdapUserProvider</parameter>
     <parameter key="imag_ldap.ldap_connection.class">IMAG\LdapBundle\Manager\LdapConnection</parameter>
     <parameter key="imag_ldap.ldap_manager.class">IMAG\LdapBundle\Manager\LdapManagerUser</parameter>
+    <parameter key="imag_ldap.ldap_manager.role_prefix">ROLE_</parameter>
     <parameter key="imag_ldap.security.authentication.provider.class">IMAG\LdapBundle\Provider\LdapAuthenticationProvider</parameter>
     <parameter key="imag_ldap.security.authentication.listener.class">IMAG\LdapBundle\EventListener\LdapListener</parameter>
     <parameter key="imag_ldap.security.authentication.form_entry_point.class">Symfony\Component\Security\Http\EntryPoint\FormAuthenticationEntryPoint</parameter>
@@ -32,6 +33,7 @@
 
     <service id="imag_ldap.ldap_manager" class="%imag_ldap.ldap_manager.class%">
       <argument type="service" id="imag_ldap.ldap_connection" />
+      <argument>%imag_ldap.ldap_manager.role_prefix%</argument>
     </service>
 
     <service id="imag_ldap.security.authentication.provider" class="%imag_ldap.security.authentication.provider.class%">

From a8fe7082537e672586352b76344b6dd792930f21 Mon Sep 17 00:00:00 2001
From: Sergey Tverskikh <tverskih@gmail.com>
Date: Wed, 6 Nov 2013 17:08:37 +0400
Subject: [PATCH 2/2] Make a sub prefix configurable (after ROLE_ prefix)

---
 Manager/LdapManagerUser.php        | 2 +-
 Resources/config/security_ldap.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Manager/LdapManagerUser.php b/Manager/LdapManagerUser.php
index cfb27e0..7807ddf 100644
--- a/Manager/LdapManagerUser.php
+++ b/Manager/LdapManagerUser.php
@@ -208,7 +208,7 @@ private function addLdapRoles()
             ));
 
         for ($i = 0; $i < $entries['count']; $i++) {
-            array_push($tab, sprintf($this->rolePrefix . '%s',
+            array_push($tab, sprintf('ROLE_' . $this->rolePrefix . '%s',
                                      self::slugify($entries[$i][$this->params['role']['name_attribute']][0])
             ));
         }
diff --git a/Resources/config/security_ldap.xml b/Resources/config/security_ldap.xml
index 1354419..a8cfd93 100644
--- a/Resources/config/security_ldap.xml
+++ b/Resources/config/security_ldap.xml
@@ -7,7 +7,7 @@
     <parameter key="imag_ldap.security.user.provider.class">IMAG\LdapBundle\Provider\LdapUserProvider</parameter>
     <parameter key="imag_ldap.ldap_connection.class">IMAG\LdapBundle\Manager\LdapConnection</parameter>
     <parameter key="imag_ldap.ldap_manager.class">IMAG\LdapBundle\Manager\LdapManagerUser</parameter>
-    <parameter key="imag_ldap.ldap_manager.role_prefix">ROLE_</parameter>
+    <parameter key="imag_ldap.ldap_manager.role_prefix"></parameter>
     <parameter key="imag_ldap.security.authentication.provider.class">IMAG\LdapBundle\Provider\LdapAuthenticationProvider</parameter>
     <parameter key="imag_ldap.security.authentication.listener.class">IMAG\LdapBundle\EventListener\LdapListener</parameter>
     <parameter key="imag_ldap.security.authentication.form_entry_point.class">Symfony\Component\Security\Http\EntryPoint\FormAuthenticationEntryPoint</parameter>