changement au niveau de requetes adaptés aux collaborateurs AD
This commit is contained in:
128
project/public/php/initial-sync.php
Normal file
128
project/public/php/initial-sync.php
Normal file
@@ -0,0 +1,128 @@
|
||||
<?php
|
||||
header("Access-Control-Allow-Origin: *");
|
||||
header("Content-Type: application/json");
|
||||
header("Access-Control-Allow-Headers: Content-Type, Authorization");
|
||||
|
||||
// --- Connexion DB ---
|
||||
$host = "192.168.0.4";
|
||||
$dbname = "DemandeConge";
|
||||
$username = "wpuser";
|
||||
$password = "-2b/)ru5/Bi8P[7_";
|
||||
$conn = new mysqli($host, $username, $password, $dbname);
|
||||
if ($conn->connect_error) {
|
||||
die(json_encode(["success" => false, "message" => "Erreur DB: " . $conn->connect_error]));
|
||||
}
|
||||
|
||||
// --- Authentification (client credentials) ---
|
||||
$tenantId = "9840a2a0-6ae1-4688-b03d-d2ec291be0f9";
|
||||
$clientId = "4bb4cc24-bac3-427c-b02c-5d14fc67b561";
|
||||
$clientSecret = "ViC8Q~n4F5YweE18wjS0kfhp3kHh6LB2gZ76_b4R";
|
||||
$scope = "https://graph.microsoft.com/.default";
|
||||
|
||||
$url = "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token";
|
||||
$data = [
|
||||
"grant_type" => "client_credentials",
|
||||
"client_id" => $clientId,
|
||||
"client_secret" => $clientSecret,
|
||||
"scope" => $scope
|
||||
];
|
||||
|
||||
$ch = curl_init();
|
||||
curl_setopt($ch, CURLOPT_URL, $url);
|
||||
curl_setopt($ch, CURLOPT_POST, true);
|
||||
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
$result = curl_exec($ch);
|
||||
curl_close($ch);
|
||||
|
||||
$tokenData = json_decode($result, true);
|
||||
$accessToken = $tokenData["access_token"] ?? "";
|
||||
if (!$accessToken) {
|
||||
die(json_encode(["success" => false, "message" => "Impossible d'obtenir un token Microsoft", "details" => $tokenData]));
|
||||
}
|
||||
|
||||
// --- ID du groupe cible (Ensup-Groupe) ---
|
||||
$groupId = "c1ea877c-6bca-4f47-bfad-f223640813a0"; // 🔹 Mets l'Object ID de ton groupe ici
|
||||
|
||||
$urlGroup = "https://graph.microsoft.com/v1.0/groups/$groupId?\$select=id,displayName,description,mail,createdDateTime";
|
||||
$ch = curl_init($urlGroup);
|
||||
curl_setopt($ch, CURLOPT_HTTPHEADER, ["Authorization: Bearer $accessToken"]);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
$respGroup = curl_exec($ch);
|
||||
curl_close($ch);
|
||||
|
||||
$group = json_decode($respGroup, true);
|
||||
if (!isset($group["id"])) {
|
||||
die(json_encode(["success" => false, "message" => "Impossible de récupérer le groupe Ensup-Groupe"]));
|
||||
}
|
||||
|
||||
$displayName = $group["displayName"] ?? "";
|
||||
$description = $group["description"] ?? "";
|
||||
$mail = $group["mail"] ?? "";
|
||||
$createdAt = null;
|
||||
if (!empty($group["createdDateTime"])) {
|
||||
$dt = new DateTime($group["createdDateTime"]);
|
||||
$createdAt = $dt->format("Y-m-d H:i:s"); // format MySQL
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
// --- Insérer / mettre à jour le groupe dans EntraGroups ---
|
||||
$stmt = $conn->prepare("INSERT INTO EntraGroups (Id, DisplayName, Description, Mail, CreatedAt, UpdatedAt, SyncDate, IsActive)
|
||||
VALUES (?, ?, ?, ?, ?, NOW(), NOW(), 1)
|
||||
ON DUPLICATE KEY UPDATE
|
||||
DisplayName=?, Description=?, Mail=?, UpdatedAt=NOW(), SyncDate=NOW(), IsActive=1");
|
||||
if ($stmt) {
|
||||
$stmt->bind_param("ssssssss",
|
||||
$groupId, $displayName, $description, $mail, $createdAt,
|
||||
$displayName, $description, $mail
|
||||
);
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
|
||||
|
||||
// --- Récupérer les membres du groupe ---
|
||||
$urlMembers = "https://graph.microsoft.com/v1.0/groups/$groupId/members?\$select=id,givenName,surname,mail,department,jobTitle";
|
||||
$ch = curl_init($urlMembers);
|
||||
curl_setopt($ch, CURLOPT_HTTPHEADER, ["Authorization: Bearer $accessToken"]);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
$respMembers = curl_exec($ch);
|
||||
curl_close($ch);
|
||||
|
||||
$members = json_decode($respMembers, true)["value"] ?? [];
|
||||
|
||||
$usersInserted = 0;
|
||||
foreach ($members as $m) {
|
||||
$entraUserId = $m["id"];
|
||||
$prenom = $m["givenName"] ?? "";
|
||||
$nom = $m["surname"] ?? "";
|
||||
$email = $m["mail"] ?? "";
|
||||
$service = $m["department"] ?? "";
|
||||
$role = "Collaborateur"; // par défaut
|
||||
|
||||
if (!$email) continue;
|
||||
|
||||
$stmt = $conn->prepare("INSERT INTO CollaborateurAD (entraUserId, prenom, nom, email, service, role)
|
||||
VALUES (?, ?, ?, ?, ?, ?)
|
||||
ON DUPLICATE KEY UPDATE prenom=?, nom=?, email=?, service=?, role=?");
|
||||
if ($stmt) {
|
||||
$stmt->bind_param("sssssssssss",
|
||||
$entraUserId, $prenom, $nom, $email, $service, $role,
|
||||
$prenom, $nom, $email, $service, $role
|
||||
);
|
||||
$stmt->execute();
|
||||
$usersInserted++;
|
||||
}
|
||||
}
|
||||
|
||||
echo json_encode([
|
||||
"success" => true,
|
||||
"message" => "Synchronisation terminée",
|
||||
"groupe_sync" => $displayName,
|
||||
"users_sync" => $usersInserted
|
||||
]);
|
||||
|
||||
$conn->close();
|
||||
?>
|
||||
Reference in New Issue
Block a user