itk-dev / azure-ad-delta-sync-bundle
Symfony bundle that enables the Azure AD Delta Sync flow
Installs: 3
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 3
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- php: ^7.4 || ^8.0
- doctrine/orm: ^2.9
- itk-dev/azure-ad-delta-sync: ^1.0
- symfony/console: ^5.2
- symfony/framework-bundle: ^5.2
- symfony/lock: ^5.2
- symfony/property-access: ^5.2
- symfony/yaml: ^5.2
Requires (Dev)
This package is auto-updated.
Last update: 2024-11-12 13:46:38 UTC
README
Symfony bundle for Azure AD Delta Sync flow.
Installation
To install run
composer require itk-dev/azure-ad-delta-sync-bundle
Usage
Before being able to use the bundle, you must have
your own User
entity, UserRepository
and database setup.
You will need to configure variables for
Microsoft groups, the above mentioned User
entity
and cache pool:
Variable configuration
In /config/packages
you need the following itkdev_azure_ad_delta_sync.yaml
file:
itkdev_azure_ad_delta_sync: azure_ad_delta_sync_options: tenant_id: 'some_tenant_id' client_id: 'some_client_id' client_secret: 'some_client_secret' group_id: 'some_group_id' user_options: system_user_class: 'App\Entity\User' system_user_property: 'some_user_property' azure_ad_user_property: 'some_azure_ad_user_property' cache_options: cache_pool: 'cache.app'
Here the azure_ad_user_property
should be a property on the
Azure AD user that is equivalent to the system_user_property
,
as this is how we compare system users with Microsoft group users.
For this reason the comparing property must also be unique.
Listening to DeleteUserEvent
The bundle dispatches a DeleteUserEvent
containing
a list of user properties (system_user_property
) for potential removal.
The using system should implement logic to ensure
these users are not deleted unintentionally.
Therefore, the using system will need to implement an EventListener
or EventSubscriber that listens to the DeleteUserEvent
.
Example EventSubscriber
<?php namespace App\EventSubscriber; use ItkDev\AzureAdDeltaSyncBundle\Event\DeleteUserEvent; use Symfony\Component\EventDispatcher\EventSubscriberInterface; class DeleteUserEventSubscriber implements EventSubscriberInterface { public static function getSubscribedEvents(): array { return [ DeleteUserEvent::class => 'deleteUsers', ]; } public function deleteUsers(DeleteUserEvent $event) { // User deletion logic here } }
Starting the flow
To start the flow the using system execute the follow CLI command:
php bin/console delta-sync:run
It is up to the using system to decide how and when to run this command.
Development Setup
A docker-compose.yml
file with a PHP 7.4 image is included in this project.
To install the dependencies you can run
docker compose up -d
docker compose exec phpfpm composer install
Unit Testing
We use PHPUnit for unit testing. To run the tests:
docker compose exec phpfpm composer install docker compose exec phpfpm ./vendor/bin/phpunit tests
The test suite uses Mocks for generation of test doubles.
Check Coding Standard
-
PHP files (PHP_CodeSniffer)
docker compose exec phpfpm composer check-coding-standards
-
Markdown files (markdownlint standard rules)
docker run -v ${PWD}:/app itkdev/yarn:latest install docker run -v ${PWD}:/app itkdev/yarn:latest check-coding-standards
GitHub Actions
All code checks mentioned above are automatically run by GitHub Actions when a pull request is created.
To run the actions locally, install act and run
act -P ubuntu-latest=shivammathur/node:focal pull_request
Use act -P ubuntu-latest=shivammathur/node:focal pull_request --list
to see
individual workflow jobs that can be run, e.g.
act -P ubuntu-latest=shivammathur/node:focal pull_request --job phpcsfixer
Apply Coding Standards
-
PHP files (PHP_CodeSniffer)
docker compose exec phpfpm composer apply-coding-standards
-
Markdown files (markdownlint standard rules)
docker run -v ${PWD}:/app itkdev/yarn:latest install docker run -v ${PWD}:/app itkdev/yarn:latest apply-coding-standards
Versioning
We use SemVer for versioning. For the versions available, see the tags on this repository.
License
This project is licensed under the MIT License - see the LICENSE.md file for details