Club Drupal

 * Bulk of authorization code executed to determine a users authorizations.

 */

/**

 */

function ldap_authorization_help_watchdog() {

  $path = drupal_get_path("module", "ldap_help");

  $_content = "";

  if (module_exists('dblog')) {

    include_once drupal_get_path('module', 'dblog') . '/dblog.admin.inc';

    $_content .= "<h3>" . t('LDAP Watchdog Errors and Notifications') . "</h3>";

    $overview = dblog_overview();

    $_content .= render($overview);

function _ldap_authorizations_user_authorizations(&$user, $op, $consumer_type, $context) {

  $debug = FALSE;

  $detailed_watchdog_log = variable_get('ldap_help_watchdog_detail', 0);

  $consumers = ldap_authorization_get_consumers($consumer_type, TRUE, FALSE);

  $servers = ldap_servers_get_servers(NULL, 'enabled', TRUE);

    }

    $notifications['all'] = LDAP_AUTHORIZATION_NOT_APPLY_USER_1;

    foreach ($consumers as $consumer_type => $consumer) {

    }

  }

  /**

  $watchdog_tokens['%ldap_authenticated'] = ($ldap_authenticated) ? 'yes' : 'no';

  foreach ($consumers as $consumer_type => $consumer) {

    /**

    * each consumer type has only one consumer conf and each consumer conf has only one ldap server id (sid)

    * so there is a one-to-one-to-one relationship between:

    if (!$consumer->consumerConf->status) {

      continue;

    }

    $watchdog_tokens['%consumer_type'] = $consumer_type;

    $watchdog_tokens['%sid'] = $consumer->consumerConf->sid;

    foreach ($proposed_ldap_authorizations as $key => $authorization_id) {

      if ($consumer->consumerConf->useFirstAttrAsGroupId) {

        $attr_parts = ldap_explode_dn($authorization_id, 0);

          $first_part = explode('=', $attr_parts[0]);

          if (count($first_part) > 1) {

            $authorization_id = ldap_pear_unescape_dn_value(trim($first_part[1]));

    }

    if ($detailed_watchdog_log || $debug) {

      $watchdog_tokens['%proposed_authorizations'] = join(', ', $_proposed_ldap_authorizations);

    }

    if ($detailed_watchdog_log) {

     * an array of filtered and mapped authorization ids

     */

    // Filter + map.

    if ($consumer->consumerConf->useMappingsAsFilter) {

      foreach ($consumer->consumerConf->mappings as $mapping_filter) {

        $map_from = $mapping_filter['from'];

        $map_to = $mapping_filter['normalized'];

        if (isset($proposed_ldap_authorizations[drupal_strtolower($map_from)])) {

        }

      }

    }

          $map_from_key = array_search(drupal_strtolower($map_from), array_keys($proposed_ldap_authorizations));

          if ($map_from_key !== FALSE) {

            // Remove non mapped authorization.

            // Add mapped authorization.

            $_authorizations[] = $map_to;

          }

        }

      }

      foreach ($_authorizations as $i => $authorization_id) {

          'map_to_string' => $authorization_id,

          'exists' => NULL,

          'value' => $authorization_id,

      }

    }

     *

     * @see ldap_authorization.api.php hook_ldap_authorization_authorizations_alter() notes

     */

      'user' => $user,

      'ldap_user' => $ldap_user,

      'ldap_server' => $ldap_server,

      'consumer' => $consumer,

    drupal_alter('ldap_authorization_authorizations', $filtered_ldap_authorizations, $params);

    }

    if ($op == 'test_query' || $op == 'test_query_set') {

      foreach ($filtered_ldap_authorizations as $consumer_id => $_consumer) {

        $display_authorizations[] = $_consumer['map_to_string'];

      }

    $authorizations[$consumer_type] = $filtered_ldap_authorizations;

  } //  end foreach $consumers

}

 * @param object $consumer

 *   is instance of an authorization consumer class

 *   such as LdapAuthorizationConsumerDrupalRole.

 *   mixed case strings as values $filtered_ldap_authorizations

 *   all authorization ids a user is granted via ldap authorization configuration

 * @param object $ldap_entry

    $initial_existing_ldap_authorizations = array_keys($user_auth_data);

  }

  else {

  }

  if ($test) {

   */

  // Keys are lcase, values are mixed case.

  foreach ($grants as $i => $grant) {

    if (!empty($filtered_ldap_authorizations[$grant]['exists'])) {

      $existing_grants[$grant] = $filtered_ldap_authorizations[$grant];

    $revokes_lcase = $consumer->authorizationDiff($initial_existing_ldap_authorizations, array_keys($filtered_ldap_authorizations));

    if (count($revokes_lcase)) {

      // Keys are lcase, values are mixed case.

      foreach ($revokes_lcase as $i => $revoke_lcase) {

          'value' => NULL,

          'map_to_string' => NULL,

          'exists' => TRUE,

      }

      if ($test) {

        $_SESSION['ldap_authorization_test_query']['setting_data']['Revokes'] = $revokes;

   */

  $uid = $user->uid;

  // Keep in good display order.

  $consumer->sortConsumerIds('grant', $user_auth_data);

  $user_edit['data']['ldap_authorizations'][$consumer->consumerType] = $user_auth_data;

function _ldap_authorization_ldap_authorization_maps_alter(&$user, &$user_ldap_entry, &$ldap_server, &$consumer_conf, &$authz_ids, $op) {

  $detailed_watchdog_log = variable_get('ldap_help_watchdog_detail', 0);

  // Groups extracted from user's DN. such as ou=IT => group = "IT".

  if ($rdn_values = $consumer_conf->server->groupUserMembershipsFromDn($user)) {

    $derive_from_dn_authorizations = array_combine($rdn_values, $rdn_values);

  }

  else {

  }

  if ($op == 'test_query' || $op == 'test_query_set') {

    $_SESSION['ldap_authorization_test_query']['maps']['Derive from DN'] = ($rdn_values) ? $derive_from_dn_authorizations : t('disabled');

  // Traditional groups (dns)

  $group_dns = $consumer_conf->server->groupMembershipsFromUser($user, 'group_dns');

  if (!$group_dns) {

  }

  elseif (count($group_dns)) {

    $group_dns = array_unique($group_dns);

  $values = array_merge($derive_from_dn_authorizations, $group_dns);

  $values = array_unique($values);

  if ($detailed_watchdog_log) {

    $watchdog_tokens['%username'] = $user->name;

    $watchdog_tokens['%ldap_server'] = $ldap_server->sid;