Révision 32700c57
Ajouté par Assos Assos il y a environ 5 ans
| drupal7/sites/all/modules/ldap/ldap_authorization/ldap_authorization_drupal_role/LdapAuthorizationConsumerRole.class.php | ||
|---|---|---|
| 14 | 14 |
public $consumerType = 'drupal_role'; |
| 15 | 15 |
public $allowConsumerObjectCreation = TRUE; |
| 16 | 16 |
|
| 17 |
public $defaultConsumerConfProperties = array(
|
|
| 17 |
public $defaultConsumerConfProperties = [
|
|
| 18 | 18 |
'onlyApplyToLdapAuthenticated' => TRUE, |
| 19 | 19 |
'useMappingsAsFilter' => TRUE, |
| 20 | 20 |
'synchOnLogon' => TRUE, |
| 21 | 21 |
'revokeLdapProvisioned' => TRUE, |
| 22 | 22 |
'regrantLdapProvisioned' => TRUE, |
| 23 | 23 |
'createConsumers' => TRUE, |
| 24 |
);
|
|
| 24 |
];
|
|
| 25 | 25 |
|
| 26 | 26 |
/** |
| 27 | 27 |
* |
| ... | ... | |
| 45 | 45 |
elseif (drupal_strlen($consumer_id) > 63) {
|
| 46 | 46 |
watchdog('ldap_authorization_drupal_role', 'Tried to create drupal role
|
| 47 | 47 |
with name of over 63 characters (%group_name). Please correct your |
| 48 |
drupal ldap_authorization settings', array('%group_name' => $consumer_id));
|
|
| 48 |
drupal ldap_authorization settings', ['%group_name' => $consumer_id]);
|
|
| 49 | 49 |
return FALSE; |
| 50 | 50 |
} |
| 51 | 51 |
|
| ... | ... | |
| 53 | 53 |
$new_role->name = empty($consumer['value']) ? $consumer_id : $consumer['value']; |
| 54 | 54 |
if (!($status = user_role_save($new_role))) {
|
| 55 | 55 |
// If role is not created, remove from array to user object doesn't have it stored as granted. |
| 56 |
watchdog('user', 'failed to create drupal role %role in ldap_authorizations module', array('%role' => $new_role->name));
|
|
| 56 |
watchdog('user', 'failed to create drupal role %role in ldap_authorizations module', ['%role' => $new_role->name]);
|
|
| 57 | 57 |
return FALSE; |
| 58 | 58 |
} |
| 59 | 59 |
else {
|
| 60 | 60 |
// Flush existingRolesByRoleName cache after creating new role. |
| 61 | 61 |
$roles_by_consumer_id = $this->existingRolesByRoleName(TRUE); |
| 62 |
watchdog('user', 'created drupal role %role in ldap_authorizations module', array('%role' => $new_role->name));
|
|
| 62 |
watchdog('user', 'created drupal role %role in ldap_authorizations module', ['%role' => $new_role->name]);
|
|
| 63 | 63 |
} |
| 64 | 64 |
return TRUE; |
| 65 | 65 |
} |
| ... | ... | |
| 119 | 119 |
} |
| 120 | 120 |
else {
|
| 121 | 121 |
unset($user->roles[$rid]); |
| 122 |
$user_edit = array('roles' => $user->roles);
|
|
| 122 |
$user_edit = ['roles' => $user->roles];
|
|
| 123 | 123 |
$account = user_load($user->uid); |
| 124 | 124 |
$user = user_save($account, $user_edit); |
| 125 | 125 |
$result = ($user && !isset($user->roles[$rid])); |
| ... | ... | |
| 131 | 131 |
if ($this->detailedWatchdogLog) {
|
| 132 | 132 |
watchdog('ldap_authorization', 'LdapAuthorizationConsumerDrupalRole.revokeSingleAuthorization()
|
| 133 | 133 |
revoked: rid=%rid, role_name=%role_name for username=%username, result=%result', |
| 134 |
array(
|
|
| 134 |
[
|
|
| 135 | 135 |
'%rid' => $rid, |
| 136 | 136 |
'%role_name' => $role_name, |
| 137 | 137 |
'%username' => $user->name, |
| 138 | 138 |
'%result' => $result, |
| 139 |
), WATCHDOG_DEBUG);
|
|
| 139 |
], WATCHDOG_DEBUG);
|
|
| 140 | 140 |
} |
| 141 | 141 |
|
| 142 | 142 |
return $result; |
| ... | ... | |
| 154 | 154 |
if (is_null($rid)) {
|
| 155 | 155 |
watchdog('ldap_authorization', 'LdapAuthorizationConsumerDrupalRole.grantSingleAuthorization()
|
| 156 | 156 |
failed to grant %username the role %role_name because role does not exist', |
| 157 |
array('%role_name' => $role_name, '%username' => $user->name),
|
|
| 157 |
['%role_name' => $role_name, '%username' => $user->name],
|
|
| 158 | 158 |
WATCHDOG_ERROR); |
| 159 | 159 |
return FALSE; |
| 160 | 160 |
} |
| 161 | 161 |
|
| 162 | 162 |
$user->roles[$rid] = $role_name; |
| 163 |
$user_edit = array('roles' => $user->roles);
|
|
| 163 |
$user_edit = ['roles' => $user->roles];
|
|
| 164 | 164 |
if ($this->detailedWatchdogLog) {
|
| 165 |
watchdog('ldap_authorization', 'grantSingleAuthorization in drupal rold' . print_r($user, TRUE), array(), WATCHDOG_DEBUG);
|
|
| 165 |
watchdog('ldap_authorization', 'grantSingleAuthorization in drupal rold' . print_r($user, TRUE), [], WATCHDOG_DEBUG);
|
|
| 166 | 166 |
} |
| 167 | 167 |
|
| 168 | 168 |
$account = user_load($user->uid); |
| ... | ... | |
| 172 | 172 |
if ($this->detailedWatchdogLog) {
|
| 173 | 173 |
watchdog('ldap_authorization', 'LdapAuthorizationConsumerDrupalRole.grantSingleAuthorization()
|
| 174 | 174 |
granted: rid=%rid, role_name=%role_name for username=%username, result=%result', |
| 175 |
array(
|
|
| 175 |
[
|
|
| 176 | 176 |
'%rid' => $rid, |
| 177 | 177 |
'%role_name' => $role_name, |
| 178 | 178 |
'%username' => $user->name, |
| 179 | 179 |
'%result' => $result, |
| 180 |
), WATCHDOG_DEBUG);
|
|
| 180 |
], WATCHDOG_DEBUG);
|
|
| 181 | 181 |
} |
| 182 | 182 |
|
| 183 | 183 |
return $result; |
| ... | ... | |
| 188 | 188 |
* |
| 189 | 189 |
*/ |
| 190 | 190 |
public function usersAuthorizations(&$user) {
|
| 191 |
$authorizations = array();
|
|
| 191 |
$authorizations = [];
|
|
| 192 | 192 |
foreach ($user->roles as $rid => $role_name_mixed_case) {
|
| 193 | 193 |
$authorizations[] = drupal_strtolower($role_name_mixed_case); |
| 194 | 194 |
} |
| ... | ... | |
| 204 | 204 |
$message_type = NULL; |
| 205 | 205 |
$message_text = NULL; |
| 206 | 206 |
$role_name = $mapping['normalized']; |
| 207 |
$tokens = array('!map_to' => $role_name);
|
|
| 207 |
$tokens = ['!map_to' => $role_name];
|
|
| 208 | 208 |
$roles_by_name = $this->existingRolesByRoleName(); |
| 209 | 209 |
$pass = isset($roles_by_name[drupal_strtolower($role_name)]); |
| 210 | 210 |
|
| ... | ... | |
| 229 | 229 |
$message_text .= ' ' . t('Since automatic Drupal role creation is disabled, an existing role must be mapped to. Either enable role creation or map to an existing role.');
|
| 230 | 230 |
} |
| 231 | 231 |
} |
| 232 |
return array($message_type, $message_text);
|
|
| 232 |
return [$message_type, $message_text];
|
|
| 233 | 233 |
} |
| 234 | 234 |
|
| 235 | 235 |
/** |
| ... | ... | |
| 253 | 253 |
static $roles_by_name; |
| 254 | 254 |
|
| 255 | 255 |
if ($reset || !is_array($roles_by_name)) {
|
| 256 |
$roles_by_name = array();
|
|
| 256 |
$roles_by_name = [];
|
|
| 257 | 257 |
foreach (array_flip(user_roles(TRUE)) as $role_name => $rid) {
|
| 258 | 258 |
$roles_by_name[drupal_strtolower($role_name)]['rid'] = $rid; |
| 259 | 259 |
$roles_by_name[drupal_strtolower($role_name)]['role_name'] = $role_name; |
| ... | ... | |
| 267 | 267 |
*/ |
| 268 | 268 |
public function normalizeMappings($mappings) {
|
| 269 | 269 |
|
| 270 |
$new_mappings = array();
|
|
| 270 |
$new_mappings = [];
|
|
| 271 | 271 |
// In rid => role name format. |
| 272 | 272 |
$roles = user_roles(TRUE); |
| 273 | 273 |
$roles_by_name = array_flip($roles); |
| 274 | 274 |
foreach ($mappings as $i => $mapping) {
|
| 275 |
$new_mapping = array();
|
|
| 275 |
$new_mapping = [];
|
|
| 276 | 276 |
$new_mapping['user_entered'] = $mapping[1]; |
| 277 | 277 |
$new_mapping['from'] = $mapping[0]; |
| 278 | 278 |
$new_mapping['normalized'] = $mapping[1]; |
| 279 | 279 |
$new_mapping['simplified'] = $mapping[1]; |
| 280 | 280 |
$create_consumers = (boolean) ($this->allowConsumerObjectCreation && $this->consumerConf->createConsumers); |
| 281 | 281 |
$new_mapping['valid'] = (boolean) (!$create_consumers && !empty($roles_by_name[$mapping[1]])); |
| 282 |
$new_mapping['error_message'] = ($new_mapping['valid']) ? '' : t("Role %role_name does not exist and role creation is not enabled.", array('%role' => $mapping[1]));
|
|
| 282 |
$new_mapping['error_message'] = ($new_mapping['valid']) ? '' : t("Role %role_name does not exist and role creation is not enabled.", ['%role' => $mapping[1]]);
|
|
| 283 | 283 |
$new_mappings[] = $new_mapping; |
| 284 | 284 |
} |
| 285 | 285 |
|
| ... | ... | |
| 290 | 290 |
* @see ldapAuthorizationConsumerAbstract::convertToFriendlyAuthorizationIds |
| 291 | 291 |
*/ |
| 292 | 292 |
public function convertToFriendlyAuthorizationIds($authorizations) {
|
| 293 |
$authorization_ids_friendly = array();
|
|
| 293 |
$authorization_ids_friendly = [];
|
|
| 294 | 294 |
foreach ($authorizations as $authorization_id => $authorization) {
|
| 295 | 295 |
$authorization_ids_friendly[] = $authorization['name'] . ' (' . $authorization_id . ')';
|
| 296 | 296 |
} |
Formats disponibles : Unified diff
Weekly update of contrib modules