Révision 32700c57
Ajouté par Assos Assos il y a environ 5 ans
drupal7/sites/all/modules/ldap/ldap_servers/ldap_servers.module | ||
---|---|---|
17 | 17 |
define('LDAP_SERVERS_PROJECT_TAG', 'ldap'); |
18 | 18 |
define('LDAP_SERVERS_MENU_BASE_PATH', 'admin/config/people/ldap'); |
19 | 19 |
define('LDAP_SERVERS_INDEX_BASE_PATH', 'admin/config/people/ldap/servers'); |
20 |
define('LDAP_SERVERS_MENU_BASE_PATH_PARTS', 4); // for argument offsets |
|
20 |
// For argument offsets. |
|
21 |
define('LDAP_SERVERS_MENU_BASE_PATH_PARTS', 4); |
|
21 | 22 |
define('LDAP_SERVERS_DRUPAL_HELP_URL', 'http://drupal.org/node/997082'); |
22 | 23 |
|
23 | 24 |
define('LDAP_SERVERS_TOKEN_PRE', '['); |
... | ... | |
25 | 26 |
define('LDAP_SERVERS_TOKEN_DEL', ':'); |
26 | 27 |
define('LDAP_SERVERS_TOKEN_MODIFIER_DEL', ';'); |
27 | 28 |
|
28 |
define('LDAP_SERVERS_ENC_TYPE_MD5', 1); |
|
29 |
define('LDAP_SERVERS_ENC_TYPE_CRYPT', 2); |
|
30 |
define('LDAP_SERVERS_ENC_TYPE_SALTED_CRYPT', 3); |
|
31 |
define('LDAP_SERVERS_ENC_TYPE_EXTENDED_DES', 4); |
|
32 |
define('LDAP_SERVERS_ENC_TYPE_MD5C', 5); |
|
33 |
define('LDAP_SERVERS_ENC_TYPE_BLOWFISH', 6); |
|
34 |
define('LDAP_SERVERS_ENC_TYPE_SALTED_MD5', 7); |
|
35 |
define('LDAP_SERVERS_ENC_TYPE_SHA', 8); |
|
36 |
define('LDAP_SERVERS_ENC_TYPE_SALTED_SHA', 9); |
|
37 | 29 |
define('LDAP_SERVERS_ENC_TYPE_CLEARTEXT', 10); |
38 |
|
|
39 |
define('LDAP_SERVERS_CYPHER_MODE', 'cfb');
|
|
30 |
define('LDAP_SERVERS_ENC_TYPE_OPENSSL', 20); |
|
31 |
define('LDAP_SERVERS_CYPHER_MODE', 'aes-256-cbc');
|
|
40 | 32 |
|
41 | 33 |
define('LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT', 1); |
42 | 34 |
define('LDAP_SERVERS_BIND_METHOD_USER', 2); |
... | ... | |
48 | 40 |
define('LDAP_SERVERS_DERIVE_GROUP_FROM_ATTRIBUTE', 2); |
49 | 41 |
define('LDAP_SERVERS_DERIVE_GROUP_FROM_ENTRY', 4); |
50 | 42 |
|
51 |
define('LDAP_SERVER_MASSAGE_DISPLAY', 1); // ... value is being displayed in UI |
|
52 |
define('LDAP_SERVER_MASSAGE_TOKEN_REPLACE', 2); // ... value is about to be used to generate token (e.g. [...] to be replaced |
|
53 |
|
|
54 |
define('LDAP_SERVER_MASSAGE_QUERY_LDAP', 5); // ...value is about to be used in ldap query |
|
55 |
define('LDAP_SERVER_MASSAGE_QUERY_DB', 6); // ...value is about to be in an sql query |
|
56 |
define('LDAP_SERVER_MASSAGE_QUERY_ARRAY', 7); // ...value is about to be found in array values |
|
57 |
define('LDAP_SERVER_MASSAGE_QUERY_PROPERTY', 8); // ...value is about to be found in object property values |
|
58 |
|
|
59 |
define('LDAP_SERVER_MASSAGE_STORE_LDAP', 13); // ...value is about to be stored in ldap entry |
|
60 |
define('LDAP_SERVER_MASSAGE_STORE_DB', 14); // ...value is about to be stored in db |
|
61 |
define('LDAP_SERVER_MASSAGE_STORE_ARRAY', 15); // ...value is about to be stored in array |
|
62 |
define('LDAP_SERVER_MASSAGE_STORE_PROPERTY', 16); // ...value is about to be stored in object property |
|
43 |
// ... value is being displayed in UI. |
|
44 |
define('LDAP_SERVER_MASSAGE_DISPLAY', 1); |
|
45 |
// ... value is about to be used to generate token (e.g. [...] to be replaced. |
|
46 |
define('LDAP_SERVER_MASSAGE_TOKEN_REPLACE', 2); |
|
47 |
|
|
48 |
// ...value is about to be used in ldap query. |
|
49 |
define('LDAP_SERVER_MASSAGE_QUERY_LDAP', 5); |
|
50 |
// ...value is about to be in an sql query. |
|
51 |
define('LDAP_SERVER_MASSAGE_QUERY_DB', 6); |
|
52 |
// ...value is about to be found in array values. |
|
53 |
define('LDAP_SERVER_MASSAGE_QUERY_ARRAY', 7); |
|
54 |
// ...value is about to be found in object property values. |
|
55 |
define('LDAP_SERVER_MASSAGE_QUERY_PROPERTY', 8); |
|
56 |
|
|
57 |
// ...value is about to be stored in ldap entry. |
|
58 |
define('LDAP_SERVER_MASSAGE_STORE_LDAP', 13); |
|
59 |
// ...value is about to be stored in db. |
|
60 |
define('LDAP_SERVER_MASSAGE_STORE_DB', 14); |
|
61 |
// ...value is about to be stored in array. |
|
62 |
define('LDAP_SERVER_MASSAGE_STORE_ARRAY', 15); |
|
63 |
// ...value is about to be stored in object property. |
|
64 |
define('LDAP_SERVER_MASSAGE_STORE_PROPERTY', 16); |
|
63 | 65 |
|
64 | 66 |
define('LDAP_SERVER_GROUPS_RECURSE_DEPTH', 20); |
65 | 67 |
|
... | ... | |
74 | 76 |
define('LDAP_COMPARE_TRUE', 0x06); |
75 | 77 |
define('LDAP_AUTH_METHOD_NOT_SUPPORTED', 0x07); |
76 | 78 |
define('LDAP_STRONG_AUTH_REQUIRED', 0x08); |
77 |
//NotusedinLDAPv3); |
|
79 |
|
|
80 |
// Not used in LDAPv3. |
|
78 | 81 |
define('LDAP_PARTIAL_RESULTS', 0x09); |
79 | 82 |
|
80 |
//Next5newinLDAPv3);
|
|
83 |
// Next 5 new in LDAPv3.
|
|
81 | 84 |
define('LDAP_REFERRAL', 0x0a); |
82 | 85 |
define('LDAP_ADMINLIMIT_EXCEEDED', 0x0b); |
83 | 86 |
define('LDAP_UNAVAILABLE_CRITICAL_EXTENSION', 0x0c); |
... | ... | |
97 | 100 |
|
98 | 101 |
define('LDAP_IS_LEAF', 0x23); |
99 | 102 |
define('LDAP_ALIAS_DEREF_PROBLEM', 0x24); |
100 |
if ( ! defined('LDAP_DEREF_NEVER') )
|
|
103 |
if (!defined('LDAP_DEREF_NEVER')) {
|
|
101 | 104 |
define('LDAP_DEREF_NEVER', 0x25); |
105 |
} |
|
102 | 106 |
|
103 | 107 |
define('LDAP_INAPPROPRIATE_AUTH', 0x30); |
104 | 108 |
define('LDAP_INVALID_CREDENTIALS', 0x31); |
... | ... | |
118 | 122 |
define('LDAP_ALREADY_EXISTS', 0x44); |
119 | 123 |
define('LDAP_NO_OBJECT_CLASS_MODS', 0x45); |
120 | 124 |
define('LDAP_RESULTS_TOO_LARGE', 0x46); |
121 |
//NexttwoforLDAPv3); |
|
125 |
|
|
126 |
// Next two for LDAPv3. |
|
122 | 127 |
define('LDAP_AFFECTS_MULTIPLE_DSAS', 0x47); |
123 | 128 |
define('LDAP_OTHER', 0x50); |
124 | 129 |
|
125 |
//UsedbysomeAPIs);
|
|
130 |
// Used by someAPIs.
|
|
126 | 131 |
define('LDAP_SERVER_DOWN', 0x51); |
127 | 132 |
define('LDAP_LOCAL_ERROR', 0x52); |
128 | 133 |
define('LDAP_ENCODING_ERROR', 0x53); |
... | ... | |
134 | 139 |
define('LDAP_PARAM_ERROR', 0x59); |
135 | 140 |
define('LDAP_NO_MEMORY', 0x5a); |
136 | 141 |
|
137 |
//PreliminaryLDAPv3codes);
|
|
142 |
// PreliminaryLDAPv3 codes.
|
|
138 | 143 |
define('LDAP_CONNECT_ERROR', 0x5b); |
139 | 144 |
define('LDAP_NOT_SUPPORTED', 0x5c); |
140 | 145 |
define('LDAP_CONTROL_NOT_FOUND', 0x5d); |
... | ... | |
156 | 161 |
} |
157 | 162 |
|
158 | 163 |
/** |
159 |
* Advertise the current ldap api version |
|
164 |
* Advertise the current ldap api version.
|
|
160 | 165 |
*/ |
161 | 166 |
function ldap_api_version() { |
162 | 167 |
return '2.0'; |
163 | 168 |
} |
164 | 169 |
|
170 |
/** |
|
171 |
* |
|
172 |
*/ |
|
165 | 173 |
function ldap_servers_menu() { |
166 | 174 |
$menu_offset = 4; |
167 | 175 |
|
168 |
$items['admin/config/people/ldap'] = array(
|
|
176 |
$items['admin/config/people/ldap'] = [
|
|
169 | 177 |
'title' => 'LDAP Configuration', |
170 | 178 |
'description' => 'LDAP authentication, authorization, provisioning, etc.', |
171 | 179 |
'page callback' => 'drupal_get_form', |
172 |
'page arguments' => array('ldap_servers_settings'),
|
|
173 |
'access arguments' => array('administer site configuration'),
|
|
180 |
'page arguments' => ['ldap_servers_settings'],
|
|
181 |
'access arguments' => ['administer site configuration'],
|
|
174 | 182 |
'file' => 'ldap_servers.settings.inc', |
175 |
);
|
|
183 |
];
|
|
176 | 184 |
|
177 |
$items['admin/config/people/ldap/settings'] = array(
|
|
185 |
$items['admin/config/people/ldap/settings'] = [
|
|
178 | 186 |
'title' => '1. Settings', |
179 | 187 |
'weight' => -2, |
180 | 188 |
'type' => MENU_DEFAULT_LOCAL_TASK, |
181 |
);
|
|
189 |
];
|
|
182 | 190 |
|
183 |
$items['admin/config/people/ldap/servers'] = array(
|
|
191 |
$items['admin/config/people/ldap/servers'] = [
|
|
184 | 192 |
'title' => '2. Servers', |
185 | 193 |
'page callback' => 'ldap_servers_edit_index', |
186 | 194 |
'weight' => -1, |
187 | 195 |
'type' => MENU_LOCAL_TASK, |
188 |
'access arguments' => array('administer site configuration'),
|
|
196 |
'access arguments' => ['administer site configuration'],
|
|
189 | 197 |
'file' => 'ldap_servers.admin.inc', |
190 |
);
|
|
198 |
];
|
|
191 | 199 |
|
192 |
$items['admin/config/people/ldap/servers/list'] = array(
|
|
200 |
$items['admin/config/people/ldap/servers/list'] = [
|
|
193 | 201 |
'title' => 'List', |
194 | 202 |
'type' => MENU_DEFAULT_LOCAL_TASK, |
195 |
);
|
|
203 |
];
|
|
196 | 204 |
|
197 |
$items['admin/config/people/ldap/servers/add'] = array(
|
|
205 |
$items['admin/config/people/ldap/servers/add'] = [
|
|
198 | 206 |
'title' => 'Add LDAP Server Configuration', |
199 | 207 |
'page callback' => 'drupal_get_form', |
200 |
'page arguments' => array('ldap_servers_admin_form', 'add'),
|
|
208 |
'page arguments' => ['ldap_servers_admin_form', 'add'],
|
|
201 | 209 |
'type' => MENU_LOCAL_TASK + MENU_CONTEXT_INLINE, |
202 | 210 |
'weight' => 3, |
203 |
'access arguments' => array('administer site configuration'),
|
|
211 |
'access arguments' => ['administer site configuration'],
|
|
204 | 212 |
'file' => 'ldap_servers.admin.inc', |
205 |
);
|
|
213 |
];
|
|
206 | 214 |
|
207 |
$items['admin/config/people/ldap/servers/edit/%'] = array(
|
|
215 |
$items['admin/config/people/ldap/servers/edit/%'] = [
|
|
208 | 216 |
'title' => 'Edit LDAP Server Configuration', |
209 | 217 |
'page callback' => 'drupal_get_form', |
210 |
'page arguments' => array('ldap_servers_admin_form', 'edit', $menu_offset + 2),
|
|
211 |
'access arguments' => array('administer site configuration'),
|
|
218 |
'page arguments' => ['ldap_servers_admin_form', 'edit', $menu_offset + 2],
|
|
219 |
'access arguments' => ['administer site configuration'],
|
|
212 | 220 |
'file' => 'ldap_servers.admin.inc', |
213 |
);
|
|
221 |
];
|
|
214 | 222 |
|
215 |
$items['admin/config/people/ldap/servers/test/%'] = array(
|
|
223 |
$items['admin/config/people/ldap/servers/test/%'] = [
|
|
216 | 224 |
'title' => 'Test LDAP Server Configuration', |
217 | 225 |
'page callback' => 'drupal_get_form', |
218 |
'page arguments' => array('ldap_servers_test_form', $menu_offset + 1, $menu_offset + 2),
|
|
219 |
'access arguments' => array('administer site configuration'),
|
|
226 |
'page arguments' => ['ldap_servers_test_form', $menu_offset + 1, $menu_offset + 2],
|
|
227 |
'access arguments' => ['administer site configuration'],
|
|
220 | 228 |
'file' => 'ldap_servers.test_form.inc', |
221 |
);
|
|
229 |
];
|
|
222 | 230 |
|
223 |
$items['admin/config/people/ldap/servers/delete/%'] = array(
|
|
231 |
$items['admin/config/people/ldap/servers/delete/%'] = [
|
|
224 | 232 |
'title' => 'Delete LDAP Server', |
225 | 233 |
'page callback' => 'drupal_get_form', |
226 |
'page arguments' => array('ldap_servers_admin_delete', $menu_offset + 1, $menu_offset + 2),
|
|
227 |
'access arguments' => array('administer site configuration'),
|
|
234 |
'page arguments' => ['ldap_servers_admin_delete', $menu_offset + 1, $menu_offset + 2],
|
|
235 |
'access arguments' => ['administer site configuration'],
|
|
228 | 236 |
'file' => 'ldap_servers.admin.inc', |
229 |
);
|
|
237 |
];
|
|
230 | 238 |
|
231 |
$items['admin/config/people/ldap/servers/enable/%'] = array(
|
|
239 |
$items['admin/config/people/ldap/servers/enable/%'] = [
|
|
232 | 240 |
'title' => 'Enable LDAP Server', |
233 | 241 |
'page callback' => 'drupal_get_form', |
234 |
'page arguments' => array('ldap_servers_admin_enable_disable', $menu_offset + 1, $menu_offset + 2),
|
|
235 |
'access arguments' => array('administer site configuration'),
|
|
242 |
'page arguments' => ['ldap_servers_admin_enable_disable', $menu_offset + 1, $menu_offset + 2],
|
|
243 |
'access arguments' => ['administer site configuration'],
|
|
236 | 244 |
'file' => 'ldap_servers.admin.inc', |
237 |
);
|
|
245 |
];
|
|
238 | 246 |
|
239 |
$items['admin/config/people/ldap/servers/disable/%'] = array(
|
|
247 |
$items['admin/config/people/ldap/servers/disable/%'] = [
|
|
240 | 248 |
'title' => 'Enable LDAP Server', |
241 | 249 |
'page callback' => 'drupal_get_form', |
242 |
'page arguments' => array('ldap_servers_admin_enable_disable', $menu_offset + 1, $menu_offset + 2),
|
|
243 |
'access arguments' => array('administer site configuration'),
|
|
250 |
'page arguments' => ['ldap_servers_admin_enable_disable', $menu_offset + 1, $menu_offset + 2],
|
|
251 |
'access arguments' => ['administer site configuration'],
|
|
244 | 252 |
'file' => 'ldap_servers.admin.inc', |
245 |
);
|
|
253 |
];
|
|
246 | 254 |
|
247 | 255 |
return $items; |
248 | 256 |
} |
249 | 257 |
|
250 |
|
|
251 | 258 |
/** |
252 | 259 |
* Implements hook_theme(). |
253 | 260 |
*/ |
254 | 261 |
function ldap_servers_theme() { |
255 |
return array(
|
|
256 |
'ldap_servers_list' => array(
|
|
257 |
'variables' => array('ldap_servers' => NULL, 'actions' => TRUE, 'type' => 'table'),
|
|
262 |
return [
|
|
263 |
'ldap_servers_list' => [
|
|
264 |
'variables' => ['ldap_servers' => NULL, 'actions' => TRUE, 'type' => 'table'],
|
|
258 | 265 |
'render element' => 'element', |
259 |
'file' => 'ldap_servers.theme.inc' |
|
260 |
),
|
|
261 |
'ldap_servers_server' => array(
|
|
262 |
'variables' => array('ldap_server' => NULL, 'actions' => FALSE, 'type' => 'detail'),
|
|
266 |
'file' => 'ldap_servers.theme.inc',
|
|
267 |
],
|
|
268 |
'ldap_servers_server' => [
|
|
269 |
'variables' => ['ldap_server' => NULL, 'actions' => FALSE, 'type' => 'detail'],
|
|
263 | 270 |
'render element' => 'element', |
264 |
'file' => 'ldap_servers.theme.inc' |
|
265 |
),
|
|
266 |
'ldap_server_token_table' => array(
|
|
267 |
'variables' => array('tokens' => array()),
|
|
271 |
'file' => 'ldap_servers.theme.inc',
|
|
272 |
],
|
|
273 |
'ldap_server_token_table' => [
|
|
274 |
'variables' => ['tokens' => []],
|
|
268 | 275 |
'render element' => 'element', |
269 |
'file' => 'ldap_servers.theme.inc' |
|
270 |
),
|
|
271 |
'ldap_server_ldap_entry_table' => array(
|
|
272 |
'variables' => array('entry' => array()),
|
|
276 |
'file' => 'ldap_servers.theme.inc',
|
|
277 |
],
|
|
278 |
'ldap_server_ldap_entry_table' => [
|
|
279 |
'variables' => ['entry' => []],
|
|
273 | 280 |
'render element' => 'element', |
274 |
'file' => 'ldap_servers.theme.inc' |
|
275 |
),
|
|
276 |
);
|
|
281 |
'file' => 'ldap_servers.theme.inc',
|
|
282 |
],
|
|
283 |
];
|
|
277 | 284 |
} |
278 | 285 |
|
286 |
/** |
|
287 |
* Implements hook_cron(). |
|
288 |
*/ |
|
289 |
function ldap_servers_cron() { |
|
290 |
// If any modules implement hook_ldap_servers_user_cron(). |
|
291 |
// user entity query to find most recent 100 entries that have not been processed |
|
292 |
// query for these and pass to modules implementing hook_ldap_server_maintenance() |
|
293 |
// update user field to have current date as date most recently checked. |
|
294 |
} |
|
279 | 295 |
|
280 |
/** |
|
281 |
* Implements hook_cron(). |
|
282 |
*/ |
|
283 |
function ldap_servers_cron() { |
|
284 |
// if any modules implement hook_ldap_servers_user_cron(). |
|
285 |
// user entity query to find most recent 100 entries that have not been processed |
|
286 |
// query for these and pass to modules implementing hook_ldap_server_maintenance() |
|
287 |
// update user field to have current date as date most recently checked |
|
296 |
/** |
|
297 |
* Get mixed case match from case insensitive search. |
|
298 |
* |
|
299 |
* @param string mixed case $key |
|
300 |
* @param array mixed case $array |
|
301 |
* |
|
302 |
* @return string matching key in mixed case or FALSE |
|
303 |
*/ |
|
304 |
function ldap_server_find_key($key, $array) { |
|
305 |
$keys = array_combine(array_change_key_case($array), $array); |
|
306 |
if (isset($keys[drupal_strtolower($key)])) { |
|
307 |
return $keys[drupal_strtolower($key)]; |
|
288 | 308 |
} |
289 |
|
|
290 |
/** get mixed case match from case insensitive search |
|
291 |
* |
|
292 |
* @param string mixed case $key |
|
293 |
* @param array mixed case $array |
|
294 |
* @return string matching key in mixed case or FALSE |
|
295 |
*/ |
|
296 |
function ldap_server_find_key($key, $array) { |
|
297 |
$keys = array_combine(array_change_key_case($array), $array); |
|
298 |
if (isset($keys[drupal_strtolower($key)])) { |
|
299 |
return $keys[drupal_strtolower($key)]; |
|
300 |
} |
|
301 |
else { |
|
302 |
return FALSE; |
|
303 |
} |
|
309 |
else { |
|
310 |
return FALSE; |
|
304 | 311 |
} |
312 |
} |
|
305 | 313 |
|
306 |
/**
|
|
307 |
* Implements hook_ldap_attributes_needed_alter().
|
|
308 |
*/
|
|
309 |
function ldap_servers_ldap_attributes_needed_alter(&$attributes, $params) {
|
|
314 |
/** |
|
315 |
* Implements hook_ldap_attributes_needed_alter(). |
|
316 |
*/ |
|
317 |
function ldap_servers_ldap_attributes_needed_alter(&$attributes, $params) { |
|
310 | 318 |
|
311 |
$attributes['dn'] = ldap_servers_set_attribute_map(@$attributes['dn'], 'ldap_dn'); // force this data type |
|
319 |
// Force this data type. |
|
320 |
$attributes['dn'] = ldap_servers_set_attribute_map(@$attributes['dn'], 'ldap_dn'); |
|
312 | 321 |
|
313 |
if ($params['sid'] && $params['sid']) { // puid attributes are server specific
|
|
314 |
if (is_scalar($params['sid'])) {
|
|
315 |
$ldap_server = ldap_servers_get_servers($params['sid'], 'enabled', TRUE);
|
|
316 |
}
|
|
317 |
else {
|
|
318 |
$ldap_server = $params['sid'];
|
|
319 |
}
|
|
320 |
// mail, unique_persistent_attr, user_attr, mail_template, and user_dn_expression are needed for all functionality
|
|
321 |
if (!isset($attributes[$ldap_server->mail_attr])) {
|
|
322 |
$attributes[$ldap_server->mail_attr] = ldap_servers_set_attribute_map();
|
|
323 |
}
|
|
324 |
if ($ldap_server->picture_attr && !isset($attributes[$ldap_server->picture_attr])) {
|
|
325 |
$attributes[$ldap_server->picture_attr] = ldap_servers_set_attribute_map();
|
|
326 |
}
|
|
327 |
if ($ldap_server->unique_persistent_attr && !isset($attributes[$ldap_server->unique_persistent_attr])) {
|
|
328 |
$attributes[$ldap_server->unique_persistent_attr] = ldap_servers_set_attribute_map();
|
|
329 |
}
|
|
330 |
if ($ldap_server->groupUserMembershipsAttr && !isset($attributes[$ldap_server->groupUserMembershipsAttr])) {
|
|
331 |
$attributes[$ldap_server->groupUserMembershipsAttr] = ldap_servers_set_attribute_map();
|
|
332 |
}
|
|
333 |
if ($ldap_server->user_dn_expression) {
|
|
334 |
ldap_servers_token_extract_attributes($attributes, $ldap_server->user_dn_expression, TRUE);
|
|
335 |
}
|
|
336 |
if ($ldap_server->mail_template) {
|
|
337 |
ldap_servers_token_extract_attributes($attributes, $ldap_server->mail_template);
|
|
338 |
}
|
|
339 |
if (!isset($attributes[$ldap_server->user_attr])) {
|
|
340 |
$attributes[$ldap_server->user_attr] = ldap_servers_set_attribute_map();
|
|
341 |
}
|
|
322 |
// Puid attributes are server specific.
|
|
323 |
if ($params['sid'] && $params['sid']) {
|
|
324 |
if (is_scalar($params['sid'])) {
|
|
325 |
$ldap_server = ldap_servers_get_servers($params['sid'], 'enabled', TRUE);
|
|
326 |
}
|
|
327 |
else {
|
|
328 |
$ldap_server = $params['sid'];
|
|
329 |
}
|
|
330 |
// mail, unique_persistent_attr, user_attr, mail_template, and user_dn_expression are needed for all functionality.
|
|
331 |
if (!isset($attributes[$ldap_server->mail_attr])) {
|
|
332 |
$attributes[$ldap_server->mail_attr] = ldap_servers_set_attribute_map();
|
|
333 |
}
|
|
334 |
if ($ldap_server->picture_attr && !isset($attributes[$ldap_server->picture_attr])) {
|
|
335 |
$attributes[$ldap_server->picture_attr] = ldap_servers_set_attribute_map();
|
|
336 |
}
|
|
337 |
if ($ldap_server->unique_persistent_attr && !isset($attributes[$ldap_server->unique_persistent_attr])) {
|
|
338 |
$attributes[$ldap_server->unique_persistent_attr] = ldap_servers_set_attribute_map();
|
|
339 |
}
|
|
340 |
if ($ldap_server->groupUserMembershipsAttr && !isset($attributes[$ldap_server->groupUserMembershipsAttr])) {
|
|
341 |
$attributes[$ldap_server->groupUserMembershipsAttr] = ldap_servers_set_attribute_map();
|
|
342 |
}
|
|
343 |
if ($ldap_server->user_dn_expression) {
|
|
344 |
ldap_servers_token_extract_attributes($attributes, $ldap_server->user_dn_expression, TRUE);
|
|
345 |
}
|
|
346 |
if ($ldap_server->mail_template) {
|
|
347 |
ldap_servers_token_extract_attributes($attributes, $ldap_server->mail_template);
|
|
348 |
}
|
|
349 |
if (!isset($attributes[$ldap_server->user_attr])) {
|
|
350 |
$attributes[$ldap_server->user_attr] = ldap_servers_set_attribute_map();
|
|
342 | 351 |
} |
343 | 352 |
} |
344 |
|
|
353 |
} |
|
345 | 354 |
|
346 | 355 |
/** |
347 | 356 |
* Implements hook_ldap_user_attrs_list_alter(). |
348 | 357 |
*/ |
349 |
|
|
350 | 358 |
function ldap_servers_ldap_user_attrs_list_alter(&$available_user_attrs, &$params) { |
351 | 359 |
|
352 | 360 |
if (isset($params['ldap_server']) && $params['ldap_server']) { |
353 | 361 |
$ldap_server = $params['ldap_server']; |
354 | 362 |
} |
355 | 363 |
else { |
356 |
return; // without a server id, ldap_servers module has nothing to offer |
|
364 |
// Without a server id, ldap_servers module has nothing to offer. |
|
365 |
return; |
|
357 | 366 |
} |
358 |
$ldap_user_conf = $params['ldap_user_conf'];
|
|
367 |
$ldap_user_conf = $params['ldap_user_conf']; |
|
359 | 368 |
$direction = $params['direction']; |
360 | 369 |
|
361 |
$tokens = array(
|
|
370 |
$tokens = [
|
|
362 | 371 |
'!edit_link' => l($ldap_server->editPath, $ldap_server->editPath), |
363 | 372 |
'!sid' => $ldap_server->sid, |
364 |
);
|
|
373 |
];
|
|
365 | 374 |
|
366 | 375 |
$server_edit_path = 'admin/config/people/ldap/servers/edit/' . $ldap_server->sid; |
367 | 376 |
|
368 | 377 |
if ($direction == LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) { |
369 | 378 |
|
370 | 379 |
/** these 4 user fields indentify where in ldap and which ldap server they are associated with. |
371 |
they are required for a Drupal account to be "ldap associated" regardless of if any other |
|
372 |
fields/properties are provisioned or synched |
|
380 |
* they are required for a Drupal account to be "ldap associated" regardless of if any other
|
|
381 |
* fields/properties are provisioned or synched
|
|
373 | 382 |
*/ |
374 | 383 |
|
375 | 384 |
if ($ldap_server->unique_persistent_attr) { |
376 |
foreach (array(
|
|
385 |
foreach ([
|
|
377 | 386 |
'field.ldap_user_puid_sid', |
378 | 387 |
'field.ldap_user_puid', |
379 | 388 |
'field.ldap_user_puid_property', |
380 |
) as $i => $property_id) {
|
|
389 |
] as $i => $property_id) {
|
|
381 | 390 |
$property_token = '[' . $property_id . ']'; |
382 | 391 |
if (!isset($available_user_attrs[$property_token]) || !is_array($available_user_attrs[$property_token])) { |
383 |
$available_user_attrs[$property_token] = array();
|
|
392 |
$available_user_attrs[$property_token] = [];
|
|
384 | 393 |
} |
385 | 394 |
} |
386 | 395 |
|
387 |
$available_user_attrs['[field.ldap_user_puid_sid]'] = array(
|
|
396 |
$available_user_attrs['[field.ldap_user_puid_sid]'] = [
|
|
388 | 397 |
'name' => t('Field: sid providing PUID'), |
389 | 398 |
'configurable_to_drupal' => 0, |
390 | 399 |
'configurable_to_ldap' => 1, |
... | ... | |
392 | 401 |
'notes' => 'not configurable', |
393 | 402 |
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, |
394 | 403 |
'enabled' => TRUE, |
395 |
'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER),
|
|
404 |
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER],
|
|
396 | 405 |
'config_module' => 'ldap_servers', |
397 | 406 |
'prov_module' => 'ldap_user', |
398 |
) + $available_user_attrs['[field.ldap_user_puid_sid]'];
|
|
407 |
] + $available_user_attrs['[field.ldap_user_puid_sid]'];
|
|
399 | 408 |
|
400 |
$available_user_attrs['[field.ldap_user_puid]'] = array(
|
|
409 |
$available_user_attrs['[field.ldap_user_puid]'] = [
|
|
401 | 410 |
'name' => t('Field: PUID', $tokens), |
402 | 411 |
'configurable_to_drupal' => 0, |
403 | 412 |
'configurable_to_ldap' => 1, |
... | ... | |
406 | 415 |
'convert' => $ldap_server->unique_persistent_attr_binary, |
407 | 416 |
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, |
408 | 417 |
'enabled' => TRUE, |
409 |
'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER),
|
|
418 |
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER],
|
|
410 | 419 |
'config_module' => 'ldap_servers', |
411 | 420 |
'prov_module' => 'ldap_user', |
412 |
) + $available_user_attrs['[field.ldap_user_puid]'];
|
|
421 |
] + $available_user_attrs['[field.ldap_user_puid]'];
|
|
413 | 422 |
|
414 | 423 |
$available_user_attrs['[field.ldap_user_puid_property]'] = |
415 |
array(
|
|
424 |
[
|
|
416 | 425 |
'name' => t('Field: PUID Attribute', $tokens), |
417 | 426 |
'configurable_to_drupal' => 0, |
418 | 427 |
'configurable_to_ldap' => 1, |
... | ... | |
420 | 429 |
'notes' => 'configure at ' . $server_edit_path, |
421 | 430 |
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, |
422 | 431 |
'enabled' => TRUE, |
423 |
'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER),
|
|
432 |
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER],
|
|
424 | 433 |
'config_module' => 'ldap_servers', |
425 | 434 |
'prov_module' => 'ldap_user', |
426 |
) + $available_user_attrs['[field.ldap_user_puid_property]'];
|
|
435 |
] + $available_user_attrs['[field.ldap_user_puid_property]'];
|
|
427 | 436 |
} |
428 | 437 |
|
429 | 438 |
$token = '[field.ldap_user_current_dn]'; |
430 | 439 |
if (!isset($available_user_attrs[$token]) || !is_array($available_user_attrs[$token])) { |
431 |
$available_user_attrs[$token] = array();
|
|
440 |
$available_user_attrs[$token] = [];
|
|
432 | 441 |
} |
433 | 442 |
$available_user_attrs[$token] = |
434 |
array(
|
|
443 |
[
|
|
435 | 444 |
'name' => t('Field: Most Recent DN', $tokens), |
436 | 445 |
'configurable_to_drupal' => 0, |
437 | 446 |
'configurable_to_ldap' => 0, |
... | ... | |
439 | 448 |
'notes' => 'not configurable', |
440 | 449 |
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, |
441 | 450 |
'enabled' => TRUE, |
442 |
'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER),
|
|
451 |
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
|
|
443 | 452 |
'config_module' => 'ldap_servers', |
444 | 453 |
'prov_module' => 'ldap_user', |
445 |
) + $available_user_attrs[$token];
|
|
454 |
] + $available_user_attrs[$token];
|
|
446 | 455 |
|
447 | 456 |
if ($ldap_user_conf->provisionsDrupalAccountsFromLdap) { |
448 | 457 |
if (!isset($available_user_attrs['[property.name]']) || !is_array($available_user_attrs['[property.name]'])) { |
449 |
$available_user_attrs['[property.name]'] = array();
|
|
458 |
$available_user_attrs['[property.name]'] = [];
|
|
450 | 459 |
} |
451 |
$available_user_attrs['[property.name]'] = array(
|
|
460 |
$available_user_attrs['[property.name]'] = [
|
|
452 | 461 |
'name' => 'Property: Username', |
453 | 462 |
'source' => '[' . $ldap_server->user_attr . ']', |
454 | 463 |
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, |
455 | 464 |
'enabled' => TRUE, |
456 |
'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER),
|
|
465 |
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
|
|
457 | 466 |
'config_module' => 'ldap_servers', |
458 | 467 |
'prov_module' => 'ldap_user', |
459 |
) + $available_user_attrs['[property.name]'];
|
|
468 |
] + $available_user_attrs['[property.name]'];
|
|
460 | 469 |
|
461 | 470 |
if (!isset($available_user_attrs['[property.mail]']) || !is_array($available_user_attrs['[property.mail]'])) { |
462 |
$available_user_attrs['[property.mail]'] = array();
|
|
471 |
$available_user_attrs['[property.mail]'] = [];
|
|
463 | 472 |
} |
464 |
$available_user_attrs['[property.mail]'] = array(
|
|
473 |
$available_user_attrs['[property.mail]'] = [
|
|
465 | 474 |
'name' => 'Property: Email', |
466 | 475 |
'source' => ($ldap_server->mail_template) ? $ldap_server->mail_template : '[' . $ldap_server->mail_attr . ']', |
467 | 476 |
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, |
468 | 477 |
'enabled' => TRUE, |
469 |
'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER),
|
|
478 |
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
|
|
470 | 479 |
'config_module' => 'ldap_servers', |
471 | 480 |
'prov_module' => 'ldap_user', |
472 |
) + $available_user_attrs['[property.mail]'];
|
|
481 |
] + $available_user_attrs['[property.mail]'];
|
|
473 | 482 |
|
474 | 483 |
if ($ldap_server->picture_attr) { |
475 | 484 |
if (!isset($available_user_attrs['[property.picture]']) || !is_array($available_user_attrs['[property.picture]'])) { |
476 |
$available_user_attrs['[property.picture]'] = array();
|
|
485 |
$available_user_attrs['[property.picture]'] = [];
|
|
477 | 486 |
} |
478 |
$available_user_attrs['[property.picture]'] = array(
|
|
479 |
'name' => 'Property: Picture',
|
|
480 |
'source' => '[' . $ldap_server->picture_attr . ']',
|
|
481 |
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
|
|
482 |
'enabled' => TRUE,
|
|
483 |
'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER),
|
|
484 |
'config_module' => 'ldap_servers',
|
|
485 |
'prov_module' => 'ldap_user',
|
|
486 |
) + $available_user_attrs['[property.picture]'];
|
|
487 |
$available_user_attrs['[property.picture]'] = [
|
|
488 |
'name' => 'Property: Picture', |
|
489 |
'source' => '[' . $ldap_server->picture_attr . ']', |
|
490 |
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, |
|
491 |
'enabled' => TRUE, |
|
492 |
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
|
|
493 |
'config_module' => 'ldap_servers', |
|
494 |
'prov_module' => 'ldap_user', |
|
495 |
] + $available_user_attrs['[property.picture]'];
|
|
487 | 496 |
} |
488 | 497 |
} |
489 | 498 |
} |
490 | 499 |
} |
491 | 500 |
|
492 | 501 |
/** |
493 |
* flush server static cache
|
|
502 |
* Flush server static cache.
|
|
494 | 503 |
*/ |
495 |
|
|
496 | 504 |
function ldap_servers_flush_server_cache() { |
497 |
$discard = ldap_servers_get_servers(NULL, 'all', FALSE, TRUE); // flush server cache |
|
505 |
// Flush server cache. |
|
506 |
$discard = ldap_servers_get_servers(NULL, 'all', FALSE, TRUE); |
|
498 | 507 |
} |
499 | 508 |
|
500 |
|
|
501 | 509 |
/** |
502 |
* function to replace module_load_include such that when
|
|
510 |
* Function to replace module_load_include such that when
|
|
503 | 511 |
* something is not included, drupal will exit instead |
504 | 512 |
* of attempting something half baked. |
505 | 513 |
*/ |
... | ... | |
512 | 520 |
} |
513 | 521 |
|
514 | 522 |
/** |
523 |
* Return ldap server conf objects. |
|
515 | 524 |
* |
516 |
* return ldap server conf objects |
|
525 |
* @param string $sid |
|
526 |
* @param string $type |
|
527 |
* All', 'enabled'. |
|
528 |
* @param bool $flatten |
|
529 |
* signifies if array or single object returned. Only works if sid is specified. |
|
530 |
* @param bool $reset |
|
531 |
* do not use cached or static result. |
|
517 | 532 |
* |
518 |
* @param alphanum $sid |
|
519 |
* @param enum $type 'all', 'enabled', |
|
520 |
* @param boolean $flatten signifies if array or single object returned. Only works if sid is specified |
|
521 |
* @param boolean $reset do not use cached or static result |
|
522 |
* @return - array of server conf object keyed on sid |
|
523 |
* - single server conf object (if flatten == TRUE) |
|
533 |
* @return array |
|
534 |
* Of server conf object keyed on sid |
|
535 |
* - single server conf object (if flatten == TRUE) |
|
524 | 536 |
*/ |
525 | 537 |
function ldap_servers_get_servers($sid = NULL, $type = NULL, $flatten = FALSE, $reset = FALSE) { |
526 | 538 |
if (variable_get('ldap_simpletest', FALSE)) { |
... | ... | |
531 | 543 |
} |
532 | 544 |
} |
533 | 545 |
|
534 |
|
|
535 | 546 |
/** |
536 |
* see ldap_servers_get_servers()
|
|
547 |
* See ldap_servers_get_servers()
|
|
537 | 548 |
*/ |
538 | 549 |
function _ldap_servers_get_servers($sid, $type, $flatten, $reset) { |
539 | 550 |
ldap_servers_module_load_include('php', 'ldap_servers', 'LdapServerAdmin.class'); |
540 | 551 |
static $servers; |
541 | 552 |
$type = ($type) ? $type : 'all'; |
542 | 553 |
if ($reset) { |
543 |
$servers = array();
|
|
554 |
$servers = [];
|
|
544 | 555 |
} |
545 | 556 |
if (!isset($servers['all'])) { |
546 | 557 |
$servers['all'] = LdapServerAdmin::getLdapServerObjects('all', NULL, 'LdapServer', $reset); |
547 | 558 |
} |
548 | 559 |
|
549 | 560 |
if (!isset($servers['enabled'])) { |
550 |
$servers['enabled'] = array();
|
|
561 |
$servers['enabled'] = [];
|
|
551 | 562 |
foreach ($servers['all'] as $_sid => $ldap_server) { |
552 | 563 |
if ($ldap_server->status == 1) { |
553 | 564 |
$servers['enabled'][$_sid] = $ldap_server; |
... | ... | |
559 | 570 |
if (!isset($servers[$type][$sid])) { |
560 | 571 |
return FALSE; |
561 | 572 |
} |
562 |
return ($flatten) ? $servers[$type][$sid] : array($sid => $servers[$type][$sid]);
|
|
573 |
return ($flatten) ? $servers[$type][$sid] : [$sid => $servers[$type][$sid]];
|
|
563 | 574 |
} |
564 | 575 |
|
565 | 576 |
if (isset($servers[$type])) { |
... | ... | |
568 | 579 |
} |
569 | 580 |
|
570 | 581 |
/** |
571 |
* see ldap_servers_get_servers()
|
|
582 |
* See ldap_servers_get_servers()
|
|
572 | 583 |
*/ |
573 | 584 |
function _ldap_servers_get_simpletest_servers($sid, $type = NULL, $flatten, $reset = TRUE) { |
574 | 585 |
|
... | ... | |
576 | 587 |
$type = 'all'; |
577 | 588 |
} |
578 | 589 |
|
579 |
//two flavors of mock servers exist. ultimately v2 will be used in all simpletests |
|
590 |
$servers = []; |
|
591 |
|
|
592 |
// Two flavors of mock servers exist. ultimately v2 will be used in all simpletests. |
|
580 | 593 |
if (variable_get('ldap_simpletest', 0) == 2) { |
581 | 594 |
ldap_servers_module_load_include('php', 'ldap_test', 'LdapServerTest.class'); |
582 | 595 |
$servers['all'] = LdapServerTest::getLdapServerObjects(NULL, 'all', FALSE); |
... | ... | |
591 | 604 |
if (!isset($servers[$type][$sid])) { |
592 | 605 |
return FALSE; |
593 | 606 |
} |
594 |
return ($flatten) ? $servers[$type][$sid] : array($sid => $servers[$type][$sid]);
|
|
607 |
return ($flatten) ? $servers[$type][$sid] : [$sid => $servers[$type][$sid]];
|
|
595 | 608 |
} |
596 | 609 |
|
597 | 610 |
if (isset($servers[$type])) { |
598 | 611 |
return $servers[$type]; |
599 | 612 |
} |
600 | 613 |
} |
614 |
|
|
615 |
/** |
|
616 |
* |
|
617 |
*/ |
|
601 | 618 |
function ldap_servers_debug($variable) { |
602 | 619 |
if (variable_get('ldap_simpletest', FALSE) && function_exists('dpm')) { |
603 | 620 |
dpm($variable); |
... | ... | |
606 | 623 |
debug($variable); |
607 | 624 |
} |
608 | 625 |
} |
626 |
|
|
627 |
/** |
|
628 |
* |
|
629 |
*/ |
|
609 | 630 |
function ldap_servers_cache_clear() { |
610 | 631 |
$discard = ldap_servers_get_servers(NULL, 'all', FALSE, TRUE); |
611 | 632 |
if (module_exists('ctools')) { |
... | ... | |
614 | 635 |
} |
615 | 636 |
|
616 | 637 |
/** |
617 |
* function to convert microsoft style guids to strings
|
|
638 |
* Function to convert microsoft style guids to strings.
|
|
618 | 639 |
*/ |
619 | 640 |
function ldap_servers_msguid($value) { |
620 | 641 |
|
621 | 642 |
$hex_string = bin2hex($value); |
622 | 643 |
// (MS?) GUID are displayed with first three GUID parts as "big endian" |
623 | 644 |
// Doing this so String value matches what other LDAP tool displays for AD. |
624 |
$value = strtoupper(substr( $hex_string, 6, 2) . substr( $hex_string, 4, 2) .
|
|
625 |
substr( $hex_string, 2, 2) . substr( $hex_string, 0, 2) . '-' .
|
|
626 |
substr( $hex_string, 10, 2) . substr( $hex_string, 8, 2) . '-' .
|
|
627 |
substr( $hex_string, 14, 2) . substr( $hex_string, 12, 2) . '-' .
|
|
628 |
substr( $hex_string, 16, 4) . '-' . substr( $hex_string, 20, 12));
|
|
645 |
$value = strtoupper(substr($hex_string, 6, 2) . substr($hex_string, 4, 2) .
|
|
646 |
substr($hex_string, 2, 2) . substr($hex_string, 0, 2) . '-' .
|
|
647 |
substr($hex_string, 10, 2) . substr($hex_string, 8, 2) . '-' .
|
|
648 |
substr($hex_string, 14, 2) . substr($hex_string, 12, 2) . '-' .
|
|
649 |
substr($hex_string, 16, 4) . '-' . substr($hex_string, 20, 12));
|
|
629 | 650 |
|
630 | 651 |
return $value; |
631 | 652 |
} |
632 | 653 |
|
633 |
/** |
|
634 |
* Create a "binary safe" string for use in LDAP filters |
|
654 |
/** |
|
655 |
* Create a "binary safe" string for use in LDAP filters. |
|
656 |
* |
|
635 | 657 |
* @param $value |
658 |
* |
|
636 | 659 |
* @return string |
637 | 660 |
*/ |
638 | 661 |
function ldap_servers_binary_filter($value) { |
... | ... | |
647 | 670 |
substr($hex_string, 16, 4) . substr($hex_string, 20, 12); |
648 | 671 |
} |
649 | 672 |
|
650 |
for ($i = 0; $i < strlen($value); $i = $i + 2 ) {
|
|
673 |
for ($i = 0; $i < strlen($value); $i = $i + 2) { |
|
651 | 674 |
$match .= '\\' . substr($value, $i, 2); |
652 | 675 |
} |
653 | 676 |
|
... | ... | |
655 | 678 |
} |
656 | 679 |
|
657 | 680 |
/** |
658 |
* general binary conversion function for guids
|
|
681 |
* General binary conversion function for guids
|
|
659 | 682 |
* tries to determine which approach based on length |
660 |
* of string |
|
683 |
* of string.
|
|
661 | 684 |
*/ |
662 | 685 |
function ldap_servers_binary($value) { |
663 | 686 |
if (strlen($value) == 16) { |
... | ... | |
670 | 693 |
} |
671 | 694 |
|
672 | 695 |
/** |
673 |
* @todo needs caching element. several modules could potentially call this in the same
|
|
674 |
* page request. |
|
696 |
* @todo needs caching element. several modules could potentially call this in |
|
697 |
* the same page request.
|
|
675 | 698 |
* |
676 |
* @param std object $drupal_user is drupal $user object |
|
677 |
* @param string $sid is a server id |
|
678 |
* @param scalar $ldap_context |
|
699 |
* @param object $drupal_user |
|
700 |
* is drupal $user object. |
|
701 |
* @param string $sid |
|
702 |
* is a server id. |
|
703 |
* @param mixed $ldap_context |
|
704 |
* |
|
705 |
* @return bool |
|
679 | 706 |
*/ |
680 |
|
|
681 | 707 |
function ldap_servers_get_user_ldap_data($drupal_user, $sid = NULL, $ldap_context = NULL) { |
682 | 708 |
if (is_object($drupal_user) && property_exists($drupal_user, 'uid') && |
683 | 709 |
function_exists('ldap_user_get_authname') && ($authname = ldap_user_get_authname($drupal_user))) { |
... | ... | |
686 | 712 |
else { |
687 | 713 |
$drupal_username = (is_object($drupal_user)) ? $drupal_user->name : $drupal_user; |
688 | 714 |
} |
689 |
//Sometimes we have username instead of a drupal user object |
|
690 |
//For example, when using LDAP user test form (admin/config/people/ldap/user/test) |
|
691 |
//But we can still load the user by using $drupal_username if $drupal_user is not an object
|
|
692 |
if ( !(is_object($drupal_user)) ) {
|
|
715 |
// Sometimes we have username instead of a drupal user object
|
|
716 |
// For example, when using LDAP user test form (admin/config/people/ldap/user/test)
|
|
717 |
// But we can still load the user by using $drupal_username if $drupal_user is not an object.
|
|
718 |
if (!(is_object($drupal_user))) {
|
|
693 | 719 |
$user_object = user_load_by_name($drupal_username); |
694 | 720 |
if (is_object($user_object) && property_exists($user_object, 'uid')) { |
695 | 721 |
$drupal_user = $user_object; |
696 | 722 |
} |
697 | 723 |
} |
698 |
// if no explicit $sid, find most appropriate one
|
|
724 |
// If no explicit $sid, find most appropriate one.
|
|
699 | 725 |
if (module_exists('ldap_user') && (!$sid || $sid == LDAP_USER_AUTH_SERVER_SID)) { |
700 | 726 |
if (property_exists($drupal_user, 'ldap_user_puid_sid') && |
701 | 727 |
!empty($drupal_user->ldap_user_puid_sid[LANGUAGE_NONE][0]['value']) |
... | ... | |
719 | 745 |
$ldap_server = ($sid) ? ldap_servers_get_servers($sid, 'enabled', TRUE) : FALSE; |
720 | 746 |
|
721 | 747 |
if ($ldap_server === FALSE) { |
722 |
watchdog('ldap_servers', 'Failed to load server object %sid in _ldap_servers_get_user_ldap_data', array('%sid' => $sid), WATCHDOG_ERROR);
|
|
748 |
watchdog('ldap_servers', 'Failed to load server object %sid in _ldap_servers_get_user_ldap_data', ['%sid' => $sid], WATCHDOG_ERROR);
|
|
723 | 749 |
return FALSE; |
724 | 750 |
} |
725 | 751 |
|
... | ... | |
736 | 762 |
} |
737 | 763 |
|
738 | 764 |
/** |
739 |
* @param array $attribute_map for a given attribute in form array('values' => array(), 'data_type' => NULL) as outlined in ldap_user/README.developers.txt |
|
740 |
* @param enum string $conversion as type of conversion to do @see ldap_servers_convert_attribute(). e.g. base64_encode, bin2hex, msguid, md5 |
|
741 |
* @param array $values in form array(<ordinal> => <value> | NULL) where NULL indicates value is needed for provisioning or other operations. |
|
765 |
* @param array|null $attribute |
|
766 |
* @param string $conversion |
|
767 |
* as type of conversion to do @see ldap_servers_convert_attribute(). e.g. base64_encode, bin2hex, msguid, md5. |
|
768 |
* @param array $values |
|
769 |
* in form array(<ordinal> => <value> | NULL) where NULL indicates value is needed for provisioning or other operations. |
|
742 | 770 |
* |
743 | 771 |
* @return array $attribute_map with converted values. If nothing passed in create empty array in proper structure. |
744 | 772 |
* array('values' => array( |
... | ... | |
746 | 774 |
* 1 => 'johnny' |
747 | 775 |
* ) |
748 | 776 |
* ); |
749 |
)) |
|
777 |
* ))
|
|
750 | 778 |
*/ |
751 |
|
|
752 | 779 |
function ldap_servers_set_attribute_map($attribute = NULL, $conversion = NULL, $values = NULL) { |
753 | 780 |
|
754 |
$attribute = (is_array($attribute)) ? $attribute : array();
|
|
781 |
$attribute = (is_array($attribute)) ? $attribute : [];
|
|
755 | 782 |
$attribute['conversion'] = $conversion; |
756 | 783 |
if (!$values && (!isset($attribute['values']) || !is_array($attribute['values']))) { |
757 |
$attribute['values'] = array(0 => NULL);
|
|
784 |
$attribute['values'] = [0 => NULL];
|
|
758 | 785 |
} |
759 |
elseif (is_array($values)) { //merge into array overwriting ordinals |
|
786 |
// Merge into array overwriting ordinals. |
|
787 |
elseif (is_array($values)) { |
|
760 | 788 |
foreach ($values as $ordinal => $value) { |
761 | 789 |
if ($conversion) { |
762 | 790 |
$value = ldap_servers_convert_attribute($value, $conversion); |
763 | 791 |
} |
764 |
$attribute['values'][(int)$ordinal] = $value; |
|
792 |
$attribute['values'][(int) $ordinal] = $value;
|
|
765 | 793 |
} |
766 | 794 |
} |
767 | 795 |
return $attribute; |
768 | 796 |
} |
769 | 797 |
|
770 | 798 |
/** |
771 |
* @param string $value as value to be converted |
|
772 |
* @param string $conversion such as base64_encode, bin2hex, msguid, md5 |
|
799 |
* @param string $value |
|
800 |
* as value to be converted. |
|
801 |
* @param string $conversion |
|
802 |
* such as base64_encode, bin2hex, msguid, md5. |
|
773 | 803 |
* @return converted $value |
774 | 804 |
*/ |
775 | 805 |
function ldap_servers_convert_attribute($value, $conversion = NULL) { |
776 | 806 |
|
777 |
if ($conversion) {
|
|
807 |
if ($conversion) { |
|
778 | 808 |
|
779 |
switch ($conversion) {
|
|
780 |
case 'base64_encode':
|
|
781 |
$value = base64_encode($value);
|
|
782 |
break;
|
|
809 |
switch ($conversion) { |
|
810 |
case 'base64_encode': |
|
811 |
$value = base64_encode($value); |
|
812 |
break; |
|
783 | 813 |
|
784 |
case 'bin2hex':
|
|
785 |
$value = bin2hex($value);
|
|
786 |
break;
|
|
814 |
case 'bin2hex': |
|
815 |
$value = bin2hex($value); |
|
816 |
break; |
|
787 | 817 |
|
788 |
case 'msguid':
|
|
789 |
$value = ldap_servers_msguid($value);
|
|
790 |
break;
|
|
818 |
case 'msguid': |
|
819 |
$value = ldap_servers_msguid($value); |
|
820 |
break; |
|
791 | 821 |
|
792 |
case 'binary':
|
|
793 |
$value = ldap_servers_binary($value);
|
|
794 |
break;
|
|
822 |
case 'binary': |
|
823 |
$value = ldap_servers_binary($value); |
|
824 |
break; |
|
795 | 825 |
|
796 |
case 'md5':
|
|
797 |
$value = '{md5}' . base64_encode(pack('H*', md5($value)));
|
|
798 |
break;
|
|
799 |
}
|
|
826 |
case 'md5': |
|
827 |
$value = '{md5}' . base64_encode(pack('H*', md5($value))); |
|
828 |
break; |
|
829 |
} |
|
800 | 830 |
|
801 |
}
|
|
831 |
} |
|
802 | 832 |
|
803 | 833 |
return $value; |
804 | 834 |
} |
805 | 835 |
|
836 |
/** |
|
837 |
* |
|
838 |
*/ |
|
806 | 839 |
function ldap_servers_ldap_extension_summary($op = 'data') { |
807 | 840 |
ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.status'); |
808 | 841 |
return _ldap_servers_ldap_extension_summary($op); |
809 | 842 |
} |
810 | 843 |
|
844 |
/** |
|
845 |
* |
|
846 |
*/ |
|
811 | 847 |
function ldap_servers_ldap_extension_loaded() { |
812 | 848 |
return extension_loaded('ldap'); |
813 | 849 |
} |
814 | 850 |
|
851 |
/** |
|
852 |
* |
|
853 |
*/ |
|
815 | 854 |
function ldap_servers_encrypt($text, $encryption = NULL) { |
816 | 855 |
ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.encryption'); |
817 | 856 |
return _ldap_servers_encrypt($text, $encryption); |
818 | 857 |
} |
819 | 858 |
|
820 |
function ldap_servers_encrypt_types($category = 'all') { |
|
859 |
/** |
|
860 |
* |
|
861 |
*/ |
|
862 |
function ldap_servers_encrypt_types() { |
|
821 | 863 |
ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.encryption'); |
822 |
return _ldap_servers_encrypt_types($category);
|
|
864 |
return _ldap_servers_encrypt_types(); |
|
823 | 865 |
} |
824 | 866 |
|
867 |
/** |
|
868 |
* |
|
869 |
*/ |
|
825 | 870 |
function ldap_servers_decrypt($encrypted, $encryption = NULL) { |
826 | 871 |
ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.encryption'); |
827 | 872 |
return _ldap_servers_decrypt($encrypted, $encryption); |
828 | 873 |
} |
829 | 874 |
|
875 |
/** |
|
876 |
* |
|
877 |
*/ |
|
830 | 878 |
function ldap_servers_php_supports_pagination() { |
831 |
return (boolean)(function_exists('ldap_control_paged_result_response') && function_exists('ldap_control_paged_result')); |
|
879 |
return (boolean) (function_exists('ldap_control_paged_result_response') && function_exists('ldap_control_paged_result'));
|
|
832 | 880 |
} |
833 | 881 |
|
834 |
|
|
882 |
/** |
|
883 |
* |
|
884 |
*/ |
|
835 | 885 |
function ldap_servers_help($path, $arg) { |
836 | 886 |
|
837 | 887 |
$servers_help = '<p>' . t('LDAP Servers store "LDAP server configurations" so other modules can connect to them and leverage their data.') . ' '; |
... | ... | |
842 | 892 |
case 'admin/config/people/ldap/servers': |
843 | 893 |
return $servers_help; |
844 | 894 |
|
845 |
case 'admin/help#ldap_servers': |
|
895 |
case 'admin/help#ldap_servers':
|
|
846 | 896 |
$servers_help .= '<h3>' . t('Configuration - Settings') . '</h3>'; |
847 | 897 |
$servers_help .= '<dl>'; |
848 | 898 |
$servers_help .= '<dt>' . t('ENCRYPTION') . '</dt>'; |
... | ... | |
897 | 947 |
} |
898 | 948 |
} |
899 | 949 |
|
900 |
|
|
901 | 950 |
/** |
902 | 951 |
* @return list of ldap configuration classes and names |
903 | 952 |
*/ |
... | ... | |
905 | 954 |
|
906 | 955 |
$path = drupal_get_path('module', 'ldap_servers') . '/ldap_types'; |
907 | 956 |
|
908 |
$types['default'] = array(
|
|
957 |
$types['default'] = [
|
|
909 | 958 |
'class' => t('LdapTypeDefault'), |
910 | 959 |
'directory_path' => $path, |
911 | 960 |
'name' => 'Default LDAP', |
912 |
);
|
|
961 |
];
|
|
913 | 962 |
|
914 |
$types['ad'] = array(
|
|
963 |
$types['ad'] = [
|
|
915 | 964 |
'class' => t('LdapTypeActiveDirectory'), |
916 | 965 |
'directory_path' => $path, |
917 | 966 |
'name' => 'Active Directory', |
918 |
);
|
|
967 |
];
|
|
919 | 968 |
|
920 |
$types['novell_edir'] = array(
|
|
969 |
$types['novell_edir'] = [
|
|
921 | 970 |
'class' => t('LdapTypeNovell'), |
922 | 971 |
'directory_path' => $path, |
923 | 972 |
'name' => 'Novell', |
924 |
);
|
|
973 |
];
|
|
925 | 974 |
|
926 |
$types['openldap'] = array(
|
|
975 |
$types['openldap'] = [
|
|
927 | 976 |
'class' => t('LdapTypeOpenLdap'), |
928 | 977 |
'directory_path' => $path, |
929 | 978 |
'name' => 'Open LDAP', |
930 |
);
|
|
979 |
];
|
|
931 | 980 |
|
932 |
$types['opendir'] = array(
|
|
981 |
$types['opendir'] = [
|
|
933 | 982 |
'class' => t('LdapTypeOpenDirectory'), |
934 | 983 |
'directory_path' => $path, |
935 | 984 |
'name' => 'Apple Open Directory', |
936 |
);
|
|
985 |
];
|
|
937 | 986 |
|
938 | 987 |
drupal_alter('ldap_servers_ldap_types', $types); |
939 | 988 |
return $types; |
... | ... | |
941 | 990 |
} |
942 | 991 |
|
943 | 992 |
/** |
944 |
* @param string or array ldap type id or conf array |
|
945 |
* @return options for ldap type pulldown |
|
993 |
* @param string $ldap_conf |
|
994 |
* or array ldap type id or conf array. |
|
995 |
* |
|
996 |
* @return mixed |
|
997 |
* options for ldap type pulldown |
|
946 | 998 |
*/ |
947 | 999 |
function ldap_servers_get_ldap_type_object($ldap_conf) { |
948 | 1000 |
|
... | ... | |
951 | 1003 |
$ldap_conf = $ldap_confs[$ldap_conf]; |
952 | 1004 |
} |
953 | 1005 |
|
954 |
require_once($ldap_conf['directory_path'] . '/' . $ldap_conf['class'] . 'class.php');
|
|
1006 |
require_once $ldap_conf['directory_path'] . '/' . $ldap_conf['class'] . 'class.php';
|
|
955 | 1007 |
$ldap_type_class = new $ldap_conf['class'](); |
956 | 1008 |
return $ldap_type_class; |
957 | 1009 |
|
958 | 1010 |
} |
959 | 1011 |
|
960 | 1012 |
/** |
961 |
* given a dn (such as cn=jdoe,ou=people)
|
|
1013 |
* Given a dn (such as cn=jdoe,ou=people)
|
|
962 | 1014 |
* and an rdn (such as cn) |
963 | 1015 |
* determine that rdn value (such as jdoe) |
964 | 1016 |
* |
965 | 1017 |
* @param string $dn |
966 | 1018 |
* @param string $rdn |
1019 |
* |
|
967 | 1020 |
* @return string value of rdn |
968 | 1021 |
*/ |
969 | 1022 |
function ldap_servers_get_first_rdn_value_from_dn($dn, $rdn) { |
970 |
$pairs = ldap_explode_dn($dn, 0); // escapes attribute values, need to be unescaped later |
|
1023 |
// Escapes attribute values, need to be unescaped later. |
|
1024 |
$pairs = ldap_explode_dn($dn, 0); |
|
971 | 1025 |
$count = array_shift($pairs); |
972 | 1026 |
$rdn = drupal_strtolower($rdn); |
973 | 1027 |
$rdn_value = FALSE; |
... | ... | |
982 | 1036 |
} |
983 | 1037 |
|
984 | 1038 |
/** |
985 |
* given a dn (such as cn=jdoe,ou=people)
|
|
1039 |
* Given a dn (such as cn=jdoe,ou=people)
|
|
986 | 1040 |
* and an rdn (such as cn) |
987 | 1041 |
* determine that rdn value (such as jdoe) |
988 | 1042 |
* |
989 | 1043 |
* @param string $dn |
990 | 1044 |
* @param string $rdn |
1045 |
* |
|
991 | 1046 |
* @return array of all values of rdn |
992 | 1047 |
*/ |
993 | 1048 |
function ldap_servers_get_all_rdn_values_from_dn($dn, $rdn) { |
994 |
$pairs = ldap_explode_dn($dn, 0); // escapes attribute values, need to be unescaped later |
|
1049 |
// Escapes attribute values, need to be unescaped later. |
|
1050 |
$pairs = ldap_explode_dn($dn, 0); |
|
995 | 1051 |
$count = array_shift($pairs); |
996 | 1052 |
$rdn = drupal_strtolower($rdn); |
997 |
$rdn_values = array();
|
|
1053 |
$rdn_values = [];
|
|
998 | 1054 |
foreach ($pairs as $p) { |
999 | 1055 |
$pair = explode('=', $p); |
1000 | 1056 |
if (drupal_strtolower(trim($pair[0])) == $rdn) { |
... | ... | |
1004 | 1060 |
return $rdn_values; |
1005 | 1061 |
} |
1006 | 1062 |
|
1007 |
|
|
1008 | 1063 |
/** |
1009 |
* @return options for ldap type pulldown |
|
1064 |
* @return array |
|
1065 |
* options for ldap type pulldown |
|
1010 | 1066 |
*/ |
1011 | 1067 |
function ldap_servers_ldaps_option_array() { |
1012 | 1068 |
|
1013 |
$options = array();
|
|
1069 |
$options = [];
|
|
1014 | 1070 |
foreach (ldap_servers_ldap_servers_types() as $ldap_id => $conf) { |
1015 | 1071 |
$options[$ldap_id] = $conf['name']; |
1016 | 1072 |
} |
... | ... | |
1019 | 1075 |
} |
1020 | 1076 |
|
1021 | 1077 |
/** |
1022 |
* @param string $ldap_type indicating ldap type 'default','ad','novell_edir', 'openldap' |
|
1023 |
* @param boolean $reset clear static array |
|
1024 |
* @param boolean $flatted indicating if only one ldap type returned, skip top level array key |
|
1078 |
* @param string $ldap_type |
|
1079 |
* indicating ldap type 'default','ad','novell_edir', 'openldap'. |
|
1080 |
* @param bool $reset |
|
1081 |
* clear static array. |
|
1082 |
* @param bool $flatten |
|
1083 |
* indicating if only one ldap type returned, skip top level array key. |
|
1025 | 1084 |
* |
1026 |
* @return one or more ldap type objects |
|
1085 |
* @return mixed |
|
1086 |
* one or more ldap type objects |
|
1027 | 1087 |
*/ |
1028 | 1088 |
function ldap_servers_get_types($ldap_type = NULL, $reset = FALSE, $flatten = FALSE) { |
1029 | 1089 |
static $ldap_types; |
1030 | 1090 |
if ($reset || !is_array($ldap_types)) { |
1031 | 1091 |
$ldap_types = module_invoke_all('ldap_servers_type'); |
1032 | 1092 |
if ($ldap_type) { |
1033 |
require_once($ldap_types[$ldap_type]['directory_path'] . '/' . $ldap_types[$ldap_type]['class'] . '.class.php');
|
|
1034 |
$ldap_types[$ldap_type] = new $ldap_types[$ldap_type]['class'] . '.class.php'; |
|
1093 |
require_once $ldap_types[$ldap_type]['directory_path'] . '/' . $ldap_types[$ldap_type]['class'] . '.class.php';
|
|
1094 |
$ldap_types[$ldap_type] = new $ldap_types[$ldap_type]['class']() . '.class.php';
|
|
1035 | 1095 |
} |
1036 | 1096 |
else { |
1037 | 1097 |
foreach ($ldap_types as $ldap_type_id => $ldap_class_info) { |
1038 |
require_once($ldap_class_info['directory_path'] . '/' . $ldap_class_info['class'] . '.class.php');
|
|
1039 |
$ldap_types[$ldap_type_id] = new $ldap_class_info['class']; |
|
1098 |
require_once $ldap_class_info['directory_path'] . '/' . $ldap_class_info['class'] . '.class.php';
|
|
1099 |
$ldap_types[$ldap_type_id] = new $ldap_class_info['class']();
|
|
1040 | 1100 |
} |
1041 | 1101 |
} |
1042 | 1102 |
} |
... | ... | |
1048 | 1108 |
} |
1049 | 1109 |
} |
1050 | 1110 |
|
1051 |
|
|
1111 |
/** |
|
1112 |
* |
|
1113 |
*/ |
|
1052 | 1114 |
function ldap_servers_no_enabled_servers_msg($action) { |
1053 | 1115 |
|
1054 | 1116 |
$servers = ldap_servers_get_servers(NULL, 'enabled'); |
Formats disponibles : Unified diff
Weekly update of contrib modules