Révision 32700c57
Ajouté par Assos Assos il y a environ 5 ans
| drupal7/sites/all/modules/ldap/ldap_user/ldap_user.ws.inc | ||
|---|---|---|
| 2 | 2 |
|
| 3 | 3 |
/** |
| 4 | 4 |
* @file |
| 5 |
* functions related to REST webservices for LDAP User module |
|
| 6 |
* |
|
| 7 |
* ldap/user/ws/<action>/<direction_tag>/<drupal username|dn>/<api_key> |
|
| 8 |
* |
|
| 9 |
* action = 'create', 'synch', 'query', 'disable', or 'delete' |
|
| 10 |
* direction_tag = 'todrupal', 'toldap', or '', or 'none' |
|
| 11 |
* drupal_user_name = drupal user. if direction is toldap, its the ldap associatied drupal user name. |
|
| 12 |
* key = user entered api key |
|
| 13 |
* |
|
| 14 |
* e.g. |
|
| 15 |
* https://intranet.mycompany.com/ldap/user/ws/create/todrupal/jdoe/dsfew32423rewr3224243 |
|
| 16 |
* https://intranet.mycompany.com/ldap/user/ws/synch/todrupal/jdoe/dsfew32423rewr3224243 |
|
| 5 |
* Functions related to REST webservices for LDAP User module. |
|
| 17 | 6 |
* |
| 7 |
* DO NOT USE THIS CODE, it is unsupported and only left for those relying on |
|
| 8 |
* these functions already. |
|
| 9 |
* |
|
| 10 |
* @codingStandardsIgnoreFile |
|
| 18 | 11 |
*/ |
| 19 | 12 |
|
| 13 |
/** |
|
| 14 |
* @deprecated |
|
| 15 |
*/ |
|
| 20 | 16 |
function _ldap_user_ws_urls_item_list() {
|
| 21 | 17 |
global $base_url; |
| 22 | 18 |
$base = '<br/>' . $base_url . '/' . LDAP_USER_WS_USER_PATH; |
| 23 | 19 |
$ldap_user_conf = new LdapUserConf(); |
| 24 | 20 |
$key = $ldap_user_conf->wsKey; |
| 25 |
$item_list = array(
|
|
| 21 |
$item_list = [
|
|
| 26 | 22 |
'Create: Drupal User based on LDAP Entry: ' . $base . "/create/todrupal/[username]|[dn]/$key", |
| 27 | 23 |
'Synch: LDAP Entry to Drupal User: ' . $base . "/synch/todrupal/[username]|[dn]/$key", |
| 28 | 24 |
'Disable: Drupal User: ' . $base . "/disable/todrupal/[username]|[dn]/$key", |
| ... | ... | |
| 30 | 26 |
'Create: LDAP Entry based on Drupal User: ' . $base . "/create/toldap/[username]/$key", |
| 31 | 27 |
'Synch: Drupal User to LDAP Entry: ' . $base . "/synch/toldap/[username]/$key", |
| 32 | 28 |
'Query: LDAP Associated Drupal User Exists: ' . $base . "/query/none/[username]|[dn]/$key", |
| 33 |
);
|
|
| 29 |
];
|
|
| 34 | 30 |
return $item_list; |
| 35 | 31 |
} |
| 36 | 32 |
|
| 37 |
|
|
| 38 | 33 |
/** |
| 39 |
* @todo: this needs work in a few areas: |
|
| 40 |
* - urls shoudl follow REST conventions |
|
| 41 |
* - returns should also follow REST conventions |
|
| 42 |
* - more error catching and $out should be an array that is output in a REST format |
|
| 34 |
* @deprecated |
|
| 43 | 35 |
*/ |
| 44 |
|
|
| 45 | 36 |
function ldap_user_ws($action, $direction_tag, $drupal_user_name_or_dn, $key) {
|
| 46 | 37 |
|
| 47 | 38 |
$action = check_plain($action); |
| 48 | 39 |
$key = urldecode($key); |
| 49 | 40 |
|
| 50 |
|
|
| 51 | 41 |
if (!$ldap_user_conf->wsEnabled) {
|
| 52 |
return ldap_user_ws_out(array(0, t('Webservice Not Enabled')));
|
|
| 42 |
return ldap_user_ws_out([0, t('Webservice Not Enabled')]);
|
|
| 53 | 43 |
} |
| 54 |
elseif ($key != $ldap_user_conf->wsKey) { // ldap_servers_encrypt($ldap_user_conf->wsKey, LDAP_SERVERS_ENC_TYPE_BLOWFISH)
|
|
| 55 |
return ldap_user_ws_out(array(0, t('Bad Webservice Key')));
|
|
| 44 |
// ldap_servers_encrypt($ldap_user_conf->wsKey, LDAP_SERVERS_ENC_TYPE_BLOWFISH) |
|
| 45 |
elseif ($key != $ldap_user_conf->wsKey) {
|
|
| 46 |
return ldap_user_ws_out([0, t('Bad Webservice Key')]);
|
|
| 56 | 47 |
} |
| 57 | 48 |
elseif (!in_array($_SERVER['REMOTE_ADDR'], array_values($ldap_user_conf->wsUserIps))) {
|
| 58 |
return ldap_user_ws_out(array(0, t('Request from non-allowed IP Address')));
|
|
| 49 |
return ldap_user_ws_out([0, t('Request from non-allowed IP Address')]);
|
|
| 59 | 50 |
} |
| 60 | 51 |
|
| 61 | 52 |
if ($direction_tag == 'todrupal') {
|
| ... | ... | |
| 68 | 59 |
$sid = $ldap_user_conf->ldapEntryProvisionServer; |
| 69 | 60 |
$ldap_server = ldap_servers_get_servers($sid, NULL, TRUE); |
| 70 | 61 |
} |
| 71 |
else {
|
|
| 62 |
else {
|
|
| 72 | 63 |
$direction = LDAP_USER_PROV_DIRECTION_NONE; |
| 73 | 64 |
$sid = LDAP_USER_NO_SERVER_SID; |
| 74 | 65 |
$ldap_server = FALSE; |
| ... | ... | |
| 85 | 76 |
$ldap_user_conf = new LdapUserConf(); |
| 86 | 77 |
|
| 87 | 78 |
$drupal_user = ($action == 'create' || $drupal_user_name === FALSE) ? FALSE : user_load_by_name($drupal_user_name); |
| 88 |
$user_edit = array();
|
|
| 89 |
$account = array();
|
|
| 79 |
$user_edit = [];
|
|
| 80 |
$account = [];
|
|
| 90 | 81 |
|
| 91 | 82 |
switch ($action) {
|
| 92 | 83 |
case 'create': |
| ... | ... | |
| 95 | 86 |
$new_account = $ldap_user_conf->provisionDrupalAccount($account, $user_edit, $ldap_user, TRUE); |
| 96 | 87 |
// @todo return boolean on first line, not human readable message |
| 97 | 88 |
$text = ($new_account) ? 'Created Account ' . $drupal_user_name : 'Fails to Create Account ' . $drupal_user_name; |
| 98 |
return ldap_user_ws_out(array((boolean)($new_account), $text));
|
|
| 89 |
return ldap_user_ws_out([(boolean) ($new_account), $text]);
|
|
| 99 | 90 |
} |
| 100 | 91 |
elseif ($direction = LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY) {
|
| 101 |
$provision_result = $ldap_user_conf->provisionLdapEntry($drupal_user_name); // no need for ldap_user_ldap_provision_semaphore call with webservice since not tied to single user like logon process |
|
| 92 |
// No need for ldap_user_ldap_provision_semaphore call with webservice since not tied to single user like logon process. |
|
| 93 |
$provision_result = $ldap_user_conf->provisionLdapEntry($drupal_user_name); |
|
| 102 | 94 |
// @todo turn result array into response |
| 103 | 95 |
} |
| 104 |
break; |
|
| 96 |
break;
|
|
| 105 | 97 |
|
| 106 | 98 |
case 'synch': |
| 107 | 99 |
if ($direction = LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) {
|
| 108 | 100 |
$saved_account = $ldap_user_conf->synchToDrupalAccount($drupal_user, $user_edit, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER, $ldap_user, TRUE); |
| 109 | 101 |
$text = ($saved_account) ? 'Updated Account ' . $drupal_user_name : 'Failed to Update Account ' . $drupal_user_name; |
| 110 |
return ldap_user_ws_out(array((boolean)($saved_account), $text));
|
|
| 102 |
return ldap_user_ws_out([(boolean) ($saved_account), $text]);
|
|
| 111 | 103 |
} |
| 112 | 104 |
elseif ($direction = LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY) {
|
| 113 | 105 |
$boolean_result = $ldap_user_conf->synchToLdapEntry($drupal_user_name); |
| 114 | 106 |
// @todo turn result array into response |
| 115 | 107 |
} |
| 116 |
break; |
|
| 108 |
break;
|
|
| 117 | 109 |
|
| 118 | 110 |
case 'disable': |
| 119 | 111 |
if ($direction = LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) {
|
| 120 | 112 |
$drupal_user->status = 0; |
| 121 |
$edit = array('status' => 0);
|
|
| 122 |
$saved_account = user_save($drupal_user, array('status' => 0));
|
|
| 123 |
return ldap_user_ws_out(array((boolean)($saved_account), 'Disabled Account ' . $drupal_user_name));
|
|
| 113 |
$edit = ['status' => 0];
|
|
| 114 |
$saved_account = user_save($drupal_user, ['status' => 0]);
|
|
| 115 |
return ldap_user_ws_out([(boolean) ($saved_account), 'Disabled Account ' . $drupal_user_name]);
|
|
| 124 | 116 |
} |
| 125 |
break; |
|
| 117 |
break;
|
|
| 126 | 118 |
|
| 127 | 119 |
case 'delete': |
| 128 | 120 |
if ($direction = LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) {
|
| 129 | 121 |
user_delete($drupal_user->uid); |
| 130 |
return ldap_user_ws_out(array(1, 'Deleted Account ' . $drupal_user_name));
|
|
| 122 |
return ldap_user_ws_out([1, 'Deleted Account ' . $drupal_user_name]);
|
|
| 131 | 123 |
} |
| 132 | 124 |
elseif ($direction = LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY) {
|
| 133 | 125 |
// @todo implement delete ldap record and call ldap_user event handler for delete account |
| 134 | 126 |
} |
| 135 |
break; |
|
| 127 |
break;
|
|
| 136 | 128 |
} |
| 137 | 129 |
return $out; |
| 138 | 130 |
|
| 139 | 131 |
} |
| 140 | 132 |
|
| 133 |
/** |
|
| 134 |
* @deprecated |
|
| 135 |
*/ |
|
| 141 | 136 |
function ldap_user_ws_out($response) {
|
| 142 | 137 |
return join("\n", $response);
|
| 143 | 138 |
} |
Formats disponibles : Unified diff
Weekly update of contrib modules