Révision 7547bb19
Ajouté par Assos Assos il y a environ 7 ans
drupal7/sites/all/modules/captcha/captcha.admin.inc | ||
---|---|---|
41 | 41 |
function captcha_admin_settings() { |
42 | 42 |
module_load_include('inc', 'captcha'); |
43 | 43 |
|
44 |
// Use javascript for some added usability on admin form.
|
|
44 |
// Use JavaScript for some added usability on admin form.
|
|
45 | 45 |
drupal_add_js(drupal_get_path('module', 'captcha') . '/captcha.js'); |
46 | 46 |
|
47 | 47 |
// Configuration of which forms to protect, with what challenge. |
drupal7/sites/all/modules/captcha/captcha.inc | ||
---|---|---|
39 | 39 |
db_delete('captcha_points')->condition('form_id', $form_id)->execute(); |
40 | 40 |
} |
41 | 41 |
// Handle a captcha_type object. |
42 |
elseif (is_object($captcha_type) && isset($captcha_type->module) && isset($captcha_type->captcha_type)) {
|
|
42 |
elseif (is_object($captcha_type) && !empty($captcha_type->module) && !empty($captcha_type->captcha_type)) {
|
|
43 | 43 |
db_merge('captcha_points') |
44 | 44 |
->key(array('form_id' => $form_id)) |
45 | 45 |
->fields(array('module' => $captcha_type->module, 'captcha_type' => $captcha_type->captcha_type)) |
... | ... | |
104 | 104 |
if (!$captcha_point) { |
105 | 105 |
$captcha_point = NULL; |
106 | 106 |
} |
107 |
elseif ($captcha_point->captcha_type == 'default') { |
|
107 |
elseif (!empty($captcha_point->captcha_type) && $captcha_point->captcha_type == 'default') {
|
|
108 | 108 |
if (!$symbolic) { |
109 | 109 |
list($module, $type) = explode('/', variable_get('captcha_default_challenge', 'captcha/Math')); |
110 | 110 |
$captcha_point->module = $module; |
... | ... | |
114 | 114 |
$captcha_point = 'default'; |
115 | 115 |
} |
116 | 116 |
} |
117 |
elseif ($captcha_point->module == NULL && $captcha_point->captcha_type == NULL && $symbolic) {
|
|
117 |
elseif (empty($captcha_point->module) && empty($captcha_point->captcha_type) && $symbolic) {
|
|
118 | 118 |
$captcha_point = 'none'; |
119 | 119 |
} |
120 | 120 |
elseif ($symbolic) { |
121 | 121 |
$captcha_point = $captcha_point->module . '/' . $captcha_point->captcha_type; |
122 | 122 |
} |
123 |
|
|
123 | 124 |
return $captcha_point; |
124 | 125 |
} |
125 | 126 |
|
drupal7/sites/all/modules/captcha/captcha.info | ||
---|---|---|
10 | 10 |
files[] = captcha.install |
11 | 11 |
files[] = captcha.test |
12 | 12 |
|
13 |
; Information added by Drupal.org packaging script on 2015-03-27
|
|
14 |
version = "7.x-1.3"
|
|
13 |
; Information added by Drupal.org packaging script on 2017-02-15
|
|
14 |
version = "7.x-1.4"
|
|
15 | 15 |
core = "7.x" |
16 | 16 |
project = "captcha" |
17 |
datestamp = "1427464219"
|
|
17 |
datestamp = "1487198287"
|
|
18 | 18 |
|
drupal7/sites/all/modules/captcha/captcha.js | ||
---|---|---|
4 | 4 |
attach: function (context) { |
5 | 5 |
|
6 | 6 |
// Turn off autocompletion for the CAPTCHA response field. |
7 |
// We do it here with Javascript (instead of directly in the markup)
|
|
7 |
// We do it here with JavaScript (instead of directly in the markup)
|
|
8 | 8 |
// because this autocomplete attribute is not standard and |
9 | 9 |
// it would break (X)HTML compliance. |
10 | 10 |
$("#edit-captcha-response").attr("autocomplete", "off"); |
drupal7/sites/all/modules/captcha/captcha.module | ||
---|---|---|
157 | 157 |
'#process' => array('captcha_element_process'), |
158 | 158 |
// The type of challenge: e.g. 'default', 'none', 'captcha/Math', 'image_captcha/Image'. |
159 | 159 |
'#captcha_type' => 'default', |
160 |
// Forces captcha validation for all cases if TRUE. |
|
161 |
'#captcha_always' => FALSE, |
|
160 | 162 |
'#default_value' => '', |
161 | 163 |
// CAPTCHA in admin mode: presolve the CAPTCHA and always show it (despite previous successful responses). |
162 | 164 |
'#captcha_admin_mode' => FALSE, |
... | ... | |
179 | 181 |
|
180 | 182 |
module_load_include('inc', 'captcha'); |
181 | 183 |
|
182 |
// Add Javascript for general CAPTCHA functionality.
|
|
184 |
// Add JavaScript for general CAPTCHA functionality.
|
|
183 | 185 |
drupal_add_js(drupal_get_path('module', 'captcha') . '/captcha.js'); |
184 | 186 |
|
185 | 187 |
// Prevent caching of the page with CAPTCHA elements. |
186 | 188 |
// This needs to be done even if the CAPTCHA will be ommitted later: |
187 | 189 |
// other untrusted users should not get a cached page when |
188 | 190 |
// the current untrusted user can skip the current CAPTCHA. |
189 |
global $conf; |
|
190 |
$conf['cache'] = FALSE; |
|
191 |
drupal_page_is_cacheable(FALSE); |
|
191 | 192 |
|
192 | 193 |
// Get the form ID of the form we are currently processing (which is not |
193 | 194 |
// necessary the same form that is submitted (if any). |
... | ... | |
254 | 255 |
'captcha_sid' => $captcha_sid, |
255 | 256 |
); |
256 | 257 |
|
257 |
if (_captcha_required_for_user($captcha_sid, $this_form_id) || $element['#captcha_admin_mode']) { |
|
258 |
if (_captcha_required_for_user($captcha_sid, $this_form_id) || $element['#captcha_admin_mode'] || $element['#captcha_always']) {
|
|
258 | 259 |
// Generate a CAPTCHA and its solution |
259 | 260 |
// (note that the CAPTCHA session ID is given as third argument). |
260 | 261 |
$captcha = module_invoke($captcha_type_module, 'captcha', 'generate', $captcha_type_challenge, $captcha_sid); |
... | ... | |
594 | 595 |
* if the values could not be found, e.g. for a fresh form). |
595 | 596 |
*/ |
596 | 597 |
function _captcha_get_posted_captcha_info($element, $form_state, $this_form_id) { |
597 |
if ($form_state['submitted'] && isset($form_state['captcha_info'])) { |
|
598 |
//Handle Ajax scenarios |
|
599 |
if (!empty($form_state['rebuild_info'])) { |
|
600 |
if (!empty($form_state['captcha_info']['posted_form_id'])) { |
|
601 |
$posted_form_id = $form_state['captcha_info']['posted_form_id']; |
|
602 |
} |
|
603 |
else { |
|
604 |
$posted_form_id = $form_state['input']['form_id']; |
|
605 |
} |
|
606 |
|
|
607 |
$posted_captcha_sid = $form_state['captcha_info']['captcha_sid']; |
|
608 |
} |
|
609 |
else if ($form_state['submitted'] && isset($form_state['captcha_info'])) { |
|
598 | 610 |
// We are handling (or rebuilding) an already submitted form, |
599 | 611 |
// so we already determined the posted form ID and CAPTCHA session ID |
600 | 612 |
// for this form (from before submitting). Reuse this info. |
... | ... | |
764 | 776 |
// of multi-page forms. Take previewing a node submission for example: |
765 | 777 |
// when the challenge is solved correctely on preview, the form is still |
766 | 778 |
// not completely submitted, but the CAPTCHA can be skipped. |
767 |
if (_captcha_required_for_user($captcha_sid, $form_id) || $element['#captcha_admin_mode']) { |
|
779 |
if (_captcha_required_for_user($captcha_sid, $form_id) || $element['#captcha_admin_mode'] || $element['#captcha_always']) {
|
|
768 | 780 |
// Update captcha_sessions table: store the solution of the generated CAPTCHA. |
769 | 781 |
_captcha_update_captcha_session($captcha_sid, $captcha_info['solution']); |
770 | 782 |
|
drupal7/sites/all/modules/captcha/captcha.test | ||
---|---|---|
60 | 60 |
|
61 | 61 |
function setUp() { |
62 | 62 |
// Load two modules: the captcha module itself and the comment module for testing anonymous comments. |
63 |
parent::setUp('captcha', 'comment'); |
|
63 |
$modules = func_get_args(); |
|
64 |
if (isset($modules[0]) && is_array($modules[0])) { |
|
65 |
$modules = $modules[0]; |
|
66 |
} |
|
67 |
parent::setUp(array_merge(array('captcha', 'comment'), $modules)); |
|
64 | 68 |
module_load_include('inc', 'captcha'); |
65 | 69 |
|
66 | 70 |
// Create a normal user. |
... | ... | |
602 | 606 |
// Set CAPTCHA on user register form. |
603 | 607 |
captcha_set_form_id_setting('user_register', 'captcha/Math'); |
604 | 608 |
|
605 |
// Put Javascript snippet in CAPTCHA description.
|
|
609 |
// Put JavaScript snippet in CAPTCHA description.
|
|
606 | 610 |
$this->drupalLogin($this->admin_user); |
607 | 611 |
$xss = '<script type="text/javascript">alert("xss")</script>'; |
608 | 612 |
$edit = array('captcha_description' => $xss); |
609 | 613 |
$this->drupalPost(self::CAPTCHA_ADMIN_PATH, $edit, 'Save configuration'); |
610 | 614 |
|
611 |
// Visit user register form and check if Javascript snippet is there.
|
|
615 |
// Visit user register form and check if JavaScript snippet is there.
|
|
612 | 616 |
$this->drupalLogout(); |
613 | 617 |
$this->drupalGet('user/register'); |
614 |
$this->assertNoRaw($xss, 'Javascript should not be allowed in CAPTCHA description.', 'CAPTCHA');
|
|
618 |
$this->assertNoRaw($xss, 'JavaScript should not be allowed in CAPTCHA description.', 'CAPTCHA');
|
|
615 | 619 |
|
616 | 620 |
} |
617 | 621 |
|
drupal7/sites/all/modules/captcha/image_captcha/image_captcha.admin.inc | ||
---|---|---|
14 | 14 |
|
15 | 15 |
// Add CSS for theming of admin form. |
16 | 16 |
$form['#attached']['css'] = array(drupal_get_path('module', 'image_captcha') . '/image_captcha.css'); |
17 |
// Use javascript for some added usability on admin form.
|
|
17 |
// Use JavaScript for some added usability on admin form.
|
|
18 | 18 |
$form['#attached']['js'] = array(drupal_get_path('module', 'image_captcha') . '/image_captcha.js'); |
19 | 19 |
|
20 | 20 |
// First some error checking. |
drupal7/sites/all/modules/captcha/image_captcha/image_captcha.info | ||
---|---|---|
9 | 9 |
files[] = image_captcha.module |
10 | 10 |
files[] = image_captcha.admin.inc |
11 | 11 |
files[] = image_captcha.user.inc |
12 |
files[] = image_captcha.test |
|
12 | 13 |
|
13 |
; Information added by Drupal.org packaging script on 2015-03-27
|
|
14 |
version = "7.x-1.3"
|
|
14 |
; Information added by Drupal.org packaging script on 2017-02-15
|
|
15 |
version = "7.x-1.4"
|
|
15 | 16 |
core = "7.x" |
16 | 17 |
project = "captcha" |
17 |
datestamp = "1427464219"
|
|
18 |
datestamp = "1487198287"
|
|
18 | 19 |
|
drupal7/sites/all/modules/captcha/image_captcha/image_captcha.module | ||
---|---|---|
244 | 244 |
'ts' => REQUEST_TIME, |
245 | 245 |
), |
246 | 246 |
); |
247 |
$img_src = check_url(url("image_captcha", $options));
|
|
247 |
$img_src = drupal_strip_dangerous_protocols(url("image_captcha", $options));
|
|
248 | 248 |
list($width, $height) = _image_captcha_image_size($code); |
249 | 249 |
$result['form']['captcha_image'] = array( |
250 | 250 |
'#theme' => 'image', |
drupal7/sites/all/modules/captcha/image_captcha/image_captcha.test | ||
---|---|---|
1 |
<?php |
|
2 |
|
|
3 |
/** |
|
4 |
* @file |
|
5 |
* Tests for the Image CAPTCHA module. |
|
6 |
*/ |
|
7 |
|
|
8 |
class ImageCaptchaWebTestCase extends CaptchaBaseWebTestCase { |
|
9 |
|
|
10 |
public static function getInfo() { |
|
11 |
return array( |
|
12 |
'name' => 'General Image CAPTCHA functionality', |
|
13 |
'description' => 'Testing of the basic Image CAPTCHA functions.', |
|
14 |
'group' => 'CAPTCHA', |
|
15 |
); |
|
16 |
} |
|
17 |
|
|
18 |
public function setUp() { |
|
19 |
parent::setUp('image_captcha'); |
|
20 |
} |
|
21 |
|
|
22 |
/** |
|
23 |
* Helper function to get the CAPTCHA image element from the current form. |
|
24 |
*/ |
|
25 |
protected function getCaptchaImageFromForm() { |
|
26 |
$elements = $this->xpath('//input[@name="captcha_sid"]/../img'); |
|
27 |
return $elements[0]; |
|
28 |
} |
|
29 |
|
|
30 |
/** |
|
31 |
* Helper function to get a CAPTCHA form. |
|
32 |
*/ |
|
33 |
protected function getImageCaptchaForm($form_id = 'user_login', $page = 'user') { |
|
34 |
// Set a CAPTCHA on supplied form. |
|
35 |
captcha_set_form_id_setting($form_id, 'image_captcha/Image'); |
|
36 |
|
|
37 |
// Fetch the page and make sure that we got a CAPTCHA. |
|
38 |
$this->drupalGet($page); |
|
39 |
$this->assertCaptchaPresence(TRUE); |
|
40 |
} |
|
41 |
|
|
42 |
/** |
|
43 |
* Asserts that the image URL actually returns an image. |
|
44 |
*/ |
|
45 |
protected function assertNonEmptyImage() { |
|
46 |
$img = $this->getCaptchaImageFromForm(); |
|
47 |
|
|
48 |
// Try to fetch the image. |
|
49 |
$this->drupalGet($this->getAbsoluteUrl($img['src'])); |
|
50 |
$this->assertTrue($this->drupalGetHeader('Content-Length') > 0, |
|
51 |
'Image CAPTCHA image is not empty.'); |
|
52 |
} |
|
53 |
|
|
54 |
/** |
|
55 |
* Tests if the image URL actually returns an image with clean URLs enabled. |
|
56 |
*/ |
|
57 |
public function testNonEmptyImageCleanURLs() { |
|
58 |
variable_set('clean_url', 1); |
|
59 |
$this->getImageCaptchaForm(); |
|
60 |
$this->assertNonEmptyImage(); |
|
61 |
} |
|
62 |
|
|
63 |
/** |
|
64 |
* Tests if the image URL actually returns an image with clean URLs disabled. |
|
65 |
*/ |
|
66 |
public function testNonEmptyImageDirtyURLs() { |
|
67 |
variable_set('clean_url', 0); |
|
68 |
$this->getImageCaptchaForm(); |
|
69 |
$this->assertNonEmptyImage(); |
|
70 |
} |
|
71 |
|
|
72 |
} |
drupal7/sites/all/modules/ldap/ldap_authentication/LdapAuthenticationConf.class.php | ||
---|---|---|
303 | 303 |
|
304 | 304 |
$this->ldapUser = new LdapUserConf(); |
305 | 305 |
$this->ssoEnabled = module_exists('ldap_sso'); |
306 |
$this->apiPrefs['requireHttps'] = variable_get('ldap_servers_require_ssl_for_credentails', 0);
|
|
306 |
$this->apiPrefs['requireHttps'] = variable_get('ldap_servers_require_ssl_for_credentials', 0);
|
|
307 | 307 |
$this->apiPrefs['encryption'] = variable_get('ldap_servers_encryption', LDAP_SERVERS_ENC_TYPE_CLEARTEXT); |
308 | 308 |
|
309 | 309 |
} |
drupal7/sites/all/modules/ldap/ldap_authentication/LdapAuthenticationConfAdmin.class.php | ||
---|---|---|
69 | 69 |
*/ |
70 | 70 |
|
71 | 71 |
$values['emailOptionOptions'] = array( |
72 |
LDAP_AUTHENTICATION_EMAIL_FIELD_REMOVE => t('Don\'t show an email field on user forms. LDAP derived email will be used for user and connot be changed by user'),
|
|
73 |
LDAP_AUTHENTICATION_EMAIL_FIELD_DISABLE => t('Show disabled email field on user forms with LDAP derived email. LDAP derived email will be used for user and connot be changed by user'),
|
|
74 |
LDAP_AUTHENTICATION_EMAIL_FIELD_ALLOW => t('Leave email field on user forms enabled. Generally used when provisioning to LDAP or not using email derived from LDAP.'),
|
|
72 |
LDAP_AUTHENTICATION_EMAIL_FIELD_REMOVE => t('Don\'t show an email field on user forms. LDAP derived email will be used for user and cannot be changed by user.'),
|
|
73 |
LDAP_AUTHENTICATION_EMAIL_FIELD_DISABLE => t('Show disabled email field on user forms with LDAP derived email. LDAP derived email will be used for user and cannot be changed by user.'),
|
|
74 |
LDAP_AUTHENTICATION_EMAIL_FIELD_ALLOW => t('Leave email field on user forms enabled. Generally used when provisioning to LDAP or not using email derived from LDAP.'), |
|
75 | 75 |
); |
76 | 76 |
|
77 | 77 |
$values['emailUpdateOptions'] = array( |
drupal7/sites/all/modules/ldap/ldap_authentication/ldap_authentication.inc | ||
---|---|---|
461 | 461 |
|
462 | 462 |
// don't pass in ldap user to provisionDrupalAccount, because want to requery with correct attributes needed |
463 | 463 |
// this may be a case where efficiency dictates querying for all attributes |
464 |
$drupal_account = $auth_conf->ldapUser->provisionDrupalAccount(NULL, $user_edit, NULL, TRUE);
|
|
464 |
$drupal_account = $auth_conf->ldapUser->provisionDrupalAccount(NULL, $user_edit, $ldap_user, TRUE);
|
|
465 | 465 |
|
466 | 466 |
if ($drupal_account === FALSE) { |
467 | 467 |
watchdog('ldap_user', 'Failed to find or create %drupal_accountname on logon.', $watchdog_tokens, WATCHDOG_ERROR); |
drupal7/sites/all/modules/ldap/ldap_authentication/ldap_authentication.info | ||
---|---|---|
14 | 14 |
files[] = ldap_authentication.admin.inc |
15 | 15 |
files[] = tests/ldap_authentication.test |
16 | 16 |
|
17 |
; Information added by Drupal.org packaging script on 2016-08-07
|
|
18 |
version = "7.x-2.0-beta11"
|
|
17 |
; Information added by Drupal.org packaging script on 2017-02-15
|
|
18 |
version = "7.x-2.0-beta12"
|
|
19 | 19 |
core = "7.x" |
20 | 20 |
project = "ldap" |
21 |
datestamp = "1470608343"
|
|
21 |
datestamp = "1487199794"
|
|
22 | 22 |
|
drupal7/sites/all/modules/ldap/ldap_authentication/ldap_authentication.module | ||
---|---|---|
81 | 81 |
'type' => MENU_CALLBACK, |
82 | 82 |
'file' => 'ldap_authentication.pages.inc', |
83 | 83 |
); |
84 |
|
|
84 |
|
|
85 | 85 |
$items['admin/config/people/ldap/authentication'] = array( |
86 | 86 |
'title' => 'Authentication', |
87 | 87 |
'description' => 'Configure LDAP Authentication', |
... | ... | |
183 | 183 |
/** |
184 | 184 |
* Helper function that determines whether or not the user's profile |
185 | 185 |
* is valid or needs to be updated on login. |
186 |
*
|
|
186 |
* |
|
187 | 187 |
* Currently this only checks if mail is valid or not according to the |
188 | 188 |
* authentication settings. |
189 |
*
|
|
189 |
* |
|
190 | 190 |
* @return boolean |
191 | 191 |
* TRUE if the user's profile is valid, otherwise FALSE. |
192 |
*
|
|
192 |
* |
|
193 | 193 |
*/ |
194 | 194 |
function _ldap_authentication_verify_user_profile() { |
195 | 195 |
global $user; |
... | ... | |
262 | 262 |
|
263 | 263 |
|
264 | 264 |
/** |
265 |
* Determines if the passed user has a valid authmap record. |
|
265 | 266 |
* |
266 | 267 |
* @param object $user |
268 |
* A drupal user account. |
|
269 |
* |
|
267 | 270 |
* @return boolean |
268 | 271 |
* true if user is recorded as ldap authenticated and identified (ldap_authentified) |
269 | 272 |
*/ |
270 |
|
|
271 | 273 |
function ldap_authentication_ldap_authenticated($user) { |
272 |
|
|
273 |
if (is_numeric($user)) { |
|
274 |
$user = @user_load((int)$user); |
|
275 |
} |
|
276 | 274 |
if (!is_object($user) || $user->uid == 0) { |
277 | 275 |
return FALSE; |
278 | 276 |
} |
... | ... | |
321 | 319 |
|
322 | 320 |
$use_warnings = array(); |
323 | 321 |
$auth_conf = ldap_authentication_get_valid_conf(); |
324 |
if ($auth_conf && in_array($sid, array_keys($auth_conf->sids))) { |
|
322 |
if ($auth_conf && in_array($sid, array_keys($auth_conf->sids)) && !empty($auth_conf->sids[$sid])) {
|
|
325 | 323 |
$use_warnings[] = t('This server (%server_name) may not be deleted or |
326 | 324 |
disabled because it is being used for ldap authentication.', |
327 | 325 |
array('%server_name' => $server_name)); |
... | ... | |
335 | 333 |
global $user; |
336 | 334 |
} |
337 | 335 |
$auth_conf = ldap_authentication_get_valid_conf(); |
338 |
if (current_path() == 'user/password' || $user->uid == 1 || !$auth_conf) { |
|
336 |
// Hide user/password form if ldap authentication is required and deny access |
|
337 |
// to users without ldap authorizations is enabled |
|
338 |
if ($user->uid == 1 || $auth_conf || (current_path() == 'user/password' && $auth_conf->authenticationMode != LDAP_AUTHENTICATION_EXCLUSIVE)) { |
|
339 | 339 |
return TRUE; |
340 | 340 |
// always show at user/passwordurl. otherwise user 1 will not be able to reset password. |
341 | 341 |
} |
drupal7/sites/all/modules/ldap/ldap_authentication/ldap_authentication.rules.inc | ||
---|---|---|
12 | 12 |
'ldap_user_created' => array( |
13 | 13 |
'label' => t('User created from LDAP entry'), |
14 | 14 |
'module' => 'ldap_authentication', |
15 |
'arguments' => array( |
|
15 |
'group' => t('User'), |
|
16 |
'variables' => array( |
|
16 | 17 |
'user' => array( |
17 | 18 |
'type' => 'user', |
18 | 19 |
'label' => t('The user created.'), |
drupal7/sites/all/modules/ldap/ldap_authentication/tests/ldap_authentication.test | ||
---|---|---|
391 | 391 |
$this->ldapTestId = "testSSO._SERVER-key=$server_var_key sso_name=$sso_name path=$test_path ldapImplementation=$ldapImplementation seamlessLogin=$seamlessLogin"; |
392 | 392 |
$ldapAuthenticationConf = $this->setSsoServerEnvironment($server_var_key, $sso_name, $ldapImplementation, $seamlessLogin); |
393 | 393 |
$this->drupalGet($test_path); |
394 |
$this->assertText(t('Member for'), 'Successful logon.', $this->ldapTestId); |
|
394 |
// @FIXME: Broken test |
|
395 |
// $this->assertText(t('Member for'), 'Successful logon.', $this->ldapTestId); |
|
395 | 396 |
$this->drupalGet('user/logout'); |
396 | 397 |
} |
397 | 398 |
} |
drupal7/sites/all/modules/ldap/ldap_authorization/LdapAuthorizationConsumerConfAdmin.class.php | ||
---|---|---|
132 | 132 |
|
133 | 133 |
$form['status']['only_ldap_authenticated'] = array( |
134 | 134 |
'#type' => 'checkbox', |
135 |
'#title' => t('Only apply the following LDAP to !consumer_name configuration to users authenticated via LDAP. On uncommon reason for disabling this is when you are using Drupal authentication, but want to leverage LDAP for authorization; for this to work the Drupal username still has to map to an LDAP entry.', $consumer_tokens), |
|
135 |
'#title' => t('Only apply the following LDAP to !consumer_name configuration to users authenticated via LDAP. One uncommon reason for disabling this is when you are using Drupal authentication, but want to leverage LDAP for authorization; for this to work the Drupal username still has to map to an LDAP entry.', $consumer_tokens),
|
|
136 | 136 |
'#default_value' => $this->onlyApplyToLdapAuthenticated, |
137 | 137 |
); |
138 | 138 |
|
drupal7/sites/all/modules/ldap/ldap_authorization/ldap_authorization.info | ||
---|---|---|
14 | 14 |
files[] = ldap_authorization.admin.test.inc |
15 | 15 |
files[] = ldap_authorization.theme.inc |
16 | 16 |
files[] = tests/BasicTests.test |
17 |
files[] = tests/Og1Tests.test |
|
18 | 17 |
files[] = tests/Og2Tests.test |
19 | 18 |
configure = admin/config/people/ldap/authorization |
20 | 19 |
|
21 |
; Information added by Drupal.org packaging script on 2016-08-07
|
|
22 |
version = "7.x-2.0-beta11"
|
|
20 |
; Information added by Drupal.org packaging script on 2017-02-15
|
|
21 |
version = "7.x-2.0-beta12"
|
|
23 | 22 |
core = "7.x" |
24 | 23 |
project = "ldap" |
25 |
datestamp = "1470608343"
|
|
24 |
datestamp = "1487199794"
|
|
26 | 25 |
|
drupal7/sites/all/modules/ldap/ldap_authorization/ldap_authorization_drupal_role/ldap_authorization_drupal_role.info | ||
---|---|---|
9 | 9 |
files[] = ldap_authorization_drupal_role.module |
10 | 10 |
files[] = ldap_authorization_drupal_role.inc |
11 | 11 |
|
12 |
; Information added by Drupal.org packaging script on 2016-08-07
|
|
13 |
version = "7.x-2.0-beta11"
|
|
12 |
; Information added by Drupal.org packaging script on 2017-02-15
|
|
13 |
version = "7.x-2.0-beta12"
|
|
14 | 14 |
core = "7.x" |
15 | 15 |
project = "ldap" |
16 |
datestamp = "1470608343"
|
|
16 |
datestamp = "1487199794"
|
|
17 | 17 |
|
drupal7/sites/all/modules/ldap/ldap_authorization/ldap_authorization_og/LdapAuthorizationConsumerOG.class.php | ||
---|---|---|
585 | 585 |
|
586 | 586 |
$user_edit = array('data' => $user->data); |
587 | 587 |
$user_edit['data']['ldap_authorizations'][$this->consumerType] = $user_auth_data; |
588 |
// Force a reload of the user object, since changes made through the grant- |
|
589 |
// and revoke-functions above might have changed og-related field data. |
|
590 |
// Those changes will not yet be reflected in $user, potentially causing |
|
591 |
// data loss when user_save() is called with stale data. |
|
592 |
$user = user_load($user->uid, TRUE); |
|
588 | 593 |
$user = user_save($user, $user_edit); |
594 |
|
|
589 | 595 |
$user_auth_data = $user->data['ldap_authorizations'][$this->consumerType]; // reset this variable because user save hooks can impact it. |
590 | 596 |
|
591 | 597 |
$this->flushRelatedCaches($consumers, $user); |
drupal7/sites/all/modules/ldap/ldap_authorization/ldap_authorization_og/ldap_authorization_og.info | ||
---|---|---|
13 | 13 |
|
14 | 14 |
core = "7.x" |
15 | 15 |
|
16 |
; Information added by Drupal.org packaging script on 2016-08-07
|
|
17 |
version = "7.x-2.0-beta11"
|
|
16 |
; Information added by Drupal.org packaging script on 2017-02-15
|
|
17 |
version = "7.x-2.0-beta12"
|
|
18 | 18 |
core = "7.x" |
19 | 19 |
project = "ldap" |
20 |
datestamp = "1470608343"
|
|
20 |
datestamp = "1487199794"
|
|
21 | 21 |
|
drupal7/sites/all/modules/ldap/ldap_authorization/tests/BasicTests.test | ||
---|---|---|
226 | 226 |
$roles2 = isset($new_authorizations['drupal_role']) ? $new_authorizations['drupal_role'] : array(); |
227 | 227 |
$correct_roles = (count($roles1) > 0 && count($roles2) == 0); // not worried about which roles here, just that some are granted |
228 | 228 |
|
229 |
/** @FIXME: Broken test |
|
229 | 230 |
$this->assertTrue( |
230 | 231 |
$correct_roles, |
231 | 232 |
'disable consumer configuration disallows authorizations.', |
232 | 233 |
'LDAP_authorz.Flags.status.0' |
233 | 234 |
); |
235 |
*/ |
|
234 | 236 |
if (!$correct_roles) { |
235 | 237 |
debug('LDAP_authorz.Flags.enable.0 roles with enabled'); debug($roles1); |
236 | 238 |
debug('LDAP_authorz.Flags.enable.0 roles with disabled'); debug($roles2); |
... | ... | |
468 | 470 |
} |
469 | 471 |
|
470 | 472 |
public function testUIForms() { |
473 |
// TODO: Fix failing tests, excluding to make branch pass. |
|
474 |
return; |
|
471 | 475 |
|
472 | 476 |
$ldap_simpletest_initial = variable_get('ldap_simpletest', 2); |
473 | 477 |
variable_del('ldap_simpletest'); // need to be out of fake server mode to test ui. |
drupal7/sites/all/modules/ldap/ldap_authorization/tests/Og1Tests.test | ||
---|---|---|
1 |
<?php |
|
2 |
|
|
3 |
/** |
|
4 |
* @file |
|
5 |
* simpletest for Ldap Authorization OG Module |
|
6 |
* |
|
7 |
*/ |
|
8 |
module_load_include('php', 'ldap_test', 'LdapTestCase.class'); |
|
9 |
require_once(drupal_get_path('module', 'ldap_authorization_og') . '/LdapAuthorizationConsumerOG.class.php'); |
|
10 |
|
|
11 |
class LdapAuthorizationOg1Tests extends LdapTestCase { |
|
12 |
|
|
13 |
public $groupEntityType = 'node'; |
|
14 |
public $groupBundle = 'group'; |
|
15 |
public $groupType = 'node'; |
|
16 |
public $group_content_type = NULL; |
|
17 |
public $group_nodes = array(); |
|
18 |
public $user1; |
|
19 |
public $consumerType = 'og_group'; |
|
20 |
public $module_name = 'ldap_authorization_og'; |
|
21 |
protected $ldap_test_data; |
|
22 |
public $customOgRoles = array( |
|
23 |
'dungeon-master' => array('entity_type' => 'node', 'bundle_type' => 'group'), |
|
24 |
'time-keeper' => array('entity_type' => 'node', 'bundle_type' => 'group'), |
|
25 |
); |
|
26 |
|
|
27 |
public static function getInfo() { |
|
28 |
return array( |
|
29 |
'group' => 'LDAP Authorization', |
|
30 |
'name' => 'OG 7.x-1.5 Tests.', |
|
31 |
'description' => 'Test ldap authorization og 1.5', |
|
32 |
); |
|
33 |
} |
|
34 |
|
|
35 |
function __construct($test_id = NULL) { |
|
36 |
parent::__construct($test_id); |
|
37 |
} |
|
38 |
|
|
39 |
//function setUp() { |
|
40 |
// parent::setUp(array( |
|
41 |
// 'ldap_authentication', |
|
42 |
// 'ldap_authorization', |
|
43 |
// 'ldap_authorization_drupal_role', |
|
44 |
// 'ldap_test')); // don't need any real servers, configured, just ldap_servers code base |
|
45 |
// variable_set('ldap_simpletest', 2); |
|
46 |
//} |
|
47 |
|
|
48 |
function setUp($addl_modules = array()) { |
|
49 |
parent::setUp(array('entity', 'ctools', 'og', 'ldap_authentication', 'ldap_authorization', 'ldap_authorization_drupal_role', 'ldap_authorization_og', 'ldap_test', 'og_ui')); |
|
50 |
variable_set('ldap_simpletest', 2); |
|
51 |
|
|
52 |
if (ldap_authorization_og_og_version() != 1) { |
|
53 |
debug('LdapAuthorizationOg1Tests must be run with OG 7.x-1.x'); |
|
54 |
return; |
|
55 |
} |
|
56 |
|
|
57 |
$this->user1 = $this->drupalCreateUser(); |
|
58 |
$this->groups = array(); |
|
59 |
$this->prepTestData(LDAP_TEST_LDAP_NAME, array('activedirectory1')); |
|
60 |
|
|
61 |
/** |
|
62 |
* Group: The entity instance that will have members and content associated with it. |
|
63 |
* Group Entity: entity type: node, bundle: group, name: OG Group |
|
64 |
* Group Instances: $this->group_nodes[$label] |
|
65 |
* |
|
66 |
*/ |
|
67 |
|
|
68 |
|
|
69 |
|
|
70 |
// Create group and group content node types. |
|
71 |
$this->groupBundle = $this->drupalCreateContentType(array( |
|
72 |
'type' => 'group', |
|
73 |
'name' => 'OG Group', |
|
74 |
))->type; |
|
75 |
og_create_field(OG_GROUP_FIELD, $this->groupEntityType, $this->groupBundle); // entity type = "node" and group bundle = "group" |
|
76 |
og_create_field(OG_AUDIENCE_FIELD, $this->groupEntityType, $this->groupBundle); |
|
77 |
|
|
78 |
|
|
79 |
$this->createCustomRoles(); |
|
80 |
// create og group for each group in group csv |
|
81 |
|
|
82 |
$this->testFunctions->populateFakeLdapServerData(LDAP_TEST_LDAP_NAME, 'activedirectory1'); |
|
83 |
$this->testFunctions->getCsvLdapData(LDAP_TEST_LDAP_NAME); |
|
84 |
foreach ($this->testFunctions->csvTables['groups'] as $guid => $group) { |
|
85 |
$label = $group['cn']; |
|
86 |
// $group_type_obj = $this->drupalCreateContentType(array('name' => $label, 'type' => $label)); |
|
87 |
// og_create_field(OG_GROUP_FIELD, 'node', $group_type_obj->type); |
|
88 |
$settings = array(); |
|
89 |
$settings['title'] = $label; |
|
90 |
$settings['type'] = $this->groupBundle; |
|
91 |
$settings[OG_GROUP_FIELD][LANGUAGE_NONE][0]['value'] = 1; |
|
92 |
$group_node = $this->drupalCreateNode($settings); |
|
93 |
$group = og_get_group('node', $group_node->nid); |
|
94 |
$this->group_nodes[$label] = $group_node; |
|
95 |
} |
|
96 |
|
|
97 |
} |
|
98 |
|
|
99 |
public function createCustomRoles() { |
|
100 |
foreach ($this->customOgRoles as $og_role_name => $og_role) { |
|
101 |
$role = new stdClass; |
|
102 |
$role->name = $og_role_name; |
|
103 |
$role->gid = 0; |
|
104 |
$status = og_role_save($role); |
|
105 |
} |
|
106 |
$roles = db_query("SELECT rid, name FROM {og_role}", array())->fetchAllKeyed(); |
|
107 |
} |
|
108 |
|
|
109 |
function deleteAndRecreateUser($cname) { |
|
110 |
if ($user = user_load_by_name($cname)) { |
|
111 |
user_delete($user->uid); |
|
112 |
} |
|
113 |
$user = $this->drupalCreateUser(array()); |
|
114 |
$user = $this->testFunctions->drupalLdapUpdateUser(array('name' => $cname, 'mail' => $cname . '@hogwarts.edu'), TRUE, $user); |
|
115 |
return $user; |
|
116 |
} |
|
117 |
|
|
118 |
function UIGroupMembershipTest($user, $group_node, $test_id = NULL, $assert_true = TRUE) { |
|
119 |
$this->drupalGet('user/' . $user->uid); |
|
120 |
if ($assert_true) { |
|
121 |
$this->assertText($group_node->title, 'User view UI shows group (' . $group_node->title . ') membership listed', $test_id); |
|
122 |
} |
|
123 |
else { |
|
124 |
$this->assertNoText($group_node->title, 'User view UI does not show group (' . $group_node->title . ') membership listed', $test_id); |
|
125 |
} |
|
126 |
$this->drupalGet('node/' . $group_node->nid); |
|
127 |
if ($assert_true) { |
|
128 |
$this->assertText($user->name, 'Group view UI shows user name (' . $user->name . ') in group membership list', $test_id); |
|
129 |
} |
|
130 |
else { |
|
131 |
$this->assertText('Request group membership', 'Group view UI show Request Group Membership form in group membership list', $test_id); |
|
132 |
} |
|
133 |
} |
|
134 |
|
|
135 |
function manualOgGroup($user, $gid, $extra_rids = array()) { |
|
136 |
$values = array('entity' => $user, 'entity_type' => 'user'); |
|
137 |
$user->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][] = array('gid' => $gid); |
|
138 |
og_entity_presave($user, 'user'); |
|
139 |
$user = user_save($user); |
|
140 |
foreach ($extra_rids as $rid) { |
|
141 |
og_role_grant($gid, $user->uid, $rid); |
|
142 |
} |
|
143 |
return user_load($user->uid, TRUE); |
|
144 |
} |
|
145 |
|
|
146 |
/** |
|
147 |
* just make sure install succeeds and og and ldap_authorization_og functions work as designed |
|
148 |
*/ |
|
149 |
function testBasicFunctionsAndApi() { |
|
150 |
$this->ldapTestId = $this->module_name . ': setup success'; |
|
151 |
// just to give warning if setup doesn't succeed. may want to take these out at some point. |
|
152 |
$setup_success = ( |
|
153 |
module_exists('ldap_authentication') && |
|
154 |
module_exists('ldap_servers') && |
|
155 |
module_exists('ldap_authorization') && |
|
156 |
module_exists('ldap_authorization_og') && |
|
157 |
(variable_get('ldap_simpletest', 2) == 2) |
|
158 |
); |
|
159 |
$this->assertTrue($setup_success, ' ldap_authorizations og setup successful', $this->ldapTestId); |
|
160 |
|
|
161 |
$this->ldapTestId = $this->module_name . ': cron test'; |
|
162 |
$this->assertTrue(drupal_cron_run(), t('Cron can run with ldap authorization og enabled.'), $this->ldapTestId); |
|
163 |
$this->assertTrue(ldap_authorization_og_authorization_id(2, 3) == "2-3", |
|
164 |
t('ldap_authorization_og_authorization_id() function works.'), $this->ldapTestId); |
|
165 |
$this->assertTrue(ldap_authorization_og_og_version() == 1, |
|
166 |
t('ldap_authorization_og_og_version() is 1'), $this->ldapTestId); |
|
167 |
|
|
168 |
/*** |
|
169 |
* I. some basic tests to make sure og module's apis are working before testing ldap_authorization_og |
|
170 |
*/ |
|
171 |
|
|
172 |
$web_user = $this->drupalCreateUser(); |
|
173 |
$this->ldapTestId = $this->module_name . ': og functions'; |
|
174 |
|
|
175 |
|
|
176 |
list($og_gryffindor_group, $og_gryffindor_node) = ldap_authorization_og1_get_group('gryffindor', 'group_name'); |
|
177 |
list($og_students_group, $og_students_node) = ldap_authorization_og1_get_group('students', 'group_name'); |
|
178 |
list($og_faculty_group, $og_faculty_node) = ldap_authorization_og1_get_group('faculty', 'group_name'); |
|
179 |
list($og_users_group, $og_users_node) = ldap_authorization_og1_get_group('users', 'group_name'); |
|
180 |
// debug('og_gryffindor_node');debug($og_gryffindor_node->nid); debug($og_gryffindor_group->gid); |
|
181 |
// debug('og_students_node');debug($og_students_node->nid); debug($og_students_group->gid); |
|
182 |
// debug('og_faculty_node');debug($og_faculty_node->nid); debug($og_faculty_group->gid); |
|
183 |
// debug('og_users_node');debug($og_users_node->nid); debug($og_users_group->gid); |
|
184 |
|
|
185 |
$anonymous_rid = ldap_authorization_og_rid_from_role_name(OG_ANONYMOUS_ROLE); |
|
186 |
$member_rid = ldap_authorization_og_rid_from_role_name(OG_AUTHENTICATED_ROLE); |
|
187 |
$admin_rid = ldap_authorization_og_rid_from_role_name(OG_ADMINISTRATOR_ROLE); |
|
188 |
$dungeon_master_rid = ldap_authorization_og_rid_from_role_name('dungeon-master'); |
|
189 |
$time_keeper = ldap_authorization_og_rid_from_role_name('time-keeper'); |
|
190 |
$student_member_consumer_id = $og_students_group->gid . '-' . $member_rid; |
|
191 |
|
|
192 |
$gid = ldap_authorization_og1_entity_id_to_gid($og_gryffindor_node->nid); |
|
193 |
$this->assertTrue($gid == $og_gryffindor_group->gid, t('ldap_authorization_og1_entity_id_to_gid() functions'), $this->ldapTestId); |
|
194 |
|
|
195 |
|
|
196 |
// debug("anonymous_rid=$anonymous_rid, member_rid=$member_rid,admin_rid=$admin_rid, dungeon_master_rid=$dungeon_master_rid, time_keeper=$time_keeper"); |
|
197 |
|
|
198 |
/** |
|
199 |
* @todo api tests: ldap_authorization_og_rid_from_role_name(), |
|
200 |
* and ldap_authorization_og_get_group() |
|
201 |
*/ |
|
202 |
|
|
203 |
$ids = array($web_user->uid); |
|
204 |
// debug($ids); |
|
205 |
$user_entities = entity_load('user', $ids, array(), TRUE); |
|
206 |
$user_entity = $user_entities[$web_user->uid]; |
|
207 |
|
|
208 |
///*** |
|
209 |
// * II. construct ldapauthorization og object and test methods (ignoring if ldap created or not... |
|
210 |
// * unit tests for methods and class without any ldap context.) |
|
211 |
// */ |
|
212 |
|
|
213 |
$this->ldapTestId = $this->module_name . ': LdapAuthorizationConsumerOG class'; |
|
214 |
|
|
215 |
$og_auth = new LdapAuthorizationConsumerOG('og_group'); |
|
216 |
$this->assertTrue(is_object($og_auth), |
|
217 |
'Successfully instantiated LdapAuthorizationConsumerOG', $this->ldapTestId); |
|
218 |
|
|
219 |
|
|
220 |
/** |
|
221 |
* test basic functions with admin user logged in |
|
222 |
*/ |
|
223 |
|
|
224 |
$ldap_entry = NULL; |
|
225 |
$user_data = array(); |
|
226 |
$user = user_load($web_user->uid, TRUE); |
|
227 |
|
|
228 |
|
|
229 |
$this->assertFalse($og_auth->hasAuthorization($user, $student_member_consumer_id), |
|
230 |
'hasAuthorization() method works for non LDAP provisioned og authorization', $this->ldapTestId); |
|
231 |
|
|
232 |
$user_auth_data = array(); |
|
233 |
$consumers = array($student_member_consumer_id => $og_auth->emptyConsumer); |
|
234 |
|
|
235 |
$og_auth->authorizationGrant($user, $user_auth_data, $consumers, $ldap_entry, TRUE); |
|
236 |
|
|
237 |
$this->assertTrue(ldap_authorization_og1_has_membership($og_students_group->gid, $user->uid), |
|
238 |
'authorizationGrant function works', $this->ldapTestId); |
|
239 |
|
|
240 |
$this->assertTrue(ldap_authorization_og1_has_role($og_students_group->gid, $user->uid, $member_rid), |
|
241 |
'ldap_authorization_og1_has_role function works', $this->ldapTestId); |
|
242 |
|
|
243 |
$this->assertTrue("member" == ldap_authorization_og1_role_name_from_rid($member_rid), |
|
244 |
'ldap_authorization_og1_role_name_from_rid function works', $this->ldapTestId); |
|
245 |
|
|
246 |
$this->assertTrue($member_rid == ldap_authorization_og1_role_name_to_role_id("member"), |
|
247 |
'ldap_authorization_og1_role_name_to_role_id function works', $this->ldapTestId); |
|
248 |
|
|
249 |
$has_student_membership = ldap_authorization_og1_has_membership($og_students_group->gid, $user->uid); |
|
250 |
$this->assertTrue($has_student_membership, 'ldap_authorization_og1_has_membership function', $this->ldapTestId); |
|
251 |
|
|
252 |
|
|
253 |
if ($has_student_membership) { |
|
254 |
$og_auth->authorizationRevoke($user, $user_auth_data, $consumers, $ldap_entry, TRUE); |
|
255 |
$this->assertFalse(ldap_authorization_og1_has_membership($og_students_group->gid, $user->uid), |
|
256 |
'authorizationRevoke function works', $this->ldapTestId); |
|
257 |
} |
|
258 |
|
|
259 |
$parts = $og_auth->og1ConsumerIdParts("3-2"); |
|
260 |
$this->assertTrue($parts[0] == 3 && $parts[1] == 2, |
|
261 |
'LdapAuthorizationOgConsumerOG::og1ConsumerIdParts method works', $this->ldapTestId); |
|
262 |
|
|
263 |
|
|
264 |
$mappings = array( |
|
265 |
array('cn=students,ou=groups,dc=hogwarts,dc=edu', 'group-name=students,role-name=member'), |
|
266 |
array('cn=faculty,ou=groups,dc=hogwarts,dc=edu', 'group-name=faculty,role-name=member'), |
|
267 |
array('cn=gryffindor,ou=groups,dc=hogwarts,dc=edu', 'group-name=gryffindor,role-name=member'), |
|
268 |
array('cn=users,ou=groups,dc=hogwarts,dc=edu', 'group-name=users,role-name=dungeon-master'), |
|
269 |
array('cn=users,ou=groups,dc=hogwarts,dc=edu', 'gid=2,rid=2'), |
|
270 |
array('cn=users,ou=groups,dc=hogwarts,dc=edu', 'gid=2,rid=4'), |
|
271 |
); |
|
272 |
|
|
273 |
$normalized_mappings = $og_auth->normalizeMappings($mappings); |
|
274 |
|
|
275 |
$correct_mappings = ( |
|
276 |
$normalized_mappings[0]['normalized'] = ldap_authorization_og_authorization_id($og_students_group->gid, $member_rid) && |
|
277 |
$normalized_mappings[1]['normalized'] = ldap_authorization_og_authorization_id($og_faculty_group->gid, $member_rid) && |
|
278 |
$normalized_mappings[2]['normalized'] = ldap_authorization_og_authorization_id($og_gryffindor_group->gid, $dungeon_master_rid) && |
|
279 |
$normalized_mappings[3]['normalized'] = ldap_authorization_og_authorization_id($og_users_group->gid, $member_rid) && |
|
280 |
$normalized_mappings[4]['normalized'] = ldap_authorization_og_authorization_id($og_students_group->gid, $member_rid) && |
|
281 |
$normalized_mappings[4]['normalized'] = ldap_authorization_og_authorization_id($og_students_group->gid, 4) |
|
282 |
); |
|
283 |
if (!$correct_mappings) { |
|
284 |
debug('normalized_mappings'); debug($normalized_mappings); |
|
285 |
} |
|
286 |
$this->assertTrue($correct_mappings, 'normalizeMappings method works', $this->ldapTestId); |
|
287 |
|
|
288 |
} |
|
289 |
|
|
290 |
|
|
291 |
|
|
292 |
/** |
|
293 |
* authorization configuration flags tests clumped together |
|
294 |
*/ |
|
295 |
|
|
296 |
function testFlags() { |
|
297 |
|
|
298 |
$sid = 'activedirectory1'; |
|
299 |
|
|
300 |
$this->prepTestData( |
|
301 |
LDAP_TEST_LDAP_NAME, |
|
302 |
array($sid), |
|
303 |
'provisionToDrupal', |
|
304 |
'default', |
|
305 |
'og_group15' |
|
306 |
); |
|
307 |
|
|
308 |
|
|
309 |
$og_group_consumer = ldap_authorization_get_consumers('og_group', TRUE, TRUE); |
|
310 |
|
|
311 |
list($og_gryffindor_group, $og_gryffindor_node) = ldap_authorization_og1_get_group('gryffindor', 'group_name'); |
|
312 |
list($og_students_group, $og_students_node) = ldap_authorization_og1_get_group('students', 'group_name'); |
|
313 |
list($og_faculty_group, $og_faculty_node) = ldap_authorization_og1_get_group('faculty', 'group_name'); |
|
314 |
list($og_users_group, $og_users_node) = ldap_authorization_og1_get_group('users', 'group_name'); |
|
315 |
list($og_slytherin_group, $og_slytherin_node) = ldap_authorization_og1_get_group('slytherin', 'group_name'); |
|
316 |
$anonymous_rid = ldap_authorization_og_rid_from_role_name(OG_ANONYMOUS_ROLE); |
|
317 |
$member_rid = ldap_authorization_og_rid_from_role_name(OG_AUTHENTICATED_ROLE); |
|
318 |
$admin_rid = ldap_authorization_og_rid_from_role_name(OG_ADMINISTRATOR_ROLE); |
|
319 |
$dungeon_master_rid = ldap_authorization_og_rid_from_role_name('dungeon-master'); |
|
320 |
$time_keeper = ldap_authorization_og_rid_from_role_name('time-keeper'); |
|
321 |
$students_membership_consumer_id = $og_students_group->gid . '-' . $member_rid; |
|
322 |
$gryffindor_membership_consumer_id = $og_gryffindor_group->gid . '-' . $member_rid; |
|
323 |
|
|
324 |
/** |
|
325 |
* LDAP_authorz.Flags.status=0: Disable ldap_authorization_drupal_role configuration and make sure no authorizations performed |
|
326 |
*/ |
|
327 |
|
|
328 |
list($props_set_display, $props_set_correctly) = $this->checkConsumerConfSetup('og_group15'); |
|
329 |
$this->assertTrue( |
|
330 |
$props_set_correctly, |
|
331 |
'Authorization Configuration set correctly in test setup', |
|
332 |
'LDAP_authorz.Flags.setup.0' |
|
333 |
); |
|
334 |
if (!$props_set_correctly) { |
|
335 |
debug('LDAP_authorz.Flags.setup.0 properties not set correctly'); debug($props_set_display); |
|
336 |
} |
|
337 |
|
|
338 |
$test_id = 'LDAP_authorz.Flags.status.0'; |
|
339 |
$this->consumerAdminConf['og_group']->useFirstAttrAsGroupId = 0; |
|
340 |
$this->consumerAdminConf['og_group']->status = 0; |
|
341 |
$this->consumerAdminConf['og_group']->save(); |
|
342 |
$og_group_consumer = ldap_authorization_get_consumer_object('og_group'); |
|
343 |
$hpotter = $this->deleteAndRecreateUser('hpotter'); |
|
344 |
|
|
345 |
list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($hpotter, 'test_query', 'og_group'); // just see if the correct ones are derived. |
|
346 |
$groups1 = $new_authorizations['og_group']; |
|
347 |
$this->assertTrue( |
|
348 |
count($new_authorizations['og_group']) == 0, |
|
349 |
'disabled consumer configuration disallows authorizations.', |
|
350 |
$test_id |
|
351 |
); |
|
352 |
|
|
353 |
|
|
354 |
$test_id = 'LDAP_authorz.Flags.status.1'; |
|
355 |
$this->consumerAdminConf['og_group']->status = 1; |
|
356 |
$this->consumerAdminConf['og_group']->save(); |
|
357 |
$og_group_consumer = ldap_authorization_get_consumer_object('og_group'); |
|
358 |
|
|
359 |
list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($hpotter, 'test_query', 'og_group'); // just see if the correct ones are derived. |
|
360 |
$correct_groups = !empty($new_authorizations['og_group'][$students_membership_consumer_id]) |
|
361 |
&& !empty($new_authorizations['og_group'][$gryffindor_membership_consumer_id]); |
|
362 |
$this->assertTrue($correct_groups, 'enabled consumer configuration allows authorizations.', $test_id); |
|
363 |
if (!$correct_groups) { |
|
364 |
debug($test_id . "new_authorizations $gryffindor_membership_consumer_id and $students_membership_consumer_id not found in:"); debug($new_authorizations['og_group']); debug($notifications); |
|
365 |
} |
|
366 |
|
|
367 |
} |
|
368 |
|
|
369 |
|
|
370 |
|
|
371 |
/** |
|
372 |
* authorization configuration flags tests clumped together |
|
373 |
*/ |
|
374 |
|
|
375 |
function testLogons() { |
|
376 |
|
|
377 |
$sid = 'activedirectory1'; |
|
378 |
|
|
379 |
$this->prepTestData( |
|
380 |
LDAP_TEST_LDAP_NAME, |
|
381 |
array($sid), |
|
382 |
'provisionToDrupal', |
|
383 |
'default', |
|
384 |
'og_group15' |
|
385 |
); |
|
386 |
|
|
387 |
$og_group_consumer = ldap_authorization_get_consumers('og_group', TRUE, TRUE); |
|
388 |
list($og_gryffindor_group, $og_gryffindor_node) = ldap_authorization_og1_get_group('gryffindor', 'group_name'); //1 |
|
389 |
list($og_students_group, $og_students_node) = ldap_authorization_og1_get_group('students', 'group_name'); //4 |
|
390 |
list($og_faculty_group, $og_faculty_node) = ldap_authorization_og1_get_group('faculty', 'group_name'); // 7 |
|
391 |
list($og_users_group, $og_users_node) = ldap_authorization_og1_get_group('users', 'group_name'); //9 |
|
392 |
list($og_hufflepuff_group, $og_hufflepuff_node) = ldap_authorization_og1_get_group('hufflepuff', 'group_name'); |
|
393 |
list($og_slytherin_group, $og_slytherin_node) = ldap_authorization_og1_get_group('slytherin', 'group_name'); |
|
394 |
|
|
395 |
|
|
396 |
$anonymous_rid = ldap_authorization_og_rid_from_role_name(OG_ANONYMOUS_ROLE); |
|
397 |
$member_rid = ldap_authorization_og_rid_from_role_name(OG_AUTHENTICATED_ROLE); |
|
398 |
$admin_rid = ldap_authorization_og_rid_from_role_name(OG_ADMINISTRATOR_ROLE); |
|
399 |
$dungeon_master_rid = ldap_authorization_og_rid_from_role_name('dungeon-master'); |
|
400 |
$time_keeper = ldap_authorization_og_rid_from_role_name('time-keeper'); |
|
401 |
$students_membership_consumer_id = $og_students_group->gid . '-' . $member_rid; |
|
402 |
$gryffindor_membership_consumer_id = $og_gryffindor_group->gid . '-' . $member_rid; |
|
403 |
$slytherin_membership_consumer_id = $og_slytherin_group->gid . '-' . $member_rid; |
|
404 |
$hufflepuff_membership_consumer_id = $og_hufflepuff_group->gid . '-' . $member_rid; |
|
405 |
|
|
406 |
//debug( |
|
407 |
// "students_membership_consumer_id = $students_membership_consumer_id |
|
408 |
// gryffindor_membership_consumer_id = $gryffindor_membership_consumer_id |
|
409 |
// slytherin_membership_consumer_id = $slytherin_membership_consumer_id |
|
410 |
// hufflepuff_membership_consumer_id = = $hufflepuff_membership_consumer_id " |
|
411 |
//); |
|
412 |
|
|
413 |
list($props_set_display, $props_set_correctly) = $this->checkConsumerConfSetup('og_group15'); |
|
414 |
$this->assertTrue( |
|
415 |
$props_set_correctly, |
|
416 |
'Authorization Configuration set correctly in test setup', |
|
417 |
'LDAP_authorz.Flags.setup.0' |
|
418 |
); |
|
419 |
if (!$props_set_correctly) { |
|
420 |
debug('LDAP_authorz.Flags.setup.0 properties not set correctly'); debug($props_set_display); |
|
421 |
} |
|
422 |
|
|
423 |
$hpotter = $this->deleteAndRecreateUser('hpotter'); |
|
424 |
|
|
425 |
/** |
|
426 |
* LDAP_authorz.Flags.synchOnLogon - execute logon and check that no roles are applied if disabled |
|
427 |
*/ |
|
428 |
$test_id = 'LDAP_authorz.og.Flags.synchOnLogon.0'; |
|
429 |
$this->consumerAdminConf['og_group']->synchOnLogon = 0; |
|
430 |
$this->consumerAdminConf['og_group']->save(); |
|
431 |
$og_group_consumer = ldap_authorization_get_consumer_object('og_group'); |
|
432 |
|
|
433 |
$edit = array( |
|
434 |
'name' => 'hpotter', |
|
435 |
'pass' => 'goodpwd', |
|
436 |
); |
|
437 |
$this->drupalPost('user', $edit, t('Log in')); |
|
438 |
$this->assertText( |
|
439 |
t('Member for'), |
|
440 |
'New Ldap user with good password authenticated.', |
|
441 |
$test_id |
|
442 |
); |
|
443 |
$this->assertTrue( |
|
444 |
$this->testFunctions->ldapUserIsAuthmapped('hpotter'), |
|
445 |
'Ldap user properly authmapped.', |
|
446 |
$test_id |
|
447 |
); |
|
448 |
$hpotter = user_load_by_name('hpotter'); |
|
449 |
$hpotter = user_load($hpotter->uid, TRUE); |
|
450 |
$authorizations = $og_group_consumer->usersAuthorizations($hpotter, TRUE); |
|
451 |
$this->drupalGet('user/logout'); |
|
452 |
$success = (count($authorizations) == 0); |
|
453 |
$this->assertTrue($success, 'No authorizations granted when synchOnLogon=0', $test_id); |
|
454 |
if (!$success) { |
|
455 |
debug($test_id . "authorizations:"); debug($authorizations); debug($hpotter->data); |
|
456 |
} |
|
457 |
|
|
458 |
$test_id = 'LDAP_authorz.og.Flags.synchOnLogon.1'; |
|
459 |
$this->consumerAdminConf['og_group']->synchOnLogon = 1; |
|
460 |
$this->consumerAdminConf['og_group']->save(); |
|
461 |
$og_group_consumer = ldap_authorization_get_consumer_object('og_group'); // flushes object static cache |
|
462 |
$hpotter = $this->deleteAndRecreateUser('hpotter'); |
|
463 |
|
|
464 |
$edit = array( |
|
465 |
'name' => 'hpotter', |
|
466 |
'pass' => 'goodpwd', |
|
467 |
); |
|
468 |
$this->drupalPost('user', $edit, t('Log in')); |
|
469 |
$this->assertText(t('Member for'), 'New Ldap user with good password authenticated.', $test_id); |
|
470 |
$hpotter = user_load_by_name('hpotter'); |
|
471 |
$hpotter = user_load($hpotter->uid, TRUE); |
|
472 |
$authorizations = $og_group_consumer->usersAuthorizations($hpotter, TRUE); |
|
473 |
$this->UIGroupMembershipTest($hpotter, $og_students_node, $test_id); |
|
474 |
$success = in_array($students_membership_consumer_id, $authorizations) && in_array($gryffindor_membership_consumer_id, $authorizations); |
|
475 |
$this->drupalGet('user/logout'); |
|
476 |
$this->assertTrue($success, 'Correct Authorizations on user logon', $test_id); |
|
477 |
if (!$success) { |
|
478 |
debug($test_id . "authorizations $gryffindor_membership_consumer_id and $students_membership_consumer_id not found in:"); |
|
479 |
debug($authorizations); debug("hpotter->data"); debug($hpotter->data); |
|
480 |
} |
|
481 |
|
|
482 |
$user_data = $hpotter->data['ldap_authorizations']['og_group']; |
|
483 |
$success = (isset($user_data[$students_membership_consumer_id]) && |
|
484 |
isset($user_data[$gryffindor_membership_consumer_id]) && |
|
485 |
isset($user_data[$students_membership_consumer_id]['date_granted']) && |
|
486 |
isset($user_data[$gryffindor_membership_consumer_id]['consumer_id_mixed_case']) && |
|
487 |
isset($user_data[$students_membership_consumer_id]['date_granted']) && |
|
488 |
isset($user_data[$gryffindor_membership_consumer_id]['consumer_id_mixed_case']) && |
|
489 |
$user_data[$gryffindor_membership_consumer_id]['consumer_id_mixed_case'] == $gryffindor_membership_consumer_id); |
|
490 |
$this->assertTrue($success, 'Correct User Data Authorization Records', $test_id); |
|
491 |
|
|
492 |
|
|
493 |
|
|
494 |
/** test multiple logon scenario. this deals with a variety of concerns such as caching of |
|
495 |
* user and og data |
|
496 |
*/ |
|
497 |
$test_id = 'LDAP_authorz.og.mulitplelogons'; |
|
498 |
$this->consumerAdminConf['og_group']->onlyApplyToLdapAuthenticated = 0; |
|
499 |
$this->consumerAdminConf['og_group']->synchOnLogon = 1; |
|
500 |
$this->consumerAdminConf['og_group']->status = 1; |
|
501 |
$this->consumerAdminConf['og_group']->save(); |
|
502 |
$hpotter = $this->deleteAndRecreateUser('hpotter'); |
|
503 |
$og_group_consumer = ldap_authorization_get_consumer_object('og_group'); |
|
504 |
|
|
505 |
$this->drupalGet('user/logout'); |
|
506 |
$pre_authorizations = $og_group_consumer->usersAuthorizations($hpotter, TRUE); |
|
507 |
$this->assertTrue(count($pre_authorizations) == 0, 'Setup correct for test ' . $test_id, $test_id); |
|
508 |
|
|
509 |
foreach (array(1, 2, 3) as $i) { |
|
510 |
$this->drupalGet('user/logout'); |
|
511 |
$edit = array( |
|
512 |
'name' => 'hpotter', |
|
513 |
'pass' => 'goodpwd', |
|
514 |
); |
|
515 |
$this->drupalPost('user', $edit, t('Log in')); |
|
516 |
$this->assertText(t('Member for'), "Repeated logon grant test i=$i", $test_id); |
|
517 |
$hpotter = user_load_by_name('hpotter'); |
|
518 |
$hpotter = user_load($hpotter->uid, TRUE); |
|
519 |
|
|
520 |
$authorizations = $og_group_consumer->usersAuthorizations($hpotter, TRUE); |
|
521 |
$success = in_array($students_membership_consumer_id, $authorizations) && |
|
522 |
in_array($gryffindor_membership_consumer_id, $authorizations); |
|
523 |
$this->assertTrue($success, 'Correct Authorizations on user logon', $test_id); |
|
524 |
if (!$success) { |
|
525 |
debug("$test_id i=$i"); debug($hpotter->data); debug($og_group_consumer->usersAuthorizations($hpotter), TRUE); |
|
526 |
} |
|
527 |
$this->UIGroupMembershipTest($hpotter, $og_gryffindor_node, $test_id); |
|
528 |
$this->UIGroupMembershipTest($hpotter, $og_students_node, $test_id); |
|
529 |
// also need to assert user->data['ldap_authorizations']['og_group'] array |
|
530 |
|
|
531 |
$this->assertTrue($success, 'Correct Authorizations on user logon', $test_id); |
|
532 |
$user_data = $hpotter->data['ldap_authorizations']['og_group']; |
|
533 |
$success = (isset($user_data[$students_membership_consumer_id]) && |
|
534 |
isset($user_data[$gryffindor_membership_consumer_id]) && |
|
535 |
isset($user_data[$students_membership_consumer_id]['date_granted']) && |
|
536 |
isset($user_data[$gryffindor_membership_consumer_id]['consumer_id_mixed_case']) && |
|
537 |
isset($user_data[$students_membership_consumer_id]['date_granted']) && |
|
538 |
isset($user_data[$gryffindor_membership_consumer_id]['consumer_id_mixed_case']) && |
|
539 |
$user_data[$gryffindor_membership_consumer_id]['consumer_id_mixed_case'] == $gryffindor_membership_consumer_id); |
|
540 |
$this->assertTrue($success, 'Correct User Data Authorization Records', $test_id); |
|
541 |
$this->drupalGet('user/logout'); |
|
542 |
} |
|
543 |
|
|
544 |
/** |
|
545 |
* LDAP_authorz.Flags.revokeLdapProvisioned: test flag for |
|
546 |
* removing manually granted roles |
|
547 |
* |
|
548 |
* $this->revokeLdapProvisioned == 1 : Revoke !consumer_namePlural previously granted by LDAP Authorization but no longer valid. |
|
549 |
* |
|
550 |
* grant groups via ldap and some not manually, |
|
551 |
* then logon again and make sure the ldap provided roles are revoked and the drupal ones are not revoked |
|
552 |
* |
|
553 |
*/ |
|
554 |
$test_id = 'LDAP_authorz.og.Flags.revokeLdapProvisioned.1'; |
|
555 |
$this->consumerAdminConf['og_group']->onlyApplyToLdapAuthenticated = 0; |
|
556 |
$this->consumerAdminConf['og_group']->revokeLdapProvisioned = 1; |
|
557 |
$this->consumerAdminConf['og_group']->regrantLdapProvisioned = 1; |
|
558 |
$this->consumerAdminConf['og_group']->save(); |
|
559 |
$og_group_consumer = ldap_authorization_get_consumer_object('og_group'); |
|
560 |
$hpotter = $this->deleteAndRecreateUser('hpotter'); |
|
561 |
$edit = array( |
|
562 |
'name' => 'hpotter', |
|
563 |
'pass' => 'goodpwd', |
|
564 |
); |
|
565 |
|
|
566 |
// group to 2 "undeserved" groups, but only ldap associate 1 |
|
567 |
$hpotter = $this->manualOgGroup($hpotter, $og_slytherin_group->gid); |
|
568 |
$hpotter = $this->manualOgGroup($hpotter, $og_hufflepuff_group->gid); |
|
569 |
$authorizations = $og_group_consumer->usersAuthorizations($hpotter, TRUE); |
|
570 |
$this->assertTrue( |
|
571 |
in_array($slytherin_membership_consumer_id, $authorizations) && |
|
572 |
in_array($hufflepuff_membership_consumer_id, $authorizations) |
|
573 |
, "prep for $test_id", $test_id); |
|
574 |
|
|
575 |
|
|
576 |
// debug(); debug("4.1 hpotter->data"); debug($hpotter->data); |
|
577 |
// $undeserved_consumer_id = $og_slytherin_group->gid . '-' . $member_rid; |
|
578 |
$user_edit['data'] = $hpotter->data; |
|
579 |
$user_edit['data']['ldap_authorizations']['og_group'][$slytherin_membership_consumer_id] = |
|
580 |
array( |
|
581 |
array('date_granted' => 1304216778), |
|
582 |
array('consumer_id_mixed_case' => $slytherin_membership_consumer_id), |
|
583 |
); |
|
584 |
$hpotter = user_save($hpotter, $user_edit); |
|
585 |
|
|
586 |
$this->drupalPost('user', $edit, t('Log in')); |
|
587 |
$this->assertText(t('Member for'), 'New Ldap user with good password authenticated.', $test_id); |
|
588 |
$hpotter = user_load_by_name('hpotter'); |
|
589 |
$hpotter = user_load($hpotter->uid, TRUE); |
|
590 |
$authorizations = $og_group_consumer->usersAuthorizations($hpotter, TRUE); |
|
591 |
$this->UIGroupMembershipTest($hpotter, $og_hufflepuff_node, $test_id); |
|
592 |
$this->UIGroupMembershipTest($hpotter, $og_slytherin_node, $test_id, FALSE); |
|
593 |
$this->assertTrue( |
|
594 |
!in_array($slytherin_membership_consumer_id, $authorizations) && |
|
595 |
in_array($hufflepuff_membership_consumer_id, $authorizations) |
|
596 |
, "Ldap granted og revoked when not deserved in ldap, manual og membership retained.", $test_id); |
|
597 |
|
|
598 |
// assert that slytherin membership removed, but hufflepuff kept |
|
599 |
//debug($authorizations); |
|
600 |
//debug("4. hpotter->data"); debug($hpotter->data); |
|
601 |
|
|
602 |
/** |
|
603 |
* LDAP_authorz.Flags.regrantLdapProvisioned |
|
604 |
* $this->regrantLdapProvisioned == 1 : |
|
605 |
* Re grant !consumer_namePlural previously granted |
|
606 |
* by LDAP Authorization but removed manually. |
|
607 |
* |
|
608 |
* - manually remove ldap granted og membership |
|
609 |
* - logon |
|
610 |
* - check if regranted |
|
611 |
*/ |
|
612 |
$test_id = 'LDAP_authorz.Flags.regrantLdapProvisioned=1'; |
|
613 |
$this->drupalGet('user/logout'); |
|
614 |
$this->consumerAdminConf['og_group']->regrantLdapProvisioned = 1; |
|
615 |
$this->consumerAdminConf['og_group']->revokeLdapProvisioned = 1; |
|
616 |
$this->consumerAdminConf['og_group']->save(); |
|
617 |
$og_group_consumer = ldap_authorization_get_consumer_object('og_group'); |
|
618 |
$hpotter = user_load($hpotter->uid, TRUE); // do not recreate hpotter user because using date from last test |
|
619 |
|
|
620 |
// ungroup hpotter from students |
|
621 |
$hpotter = og_ungroup($og_students_group->gid, 'user', $hpotter, TRUE); |
|
622 |
// confirm doesn't have authorization |
|
623 |
$authorizations = $og_group_consumer->usersAuthorizations($hpotter, TRUE); |
|
624 |
$this->assertTrue(!in_array($students_membership_consumer_id, $authorizations), 'hpotter student membership removed before testing regrant', $test_id); |
|
625 |
/** |
|
626 |
* logon |
|
627 |
*/ |
|
628 |
$this->drupalPost('user', $edit, t('Log in')); |
|
629 |
|
|
630 |
// assert students membership regranted |
|
631 |
$hpotter = user_load($hpotter->uid, TRUE); |
|
632 |
$authorizations = $og_group_consumer->usersAuthorizations($hpotter, TRUE); |
|
633 |
module_load_include('php', 'og', 'module'); |
|
634 |
og_invalidate_cache(); |
|
635 |
$caches = array( |
|
636 |
'og_get_entity_groups', |
|
637 |
'og_get_membership', |
|
638 |
'og_get_field_og_membership_properties', |
|
639 |
); |
|
640 |
|
|
641 |
foreach ($caches as $cache) { |
|
642 |
drupal_static_reset($cache); |
|
643 |
} |
|
644 |
$authorizations = $og_group_consumer->usersAuthorizations($hpotter, TRUE); |
|
645 |
$success = in_array($students_membership_consumer_id, $authorizations); |
|
646 |
$this->UIGroupMembershipTest($hpotter, $og_students_node, $test_id); |
|
647 |
$this->assertTrue($success, "regrant Ldap Provisioned og groups ($students_membership_consumer_id) that were manually revoked", $test_id); |
|
648 |
if (!$success) { |
|
649 |
debug($test_id); |
|
650 |
debug("students_membership_consumer_id=$students_membership_consumer_id"); |
|
651 |
debug('hpotter->data'); debug($hpotter->data); |
|
652 |
debug('current authorizations'); debug($authorizations); |
|
653 |
} |
|
654 |
//debug("5. hpotter->data"); debug($hpotter->data); |
|
655 |
|
|
656 |
|
|
657 |
/** |
|
658 |
* LDAP_authorz.onlyLdapAuthenticated=1: create normal user and |
|
659 |
* apply authorization query. should return no og groups |
|
660 |
* |
|
661 |
* THIS NEEDS TO BE REWORKED. ITS A MEANINGLESS TEST IN CURRENT STATE |
|
662 |
* should |
|
663 |
* A. leave on mixed mode ldap authentication |
|
664 |
* logon with non ldap password and receive no authorizations |
|
665 |
* |
|
666 |
* B. leave on mixed mode authentication and logon with ldap |
|
667 |
* groups should be granted |
|
668 |
* |
|
669 |
*/ |
|
670 |
//$test_id = 'LDAP_authorz.onlyLdapAuthenticated.1'; |
|
671 |
//$this->consumerAdminConf['og_group']->onlyApplyToLdapAuthenticated = 1; |
|
672 |
//$this->consumerAdminConf['og_group']->status = 1; |
|
673 |
//$this->consumerAdminConf['og_group']->save(); |
|
674 |
//$og_group_consumer = ldap_authorization_get_consumer_object('og_group'); |
|
675 |
// |
|
676 |
//$hpotter = $this->deleteAndRecreateUser('hpotter'); |
|
677 |
// |
|
678 |
//list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($hpotter, 'set', 'og_group'); // just see if the correct ones are derived. |
|
679 |
//$success = (isset($new_authorizations['og_group']) && count($new_authorizations['og_group']) == 0); |
|
680 |
//$this->assertTrue($success, ' only apply to ldap authenticated grants no roles for non ldap user.', $test_id); |
|
681 |
//$hpotter = user_load($hpotter->uid, TRUE); |
|
682 |
//if (!$success) { |
|
683 |
// debug($test_id . "new_authorizations:"); debug($new_authorizations); |
|
684 |
// debug($this->testFunctions->ldapUserIsAuthmapped('hpotter')); |
|
685 |
// debug($notifications); |
|
686 |
// debug($hpotter); |
|
687 |
//} |
|
688 |
|
|
689 |
} |
|
690 |
|
|
691 |
|
|
692 |
} |
drupal7/sites/all/modules/ldap/ldap_authorization/tests/Og2Tests.test | ||
---|---|---|
127 | 127 |
* just make sure install succeeds and |
128 | 128 |
*/ |
129 | 129 |
function testBasicFunctionsAndApi() { |
130 |
// TODO: Fix failing tests, excluding to make branch pass. |
|
131 |
return; |
|
130 | 132 |
|
131 | 133 |
if (ldap_authorization_og_og_version() != 2) { |
132 | 134 |
debug('LdapAuthorizationOg2Tests must be run with OG 7.x-2.x'); |
... | ... | |
300 | 302 |
*/ |
301 | 303 |
|
302 | 304 |
function testFlags() { |
305 |
// TODO: Fix failing tests, excluding to make branch pass. |
|
306 |
return; |
|
303 | 307 |
|
304 | 308 |
$sid = 'activedirectory1'; |
305 | 309 |
$this->prepTestData( |
drupal7/sites/all/modules/ldap/ldap_feeds/FeedsLdapEntryParser.inc | ||
---|---|---|
22 | 22 |
$parsed_item = array('dn' => (string)$ldap_entry['dn']); |
23 | 23 |
foreach ($mappings as $j => $map) { |
24 | 24 |
$source_lcase = drupal_strtolower($map['source']); |
25 |
// dn is already parsed |
|
26 |
if ($source_lcase == 'dn') { |
|
27 |
continue; |
|
28 |
} |
|
25 | 29 |
$source = $map['source']; |
26 | 30 |
if (isset($ldap_entry['attr'])) { |
27 | 31 |
// exception need because of unconvential format of ldap data returned from $ldap_server->userUserNameToExistingLdapEntry |
... | ... | |
30 | 34 |
else { |
31 | 35 |
$ldap_attributes = $ldap_entry; |
32 | 36 |
} |
33 |
if ($source_lcase != 'dn' && isset($ldap_attributes[$source_lcase][0])) {
|
|
37 |
if (isset($ldap_attributes[$source_lcase][0])) { |
|
34 | 38 |
if ($ldap_attributes[$source_lcase]['count'] == 1 && is_scalar($ldap_attributes[$source_lcase][0])) { |
35 | 39 |
$parsed_item[$source] = (string)$ldap_attributes[$source_lcase][0]; |
36 | 40 |
} |
... | ... | |
40 | 44 |
} |
41 | 45 |
} |
42 | 46 |
else { |
43 |
$parsed_item[$source] = ''; |
|
47 |
$parsed_item[$source] = ' ';
|
|
44 | 48 |
} |
45 | 49 |
} |
46 | 50 |
$parsed_items[] = $parsed_item; |
drupal7/sites/all/modules/ldap/ldap_feeds/FeedsLdapQueryFetcher.inc | ||
---|---|---|
29 | 29 |
public function getRaw() { |
30 | 30 |
|
31 | 31 |
$results = array(); |
32 |
$count = 0; |
|
32 | 33 |
foreach ($this->query_ids as $i => $query_id) { |
33 | 34 |
$ldapQuery = ldap_query_get_queries($query_id, 'enabled', TRUE); |
34 | 35 |
$more_results = $ldapQuery->query(); |
35 | 36 |
if (is_array($more_results)) { |
37 |
$count += $more_results['count']; |
|
36 | 38 |
$results = array_merge($results, $more_results); |
37 | 39 |
} |
38 | 40 |
} |
41 |
if ($count) { |
|
42 |
$results['count'] = $count; |
|
43 |
} |
|
39 | 44 |
return $results; |
40 | 45 |
} |
41 | 46 |
} |
drupal7/sites/all/modules/ldap/ldap_feeds/ldap_feeds.info | ||
---|---|---|
12 | 12 |
core = 7.x |
13 | 13 |
php = 5.2 |
14 | 14 |
|
15 |
; Information added by Drupal.org packaging script on 2016-08-07
|
|
16 |
version = "7.x-2.0-beta11"
|
|
15 |
; Information added by Drupal.org packaging script on 2017-02-15
|
|
16 |
version = "7.x-2.0-beta12"
|
|
17 | 17 |
core = "7.x" |
18 | 18 |
project = "ldap" |
19 |
datestamp = "1470608343"
|
|
19 |
datestamp = "1487199794"
|
|
20 | 20 |
|
drupal7/sites/all/modules/ldap/ldap_help/ldap_help.info | ||
---|---|---|
5 | 5 |
|
6 | 6 |
dependencies[] = ldap_servers |
7 | 7 |
dependencies[] = ldap_test |
8 |
; Information added by Drupal.org packaging script on 2016-08-07
|
|
9 |
version = "7.x-2.0-beta11"
|
|
8 |
; Information added by Drupal.org packaging script on 2017-02-15
|
|
9 |
version = "7.x-2.0-beta12"
|
|
10 | 10 |
core = "7.x" |
11 | 11 |
project = "ldap" |
12 |
datestamp = "1470608343"
|
|
12 |
datestamp = "1487199794"
|
|
13 | 13 |
|
drupal7/sites/all/modules/ldap/ldap_query/ldap_query.info | ||
---|---|---|
17 | 17 |
|
18 | 18 |
configure = admin/config/people/ldap/query |
19 | 19 |
|
20 |
; Information added by Drupal.org packaging script on 2016-08-07
|
|
21 |
version = "7.x-2.0-beta11"
|
|
20 |
; Information added by Drupal.org packaging script on 2017-02-15
|
|
21 |
version = "7.x-2.0-beta12"
|
|
22 | 22 |
core = "7.x" |
23 | 23 |
project = "ldap" |
24 |
datestamp = "1470608343"
|
|
24 |
datestamp = "1487199794"
|
|
25 | 25 |
|
drupal7/sites/all/modules/ldap/ldap_servers/LdapServer.class.php | ||
---|---|---|
489 | 489 |
|
490 | 490 |
foreach ($new_entry as $key => $new_val) { |
491 | 491 |
$old_value = FALSE; |
492 |
$old_value_is_scalar = FALSE; |
|
492 | 493 |
$key_lcase = drupal_strtolower($key); |
493 | 494 |
if (isset($old_entry[$key_lcase])) { |
494 | 495 |
if ($old_entry[$key_lcase]['count'] == 1) { |
... | ... | |
1119 | 1120 |
} |
1120 | 1121 |
else { |
1121 | 1122 |
foreach ($errors as $err => $err_val){ |
1122 |
watchdog('ldap_server', "Error storing picture: %$err", "%$err_val", WATCHDOG_ERROR );
|
|
1123 |
watchdog('ldap_server', "Error storing picture: %$err", array("%$err" => $err_val), WATCHDOG_ERROR);
|
|
1123 | 1124 |
} |
1124 | 1125 |
return FALSE; |
1125 | 1126 |
} |
drupal7/sites/all/modules/ldap/ldap_servers/ldap_servers.encryption.inc | ||
---|---|---|
51 | 51 |
); */ |
52 | 52 |
|
53 | 53 |
$encrypts = array( |
54 |
LDAP_SERVERS_ENC_TYPE_CLEARTEXT => 'No Encyption' |
|
54 |
LDAP_SERVERS_ENC_TYPE_CLEARTEXT => 'No Encryption'
|
|
55 | 55 |
); |
56 | 56 |
if (function_exists('mcrypt_module_open')) { |
57 | 57 |
$encrypts[LDAP_SERVERS_ENC_TYPE_BLOWFISH] = 'Blowfish'; |
drupal7/sites/all/modules/ldap/ldap_servers/ldap_servers.info | ||
---|---|---|
17 | 17 |
files[] = tests/ldap_servers.test |
18 | 18 |
configure = admin/config/people/ldap/servers |
19 | 19 |
|
20 |
; Information added by Drupal.org packaging script on 2016-08-07
|
|
21 |
version = "7.x-2.0-beta11"
|
|
20 |
; Information added by Drupal.org packaging script on 2017-02-15
|
|
21 |
version = "7.x-2.0-beta12"
|
|
22 | 22 |
core = "7.x" |
23 | 23 |
project = "ldap" |
24 |
datestamp = "1470608343"
|
|
24 |
datestamp = "1487199794"
|
|
25 | 25 |
|
drupal7/sites/all/modules/ldap/ldap_servers/ldap_servers.install | ||
---|---|---|
18 | 18 |
*/ |
19 | 19 |
function ldap_servers_uninstall() { |
20 | 20 |
variable_del('ldap_servers_encryption'); |
21 |
variable_del('ldap_servers_require_ssl_for_credentails');
|
|
21 |
variable_del('ldap_servers_require_ssl_for_credentials');
|
|
22 | 22 |
variable_del('ldap_servers_encrypt_key'); |
23 | 23 |
|
24 | 24 |
} |
... | ... | |
857 | 857 |
} |
858 | 858 |
} |
859 | 859 |
|
860 |
/** |
|
861 |
* Fixes a typo in an LDAP variable name. |
|
862 |
*/ |
|
863 |
function ldap_servers_update_7207() { |
|
864 |
if (!is_null($old_var = variable_get('ldap_servers_require_ssl_for_credentails'))) { |
|
865 |
variable_set('ldap_servers_require_ssl_for_credentials', $old_var); |
|
866 |
variable_del('ldap_servers_require_ssl_for_credentails'); |
|
867 |
} |
|
868 |
} |
|
869 |
|
|
860 | 870 |
function ldap_servers_install_update_schema($schema, &$change_log) { |
861 | 871 |
foreach ($schema as $table_name => $table_schema) { |
862 | 872 |
foreach ($table_schema['fields'] as $field_name => $field_schema) { |
drupal7/sites/all/modules/ldap/ldap_servers/ldap_servers.module | ||
---|---|---|
698 | 698 |
// if no explicit $sid, find most appropriate one |
Formats disponibles : Unified diff
Weekly update of contrib modules