1 |
85ad3d82
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
|
|
/**
|
4 |
|
|
* @file
|
5 |
bc175c27
|
Assos Assos
|
* Form to test a ldap authorization consumer configuration.
|
6 |
85ad3d82
|
Assos Assos
|
*/
|
7 |
|
|
|
8 |
|
|
/**
|
9 |
bc175c27
|
Assos Assos
|
* Form for adding, updating, and deleting a single ldap authorization consumer configuration.
|
10 |
|
|
*
|
11 |
|
|
* @param mixed $form
|
12 |
|
|
* @param mixed $form_state
|
13 |
85ad3d82
|
Assos Assos
|
*
|
14 |
|
|
* @return array drupal form array
|
15 |
|
|
*/
|
16 |
|
|
function ldap_authorization_test_form($form, &$form_state, $consumer_type) {
|
17 |
|
|
$consumer = ldap_authorization_get_consumer_object($consumer_type);
|
18 |
|
|
$consumer_tokens = ldap_authorization_tokens($consumer);
|
19 |
|
|
|
20 |
|
|
if (isset($_SESSION['ldap_authorization_test_query']['result'])) {
|
21 |
32700c57
|
Assos Assos
|
$form['result'] = [
|
22 |
85ad3d82
|
Assos Assos
|
'#type' => 'item',
|
23 |
|
|
'#markup' => $_SESSION['ldap_authorization_test_query']['result'],
|
24 |
32700c57
|
Assos Assos
|
];
|
25 |
85ad3d82
|
Assos Assos
|
|
26 |
32700c57
|
Assos Assos
|
$form['pre-filtered'] = [
|
27 |
85ad3d82
|
Assos Assos
|
'#type' => 'fieldset',
|
28 |
|
|
'#title' => t('Prefiltered and Final Mappings'),
|
29 |
|
|
'#collapsible' => TRUE,
|
30 |
|
|
'#collapsed' => TRUE,
|
31 |
32700c57
|
Assos Assos
|
];
|
32 |
|
|
$form['pre-filtered']['overview'] = [
|
33 |
bc175c27
|
Assos Assos
|
'#type' => 'item',
|
34 |
|
|
'#markup' => t('Below are the "raw authorizations" and which strategy they are derived from. If enabled, the mapping filter is applied to these.'),
|
35 |
32700c57
|
Assos Assos
|
];
|
36 |
85ad3d82
|
Assos Assos
|
|
37 |
|
|
if (isset($_SESSION['ldap_authorization_test_query']['maps'])) {
|
38 |
|
|
$i = 0;
|
39 |
|
|
foreach ($_SESSION['ldap_authorization_test_query']['maps'] as $map => $data) {
|
40 |
|
|
$i++;
|
41 |
32700c57
|
Assos Assos
|
$form['pre-filtered']['map' . $i] = [
|
42 |
bc175c27
|
Assos Assos
|
'#type' => 'item',
|
43 |
32700c57
|
Assos Assos
|
'#markup' => is_scalar($data) ? "<h2>$map (without filter)</h2>" . $data : theme('item_list', ['items' => $data, 'type' => 'ul', 'title' => "$map (without filter)"]),
|
44 |
|
|
];
|
45 |
85ad3d82
|
Assos Assos
|
}
|
46 |
|
|
}
|
47 |
|
|
|
48 |
32700c57
|
Assos Assos
|
$form['use_first_attr_as_groupid'] = [
|
49 |
85ad3d82
|
Assos Assos
|
'#type' => 'fieldset',
|
50 |
|
|
'#title' => t('After "Convert full dn to value of first attribute before mapping"'),
|
51 |
|
|
'#collapsible' => TRUE,
|
52 |
|
|
'#collapsed' => TRUE,
|
53 |
32700c57
|
Assos Assos
|
];
|
54 |
85ad3d82
|
Assos Assos
|
|
55 |
|
|
if ($consumer->consumerConf->useFirstAttrAsGroupId) {
|
56 |
|
|
if (isset($_SESSION['ldap_authorization_test_query']['useFirstAttrAsGroupId'])) {
|
57 |
32700c57
|
Assos Assos
|
$form['use_first_attr_as_groupid']['data'] = [
|
58 |
bc175c27
|
Assos Assos
|
'#type' => 'item',
|
59 |
32700c57
|
Assos Assos
|
'#markup' => theme('item_list', ['items' => $_SESSION['ldap_authorization_test_query']['useFirstAttrAsGroupId'], 'type' => 'ul', 'title' => "Convert full dn to value of first attribute before mapping"]),
|
60 |
|
|
];
|
61 |
85ad3d82
|
Assos Assos
|
}
|
62 |
|
|
}
|
63 |
|
|
else {
|
64 |
32700c57
|
Assos Assos
|
$form['use_first_attr_as_groupid']['data'] = [
|
65 |
bc175c27
|
Assos Assos
|
'#type' => 'item',
|
66 |
|
|
'#markup' => "Convert full dn to value of first attribute before mapping. NOT enabled",
|
67 |
32700c57
|
Assos Assos
|
];
|
68 |
85ad3d82
|
Assos Assos
|
}
|
69 |
|
|
|
70 |
32700c57
|
Assos Assos
|
$form['post mappings'] = [
|
71 |
85ad3d82
|
Assos Assos
|
'#type' => 'fieldset',
|
72 |
|
|
'#title' => t('After Mappings and Filters Applied'),
|
73 |
|
|
'#collapsible' => TRUE,
|
74 |
|
|
'#collapsed' => TRUE,
|
75 |
32700c57
|
Assos Assos
|
];
|
76 |
85ad3d82
|
Assos Assos
|
|
77 |
32700c57
|
Assos Assos
|
$maps = [];
|
78 |
85ad3d82
|
Assos Assos
|
foreach ($consumer->consumerConf->mappings as $i => $mapping) {
|
79 |
|
|
$maps[] = $mapping['from'] . '|' . $mapping['user_entered'];
|
80 |
|
|
}
|
81 |
|
|
|
82 |
32700c57
|
Assos Assos
|
$form['post mappings']['conf'] = [
|
83 |
85ad3d82
|
Assos Assos
|
'#type' => 'item',
|
84 |
bc175c27
|
Assos Assos
|
'#markup' => 'Use Mappings as Filter = ' . (int) $consumer->consumerConf->useMappingsAsFilter .
|
85 |
32700c57
|
Assos Assos
|
theme('item_list', [
|
86 |
bc175c27
|
Assos Assos
|
'items' => $maps,
|
87 |
|
|
'type' => 'ul',
|
88 |
|
|
'title' => 'Configured Mappings',
|
89 |
32700c57
|
Assos Assos
|
]
|
90 |
bc175c27
|
Assos Assos
|
),
|
91 |
32700c57
|
Assos Assos
|
];
|
92 |
85ad3d82
|
Assos Assos
|
if ($consumer->consumerConf->mappings) {
|
93 |
|
|
$form['post mappings']['conf']['#markup'] =
|
94 |
bc175c27
|
Assos Assos
|
'Use Mappings as Filter = ' . (int) $consumer->consumerConf->useMappingsAsFilter .
|
95 |
32700c57
|
Assos Assos
|
theme('item_list', [
|
96 |
bc175c27
|
Assos Assos
|
'items' => $maps,
|
97 |
|
|
'type' => 'ul',
|
98 |
|
|
'title' => 'Configured Mappings',
|
99 |
32700c57
|
Assos Assos
|
]
|
100 |
85ad3d82
|
Assos Assos
|
);
|
101 |
|
|
}
|
102 |
|
|
else {
|
103 |
|
|
$form['post mappings']['conf']['#markup'] =
|
104 |
|
|
'Use Mappings as Filter = ' .
|
105 |
bc175c27
|
Assos Assos
|
(int) $consumer->consumerConf->useMappingsAsFilter .
|
106 |
85ad3d82
|
Assos Assos
|
'<br/>No Mappings Configured';
|
107 |
|
|
}
|
108 |
|
|
|
109 |
|
|
if (isset($_SESSION['ldap_authorization_test_query']['post mappings'])) {
|
110 |
32700c57
|
Assos Assos
|
$form['post mappings']['data'] = [
|
111 |
bc175c27
|
Assos Assos
|
'#type' => 'item',
|
112 |
32700c57
|
Assos Assos
|
'#markup' => theme('item_list', ['items' => $_SESSION['ldap_authorization_test_query']['post mappings'], 'type' => 'ul', 'title' => "Results after any filtering and mappings applied"]),
|
113 |
|
|
];
|
114 |
85ad3d82
|
Assos Assos
|
}
|
115 |
|
|
|
116 |
|
|
}
|
117 |
|
|
|
118 |
|
|
if (isset($_SESSION['ldap_authorization_test_query']['setting_data'])) {
|
119 |
|
|
foreach ($_SESSION['ldap_authorization_test_query']['setting_data'] as $title => $data) {
|
120 |
32700c57
|
Assos Assos
|
$form[$title] = [
|
121 |
85ad3d82
|
Assos Assos
|
'#type' => 'fieldset',
|
122 |
|
|
'#title' => $title,
|
123 |
|
|
'#collapsible' => TRUE,
|
124 |
|
|
'#collapsed' => TRUE,
|
125 |
32700c57
|
Assos Assos
|
];
|
126 |
|
|
$form[$title]['overview'] = [
|
127 |
bc175c27
|
Assos Assos
|
'#type' => 'item',
|
128 |
|
|
'#markup' => "<pre>" . print_r($data, TRUE) . "</pre>",
|
129 |
32700c57
|
Assos Assos
|
];
|
130 |
85ad3d82
|
Assos Assos
|
}
|
131 |
|
|
}
|
132 |
|
|
|
133 |
32700c57
|
Assos Assos
|
$form['intro'] = [
|
134 |
bc175c27
|
Assos Assos
|
'#type' => 'item',
|
135 |
|
|
'#markup' => t('<h1>Test LDAP to !consumer_name Configuration</h1>
|
136 |
85ad3d82
|
Assos Assos
|
<p>This form will not actually grant any authorizations, its just to show
|
137 |
|
|
what authorizations would be granted with this configuration.</p>', $consumer_tokens),
|
138 |
32700c57
|
Assos Assos
|
];
|
139 |
85ad3d82
|
Assos Assos
|
|
140 |
32700c57
|
Assos Assos
|
$form['consumer_type'] = [
|
141 |
85ad3d82
|
Assos Assos
|
'#type' => 'hidden',
|
142 |
|
|
'#default_value' => $consumer_type,
|
143 |
32700c57
|
Assos Assos
|
];
|
144 |
85ad3d82
|
Assos Assos
|
|
145 |
32700c57
|
Assos Assos
|
$form['usernames'] = [
|
146 |
85ad3d82
|
Assos Assos
|
'#type' => 'textarea',
|
147 |
|
|
'#title' => t('Drupal usernames to test !consumer_shortName authorizations results for. One per line.', $consumer_tokens),
|
148 |
32700c57
|
Assos Assos
|
'#default_value' => @$_SESSION['ldap_authorization_test_query']['usernames'],
|
149 |
85ad3d82
|
Assos Assos
|
'#cols' => 50,
|
150 |
|
|
'#rows' => 6,
|
151 |
|
|
'#description' => '',
|
152 |
32700c57
|
Assos Assos
|
];
|
153 |
85ad3d82
|
Assos Assos
|
|
154 |
32700c57
|
Assos Assos
|
$form['random_users'] = [
|
155 |
85ad3d82
|
Assos Assos
|
'#type' => 'checkbox',
|
156 |
|
|
'#default_value' => @$_SESSION['ldap_authorization_test_form']['random_users'],
|
157 |
|
|
'#title' => t('Use 10 random users', $consumer_tokens),
|
158 |
32700c57
|
Assos Assos
|
];
|
159 |
85ad3d82
|
Assos Assos
|
|
160 |
32700c57
|
Assos Assos
|
$form['execute_authorizations'] = [
|
161 |
85ad3d82
|
Assos Assos
|
'#type' => 'checkbox',
|
162 |
|
|
'#default_value' => @$_SESSION['ldap_authorization_test_form']['execute_authorizations'],
|
163 |
|
|
'#title' => t('Actually grant or revoke example authorizations.
|
164 |
|
|
This will grant and revoke based on the ldap authorization configuration
|
165 |
|
|
options such as whether to revoke or regrant manually applied authorizations.
|
166 |
|
|
Try with this unchecked first, then check to see how authorizations are applied.', $consumer_tokens),
|
167 |
32700c57
|
Assos Assos
|
];
|
168 |
85ad3d82
|
Assos Assos
|
|
169 |
32700c57
|
Assos Assos
|
$form['user_data_clear'] = [
|
170 |
85ad3d82
|
Assos Assos
|
'#type' => 'checkbox',
|
171 |
|
|
'#default_value' => @$_SESSION['ldap_authorization_test_form']['user_data_clear'],
|
172 |
|
|
'#title' => t('Clear <pre>$user->data[ldap_authorization][<consumer type>]</pre> data for test users.', $consumer_tokens),
|
173 |
32700c57
|
Assos Assos
|
];
|
174 |
85ad3d82
|
Assos Assos
|
|
175 |
32700c57
|
Assos Assos
|
$form['submit'] = [
|
176 |
85ad3d82
|
Assos Assos
|
'#type' => 'submit',
|
177 |
|
|
'#value' => 'test',
|
178 |
32700c57
|
Assos Assos
|
];
|
179 |
85ad3d82
|
Assos Assos
|
unset($_SESSION['ldap_authorization_test_query']);
|
180 |
|
|
return $form;
|
181 |
|
|
}
|
182 |
|
|
|
183 |
|
|
/**
|
184 |
bc175c27
|
Assos Assos
|
* Validate handler for the ldap_authorization_test.
|
185 |
85ad3d82
|
Assos Assos
|
*/
|
186 |
|
|
function ldap_authorization_test_form_validate($form, &$form_state) {
|
187 |
|
|
|
188 |
|
|
$values = $form_state['values'];
|
189 |
|
|
if (!($values['usernames'] || $values['random_users'])) {
|
190 |
|
|
form_set_error('No options chosen', t('Usernames must be given or random users checked.'));
|
191 |
|
|
}
|
192 |
|
|
|
193 |
|
|
}
|
194 |
|
|
|
195 |
|
|
/**
|
196 |
bc175c27
|
Assos Assos
|
* Submit handler function for ldap_authorization_test.
|
197 |
85ad3d82
|
Assos Assos
|
*/
|
198 |
|
|
function ldap_authorization_test_form_submit($form, &$form_state) {
|
199 |
|
|
$consumer_type = $form_state['values']['consumer_type'];
|
200 |
|
|
$consumer = ldap_authorization_get_consumer_object($consumer_type);
|
201 |
|
|
$consumer_tokens = ldap_authorization_tokens($consumer);
|
202 |
|
|
|
203 |
32700c57
|
Assos Assos
|
$results = [];
|
204 |
85ad3d82
|
Assos Assos
|
$users_listed = $array = preg_split('/[\n\r]+/', $form_state['values']['usernames']);
|
205 |
32700c57
|
Assos Assos
|
$random_users = [];
|
206 |
85ad3d82
|
Assos Assos
|
$_SESSION['ldap_authorization_test_query']['random_users'] = $form_state['values']['random_users'];
|
207 |
|
|
$_SESSION['ldap_authorization_test_query']['usernames'] = $form_state['values']['usernames'];
|
208 |
bc175c27
|
Assos Assos
|
// Add 10 random usernames to test.
|
209 |
|
|
if ($form_state['values']['random_users']) {
|
210 |
|
|
// Not using user_load_multiple because need randomness outside of query.
|
211 |
85ad3d82
|
Assos Assos
|
$select = db_select('users', 'u');
|
212 |
|
|
$select->fields('u');
|
213 |
|
|
|
214 |
|
|
try {
|
215 |
bc175c27
|
Assos Assos
|
$random_users = $select->execute()->fetchAllAssoc('name', PDO::FETCH_ASSOC);
|
216 |
85ad3d82
|
Assos Assos
|
}
|
217 |
|
|
catch (Exception $e) {
|
218 |
|
|
drupal_set_message(t('db users query failed. Message = %message, query= %query',
|
219 |
32700c57
|
Assos Assos
|
['%message' => $e->getMessage(), '%query' => $e->query_string]), 'error');
|
220 |
85ad3d82
|
Assos Assos
|
return "";
|
221 |
|
|
}
|
222 |
|
|
|
223 |
|
|
}
|
224 |
|
|
$user_names = array_unique(array_merge(array_keys($random_users), $users_listed));
|
225 |
|
|
$i = 0;
|
226 |
|
|
foreach ($user_names as $username) {
|
227 |
|
|
if ($username) {
|
228 |
|
|
if (!$user = user_load_by_name($username)) {
|
229 |
bc175c27
|
Assos Assos
|
// If not existing user, create fake user assumed to be ldap authenticated.
|
230 |
85ad3d82
|
Assos Assos
|
$user = new stdClass();
|
231 |
|
|
$user->name = $username;
|
232 |
|
|
$user->ldap_test = TRUE;
|
233 |
|
|
$user->ldap_authenticated = TRUE;
|
234 |
|
|
}
|
235 |
|
|
else {
|
236 |
|
|
if (function_exists('dpm')) {
|
237 |
|
|
dpm("user: $username"); dpm($user);
|
238 |
|
|
}
|
239 |
|
|
}
|
240 |
|
|
|
241 |
|
|
if ($form_state['values']['user_data_clear'] == 1) {
|
242 |
|
|
$user_data = $user->data;
|
243 |
|
|
unset($user_data['ldap_authorizations'][$consumer_type]);
|
244 |
32700c57
|
Assos Assos
|
$user = user_save($user, ['data' => $user_data]);
|
245 |
85ad3d82
|
Assos Assos
|
}
|
246 |
|
|
|
247 |
|
|
$action = ($form_state['values']['execute_authorizations'] == 1) ? "test_query_set" : 'test_query';
|
248 |
|
|
list($results[$username], $notifications[$username]) = ldap_authorizations_user_authorizations($user, $action, $consumer_type, 'logon');
|
249 |
bc175c27
|
Assos Assos
|
// Remove authorizations from other consumer types.
|
250 |
32700c57
|
Assos Assos
|
$results[$username] = [$consumer_type => $results[$username][$consumer_type]];
|
251 |
85ad3d82
|
Assos Assos
|
$i++;
|
252 |
|
|
if ($i == 10) {
|
253 |
|
|
break;
|
254 |
|
|
}
|
255 |
|
|
}
|
256 |
|
|
}
|
257 |
|
|
|
258 |
32700c57
|
Assos Assos
|
$table = theme('ldap_authorization_test_results', ['results' => $results, 'consumer' => $consumer, 'notifications' => $notifications]);
|
259 |
85ad3d82
|
Assos Assos
|
$_SESSION['ldap_authorization_test_query']['result'] = $table;
|
260 |
|
|
$form_state['redirect'] = LDAP_SERVERS_MENU_BASE_PATH . '/authorization/test/' . $consumer->consumerType;
|
261 |
|
|
|
262 |
|
|
} |