1 |
85ad3d82
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
bc175c27
|
Assos Assos
|
/**
|
4 |
|
|
* @file
|
5 |
|
|
* Controls organic group membership based on LDAP values.
|
6 |
85ad3d82
|
Assos Assos
|
*/
|
7 |
|
|
|
8 |
|
|
/**
|
9 |
|
|
* Implements hook_ldap_authorization_consumer().
|
10 |
|
|
*/
|
11 |
|
|
function ldap_authorization_og_ldap_authorization_consumer() {
|
12 |
32700c57
|
Assos Assos
|
$types['og_group'] = [
|
13 |
85ad3d82
|
Assos Assos
|
'consumer_name' => t('OG group'),
|
14 |
|
|
'consumer_name_plural' => t('OG groups'),
|
15 |
|
|
'consumer_short_name' => t('group'),
|
16 |
|
|
'consumer_short_name_plural' => t('groups'),
|
17 |
|
|
'consumer_description' => t('An OG group.'),
|
18 |
|
|
'consumer_class_name' => 'LdapAuthorizationConsumerOG',
|
19 |
|
|
'consumer_class_file' => 'LdapAuthorizationConsumerOG.class.php',
|
20 |
|
|
'consumer_module' => 'ldap_authorization_og',
|
21 |
32700c57
|
Assos Assos
|
];
|
22 |
85ad3d82
|
Assos Assos
|
|
23 |
bc175c27
|
Assos Assos
|
$types['og_group']['consumer_mapping_directions'] = 'Mappings should be of form:<br/>
|
24 |
|
|
<code>[raw authorization id]|[og entity type]:[og entity id or title]:[og role id]</code>
|
25 |
|
|
<br/>[og entity type] is generally "node"
|
26 |
|
|
<br/>[og entity id or title] can be the groups title or entity id. <strong>Titles with ":"s in them may not be used</strong>.
|
27 |
|
|
<br/>when [og role id] is left off, default role is used.
|
28 |
|
|
<br/>such as:<br/>
|
29 |
|
|
<code>
|
30 |
|
|
Student Accounts|node:17:2<br/>
|
31 |
|
|
cn=honors students,ou=groups,dc=hogwarts,dc=edu|node:honors students<br/>
|
32 |
|
|
cn=gryffindor,ou=groups,dc=hogwarts,dc=edu|node:gryffindor:3<br/>
|
33 |
|
|
</code>';
|
34 |
|
|
|
35 |
85ad3d82
|
Assos Assos
|
return $types;
|
36 |
|
|
}
|
37 |
|
|
|
38 |
|
|
/**
|
39 |
bc175c27
|
Assos Assos
|
* Format authorization id.
|
40 |
85ad3d82
|
Assos Assos
|
*
|
41 |
bc175c27
|
Assos Assos
|
* @param int $gid
|
42 |
|
|
* as organic group gid.
|
43 |
|
|
* @param int $rid
|
44 |
|
|
* as organic group rig.
|
45 |
|
|
* @param array $group_entity
|
46 |
|
|
* as entity associated with organic group.
|
47 |
85ad3d82
|
Assos Assos
|
*
|
48 |
|
|
* @return string "normalized" authorization id such as 3-3
|
49 |
|
|
*/
|
50 |
|
|
function ldap_authorization_og_authorization_id($gid, $rid, $entity_type = 'node') {
|
51 |
bc175c27
|
Assos Assos
|
return join(':', [$entity_type, $gid, $rid]);
|
52 |
85ad3d82
|
Assos Assos
|
}
|
53 |
|
|
|
54 |
|
|
/**
|
55 |
|
|
*
|
56 |
|
|
*/
|
57 |
bc175c27
|
Assos Assos
|
function ldap_authorization_og_og_version() {
|
58 |
|
|
return (function_exists('og_action_info')) ? 2 : 1;
|
59 |
85ad3d82
|
Assos Assos
|
}
|
60 |
|
|
|
61 |
|
|
/**
|
62 |
bc175c27
|
Assos Assos
|
* Generic function to convert between query values and organic groups structures and attributes.
|
63 |
85ad3d82
|
Assos Assos
|
*
|
64 |
bc175c27
|
Assos Assos
|
* @param mixed $entity_type
|
65 |
|
|
* signifies query value e.g. 'bakers', 7 etc.
|
66 |
|
|
* @param mixed $group_name
|
67 |
|
|
* signifies query type e.g. 'group_name', 'gid', etc.
|
68 |
be58a50c
|
Assos Assos
|
*
|
69 |
85ad3d82
|
Assos Assos
|
* @return mixed organic group object, gid, label, etc.
|
70 |
|
|
*/
|
71 |
|
|
function ldap_authorization_og2_get_group_from_name($entity_type, $group_name) {
|
72 |
|
|
|
73 |
bc175c27
|
Assos Assos
|
require_once drupal_get_path('module', 'ldap_authorization_og') . '/LdapAuthorizationConsumerOG.class.php';
|
74 |
85ad3d82
|
Assos Assos
|
$group_entity = FALSE;
|
75 |
|
|
$group_entity_id = FALSE;
|
76 |
|
|
$query = new EntityFieldQuery();
|
77 |
|
|
$query->entityCondition('entity_type', $entity_type)
|
78 |
|
|
->propertyCondition('title', $group_name);
|
79 |
|
|
$result = $query->execute();
|
80 |
|
|
if (isset($result[$entity_type])) {
|
81 |
|
|
$group_ids = array_keys($result[$entity_type]);
|
82 |
|
|
if (count($group_ids) == 1) {
|
83 |
|
|
$group_entity = entity_load_single($entity_type, $group_ids[0]);
|
84 |
|
|
$group_entity_id = $group_ids[0];
|
85 |
|
|
}
|
86 |
|
|
}
|
87 |
|
|
|
88 |
32700c57
|
Assos Assos
|
return [$group_entity, $group_entity_id];
|
89 |
85ad3d82
|
Assos Assos
|
|
90 |
|
|
}
|
91 |
|
|
|
92 |
|
|
/**
|
93 |
|
|
*
|
94 |
|
|
*/
|
95 |
|
|
function ldap_authorization_og2_has_consumer_id($consumer_id, $uid) {
|
96 |
|
|
$parts = explode(':', $consumer_id);
|
97 |
|
|
$result = FALSE;
|
98 |
32700c57
|
Assos Assos
|
$watchdog_tokens = [
|
99 |
85ad3d82
|
Assos Assos
|
'%consumer_id' => $consumer_id,
|
100 |
|
|
'%uid' => $uid,
|
101 |
32700c57
|
Assos Assos
|
];
|
102 |
85ad3d82
|
Assos Assos
|
if (count($parts) == 3) {
|
103 |
|
|
list($group_type, $gid, $rid) = $parts;
|
104 |
bc175c27
|
Assos Assos
|
// Need to make sure entity exists before calling og_get_user_roles which will throw fatal error.
|
105 |
85ad3d82
|
Assos Assos
|
if ($group = entity_load_single($group_type, $gid)) {
|
106 |
|
|
if (og_is_group($group_type, $group)) {
|
107 |
|
|
$roles = og_get_user_roles($group_type, $gid, $uid, TRUE);
|
108 |
|
|
$result = isset($roles[$rid]);
|
109 |
|
|
}
|
110 |
|
|
else {
|
111 |
|
|
watchdog('ldap_authorization_og', "ldap_authorization_og2_has_consumer_id passed value of non og group consumer_id=%consumer_id, uid=%uid", $watchdog_tokens, WATCHDOG_ERROR);
|
112 |
|
|
}
|
113 |
|
|
}
|
114 |
|
|
else {
|
115 |
|
|
watchdog('ldap_authorization_og', "ldap_authorization_og2_has_consumer_id could not load entity requested: consumer_id=%consumer_id, uid=%uid", $watchdog_tokens, WATCHDOG_ERROR);
|
116 |
|
|
}
|
117 |
|
|
}
|
118 |
|
|
return $result;
|
119 |
|
|
}
|
120 |
|
|
|
121 |
bc175c27
|
Assos Assos
|
/**
|
122 |
|
|
* Ldap_authorization_og2_has_role($og_students_node->nid, $web_user->uid, OG_AUTHENTICATED_ROLE)
|
123 |
|
|
*/
|
124 |
85ad3d82
|
Assos Assos
|
function ldap_authorization_og2_has_role($group_type, $gid, $uid, $role_name) {
|
125 |
bc175c27
|
Assos Assos
|
// Array with rid as key and role name as value.
|
126 |
|
|
$roles = og_get_user_roles($group_type, $gid, $uid, TRUE);
|
127 |
85ad3d82
|
Assos Assos
|
return (is_array($roles) && in_array($role_name, array_values($roles)));
|
128 |
|
|
}
|
129 |
|
|
|
130 |
|
|
/**
|
131 |
bc175c27
|
Assos Assos
|
* Derive og role id from role name.
|
132 |
|
|
*
|
133 |
|
|
* @param string $role_name
|
134 |
|
|
* as og role name.
|
135 |
85ad3d82
|
Assos Assos
|
*
|
136 |
|
|
* @return int og role id
|
137 |
|
|
*/
|
138 |
|
|
function ldap_authorization_og_rid_from_role_name($role_name) {
|
139 |
|
|
$roles = og_roles(0);
|
140 |
|
|
$rids = array_flip($roles);
|
141 |
|
|
return isset($rids[$role_name]) ? $rids[$role_name] : FALSE;
|
142 |
|
|
}
|
143 |
|
|
|
144 |
bc175c27
|
Assos Assos
|
/**
|
145 |
|
|
*
|
146 |
|
|
*/
|
147 |
85ad3d82
|
Assos Assos
|
function ldap_authorization_og2_rid_from_role_name($entity_type, $bundle, $gid, $role_name) {
|
148 |
|
|
$roles = og_roles($entity_type, $bundle, 0, FALSE, TRUE);
|
149 |
|
|
$roles_flipped = array_flip($roles);
|
150 |
|
|
return (empty($roles_flipped[$role_name])) ? NULL : $roles_flipped[$role_name];
|
151 |
|
|
}
|
152 |
|
|
|
153 |
bc175c27
|
Assos Assos
|
/**
|
154 |
|
|
*
|
155 |
|
|
*/
|
156 |
85ad3d82
|
Assos Assos
|
function ldap_authorization_og_get_all_group_entities() {
|
157 |
32700c57
|
Assos Assos
|
$entities = [];
|
158 |
85ad3d82
|
Assos Assos
|
$group_entity_types = og_get_all_group_bundle();
|
159 |
|
|
foreach ($group_entity_types as $entity_type => $group) {
|
160 |
|
|
$entity_ids = og_get_all_group('node');
|
161 |
|
|
$entities[$entity_type] = entity_load('node', $entity_ids);
|
162 |
|
|
}
|
163 |
|
|
return $entities;
|
164 |
|
|
}
|
165 |
bc175c27
|
Assos Assos
|
|
166 |
85ad3d82
|
Assos Assos
|
/**
|
167 |
|
|
* Implements hook_form_alter().
|
168 |
|
|
*/
|
169 |
|
|
function ldap_authorization_og_form_ldap_authorization_admin_form_alter(&$form, $form_state) {
|
170 |
|
|
if ($form['status']['consumer_type']['#value'] == 'og_group') {
|
171 |
|
|
$form['filter_and_mappings']['use_filter']['#description'] = t('This is a required option for Organic Groups. It is only displayed for consistency with other user interfaces.');
|
172 |
|
|
$form['filter_and_mappings']['use_filter']['#disabled'] = TRUE;
|
173 |
|
|
}
|
174 |
|
|
} |