1 |
85ad3d82
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
|
|
|
4 |
|
|
|
5 |
32700c57
|
Assos Assos
|
|
6 |
85ad3d82
|
Assos Assos
|
|
7 |
|
|
|
8 |
|
|
module_load_include('php', 'ldap_servers', 'LdapServer.class');
|
9 |
32700c57
|
Assos Assos
|
|
10 |
|
|
|
11 |
|
|
|
12 |
85ad3d82
|
Assos Assos
|
class LdapServerAdmin extends LdapServer {
|
13 |
|
|
|
14 |
|
|
public $bindpw_new = FALSE;
|
15 |
|
|
public $bindpw_clear = FALSE;
|
16 |
|
|
|
17 |
|
|
|
18 |
32700c57
|
Assos Assos
|
|
19 |
|
|
|
20 |
85ad3d82
|
Assos Assos
|
|
21 |
|
|
public static function getLdapServerObjects($sid = NULL, $type = NULL, $class = 'LdapServer', $reset = FALSE) {
|
22 |
32700c57
|
Assos Assos
|
$servers = [];
|
23 |
85ad3d82
|
Assos Assos
|
if (module_exists('ctools')) {
|
24 |
|
|
ctools_include('export');
|
25 |
|
|
if ($reset) {
|
26 |
|
|
ctools_export_load_object_reset('ldap_servers');
|
27 |
|
|
}
|
28 |
|
|
$select = ctools_export_load_object('ldap_servers', 'all');
|
29 |
|
|
}
|
30 |
|
|
else {
|
31 |
|
|
try {
|
32 |
|
|
$select = db_select('ldap_servers', 'ldap_servers')
|
33 |
|
|
->fields('ldap_servers')
|
34 |
|
|
->execute();
|
35 |
|
|
}
|
36 |
|
|
catch (Exception $e) {
|
37 |
|
|
drupal_set_message(t('server index query failed. Message = %message, query= %query',
|
38 |
32700c57
|
Assos Assos
|
['%message' => $e->getMessage(), '%query' => $e->query_string]), 'error');
|
39 |
|
|
return [];
|
40 |
85ad3d82
|
Assos Assos
|
}
|
41 |
|
|
}
|
42 |
|
|
foreach ($select as $result) {
|
43 |
|
|
$servers[$result->sid] = ($class == 'LdapServer') ? new LdapServer($result->sid) : new LdapServerAdmin($result->sid);
|
44 |
|
|
}
|
45 |
|
|
return $servers;
|
46 |
|
|
|
47 |
|
|
}
|
48 |
|
|
|
49 |
32700c57
|
Assos Assos
|
|
50 |
|
|
|
51 |
|
|
|
52 |
|
|
public function __construct($sid) {
|
53 |
85ad3d82
|
Assos Assos
|
parent::__construct($sid);
|
54 |
|
|
}
|
55 |
|
|
|
56 |
32700c57
|
Assos Assos
|
|
57 |
|
|
|
58 |
|
|
|
59 |
85ad3d82
|
Assos Assos
|
protected function populateFromDrupalForm($op, $values) {
|
60 |
|
|
$this->inDatabase = ($op == 'edit');
|
61 |
|
|
$this->sid = trim($values['sid']);
|
62 |
|
|
$this->name = trim($values['name']);
|
63 |
|
|
$this->status = ($values['status']) ? 1 : 0;
|
64 |
|
|
$this->ldap_type = trim($values['ldap_type']);
|
65 |
|
|
$this->address = trim($values['address']);
|
66 |
|
|
$this->port = trim($values['port']);
|
67 |
|
|
$this->tls = trim($values['tls']);
|
68 |
|
|
$this->followrefs = trim($values['followrefs']);
|
69 |
|
|
$this->bind_method = trim($values['bind_method']);
|
70 |
|
|
$this->binddn = trim($values['binddn']);
|
71 |
|
|
if (trim($values['bindpw'])) {
|
72 |
|
|
$this->bindpw_new = trim($values['bindpw']);
|
73 |
|
|
}
|
74 |
|
|
$this->user_dn_expression = trim($values['user_dn_expression']);
|
75 |
|
|
$this->basedn = $this->linesToArray(trim($values['basedn']));
|
76 |
|
|
$this->user_attr = drupal_strtolower(trim($values['user_attr']));
|
77 |
|
|
$this->picture_attr = drupal_strtolower(trim($values['picture_attr']));
|
78 |
|
|
$this->account_name_attr = drupal_strtolower(trim($values['account_name_attr']));
|
79 |
|
|
$this->mail_attr = drupal_strtolower(trim($values['mail_attr']));
|
80 |
|
|
$this->mail_template = trim($values['mail_template']);
|
81 |
|
|
$this->unique_persistent_attr = drupal_strtolower(trim($values['unique_persistent_attr']));
|
82 |
|
|
$this->unique_persistent_attr_binary = trim($values['unique_persistent_attr_binary']);
|
83 |
|
|
$this->ldapToDrupalUserPhp = $values['ldap_to_drupal_user'];
|
84 |
|
|
$this->testingDrupalUsername = trim($values['testing_drupal_username']);
|
85 |
|
|
$this->testingDrupalUserDn = trim($values['testing_drupal_user_dn']);
|
86 |
|
|
$this->groupFunctionalityUnused = $values['grp_unused'];
|
87 |
|
|
$this->groupObjectClass = drupal_strtolower(trim($values['grp_object_cat']));
|
88 |
|
|
$this->groupNested = trim($values['grp_nested']);
|
89 |
|
|
|
90 |
|
|
$this->groupUserMembershipsAttrExists = trim($values['grp_user_memb_attr_exists']);
|
91 |
bc175c27
|
Assos Assos
|
$this->groupUserMembershipsAttr = drupal_strtolower(trim($values['grp_user_memb_attr']));
|
92 |
85ad3d82
|
Assos Assos
|
|
93 |
|
|
$this->groupMembershipsAttr = drupal_strtolower(trim($values['grp_memb_attr']));
|
94 |
|
|
|
95 |
bc175c27
|
Assos Assos
|
$this->groupMembershipsAttrMatchingUserAttr = drupal_strtolower(trim($values['grp_memb_attr_match_user_attr']));
|
96 |
85ad3d82
|
Assos Assos
|
|
97 |
|
|
$this->groupDeriveFromDn = trim($values['grp_derive_from_dn']);
|
98 |
|
|
$this->groupDeriveFromDnAttr = drupal_strtolower(trim($values['grp_derive_from_dn_attr']));
|
99 |
|
|
$this->groupTestGroupDn = trim($values['grp_test_grp_dn']);
|
100 |
|
|
$this->groupTestGroupDnWriteable = trim($values['grp_test_grp_dn_writeable']);
|
101 |
|
|
|
102 |
|
|
$this->searchPagination = ($values['search_pagination']) ? 1 : 0;
|
103 |
|
|
$this->searchPageSize = trim($values['search_page_size']);
|
104 |
|
|
|
105 |
|
|
}
|
106 |
|
|
|
107 |
|
|
|
108 |
32700c57
|
Assos Assos
|
|
109 |
|
|
|
110 |
85ad3d82
|
Assos Assos
|
|
111 |
|
|
public function save($op) {
|
112 |
|
|
|
113 |
|
|
$values = new stdClass();
|
114 |
|
|
|
115 |
|
|
foreach ($this->field_to_properties_map() as $field_name => $property_name) {
|
116 |
|
|
$field_name_lcase = drupal_strtolower($field_name);
|
117 |
|
|
$values->{$field_name_lcase} = $this->{$property_name};
|
118 |
|
|
}
|
119 |
|
|
if (isset($this->bindpw) && $this->bindpw) {
|
120 |
|
|
$values->bindpw = ldap_servers_encrypt($this->bindpw);
|
121 |
|
|
}
|
122 |
|
|
if ($this->bindpw_new) {
|
123 |
|
|
$values->bindpw = ldap_servers_encrypt($this->bindpw_new);
|
124 |
|
|
}
|
125 |
|
|
elseif ($this->bindpw_clear) {
|
126 |
|
|
$values->bindpw = NULL;
|
127 |
|
|
}
|
128 |
|
|
|
129 |
32700c57
|
Assos Assos
|
$values->tls = (int) $this->tls;
|
130 |
|
|
$values->followrefs = (int) $this->followrefs;
|
131 |
85ad3d82
|
Assos Assos
|
|
132 |
|
|
if (module_exists('ctools')) {
|
133 |
|
|
ctools_include('export');
|
134 |
32700c57
|
Assos Assos
|
|
135 |
85ad3d82
|
Assos Assos
|
$object = ctools_export_crud_new('ldap_servers');
|
136 |
|
|
|
137 |
|
|
foreach ($object as $property => $value) {
|
138 |
|
|
$property_lcase = drupal_strtolower($property);
|
139 |
|
|
if (!isset($values->$property) || !isset($values->$property_lcase)) {
|
140 |
|
|
$values->$property_lcase = $value;
|
141 |
|
|
}
|
142 |
|
|
}
|
143 |
|
|
|
144 |
|
|
try {
|
145 |
|
|
$values->export_type = NULL;
|
146 |
|
|
$result = ctools_export_crud_save('ldap_servers', $values);
|
147 |
32700c57
|
Assos Assos
|
}
|
148 |
|
|
catch (Exception $e) {
|
149 |
85ad3d82
|
Assos Assos
|
$values->export_type = EXPORT_IN_DATABASE;
|
150 |
|
|
$result = ctools_export_crud_save('ldap_servers', $values);
|
151 |
|
|
}
|
152 |
32700c57
|
Assos Assos
|
|
153 |
|
|
|
154 |
|
|
ctools_export_load_object_reset('ldap_servers');
|
155 |
85ad3d82
|
Assos Assos
|
|
156 |
|
|
}
|
157 |
32700c57
|
Assos Assos
|
|
158 |
|
|
else {
|
159 |
85ad3d82
|
Assos Assos
|
unset($values->numeric_sid);
|
160 |
|
|
if ($op == 'add') {
|
161 |
|
|
$result = drupal_write_record('ldap_servers', $values);
|
162 |
|
|
}
|
163 |
|
|
else {
|
164 |
|
|
$result = drupal_write_record('ldap_servers', $values, 'sid');
|
165 |
|
|
}
|
166 |
|
|
ldap_servers_cache_clear();
|
167 |
|
|
|
168 |
|
|
}
|
169 |
|
|
|
170 |
|
|
if ($result) {
|
171 |
|
|
$this->inDatabase = TRUE;
|
172 |
|
|
}
|
173 |
|
|
else {
|
174 |
|
|
drupal_set_message(t('Failed to write LDAP Server to the database.'));
|
175 |
|
|
}
|
176 |
|
|
}
|
177 |
|
|
|
178 |
32700c57
|
Assos Assos
|
|
179 |
|
|
|
180 |
|
|
|
181 |
85ad3d82
|
Assos Assos
|
public function delete($sid) {
|
182 |
|
|
if ($sid == $this->sid) {
|
183 |
|
|
$result = db_delete('ldap_servers')->condition('sid', $sid)->execute();
|
184 |
|
|
if (module_exists('ctools')) {
|
185 |
|
|
ctools_include('export');
|
186 |
32700c57
|
Assos Assos
|
|
187 |
|
|
ctools_export_load_object_reset('ldap_servers');
|
188 |
85ad3d82
|
Assos Assos
|
}
|
189 |
|
|
$this->inDatabase = FALSE;
|
190 |
|
|
return $result;
|
191 |
|
|
}
|
192 |
|
|
else {
|
193 |
|
|
return FALSE;
|
194 |
|
|
}
|
195 |
|
|
}
|
196 |
32700c57
|
Assos Assos
|
|
197 |
|
|
|
198 |
|
|
|
199 |
|
|
|
200 |
85ad3d82
|
Assos Assos
|
public function getLdapServerActions() {
|
201 |
32700c57
|
Assos Assos
|
$switch = ($this->status) ? 'disable' : 'enable';
|
202 |
|
|
$actions = [];
|
203 |
bc175c27
|
Assos Assos
|
$actions[] = l(t('edit'), LDAP_SERVERS_MENU_BASE_PATH . '/servers/edit/' . $this->sid);
|
204 |
85ad3d82
|
Assos Assos
|
if (property_exists($this, 'type')) {
|
205 |
|
|
if ($this->type == 'Overridden') {
|
206 |
32700c57
|
Assos Assos
|
$actions[] = l(t('revert'), LDAP_SERVERS_MENU_BASE_PATH . '/servers/delete/' . $this->sid);
|
207 |
85ad3d82
|
Assos Assos
|
}
|
208 |
|
|
if ($this->type == 'Normal') {
|
209 |
32700c57
|
Assos Assos
|
$actions[] = l(t('delete'), LDAP_SERVERS_MENU_BASE_PATH . '/servers/delete/' . $this->sid);
|
210 |
85ad3d82
|
Assos Assos
|
}
|
211 |
|
|
}
|
212 |
|
|
else {
|
213 |
32700c57
|
Assos Assos
|
$actions[] = l(t('delete'), LDAP_SERVERS_MENU_BASE_PATH . '/servers/delete/' . $this->sid);
|
214 |
85ad3d82
|
Assos Assos
|
}
|
215 |
|
|
$actions[] = l(t('test'), LDAP_SERVERS_MENU_BASE_PATH . '/servers/test/' . $this->sid);
|
216 |
|
|
$actions[] = l($switch, LDAP_SERVERS_MENU_BASE_PATH . '/servers/' . $switch . '/' . $this->sid);
|
217 |
|
|
return $actions;
|
218 |
|
|
}
|
219 |
|
|
|
220 |
32700c57
|
Assos Assos
|
|
221 |
|
|
|
222 |
|
|
|
223 |
85ad3d82
|
Assos Assos
|
public function drupalForm($op) {
|
224 |
|
|
|
225 |
32700c57
|
Assos Assos
|
$form['server'] = [
|
226 |
|
|
'#type' => 'fieldset',
|
227 |
|
|
'#title' => t('Connection settings'),
|
228 |
|
|
'#collapsible' => TRUE,
|
229 |
|
|
'#collapsed' => TRUE,
|
230 |
|
|
];
|
231 |
|
|
|
232 |
|
|
$form['bind_method'] = [
|
233 |
|
|
'#type' => 'fieldset',
|
234 |
|
|
'#title' => t('Binding Method'),
|
235 |
|
|
'#description' => t('How the Drupal system is authenticated by the LDAP server.'),
|
236 |
|
|
'#collapsible' => TRUE,
|
237 |
|
|
'#collapsed' => TRUE,
|
238 |
|
|
];
|
239 |
|
|
|
240 |
|
|
$form['users'] = [
|
241 |
|
|
'#type' => 'fieldset',
|
242 |
|
|
'#title' => t('LDAP User to Drupal User Relationship'),
|
243 |
|
|
'#description' => t('How are LDAP user entries found based on Drupal username or email? And vice-versa?
|
244 |
85ad3d82
|
Assos Assos
|
Needed for LDAP Authentication and Authorization functionality.'),
|
245 |
32700c57
|
Assos Assos
|
'#collapsible' => TRUE,
|
246 |
|
|
'#collapsed' => TRUE,
|
247 |
|
|
];
|
248 |
|
|
|
249 |
|
|
$form['groups'] = [
|
250 |
|
|
'#type' => 'fieldset',
|
251 |
|
|
'#title' => t('LDAP Group Configuration'),
|
252 |
|
|
'#description' => t('How are groups defined on your LDAP server? This varies slightly from one LDAP implementation to another
|
253 |
85ad3d82
|
Assos Assos
|
such as Active Directory, Novell, OpenLDAP, etc. Check everything that is true and enter all the values you know.'),
|
254 |
32700c57
|
Assos Assos
|
'#collapsible' => TRUE,
|
255 |
|
|
'#collapsed' => TRUE,
|
256 |
|
|
];
|
257 |
|
|
|
258 |
|
|
$supports = (ldap_servers_php_supports_pagination()) ? t('support pagination!') : t('NOT support pagination.');
|
259 |
|
|
$form['pagination'] = [
|
260 |
|
|
'#type' => 'fieldset',
|
261 |
|
|
'#title' => t('LDAP Pagination'),
|
262 |
|
|
'#description' => t('In PHP 5.4, pagination is supported in ldap queries.
|
263 |
85ad3d82
|
Assos Assos
|
A patch to earlier versions of PHP also supports this.')
|
264 |
|
|
. ' <strong>' . t('This PHP installation appears to') . ' ' . $supports . '</strong> '
|
265 |
|
|
. '<p>' . t('The advantage to pagination support is that if an ldap server is setup to return only
|
266 |
|
|
1000 entries at a time,
|
267 |
|
|
you can use page through 1000 records at a time;
|
268 |
|
|
without pagination you would never see more than the first 1000 entries.
|
269 |
|
|
Pagination is most useful when large queries for batch creating or
|
270 |
|
|
synching accounts are used. If you are not using this server for such
|
271 |
|
|
tasks, its recommended to leave pagination disabled.') . '</p>',
|
272 |
32700c57
|
Assos Assos
|
'#collapsible' => TRUE,
|
273 |
|
|
'#collapsed' => !ldap_servers_php_supports_pagination(),
|
274 |
|
|
];
|
275 |
85ad3d82
|
Assos Assos
|
|
276 |
32700c57
|
Assos Assos
|
$field_to_prop_maps = $this->field_to_properties_map();
|
277 |
|
|
foreach ($this->fields() as $field_id => $field) {
|
278 |
|
|
if (isset($field['form'])) {
|
279 |
85ad3d82
|
Assos Assos
|
|
280 |
32700c57
|
Assos Assos
|
if (!isset($field['form']['required']) && isset($field['schema']['not null']) && $field['form']['#type'] != 'checkbox') {
|
281 |
|
|
$field['form']['#required'] = (boolean) $field['schema']['not null'];
|
282 |
|
|
}
|
283 |
|
|
if (isset($field['schema']['length']) && !isset($field['form']['#maxlength'])) {
|
284 |
|
|
$field['form']['#maxlength'] = $field['schema']['length'];
|
285 |
|
|
}
|
286 |
|
|
if (isset($field_to_prop_maps[$field_id])) {
|
287 |
|
|
$field['form']['#default_value'] = $this->{$field_to_prop_maps[$field_id]};
|
288 |
|
|
}
|
289 |
|
|
$fieldset = @$field['form']['fieldset'];
|
290 |
|
|
if ($fieldset) {
|
291 |
|
|
unset($field['form']['fieldset']);
|
292 |
|
|
$form[$fieldset][$field_id] = $field['form'];
|
293 |
|
|
}
|
294 |
|
|
else {
|
295 |
|
|
$form[$field_id] = $field['form'];
|
296 |
|
|
}
|
297 |
85ad3d82
|
Assos Assos
|
}
|
298 |
|
|
}
|
299 |
|
|
|
300 |
32700c57
|
Assos Assos
|
$form['server']['sid']['#disabled'] = ($op == 'edit');
|
301 |
85ad3d82
|
Assos Assos
|
|
302 |
32700c57
|
Assos Assos
|
if (!function_exists('ldap_set_rebind_proc')) {
|
303 |
|
|
$form['server']['followrefs']['#disabled'] = TRUE;
|
304 |
|
|
$form['server']['followrefs']['#description'] = t('This functionality is disabled because the function ldap_set_rebind_proc can not be found on this server. Perhaps your version of php does not have this function. See php.net/manual/en/function.ldap-set-rebind-proc.php') . $form['server']['followrefs']['#description'];
|
305 |
|
|
}
|
306 |
85ad3d82
|
Assos Assos
|
|
307 |
32700c57
|
Assos Assos
|
$form['server']['tls']['#required'] = FALSE;
|
308 |
|
|
$form['server']['followrefs']['#required'] = FALSE;
|
309 |
|
|
$form['bind_method']['bind_method']['#default_value'] = ($this->bind_method) ? $this->bind_method : LDAP_SERVERS_BIND_METHOD_DEFAULT;
|
310 |
|
|
$form['users']['basedn']['#default_value'] = $this->arrayToLines($this->basedn);
|
311 |
85ad3d82
|
Assos Assos
|
|
312 |
32700c57
|
Assos Assos
|
if ($this->bindpw) {
|
313 |
|
|
$pwd_directions = t('You currently have a password stored in the database.
|
314 |
85ad3d82
|
Assos Assos
|
Leave password field empty to leave password unchanged. Enter a new password
|
315 |
|
|
to replace the current password. Check the checkbox below to simply
|
316 |
|
|
remove it from the database.');
|
317 |
32700c57
|
Assos Assos
|
$pwd_class = 'ldap-pwd-present';
|
318 |
85ad3d82
|
Assos Assos
|
}
|
319 |
|
|
else {
|
320 |
32700c57
|
Assos Assos
|
$pwd_directions = t('No password is currently stored in the database.
|
321 |
|
|
If you are using a service account, enter one.');
|
322 |
|
|
if ($this->bind_method == LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT) {
|
323 |
|
|
$pwd_class = 'ldap-pwd-abscent';
|
324 |
|
|
}
|
325 |
|
|
else {
|
326 |
|
|
$pwd_class = 'ldap-pwd-not-applicable';
|
327 |
|
|
}
|
328 |
85ad3d82
|
Assos Assos
|
}
|
329 |
|
|
|
330 |
32700c57
|
Assos Assos
|
$action = ($op == 'add') ? 'Add' : 'Update';
|
331 |
|
|
$form['submit'] = [
|
332 |
|
|
'#type' => 'submit',
|
333 |
|
|
'#value' => $action,
|
334 |
|
|
'#weight' => 100,
|
335 |
|
|
];
|
336 |
85ad3d82
|
Assos Assos
|
|
337 |
32700c57
|
Assos Assos
|
return $form;
|
338 |
85ad3d82
|
Assos Assos
|
|
339 |
|
|
}
|
340 |
|
|
|
341 |
32700c57
|
Assos Assos
|
|
342 |
|
|
|
343 |
|
|
|
344 |
|
|
public function drupalFormValidate($op, $values) {
|
345 |
|
|
$errors = [];
|
346 |
85ad3d82
|
Assos Assos
|
|
347 |
|
|
if ($op == 'delete') {
|
348 |
|
|
if (!$this->sid) {
|
349 |
|
|
$errors['server_id_missing'] = 'Server id missing from delete form.';
|
350 |
|
|
}
|
351 |
|
|
$warnings = module_invoke_all('ldap_server_in_use', $this->sid, $this->name);
|
352 |
|
|
if (count($warnings)) {
|
353 |
|
|
$errors['status'] = join("<br/>", array_values($warnings));
|
354 |
|
|
}
|
355 |
|
|
|
356 |
|
|
}
|
357 |
|
|
else {
|
358 |
|
|
$this->populateFromDrupalForm($op, $values);
|
359 |
|
|
$errors = $this->validate($op);
|
360 |
|
|
}
|
361 |
|
|
return $errors;
|
362 |
|
|
}
|
363 |
|
|
|
364 |
32700c57
|
Assos Assos
|
|
365 |
|
|
|
366 |
|
|
|
367 |
85ad3d82
|
Assos Assos
|
protected function validate($op) {
|
368 |
32700c57
|
Assos Assos
|
$errors = [];
|
369 |
85ad3d82
|
Assos Assos
|
if ($op == 'add') {
|
370 |
|
|
$ldap_servers = $this->getLdapServerObjects(NULL, 'all');
|
371 |
|
|
if (count($ldap_servers)) {
|
372 |
|
|
foreach ($ldap_servers as $sid => $ldap_server) {
|
373 |
|
|
if ($this->name == $ldap_server->name) {
|
374 |
32700c57
|
Assos Assos
|
$errors['name'] = t('An LDAP server configuration with the name %name already exists.', ['%name' => $this->name]);
|
375 |
85ad3d82
|
Assos Assos
|
}
|
376 |
|
|
elseif ($this->sid == $ldap_server->sid) {
|
377 |
32700c57
|
Assos Assos
|
$errors['sid'] = t('An LDAP server configuration with the id %sid already exists.', ['%sid' => $this->sid]);
|
378 |
85ad3d82
|
Assos Assos
|
}
|
379 |
|
|
}
|
380 |
|
|
}
|
381 |
|
|
}
|
382 |
|
|
|
383 |
32700c57
|
Assos Assos
|
|
384 |
|
|
if ($this->status == 0) {
|
385 |
85ad3d82
|
Assos Assos
|
$warnings = module_invoke_all('ldap_server_in_use', $this->sid, $this->name);
|
386 |
|
|
if (count($warnings)) {
|
387 |
|
|
$errors['status'] = join("<br/>", array_values($warnings));
|
388 |
|
|
}
|
389 |
|
|
}
|
390 |
|
|
|
391 |
|
|
if (!is_numeric($this->port)) {
|
392 |
bc175c27
|
Assos Assos
|
$errors['port'] = t('The TCP/IP port must be an integer.');
|
393 |
85ad3d82
|
Assos Assos
|
}
|
394 |
|
|
|
395 |
|
|
if ($this->bind_method == LDAP_SERVERS_BIND_METHOD_USER && !$this->user_dn_expression) {
|
396 |
bc175c27
|
Assos Assos
|
$errors['user_dn_expression'] = t('When using "Bind with Users Credentials", Expression for user DN is required');
|
397 |
85ad3d82
|
Assos Assos
|
}
|
398 |
|
|
|
399 |
|
|
if ($this->mail_attr && $this->mail_template) {
|
400 |
bc175c27
|
Assos Assos
|
$errors['mail_attr'] = t('Mail attribute or Mail Template may be used. Not both.');
|
401 |
85ad3d82
|
Assos Assos
|
}
|
402 |
|
|
|
403 |
|
|
if ($this->bind_method == LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT && !$this->binddn) {
|
404 |
bc175c27
|
Assos Assos
|
$errors['binddn'] = t('When using "Bind with Service Account", Bind DN is required.');
|
405 |
85ad3d82
|
Assos Assos
|
}
|
406 |
|
|
if ($op == 'add') {
|
407 |
|
|
if ($this->bind_method == LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT &&
|
408 |
|
|
(($op == 'add' && !$this->bindpw_new) || ($op != 'add' && !$this->bindpw))
|
409 |
|
|
) {
|
410 |
bc175c27
|
Assos Assos
|
$errors['bindpw'] = t('When using "Bind with Service Account", Bind password is required.');
|
411 |
85ad3d82
|
Assos Assos
|
}
|
412 |
|
|
}
|
413 |
|
|
|
414 |
|
|
return $errors;
|
415 |
|
|
}
|
416 |
|
|
|
417 |
32700c57
|
Assos Assos
|
|
418 |
|
|
|
419 |
|
|
|
420 |
|
|
public function drupalFormWarnings($op, $values, $has_errors = NULL) {
|
421 |
|
|
$errors = [];
|
422 |
85ad3d82
|
Assos Assos
|
|
423 |
|
|
if ($op == 'delete') {
|
424 |
|
|
if (!$this->sid) {
|
425 |
|
|
$errors['server_id_missing'] = t('Server id missing from delete form.');
|
426 |
|
|
}
|
427 |
|
|
}
|
428 |
|
|
else {
|
429 |
|
|
$this->populateFromDrupalForm($op, $values);
|
430 |
|
|
$warnings = $this->warnings($op, $has_errors);
|
431 |
|
|
}
|
432 |
|
|
return $warnings;
|
433 |
|
|
}
|
434 |
|
|
|
435 |
32700c57
|
Assos Assos
|
|
436 |
|
|
|
437 |
|
|
|
438 |
|
|
protected function warnings($op, $has_errors = NULL) {
|
439 |
85ad3d82
|
Assos Assos
|
|
440 |
32700c57
|
Assos Assos
|
$warnings = [];
|
441 |
85ad3d82
|
Assos Assos
|
if ($this->ldap_type) {
|
442 |
|
|
$defaults = ldap_servers_ldaps_option_array();
|
443 |
|
|
if (isset($defaults['user']['user_attr']) && ($this->user_attr != $defaults['user']['user_attr'])) {
|
444 |
32700c57
|
Assos Assos
|
$tokens = ['%name' => $defaults['name'], '%default' => $defaults['user']['user_attr'], '%user_attr' => $this->user_attr];
|
445 |
bc175c27
|
Assos Assos
|
$warnings['user_attr'] = t('The standard UserName attribute in %name is %default. You have %user_attr. This may be correct
|
446 |
85ad3d82
|
Assos Assos
|
for your particular LDAP.', $tokens);
|
447 |
|
|
}
|
448 |
|
|
|
449 |
|
|
if (isset($defaults['user']['mail_attr']) && $this->mail_attr && ($this->mail_attr != $defaults['user']['mail_attr'])) {
|
450 |
32700c57
|
Assos Assos
|
$tokens = ['%name' => $defaults['name'], '%default' => $defaults['user']['mail_attr'], '%mail_attr' => $this->mail_attr];
|
451 |
bc175c27
|
Assos Assos
|
$warnings['mail_attr'] = t('The standard mail attribute in %name is %default. You have %mail_attr. This may be correct
|
452 |
85ad3d82
|
Assos Assos
|
for your particular LDAP.', $tokens);
|
453 |
|
|
}
|
454 |
|
|
}
|
455 |
|
|
if (!$this->mail_attr && !$this->mail_template) {
|
456 |
bc175c27
|
Assos Assos
|
$warnings['mail_attr'] = t('Mail attribute or Mail Template should be used for most user account functionality.');
|
457 |
85ad3d82
|
Assos Assos
|
}
|
458 |
|
|
|
459 |
|
|
return $warnings;
|
460 |
|
|
}
|
461 |
|
|
|
462 |
32700c57
|
Assos Assos
|
|
463 |
|
|
|
464 |
|
|
|
465 |
|
|
public function drupalFormSubmit($op, $values) {
|
466 |
85ad3d82
|
Assos Assos
|
|
467 |
32700c57
|
Assos Assos
|
$this->populateFromDrupalForm($op, $values);
|
468 |
85ad3d82
|
Assos Assos
|
|
469 |
32700c57
|
Assos Assos
|
if ($values['clear_bindpw']) {
|
470 |
|
|
$this->bindpw_clear = TRUE;
|
471 |
|
|
}
|
472 |
85ad3d82
|
Assos Assos
|
|
473 |
32700c57
|
Assos Assos
|
if ($op == 'delete') {
|
474 |
|
|
$this->delete($this);
|
475 |
85ad3d82
|
Assos Assos
|
}
|
476 |
32700c57
|
Assos Assos
|
|
477 |
|
|
else {
|
478 |
|
|
try {
|
479 |
|
|
$save_result = $this->save($op);
|
480 |
|
|
}
|
481 |
|
|
catch (Exception $e) {
|
482 |
|
|
$this->setError('Save Error',
|
483 |
85ad3d82
|
Assos Assos
|
t('Failed to save object. Your form data was not saved.'));
|
484 |
32700c57
|
Assos Assos
|
}
|
485 |
85ad3d82
|
Assos Assos
|
}
|
486 |
|
|
}
|
487 |
|
|
|
488 |
32700c57
|
Assos Assos
|
|
489 |
|
|
|
490 |
|
|
|
491 |
85ad3d82
|
Assos Assos
|
protected function arrayToLines($array) {
|
492 |
|
|
$lines = "";
|
493 |
|
|
if (is_array($array)) {
|
494 |
|
|
$lines = join("\n", $array);
|
495 |
|
|
}
|
496 |
|
|
elseif (is_array(@unserialize($array))) {
|
497 |
|
|
$lines = join("\n", unserialize($array));
|
498 |
|
|
}
|
499 |
|
|
return $lines;
|
500 |
|
|
}
|
501 |
|
|
|
502 |
32700c57
|
Assos Assos
|
|
503 |
|
|
|
504 |
|
|
|
505 |
85ad3d82
|
Assos Assos
|
protected function linesToArray($lines) {
|
506 |
|
|
$lines = trim($lines);
|
507 |
|
|
|
508 |
|
|
if ($lines) {
|
509 |
|
|
$array = preg_split('/[\n\r]+/', $lines);
|
510 |
|
|
foreach ($array as $i => $value) {
|
511 |
|
|
$array[$i] = trim($value);
|
512 |
|
|
}
|
513 |
|
|
}
|
514 |
|
|
else {
|
515 |
32700c57
|
Assos Assos
|
$array = [];
|
516 |
85ad3d82
|
Assos Assos
|
}
|
517 |
|
|
return $array;
|
518 |
|
|
}
|
519 |
|
|
|
520 |
32700c57
|
Assos Assos
|
|
521 |
|
|
|
522 |
|
|
|
523 |
85ad3d82
|
Assos Assos
|
public static function fields() {
|
524 |
|
|
|
525 |
32700c57
|
Assos Assos
|
|
526 |
85ad3d82
|
Assos Assos
|
|
527 |
|
|
|
528 |
|
|
|
529 |
32700c57
|
Assos Assos
|
$fields = [
|
530 |
85ad3d82
|
Assos Assos
|
|
531 |
32700c57
|
Assos Assos
|
'sid' => [
|
532 |
|
|
'form' => [
|
533 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'server',
|
534 |
|
|
'#type' => 'textfield',
|
535 |
|
|
'#size' => 20,
|
536 |
|
|
'#title' => t('Machine name for this server configuration.'),
|
537 |
|
|
'#description' => t('May only contain alphanumeric characters (a-z, A-Z, 0-9, and _)'),
|
538 |
|
|
'#required' => TRUE,
|
539 |
32700c57
|
Assos Assos
|
],
|
540 |
|
|
'schema' => [
|
541 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
542 |
|
|
'length' => 20,
|
543 |
|
|
'not null' => TRUE,
|
544 |
32700c57
|
Assos Assos
|
],
|
545 |
|
|
],
|
546 |
85ad3d82
|
Assos Assos
|
|
547 |
32700c57
|
Assos Assos
|
'numeric_sid' => [
|
548 |
|
|
'schema' => [
|
549 |
85ad3d82
|
Assos Assos
|
'type' => 'serial',
|
550 |
|
|
'unsigned' => TRUE,
|
551 |
|
|
'not null' => TRUE,
|
552 |
|
|
'description' => 'Primary ID field for the table. Only used internally.',
|
553 |
|
|
'no export' => TRUE,
|
554 |
32700c57
|
Assos Assos
|
],
|
555 |
|
|
],
|
556 |
85ad3d82
|
Assos Assos
|
|
557 |
32700c57
|
Assos Assos
|
'name' => [
|
558 |
|
|
'form' => [
|
559 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'server',
|
560 |
|
|
'#type' => 'textfield',
|
561 |
|
|
'#size' => 50,
|
562 |
|
|
'#title' => 'Name',
|
563 |
|
|
'#description' => t('Choose a <em><strong>unique</strong></em> name for this server configuration.'),
|
564 |
32700c57
|
Assos Assos
|
],
|
565 |
|
|
'schema' => [
|
566 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
567 |
|
|
'length' => 255,
|
568 |
|
|
'not null' => FALSE,
|
569 |
32700c57
|
Assos Assos
|
],
|
570 |
|
|
],
|
571 |
85ad3d82
|
Assos Assos
|
|
572 |
32700c57
|
Assos Assos
|
'status' => [
|
573 |
|
|
'form' => [
|
574 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'server',
|
575 |
|
|
'#type' => 'checkbox',
|
576 |
|
|
'#title' => t('Enabled'),
|
577 |
|
|
'#description' => t('Disable in order to keep configuration without having it active.'),
|
578 |
|
|
'#required' => FALSE,
|
579 |
32700c57
|
Assos Assos
|
],
|
580 |
|
|
'schema' => [
|
581 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
582 |
|
|
'size' => 'tiny',
|
583 |
|
|
'not null' => FALSE,
|
584 |
|
|
'default' => 0,
|
585 |
32700c57
|
Assos Assos
|
],
|
586 |
|
|
],
|
587 |
85ad3d82
|
Assos Assos
|
|
588 |
32700c57
|
Assos Assos
|
'ldap_type' => [
|
589 |
|
|
'form' => [
|
590 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'server',
|
591 |
|
|
'#type' => 'select',
|
592 |
bc175c27
|
Assos Assos
|
'#options' => ldap_servers_ldaps_option_array(),
|
593 |
85ad3d82
|
Assos Assos
|
'#title' => t('LDAP Server Type'),
|
594 |
|
|
'#description' => t('This field is informative. It\'s purpose is to assist with default values and give validation warnings.'),
|
595 |
32700c57
|
Assos Assos
|
],
|
596 |
|
|
'schema' => [
|
597 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
598 |
|
|
'length' => 20,
|
599 |
|
|
'not null' => FALSE,
|
600 |
32700c57
|
Assos Assos
|
],
|
601 |
|
|
],
|
602 |
85ad3d82
|
Assos Assos
|
|
603 |
32700c57
|
Assos Assos
|
'address' => [
|
604 |
|
|
'form' => [
|
605 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'server',
|
606 |
|
|
'#type' => 'textfield',
|
607 |
|
|
'#title' => t('LDAP server'),
|
608 |
|
|
'#description' => t('The domain name or IP address of your LDAP Server such as "ad.unm.edu". For SSL
|
609 |
|
|
use the form ldaps://DOMAIN such as "ldaps://ad.unm.edu"'),
|
610 |
|
|
'#size' => 50,
|
611 |
32700c57
|
Assos Assos
|
],
|
612 |
|
|
'schema' => [
|
613 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
614 |
|
|
'length' => 255,
|
615 |
|
|
'not null' => FALSE,
|
616 |
32700c57
|
Assos Assos
|
],
|
617 |
|
|
],
|
618 |
85ad3d82
|
Assos Assos
|
|
619 |
32700c57
|
Assos Assos
|
'port' => [
|
620 |
|
|
'form' => [
|
621 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'server',
|
622 |
|
|
'#type' => 'textfield',
|
623 |
|
|
'#title' => t('LDAP port'),
|
624 |
|
|
'#size' => 5,
|
625 |
|
|
'#description' => t('The TCP/IP port on the above server which accepts LDAP connections. Must be an integer.'),
|
626 |
32700c57
|
Assos Assos
|
],
|
627 |
|
|
'schema' => [
|
628 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
629 |
|
|
'not null' => FALSE,
|
630 |
|
|
'default' => 389,
|
631 |
32700c57
|
Assos Assos
|
],
|
632 |
|
|
],
|
633 |
85ad3d82
|
Assos Assos
|
|
634 |
32700c57
|
Assos Assos
|
'tls' => [
|
635 |
|
|
'form' => [
|
636 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'server',
|
637 |
|
|
'#type' => 'checkbox',
|
638 |
|
|
'#title' => t('Use Start-TLS'),
|
639 |
|
|
'#description' => t('Secure the connection between the Drupal and the LDAP servers using TLS.<br /><em>Note: To use START-TLS, you must set the LDAP Port to 389.</em>'),
|
640 |
32700c57
|
Assos Assos
|
],
|
641 |
|
|
'schema' => [
|
642 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
643 |
|
|
'size' => 'tiny',
|
644 |
|
|
'not null' => FALSE,
|
645 |
|
|
'default' => 0,
|
646 |
32700c57
|
Assos Assos
|
],
|
647 |
|
|
],
|
648 |
|
|
|
649 |
|
|
'followrefs' => [
|
650 |
|
|
'form' => [
|
651 |
|
|
'fieldset' => 'server',
|
652 |
|
|
'#type' => 'checkbox',
|
653 |
|
|
'#title' => t('Follow LDAP Referrals'),
|
654 |
|
|
'#description' => t('Makes the LDAP client follow referrals (in the responses from the LDAP server) to other LDAP servers. This requires that the Bind Settings you give, is ALSO valid on these other servers.'),
|
655 |
|
|
],
|
656 |
|
|
'schema' => [
|
657 |
|
|
'type' => 'int',
|
658 |
|
|
'size' => 'tiny',
|
659 |
|
|
'not null' => FALSE,
|
660 |
|
|
'default' => 0,
|
661 |
|
|
],
|
662 |
|
|
],
|
663 |
|
|
|
664 |
|
|
'bind_method' => [
|
665 |
|
|
'form' => [
|
666 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'bind_method',
|
667 |
|
|
'#type' => 'radios',
|
668 |
|
|
'#title' => t('Binding Method for Searches (such as finding user object or their group memberships)'),
|
669 |
32700c57
|
Assos Assos
|
'#options' => [
|
670 |
85ad3d82
|
Assos Assos
|
LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT => t('Service Account Bind: Use credentials in the
|
671 |
|
|
<strong>Service Account</strong> field to bind to LDAP. <em>This option is usually a best practice.</em>'),
|
672 |
|
|
|
673 |
|
|
LDAP_SERVERS_BIND_METHOD_USER => t('Bind with Users Credentials: Use user\'s entered credentials
|
674 |
|
|
to bind to LDAP.<br/> This is only useful for modules that execute during user logon such
|
675 |
|
|
as LDAP Authentication and LDAP Authorization. <em>This option is not a best practice in most cases.</em>
|
676 |
|
|
This option skips the initial anonymous bind and anonymous search to determine the LDAP user DN, but you
|
677 |
|
|
can only use this option if your user DNs follow a consistent pattern, for example all of them being of
|
678 |
|
|
the form "cn=[username],[base dn]", or all of them being of the form "uid=[username],ou=accounts,[base dn]".
|
679 |
|
|
You specify the pattern under "Expression for user DN" in the next configuration block below.'),
|
680 |
|
|
|
681 |
|
|
LDAP_SERVERS_BIND_METHOD_ANON_USER => t('Anonymous Bind for search, then Bind with Users Credentials:
|
682 |
|
|
Searches for user dn then uses user\'s entered credentials to bind to LDAP.<br/> This is only useful for
|
683 |
|
|
modules that work during user logon such as LDAP Authentication and LDAP Authorization.
|
684 |
|
|
The user\'s dn must be discovered by an anonymous search for this option to work.'),
|
685 |
|
|
|
686 |
|
|
LDAP_SERVERS_BIND_METHOD_ANON => t('Anonymous Bind: Use no credentials to bind to LDAP server.<br/>
|
687 |
|
|
<em>This option will not work on most LDAPS connections.</em>'),
|
688 |
32700c57
|
Assos Assos
|
],
|
689 |
|
|
],
|
690 |
|
|
'schema' => [
|
691 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
692 |
|
|
'size' => 'small',
|
693 |
|
|
'not null' => FALSE,
|
694 |
|
|
'default' => 0,
|
695 |
be58a50c
|
Assos Assos
|
'boolean' => FALSE,
|
696 |
32700c57
|
Assos Assos
|
],
|
697 |
|
|
],
|
698 |
|
|
|
699 |
|
|
'binding_service_acct' => [
|
700 |
|
|
'form' => [
|
701 |
|
|
'fieldset' => 'bind_method',
|
702 |
|
|
'#type' => 'markup',
|
703 |
|
|
'#markup' => t('<label>Service Account</label> Some LDAP configurations
|
704 |
85ad3d82
|
Assos Assos
|
prohibit or restrict the results of anonymous searches. These LDAPs require a DN//password pair
|
705 |
|
|
for binding. For security reasons, this pair should belong to an
|
706 |
|
|
LDAP account with stripped down permissions.
|
707 |
|
|
This is also required for provisioning LDAP accounts and groups!'),
|
708 |
32700c57
|
Assos Assos
|
],
|
709 |
|
|
],
|
710 |
85ad3d82
|
Assos Assos
|
|
711 |
32700c57
|
Assos Assos
|
'binddn' => [
|
712 |
|
|
'form' => [
|
713 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'bind_method',
|
714 |
|
|
'#type' => 'textfield',
|
715 |
|
|
'#title' => t('DN for non-anonymous search'),
|
716 |
|
|
'#size' => 80,
|
717 |
32700c57
|
Assos Assos
|
'#states' => [
|
718 |
|
|
'enabled' => [
|
719 |
|
|
':input[name=bind_method]' => ['value' => (string) LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT],
|
720 |
|
|
],
|
721 |
|
|
],
|
722 |
|
|
],
|
723 |
|
|
'schema' => [
|
724 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
725 |
|
|
'length' => 511,
|
726 |
32700c57
|
Assos Assos
|
],
|
727 |
|
|
],
|
728 |
85ad3d82
|
Assos Assos
|
|
729 |
32700c57
|
Assos Assos
|
'bindpw' => [
|
730 |
|
|
'form' => [
|
731 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'bind_method',
|
732 |
|
|
'#type' => 'password',
|
733 |
|
|
'#title' => t('Password for non-anonymous search'),
|
734 |
|
|
'#size' => 20,
|
735 |
32700c57
|
Assos Assos
|
'#states' => [
|
736 |
|
|
'enabled' => [
|
737 |
|
|
':input[name=bind_method]' => ['value' => (string) LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT],
|
738 |
|
|
],
|
739 |
|
|
],
|
740 |
|
|
],
|
741 |
|
|
'schema' => [
|
742 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
743 |
|
|
'length' => 255,
|
744 |
32700c57
|
Assos Assos
|
],
|
745 |
|
|
],
|
746 |
85ad3d82
|
Assos Assos
|
|
747 |
32700c57
|
Assos Assos
|
'clear_bindpw' => [
|
748 |
|
|
'form' => [
|
749 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'bind_method',
|
750 |
|
|
'#type' => 'checkbox',
|
751 |
|
|
'#title' => t('Clear existing password from database. Check this when switching away from Service Account Binding.'),
|
752 |
|
|
'#default_value' => 0,
|
753 |
32700c57
|
Assos Assos
|
],
|
754 |
|
|
],
|
755 |
85ad3d82
|
Assos Assos
|
|
756 |
32700c57
|
Assos Assos
|
'basedn' => [
|
757 |
|
|
'form' => [
|
758 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
759 |
|
|
'#type' => 'textarea',
|
760 |
|
|
'#cols' => 50,
|
761 |
|
|
'#rows' => 6,
|
762 |
|
|
'#title' => t('Base DNs for LDAP users, groups, and other entries.'),
|
763 |
|
|
'#description' => '<div>' . t('What DNs have entries relavant to this configuration?
|
764 |
|
|
e.g. <code>ou=campus accounts,dc=ad,dc=uiuc,dc=edu</code>
|
765 |
|
|
Keep in mind that every additional basedn likely doubles the number of queries. Place the
|
766 |
|
|
more heavily used one first and consider using one higher base DN rather than 2 or more lower base DNs.
|
767 |
|
|
Enter one per line in case if you need more than one.') . '</div>',
|
768 |
32700c57
|
Assos Assos
|
],
|
769 |
|
|
'schema' => [
|
770 |
85ad3d82
|
Assos Assos
|
'type' => 'text',
|
771 |
|
|
'serialize' => TRUE,
|
772 |
32700c57
|
Assos Assos
|
],
|
773 |
|
|
],
|
774 |
85ad3d82
|
Assos Assos
|
|
775 |
32700c57
|
Assos Assos
|
'user_attr' => [
|
776 |
|
|
'form' => [
|
777 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
778 |
|
|
'#type' => 'textfield',
|
779 |
|
|
'#size' => 30,
|
780 |
|
|
'#title' => t('AuthName attribute'),
|
781 |
|
|
'#description' => t('The attribute that holds the users\' login name. (eg. <code>cn</code> for eDir or <code>sAMAccountName</code> for Active Directory).'),
|
782 |
32700c57
|
Assos Assos
|
],
|
783 |
|
|
'schema' => [
|
784 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
785 |
|
|
'length' => 255,
|
786 |
|
|
'not null' => FALSE,
|
787 |
32700c57
|
Assos Assos
|
],
|
788 |
|
|
],
|
789 |
85ad3d82
|
Assos Assos
|
|
790 |
32700c57
|
Assos Assos
|
'account_name_attr' => [
|
791 |
|
|
'form' => [
|
792 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
793 |
|
|
'#type' => 'textfield',
|
794 |
|
|
'#size' => 30,
|
795 |
|
|
'#title' => t('AccountName attribute'),
|
796 |
|
|
'#description' => t('The attribute that holds the unique account name. Defaults to the same as the AuthName attribute.'),
|
797 |
32700c57
|
Assos Assos
|
],
|
798 |
|
|
'schema' => [
|
799 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
800 |
|
|
'length' => 255,
|
801 |
|
|
'not null' => FALSE,
|
802 |
|
|
'default' => '',
|
803 |
32700c57
|
Assos Assos
|
],
|
804 |
|
|
],
|
805 |
85ad3d82
|
Assos Assos
|
|
806 |
32700c57
|
Assos Assos
|
'mail_attr' => [
|
807 |
|
|
'form' => [
|
808 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
809 |
|
|
'#type' => 'textfield',
|
810 |
|
|
'#size' => 30,
|
811 |
|
|
'#title' => t('Email attribute'),
|
812 |
|
|
'#description' => t('The attribute that holds the users\' email address. (eg. <code>mail</code>). Leave empty if no such attribute exists'),
|
813 |
32700c57
|
Assos Assos
|
],
|
814 |
|
|
'schema' => [
|
815 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
816 |
|
|
'length' => 255,
|
817 |
|
|
'not null' => FALSE,
|
818 |
32700c57
|
Assos Assos
|
],
|
819 |
|
|
],
|
820 |
85ad3d82
|
Assos Assos
|
|
821 |
32700c57
|
Assos Assos
|
'mail_template' => [
|
822 |
|
|
'form' => [
|
823 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
824 |
|
|
'#type' => 'textfield',
|
825 |
|
|
'#size' => 30,
|
826 |
|
|
'#title' => t('Email template'),
|
827 |
|
|
'#description' => t('If no attribute contains the user\'s email address, but it can be derived from other attributes,
|
828 |
|
|
enter an email "template" here.
|
829 |
|
|
Templates should have the user\'s attribute name in form such as [cn], [uin], etc.
|
830 |
|
|
such as <code>[cn]@mycompany.com</code>.
|
831 |
|
|
See http://drupal.org/node/997082 for additional documentation on ldap tokens.
|
832 |
|
|
'),
|
833 |
32700c57
|
Assos Assos
|
],
|
834 |
|
|
'schema' => [
|
835 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
836 |
|
|
'length' => 255,
|
837 |
|
|
'not null' => FALSE,
|
838 |
32700c57
|
Assos Assos
|
],
|
839 |
|
|
],
|
840 |
|
|
|
841 |
|
|
'picture_attr' => [
|
842 |
|
|
'form' => [
|
843 |
|
|
'fieldset' => 'users',
|
844 |
|
|
'#type' => 'textfield',
|
845 |
|
|
'#size' => 30,
|
846 |
|
|
'#title' => t('Thumbnail attribute'),
|
847 |
|
|
'#description' => t('The attribute that holds the users\' thumnail image. (eg. <code>thumbnailPhoto</code>). Leave empty if no such attribute exists'),
|
848 |
|
|
],
|
849 |
|
|
'schema' => [
|
850 |
|
|
'type' => 'varchar',
|
851 |
|
|
'length' => 255,
|
852 |
|
|
'not null' => FALSE,
|
853 |
|
|
],
|
854 |
|
|
],
|
855 |
|
|
|
856 |
|
|
'unique_persistent_attr' => [
|
857 |
|
|
'form' => [
|
858 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
859 |
|
|
'#type' => 'textfield',
|
860 |
|
|
'#size' => 30,
|
861 |
|
|
'#title' => t('Persistent and Unique User ID Attribute'),
|
862 |
|
|
'#description' => t('In some LDAPs, a user\'s DN, CN, or mail value may
|
863 |
|
|
change when a user\'s name changes or for other reasons.
|
864 |
|
|
In order to avoid creation of multiple accounts for that user or other ambiguities,
|
865 |
|
|
enter a unique and persistent ldap attribute for users. In cases
|
866 |
|
|
where DN does not change, enter "dn" here.
|
867 |
|
|
If no such attribute exists, leave this blank.'
|
868 |
32700c57
|
Assos Assos
|
),
|
869 |
|
|
],
|
870 |
|
|
'schema' => [
|
871 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
872 |
|
|
'length' => 64,
|
873 |
|
|
'not null' => FALSE,
|
874 |
32700c57
|
Assos Assos
|
],
|
875 |
|
|
],
|
876 |
85ad3d82
|
Assos Assos
|
|
877 |
32700c57
|
Assos Assos
|
'unique_persistent_attr_binary' => [
|
878 |
|
|
'form' => [
|
879 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
880 |
|
|
'#type' => 'checkbox',
|
881 |
be58a50c
|
Assos Assos
|
'#title' => t('Does the <em>Persistent and Unique User ID
|
882 |
|
|
Attribute</em> hold a binary value?'),
|
883 |
|
|
'#description' => t('You need to set this if you are using a binary
|
884 |
|
|
attribute such as objectSid in ActiveDirectory for the PUID.<br>
|
885 |
|
|
If you don\'t want this consider switching to another attribute,
|
886 |
|
|
such as samaccountname.'),
|
887 |
32700c57
|
Assos Assos
|
],
|
888 |
|
|
'schema' => [
|
889 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
890 |
|
|
'size' => 'tiny',
|
891 |
|
|
'not null' => FALSE,
|
892 |
|
|
'default' => 0,
|
893 |
32700c57
|
Assos Assos
|
],
|
894 |
|
|
],
|
895 |
85ad3d82
|
Assos Assos
|
|
896 |
32700c57
|
Assos Assos
|
'user_dn_expression' => [
|
897 |
|
|
'form' => [
|
898 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
899 |
|
|
'#type' => 'textfield',
|
900 |
|
|
'#size' => 80,
|
901 |
|
|
'#title' => t('Expression for user DN. Required when "Bind with Users Credentials" method selected.'),
|
902 |
|
|
'#description' => t('%username and %basedn are valid tokens in the expression.
|
903 |
|
|
Typically it will be:<br/> <code>cn=%username,%basedn</code>
|
904 |
|
|
which might evaluate to <code>cn=jdoe,ou=campus accounts,dc=ad,dc=mycampus,dc=edu</code>
|
905 |
|
|
Base DNs are entered above.'),
|
906 |
32700c57
|
Assos Assos
|
],
|
907 |
|
|
'schema' => [
|
908 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
909 |
|
|
'length' => 255,
|
910 |
|
|
'not null' => FALSE,
|
911 |
32700c57
|
Assos Assos
|
],
|
912 |
|
|
],
|
913 |
85ad3d82
|
Assos Assos
|
|
914 |
32700c57
|
Assos Assos
|
'ldap_to_drupal_user' => [
|
915 |
|
|
'form' => [
|
916 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
917 |
|
|
'#disabled' => (!module_exists('php')),
|
918 |
|
|
'#type' => 'textarea',
|
919 |
|
|
'#cols' => 25,
|
920 |
|
|
'#rows' => 5,
|
921 |
|
|
'#title' => t('PHP to transform Drupal login username to LDAP UserName attribute.'),
|
922 |
|
|
'#description' => t('This will appear as disabled unless the "PHP filter" core module is enabled. Enter PHP to transform Drupal username to the value of the UserName attribute.
|
923 |
|
|
The code should print the UserName attribute.
|
924 |
|
|
PHP filter module must be enabled for this to work.
|
925 |
|
|
The variable $name is available and is the user\'s login username.
|
926 |
|
|
Careful, bad PHP code here will break your site. If left empty, no name transformation will be done.
|
927 |
|
|
<br/>Example:<br/>Given the user will logon with jdoe@xyz.com and you want the ldap UserName attribute to be
|
928 |
|
|
jdoe.<br/><code>$parts = explode(\'@\', $name); if (count($parts) == 2) {print $parts[0]};</code>'),
|
929 |
32700c57
|
Assos Assos
|
],
|
930 |
|
|
'schema' => [
|
931 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
932 |
|
|
'length' => 1024,
|
933 |
|
|
'not null' => FALSE,
|
934 |
32700c57
|
Assos Assos
|
],
|
935 |
|
|
],
|
936 |
85ad3d82
|
Assos Assos
|
|
937 |
32700c57
|
Assos Assos
|
'testing_drupal_username' => [
|
938 |
|
|
'form' => [
|
939 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
940 |
|
|
'#type' => 'textfield',
|
941 |
|
|
'#size' => 30,
|
942 |
|
|
'#title' => t('Testing Drupal Username'),
|
943 |
|
|
'#description' => t('This is optional and used for testing this server\'s configuration against an actual username. The user need not exist in Drupal and testing will not affect the user\'s LDAP or Drupal Account.'),
|
944 |
32700c57
|
Assos Assos
|
],
|
945 |
|
|
'schema' => [
|
946 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
947 |
|
|
'length' => 255,
|
948 |
|
|
'not null' => FALSE,
|
949 |
32700c57
|
Assos Assos
|
],
|
950 |
|
|
],
|
951 |
85ad3d82
|
Assos Assos
|
|
952 |
32700c57
|
Assos Assos
|
'testing_drupal_user_dn' => [
|
953 |
|
|
'form' => [
|
954 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'users',
|
955 |
|
|
'#type' => 'textfield',
|
956 |
|
|
'#size' => 120,
|
957 |
|
|
'#title' => t('DN of testing username, e.g. cn=hpotter,ou=people,dc=hogwarts,dc=edu'),
|
958 |
|
|
'#description' => t('This is optional and used for testing this server\'s configuration against an actual username. The user need not exist in Drupal and testing will not affect the user\'s LDAP or Drupal Account.'),
|
959 |
32700c57
|
Assos Assos
|
],
|
960 |
|
|
'schema' => [
|
961 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
962 |
|
|
'length' => 255,
|
963 |
|
|
'not null' => FALSE,
|
964 |
32700c57
|
Assos Assos
|
],
|
965 |
|
|
],
|
966 |
85ad3d82
|
Assos Assos
|
|
967 |
32700c57
|
Assos Assos
|
'grp_unused' => [
|
968 |
|
|
'form' => [
|
969 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
970 |
|
|
'#type' => 'checkbox',
|
971 |
|
|
'#title' => t('Groups are not relevant to this Drupal site. This is generally true if LDAP Groups, LDAP Authorization, etc are not it use.'),
|
972 |
|
|
'#disabled' => FALSE,
|
973 |
32700c57
|
Assos Assos
|
],
|
974 |
|
|
'schema' => [
|
975 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
976 |
|
|
'size' => 'tiny',
|
977 |
|
|
'not null' => FALSE,
|
978 |
|
|
'default' => 0,
|
979 |
32700c57
|
Assos Assos
|
],
|
980 |
|
|
],
|
981 |
85ad3d82
|
Assos Assos
|
|
982 |
32700c57
|
Assos Assos
|
'grp_object_cat' => [
|
983 |
|
|
'form' => [
|
984 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
985 |
|
|
'#type' => 'textfield',
|
986 |
|
|
'#size' => 30,
|
987 |
|
|
'#title' => t('Name of Group Object Class'),
|
988 |
|
|
'#description' => t('e.g. groupOfNames, groupOfUniqueNames, group.'),
|
989 |
32700c57
|
Assos Assos
|
'#states' => [
|
990 |
|
|
'visible' => [
|
991 |
|
|
':input[name=grp_unused]' => ['checked' => FALSE],
|
992 |
|
|
],
|
993 |
|
|
],
|
994 |
|
|
],
|
995 |
|
|
'schema' => [
|
996 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
997 |
|
|
'length' => 64,
|
998 |
|
|
'not null' => FALSE,
|
999 |
32700c57
|
Assos Assos
|
],
|
1000 |
|
|
],
|
1001 |
85ad3d82
|
Assos Assos
|
|
1002 |
32700c57
|
Assos Assos
|
'grp_nested' => [
|
1003 |
|
|
'form' => [
|
1004 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
1005 |
|
|
'#type' => 'checkbox',
|
1006 |
|
|
'#title' => t('Nested groups are used in my LDAP'),
|
1007 |
|
|
'#disabled' => FALSE,
|
1008 |
|
|
'#description' => t('If a user is a member of group A and group A is a member of group B,
|
1009 |
|
|
user should be considered to be in group A and B. If your LDAP has nested groups, but you
|
1010 |
|
|
want to ignore nesting, leave this unchecked.'),
|
1011 |
32700c57
|
Assos Assos
|
'#states' => [
|
1012 |
|
|
'visible' => [
|
1013 |
|
|
':input[name=grp_unused]' => ['checked' => FALSE],
|
1014 |
|
|
],
|
1015 |
|
|
],
|
1016 |
|
|
],
|
1017 |
|
|
'schema' => [
|
1018 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
1019 |
|
|
'size' => 'tiny',
|
1020 |
|
|
'not null' => FALSE,
|
1021 |
|
|
'default' => 0,
|
1022 |
32700c57
|
Assos Assos
|
],
|
1023 |
|
|
],
|
1024 |
85ad3d82
|
Assos Assos
|
|
1025 |
32700c57
|
Assos Assos
|
'grp_user_memb_attr_exists' => [
|
1026 |
|
|
'form' => [
|
1027 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
1028 |
|
|
'#type' => 'checkbox',
|
1029 |
|
|
'#title' => t('A user LDAP attribute such as <code>memberOf</code> exists that contains a list of their groups.
|
1030 |
|
|
Active Directory and openLdap with memberOf overlay fit this model.'),
|
1031 |
|
|
'#disabled' => FALSE,
|
1032 |
32700c57
|
Assos Assos
|
'#states' => [
|
1033 |
|
|
'visible' => [
|
1034 |
|
|
':input[name=grp_unused]' => ['checked' => FALSE],
|
1035 |
|
|
],
|
1036 |
|
|
],
|
1037 |
|
|
],
|
1038 |
|
|
'schema' => [
|
1039 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
1040 |
|
|
'size' => 'tiny',
|
1041 |
|
|
'not null' => FALSE,
|
1042 |
|
|
'default' => 0,
|
1043 |
32700c57
|
Assos Assos
|
],
|
1044 |
|
|
],
|
1045 |
85ad3d82
|
Assos Assos
|
|
1046 |
32700c57
|
Assos Assos
|
'grp_user_memb_attr' => [
|
1047 |
|
|
'form' => [
|
1048 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
1049 |
|
|
'#type' => 'textfield',
|
1050 |
|
|
'#size' => 30,
|
1051 |
|
|
'#title' => t('Attribute in User Entry Containing Groups'),
|
1052 |
|
|
'#description' => t('e.g. memberOf'),
|
1053 |
32700c57
|
Assos Assos
|
'#states' => [
|
1054 |
|
|
'enabled' => [
|
1055 |
|
|
':input[name=grp_user_memb_attr_exists]' => ['checked' => TRUE],
|
1056 |
|
|
],
|
1057 |
|
|
'visible' => [
|
1058 |
|
|
':input[name=grp_unused]' => ['checked' => FALSE],
|
1059 |
|
|
],
|
1060 |
|
|
],
|
1061 |
|
|
],
|
1062 |
|
|
'schema' => [
|
1063 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
1064 |
|
|
'length' => 255,
|
1065 |
|
|
'not null' => FALSE,
|
1066 |
32700c57
|
Assos Assos
|
],
|
1067 |
|
|
],
|
1068 |
85ad3d82
|
Assos Assos
|
|
1069 |
32700c57
|
Assos Assos
|
'grp_memb_attr' => [
|
1070 |
|
|
'form' => [
|
1071 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
1072 |
|
|
'#type' => 'textfield',
|
1073 |
|
|
'#size' => 30,
|
1074 |
|
|
'#title' => t('LDAP Group Entry Attribute Holding User\'s DN, CN, etc.'),
|
1075 |
|
|
'#description' => t('e.g uniquemember, memberUid'),
|
1076 |
32700c57
|
Assos Assos
|
'#states' => [
|
1077 |
|
|
'visible' => [
|
1078 |
|
|
':input[name=grp_unused]' => ['checked' => FALSE],
|
1079 |
|
|
],
|
1080 |
|
|
],
|
1081 |
|
|
],
|
1082 |
|
|
'schema' => [
|
1083 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
1084 |
|
|
'length' => 255,
|
1085 |
|
|
'not null' => FALSE,
|
1086 |
32700c57
|
Assos Assos
|
],
|
1087 |
|
|
],
|
1088 |
85ad3d82
|
Assos Assos
|
|
1089 |
32700c57
|
Assos Assos
|
'grp_memb_attr_match_user_attr' => [
|
1090 |
|
|
'form' => [
|
1091 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
1092 |
|
|
'#type' => 'textfield',
|
1093 |
|
|
'#size' => 30,
|
1094 |
|
|
'#title' => t('User attribute held in "LDAP Group Entry Attribute Holding..."'),
|
1095 |
|
|
'#description' => t('This is almost always "dn" (which technically isn\'t an attribute). Sometimes its "cn".'),
|
1096 |
32700c57
|
Assos Assos
|
'#states' => [
|
1097 |
|
|
'visible' => [
|
1098 |
|
|
':input[name=grp_unused]' => ['checked' => FALSE],
|
1099 |
|
|
],
|
1100 |
|
|
],
|
1101 |
|
|
],
|
1102 |
|
|
'schema' => [
|
1103 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
1104 |
|
|
'length' => 255,
|
1105 |
|
|
'not null' => FALSE,
|
1106 |
32700c57
|
Assos Assos
|
],
|
1107 |
|
|
],
|
1108 |
85ad3d82
|
Assos Assos
|
|
1109 |
32700c57
|
Assos Assos
|
'grp_derive_from_dn' => [
|
1110 |
|
|
'form' => [
|
1111 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
1112 |
|
|
'#type' => 'checkbox',
|
1113 |
|
|
'#title' => t('Groups are derived from user\'s LDAP entry DN.') . '<em>' .
|
1114 |
32700c57
|
Assos Assos
|
t('This
|
1115 |
85ad3d82
|
Assos Assos
|
group definition has very limited functionality and most modules will
|
1116 |
|
|
not take this into account. LDAP Authorization will.') . '</em>',
|
1117 |
|
|
'#disabled' => FALSE,
|
1118 |
32700c57
|
Assos Assos
|
'#states' => [
|
1119 |
|
|
'visible' => [
|
1120 |
|
|
':input[name=grp_unused]' => ['checked' => FALSE],
|
1121 |
|
|
],
|
1122 |
|
|
],
|
1123 |
|
|
],
|
1124 |
|
|
'schema' => [
|
1125 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
1126 |
|
|
'size' => 'tiny',
|
1127 |
|
|
'not null' => FALSE,
|
1128 |
|
|
'default' => 0,
|
1129 |
32700c57
|
Assos Assos
|
],
|
1130 |
|
|
],
|
1131 |
85ad3d82
|
Assos Assos
|
|
1132 |
32700c57
|
Assos Assos
|
'grp_derive_from_dn_attr' => [
|
1133 |
|
|
'form' => [
|
1134 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
1135 |
|
|
'#type' => 'textfield',
|
1136 |
|
|
'#size' => 30,
|
1137 |
|
|
'#title' => t('Attribute of the User\'s LDAP Entry DN which contains the group'),
|
1138 |
|
|
'#description' => t('e.g. ou'),
|
1139 |
32700c57
|
Assos Assos
|
'#states' => [
|
1140 |
|
|
'enabled' => [
|
1141 |
|
|
':input[name=grp_derive_from_dn]' => ['checked' => TRUE],
|
1142 |
|
|
],
|
1143 |
|
|
'visible' => [
|
1144 |
|
|
':input[name=grp_unused]' => ['checked' => FALSE],
|
1145 |
|
|
],
|
1146 |
|
|
],
|
1147 |
|
|
],
|
1148 |
|
|
'schema' => [
|
1149 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
1150 |
|
|
'length' => 255,
|
1151 |
|
|
'not null' => FALSE,
|
1152 |
32700c57
|
Assos Assos
|
],
|
1153 |
|
|
],
|
1154 |
85ad3d82
|
Assos Assos
|
|
1155 |
32700c57
|
Assos Assos
|
'grp_test_grp_dn' => [
|
1156 |
|
|
'form' => [
|
1157 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
1158 |
|
|
'#type' => 'textfield',
|
1159 |
|
|
'#size' => 120,
|
1160 |
|
|
'#title' => t('Testing LDAP Group DN'),
|
1161 |
|
|
'#description' => t('This is optional and can be useful for debugging and validating forms.'),
|
1162 |
32700c57
|
Assos Assos
|
'#states' => [
|
1163 |
|
|
'visible' => [
|
1164 |
|
|
':input[name=grp_unused]' => ['checked' => FALSE],
|
1165 |
|
|
],
|
1166 |
|
|
],
|
1167 |
|
|
],
|
1168 |
|
|
'schema' => [
|
1169 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
1170 |
|
|
'length' => 255,
|
1171 |
|
|
'not null' => FALSE,
|
1172 |
32700c57
|
Assos Assos
|
],
|
1173 |
|
|
],
|
1174 |
85ad3d82
|
Assos Assos
|
|
1175 |
32700c57
|
Assos Assos
|
'grp_test_grp_dn_writeable' => [
|
1176 |
|
|
'form' => [
|
1177 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'groups',
|
1178 |
|
|
'#type' => 'textfield',
|
1179 |
|
|
'#size' => 120,
|
1180 |
|
|
'#title' => t('Testing LDAP Group DN that is writable. WARNING the test script for the server will create, delete, and add members to this group!'),
|
1181 |
|
|
'#description' => t('This is optional and can be useful for debugging and validating forms.'),
|
1182 |
32700c57
|
Assos Assos
|
'#states' => [
|
1183 |
|
|
'visible' => [
|
1184 |
|
|
':input[name=grp_unused]' => ['checked' => FALSE],
|
1185 |
|
|
],
|
1186 |
|
|
],
|
1187 |
|
|
],
|
1188 |
|
|
'schema' => [
|
1189 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
1190 |
|
|
'length' => 255,
|
1191 |
|
|
'not null' => FALSE,
|
1192 |
32700c57
|
Assos Assos
|
],
|
1193 |
|
|
],
|
1194 |
85ad3d82
|
Assos Assos
|
|
1195 |
32700c57
|
Assos Assos
|
'search_pagination' => [
|
1196 |
|
|
'form' => [
|
1197 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'pagination',
|
1198 |
|
|
'#type' => 'checkbox',
|
1199 |
|
|
'#title' => t('Use LDAP Pagination.'),
|
1200 |
|
|
'#disabled' => !ldap_servers_php_supports_pagination(),
|
1201 |
32700c57
|
Assos Assos
|
],
|
1202 |
|
|
'schema' => [
|
1203 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
1204 |
|
|
'size' => 'tiny',
|
1205 |
|
|
'not null' => FALSE,
|
1206 |
|
|
'default' => 0,
|
1207 |
32700c57
|
Assos Assos
|
],
|
1208 |
|
|
],
|
1209 |
85ad3d82
|
Assos Assos
|
|
1210 |
32700c57
|
Assos Assos
|
'search_page_size' => [
|
1211 |
|
|
'form' => [
|
1212 |
85ad3d82
|
Assos Assos
|
'fieldset' => 'pagination',
|
1213 |
|
|
'#type' => 'textfield',
|
1214 |
|
|
'#size' => 10,
|
1215 |
|
|
'#disabled' => !ldap_servers_php_supports_pagination(),
|
1216 |
|
|
'#title' => t('Pagination size limit.'),
|
1217 |
|
|
'#description' => t('This should be equal to or smaller than the max
|
1218 |
|
|
number of entries returned at a time by your ldap server.
|
1219 |
|
|
1000 is a good guess when unsure. Other modules such as LDAP Query
|
1220 |
|
|
or LDAP Feeds will be allowed to set a smaller page size, but not
|
1221 |
|
|
a larger one.'),
|
1222 |
32700c57
|
Assos Assos
|
'#states' => [
|
1223 |
|
|
'visible' => [
|
1224 |
|
|
':input[name="search_pagination"]' => ['checked' => TRUE],
|
1225 |
|
|
],
|
1226 |
|
|
],
|
1227 |
|
|
],
|
1228 |
|
|
'schema' => [
|
1229 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
1230 |
|
|
'size' => 'medium',
|
1231 |
|
|
'not null' => FALSE,
|
1232 |
|
|
'default' => 1000,
|
1233 |
32700c57
|
Assos Assos
|
],
|
1234 |
|
|
],
|
1235 |
85ad3d82
|
Assos Assos
|
|
1236 |
32700c57
|
Assos Assos
|
'weight' => [
|
1237 |
|
|
'schema' => [
|
1238 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
1239 |
|
|
'not null' => FALSE,
|
1240 |
|
|
'default' => 0,
|
1241 |
32700c57
|
Assos Assos
|
],
|
1242 |
|
|
],
|
1243 |
85ad3d82
|
Assos Assos
|
|
1244 |
32700c57
|
Assos Assos
|
];
|
1245 |
85ad3d82
|
Assos Assos
|
|
1246 |
32700c57
|
Assos Assos
|
return $fields;
|
1247 |
85ad3d82
|
Assos Assos
|
|
1248 |
|
|
}
|
1249 |
32700c57
|
Assos Assos
|
|
1250 |
85ad3d82
|
Assos Assos
|
} |