/drupal7/sites/all/modules/ldap/ldap_servers/LdapServerAdmin.class.php - Annoter - Club Drupal - Forge Centrale Marseille

root / drupal7 / sites / all / modules / ldap / ldap_servers / LdapServerAdmin.class.php @ 91af538d

1	85ad3d82	Assos Assos	<?php
2
3			/**
4			* @file
5	32700c57	Assos Assos	* LDAP Server Admin Class.
6	85ad3d82	Assos Assos	*/
7
8			module_load_include('php', 'ldap_servers', 'LdapServer.class');
9	32700c57	Assos Assos	/**
10			*
11			*/
12	85ad3d82	Assos Assos	class LdapServerAdmin extends LdapServer {
13
14			public $bindpw_new = FALSE;
15			public $bindpw_clear = FALSE;
16
17			/**
18	32700c57	Assos Assos	* @param $type
19			* = 'all', 'enabled'
20	85ad3d82	Assos Assos	*/
21			public static function getLdapServerObjects($sid = NULL, $type = NULL, $class = 'LdapServer', $reset = FALSE) {
22	32700c57	Assos Assos	$servers = [];
23	85ad3d82	Assos Assos	if (module_exists('ctools')) {
24			ctools_include('export');
25			if ($reset) {
26			ctools_export_load_object_reset('ldap_servers');
27			}
28			$select = ctools_export_load_object('ldap_servers', 'all');
29			}
30			else {
31			try {
32			$select = db_select('ldap_servers', 'ldap_servers')
33			->fields('ldap_servers')
34			->execute();
35			}
36			catch (Exception $e) {
37			drupal_set_message(t('server index query failed. Message = %message, query= %query',
38	32700c57	Assos Assos	['%message' => $e->getMessage(), '%query' => $e->query_string]), 'error');
39			return [];
40	85ad3d82	Assos Assos	}
41			}
42			foreach ($select as $result) {
43			$servers[$result->sid] = ($class == 'LdapServer') ? new LdapServer($result->sid) : new LdapServerAdmin($result->sid);
44			}
45			return $servers;
46
47			}
48
49	32700c57	Assos Assos	/**
50			*
51			*/
52			public function __construct($sid) {
53	85ad3d82	Assos Assos	parent::__construct($sid);
54			}
55
56	32700c57	Assos Assos	/**
57			*
58			*/
59	85ad3d82	Assos Assos	protected function populateFromDrupalForm($op, $values) {
60			$this->inDatabase = ($op == 'edit');
61			$this->sid = trim($values['sid']);
62			$this->name = trim($values['name']);
63			$this->status = ($values['status']) ? 1 : 0;
64			$this->ldap_type = trim($values['ldap_type']);
65			$this->address = trim($values['address']);
66			$this->port = trim($values['port']);
67			$this->tls = trim($values['tls']);
68			$this->followrefs = trim($values['followrefs']);
69			$this->bind_method = trim($values['bind_method']);
70			$this->binddn = trim($values['binddn']);
71			if (trim($values['bindpw'])) {
72			$this->bindpw_new = trim($values['bindpw']);
73			}
74			$this->user_dn_expression = trim($values['user_dn_expression']);
75			$this->basedn = $this->linesToArray(trim($values['basedn']));
76			$this->user_attr = drupal_strtolower(trim($values['user_attr']));
77			$this->picture_attr = drupal_strtolower(trim($values['picture_attr']));
78			$this->account_name_attr = drupal_strtolower(trim($values['account_name_attr']));
79			$this->mail_attr = drupal_strtolower(trim($values['mail_attr']));
80			$this->mail_template = trim($values['mail_template']);
81			$this->unique_persistent_attr = drupal_strtolower(trim($values['unique_persistent_attr']));
82			$this->unique_persistent_attr_binary = trim($values['unique_persistent_attr_binary']);
83			$this->ldapToDrupalUserPhp = $values['ldap_to_drupal_user'];
84			$this->testingDrupalUsername = trim($values['testing_drupal_username']);
85			$this->testingDrupalUserDn = trim($values['testing_drupal_user_dn']);
86			$this->groupFunctionalityUnused = $values['grp_unused'];
87			$this->groupObjectClass = drupal_strtolower(trim($values['grp_object_cat']));
88			$this->groupNested = trim($values['grp_nested']);
89
90			$this->groupUserMembershipsAttrExists = trim($values['grp_user_memb_attr_exists']);
91	bc175c27	Assos Assos	$this->groupUserMembershipsAttr = drupal_strtolower(trim($values['grp_user_memb_attr']));
92	85ad3d82	Assos Assos
93			$this->groupMembershipsAttr = drupal_strtolower(trim($values['grp_memb_attr']));
94
95	bc175c27	Assos Assos	$this->groupMembershipsAttrMatchingUserAttr = drupal_strtolower(trim($values['grp_memb_attr_match_user_attr']));
96	85ad3d82	Assos Assos
97			$this->groupDeriveFromDn = trim($values['grp_derive_from_dn']);
98			$this->groupDeriveFromDnAttr = drupal_strtolower(trim($values['grp_derive_from_dn_attr']));
99			$this->groupTestGroupDn = trim($values['grp_test_grp_dn']);
100			$this->groupTestGroupDnWriteable = trim($values['grp_test_grp_dn_writeable']);
101
102			$this->searchPagination = ($values['search_pagination']) ? 1 : 0;
103			$this->searchPageSize = trim($values['search_page_size']);
104
105			}
106
107			/**
108	32700c57	Assos Assos	* @param string enum $op
109			* 'add', 'update'.
110	85ad3d82	Assos Assos	*/
111			public function save($op) {
112
113			$values = new stdClass();
114
115			foreach ($this->field_to_properties_map() as $field_name => $property_name) {
116			$field_name_lcase = drupal_strtolower($field_name);
117			$values->{$field_name_lcase} = $this->{$property_name};
118			}
119			if (isset($this->bindpw) && $this->bindpw) {
120			$values->bindpw = ldap_servers_encrypt($this->bindpw);
121			}
122			if ($this->bindpw_new) {
123			$values->bindpw = ldap_servers_encrypt($this->bindpw_new);
124			}
125			elseif ($this->bindpw_clear) {
126			$values->bindpw = NULL;
127			}
128
129	32700c57	Assos Assos	$values->tls = (int) $this->tls;
130			$values->followrefs = (int) $this->followrefs;
131	85ad3d82	Assos Assos
132			if (module_exists('ctools')) {
133			ctools_include('export');
134	32700c57	Assos Assos	// Populate our object with ctool's properties.
135	85ad3d82	Assos Assos	$object = ctools_export_crud_new('ldap_servers');
136
137			foreach ($object as $property => $value) {
138			$property_lcase = drupal_strtolower($property);
139			if (!isset($values->$property) \|\| !isset($values->$property_lcase)) {
140			$values->$property_lcase = $value;
141			}
142			}
143
144			try {
145			$values->export_type = NULL;
146			$result = ctools_export_crud_save('ldap_servers', $values);
147	32700c57	Assos Assos	}
148			catch (Exception $e) {
149	85ad3d82	Assos Assos	$values->export_type = EXPORT_IN_DATABASE;
150			$result = ctools_export_crud_save('ldap_servers', $values);
151			}
152	32700c57	Assos Assos
153			// ctools_export_crud_save doesn't invalidate cache.
154			ctools_export_load_object_reset('ldap_servers');
155	85ad3d82	Assos Assos
156			}
157	32700c57	Assos Assos	// Directly via db.
158			else {
159	85ad3d82	Assos Assos	unset($values->numeric_sid);
160			if ($op == 'add') {
161			$result = drupal_write_record('ldap_servers', $values);
162			}
163			else {
164			$result = drupal_write_record('ldap_servers', $values, 'sid');
165			}
166			ldap_servers_cache_clear();
167
168			}
169
170			if ($result) {
171			$this->inDatabase = TRUE;
172			}
173			else {
174			drupal_set_message(t('Failed to write LDAP Server to the database.'));
175			}
176			}
177
178	32700c57	Assos Assos	/**
179			*
180			*/
181	85ad3d82	Assos Assos	public function delete($sid) {
182			if ($sid == $this->sid) {
183			$result = db_delete('ldap_servers')->condition('sid', $sid)->execute();
184			if (module_exists('ctools')) {
185			ctools_include('export');
186	32700c57	Assos Assos	// Invalidate cache.
187			ctools_export_load_object_reset('ldap_servers');
188	85ad3d82	Assos Assos	}
189			$this->inDatabase = FALSE;
190			return $result;
191			}
192			else {
193			return FALSE;
194			}
195			}
196	32700c57	Assos Assos
197			/**
198			*
199			*/
200	85ad3d82	Assos Assos	public function getLdapServerActions() {
201	32700c57	Assos Assos	$switch = ($this->status) ? 'disable' : 'enable';
202			$actions = [];
203	bc175c27	Assos Assos	$actions[] = l(t('edit'), LDAP_SERVERS_MENU_BASE_PATH . '/servers/edit/' . $this->sid);
204	85ad3d82	Assos Assos	if (property_exists($this, 'type')) {
205			if ($this->type == 'Overridden') {
206	32700c57	Assos Assos	$actions[] = l(t('revert'), LDAP_SERVERS_MENU_BASE_PATH . '/servers/delete/' . $this->sid);
207	85ad3d82	Assos Assos	}
208			if ($this->type == 'Normal') {
209	32700c57	Assos Assos	$actions[] = l(t('delete'), LDAP_SERVERS_MENU_BASE_PATH . '/servers/delete/' . $this->sid);
210	85ad3d82	Assos Assos	}
211			}
212			else {
213	32700c57	Assos Assos	$actions[] = l(t('delete'), LDAP_SERVERS_MENU_BASE_PATH . '/servers/delete/' . $this->sid);
214	85ad3d82	Assos Assos	}
215			$actions[] = l(t('test'), LDAP_SERVERS_MENU_BASE_PATH . '/servers/test/' . $this->sid);
216			$actions[] = l($switch, LDAP_SERVERS_MENU_BASE_PATH . '/servers/' . $switch . '/' . $this->sid);
217			return $actions;
218			}
219
220	32700c57	Assos Assos	/**
221			*
222			*/
223	85ad3d82	Assos Assos	public function drupalForm($op) {
224
225	32700c57	Assos Assos	$form['server'] = [
226			'#type' => 'fieldset',
227			'#title' => t('Connection settings'),
228			'#collapsible' => TRUE,
229			'#collapsed' => TRUE,
230			];
231
232			$form['bind_method'] = [
233			'#type' => 'fieldset',
234			'#title' => t('Binding Method'),
235			'#description' => t('How the Drupal system is authenticated by the LDAP server.'),
236			'#collapsible' => TRUE,
237			'#collapsed' => TRUE,
238			];
239
240			$form['users'] = [
241			'#type' => 'fieldset',
242			'#title' => t('LDAP User to Drupal User Relationship'),
243			'#description' => t('How are LDAP user entries found based on Drupal username or email? And vice-versa?
244	85ad3d82	Assos Assos	Needed for LDAP Authentication and Authorization functionality.'),
245	32700c57	Assos Assos	'#collapsible' => TRUE,
246			'#collapsed' => TRUE,
247			];
248
249			$form['groups'] = [
250			'#type' => 'fieldset',
251			'#title' => t('LDAP Group Configuration'),
252			'#description' => t('How are groups defined on your LDAP server? This varies slightly from one LDAP implementation to another
253	85ad3d82	Assos Assos	such as Active Directory, Novell, OpenLDAP, etc. Check everything that is true and enter all the values you know.'),
254	32700c57	Assos Assos	'#collapsible' => TRUE,
255			'#collapsed' => TRUE,
256			];
257
258			$supports = (ldap_servers_php_supports_pagination()) ? t('support pagination!') : t('NOT support pagination.');
259			$form['pagination'] = [
260			'#type' => 'fieldset',
261			'#title' => t('LDAP Pagination'),
262			'#description' => t('In PHP 5.4, pagination is supported in ldap queries.
263	85ad3d82	Assos Assos	A patch to earlier versions of PHP also supports this.')
264			. ' <strong>' . t('This PHP installation appears to') . ' ' . $supports . '</strong> '
265			. '<p>' . t('The advantage to pagination support is that if an ldap server is setup to return only
266			1000 entries at a time,
267			you can use page through 1000 records at a time;
268			without pagination you would never see more than the first 1000 entries.
269			Pagination is most useful when large queries for batch creating or
270			synching accounts are used. If you are not using this server for such
271			tasks, its recommended to leave pagination disabled.') . '</p>',
272	32700c57	Assos Assos	'#collapsible' => TRUE,
273			'#collapsed' => !ldap_servers_php_supports_pagination(),
274			];
275	85ad3d82	Assos Assos
276	32700c57	Assos Assos	$field_to_prop_maps = $this->field_to_properties_map();
277			foreach ($this->fields() as $field_id => $field) {
278			if (isset($field['form'])) {
279	85ad3d82	Assos Assos
280	32700c57	Assos Assos	if (!isset($field['form']['required']) && isset($field['schema']['not null']) && $field['form']['#type'] != 'checkbox') {
281			$field['form']['#required'] = (boolean) $field['schema']['not null'];
282			}
283			if (isset($field['schema']['length']) && !isset($field['form']['#maxlength'])) {
284			$field['form']['#maxlength'] = $field['schema']['length'];
285			}
286			if (isset($field_to_prop_maps[$field_id])) {
287			$field['form']['#default_value'] = $this->{$field_to_prop_maps[$field_id]};
288			}
289			$fieldset = @$field['form']['fieldset'];
290			if ($fieldset) {
291			unset($field['form']['fieldset']);
292			$form[$fieldset][$field_id] = $field['form'];
293			}
294			else {
295			$form[$field_id] = $field['form'];
296			}
297	85ad3d82	Assos Assos	}
298			}
299
300	32700c57	Assos Assos	$form['server']['sid']['#disabled'] = ($op == 'edit');
301	85ad3d82	Assos Assos
302	32700c57	Assos Assos	if (!function_exists('ldap_set_rebind_proc')) {
303			$form['server']['followrefs']['#disabled'] = TRUE;
304			$form['server']['followrefs']['#description'] = t('This functionality is disabled because the function ldap_set_rebind_proc can not be found on this server. Perhaps your version of php does not have this function. See php.net/manual/en/function.ldap-set-rebind-proc.php') . $form['server']['followrefs']['#description'];
305			}
306	85ad3d82	Assos Assos
307	32700c57	Assos Assos	$form['server']['tls']['#required'] = FALSE;
308			$form['server']['followrefs']['#required'] = FALSE;
309			$form['bind_method']['bind_method']['#default_value'] = ($this->bind_method) ? $this->bind_method : LDAP_SERVERS_BIND_METHOD_DEFAULT;
310			$form['users']['basedn']['#default_value'] = $this->arrayToLines($this->basedn);
311	85ad3d82	Assos Assos
312	32700c57	Assos Assos	if ($this->bindpw) {
313			$pwd_directions = t('You currently have a password stored in the database.
314	85ad3d82	Assos Assos	Leave password field empty to leave password unchanged. Enter a new password
315			to replace the current password. Check the checkbox below to simply
316			remove it from the database.');
317	32700c57	Assos Assos	$pwd_class = 'ldap-pwd-present';
318	85ad3d82	Assos Assos	}
319			else {
320	32700c57	Assos Assos	$pwd_directions = t('No password is currently stored in the database.
321			If you are using a service account, enter one.');
322			if ($this->bind_method == LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT) {
323			$pwd_class = 'ldap-pwd-abscent';
324			}
325			else {
326			$pwd_class = 'ldap-pwd-not-applicable';
327			}
328	85ad3d82	Assos Assos	}
329
330	32700c57	Assos Assos	$action = ($op == 'add') ? 'Add' : 'Update';
331			$form['submit'] = [
332			'#type' => 'submit',
333			'#value' => $action,
334			'#weight' => 100,
335			];
336	85ad3d82	Assos Assos
337	32700c57	Assos Assos	return $form;
338	85ad3d82	Assos Assos
339			}
340
341	32700c57	Assos Assos	/**
342			*
343			*/
344			public function drupalFormValidate($op, $values) {
345			$errors = [];
346	85ad3d82	Assos Assos
347			if ($op == 'delete') {
348			if (!$this->sid) {
349			$errors['server_id_missing'] = 'Server id missing from delete form.';
350			}
351			$warnings = module_invoke_all('ldap_server_in_use', $this->sid, $this->name);
352			if (count($warnings)) {
353			$errors['status'] = join("<br/>", array_values($warnings));
354			}
355
356			}
357			else {
358			$this->populateFromDrupalForm($op, $values);
359			$errors = $this->validate($op);
360			}
361			return $errors;
362			}
363
364	32700c57	Assos Assos	/**
365			*
366			*/
367	85ad3d82	Assos Assos	protected function validate($op) {
368	32700c57	Assos Assos	$errors = [];
369	85ad3d82	Assos Assos	if ($op == 'add') {
370			$ldap_servers = $this->getLdapServerObjects(NULL, 'all');
371			if (count($ldap_servers)) {
372			foreach ($ldap_servers as $sid => $ldap_server) {
373			if ($this->name == $ldap_server->name) {
374	32700c57	Assos Assos	$errors['name'] = t('An LDAP server configuration with the name %name already exists.', ['%name' => $this->name]);
375	85ad3d82	Assos Assos	}
376			elseif ($this->sid == $ldap_server->sid) {
377	32700c57	Assos Assos	$errors['sid'] = t('An LDAP server configuration with the id %sid already exists.', ['%sid' => $this->sid]);
378	85ad3d82	Assos Assos	}
379			}
380			}
381			}
382
383	32700c57	Assos Assos	// Check that no modules use this server.
384			if ($this->status == 0) {
385	85ad3d82	Assos Assos	$warnings = module_invoke_all('ldap_server_in_use', $this->sid, $this->name);
386			if (count($warnings)) {
387			$errors['status'] = join("<br/>", array_values($warnings));
388			}
389			}
390
391			if (!is_numeric($this->port)) {
392	bc175c27	Assos Assos	$errors['port'] = t('The TCP/IP port must be an integer.');
393	85ad3d82	Assos Assos	}
394
395			if ($this->bind_method == LDAP_SERVERS_BIND_METHOD_USER && !$this->user_dn_expression) {
396	bc175c27	Assos Assos	$errors['user_dn_expression'] = t('When using "Bind with Users Credentials", Expression for user DN is required');
397	85ad3d82	Assos Assos	}
398
399			if ($this->mail_attr && $this->mail_template) {
400	bc175c27	Assos Assos	$errors['mail_attr'] = t('Mail attribute or Mail Template may be used. Not both.');
401	85ad3d82	Assos Assos	}
402
403			if ($this->bind_method == LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT && !$this->binddn) {
404	bc175c27	Assos Assos	$errors['binddn'] = t('When using "Bind with Service Account", Bind DN is required.');
405	85ad3d82	Assos Assos	}
406			if ($op == 'add') {
407			if ($this->bind_method == LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT &&
408			(($op == 'add' && !$this->bindpw_new) \|\| ($op != 'add' && !$this->bindpw))
409			) {
410	bc175c27	Assos Assos	$errors['bindpw'] = t('When using "Bind with Service Account", Bind password is required.');
411	85ad3d82	Assos Assos	}
412			}
413
414			return $errors;
415			}
416
417	32700c57	Assos Assos	/**
418			*
419			*/
420			public function drupalFormWarnings($op, $values, $has_errors = NULL) {
421			$errors = [];
422	85ad3d82	Assos Assos
423			if ($op == 'delete') {
424			if (!$this->sid) {
425			$errors['server_id_missing'] = t('Server id missing from delete form.');
426			}
427			}
428			else {
429			$this->populateFromDrupalForm($op, $values);
430			$warnings = $this->warnings($op, $has_errors);
431			}
432			return $warnings;
433			}
434
435	32700c57	Assos Assos	/**
436			*
437			*/
438			protected function warnings($op, $has_errors = NULL) {
439	85ad3d82	Assos Assos
440	32700c57	Assos Assos	$warnings = [];
441	85ad3d82	Assos Assos	if ($this->ldap_type) {
442			$defaults = ldap_servers_ldaps_option_array();
443			if (isset($defaults['user']['user_attr']) && ($this->user_attr != $defaults['user']['user_attr'])) {
444	32700c57	Assos Assos	$tokens = ['%name' => $defaults['name'], '%default' => $defaults['user']['user_attr'], '%user_attr' => $this->user_attr];
445	bc175c27	Assos Assos	$warnings['user_attr'] = t('The standard UserName attribute in %name is %default. You have %user_attr. This may be correct
446	85ad3d82	Assos Assos	for your particular LDAP.', $tokens);
447			}
448
449			if (isset($defaults['user']['mail_attr']) && $this->mail_attr && ($this->mail_attr != $defaults['user']['mail_attr'])) {
450	32700c57	Assos Assos	$tokens = ['%name' => $defaults['name'], '%default' => $defaults['user']['mail_attr'], '%mail_attr' => $this->mail_attr];
451	bc175c27	Assos Assos	$warnings['mail_attr'] = t('The standard mail attribute in %name is %default. You have %mail_attr. This may be correct
452	85ad3d82	Assos Assos	for your particular LDAP.', $tokens);
453			}
454			}
455			if (!$this->mail_attr && !$this->mail_template) {
456	bc175c27	Assos Assos	$warnings['mail_attr'] = t('Mail attribute or Mail Template should be used for most user account functionality.');
457	85ad3d82	Assos Assos	}
458
459			return $warnings;
460			}
461
462	32700c57	Assos Assos	/**
463			*
464			*/
465			public function drupalFormSubmit($op, $values) {
466	85ad3d82	Assos Assos
467	32700c57	Assos Assos	$this->populateFromDrupalForm($op, $values);
468	85ad3d82	Assos Assos
469	32700c57	Assos Assos	if ($values['clear_bindpw']) {
470			$this->bindpw_clear = TRUE;
471			}
472	85ad3d82	Assos Assos
473	32700c57	Assos Assos	if ($op == 'delete') {
474			$this->delete($this);
475	85ad3d82	Assos Assos	}
476	32700c57	Assos Assos	// Add or edit.
477			else {
478			try {
479			$save_result = $this->save($op);
480			}
481			catch (Exception $e) {
482			$this->setError('Save Error',
483	85ad3d82	Assos Assos	t('Failed to save object. Your form data was not saved.'));
484	32700c57	Assos Assos	}
485	85ad3d82	Assos Assos	}
486			}
487
488	32700c57	Assos Assos	/**
489			*
490			*/
491	85ad3d82	Assos Assos	protected function arrayToLines($array) {
492			$lines = "";
493			if (is_array($array)) {
494			$lines = join("\n", $array);
495			}
496			elseif (is_array(@unserialize($array))) {
497			$lines = join("\n", unserialize($array));
498			}
499			return $lines;
500			}
501
502	32700c57	Assos Assos	/**
503			*
504			*/
505	85ad3d82	Assos Assos	protected function linesToArray($lines) {
506			$lines = trim($lines);
507
508			if ($lines) {
509			$array = preg_split('/[\n\r]+/', $lines);
510			foreach ($array as $i => $value) {
511			$array[$i] = trim($value);
512			}
513			}
514			else {
515	32700c57	Assos Assos	$array = [];
516	85ad3d82	Assos Assos	}
517			return $array;
518			}
519
520	32700c57	Assos Assos	/**
521			*
522			*/
523	85ad3d82	Assos Assos	public static function fields() {
524
525	32700c57	Assos Assos	/**
526	85ad3d82	Assos Assos	* consumer_type is tag (unique alphanumeric id) of consuming authorization such as
527			* drupal_roles, og_groups, civicrm_memberships
528			*/
529	32700c57	Assos Assos	$fields = [
530	85ad3d82	Assos Assos
531	32700c57	Assos Assos	'sid' => [
532			'form' => [
533	85ad3d82	Assos Assos	'fieldset' => 'server',
534			'#type' => 'textfield',
535			'#size' => 20,
536			'#title' => t('Machine name for this server configuration.'),
537			'#description' => t('May only contain alphanumeric characters (a-z, A-Z, 0-9, and _)'),
538			'#required' => TRUE,
539	32700c57	Assos Assos	],
540			'schema' => [
541	85ad3d82	Assos Assos	'type' => 'varchar',
542			'length' => 20,
543			'not null' => TRUE,
544	32700c57	Assos Assos	],
545			],
546	85ad3d82	Assos Assos
547	32700c57	Assos Assos	'numeric_sid' => [
548			'schema' => [
549	85ad3d82	Assos Assos	'type' => 'serial',
550			'unsigned' => TRUE,
551			'not null' => TRUE,
552			'description' => 'Primary ID field for the table. Only used internally.',
553			'no export' => TRUE,
554	32700c57	Assos Assos	],
555			],
556	85ad3d82	Assos Assos
557	32700c57	Assos Assos	'name' => [
558			'form' => [
559	85ad3d82	Assos Assos	'fieldset' => 'server',
560			'#type' => 'textfield',
561			'#size' => 50,
562			'#title' => 'Name',
563			'#description' => t('Choose a <em><strong>unique</strong></em> name for this server configuration.'),
564	32700c57	Assos Assos	],
565			'schema' => [
566	85ad3d82	Assos Assos	'type' => 'varchar',
567			'length' => 255,
568			'not null' => FALSE,
569	32700c57	Assos Assos	],
570			],
571	85ad3d82	Assos Assos
572	32700c57	Assos Assos	'status' => [
573			'form' => [
574	85ad3d82	Assos Assos	'fieldset' => 'server',
575			'#type' => 'checkbox',
576			'#title' => t('Enabled'),
577			'#description' => t('Disable in order to keep configuration without having it active.'),
578			'#required' => FALSE,
579	32700c57	Assos Assos	],
580			'schema' => [
581	85ad3d82	Assos Assos	'type' => 'int',
582			'size' => 'tiny',
583			'not null' => FALSE,
584			'default' => 0,
585	32700c57	Assos Assos	],
586			],
587	85ad3d82	Assos Assos
588	32700c57	Assos Assos	'ldap_type' => [
589			'form' => [
590	85ad3d82	Assos Assos	'fieldset' => 'server',
591			'#type' => 'select',
592	bc175c27	Assos Assos	'#options' => ldap_servers_ldaps_option_array(),
593	85ad3d82	Assos Assos	'#title' => t('LDAP Server Type'),
594			'#description' => t('This field is informative. It\'s purpose is to assist with default values and give validation warnings.'),
595	32700c57	Assos Assos	],
596			'schema' => [
597	85ad3d82	Assos Assos	'type' => 'varchar',
598			'length' => 20,
599			'not null' => FALSE,
600	32700c57	Assos Assos	],
601			],
602	85ad3d82	Assos Assos
603	32700c57	Assos Assos	'address' => [
604			'form' => [
605	85ad3d82	Assos Assos	'fieldset' => 'server',
606			'#type' => 'textfield',
607			'#title' => t('LDAP server'),
608			'#description' => t('The domain name or IP address of your LDAP Server such as "ad.unm.edu". For SSL
609			use the form ldaps://DOMAIN such as "ldaps://ad.unm.edu"'),
610			'#size' => 50,
611	32700c57	Assos Assos	],
612			'schema' => [
613	85ad3d82	Assos Assos	'type' => 'varchar',
614			'length' => 255,
615			'not null' => FALSE,
616	32700c57	Assos Assos	],
617			],
618	85ad3d82	Assos Assos
619	32700c57	Assos Assos	'port' => [
620			'form' => [
621	85ad3d82	Assos Assos	'fieldset' => 'server',
622			'#type' => 'textfield',
623			'#title' => t('LDAP port'),
624			'#size' => 5,
625			'#description' => t('The TCP/IP port on the above server which accepts LDAP connections. Must be an integer.'),
626	32700c57	Assos Assos	],
627			'schema' => [
628	85ad3d82	Assos Assos	'type' => 'int',
629			'not null' => FALSE,
630			'default' => 389,
631	32700c57	Assos Assos	],
632			],
633	85ad3d82	Assos Assos
634	32700c57	Assos Assos	'tls' => [
635			'form' => [
636	85ad3d82	Assos Assos	'fieldset' => 'server',
637			'#type' => 'checkbox',
638			'#title' => t('Use Start-TLS'),
639			'#description' => t('Secure the connection between the Drupal and the LDAP servers using TLS.<br /><em>Note: To use START-TLS, you must set the LDAP Port to 389.</em>'),
640	32700c57	Assos Assos	],
641			'schema' => [
642	85ad3d82	Assos Assos	'type' => 'int',
643			'size' => 'tiny',
644			'not null' => FALSE,
645			'default' => 0,
646	32700c57	Assos Assos	],
647			],
648
649			'followrefs' => [
650			'form' => [
651			'fieldset' => 'server',
652			'#type' => 'checkbox',
653			'#title' => t('Follow LDAP Referrals'),
654			'#description' => t('Makes the LDAP client follow referrals (in the responses from the LDAP server) to other LDAP servers. This requires that the Bind Settings you give, is ALSO valid on these other servers.'),
655			],
656			'schema' => [
657			'type' => 'int',
658			'size' => 'tiny',
659			'not null' => FALSE,
660			'default' => 0,
661			],
662			],
663
664			'bind_method' => [
665			'form' => [
666	85ad3d82	Assos Assos	'fieldset' => 'bind_method',
667			'#type' => 'radios',
668			'#title' => t('Binding Method for Searches (such as finding user object or their group memberships)'),
669	32700c57	Assos Assos	'#options' => [
670	85ad3d82	Assos Assos	LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT => t('Service Account Bind: Use credentials in the
671			<strong>Service Account</strong> field to bind to LDAP. <em>This option is usually a best practice.</em>'),
672
673			LDAP_SERVERS_BIND_METHOD_USER => t('Bind with Users Credentials: Use user\'s entered credentials
674			to bind to LDAP.<br/> This is only useful for modules that execute during user logon such
675			as LDAP Authentication and LDAP Authorization. <em>This option is not a best practice in most cases.</em>
676			This option skips the initial anonymous bind and anonymous search to determine the LDAP user DN, but you
677			can only use this option if your user DNs follow a consistent pattern, for example all of them being of
678			the form "cn=[username],[base dn]", or all of them being of the form "uid=[username],ou=accounts,[base dn]".
679			You specify the pattern under "Expression for user DN" in the next configuration block below.'),
680
681			LDAP_SERVERS_BIND_METHOD_ANON_USER => t('Anonymous Bind for search, then Bind with Users Credentials:
682			Searches for user dn then uses user\'s entered credentials to bind to LDAP.<br/> This is only useful for
683			modules that work during user logon such as LDAP Authentication and LDAP Authorization.
684			The user\'s dn must be discovered by an anonymous search for this option to work.'),
685
686			LDAP_SERVERS_BIND_METHOD_ANON => t('Anonymous Bind: Use no credentials to bind to LDAP server.<br/>
687			<em>This option will not work on most LDAPS connections.</em>'),
688	32700c57	Assos Assos	],
689			],
690			'schema' => [
691	85ad3d82	Assos Assos	'type' => 'int',
692			'size' => 'small',
693			'not null' => FALSE,
694			'default' => 0,
695	be58a50c	Assos Assos	'boolean' => FALSE,
696	32700c57	Assos Assos	],
697			],
698
699			'binding_service_acct' => [
700			'form' => [
701			'fieldset' => 'bind_method',
702			'#type' => 'markup',
703			'#markup' => t('<label>Service Account</label> Some LDAP configurations
704	85ad3d82	Assos Assos	prohibit or restrict the results of anonymous searches. These LDAPs require a DN//password pair
705			for binding. For security reasons, this pair should belong to an
706			LDAP account with stripped down permissions.
707			This is also required for provisioning LDAP accounts and groups!'),
708	32700c57	Assos Assos	],
709			],
710	85ad3d82	Assos Assos
711	32700c57	Assos Assos	'binddn' => [
712			'form' => [
713	85ad3d82	Assos Assos	'fieldset' => 'bind_method',
714			'#type' => 'textfield',
715			'#title' => t('DN for non-anonymous search'),
716			'#size' => 80,
717	32700c57	Assos Assos	'#states' => [
718			'enabled' => [
719			':input[name=bind_method]' => ['value' => (string) LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT],
720			],
721			],
722			],
723			'schema' => [
724	85ad3d82	Assos Assos	'type' => 'varchar',
725			'length' => 511,
726	32700c57	Assos Assos	],
727			],
728	85ad3d82	Assos Assos
729	32700c57	Assos Assos	'bindpw' => [
730			'form' => [
731	85ad3d82	Assos Assos	'fieldset' => 'bind_method',
732			'#type' => 'password',
733			'#title' => t('Password for non-anonymous search'),
734			'#size' => 20,
735	32700c57	Assos Assos	'#states' => [
736			'enabled' => [
737			':input[name=bind_method]' => ['value' => (string) LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT],
738			],
739			],
740			],
741			'schema' => [
742	85ad3d82	Assos Assos	'type' => 'varchar',
743			'length' => 255,
744	32700c57	Assos Assos	],
745			],
746	85ad3d82	Assos Assos
747	32700c57	Assos Assos	'clear_bindpw' => [
748			'form' => [
749	85ad3d82	Assos Assos	'fieldset' => 'bind_method',
750			'#type' => 'checkbox',
751			'#title' => t('Clear existing password from database. Check this when switching away from Service Account Binding.'),
752			'#default_value' => 0,
753	32700c57	Assos Assos	],
754			],
755	85ad3d82	Assos Assos
756	32700c57	Assos Assos	'basedn' => [
757			'form' => [
758	85ad3d82	Assos Assos	'fieldset' => 'users',
759			'#type' => 'textarea',
760			'#cols' => 50,
761			'#rows' => 6,
762			'#title' => t('Base DNs for LDAP users, groups, and other entries.'),
763			'#description' => '<div>' . t('What DNs have entries relavant to this configuration?
764			e.g. <code>ou=campus accounts,dc=ad,dc=uiuc,dc=edu</code>
765			Keep in mind that every additional basedn likely doubles the number of queries. Place the
766			more heavily used one first and consider using one higher base DN rather than 2 or more lower base DNs.
767			Enter one per line in case if you need more than one.') . '</div>',
768	32700c57	Assos Assos	],
769			'schema' => [
770	85ad3d82	Assos Assos	'type' => 'text',
771			'serialize' => TRUE,
772	32700c57	Assos Assos	],
773			],
774	85ad3d82	Assos Assos
775	32700c57	Assos Assos	'user_attr' => [
776			'form' => [
777	85ad3d82	Assos Assos	'fieldset' => 'users',
778			'#type' => 'textfield',
779			'#size' => 30,
780			'#title' => t('AuthName attribute'),
781			'#description' => t('The attribute that holds the users\' login name. (eg. <code>cn</code> for eDir or <code>sAMAccountName</code> for Active Directory).'),
782	32700c57	Assos Assos	],
783			'schema' => [
784	85ad3d82	Assos Assos	'type' => 'varchar',
785			'length' => 255,
786			'not null' => FALSE,
787	32700c57	Assos Assos	],
788			],
789	85ad3d82	Assos Assos
790	32700c57	Assos Assos	'account_name_attr' => [
791			'form' => [
792	85ad3d82	Assos Assos	'fieldset' => 'users',
793			'#type' => 'textfield',
794			'#size' => 30,
795			'#title' => t('AccountName attribute'),
796			'#description' => t('The attribute that holds the unique account name. Defaults to the same as the AuthName attribute.'),
797	32700c57	Assos Assos	],
798			'schema' => [
799	85ad3d82	Assos Assos	'type' => 'varchar',
800			'length' => 255,
801			'not null' => FALSE,
802			'default' => '',
803	32700c57	Assos Assos	],
804			],
805	85ad3d82	Assos Assos
806	32700c57	Assos Assos	'mail_attr' => [
807			'form' => [
808	85ad3d82	Assos Assos	'fieldset' => 'users',
809			'#type' => 'textfield',
810			'#size' => 30,
811			'#title' => t('Email attribute'),
812			'#description' => t('The attribute that holds the users\' email address. (eg. <code>mail</code>). Leave empty if no such attribute exists'),
813	32700c57	Assos Assos	],
814			'schema' => [
815	85ad3d82	Assos Assos	'type' => 'varchar',
816			'length' => 255,
817			'not null' => FALSE,
818	32700c57	Assos Assos	],
819			],
820	85ad3d82	Assos Assos
821	32700c57	Assos Assos	'mail_template' => [
822			'form' => [
823	85ad3d82	Assos Assos	'fieldset' => 'users',
824			'#type' => 'textfield',
825			'#size' => 30,
826			'#title' => t('Email template'),
827			'#description' => t('If no attribute contains the user\'s email address, but it can be derived from other attributes,
828			enter an email "template" here.
829			Templates should have the user\'s attribute name in form such as [cn], [uin], etc.
830			such as <code>[cn]@mycompany.com</code>.
831			See http://drupal.org/node/997082 for additional documentation on ldap tokens.
832			'),
833	32700c57	Assos Assos	],
834			'schema' => [
835	85ad3d82	Assos Assos	'type' => 'varchar',
836			'length' => 255,
837			'not null' => FALSE,
838	32700c57	Assos Assos	],
839			],
840
841			'picture_attr' => [
842			'form' => [
843			'fieldset' => 'users',
844			'#type' => 'textfield',
845			'#size' => 30,
846			'#title' => t('Thumbnail attribute'),
847			'#description' => t('The attribute that holds the users\' thumnail image. (eg. <code>thumbnailPhoto</code>). Leave empty if no such attribute exists'),
848			],
849			'schema' => [
850			'type' => 'varchar',
851			'length' => 255,
852			'not null' => FALSE,
853			],
854			],
855
856			'unique_persistent_attr' => [
857			'form' => [
858	85ad3d82	Assos Assos	'fieldset' => 'users',
859			'#type' => 'textfield',
860			'#size' => 30,
861			'#title' => t('Persistent and Unique User ID Attribute'),
862			'#description' => t('In some LDAPs, a user\'s DN, CN, or mail value may
863			change when a user\'s name changes or for other reasons.
864			In order to avoid creation of multiple accounts for that user or other ambiguities,
865			enter a unique and persistent ldap attribute for users. In cases
866			where DN does not change, enter "dn" here.
867			If no such attribute exists, leave this blank.'
868	32700c57	Assos Assos	),
869			],
870			'schema' => [
871	85ad3d82	Assos Assos	'type' => 'varchar',
872			'length' => 64,
873			'not null' => FALSE,
874	32700c57	Assos Assos	],
875			],
876	85ad3d82	Assos Assos
877	32700c57	Assos Assos	'unique_persistent_attr_binary' => [
878			'form' => [
879	85ad3d82	Assos Assos	'fieldset' => 'users',
880			'#type' => 'checkbox',
881	be58a50c	Assos Assos	'#title' => t('Does the <em>Persistent and Unique User ID
882			Attribute</em> hold a binary value?'),
883			'#description' => t('You need to set this if you are using a binary
884			attribute such as objectSid in ActiveDirectory for the PUID.<br>
885			If you don\'t want this consider switching to another attribute,
886			such as samaccountname.'),
887	32700c57	Assos Assos	],
888			'schema' => [
889	85ad3d82	Assos Assos	'type' => 'int',
890			'size' => 'tiny',
891			'not null' => FALSE,
892			'default' => 0,
893	32700c57	Assos Assos	],
894			],
895	85ad3d82	Assos Assos
896	32700c57	Assos Assos	'user_dn_expression' => [
897			'form' => [
898	85ad3d82	Assos Assos	'fieldset' => 'users',
899			'#type' => 'textfield',
900			'#size' => 80,
901			'#title' => t('Expression for user DN. Required when "Bind with Users Credentials" method selected.'),
902			'#description' => t('%username and %basedn are valid tokens in the expression.
903			Typically it will be:<br/> <code>cn=%username,%basedn</code>
904			which might evaluate to <code>cn=jdoe,ou=campus accounts,dc=ad,dc=mycampus,dc=edu</code>
905			Base DNs are entered above.'),
906	32700c57	Assos Assos	],
907			'schema' => [
908	85ad3d82	Assos Assos	'type' => 'varchar',
909			'length' => 255,
910			'not null' => FALSE,
911	32700c57	Assos Assos	],
912			],
913	85ad3d82	Assos Assos
914	32700c57	Assos Assos	'ldap_to_drupal_user' => [
915			'form' => [
916	85ad3d82	Assos Assos	'fieldset' => 'users',
917			'#disabled' => (!module_exists('php')),
918			'#type' => 'textarea',
919			'#cols' => 25,
920			'#rows' => 5,
921			'#title' => t('PHP to transform Drupal login username to LDAP UserName attribute.'),
922			'#description' => t('This will appear as disabled unless the "PHP filter" core module is enabled. Enter PHP to transform Drupal username to the value of the UserName attribute.
923			The code should print the UserName attribute.
924			PHP filter module must be enabled for this to work.
925			The variable $name is available and is the user\'s login username.
926			Careful, bad PHP code here will break your site. If left empty, no name transformation will be done.
927			<br/>Example:<br/>Given the user will logon with jdoe@xyz.com and you want the ldap UserName attribute to be
928			jdoe.<br/><code>$parts = explode(\'@\', $name); if (count($parts) == 2) {print $parts[0]};</code>'),
929	32700c57	Assos Assos	],
930			'schema' => [
931	85ad3d82	Assos Assos	'type' => 'varchar',
932			'length' => 1024,
933			'not null' => FALSE,
934	32700c57	Assos Assos	],
935			],
936	85ad3d82	Assos Assos
937	32700c57	Assos Assos	'testing_drupal_username' => [
938			'form' => [
939	85ad3d82	Assos Assos	'fieldset' => 'users',
940			'#type' => 'textfield',
941			'#size' => 30,
942			'#title' => t('Testing Drupal Username'),
943			'#description' => t('This is optional and used for testing this server\'s configuration against an actual username. The user need not exist in Drupal and testing will not affect the user\'s LDAP or Drupal Account.'),
944	32700c57	Assos Assos	],
945			'schema' => [
946	85ad3d82	Assos Assos	'type' => 'varchar',
947			'length' => 255,
948			'not null' => FALSE,
949	32700c57	Assos Assos	],
950			],
951	85ad3d82	Assos Assos
952	32700c57	Assos Assos	'testing_drupal_user_dn' => [
953			'form' => [
954	85ad3d82	Assos Assos	'fieldset' => 'users',
955			'#type' => 'textfield',
956			'#size' => 120,
957			'#title' => t('DN of testing username, e.g. cn=hpotter,ou=people,dc=hogwarts,dc=edu'),
958			'#description' => t('This is optional and used for testing this server\'s configuration against an actual username. The user need not exist in Drupal and testing will not affect the user\'s LDAP or Drupal Account.'),
959	32700c57	Assos Assos	],
960			'schema' => [
961	85ad3d82	Assos Assos	'type' => 'varchar',
962			'length' => 255,
963			'not null' => FALSE,
964	32700c57	Assos Assos	],
965			],
966	85ad3d82	Assos Assos
967	32700c57	Assos Assos	'grp_unused' => [
968			'form' => [
969	85ad3d82	Assos Assos	'fieldset' => 'groups',
970			'#type' => 'checkbox',
971			'#title' => t('Groups are not relevant to this Drupal site. This is generally true if LDAP Groups, LDAP Authorization, etc are not it use.'),
972			'#disabled' => FALSE,
973	32700c57	Assos Assos	],
974			'schema' => [
975	85ad3d82	Assos Assos	'type' => 'int',
976			'size' => 'tiny',
977			'not null' => FALSE,
978			'default' => 0,
979	32700c57	Assos Assos	],
980			],
981	85ad3d82	Assos Assos
982	32700c57	Assos Assos	'grp_object_cat' => [
983			'form' => [
984	85ad3d82	Assos Assos	'fieldset' => 'groups',
985			'#type' => 'textfield',
986			'#size' => 30,
987			'#title' => t('Name of Group Object Class'),
988			'#description' => t('e.g. groupOfNames, groupOfUniqueNames, group.'),
989	32700c57	Assos Assos	'#states' => [
990			'visible' => [
991			':input[name=grp_unused]' => ['checked' => FALSE],
992			],
993			],
994			],
995			'schema' => [
996	85ad3d82	Assos Assos	'type' => 'varchar',
997			'length' => 64,
998			'not null' => FALSE,
999	32700c57	Assos Assos	],
1000			],
1001	85ad3d82	Assos Assos
1002	32700c57	Assos Assos	'grp_nested' => [
1003			'form' => [
1004	85ad3d82	Assos Assos	'fieldset' => 'groups',
1005			'#type' => 'checkbox',
1006			'#title' => t('Nested groups are used in my LDAP'),
1007			'#disabled' => FALSE,
1008			'#description' => t('If a user is a member of group A and group A is a member of group B,
1009			user should be considered to be in group A and B. If your LDAP has nested groups, but you
1010			want to ignore nesting, leave this unchecked.'),
1011	32700c57	Assos Assos	'#states' => [
1012			'visible' => [
1013			':input[name=grp_unused]' => ['checked' => FALSE],
1014			],
1015			],
1016			],
1017			'schema' => [
1018	85ad3d82	Assos Assos	'type' => 'int',
1019			'size' => 'tiny',
1020			'not null' => FALSE,
1021			'default' => 0,
1022	32700c57	Assos Assos	],
1023			],
1024	85ad3d82	Assos Assos
1025	32700c57	Assos Assos	'grp_user_memb_attr_exists' => [
1026			'form' => [
1027	85ad3d82	Assos Assos	'fieldset' => 'groups',
1028			'#type' => 'checkbox',
1029			'#title' => t('A user LDAP attribute such as <code>memberOf</code> exists that contains a list of their groups.
1030			Active Directory and openLdap with memberOf overlay fit this model.'),
1031			'#disabled' => FALSE,
1032	32700c57	Assos Assos	'#states' => [
1033			'visible' => [
1034			':input[name=grp_unused]' => ['checked' => FALSE],
1035			],
1036			],
1037			],
1038			'schema' => [
1039	85ad3d82	Assos Assos	'type' => 'int',
1040			'size' => 'tiny',
1041			'not null' => FALSE,
1042			'default' => 0,
1043	32700c57	Assos Assos	],
1044			],
1045	85ad3d82	Assos Assos
1046	32700c57	Assos Assos	'grp_user_memb_attr' => [
1047			'form' => [
1048	85ad3d82	Assos Assos	'fieldset' => 'groups',
1049			'#type' => 'textfield',
1050			'#size' => 30,
1051			'#title' => t('Attribute in User Entry Containing Groups'),
1052			'#description' => t('e.g. memberOf'),
1053	32700c57	Assos Assos	'#states' => [
1054			'enabled' => [
1055			':input[name=grp_user_memb_attr_exists]' => ['checked' => TRUE],
1056			],
1057			'visible' => [
1058			':input[name=grp_unused]' => ['checked' => FALSE],
1059			],
1060			],
1061			],
1062			'schema' => [
1063	85ad3d82	Assos Assos	'type' => 'varchar',
1064			'length' => 255,
1065			'not null' => FALSE,
1066	32700c57	Assos Assos	],
1067			],
1068	85ad3d82	Assos Assos
1069	32700c57	Assos Assos	'grp_memb_attr' => [
1070			'form' => [
1071	85ad3d82	Assos Assos	'fieldset' => 'groups',
1072			'#type' => 'textfield',
1073			'#size' => 30,
1074			'#title' => t('LDAP Group Entry Attribute Holding User\'s DN, CN, etc.'),
1075			'#description' => t('e.g uniquemember, memberUid'),
1076	32700c57	Assos Assos	'#states' => [
1077			'visible' => [
1078			':input[name=grp_unused]' => ['checked' => FALSE],
1079			],
1080			],
1081			],
1082			'schema' => [
1083	85ad3d82	Assos Assos	'type' => 'varchar',
1084			'length' => 255,
1085			'not null' => FALSE,
1086	32700c57	Assos Assos	],
1087			],
1088	85ad3d82	Assos Assos
1089	32700c57	Assos Assos	'grp_memb_attr_match_user_attr' => [
1090			'form' => [
1091	85ad3d82	Assos Assos	'fieldset' => 'groups',
1092			'#type' => 'textfield',
1093			'#size' => 30,
1094			'#title' => t('User attribute held in "LDAP Group Entry Attribute Holding..."'),
1095			'#description' => t('This is almost always "dn" (which technically isn\'t an attribute). Sometimes its "cn".'),
1096	32700c57	Assos Assos	'#states' => [
1097			'visible' => [
1098			':input[name=grp_unused]' => ['checked' => FALSE],
1099			],
1100			],
1101			],
1102			'schema' => [
1103	85ad3d82	Assos Assos	'type' => 'varchar',
1104			'length' => 255,
1105			'not null' => FALSE,
1106	32700c57	Assos Assos	],
1107			],
1108	85ad3d82	Assos Assos
1109	32700c57	Assos Assos	'grp_derive_from_dn' => [
1110			'form' => [
1111	85ad3d82	Assos Assos	'fieldset' => 'groups',
1112			'#type' => 'checkbox',
1113			'#title' => t('Groups are derived from user\'s LDAP entry DN.') . '<em>' .
1114	32700c57	Assos Assos	t('This
1115	85ad3d82	Assos Assos	group definition has very limited functionality and most modules will
1116			not take this into account. LDAP Authorization will.') . '</em>',
1117			'#disabled' => FALSE,
1118	32700c57	Assos Assos	'#states' => [
1119			'visible' => [
1120			':input[name=grp_unused]' => ['checked' => FALSE],
1121			],
1122			],
1123			],
1124			'schema' => [
1125	85ad3d82	Assos Assos	'type' => 'int',
1126			'size' => 'tiny',
1127			'not null' => FALSE,
1128			'default' => 0,
1129	32700c57	Assos Assos	],
1130			],
1131	85ad3d82	Assos Assos
1132	32700c57	Assos Assos	'grp_derive_from_dn_attr' => [
1133			'form' => [
1134	85ad3d82	Assos Assos	'fieldset' => 'groups',
1135			'#type' => 'textfield',
1136			'#size' => 30,
1137			'#title' => t('Attribute of the User\'s LDAP Entry DN which contains the group'),
1138			'#description' => t('e.g. ou'),
1139	32700c57	Assos Assos	'#states' => [
1140			'enabled' => [
1141			':input[name=grp_derive_from_dn]' => ['checked' => TRUE],
1142			],
1143			'visible' => [
1144			':input[name=grp_unused]' => ['checked' => FALSE],
1145			],
1146			],
1147			],
1148			'schema' => [
1149	85ad3d82	Assos Assos	'type' => 'varchar',
1150			'length' => 255,
1151			'not null' => FALSE,
1152	32700c57	Assos Assos	],
1153			],
1154	85ad3d82	Assos Assos
1155	32700c57	Assos Assos	'grp_test_grp_dn' => [
1156			'form' => [
1157	85ad3d82	Assos Assos	'fieldset' => 'groups',
1158			'#type' => 'textfield',
1159			'#size' => 120,
1160			'#title' => t('Testing LDAP Group DN'),
1161			'#description' => t('This is optional and can be useful for debugging and validating forms.'),
1162	32700c57	Assos Assos	'#states' => [
1163			'visible' => [
1164			':input[name=grp_unused]' => ['checked' => FALSE],
1165			],
1166			],
1167			],
1168			'schema' => [
1169	85ad3d82	Assos Assos	'type' => 'varchar',
1170			'length' => 255,
1171			'not null' => FALSE,
1172	32700c57	Assos Assos	],
1173			],
1174	85ad3d82	Assos Assos
1175	32700c57	Assos Assos	'grp_test_grp_dn_writeable' => [
1176			'form' => [
1177	85ad3d82	Assos Assos	'fieldset' => 'groups',
1178			'#type' => 'textfield',
1179			'#size' => 120,
1180			'#title' => t('Testing LDAP Group DN that is writable. WARNING the test script for the server will create, delete, and add members to this group!'),
1181			'#description' => t('This is optional and can be useful for debugging and validating forms.'),
1182	32700c57	Assos Assos	'#states' => [
1183			'visible' => [
1184			':input[name=grp_unused]' => ['checked' => FALSE],
1185			],
1186			],
1187			],
1188			'schema' => [
1189	85ad3d82	Assos Assos	'type' => 'varchar',
1190			'length' => 255,
1191			'not null' => FALSE,
1192	32700c57	Assos Assos	],
1193			],
1194	85ad3d82	Assos Assos
1195	32700c57	Assos Assos	'search_pagination' => [
1196			'form' => [
1197	85ad3d82	Assos Assos	'fieldset' => 'pagination',
1198			'#type' => 'checkbox',
1199			'#title' => t('Use LDAP Pagination.'),
1200			'#disabled' => !ldap_servers_php_supports_pagination(),
1201	32700c57	Assos Assos	],
1202			'schema' => [
1203	85ad3d82	Assos Assos	'type' => 'int',
1204			'size' => 'tiny',
1205			'not null' => FALSE,
1206			'default' => 0,
1207	32700c57	Assos Assos	],
1208			],
1209	85ad3d82	Assos Assos
1210	32700c57	Assos Assos	'search_page_size' => [
1211			'form' => [
1212	85ad3d82	Assos Assos	'fieldset' => 'pagination',
1213			'#type' => 'textfield',
1214			'#size' => 10,
1215			'#disabled' => !ldap_servers_php_supports_pagination(),
1216			'#title' => t('Pagination size limit.'),
1217			'#description' => t('This should be equal to or smaller than the max
1218			number of entries returned at a time by your ldap server.
1219			1000 is a good guess when unsure. Other modules such as LDAP Query
1220			or LDAP Feeds will be allowed to set a smaller page size, but not
1221			a larger one.'),
1222	32700c57	Assos Assos	'#states' => [
1223			'visible' => [
1224			':input[name="search_pagination"]' => ['checked' => TRUE],
1225			],
1226			],
1227			],
1228			'schema' => [
1229	85ad3d82	Assos Assos	'type' => 'int',
1230			'size' => 'medium',
1231			'not null' => FALSE,
1232			'default' => 1000,
1233	32700c57	Assos Assos	],
1234			],
1235	85ad3d82	Assos Assos
1236	32700c57	Assos Assos	'weight' => [
1237			'schema' => [
1238	85ad3d82	Assos Assos	'type' => 'int',
1239			'not null' => FALSE,
1240			'default' => 0,
1241	32700c57	Assos Assos	],
1242			],
1243	85ad3d82	Assos Assos
1244	32700c57	Assos Assos	];
1245	85ad3d82	Assos Assos
1246	32700c57	Assos Assos	return $fields;
1247	85ad3d82	Assos Assos
1248			}
1249	32700c57	Assos Assos
1250	85ad3d82	Assos Assos	}

Projet

Général

Profil

Club Drupal

root / drupal7 / sites / all / modules / ldap / ldap_servers / LdapServerAdmin.class.php @ 91af538d