root / drupal7 / sites / all / modules / ldap / ldap_servers / ldap_servers.api.php @ 91af538d
| 1 | 85ad3d82 | Assos Assos | <?php
|
|---|---|---|---|
| 2 | |||
| 3 | /**
|
||
| 4 | * @file
|
||
| 5 | 32700c57 | Assos Assos | * Hooks provided by ldap_servers module.
|
| 6 | 85ad3d82 | Assos Assos | */
|
| 7 | |||
| 8 | /**
|
||
| 9 | * Allows other modules to periodically affect an ldap associated user
|
||
| 10 | * or its corresponding ldap entry.
|
||
| 11 | *
|
||
| 12 | 32700c57 | Assos Assos | * When cron runs a batch of ldap associated drupal accounts
|
| 13 | 85ad3d82 | Assos Assos | * will be looked at and marked as tested. over the course
|
| 14 | 32700c57 | Assos Assos | * of time all ldap related users will be looked at.
|
| 15 | 85ad3d82 | Assos Assos | *
|
| 16 | * Each module implementing this hook is responsible for
|
||
| 17 | * altering ldap entries and drupal user objects; simply
|
||
| 18 | * altering the variables will have no affect on the actual
|
||
| 19 | * ldap entry or drupal user
|
||
| 20 | */
|
||
| 21 | function hook_ldap_servers_user_cron(&$users) { |
||
| 22 | |||
| 23 | } |
||
| 24 | |||
| 25 | /**
|
||
| 26 | 32700c57 | Assos Assos | * Helper hook to see if a batch of ldap users
|
| 27 | * needs to be queried.
|
||
| 28 | 85ad3d82 | Assos Assos | *
|
| 29 | 32700c57 | Assos Assos | * If a module implements hook_ldap_servers_user_cron,
|
| 30 | 85ad3d82 | Assos Assos | * but currently does not need to process user cron batches,
|
| 31 | 32700c57 | Assos Assos | * it should return FALSE.
|
| 32 | 85ad3d82 | Assos Assos | */
|
| 33 | function hook_ldap_servers_user_cron_needed() { |
||
| 34 | return TRUE; |
||
| 35 | } |
||
| 36 | |||
| 37 | /**
|
||
| 38 | * Allows other modules to alter ldap entry or perform other necessary
|
||
| 39 | * LDAP operations before entires are provisioned.
|
||
| 40 | 32700c57 | Assos Assos | * This should be invoked before provisioning ldap entries.
|
| 41 | 85ad3d82 | Assos Assos | *
|
| 42 | 32700c57 | Assos Assos | * @param array $ldap_entries
|
| 43 | * as array keyed on lowercase dn of entry with
|
||
| 44 | 85ad3d82 | Assos Assos | * value of array in format used in ldap_add or ldap_modify function
|
| 45 | * e.g.
|
||
| 46 | * $ldap_entries['cn=jkool,ou=guest accounts,dc=ad,dc=myuniversity,dc=edu'] = array(
|
||
| 47 | * "attribute1" => array("value"),
|
||
| 48 | * "attribute2" => array("value1", "value2"),
|
||
| 49 | 32700c57 | Assos Assos | * );.
|
| 50 | 85ad3d82 | Assos Assos | *
|
| 51 | 32700c57 | Assos Assos | * @param LdapServer $ldap_server
|
| 52 | * as ldap server configuration object that is
|
||
| 53 | * performing provisioning.
|
||
| 54 | 85ad3d82 | Assos Assos | *
|
| 55 | 32700c57 | Assos Assos | * @param array $context
|
| 56 | * with the following key/values:
|
||
| 57 | 85ad3d82 | Assos Assos | * 'action' => add|modify|delete
|
| 58 | *
|
||
| 59 | * 'corresponding_drupal_data' => if ldap entries have corresponding drupal objects, such
|
||
| 60 | * as ldap user entries and drupal user objects; ldap groups and drupal roles; etc
|
||
| 61 | 32700c57 | Assos Assos | * this will be array keyed on lowercase dn with values of objects, e.g. :
|
| 62 | * [
|
||
| 63 | 85ad3d82 | Assos Assos | * 'cn=jkool,ou=guest accounts,dc=ad,dc=myuniversity,dc=edu' => drupal user object1,
|
| 64 | 32700c57 | Assos Assos | * 'cn=jfun,ou=guest accounts,dc=ad,dc=myuniversity,dc=edu => drupal user object2,
|
| 65 | * ]
|
||
| 66 | 85ad3d82 | Assos Assos | * 'corresponding_drupal_data_type' => 'user', 'role', etc.
|
| 67 | */
|
||
| 68 | function hook_ldap_entry_pre_provision_alter(&$ldap_entries, $ldap_server, $context) { |
||
| 69 | |||
| 70 | } |
||
| 71 | |||
| 72 | /**
|
||
| 73 | * Allows modules to react to provisioning of ldap entries.
|
||
| 74 | *
|
||
| 75 | 32700c57 | Assos Assos | * This should be invoked after provisioning ldap entries.
|
| 76 | 85ad3d82 | Assos Assos | *
|
| 77 | * -- same signature as hook_ldap_entry_pre_provision_alter with ldap entries not passed by reference
|
||
| 78 | * -- ldap entries are not queried after provisioning, so $ldap_entries are in form
|
||
| 79 | * hook_ldap_entry_pre_provision; not actual queryied ldap entries
|
||
| 80 | * -- if actual ldap entries are available after provisioning, they will be in
|
||
| 81 | * $context['provisioned_ldap_entries][<dn>] => ldap entry array in format of an ldap query
|
||
| 82 | * returned from ldap_get_entries() with 'count' keys
|
||
| 83 | */
|
||
| 84 | function hook_ldap_entry_post_provision(&$ldap_entries, $ldap_server, $context) { |
||
| 85 | |||
| 86 | } |
||
| 87 | |||
| 88 | /**
|
||
| 89 | * Perform alterations of ldap attributes before query is made.
|
||
| 90 | *
|
||
| 91 | * To avoid excessive attributes in an ldap query, modules should
|
||
| 92 | 32700c57 | Assos Assos | * alter attributes needed based on $op parameter.
|
| 93 | 85ad3d82 | Assos Assos | *
|
| 94 | * @param array $attributes
|
||
| 95 | * array of attributes to be returned from ldap queries where:
|
||
| 96 | * - each key is ldap attribute name (e.g. mail, cn)
|
||
| 97 | * - each value is associative array of form:
|
||
| 98 | * - 'conversion' => NULL,
|
||
| 99 | * - 'values' => array(0 => 'john', 1 => 'johnny'))
|
||
| 100 | *
|
||
| 101 | 32700c57 | Assos Assos | * @param array $params
|
| 102 | * context array with some or all of the following key/values
|
||
| 103 | 85ad3d82 | Assos Assos | * 'sid' => drupal account object,
|
| 104 | * 'ldap_context' => ,
|
||
| 105 | 32700c57 | Assos Assos | * 'direction' =>.
|
| 106 | 85ad3d82 | Assos Assos | */
|
| 107 | function hook_ldap_attributes_needed_alter(&$attributes, $params) { |
||
| 108 | |||
| 109 | 32700c57 | Assos Assos | $attributes['dn'] = ldap_servers_set_attribute_map(@$attributes['dn'], 'ldap_dn'); |
| 110 | // Puid attributes are server specific.
|
||
| 111 | if ($params['sid']) { |
||
| 112 | 85ad3d82 | Assos Assos | $ldap_server = (is_object($params['sid'])) ? $params['sid'] : ldap_servers_get_servers($params['sid'], 'enabled', TRUE); |
| 113 | |||
| 114 | switch ($op) { |
||
| 115 | case 'user_insert': |
||
| 116 | case 'user_update': |
||
| 117 | if (!isset($attributes[$ldap_server->user_attr])) { |
||
| 118 | // don't provide attribute if it exists, unless you are adding data_type or value information
|
||
| 119 | // in that case, don't overwrite the whole array (see $ldap_server->mail_attr example below)
|
||
| 120 | $attributes[$ldap_server->user_attr] = ldap_servers_set_attribute_map(); |
||
| 121 | } |
||
| 122 | if (!isset($attributes[$ldap_server->mail_attr])) { |
||
| 123 | 32700c57 | Assos Assos | // Set default values for an attribute, force data_type.
|
| 124 | $attributes[$ldap_server->mail_attr] = ldap_servers_set_attribute_map(); |
||
| 125 | 85ad3d82 | Assos Assos | } |
| 126 | |||
| 127 | bc175c27 | Assos Assos | ldap_servers_token_extract_attributes($attributes, $ldap_server_obj->mail_template); |
| 128 | 85ad3d82 | Assos Assos | $attributes[$ldap_server->unique_persistent_attr] = ldap_servers_set_attribute_map(@$attributes[$ldap_server->unique_persistent_attr]); |
| 129 | |||
| 130 | 32700c57 | Assos Assos | break;
|
| 131 | 85ad3d82 | Assos Assos | } |
| 132 | } |
||
| 133 | } |
||
| 134 | |||
| 135 | /**
|
||
| 136 | * Perform alterations of $ldap_user variable.
|
||
| 137 | *
|
||
| 138 | 32700c57 | Assos Assos | * @param array $ldap_user
|
| 139 | * see README.developers.txt for structure.
|
||
| 140 | * @param array $params
|
||
| 141 | * context array with some or all of the following key/values
|
||
| 142 | 85ad3d82 | Assos Assos | * 'account' => drupal account object,
|
| 143 | * 'ldap_context' => ,
|
||
| 144 | * 'module' => module calling alter, e.g. 'ldap_user',
|
||
| 145 | 32700c57 | Assos Assos | * 'function' => function calling alter, e.g. 'provisionLdapEntry'.
|
| 146 | 85ad3d82 | Assos Assos | */
|
| 147 | function hook_ldap_user_alter(&$ldap_entry, $params) { |
||
| 148 | |||
| 149 | } |
||
| 150 | |||
| 151 | /**
|
||
| 152 | * Allow the results from the ldap search answer to be modified
|
||
| 153 | * The query parameters are provided as context infomation
|
||
| 154 | * (readonly)
|
||
| 155 | */
|
||
| 156 | function hook_ldap_server_search_results_alter(&$entries, $ldap_query_params) { |
||
| 157 | 32700c57 | Assos Assos | // Look for a specific part of the $results array
|
| 158 | // and maybe change it.
|
||
| 159 | 85ad3d82 | Assos Assos | } |
| 160 | |||
| 161 | /**
|
||
| 162 | * Allows other modules to transform the Drupal login username to an LDAP
|
||
| 163 | * UserName attribute.
|
||
| 164 | * Invoked in LdapServer::userUsernameToLdapNameTransform()
|
||
| 165 | *
|
||
| 166 | * @param $ldap_username
|
||
| 167 | * The ldap username that will be used for the AuthName attribute
|
||
| 168 | * @param $drupal_username
|
||
| 169 | * The Drupal user name
|
||
| 170 | * @param $context
|
||
| 171 | * An array of additional contextual information
|
||
| 172 | * - ldap_server: The LDAP server that is invoking the hook
|
||
| 173 | */
|
||
| 174 | function hook_user_ldap_servers_username_to_ldapname_alter(&$ldap_username, $drupal_username, $context) { |
||
| 175 | 32700c57 | Assos Assos | // Alter the name only if it has not been altered already, ie php eval code.
|
| 176 | 85ad3d82 | Assos Assos | if ($ldap_username == $drupal_username) { |
| 177 | $authname = ldap_user_get_authname($ldap_username); |
||
| 178 | if (!empty($authname)) { |
||
| 179 | $ldap_username = $authname; |
||
| 180 | } |
||
| 181 | } |
||
| 182 | } |