1 |
85ad3d82
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
|
|
/**
|
4 |
|
|
* @file
|
5 |
|
|
* Install, update and uninstall functions for the LDAP API module.
|
6 |
|
|
*/
|
7 |
|
|
|
8 |
|
|
/**
|
9 |
|
|
* Implements hook_install().
|
10 |
|
|
*/
|
11 |
|
|
function ldap_servers_install() {
|
12 |
|
|
|
13 |
|
|
}
|
14 |
|
|
|
15 |
|
|
/**
|
16 |
|
|
* Implements hook_uninstall().
|
17 |
|
|
*/
|
18 |
|
|
function ldap_servers_uninstall() {
|
19 |
|
|
variable_del('ldap_servers_encryption');
|
20 |
7547bb19
|
Assos Assos
|
variable_del('ldap_servers_require_ssl_for_credentials');
|
21 |
85ad3d82
|
Assos Assos
|
variable_del('ldap_servers_encrypt_key');
|
22 |
|
|
|
23 |
|
|
}
|
24 |
|
|
|
25 |
|
|
/**
|
26 |
|
|
* Implements hook_requirements().
|
27 |
|
|
*/
|
28 |
|
|
function ldap_servers_requirements($phase) {
|
29 |
32700c57
|
Assos Assos
|
$requirements = [];
|
30 |
5136ce55
|
Assos Assos
|
$t = get_t();
|
31 |
85ad3d82
|
Assos Assos
|
|
32 |
|
|
if ($phase == 'install') {
|
33 |
|
|
$requirements['ldap_extension_loaded']['title'] = t('LDAP Extension Loaded');
|
34 |
|
|
if (extension_loaded('ldap')) {
|
35 |
|
|
$requirements['ldap_extension_loaded']['severity'] = REQUIREMENT_OK;
|
36 |
|
|
}
|
37 |
|
|
else {
|
38 |
|
|
$requirements['ldap_extension_loaded']['severity'] = REQUIREMENT_ERROR;
|
39 |
|
|
$requirements['ldap_extension_loaded']['description'] = t('No LDAP PHP Extension is loaded for PHP, so LDAP will not work properly.');
|
40 |
|
|
}
|
41 |
|
|
}
|
42 |
|
|
|
43 |
|
|
if ($phase == 'runtime' && !extension_loaded('ldap')) {
|
44 |
|
|
$requirements['ldap_extension_loaded']['title'] = t('LDAP Extension Loaded');
|
45 |
|
|
$requirements['ldap_extension_loaded']['severity'] = REQUIREMENT_ERROR;
|
46 |
|
|
$requirements['ldap_extension_loaded']['description'] = t('No LDAP PHP Extension is loaded for PHP, so LDAP will not work properly.');
|
47 |
|
|
}
|
48 |
|
|
|
49 |
|
|
if ($phase != "install" && db_table_exists('ldapauth')) {
|
50 |
|
|
$requirements['ldap_servers']['title'] = t('LDAP Integration LDAP Auth to LDAP Servers Upgrade Concern');
|
51 |
|
|
$requirements['ldap_servers']['severity'] = REQUIREMENT_WARNING;
|
52 |
|
|
$requirements['ldap_servers']['value'] = NULL;
|
53 |
|
|
$requirements['ldap_servers']['description'] = t('Upgrade from Drupal 6 LDAP Auth to Drupal 7
|
54 |
|
|
LDAP Servers is not automatic. LDAP Servers will need to be configured by hand.
|
55 |
|
|
See http://drupal.org/node/1023016. This message will go away when the ldapauth database table is removed.');
|
56 |
|
|
}
|
57 |
32700c57
|
Assos Assos
|
// Check that ldapauth not installed.
|
58 |
5136ce55
|
Assos Assos
|
// Check enabled LDAP servers are configured and Drupal can connect to them.
|
59 |
|
|
if ($phase == 'runtime') {
|
60 |
32700c57
|
Assos Assos
|
$requirements['ldap_servers_enabled'] = [
|
61 |
5136ce55
|
Assos Assos
|
'title' => $t('LDAP Server status'),
|
62 |
bc175c27
|
Assos Assos
|
'value' => $t('Disabled'),
|
63 |
5136ce55
|
Assos Assos
|
'severity' => REQUIREMENT_WARNING,
|
64 |
32700c57
|
Assos Assos
|
];
|
65 |
5136ce55
|
Assos Assos
|
|
66 |
|
|
$servers = ldap_servers_get_servers(NULL, 'enabled');
|
67 |
|
|
if (!empty($servers)) {
|
68 |
|
|
unset($requirements['ldap_servers_enabled']);
|
69 |
|
|
|
70 |
|
|
foreach ($servers as $server) {
|
71 |
|
|
$server_req_key = 'ldap_servers_sid_' . $server->sid;
|
72 |
32700c57
|
Assos Assos
|
$server_tokens = [
|
73 |
5136ce55
|
Assos Assos
|
'@host' => $server->address,
|
74 |
|
|
'@sid' => $server->sid,
|
75 |
32700c57
|
Assos Assos
|
];
|
76 |
|
|
$requirements[$server_req_key] = [
|
77 |
5136ce55
|
Assos Assos
|
'title' => $t('LDAP Server status: @sid (@host)', $server_tokens),
|
78 |
bc175c27
|
Assos Assos
|
'value' => $t('Connection: Failed, check logs for details.', $server_tokens),
|
79 |
5136ce55
|
Assos Assos
|
'severity' => REQUIREMENT_ERROR,
|
80 |
32700c57
|
Assos Assos
|
];
|
81 |
5136ce55
|
Assos Assos
|
|
82 |
|
|
try {
|
83 |
|
|
$connect_result = $server->connect();
|
84 |
|
|
if ($connect_result == LDAP_SUCCESS) {
|
85 |
be58a50c
|
Assos Assos
|
if ($server->bind_method == LDAP_SERVERS_BIND_METHOD_USER) {
|
86 |
|
|
// Check bind anonymously if set to bind via user credentials.
|
87 |
|
|
// The user has already logged in and so their is no dn or password
|
88 |
|
|
// to check since LDAP doesn't store passwords.
|
89 |
|
|
$bind_result = $server->bind(NULL, NULL, TRUE);
|
90 |
32700c57
|
Assos Assos
|
}
|
91 |
|
|
else {
|
92 |
be58a50c
|
Assos Assos
|
$bind_result = $server->bind();
|
93 |
|
|
}
|
94 |
5136ce55
|
Assos Assos
|
if ($bind_result == LDAP_SUCCESS) {
|
95 |
|
|
$requirements[$server_req_key]['value'] = $t('Connection: Success, Bind: Success', $server_tokens);
|
96 |
|
|
$requirements[$server_req_key]['severity'] = REQUIREMENT_OK;
|
97 |
|
|
}
|
98 |
|
|
}
|
99 |
|
|
$server->disconnect();
|
100 |
|
|
}
|
101 |
|
|
catch (Exception $e) {
|
102 |
|
|
}
|
103 |
|
|
}
|
104 |
|
|
}
|
105 |
|
|
}
|
106 |
|
|
|
107 |
85ad3d82
|
Assos Assos
|
return $requirements;
|
108 |
|
|
}
|
109 |
|
|
|
110 |
|
|
/**
|
111 |
|
|
* Implements hook_schema().
|
112 |
|
|
*/
|
113 |
|
|
function ldap_servers_schema() {
|
114 |
|
|
module_load_include('inc', 'ldap_servers', 'ldap_servers.functions');
|
115 |
32700c57
|
Assos Assos
|
// To get the LDAP_SERVERS_ENC_TYPE_CLEARTEXT constants issue#1209576.
|
116 |
|
|
module_load_include('module', 'ldap_servers', 'ldap_servers');
|
117 |
85ad3d82
|
Assos Assos
|
module_load_include('php', 'ldap_servers', 'LdapServerAdmin.class');
|
118 |
|
|
|
119 |
32700c57
|
Assos Assos
|
$schema['ldap_servers'] = [
|
120 |
|
|
'export' => [
|
121 |
85ad3d82
|
Assos Assos
|
'key' => 'sid',
|
122 |
|
|
'key name' => 'Server ID',
|
123 |
|
|
'primary key' => 'numeric_sid',
|
124 |
|
|
'identifier' => 'ldap_servers_conf',
|
125 |
32700c57
|
Assos Assos
|
'api' => [
|
126 |
85ad3d82
|
Assos Assos
|
'owner' => 'ldap_servers',
|
127 |
|
|
'api' => 'ldap_servers',
|
128 |
|
|
'minimum_version' => 1,
|
129 |
|
|
'current_version' => 1,
|
130 |
32700c57
|
Assos Assos
|
],
|
131 |
|
|
],
|
132 |
|
|
'primary key' => ['numeric_sid'],
|
133 |
|
|
'unique keys' => ['name' => ['name']],
|
134 |
|
|
];
|
135 |
85ad3d82
|
Assos Assos
|
|
136 |
|
|
$fields = LdapServerAdmin::fields();
|
137 |
|
|
foreach ($fields as $name => $props) {
|
138 |
|
|
if (isset($props['schema'])) {
|
139 |
|
|
$schema['ldap_servers']['fields'][$name] = $props['schema'];
|
140 |
|
|
}
|
141 |
|
|
}
|
142 |
|
|
|
143 |
|
|
return $schema;
|
144 |
|
|
|
145 |
|
|
}
|
146 |
|
|
|
147 |
|
|
/**
|
148 |
32700c57
|
Assos Assos
|
* Rename ldap_servers type field to ldap_type.
|
149 |
85ad3d82
|
Assos Assos
|
*/
|
150 |
|
|
function ldap_servers_update_7100() {
|
151 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'ldap_type') && ldap_servers_db_field_exists('ldap_servers', 'type')) {
|
152 |
32700c57
|
Assos Assos
|
db_change_field('ldap_servers', 'type', 'ldap_type', [
|
153 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
154 |
|
|
'length' => 20,
|
155 |
32700c57
|
Assos Assos
|
'not null' => FALSE,
|
156 |
|
|
]);
|
157 |
85ad3d82
|
Assos Assos
|
}
|
158 |
|
|
|
159 |
|
|
return t('ldap_servers table field "type" renamed to "ldap_type"');
|
160 |
|
|
|
161 |
|
|
}
|
162 |
|
|
|
163 |
|
|
/**
|
164 |
32700c57
|
Assos Assos
|
* Ldap_server table field changes.
|
165 |
85ad3d82
|
Assos Assos
|
*/
|
166 |
|
|
function ldap_servers_update_7101() {
|
167 |
|
|
|
168 |
|
|
db_add_field(
|
169 |
|
|
'ldap_servers',
|
170 |
|
|
'allow_conflicting_drupal_accts',
|
171 |
32700c57
|
Assos Assos
|
[
|
172 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
173 |
|
|
'size' => 'tiny',
|
174 |
|
|
'not null' => FALSE,
|
175 |
|
|
'default' => 0,
|
176 |
32700c57
|
Assos Assos
|
]
|
177 |
85ad3d82
|
Assos Assos
|
);
|
178 |
|
|
|
179 |
|
|
db_add_field(
|
180 |
|
|
'ldap_servers',
|
181 |
|
|
'unique_persistent_attr',
|
182 |
32700c57
|
Assos Assos
|
[
|
183 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
184 |
|
|
'length' => '64',
|
185 |
|
|
'not null' => FALSE,
|
186 |
32700c57
|
Assos Assos
|
]
|
187 |
85ad3d82
|
Assos Assos
|
);
|
188 |
|
|
|
189 |
|
|
db_add_field(
|
190 |
|
|
'ldap_servers',
|
191 |
|
|
'mail_template',
|
192 |
32700c57
|
Assos Assos
|
[
|
193 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
194 |
|
|
'length' => '255',
|
195 |
|
|
'not null' => FALSE,
|
196 |
32700c57
|
Assos Assos
|
]
|
197 |
85ad3d82
|
Assos Assos
|
);
|
198 |
|
|
|
199 |
32700c57
|
Assos Assos
|
db_change_field('ldap_servers', 'ldap_to_drupal_user', 'ldap_to_drupal_user', [
|
200 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
201 |
|
|
'length' => 1024,
|
202 |
32700c57
|
Assos Assos
|
'not null' => FALSE,
|
203 |
|
|
]);
|
204 |
85ad3d82
|
Assos Assos
|
|
205 |
32700c57
|
Assos Assos
|
db_change_field('ldap_servers', 'binddn', 'binddn', [
|
206 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
207 |
|
|
'length' => 511,
|
208 |
32700c57
|
Assos Assos
|
]);
|
209 |
85ad3d82
|
Assos Assos
|
|
210 |
|
|
return t('Updated LDAP Server to include "allow_conflicting_drupal_accts" and "unique_persistent_attr" fields.');
|
211 |
|
|
}
|
212 |
|
|
|
213 |
|
|
/**
|
214 |
32700c57
|
Assos Assos
|
* Add bind_method field to ldap_servers table.
|
215 |
85ad3d82
|
Assos Assos
|
*/
|
216 |
|
|
function ldap_servers_update_7102() {
|
217 |
|
|
|
218 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'bind_method')) {
|
219 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'bind_method', [
|
220 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
221 |
|
|
'size' => 'tiny',
|
222 |
|
|
'not null' => TRUE,
|
223 |
|
|
'default' => 0,
|
224 |
32700c57
|
Assos Assos
|
]);
|
225 |
85ad3d82
|
Assos Assos
|
$msg = t('"bind_method" field added to ldap_servers table');
|
226 |
|
|
}
|
227 |
|
|
|
228 |
bc175c27
|
Assos Assos
|
return ($msg) ? $msg : t('No database changes made.');
|
229 |
85ad3d82
|
Assos Assos
|
}
|
230 |
|
|
|
231 |
|
|
/**
|
232 |
32700c57
|
Assos Assos
|
* Add group_object_category field to ldap_servers table.
|
233 |
85ad3d82
|
Assos Assos
|
*/
|
234 |
|
|
function ldap_servers_update_7103() {
|
235 |
|
|
|
236 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'group_object_category')) {
|
237 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'group_object_category', [
|
238 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
239 |
|
|
'length' => 64,
|
240 |
|
|
'not null' => FALSE,
|
241 |
32700c57
|
Assos Assos
|
]);
|
242 |
85ad3d82
|
Assos Assos
|
$msg = t('"group_object_category" field added to ldap_servers table');
|
243 |
|
|
}
|
244 |
|
|
|
245 |
bc175c27
|
Assos Assos
|
return ($msg) ? $msg : t('No database changes made.');
|
246 |
85ad3d82
|
Assos Assos
|
}
|
247 |
|
|
|
248 |
|
|
/**
|
249 |
32700c57
|
Assos Assos
|
* Add pagination fields to ldap_servers table.
|
250 |
85ad3d82
|
Assos Assos
|
*/
|
251 |
|
|
function ldap_servers_update_7104() {
|
252 |
|
|
|
253 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'search_pagination')) {
|
254 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'search_pagination', [
|
255 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
256 |
|
|
'size' => 'tiny',
|
257 |
|
|
'not null' => FALSE,
|
258 |
|
|
'default' => 0,
|
259 |
32700c57
|
Assos Assos
|
]);
|
260 |
85ad3d82
|
Assos Assos
|
$msg = t('"search_pagination" field added to ldap_servers table');
|
261 |
|
|
}
|
262 |
|
|
|
263 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'search_page_size')) {
|
264 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'search_page_size', [
|
265 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
266 |
|
|
'size' => 'medium',
|
267 |
|
|
'not null' => FALSE,
|
268 |
|
|
'default' => 1000,
|
269 |
32700c57
|
Assos Assos
|
]);
|
270 |
85ad3d82
|
Assos Assos
|
$msg .= '<br/>' . t('"search_page_size" field added to ldap_servers table');
|
271 |
|
|
}
|
272 |
|
|
|
273 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'unique_persistent_attr_binary')) {
|
274 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'unique_persistent_attr_binary', [
|
275 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
276 |
|
|
'size' => 'tiny',
|
277 |
|
|
'not null' => FALSE,
|
278 |
|
|
'default' => 0,
|
279 |
32700c57
|
Assos Assos
|
]);
|
280 |
85ad3d82
|
Assos Assos
|
$msg = t('"unique_persistent_attr_binary" field added to ldap_servers table');
|
281 |
|
|
}
|
282 |
|
|
|
283 |
bc175c27
|
Assos Assos
|
return ($msg) ? $msg : t('No database changes made.');
|
284 |
85ad3d82
|
Assos Assos
|
}
|
285 |
|
|
|
286 |
|
|
/**
|
287 |
32700c57
|
Assos Assos
|
* Enable ldap_user module.
|
288 |
85ad3d82
|
Assos Assos
|
*/
|
289 |
|
|
function ldap_servers_update_7105() {
|
290 |
|
|
|
291 |
|
|
if (!module_exists('ldap_user')) {
|
292 |
32700c57
|
Assos Assos
|
module_enable(['ldap_user']);
|
293 |
85ad3d82
|
Assos Assos
|
$msg = t('LDAP User module enabled. Some authentication and authorization functionality shifted to LDAP User module.');
|
294 |
|
|
}
|
295 |
|
|
|
296 |
bc175c27
|
Assos Assos
|
return ($msg) ? $msg : t('LDAP User module was already enabled. No action taken.');
|
297 |
85ad3d82
|
Assos Assos
|
}
|
298 |
|
|
|
299 |
|
|
/**
|
300 |
32700c57
|
Assos Assos
|
* Add account_name_attr field to ldap_servers table.
|
301 |
85ad3d82
|
Assos Assos
|
*/
|
302 |
|
|
function ldap_servers_update_7106() {
|
303 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'account_name_attr')) {
|
304 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'account_name_attr', [
|
305 |
|
|
'description' => 'The attribute to be used as the account name if not the user_attr',
|
306 |
|
|
'type' => 'varchar',
|
307 |
|
|
'length' => 255,
|
308 |
|
|
'not null' => FALSE,
|
309 |
|
|
'default' => '',
|
310 |
|
|
]);
|
311 |
85ad3d82
|
Assos Assos
|
$msg = t('"account_name_attr" field added to ldap_servers table');
|
312 |
|
|
}
|
313 |
|
|
|
314 |
bc175c27
|
Assos Assos
|
return ($msg) ? $msg : t('No database changes made.');
|
315 |
85ad3d82
|
Assos Assos
|
}
|
316 |
|
|
|
317 |
|
|
/**
|
318 |
32700c57
|
Assos Assos
|
* Remove allow_conflicting_drupal_accts from ldap_servers table.
|
319 |
85ad3d82
|
Assos Assos
|
*/
|
320 |
|
|
function ldap_servers_update_7107() {
|
321 |
dd54aff9
|
Assos Assos
|
if (ldap_servers_db_field_exists('ldap_servers', 'allow_conflicting_drupal_accts')) {
|
322 |
85ad3d82
|
Assos Assos
|
db_drop_field('ldap_servers', 'allow_conflicting_drupal_accts');
|
323 |
|
|
$msg = t('"allow_conflicting_drupal_accts" field removed from ldap_servers table');
|
324 |
|
|
}
|
325 |
bc175c27
|
Assos Assos
|
return ($msg) ? $msg : t('No database changes made.');
|
326 |
85ad3d82
|
Assos Assos
|
}
|
327 |
|
|
|
328 |
32700c57
|
Assos Assos
|
/**
|
329 |
|
|
*
|
330 |
|
|
*/
|
331 |
dd54aff9
|
Assos Assos
|
function ldap_servers_db_field_exists($table, $field_name) {
|
332 |
32700c57
|
Assos Assos
|
if (!db_field_exists($table, $field_name) && !db_field_exists($table, drupal_strtolower($field_name))) {
|
333 |
|
|
return FALSE;
|
334 |
dd54aff9
|
Assos Assos
|
}
|
335 |
|
|
else {
|
336 |
32700c57
|
Assos Assos
|
return TRUE;
|
337 |
dd54aff9
|
Assos Assos
|
}
|
338 |
|
|
}
|
339 |
32700c57
|
Assos Assos
|
|
340 |
85ad3d82
|
Assos Assos
|
/**
|
341 |
32700c57
|
Assos Assos
|
* Add group related fields to ldap_servers table.
|
342 |
85ad3d82
|
Assos Assos
|
*/
|
343 |
|
|
function ldap_servers_update_7108() {
|
344 |
|
|
|
345 |
32700c57
|
Assos Assos
|
foreach (['groupFunctionalityUnused', 'groupNested', 'groupSearchAll', 'groupUserMembershipsAttrExists', 'groupDeriveFromDn', 'groupUserMembershipsAttrExists'] as $tinyint_field_name) {
|
346 |
|
|
if (!ldap_servers_db_field_exists('ldap_servers', $tinyint_field_name)) {
|
347 |
|
|
db_add_field('ldap_servers', $tinyint_field_name, [
|
348 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
349 |
|
|
'size' => 'tiny',
|
350 |
|
|
'not null' => FALSE,
|
351 |
|
|
'default' => 0,
|
352 |
32700c57
|
Assos Assos
|
]);
|
353 |
|
|
$msg = t('"!name" field added to ldap_servers table', ['!name' => $tinyint_field_name]);
|
354 |
85ad3d82
|
Assos Assos
|
}
|
355 |
|
|
}
|
356 |
32700c57
|
Assos Assos
|
foreach (['groupUserMembershipsAttr', 'groupMembershipsAttr', 'groupTestGroupDn', 'groupUserMembershipsAttr', 'groupMembershipsAttrMatchingUserAttr'] as $varchar255field_name) {
|
357 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', $varchar255field_name) && !ldap_servers_db_field_exists('ldap_servers', drupal_strtolower($varchar255field_name))) {
|
358 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', $varchar255field_name, [
|
359 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
360 |
|
|
'length' => '255',
|
361 |
|
|
'not null' => FALSE,
|
362 |
32700c57
|
Assos Assos
|
]);
|
363 |
|
|
$msg = t('"!name" field added to ldap_servers table', ['!name' => $varchar255field_name]);
|
364 |
85ad3d82
|
Assos Assos
|
}
|
365 |
|
|
}
|
366 |
|
|
}
|
367 |
|
|
|
368 |
|
|
/**
|
369 |
32700c57
|
Assos Assos
|
* Adjust group related fields to ldap_servers table.
|
370 |
85ad3d82
|
Assos Assos
|
*/
|
371 |
|
|
function ldap_servers_update_7109() {
|
372 |
|
|
|
373 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupNested')) {
|
374 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupNested', [
|
375 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
376 |
|
|
'size' => 'tiny',
|
377 |
|
|
'not null' => FALSE,
|
378 |
|
|
'default' => 0,
|
379 |
32700c57
|
Assos Assos
|
]);
|
380 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupNested" field added to ldap_servers table');
|
381 |
|
|
}
|
382 |
|
|
|
383 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupUseFirstAttr')) {
|
384 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupUseFirstAttr', [
|
385 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
386 |
|
|
'size' => 'tiny',
|
387 |
|
|
'not null' => FALSE,
|
388 |
|
|
'default' => 0,
|
389 |
32700c57
|
Assos Assos
|
]);
|
390 |
85ad3d82
|
Assos Assos
|
$msg .= '<br/>' . t('"groupUseFirstAttr" field added to ldap_servers table');
|
391 |
|
|
}
|
392 |
|
|
|
393 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupSearchAll')) {
|
394 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupSearchAll', [
|
395 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
396 |
|
|
'size' => 'tiny',
|
397 |
|
|
'not null' => FALSE,
|
398 |
|
|
'default' => 0,
|
399 |
32700c57
|
Assos Assos
|
]);
|
400 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupSearchAll" field added to ldap_servers table');
|
401 |
|
|
}
|
402 |
|
|
|
403 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupUserMembershipsAttrExists')) {
|
404 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupUserMembershipsAttrExists', [
|
405 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
406 |
|
|
'size' => 'tiny',
|
407 |
|
|
'not null' => FALSE,
|
408 |
|
|
'default' => 0,
|
409 |
32700c57
|
Assos Assos
|
]);
|
410 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupUserMembershipsAttrExists" field added to ldap_servers table');
|
411 |
|
|
}
|
412 |
|
|
|
413 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupUserMembershipsAttr')) {
|
414 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupUserMembershipsAttr', [
|
415 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
416 |
|
|
'length' => '255',
|
417 |
|
|
'not null' => FALSE,
|
418 |
32700c57
|
Assos Assos
|
]);
|
419 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupUserMembershipsAttr" field added to ldap_servers table');
|
420 |
|
|
}
|
421 |
|
|
|
422 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupMembershipsAttr')) {
|
423 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupMembershipsAttr', [
|
424 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
425 |
|
|
'length' => '255',
|
426 |
|
|
'not null' => FALSE,
|
427 |
32700c57
|
Assos Assos
|
]);
|
428 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupMembershipsAttr" field added to ldap_servers table');
|
429 |
|
|
}
|
430 |
|
|
|
431 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupMembershipsAttrMatchingUserAttr')) {
|
432 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupMembershipsAttrMatchingUserAttr', [
|
433 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
434 |
|
|
'length' => '255',
|
435 |
|
|
'not null' => FALSE,
|
436 |
32700c57
|
Assos Assos
|
]);
|
437 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupMembershipsAttrMatchingUserAttr" field added to ldap_servers table');
|
438 |
|
|
}
|
439 |
|
|
|
440 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupUserMembershipsAttrExists')) {
|
441 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupUserMembershipsAttrExists', [
|
442 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
443 |
|
|
'size' => 'tiny',
|
444 |
|
|
'not null' => FALSE,
|
445 |
|
|
'default' => 0,
|
446 |
32700c57
|
Assos Assos
|
]);
|
447 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupUserMembershipsAttrExists" field added to ldap_servers table');
|
448 |
|
|
}
|
449 |
|
|
|
450 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupUserMembershipsAttr')) {
|
451 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupUserMembershipsAttr', [
|
452 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
453 |
|
|
'length' => '255',
|
454 |
|
|
'not null' => FALSE,
|
455 |
32700c57
|
Assos Assos
|
]);
|
456 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupUserMembershipsAttr" field added to ldap_servers table');
|
457 |
|
|
}
|
458 |
|
|
|
459 |
|
|
}
|
460 |
|
|
|
461 |
|
|
/**
|
462 |
32700c57
|
Assos Assos
|
* Adjust group related fields to ldap_servers table.
|
463 |
85ad3d82
|
Assos Assos
|
*/
|
464 |
|
|
function ldap_servers_update_7110() {
|
465 |
|
|
|
466 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupFunctionalityUnused')) {
|
467 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupFunctionalityUnused', [
|
468 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
469 |
|
|
'size' => 'tiny',
|
470 |
|
|
'not null' => FALSE,
|
471 |
|
|
'default' => 0,
|
472 |
32700c57
|
Assos Assos
|
]);
|
473 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupFunctionalityUnused" field added to ldap_servers table');
|
474 |
|
|
}
|
475 |
|
|
|
476 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupTestGroupDn')) {
|
477 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupTestGroupDn', [
|
478 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
479 |
|
|
'length' => '255',
|
480 |
|
|
'not null' => FALSE,
|
481 |
32700c57
|
Assos Assos
|
]);
|
482 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupTestGroupDn" field added to ldap_servers table');
|
483 |
|
|
}
|
484 |
|
|
|
485 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupTestGroupDnWriteable')) {
|
486 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupTestGroupDnWriteable', [
|
487 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
488 |
|
|
'length' => '255',
|
489 |
|
|
'not null' => FALSE,
|
490 |
32700c57
|
Assos Assos
|
]);
|
491 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupTestGroupDnWriteable" field added to ldap_servers table');
|
492 |
|
|
}
|
493 |
|
|
|
494 |
|
|
}
|
495 |
|
|
|
496 |
|
|
/**
|
497 |
32700c57
|
Assos Assos
|
* Add field groupTestGroupDnWriteable to ldap_servers table.
|
498 |
85ad3d82
|
Assos Assos
|
*/
|
499 |
|
|
function ldap_servers_update_7111() {
|
500 |
|
|
|
501 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'groupTestGroupDnWriteable')) {
|
502 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'groupTestGroupDnWriteable', [
|
503 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
504 |
|
|
'length' => '255',
|
505 |
|
|
'not null' => FALSE,
|
506 |
32700c57
|
Assos Assos
|
]);
|
507 |
85ad3d82
|
Assos Assos
|
$msg = t('"groupTestGroupDnWriteable" field added to ldap_servers table');
|
508 |
|
|
}
|
509 |
|
|
|
510 |
|
|
}
|
511 |
|
|
|
512 |
|
|
/**
|
513 |
32700c57
|
Assos Assos
|
* Add field testingDrupalUserDn to ldap_servers table.
|
514 |
85ad3d82
|
Assos Assos
|
*/
|
515 |
|
|
function ldap_servers_update_7112() {
|
516 |
|
|
|
517 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'testingDrupalUserDn')) {
|
518 |
32700c57
|
Assos Assos
|
db_add_field('ldap_servers', 'testingDrupalUserDn', [
|
519 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
520 |
|
|
'length' => '255',
|
521 |
|
|
'not null' => FALSE,
|
522 |
32700c57
|
Assos Assos
|
]);
|
523 |
85ad3d82
|
Assos Assos
|
$msg = t('"testingDrupalUserDn" field added to ldap_servers table');
|
524 |
|
|
}
|
525 |
|
|
|
526 |
|
|
}
|
527 |
|
|
|
528 |
|
|
/**
|
529 |
32700c57
|
Assos Assos
|
* Upgrade as much as feasible for 7.1 to 7.2 branch.
|
530 |
85ad3d82
|
Assos Assos
|
*/
|
531 |
|
|
function ldap_servers_update_7201() {
|
532 |
|
|
|
533 |
32700c57
|
Assos Assos
|
$change_log = [];
|
534 |
85ad3d82
|
Assos Assos
|
|
535 |
32700c57
|
Assos Assos
|
// 1. ldap_user is now required for ldap_authentication and ldap_authorization.
|
536 |
85ad3d82
|
Assos Assos
|
if (module_exists('ldap_authentication') || module_exists('ldap_authorization')) {
|
537 |
32700c57
|
Assos Assos
|
module_enable(['ldap_user'], TRUE);
|
538 |
85ad3d82
|
Assos Assos
|
$change_log[] = t('LDAP User Module Enabled');
|
539 |
|
|
}
|
540 |
|
|
|
541 |
|
|
/**
|
542 |
|
|
* ldap_servers and ldap_authorization tables in 7.x-1.x to 7.x-2.x update
|
543 |
|
|
*
|
544 |
|
|
* LDAP_SERVERS fields that don't change:
|
545 |
|
|
* sid, numeric_sid, name, status, ldap_type, address, port, tls, bind_method,
|
546 |
|
|
* binding_service_acct, binddn, bindpw, basedn, user_attr, account_name_attr,
|
547 |
|
|
* mail_attr, mail_template, unique_persistent_attr, user_dn_expression,
|
548 |
|
|
* testing_drupal_username, group_object_category
|
549 |
|
|
* search_pagination, search_page_size, ldap_to_drupal_user,
|
550 |
|
|
*
|
551 |
|
|
* LDAP_SERVERS fields not populated in update:
|
552 |
|
|
* unique_persistent_attr_binary
|
553 |
|
|
* testingDrupalUserDn
|
554 |
|
|
* groupTestGroupDn - new no value in it and not important
|
555 |
|
|
* groupTestGroupDnWriteable - new no value in it and not important
|
556 |
|
|
*
|
557 |
|
|
* LDAP_SERVERS fields set/adjusted in update:
|
558 |
|
|
* groupNested
|
559 |
|
|
* groupFunctionalityUnused = 1 if ldap authorization tables exist
|
560 |
|
|
* groupDeriveFromDn from option IIA of ldap authorization
|
561 |
|
|
* groupDeriveFromDnAttr from option IIA of ldap authorization
|
562 |
|
|
* groupUserMembershipsAttrExists = 1 if option IIB used in ldap authorization
|
563 |
|
|
* groupUserMembershipsAttr get from ldap authorization IIB
|
564 |
|
|
* groupMembershipsAttr from option IIC in ldap authorization derive from entry
|
565 |
|
|
* groupMembershipsAttrMatchingUserAttr from option IIC
|
566 |
|
|
*
|
567 |
|
|
*
|
568 |
|
|
* LDAP_AUTHORIZATION fields that don't change:
|
569 |
|
|
* numeric_consumer_conf_id, sid, consumer_type, consumer_module
|
570 |
|
|
* status, only_ldap_authenticated, mappings, use_filter,
|
571 |
|
|
* synchronization_modes, synchronization_actions, synch_to_ldap,
|
572 |
|
|
* synch_on_logon, revoke_ldap_provisioned, create_consumers,
|
573 |
|
|
* regrant_ldap_provisioned
|
574 |
|
|
*
|
575 |
|
|
* LDAP_AUTHORIZATION fields populated in update:
|
576 |
|
|
* useFirstAttrAsGroupId = derive_from_attr_use_first_attr || derive_from_entry_use_first_attr
|
577 |
|
|
*
|
578 |
|
|
* LDAP_AUTHORIZATION fields to remove in update
|
579 |
|
|
* derive_from_dn, derive_from_dn_attr, derive_from_entry, derive_from_attr
|
580 |
|
|
* derive_from_attr_attr, derive_from_entry, derive_from_entry_attr,
|
581 |
|
|
* derive_from_entry_entries_attr, derive_from_entry_nested,
|
582 |
|
|
* derive_from_attr_use_first_attr, derive_from_entry_search_all
|
583 |
|
|
* derive_from_entry_use_first_attr
|
584 |
|
|
*
|
585 |
|
|
*/
|
586 |
|
|
|
587 |
32700c57
|
Assos Assos
|
// 2. add any missing fields from schema.
|
588 |
85ad3d82
|
Assos Assos
|
ldap_servers_install_update_schema(ldap_servers_schema(), $change_log);
|
589 |
|
|
if (module_exists('ldap_authorization')) {
|
590 |
|
|
ldap_servers_install_update_schema(ldap_authorization_schema(), $change_log);
|
591 |
|
|
}
|
592 |
|
|
if (module_exists('ldap_query')) {
|
593 |
|
|
ldap_servers_install_update_schema(ldap_query_schema(), $change_log);
|
594 |
|
|
}
|
595 |
|
|
|
596 |
32700c57
|
Assos Assos
|
// 3. move configuration data that has changed location within ldap modules.
|
597 |
|
|
$field_changes = [];
|
598 |
|
|
$ldap_server_records = [];
|
599 |
85ad3d82
|
Assos Assos
|
$select = db_select('ldap_servers')
|
600 |
|
|
->fields('ldap_servers')
|
601 |
|
|
->execute();
|
602 |
|
|
foreach ($select as $record) {
|
603 |
|
|
$ldap_server_records[$record->sid] = $record;
|
604 |
|
|
}
|
605 |
|
|
|
606 |
|
|
if (db_table_exists('ldap_authorization')) {
|
607 |
|
|
$ldap_authorization_record = NULL;
|
608 |
|
|
$select = db_select('ldap_authorization', 'authz')
|
609 |
|
|
->fields('authz')
|
610 |
|
|
->execute();
|
611 |
32700c57
|
Assos Assos
|
// Pick best ldap authorization conf to use to configure ldap server.
|
612 |
85ad3d82
|
Assos Assos
|
$max_weight = -1;
|
613 |
|
|
foreach ($select as $record) {
|
614 |
32700c57
|
Assos Assos
|
$weight = (int) ($record->status) + (int) ($record->consumer_type == 'drupal_role');
|
615 |
85ad3d82
|
Assos Assos
|
if ($weight > $max_weight) {
|
616 |
|
|
$max_weight = $weight;
|
617 |
|
|
$ldap_authorization_record = $record;
|
618 |
|
|
}
|
619 |
|
|
}
|
620 |
|
|
|
621 |
|
|
foreach ($ldap_server_records as $sid => $ldap_server_record) {
|
622 |
|
|
if ($ldap_authorization_record && $ldap_authorization_record->sid == $sid) {
|
623 |
|
|
$consumer_type = $ldap_authorization_record->consumer_type;
|
624 |
|
|
$field_changes['ldap_servers'][$sid]['groupFunctionalityUnused'] = 0;
|
625 |
|
|
if ($ldap_authorization_record->derive_from_dn) {
|
626 |
|
|
$field_changes['ldap_servers'][$sid]['groupDeriveFromDn'] = 1;
|
627 |
|
|
$field_changes['ldap_servers'][$sid]['groupDeriveFromDnAttr'] = $ldap_authorization_record->derive_from_dn_attr;
|
628 |
|
|
}
|
629 |
|
|
if ($ldap_authorization_record->derive_from_attr) {
|
630 |
|
|
$field_changes['ldap_servers'][$sid]['groupUserMembershipsAttrExists'] = 1;
|
631 |
|
|
$field_changes['ldap_servers'][$sid]['groupUserMembershipsAttr'] = $ldap_authorization_record->derive_from_attr_attr;
|
632 |
|
|
}
|
633 |
|
|
if ($ldap_authorization_record->derive_from_entry) {
|
634 |
32700c57
|
Assos Assos
|
// Eg members.
|
635 |
|
|
$field_changes['ldap_servers'][$sid]['groupMembershipsAttr'] = $ldap_authorization_record->derive_from_entry_attr;
|
636 |
|
|
// Eg dn.
|
637 |
|
|
$field_changes['ldap_servers'][$sid]['groupMembershipsAttrMatchingUserAttr'] = $ldap_authorization_record->derive_from_entry_entries_attr;
|
638 |
85ad3d82
|
Assos Assos
|
}
|
639 |
|
|
if ($ldap_authorization_record->derive_from_entry_nested) {
|
640 |
|
|
$field_changes['ldap_servers'][$sid]['groupNested'] = 1;
|
641 |
|
|
}
|
642 |
|
|
if ($ldap_authorization_record->derive_from_attr_use_first_attr || $ldap_authorization_record->derive_from_entry_use_first_attr) {
|
643 |
|
|
$field_changes['ldap_authorization'][$consumer_type]['useFirstAttrAsGroupId'] = 1;
|
644 |
|
|
}
|
645 |
|
|
}
|
646 |
|
|
else {
|
647 |
|
|
$field_changes['ldap_servers'][$sid]['groupFunctionalityUnused'] = 1;
|
648 |
|
|
}
|
649 |
|
|
}
|
650 |
|
|
}
|
651 |
|
|
|
652 |
|
|
foreach ($field_changes as $table_name => $record) {
|
653 |
|
|
foreach ($record as $id => $field_data) {
|
654 |
|
|
if ($table_name == 'ldap_servers' || $table_name == 'ldap_authorization') {
|
655 |
|
|
$id_field_name = 'sid';
|
656 |
|
|
}
|
657 |
|
|
else {
|
658 |
|
|
continue;
|
659 |
|
|
}
|
660 |
|
|
if (count($field_data)) {
|
661 |
32700c57
|
Assos Assos
|
$change_log[] = t("!table_name where !id_field_name = !id values updated", [
|
662 |
85ad3d82
|
Assos Assos
|
'!table_name' => $table_name,
|
663 |
|
|
'!id_field_name' => $id_field_name,
|
664 |
|
|
'!id' => $id,
|
665 |
32700c57
|
Assos Assos
|
]);
|
666 |
85ad3d82
|
Assos Assos
|
$num_updated = db_update($table_name)
|
667 |
|
|
->fields($field_data)
|
668 |
|
|
->condition($id_field_name, $id, '=')
|
669 |
|
|
->execute();
|
670 |
|
|
}
|
671 |
|
|
}
|
672 |
|
|
}
|
673 |
|
|
|
674 |
32700c57
|
Assos Assos
|
// 4. remove ldap_authorization fields that are unused.
|
675 |
|
|
$ldap_authorization_fields_to_remove = [
|
676 |
85ad3d82
|
Assos Assos
|
'derive_from_dn',
|
677 |
|
|
'derive_from_dn_attr',
|
678 |
|
|
'derive_from_attr',
|
679 |
|
|
'derive_from_entry',
|
680 |
|
|
'derive_from_attr_attr',
|
681 |
|
|
'derive_from_entry_attr',
|
682 |
|
|
'derive_from_entry_entries_attr',
|
683 |
|
|
'derive_from_entry_nested',
|
684 |
|
|
'derive_from_entry_search_all',
|
685 |
|
|
'derive_from_entry_use_first_attr',
|
686 |
|
|
'derive_from_attr_use_first_attr',
|
687 |
32700c57
|
Assos Assos
|
];
|
688 |
85ad3d82
|
Assos Assos
|
|
689 |
|
|
foreach ($ldap_authorization_fields_to_remove as $ldap_authorization_field) {
|
690 |
|
|
db_drop_field('ldap_authorization', $ldap_authorization_field);
|
691 |
|
|
}
|
692 |
32700c57
|
Assos Assos
|
$change_log[] = t("ldap_authorization table fields removed: !fields_removed", ['!fields_removed' => join(', ', $ldap_authorization_fields_to_remove)]);
|
693 |
85ad3d82
|
Assos Assos
|
|
694 |
32700c57
|
Assos Assos
|
// 5. ldap_authentication and ldap_user changes are in variables, not tables.
|
695 |
|
|
$ldap_authentication_conf_data = variable_get('ldap_authentication_conf', []);
|
696 |
59ae487e
|
Assos Assos
|
if (!is_array($ldap_authentication_conf_data['sids'])) {
|
697 |
32700c57
|
Assos Assos
|
$ldap_authentication_conf_data['sids'] = [];
|
698 |
59ae487e
|
Assos Assos
|
}
|
699 |
|
|
|
700 |
32700c57
|
Assos Assos
|
$ldap_user_conf_data = variable_get('ldap_user_conf', []);
|
701 |
85ad3d82
|
Assos Assos
|
|
702 |
|
|
$ldap_authentication_sids = array_keys($ldap_authentication_conf_data['sids']);
|
703 |
|
|
if (count($ldap_authentication_sids) == 1) {
|
704 |
|
|
$ldap_user_conf_data['drupalAcctProvisionServer'] = $ldap_authentication_sids[0];
|
705 |
|
|
}
|
706 |
|
|
|
707 |
32700c57
|
Assos Assos
|
// Conflict log vs resolve moved from ldap_authentication to ldap_user.
|
708 |
85ad3d82
|
Assos Assos
|
if (!empty($ldap_authentication_conf_data['authenticationMode'])) {
|
709 |
|
|
if ($ldap_authentication_conf_data['loginConflictResolve'] == LDAP_AUTHENTICATION_CONFLICT_LOG) {
|
710 |
|
|
$ldap_user_conf_data['userConflictResolve'] = LDAP_USER_CONFLICT_LOG;
|
711 |
|
|
$change_log[] = t('ldap_authentication_conf -> userConflictResolve set to') . LDAP_USER_CONFLICT_LOG;
|
712 |
|
|
}
|
713 |
|
|
elseif ($ldap_authentication_conf_data['loginConflictResolve'] == LDAP_AUTHENTICATION_CONFLICT_RESOLVE) {
|
714 |
|
|
$ldap_user_conf_data['userConflictResolve'] = LDAP_USER_CONFLICT_RESOLVE;
|
715 |
|
|
$change_log[] = t('ldap_authentication_conf -> userConflictResolve set to') . LDAP_USER_CONFLICT_RESOLVE;
|
716 |
|
|
}
|
717 |
|
|
unset($ldap_authentication_conf_data['loginConflictResolve']);
|
718 |
|
|
$change_log[] = t('ldap_authentication_conf -> loginConflictResolve value removed');
|
719 |
|
|
}
|
720 |
|
|
else {
|
721 |
|
|
$ldap_user_conf_data['userConflictResolve'] = LDAP_USER_CONFLICT_RESOLVE_DEFAULT;
|
722 |
|
|
$change_log[] = t('ldap_authentication_conf -> userConflictResolve set to') . LDAP_USER_CONFLICT_RESOLVE_DEFAULT;
|
723 |
|
|
}
|
724 |
|
|
|
725 |
|
|
if (isset($ldap_authentication_conf_data['acctCreation'])) {
|
726 |
|
|
$ldap_user_conf_data['acctCreation'] = $ldap_authentication_conf_data['acctCreation'];
|
727 |
|
|
$change_log[] = t('ldap_user_conf -> acctCreation set to value in ldap_authentication_conf -> acctCreation');
|
728 |
|
|
unset($ldap_authentication_conf_data['acctCreation']);
|
729 |
|
|
$change_log[] = t('ldap_authentication_conf -> acctCreation value removed');
|
730 |
|
|
}
|
731 |
|
|
else {
|
732 |
|
|
$ldap_user_conf_data['acctCreation'] = LDAP_USER_ACCT_CREATION_LDAP_BEHAVIOR_DEFAULT;
|
733 |
|
|
$change_log[] = t('ldap_user_conf -> acctCreation set to default:') . ' ' . LDAP_USER_ACCT_CREATION_LDAP_BEHAVIOR_DEFAULT;
|
734 |
|
|
}
|
735 |
|
|
|
736 |
|
|
$ldap_user_conf_data['manualAccountConflict'] = LDAP_USER_MANUAL_ACCT_CONFLICT_REJECT;
|
737 |
|
|
$change_log[] = t('ldap_user_conf -> manualAccountConflict set to default:') . ' ' . LDAP_USER_MANUAL_ACCT_CONFLICT_REJECT;
|
738 |
|
|
|
739 |
|
|
$change_log[] = t('LDAP User configuration populated.');
|
740 |
|
|
$change_log[] = t('LDAP Authentication configuration updated.');
|
741 |
|
|
variable_set('ldap_authentication_conf', $ldap_authentication_conf_data);
|
742 |
|
|
variable_set('ldap_user_conf', $ldap_user_conf_data);
|
743 |
|
|
|
744 |
|
|
$summary = '<h2>' . t('Please check through all the LDAP module configuration pages.
|
745 |
|
|
The update from 7.x-1.x to 7.x-2.x is not automatable! The configuration pages
|
746 |
|
|
must be read through and configured.') . '</h2>' .
|
747 |
32700c57
|
Assos Assos
|
theme('item_list', [
|
748 |
85ad3d82
|
Assos Assos
|
'items' => $change_log,
|
749 |
|
|
'type' => 'ul',
|
750 |
32700c57
|
Assos Assos
|
'title' => 'Changes in 7.x-1.x to 7.x-2.x update',
|
751 |
|
|
]
|
752 |
85ad3d82
|
Assos Assos
|
);
|
753 |
|
|
|
754 |
32700c57
|
Assos Assos
|
watchdog('ldap_servers', $summary, [], WATCHDOG_INFO);
|
755 |
85ad3d82
|
Assos Assos
|
return $summary;
|
756 |
|
|
|
757 |
|
|
}
|
758 |
|
|
|
759 |
|
|
/**
|
760 |
32700c57
|
Assos Assos
|
* Make ldap_servers.bind_method field small int instead of tiny int for ctools bug.
|
761 |
85ad3d82
|
Assos Assos
|
*/
|
762 |
|
|
function ldap_servers_update_7202() {
|
763 |
|
|
|
764 |
32700c57
|
Assos Assos
|
db_change_field('ldap_servers', 'bind_method', 'bind_method', [
|
765 |
85ad3d82
|
Assos Assos
|
'type' => 'int',
|
766 |
|
|
'size' => 'small',
|
767 |
|
|
'not null' => TRUE,
|
768 |
|
|
'default' => 0,
|
769 |
32700c57
|
Assos Assos
|
]);
|
770 |
85ad3d82
|
Assos Assos
|
|
771 |
|
|
}
|
772 |
|
|
|
773 |
|
|
/**
|
774 |
32700c57
|
Assos Assos
|
* Make all schema field names lowercase in ldap server to deal with cronic case sensitivity issues.
|
775 |
85ad3d82
|
Assos Assos
|
*/
|
776 |
|
|
function ldap_servers_update_7203() {
|
777 |
|
|
$schema = ldap_servers_schema();
|
778 |
32700c57
|
Assos Assos
|
$changes = [
|
779 |
85ad3d82
|
Assos Assos
|
'testingDrupalUserDn' => 'testing_drupal_user_dn',
|
780 |
|
|
'group_object_category' => 'grp_object_cat',
|
781 |
|
|
'groupFunctionalityUnused' => 'grp_unused',
|
782 |
|
|
'groupNested' => 'grp_nested',
|
783 |
|
|
'groupUserMembershipsAttrExists' => 'grp_user_memb_attr_exists',
|
784 |
|
|
'groupUserMembershipsAttr' => 'grp_user_memb_attr',
|
785 |
|
|
'groupMembershipsAttr' => 'grp_memb_attr',
|
786 |
|
|
'groupMembershipsAttrMatchingUserAttr' => 'grp_memb_attr_match_user_attr',
|
787 |
|
|
'groupDeriveFromDn' => 'grp_derive_from_dn',
|
788 |
|
|
'groupDeriveFromDnAttr' => 'grp_derive_from_dn_attr',
|
789 |
|
|
'groupTestGroupDn' => 'grp_test_grp_dn',
|
790 |
32700c57
|
Assos Assos
|
'groupTestGroupDnWriteable' => 'grp_test_grp_dn_writeable',
|
791 |
|
|
];
|
792 |
85ad3d82
|
Assos Assos
|
foreach ($changes as $old_field_name => $new_field_name) {
|
793 |
|
|
$field_schema = $schema['ldap_servers']['fields'][$new_field_name];
|
794 |
dd54aff9
|
Assos Assos
|
if (ldap_servers_db_field_exists('ldap_servers', $old_field_name)) {
|
795 |
|
|
if (ldap_servers_db_field_exists('ldap_servers', $new_field_name)) {
|
796 |
85ad3d82
|
Assos Assos
|
db_drop_field('ldap_servers', $old_field_name);
|
797 |
|
|
}
|
798 |
|
|
else {
|
799 |
|
|
db_change_field('ldap_servers', $old_field_name, $new_field_name, $field_schema);
|
800 |
|
|
}
|
801 |
|
|
}
|
802 |
|
|
}
|
803 |
|
|
|
804 |
|
|
}
|
805 |
|
|
|
806 |
|
|
/**
|
807 |
32700c57
|
Assos Assos
|
* Add picture_attr field in schema.
|
808 |
85ad3d82
|
Assos Assos
|
*/
|
809 |
|
|
function ldap_servers_update_7204() {
|
810 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'picture_attr')) {
|
811 |
85ad3d82
|
Assos Assos
|
db_add_field(
|
812 |
|
|
'ldap_servers',
|
813 |
|
|
'picture_attr',
|
814 |
32700c57
|
Assos Assos
|
[
|
815 |
85ad3d82
|
Assos Assos
|
'type' => 'varchar',
|
816 |
|
|
'length' => 255,
|
817 |
|
|
'not null' => FALSE,
|
818 |
32700c57
|
Assos Assos
|
]
|
819 |
85ad3d82
|
Assos Assos
|
);
|
820 |
|
|
}
|
821 |
|
|
}
|
822 |
|
|
|
823 |
|
|
/**
|
824 |
32700c57
|
Assos Assos
|
* Fix any double serialized ldap server basedns.
|
825 |
85ad3d82
|
Assos Assos
|
*/
|
826 |
|
|
function ldap_servers_update_7205() {
|
827 |
|
|
|
828 |
|
|
module_load_include('inc', 'ldap_servers', 'ldap_servers.functions');
|
829 |
|
|
$ldap_servers = ldap_servers_get_servers();
|
830 |
|
|
foreach ($ldap_servers as $sid => $ldap_server) {
|
831 |
|
|
if ($ldap_server->basedn && is_scalar($ldap_server->basedn)) {
|
832 |
32700c57
|
Assos Assos
|
// These are still serialized after being loaded from db/ctools so were double serialized.
|
833 |
85ad3d82
|
Assos Assos
|
$ldap_server->basedn = unserialize($ldap_server->basedn);
|
834 |
|
|
$ldap_server->save();
|
835 |
|
|
}
|
836 |
|
|
}
|
837 |
|
|
|
838 |
|
|
}
|
839 |
|
|
|
840 |
|
|
/**
|
841 |
32700c57
|
Assos Assos
|
* Add LDAP Referrals fields in schema.
|
842 |
85ad3d82
|
Assos Assos
|
*/
|
843 |
|
|
function ldap_servers_update_7206() {
|
844 |
5136ce55
|
Assos Assos
|
if (!ldap_servers_db_field_exists('ldap_servers', 'followrefs')) {
|
845 |
|
|
db_add_field(
|
846 |
|
|
'ldap_servers',
|
847 |
|
|
'followrefs',
|
848 |
32700c57
|
Assos Assos
|
[
|
849 |
5136ce55
|
Assos Assos
|
'type' => 'int',
|
850 |
|
|
'size' => 'tiny',
|
851 |
|
|
'not null' => FALSE,
|
852 |
|
|
'default' => 0,
|
853 |
32700c57
|
Assos Assos
|
]
|
854 |
5136ce55
|
Assos Assos
|
);
|
855 |
|
|
}
|
856 |
85ad3d82
|
Assos Assos
|
}
|
857 |
|
|
|
858 |
7547bb19
|
Assos Assos
|
/**
|
859 |
|
|
* Fixes a typo in an LDAP variable name.
|
860 |
|
|
*/
|
861 |
|
|
function ldap_servers_update_7207() {
|
862 |
32700c57
|
Assos Assos
|
if (!is_null($old_var = variable_get('ldap_servers_require_ssl_for_credentails'))) {
|
863 |
|
|
variable_set('ldap_servers_require_ssl_for_credentials', $old_var);
|
864 |
|
|
variable_del('ldap_servers_require_ssl_for_credentails');
|
865 |
|
|
}
|
866 |
7547bb19
|
Assos Assos
|
}
|
867 |
|
|
|
868 |
b42754b9
|
Assos Assos
|
/**
|
869 |
|
|
* Removes HTTPS checking.
|
870 |
|
|
*/
|
871 |
|
|
function ldap_servers_update_7208() {
|
872 |
|
|
variable_del('ldap_servers_require_ssl_for_credentials');
|
873 |
|
|
return t('HTTPS validation was removed, if you need mixed mode consider another module such as securelogin for this. Mixed mode is strongly discouraged.');
|
874 |
|
|
|
875 |
|
|
}
|
876 |
|
|
|
877 |
32700c57
|
Assos Assos
|
/**
|
878 |
|
|
*
|
879 |
|
|
*/
|
880 |
85ad3d82
|
Assos Assos
|
function ldap_servers_install_update_schema($schema, &$change_log) {
|
881 |
|
|
foreach ($schema as $table_name => $table_schema) {
|
882 |
|
|
foreach ($table_schema['fields'] as $field_name => $field_schema) {
|
883 |
dd54aff9
|
Assos Assos
|
if (!ldap_servers_db_field_exists($table_name, $field_name)) {
|
884 |
85ad3d82
|
Assos Assos
|
db_add_field($table_name, $field_name, $field_schema);
|
885 |
32700c57
|
Assos Assos
|
$change_log[] = t("!field_name field added to !table_name table", ['!field_name' => $field_name, '!table_name' => $table_name]);
|
886 |
85ad3d82
|
Assos Assos
|
}
|
887 |
|
|
}
|
888 |
|
|
}
|
889 |
bc175c27
|
Assos Assos
|
}
|
890 |
32700c57
|
Assos Assos
|
|
891 |
|
|
/**
|
892 |
|
|
* Change mcrypt to openssl.
|
893 |
|
|
*/
|
894 |
|
|
function ldap_servers_update_7209() {
|
895 |
|
|
if (variable_get('ldap_servers_encryption') != LDAP_SERVERS_ENC_TYPE_CLEARTEXT) {
|
896 |
|
|
variable_set('ldap_servers_encryption', LDAP_SERVERS_ENC_TYPE_OPENSSL);
|
897 |
|
|
if (!extension_loaded('openssl')) {
|
898 |
|
|
watchdog('ldap', 'Warning: OpenSSL missing, no alternative for encryption.');
|
899 |
|
|
}
|
900 |
|
|
return t('Encryption backend has changed, please re-enter your service account credentials.');
|
901 |
|
|
}
|
902 |
|
|
} |