Projet

Général

Profil

Paste
Télécharger (30 ko) Statistiques
| Branche: | Révision:

root / drupal7 / sites / all / modules / ldap / ldap_servers / ldap_servers.install @ 91af538d

1 85ad3d82 Assos Assos
<?php
2
3
/**
4
 * @file
5
 * Install, update and uninstall functions for the LDAP API module.
6
 */
7
8
/**
9
 * Implements hook_install().
10
 */
11
function ldap_servers_install() {
12
13
}
14
15
/**
16
 * Implements hook_uninstall().
17
 */
18
function ldap_servers_uninstall() {
19
  variable_del('ldap_servers_encryption');
20 7547bb19 Assos Assos
  variable_del('ldap_servers_require_ssl_for_credentials');
21 85ad3d82 Assos Assos
  variable_del('ldap_servers_encrypt_key');
22
23
}
24
25
/**
26
 * Implements hook_requirements().
27
 */
28
function ldap_servers_requirements($phase) {
29 32700c57 Assos Assos
  $requirements = [];
30 5136ce55 Assos Assos
  $t = get_t();
31 85ad3d82 Assos Assos
32
  if ($phase == 'install') {
33
    $requirements['ldap_extension_loaded']['title'] = t('LDAP Extension Loaded');
34
    if (extension_loaded('ldap')) {
35
      $requirements['ldap_extension_loaded']['severity'] = REQUIREMENT_OK;
36
    }
37
    else {
38
      $requirements['ldap_extension_loaded']['severity'] = REQUIREMENT_ERROR;
39
      $requirements['ldap_extension_loaded']['description'] = t('No LDAP PHP Extension is loaded for PHP, so LDAP will not work properly.');
40
    }
41
  }
42
43
  if ($phase == 'runtime' && !extension_loaded('ldap')) {
44
    $requirements['ldap_extension_loaded']['title'] = t('LDAP Extension Loaded');
45
    $requirements['ldap_extension_loaded']['severity'] = REQUIREMENT_ERROR;
46
    $requirements['ldap_extension_loaded']['description'] = t('No LDAP PHP Extension is loaded for PHP, so LDAP will not work properly.');
47
  }
48
49
  if ($phase != "install" && db_table_exists('ldapauth')) {
50
    $requirements['ldap_servers']['title'] = t('LDAP Integration LDAP Auth to LDAP Servers Upgrade Concern');
51
    $requirements['ldap_servers']['severity'] = REQUIREMENT_WARNING;
52
    $requirements['ldap_servers']['value'] = NULL;
53
    $requirements['ldap_servers']['description'] = t('Upgrade from Drupal 6 LDAP Auth to Drupal 7
54
      LDAP Servers is not automatic.  LDAP Servers will need to be configured by hand.
55
      See http://drupal.org/node/1023016. This message will go away when the ldapauth database table is removed.');
56
  }
57 32700c57 Assos Assos
  // Check that ldapauth not installed.
58 5136ce55 Assos Assos
  // Check enabled LDAP servers are configured and Drupal can connect to them.
59
  if ($phase == 'runtime') {
60 32700c57 Assos Assos
    $requirements['ldap_servers_enabled'] = [
61 5136ce55 Assos Assos
      'title' => $t('LDAP Server status'),
62 bc175c27 Assos Assos
      'value' => $t('Disabled'),
63 5136ce55 Assos Assos
      'severity' => REQUIREMENT_WARNING,
64 32700c57 Assos Assos
    ];
65 5136ce55 Assos Assos
66
    $servers = ldap_servers_get_servers(NULL, 'enabled');
67
    if (!empty($servers)) {
68
      unset($requirements['ldap_servers_enabled']);
69
70
      foreach ($servers as $server) {
71
        $server_req_key = 'ldap_servers_sid_' . $server->sid;
72 32700c57 Assos Assos
        $server_tokens = [
73 5136ce55 Assos Assos
          '@host' => $server->address,
74
          '@sid' => $server->sid,
75 32700c57 Assos Assos
        ];
76
        $requirements[$server_req_key] = [
77 5136ce55 Assos Assos
          'title' => $t('LDAP Server status: @sid (@host)', $server_tokens),
78 bc175c27 Assos Assos
          'value' => $t('Connection: Failed, check logs for details.', $server_tokens),
79 5136ce55 Assos Assos
          'severity' => REQUIREMENT_ERROR,
80 32700c57 Assos Assos
        ];
81 5136ce55 Assos Assos
82
        try {
83
          $connect_result = $server->connect();
84
          if ($connect_result == LDAP_SUCCESS) {
85 be58a50c Assos Assos
            if ($server->bind_method == LDAP_SERVERS_BIND_METHOD_USER) {
86
              // Check bind anonymously if set to bind via user credentials.
87
              // The user has already logged in and so their is no dn or password
88
              // to check since LDAP doesn't store passwords.
89
              $bind_result = $server->bind(NULL, NULL, TRUE);
90 32700c57 Assos Assos
            }
91
            else {
92 be58a50c Assos Assos
              $bind_result = $server->bind();
93
            }
94 5136ce55 Assos Assos
            if ($bind_result == LDAP_SUCCESS) {
95
              $requirements[$server_req_key]['value'] = $t('Connection: Success, Bind: Success', $server_tokens);
96
              $requirements[$server_req_key]['severity'] = REQUIREMENT_OK;
97
            }
98
          }
99
          $server->disconnect();
100
        }
101
        catch (Exception $e) {
102
        }
103
      }
104
    }
105
  }
106
107 85ad3d82 Assos Assos
  return $requirements;
108
}
109
110
/**
111
 * Implements hook_schema().
112
 */
113
function ldap_servers_schema() {
114
  module_load_include('inc', 'ldap_servers', 'ldap_servers.functions');
115 32700c57 Assos Assos
  // To get the LDAP_SERVERS_ENC_TYPE_CLEARTEXT constants issue#1209576.
116
  module_load_include('module', 'ldap_servers', 'ldap_servers');
117 85ad3d82 Assos Assos
  module_load_include('php', 'ldap_servers', 'LdapServerAdmin.class');
118
119 32700c57 Assos Assos
  $schema['ldap_servers'] = [
120
    'export' => [
121 85ad3d82 Assos Assos
      'key' => 'sid',
122
      'key name' => 'Server ID',
123
      'primary key' => 'numeric_sid',
124
      'identifier' => 'ldap_servers_conf',
125 32700c57 Assos Assos
      'api' => [
126 85ad3d82 Assos Assos
        'owner' => 'ldap_servers',
127
        'api' => 'ldap_servers',
128
        'minimum_version' => 1,
129
        'current_version' => 1,
130 32700c57 Assos Assos
      ],
131
    ],
132
    'primary key' => ['numeric_sid'],
133
    'unique keys' => ['name' => ['name']],
134
  ];
135 85ad3d82 Assos Assos
136
  $fields = LdapServerAdmin::fields();
137
  foreach ($fields as $name => $props) {
138
    if (isset($props['schema'])) {
139
      $schema['ldap_servers']['fields'][$name] = $props['schema'];
140
    }
141
  }
142
143
  return $schema;
144
145
}
146
147
/**
148 32700c57 Assos Assos
 * Rename ldap_servers type field to ldap_type.
149 85ad3d82 Assos Assos
 */
150
function ldap_servers_update_7100() {
151 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'ldap_type') && ldap_servers_db_field_exists('ldap_servers', 'type')) {
152 32700c57 Assos Assos
    db_change_field('ldap_servers', 'type', 'ldap_type', [
153 85ad3d82 Assos Assos
      'type' => 'varchar',
154
      'length' => 20,
155 32700c57 Assos Assos
      'not null' => FALSE,
156
    ]);
157 85ad3d82 Assos Assos
  }
158
159
  return t('ldap_servers table field "type" renamed to "ldap_type"');
160
161
}
162
163
/**
164 32700c57 Assos Assos
 * Ldap_server table field changes.
165 85ad3d82 Assos Assos
 */
166
function ldap_servers_update_7101() {
167
168
  db_add_field(
169
    'ldap_servers',
170
    'allow_conflicting_drupal_accts',
171 32700c57 Assos Assos
    [
172 85ad3d82 Assos Assos
      'type' => 'int',
173
      'size' => 'tiny',
174
      'not null' => FALSE,
175
      'default' => 0,
176 32700c57 Assos Assos
    ]
177 85ad3d82 Assos Assos
  );
178
179
  db_add_field(
180
    'ldap_servers',
181
    'unique_persistent_attr',
182 32700c57 Assos Assos
    [
183 85ad3d82 Assos Assos
      'type' => 'varchar',
184
      'length' => '64',
185
      'not null' => FALSE,
186 32700c57 Assos Assos
    ]
187 85ad3d82 Assos Assos
  );
188
189
  db_add_field(
190
    'ldap_servers',
191
    'mail_template',
192 32700c57 Assos Assos
    [
193 85ad3d82 Assos Assos
      'type' => 'varchar',
194
      'length' => '255',
195
      'not null' => FALSE,
196 32700c57 Assos Assos
    ]
197 85ad3d82 Assos Assos
  );
198
199 32700c57 Assos Assos
  db_change_field('ldap_servers', 'ldap_to_drupal_user', 'ldap_to_drupal_user', [
200 85ad3d82 Assos Assos
    'type' => 'varchar',
201
    'length' => 1024,
202 32700c57 Assos Assos
    'not null' => FALSE,
203
  ]);
204 85ad3d82 Assos Assos
205 32700c57 Assos Assos
  db_change_field('ldap_servers', 'binddn', 'binddn', [
206 85ad3d82 Assos Assos
    'type' => 'varchar',
207
    'length' => 511,
208 32700c57 Assos Assos
  ]);
209 85ad3d82 Assos Assos
210
  return t('Updated LDAP Server to include "allow_conflicting_drupal_accts" and "unique_persistent_attr" fields.');
211
}
212
213
/**
214 32700c57 Assos Assos
 * Add bind_method field to ldap_servers table.
215 85ad3d82 Assos Assos
 */
216
function ldap_servers_update_7102() {
217
218 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'bind_method')) {
219 32700c57 Assos Assos
    db_add_field('ldap_servers', 'bind_method', [
220 85ad3d82 Assos Assos
      'type' => 'int',
221
      'size' => 'tiny',
222
      'not null' => TRUE,
223
      'default' => 0,
224 32700c57 Assos Assos
    ]);
225 85ad3d82 Assos Assos
    $msg = t('"bind_method" field added to ldap_servers table');
226
  }
227
228 bc175c27 Assos Assos
  return ($msg) ? $msg : t('No database changes made.');
229 85ad3d82 Assos Assos
}
230
231
/**
232 32700c57 Assos Assos
 * Add group_object_category field to ldap_servers table.
233 85ad3d82 Assos Assos
 */
234
function ldap_servers_update_7103() {
235
236 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'group_object_category')) {
237 32700c57 Assos Assos
    db_add_field('ldap_servers', 'group_object_category', [
238 85ad3d82 Assos Assos
      'type' => 'varchar',
239
      'length' => 64,
240
      'not null' => FALSE,
241 32700c57 Assos Assos
    ]);
242 85ad3d82 Assos Assos
    $msg = t('"group_object_category" field added to ldap_servers table');
243
  }
244
245 bc175c27 Assos Assos
  return ($msg) ? $msg : t('No database changes made.');
246 85ad3d82 Assos Assos
}
247
248
/**
249 32700c57 Assos Assos
 * Add pagination fields to ldap_servers table.
250 85ad3d82 Assos Assos
 */
251
function ldap_servers_update_7104() {
252
253 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'search_pagination')) {
254 32700c57 Assos Assos
    db_add_field('ldap_servers', 'search_pagination', [
255 85ad3d82 Assos Assos
      'type' => 'int',
256
      'size' => 'tiny',
257
      'not null' => FALSE,
258
      'default' => 0,
259 32700c57 Assos Assos
    ]);
260 85ad3d82 Assos Assos
    $msg = t('"search_pagination" field added to ldap_servers table');
261
  }
262
263 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'search_page_size')) {
264 32700c57 Assos Assos
    db_add_field('ldap_servers', 'search_page_size', [
265 85ad3d82 Assos Assos
      'type' => 'int',
266
      'size' => 'medium',
267
      'not null' => FALSE,
268
      'default' => 1000,
269 32700c57 Assos Assos
    ]);
270 85ad3d82 Assos Assos
    $msg .= '<br/>' . t('"search_page_size" field added to ldap_servers table');
271
  }
272
273 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'unique_persistent_attr_binary')) {
274 32700c57 Assos Assos
    db_add_field('ldap_servers', 'unique_persistent_attr_binary', [
275 85ad3d82 Assos Assos
      'type' => 'int',
276
      'size' => 'tiny',
277
      'not null' => FALSE,
278
      'default' => 0,
279 32700c57 Assos Assos
    ]);
280 85ad3d82 Assos Assos
    $msg = t('"unique_persistent_attr_binary" field added to ldap_servers table');
281
  }
282
283 bc175c27 Assos Assos
  return ($msg) ? $msg : t('No database changes made.');
284 85ad3d82 Assos Assos
}
285
286
/**
287 32700c57 Assos Assos
 * Enable ldap_user module.
288 85ad3d82 Assos Assos
 */
289
function ldap_servers_update_7105() {
290
291
  if (!module_exists('ldap_user')) {
292 32700c57 Assos Assos
    module_enable(['ldap_user']);
293 85ad3d82 Assos Assos
    $msg = t('LDAP User module enabled.  Some authentication and authorization functionality shifted to LDAP User module.');
294
  }
295
296 bc175c27 Assos Assos
  return ($msg) ? $msg : t('LDAP User module was already enabled.  No action taken.');
297 85ad3d82 Assos Assos
}
298
299
/**
300 32700c57 Assos Assos
 * Add account_name_attr field to ldap_servers table.
301 85ad3d82 Assos Assos
 */
302
function ldap_servers_update_7106() {
303 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'account_name_attr')) {
304 32700c57 Assos Assos
    db_add_field('ldap_servers', 'account_name_attr', [
305
      'description' => 'The attribute to be used as the account name if not the user_attr',
306
      'type' => 'varchar',
307
      'length' => 255,
308
      'not null' => FALSE,
309
      'default' => '',
310
    ]);
311 85ad3d82 Assos Assos
    $msg = t('"account_name_attr" field added to ldap_servers table');
312
  }
313
314 bc175c27 Assos Assos
  return ($msg) ? $msg : t('No database changes made.');
315 85ad3d82 Assos Assos
}
316
317
/**
318 32700c57 Assos Assos
 * Remove allow_conflicting_drupal_accts from ldap_servers table.
319 85ad3d82 Assos Assos
 */
320
function ldap_servers_update_7107() {
321 dd54aff9 Assos Assos
  if (ldap_servers_db_field_exists('ldap_servers', 'allow_conflicting_drupal_accts')) {
322 85ad3d82 Assos Assos
    db_drop_field('ldap_servers', 'allow_conflicting_drupal_accts');
323
    $msg = t('"allow_conflicting_drupal_accts" field removed from ldap_servers table');
324
  }
325 bc175c27 Assos Assos
  return ($msg) ? $msg : t('No database changes made.');
326 85ad3d82 Assos Assos
}
327
328 32700c57 Assos Assos
/**
329
 *
330
 */
331 dd54aff9 Assos Assos
function ldap_servers_db_field_exists($table, $field_name) {
332 32700c57 Assos Assos
  if (!db_field_exists($table, $field_name) && !db_field_exists($table, drupal_strtolower($field_name))) {
333
    return FALSE;
334 dd54aff9 Assos Assos
  }
335
  else {
336 32700c57 Assos Assos
    return TRUE;
337 dd54aff9 Assos Assos
  }
338
}
339 32700c57 Assos Assos
340 85ad3d82 Assos Assos
/**
341 32700c57 Assos Assos
 * Add group related fields to ldap_servers table.
342 85ad3d82 Assos Assos
 */
343
function ldap_servers_update_7108() {
344
345 32700c57 Assos Assos
  foreach (['groupFunctionalityUnused', 'groupNested', 'groupSearchAll', 'groupUserMembershipsAttrExists', 'groupDeriveFromDn', 'groupUserMembershipsAttrExists'] as $tinyint_field_name) {
346
    if (!ldap_servers_db_field_exists('ldap_servers', $tinyint_field_name)) {
347
      db_add_field('ldap_servers', $tinyint_field_name, [
348 85ad3d82 Assos Assos
        'type' => 'int',
349
        'size' => 'tiny',
350
        'not null' => FALSE,
351
        'default' => 0,
352 32700c57 Assos Assos
      ]);
353
      $msg = t('"!name" field added to ldap_servers table', ['!name' => $tinyint_field_name]);
354 85ad3d82 Assos Assos
    }
355
  }
356 32700c57 Assos Assos
  foreach (['groupUserMembershipsAttr', 'groupMembershipsAttr', 'groupTestGroupDn', 'groupUserMembershipsAttr', 'groupMembershipsAttrMatchingUserAttr'] as $varchar255field_name) {
357 dd54aff9 Assos Assos
    if (!ldap_servers_db_field_exists('ldap_servers', $varchar255field_name) && !ldap_servers_db_field_exists('ldap_servers', drupal_strtolower($varchar255field_name))) {
358 32700c57 Assos Assos
      db_add_field('ldap_servers', $varchar255field_name, [
359 85ad3d82 Assos Assos
        'type' => 'varchar',
360
        'length' => '255',
361
        'not null' => FALSE,
362 32700c57 Assos Assos
      ]);
363
      $msg = t('"!name" field added to ldap_servers table', ['!name' => $varchar255field_name]);
364 85ad3d82 Assos Assos
    }
365
  }
366
}
367
368
/**
369 32700c57 Assos Assos
 * Adjust group related fields to ldap_servers table.
370 85ad3d82 Assos Assos
 */
371
function ldap_servers_update_7109() {
372
373 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupNested')) {
374 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupNested', [
375 85ad3d82 Assos Assos
      'type' => 'int',
376
      'size' => 'tiny',
377
      'not null' => FALSE,
378
      'default' => 0,
379 32700c57 Assos Assos
    ]);
380 85ad3d82 Assos Assos
    $msg = t('"groupNested" field added to ldap_servers table');
381
  }
382
383 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupUseFirstAttr')) {
384 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupUseFirstAttr', [
385 85ad3d82 Assos Assos
      'type' => 'int',
386
      'size' => 'tiny',
387
      'not null' => FALSE,
388
      'default' => 0,
389 32700c57 Assos Assos
    ]);
390 85ad3d82 Assos Assos
    $msg .= '<br/>' . t('"groupUseFirstAttr" field added to ldap_servers table');
391
  }
392
393 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupSearchAll')) {
394 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupSearchAll', [
395 85ad3d82 Assos Assos
      'type' => 'int',
396
      'size' => 'tiny',
397
      'not null' => FALSE,
398
      'default' => 0,
399 32700c57 Assos Assos
    ]);
400 85ad3d82 Assos Assos
    $msg = t('"groupSearchAll" field added to ldap_servers table');
401
  }
402
403 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupUserMembershipsAttrExists')) {
404 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupUserMembershipsAttrExists', [
405 85ad3d82 Assos Assos
      'type' => 'int',
406
      'size' => 'tiny',
407
      'not null' => FALSE,
408
      'default' => 0,
409 32700c57 Assos Assos
    ]);
410 85ad3d82 Assos Assos
    $msg = t('"groupUserMembershipsAttrExists" field added to ldap_servers table');
411
  }
412
413 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupUserMembershipsAttr')) {
414 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupUserMembershipsAttr', [
415 85ad3d82 Assos Assos
      'type' => 'varchar',
416
      'length' => '255',
417
      'not null' => FALSE,
418 32700c57 Assos Assos
    ]);
419 85ad3d82 Assos Assos
    $msg = t('"groupUserMembershipsAttr" field added to ldap_servers table');
420
  }
421
422 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupMembershipsAttr')) {
423 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupMembershipsAttr', [
424 85ad3d82 Assos Assos
      'type' => 'varchar',
425
      'length' => '255',
426
      'not null' => FALSE,
427 32700c57 Assos Assos
    ]);
428 85ad3d82 Assos Assos
    $msg = t('"groupMembershipsAttr" field added to ldap_servers table');
429
  }
430
431 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupMembershipsAttrMatchingUserAttr')) {
432 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupMembershipsAttrMatchingUserAttr', [
433 85ad3d82 Assos Assos
      'type' => 'varchar',
434
      'length' => '255',
435
      'not null' => FALSE,
436 32700c57 Assos Assos
    ]);
437 85ad3d82 Assos Assos
    $msg = t('"groupMembershipsAttrMatchingUserAttr" field added to ldap_servers table');
438
  }
439
440 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupUserMembershipsAttrExists')) {
441 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupUserMembershipsAttrExists', [
442 85ad3d82 Assos Assos
      'type' => 'int',
443
      'size' => 'tiny',
444
      'not null' => FALSE,
445
      'default' => 0,
446 32700c57 Assos Assos
    ]);
447 85ad3d82 Assos Assos
    $msg = t('"groupUserMembershipsAttrExists" field added to ldap_servers table');
448
  }
449
450 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupUserMembershipsAttr')) {
451 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupUserMembershipsAttr', [
452 85ad3d82 Assos Assos
      'type' => 'varchar',
453
      'length' => '255',
454
      'not null' => FALSE,
455 32700c57 Assos Assos
    ]);
456 85ad3d82 Assos Assos
    $msg = t('"groupUserMembershipsAttr" field added to ldap_servers table');
457
  }
458
459
}
460
461
/**
462 32700c57 Assos Assos
 * Adjust group related fields to ldap_servers table.
463 85ad3d82 Assos Assos
 */
464
function ldap_servers_update_7110() {
465
466 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupFunctionalityUnused')) {
467 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupFunctionalityUnused', [
468 85ad3d82 Assos Assos
      'type' => 'int',
469
      'size' => 'tiny',
470
      'not null' => FALSE,
471
      'default' => 0,
472 32700c57 Assos Assos
    ]);
473 85ad3d82 Assos Assos
    $msg = t('"groupFunctionalityUnused" field added to ldap_servers table');
474
  }
475
476 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupTestGroupDn')) {
477 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupTestGroupDn', [
478 85ad3d82 Assos Assos
      'type' => 'varchar',
479
      'length' => '255',
480
      'not null' => FALSE,
481 32700c57 Assos Assos
    ]);
482 85ad3d82 Assos Assos
    $msg = t('"groupTestGroupDn" field added to ldap_servers table');
483
  }
484
485 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupTestGroupDnWriteable')) {
486 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupTestGroupDnWriteable', [
487 85ad3d82 Assos Assos
      'type' => 'varchar',
488
      'length' => '255',
489
      'not null' => FALSE,
490 32700c57 Assos Assos
    ]);
491 85ad3d82 Assos Assos
    $msg = t('"groupTestGroupDnWriteable" field added to ldap_servers table');
492
  }
493
494
}
495
496
/**
497 32700c57 Assos Assos
 * Add field groupTestGroupDnWriteable to ldap_servers table.
498 85ad3d82 Assos Assos
 */
499
function ldap_servers_update_7111() {
500
501 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'groupTestGroupDnWriteable')) {
502 32700c57 Assos Assos
    db_add_field('ldap_servers', 'groupTestGroupDnWriteable', [
503 85ad3d82 Assos Assos
      'type' => 'varchar',
504
      'length' => '255',
505
      'not null' => FALSE,
506 32700c57 Assos Assos
    ]);
507 85ad3d82 Assos Assos
    $msg = t('"groupTestGroupDnWriteable" field added to ldap_servers table');
508
  }
509
510
}
511
512
/**
513 32700c57 Assos Assos
 * Add field testingDrupalUserDn to ldap_servers table.
514 85ad3d82 Assos Assos
 */
515
function ldap_servers_update_7112() {
516
517 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'testingDrupalUserDn')) {
518 32700c57 Assos Assos
    db_add_field('ldap_servers', 'testingDrupalUserDn', [
519 85ad3d82 Assos Assos
      'type' => 'varchar',
520
      'length' => '255',
521
      'not null' => FALSE,
522 32700c57 Assos Assos
    ]);
523 85ad3d82 Assos Assos
    $msg = t('"testingDrupalUserDn" field added to ldap_servers table');
524
  }
525
526
}
527
528
/**
529 32700c57 Assos Assos
 * Upgrade as much as feasible for 7.1 to 7.2 branch.
530 85ad3d82 Assos Assos
 */
531
function ldap_servers_update_7201() {
532
533 32700c57 Assos Assos
  $change_log = [];
534 85ad3d82 Assos Assos
535 32700c57 Assos Assos
  // 1. ldap_user is now required for ldap_authentication and ldap_authorization.
536 85ad3d82 Assos Assos
  if (module_exists('ldap_authentication') || module_exists('ldap_authorization')) {
537 32700c57 Assos Assos
    module_enable(['ldap_user'], TRUE);
538 85ad3d82 Assos Assos
    $change_log[] = t('LDAP User Module Enabled');
539
  }
540
541
  /**
542
   * ldap_servers and ldap_authorization tables in 7.x-1.x to 7.x-2.x update
543
   *
544
   * LDAP_SERVERS fields that don't change:
545
   *  sid, numeric_sid, name, status, ldap_type, address, port, tls, bind_method,
546
   *  binding_service_acct, binddn, bindpw, basedn, user_attr, account_name_attr,
547
   *  mail_attr, mail_template, unique_persistent_attr, user_dn_expression,
548
   *  testing_drupal_username, group_object_category
549
   *  search_pagination, search_page_size, ldap_to_drupal_user,
550
   *
551
   * LDAP_SERVERS fields not populated in update:
552
   *   unique_persistent_attr_binary
553
   *   testingDrupalUserDn
554
   *   groupTestGroupDn - new no value in it and not important
555
   *   groupTestGroupDnWriteable - new no value in it and not important
556
   *
557
   * LDAP_SERVERS fields set/adjusted in update:
558
   *   groupNested
559
   *   groupFunctionalityUnused = 1 if ldap authorization tables exist
560
   *   groupDeriveFromDn from option IIA of ldap authorization
561
   *   groupDeriveFromDnAttr from option IIA of ldap authorization
562
   *   groupUserMembershipsAttrExists = 1 if option IIB used in ldap authorization
563
   *   groupUserMembershipsAttr  get from ldap authorization  IIB
564
   *   groupMembershipsAttr from option IIC in ldap authorization derive from entry
565
   *   groupMembershipsAttrMatchingUserAttr from option IIC
566
   *
567
   *
568
   * LDAP_AUTHORIZATION fields that don't change:
569
   *   numeric_consumer_conf_id, sid, consumer_type, consumer_module
570
   *   status, only_ldap_authenticated, mappings, use_filter,
571
   *   synchronization_modes, synchronization_actions, synch_to_ldap,
572
   *   synch_on_logon, revoke_ldap_provisioned, create_consumers,
573
   *   regrant_ldap_provisioned
574
   *
575
   * LDAP_AUTHORIZATION fields populated in update:
576
   *   useFirstAttrAsGroupId = derive_from_attr_use_first_attr || derive_from_entry_use_first_attr
577
   *
578
   * LDAP_AUTHORIZATION fields to remove in update
579
   *    derive_from_dn, derive_from_dn_attr, derive_from_entry, derive_from_attr
580
   *    derive_from_attr_attr, derive_from_entry, derive_from_entry_attr,
581
   *    derive_from_entry_entries_attr, derive_from_entry_nested,
582
   *    derive_from_attr_use_first_attr, derive_from_entry_search_all
583
   *    derive_from_entry_use_first_attr
584
   *
585
   */
586
587 32700c57 Assos Assos
  // 2.  add any missing fields from schema.
588 85ad3d82 Assos Assos
  ldap_servers_install_update_schema(ldap_servers_schema(), $change_log);
589
  if (module_exists('ldap_authorization')) {
590
    ldap_servers_install_update_schema(ldap_authorization_schema(), $change_log);
591
  }
592
  if (module_exists('ldap_query')) {
593
    ldap_servers_install_update_schema(ldap_query_schema(), $change_log);
594
  }
595
596 32700c57 Assos Assos
  // 3.  move configuration data that has changed location within ldap modules.
597
  $field_changes = [];
598
  $ldap_server_records = [];
599 85ad3d82 Assos Assos
  $select = db_select('ldap_servers')
600
    ->fields('ldap_servers')
601
    ->execute();
602
  foreach ($select as $record) {
603
    $ldap_server_records[$record->sid] = $record;
604
  }
605
606
  if (db_table_exists('ldap_authorization')) {
607
    $ldap_authorization_record = NULL;
608
    $select = db_select('ldap_authorization', 'authz')
609
      ->fields('authz')
610
      ->execute();
611 32700c57 Assos Assos
    // Pick best ldap authorization conf to use to configure ldap server.
612 85ad3d82 Assos Assos
    $max_weight = -1;
613
    foreach ($select as $record) {
614 32700c57 Assos Assos
      $weight = (int) ($record->status) + (int) ($record->consumer_type == 'drupal_role');
615 85ad3d82 Assos Assos
      if ($weight > $max_weight) {
616
        $max_weight = $weight;
617
        $ldap_authorization_record = $record;
618
      }
619
    }
620
621
    foreach ($ldap_server_records as $sid => $ldap_server_record) {
622
      if ($ldap_authorization_record && $ldap_authorization_record->sid == $sid) {
623
        $consumer_type = $ldap_authorization_record->consumer_type;
624
        $field_changes['ldap_servers'][$sid]['groupFunctionalityUnused'] = 0;
625
        if ($ldap_authorization_record->derive_from_dn) {
626
          $field_changes['ldap_servers'][$sid]['groupDeriveFromDn'] = 1;
627
          $field_changes['ldap_servers'][$sid]['groupDeriveFromDnAttr'] = $ldap_authorization_record->derive_from_dn_attr;
628
        }
629
        if ($ldap_authorization_record->derive_from_attr) {
630
          $field_changes['ldap_servers'][$sid]['groupUserMembershipsAttrExists'] = 1;
631
          $field_changes['ldap_servers'][$sid]['groupUserMembershipsAttr'] = $ldap_authorization_record->derive_from_attr_attr;
632
        }
633
        if ($ldap_authorization_record->derive_from_entry) {
634 32700c57 Assos Assos
          // Eg members.
635
          $field_changes['ldap_servers'][$sid]['groupMembershipsAttr'] = $ldap_authorization_record->derive_from_entry_attr;
636
          // Eg dn.
637
          $field_changes['ldap_servers'][$sid]['groupMembershipsAttrMatchingUserAttr'] = $ldap_authorization_record->derive_from_entry_entries_attr;
638 85ad3d82 Assos Assos
        }
639
        if ($ldap_authorization_record->derive_from_entry_nested) {
640
          $field_changes['ldap_servers'][$sid]['groupNested'] = 1;
641
        }
642
        if ($ldap_authorization_record->derive_from_attr_use_first_attr || $ldap_authorization_record->derive_from_entry_use_first_attr) {
643
          $field_changes['ldap_authorization'][$consumer_type]['useFirstAttrAsGroupId'] = 1;
644
        }
645
      }
646
      else {
647
        $field_changes['ldap_servers'][$sid]['groupFunctionalityUnused'] = 1;
648
      }
649
    }
650
  }
651
652
  foreach ($field_changes as $table_name => $record) {
653
    foreach ($record as $id => $field_data) {
654
      if ($table_name == 'ldap_servers' || $table_name == 'ldap_authorization') {
655
        $id_field_name = 'sid';
656
      }
657
      else {
658
        continue;
659
      }
660
      if (count($field_data)) {
661 32700c57 Assos Assos
        $change_log[] = t("!table_name where !id_field_name = !id values updated", [
662 85ad3d82 Assos Assos
          '!table_name' => $table_name,
663
          '!id_field_name' => $id_field_name,
664
          '!id' => $id,
665 32700c57 Assos Assos
        ]);
666 85ad3d82 Assos Assos
        $num_updated = db_update($table_name)
667
          ->fields($field_data)
668
          ->condition($id_field_name, $id, '=')
669
          ->execute();
670
      }
671
    }
672
  }
673
674 32700c57 Assos Assos
  // 4.  remove ldap_authorization fields that are unused.
675
  $ldap_authorization_fields_to_remove = [
676 85ad3d82 Assos Assos
    'derive_from_dn',
677
    'derive_from_dn_attr',
678
    'derive_from_attr',
679
    'derive_from_entry',
680
    'derive_from_attr_attr',
681
    'derive_from_entry_attr',
682
    'derive_from_entry_entries_attr',
683
    'derive_from_entry_nested',
684
    'derive_from_entry_search_all',
685
    'derive_from_entry_use_first_attr',
686
    'derive_from_attr_use_first_attr',
687 32700c57 Assos Assos
  ];
688 85ad3d82 Assos Assos
689
  foreach ($ldap_authorization_fields_to_remove as $ldap_authorization_field) {
690
    db_drop_field('ldap_authorization', $ldap_authorization_field);
691
  }
692 32700c57 Assos Assos
  $change_log[] = t("ldap_authorization table fields removed: !fields_removed", ['!fields_removed' => join(', ', $ldap_authorization_fields_to_remove)]);
693 85ad3d82 Assos Assos
694 32700c57 Assos Assos
  // 5. ldap_authentication and ldap_user changes are in variables, not tables.
695
  $ldap_authentication_conf_data = variable_get('ldap_authentication_conf', []);
696 59ae487e Assos Assos
  if (!is_array($ldap_authentication_conf_data['sids'])) {
697 32700c57 Assos Assos
    $ldap_authentication_conf_data['sids'] = [];
698 59ae487e Assos Assos
  }
699
700 32700c57 Assos Assos
  $ldap_user_conf_data = variable_get('ldap_user_conf', []);
701 85ad3d82 Assos Assos
702
  $ldap_authentication_sids = array_keys($ldap_authentication_conf_data['sids']);
703
  if (count($ldap_authentication_sids) == 1) {
704
    $ldap_user_conf_data['drupalAcctProvisionServer'] = $ldap_authentication_sids[0];
705
  }
706
707 32700c57 Assos Assos
  // Conflict log vs resolve moved from ldap_authentication to ldap_user.
708 85ad3d82 Assos Assos
  if (!empty($ldap_authentication_conf_data['authenticationMode'])) {
709
    if ($ldap_authentication_conf_data['loginConflictResolve'] == LDAP_AUTHENTICATION_CONFLICT_LOG) {
710
      $ldap_user_conf_data['userConflictResolve'] = LDAP_USER_CONFLICT_LOG;
711
      $change_log[] = t('ldap_authentication_conf -> userConflictResolve set to') . LDAP_USER_CONFLICT_LOG;
712
    }
713
    elseif ($ldap_authentication_conf_data['loginConflictResolve'] == LDAP_AUTHENTICATION_CONFLICT_RESOLVE) {
714
      $ldap_user_conf_data['userConflictResolve'] = LDAP_USER_CONFLICT_RESOLVE;
715
      $change_log[] = t('ldap_authentication_conf -> userConflictResolve set to') . LDAP_USER_CONFLICT_RESOLVE;
716
    }
717
    unset($ldap_authentication_conf_data['loginConflictResolve']);
718
    $change_log[] = t('ldap_authentication_conf -> loginConflictResolve value removed');
719
  }
720
  else {
721
    $ldap_user_conf_data['userConflictResolve'] = LDAP_USER_CONFLICT_RESOLVE_DEFAULT;
722
    $change_log[] = t('ldap_authentication_conf -> userConflictResolve set to') . LDAP_USER_CONFLICT_RESOLVE_DEFAULT;
723
  }
724
725
  if (isset($ldap_authentication_conf_data['acctCreation'])) {
726
    $ldap_user_conf_data['acctCreation'] = $ldap_authentication_conf_data['acctCreation'];
727
    $change_log[] = t('ldap_user_conf -> acctCreation set to value in ldap_authentication_conf -> acctCreation');
728
    unset($ldap_authentication_conf_data['acctCreation']);
729
    $change_log[] = t('ldap_authentication_conf -> acctCreation value removed');
730
  }
731
  else {
732
    $ldap_user_conf_data['acctCreation'] = LDAP_USER_ACCT_CREATION_LDAP_BEHAVIOR_DEFAULT;
733
    $change_log[] = t('ldap_user_conf -> acctCreation set to default:') . ' ' . LDAP_USER_ACCT_CREATION_LDAP_BEHAVIOR_DEFAULT;
734
  }
735
736
  $ldap_user_conf_data['manualAccountConflict'] = LDAP_USER_MANUAL_ACCT_CONFLICT_REJECT;
737
  $change_log[] = t('ldap_user_conf -> manualAccountConflict set to default:') . ' ' . LDAP_USER_MANUAL_ACCT_CONFLICT_REJECT;
738
739
  $change_log[] = t('LDAP User configuration populated.');
740
  $change_log[] = t('LDAP Authentication configuration updated.');
741
  variable_set('ldap_authentication_conf', $ldap_authentication_conf_data);
742
  variable_set('ldap_user_conf', $ldap_user_conf_data);
743
744
  $summary = '<h2>' . t('Please check through all the LDAP module configuration pages.
745
    The update from 7.x-1.x to 7.x-2.x is not automatable!  The configuration pages
746
    must be read through and configured.') . '</h2>' .
747 32700c57 Assos Assos
    theme('item_list', [
748 85ad3d82 Assos Assos
      'items' => $change_log,
749
      'type' => 'ul',
750 32700c57 Assos Assos
      'title' => 'Changes in 7.x-1.x to 7.x-2.x update',
751
    ]
752 85ad3d82 Assos Assos
    );
753
754 32700c57 Assos Assos
  watchdog('ldap_servers', $summary, [], WATCHDOG_INFO);
755 85ad3d82 Assos Assos
  return $summary;
756
757
}
758
759
/**
760 32700c57 Assos Assos
 * Make ldap_servers.bind_method field small int instead of tiny int for ctools bug.
761 85ad3d82 Assos Assos
 */
762
function ldap_servers_update_7202() {
763
764 32700c57 Assos Assos
  db_change_field('ldap_servers', 'bind_method', 'bind_method', [
765 85ad3d82 Assos Assos
    'type' => 'int',
766
    'size' => 'small',
767
    'not null' => TRUE,
768
    'default' => 0,
769 32700c57 Assos Assos
  ]);
770 85ad3d82 Assos Assos
771
}
772
773
/**
774 32700c57 Assos Assos
 * Make all schema field names lowercase in ldap server to deal with cronic case sensitivity issues.
775 85ad3d82 Assos Assos
 */
776
function ldap_servers_update_7203() {
777
  $schema = ldap_servers_schema();
778 32700c57 Assos Assos
  $changes = [
779 85ad3d82 Assos Assos
    'testingDrupalUserDn' => 'testing_drupal_user_dn',
780
    'group_object_category' => 'grp_object_cat',
781
    'groupFunctionalityUnused' => 'grp_unused',
782
    'groupNested' => 'grp_nested',
783
    'groupUserMembershipsAttrExists' => 'grp_user_memb_attr_exists',
784
    'groupUserMembershipsAttr' => 'grp_user_memb_attr',
785
    'groupMembershipsAttr' => 'grp_memb_attr',
786
    'groupMembershipsAttrMatchingUserAttr' => 'grp_memb_attr_match_user_attr',
787
    'groupDeriveFromDn' => 'grp_derive_from_dn',
788
    'groupDeriveFromDnAttr' => 'grp_derive_from_dn_attr',
789
    'groupTestGroupDn' => 'grp_test_grp_dn',
790 32700c57 Assos Assos
    'groupTestGroupDnWriteable' => 'grp_test_grp_dn_writeable',
791
  ];
792 85ad3d82 Assos Assos
  foreach ($changes as $old_field_name => $new_field_name) {
793
    $field_schema = $schema['ldap_servers']['fields'][$new_field_name];
794 dd54aff9 Assos Assos
    if (ldap_servers_db_field_exists('ldap_servers', $old_field_name)) {
795
      if (ldap_servers_db_field_exists('ldap_servers', $new_field_name)) {
796 85ad3d82 Assos Assos
        db_drop_field('ldap_servers', $old_field_name);
797
      }
798
      else {
799
        db_change_field('ldap_servers', $old_field_name, $new_field_name, $field_schema);
800
      }
801
    }
802
  }
803
804
}
805
806
/**
807 32700c57 Assos Assos
 * Add picture_attr field in schema.
808 85ad3d82 Assos Assos
 */
809
function ldap_servers_update_7204() {
810 dd54aff9 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'picture_attr')) {
811 85ad3d82 Assos Assos
    db_add_field(
812
      'ldap_servers',
813
      'picture_attr',
814 32700c57 Assos Assos
      [
815 85ad3d82 Assos Assos
        'type' => 'varchar',
816
        'length' => 255,
817
        'not null' => FALSE,
818 32700c57 Assos Assos
      ]
819 85ad3d82 Assos Assos
    );
820
  }
821
}
822
823
/**
824 32700c57 Assos Assos
 * Fix any double serialized ldap server basedns.
825 85ad3d82 Assos Assos
 */
826
function ldap_servers_update_7205() {
827
828
  module_load_include('inc', 'ldap_servers', 'ldap_servers.functions');
829
  $ldap_servers = ldap_servers_get_servers();
830
  foreach ($ldap_servers as $sid => $ldap_server) {
831
    if ($ldap_server->basedn && is_scalar($ldap_server->basedn)) {
832 32700c57 Assos Assos
      // These are still serialized after being loaded from db/ctools so were double serialized.
833 85ad3d82 Assos Assos
      $ldap_server->basedn = unserialize($ldap_server->basedn);
834
      $ldap_server->save();
835
    }
836
  }
837
838
}
839
840
/**
841 32700c57 Assos Assos
 * Add LDAP Referrals fields in schema.
842 85ad3d82 Assos Assos
 */
843
function ldap_servers_update_7206() {
844 5136ce55 Assos Assos
  if (!ldap_servers_db_field_exists('ldap_servers', 'followrefs')) {
845
    db_add_field(
846
      'ldap_servers',
847
      'followrefs',
848 32700c57 Assos Assos
      [
849 5136ce55 Assos Assos
        'type' => 'int',
850
        'size' => 'tiny',
851
        'not null' => FALSE,
852
        'default' => 0,
853 32700c57 Assos Assos
      ]
854 5136ce55 Assos Assos
    );
855
  }
856 85ad3d82 Assos Assos
}
857
858 7547bb19 Assos Assos
/**
859
 * Fixes a typo in an LDAP variable name.
860
 */
861
function ldap_servers_update_7207() {
862 32700c57 Assos Assos
  if (!is_null($old_var = variable_get('ldap_servers_require_ssl_for_credentails'))) {
863
    variable_set('ldap_servers_require_ssl_for_credentials', $old_var);
864
    variable_del('ldap_servers_require_ssl_for_credentails');
865
  }
866 7547bb19 Assos Assos
}
867
868 b42754b9 Assos Assos
/**
869
 * Removes HTTPS checking.
870
 */
871
function ldap_servers_update_7208() {
872
  variable_del('ldap_servers_require_ssl_for_credentials');
873
  return t('HTTPS validation was removed, if you need mixed mode consider another module such as securelogin for this. Mixed mode is strongly discouraged.');
874
875
}
876
877 32700c57 Assos Assos
/**
878
 *
879
 */
880 85ad3d82 Assos Assos
function ldap_servers_install_update_schema($schema, &$change_log) {
881
  foreach ($schema as $table_name => $table_schema) {
882
    foreach ($table_schema['fields'] as $field_name => $field_schema) {
883 dd54aff9 Assos Assos
      if (!ldap_servers_db_field_exists($table_name, $field_name)) {
884 85ad3d82 Assos Assos
        db_add_field($table_name, $field_name, $field_schema);
885 32700c57 Assos Assos
        $change_log[] = t("!field_name field added to !table_name table", ['!field_name' => $field_name, '!table_name' => $table_name]);
886 85ad3d82 Assos Assos
      }
887
    }
888
  }
889 bc175c27 Assos Assos
}
890 32700c57 Assos Assos
891
/**
892
 * Change mcrypt to openssl.
893
 */
894
function ldap_servers_update_7209() {
895
  if (variable_get('ldap_servers_encryption') != LDAP_SERVERS_ENC_TYPE_CLEARTEXT) {
896
    variable_set('ldap_servers_encryption', LDAP_SERVERS_ENC_TYPE_OPENSSL);
897
    if (!extension_loaded('openssl')) {
898
      watchdog('ldap', 'Warning: OpenSSL missing, no alternative for encryption.');
899
    }
900
    return t('Encryption backend has changed, please re-enter your service account credentials.');
901
  }
902
}