/drupal7/sites/all/modules/ldap/ldap_servers/ldap_servers.module - Annoter - Club Drupal - Forge Centrale Marseille

root / drupal7 / sites / all / modules / ldap / ldap_servers / ldap_servers.module @ 91af538d

1	85ad3d82	Assos Assos	<?php
2
3	bc175c27	Assos Assos	/**
4			* @file
5			*/
6
7	85ad3d82	Assos Assos	define('LDAP_SERVER_LDAP_QUERY_CHUNK', 50);
8			define('LDAP_SERVERS_MAXFILTER_ORS', 30);
9			define('LDAP_SERVER_LDAP_QUERY_RECURSION_LIMIT', 10);
10
11			define('LDAP_SCOPE_BASE', 1);
12			define('LDAP_SCOPE_ONELEVEL', 2);
13			define('LDAP_SCOPE_SUBTREE', 3);
14
15			define('LDAP_TEST_QUERY_CONTEXT', 999);
16
17			define('LDAP_SERVERS_PROJECT_TAG', 'ldap');
18			define('LDAP_SERVERS_MENU_BASE_PATH', 'admin/config/people/ldap');
19			define('LDAP_SERVERS_INDEX_BASE_PATH', 'admin/config/people/ldap/servers');
20	32700c57	Assos Assos	// For argument offsets.
21			define('LDAP_SERVERS_MENU_BASE_PATH_PARTS', 4);
22	85ad3d82	Assos Assos	define('LDAP_SERVERS_DRUPAL_HELP_URL', 'http://drupal.org/node/997082');
23
24			define('LDAP_SERVERS_TOKEN_PRE', '[');
25			define('LDAP_SERVERS_TOKEN_POST', ']');
26			define('LDAP_SERVERS_TOKEN_DEL', ':');
27			define('LDAP_SERVERS_TOKEN_MODIFIER_DEL', ';');
28
29			define('LDAP_SERVERS_ENC_TYPE_CLEARTEXT', 10);
30	32700c57	Assos Assos	define('LDAP_SERVERS_ENC_TYPE_OPENSSL', 20);
31			define('LDAP_SERVERS_CYPHER_MODE', 'aes-256-cbc');
32	85ad3d82	Assos Assos
33			define('LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT', 1);
34			define('LDAP_SERVERS_BIND_METHOD_USER', 2);
35			define('LDAP_SERVERS_BIND_METHOD_ANON', 3);
36			define('LDAP_SERVERS_BIND_METHOD_ANON_USER', 4);
37			define('LDAP_SERVERS_BIND_METHOD_DEFAULT', 1);
38
39			define('LDAP_SERVERS_DERIVE_GROUP_FROM_DN', 1);
40			define('LDAP_SERVERS_DERIVE_GROUP_FROM_ATTRIBUTE', 2);
41			define('LDAP_SERVERS_DERIVE_GROUP_FROM_ENTRY', 4);
42
43	32700c57	Assos Assos	// ... value is being displayed in UI.
44			define('LDAP_SERVER_MASSAGE_DISPLAY', 1);
45			// ... value is about to be used to generate token (e.g. [...] to be replaced.
46			define('LDAP_SERVER_MASSAGE_TOKEN_REPLACE', 2);
47
48			// ...value is about to be used in ldap query.
49			define('LDAP_SERVER_MASSAGE_QUERY_LDAP', 5);
50			// ...value is about to be in an sql query.
51			define('LDAP_SERVER_MASSAGE_QUERY_DB', 6);
52			// ...value is about to be found in array values.
53			define('LDAP_SERVER_MASSAGE_QUERY_ARRAY', 7);
54			// ...value is about to be found in object property values.
55			define('LDAP_SERVER_MASSAGE_QUERY_PROPERTY', 8);
56
57			// ...value is about to be stored in ldap entry.
58			define('LDAP_SERVER_MASSAGE_STORE_LDAP', 13);
59			// ...value is about to be stored in db.
60			define('LDAP_SERVER_MASSAGE_STORE_DB', 14);
61			// ...value is about to be stored in array.
62			define('LDAP_SERVER_MASSAGE_STORE_ARRAY', 15);
63			// ...value is about to be stored in object property.
64			define('LDAP_SERVER_MASSAGE_STORE_PROPERTY', 16);
65	85ad3d82	Assos Assos
66			define('LDAP_SERVER_GROUPS_RECURSE_DEPTH', 20);
67
68			define('LDAP_FAIL', -1);
69
70			define('LDAP_SUCCESS', 0x00);
71			define('LDAP_OPERATIONS_ERROR', 0x01);
72			define('LDAP_PROTOCOL_ERROR', 0x02);
73			define('LDAP_TIMELIMIT_EXCEEDED', 0x03);
74			define('LDAP_SIZELIMIT_EXCEEDED', 0x04);
75			define('LDAP_COMPARE_FALSE', 0x05);
76			define('LDAP_COMPARE_TRUE', 0x06);
77			define('LDAP_AUTH_METHOD_NOT_SUPPORTED', 0x07);
78			define('LDAP_STRONG_AUTH_REQUIRED', 0x08);
79	32700c57	Assos Assos
80			// Not used in LDAPv3.
81	85ad3d82	Assos Assos	define('LDAP_PARTIAL_RESULTS', 0x09);
82
83	32700c57	Assos Assos	// Next 5 new in LDAPv3.
84	85ad3d82	Assos Assos	define('LDAP_REFERRAL', 0x0a);
85			define('LDAP_ADMINLIMIT_EXCEEDED', 0x0b);
86			define('LDAP_UNAVAILABLE_CRITICAL_EXTENSION', 0x0c);
87			define('LDAP_CONFIDENTIALITY_REQUIRED', 0x0d);
88			define('LDAP_SASL_BIND_INPROGRESS', 0x0e);
89
90			define('LDAP_NO_SUCH_ATTRIBUTE', 0x10);
91			define('LDAP_UNDEFINED_TYPE', 0x11);
92			define('LDAP_INAPPROPRIATE_MATCHING', 0x12);
93			define('LDAP_CONSTRAINT_VIOLATION', 0x13);
94			define('LDAP_TYPE_OR_VALUE_EXISTS', 0x14);
95			define('LDAP_INVALID_SYNTAX', 0x15);
96
97			define('LDAP_NO_SUCH_OBJECT', 0x20);
98			define('LDAP_ALIAS_PROBLEM', 0x21);
99			define('LDAP_INVALID_DN_SYNTAX', 0x22);
100
101			define('LDAP_IS_LEAF', 0x23);
102			define('LDAP_ALIAS_DEREF_PROBLEM', 0x24);
103	32700c57	Assos Assos	if (!defined('LDAP_DEREF_NEVER')) {
104	5136ce55	Assos Assos	define('LDAP_DEREF_NEVER', 0x25);
105	32700c57	Assos Assos	}
106	85ad3d82	Assos Assos
107			define('LDAP_INAPPROPRIATE_AUTH', 0x30);
108			define('LDAP_INVALID_CREDENTIALS', 0x31);
109			define('LDAP_INSUFFICIENT_ACCESS', 0x32);
110			define('LDAP_BUSY', 0x33);
111			define('LDAP_UNAVAILABLE', 0x34);
112			define('LDAP_UNWILLING_TO_PERFORM', 0x35);
113			define('LDAP_LOOP_DETECT', 0x36);
114
115			define('LDAP_SORT_CONTROL_MISSING', 0x3C);
116			define('LDAP_INDEX_RANGE_ERROR', 0x3D);
117
118			define('LDAP_NAMING_VIOLATION', 0x40);
119			define('LDAP_OBJECT_CLASS_VIOLATION', 0x41);
120			define('LDAP_NOT_ALLOWED_ON_NONLEAF', 0x42);
121			define('LDAP_NOT_ALLOWED_ON_RDN', 0x43);
122			define('LDAP_ALREADY_EXISTS', 0x44);
123			define('LDAP_NO_OBJECT_CLASS_MODS', 0x45);
124			define('LDAP_RESULTS_TOO_LARGE', 0x46);
125	32700c57	Assos Assos
126			// Next two for LDAPv3.
127	85ad3d82	Assos Assos	define('LDAP_AFFECTS_MULTIPLE_DSAS', 0x47);
128			define('LDAP_OTHER', 0x50);
129
130	32700c57	Assos Assos	// Used by someAPIs.
131	85ad3d82	Assos Assos	define('LDAP_SERVER_DOWN', 0x51);
132			define('LDAP_LOCAL_ERROR', 0x52);
133			define('LDAP_ENCODING_ERROR', 0x53);
134			define('LDAP_DECODING_ERROR', 0x54);
135			define('LDAP_TIMEOUT', 0x55);
136			define('LDAP_AUTH_UNKNOWN', 0x56);
137			define('LDAP_FILTER_ERROR', 0x57);
138			define('LDAP_USER_CANCELLED', 0x58);
139			define('LDAP_PARAM_ERROR', 0x59);
140			define('LDAP_NO_MEMORY', 0x5a);
141
142	32700c57	Assos Assos	// PreliminaryLDAPv3 codes.
143	85ad3d82	Assos Assos	define('LDAP_CONNECT_ERROR', 0x5b);
144			define('LDAP_NOT_SUPPORTED', 0x5c);
145			define('LDAP_CONTROL_NOT_FOUND', 0x5d);
146			define('LDAP_NO_RESULTS_RETURNED', 0x5e);
147			define('LDAP_MORE_RESULTS_TO_RETURN', 0x5f);
148			define('LDAP_CLIENT_LOOP', 0x60);
149			define('LDAP_REFERRAL_LIMIT_EXCEEDED', 0x61);
150
151	bc175c27	Assos Assos	module_load_include('inc', 'ldap_servers', 'ldap_servers.functions');
152			module_load_include('inc', 'ldap_servers', 'ldap_servers.tokens');
153	85ad3d82	Assos Assos
154			/**
155			* Implements hook_init().
156			*/
157			function ldap_servers_init() {
158	bc175c27	Assos Assos	if (strpos(current_path(), 'admin/config/people/ldap') === 0) {
159			drupal_add_css(drupal_get_path('module', 'ldap_servers') . '/ldap_servers.admin.css', 'module');
160			}
161	85ad3d82	Assos Assos	}
162
163			/**
164	32700c57	Assos Assos	* Advertise the current ldap api version.
165	85ad3d82	Assos Assos	*/
166			function ldap_api_version() {
167			return '2.0';
168			}
169
170	32700c57	Assos Assos	/**
171			*
172			*/
173	85ad3d82	Assos Assos	function ldap_servers_menu() {
174			$menu_offset = 4;
175
176	32700c57	Assos Assos	$items['admin/config/people/ldap'] = [
177	85ad3d82	Assos Assos	'title' => 'LDAP Configuration',
178			'description' => 'LDAP authentication, authorization, provisioning, etc.',
179			'page callback' => 'drupal_get_form',
180	32700c57	Assos Assos	'page arguments' => ['ldap_servers_settings'],
181			'access arguments' => ['administer site configuration'],
182	85ad3d82	Assos Assos	'file' => 'ldap_servers.settings.inc',
183	32700c57	Assos Assos	];
184	85ad3d82	Assos Assos
185	32700c57	Assos Assos	$items['admin/config/people/ldap/settings'] = [
186	85ad3d82	Assos Assos	'title' => '1. Settings',
187			'weight' => -2,
188			'type' => MENU_DEFAULT_LOCAL_TASK,
189	32700c57	Assos Assos	];
190	85ad3d82	Assos Assos
191	32700c57	Assos Assos	$items['admin/config/people/ldap/servers'] = [
192	85ad3d82	Assos Assos	'title' => '2. Servers',
193			'page callback' => 'ldap_servers_edit_index',
194			'weight' => -1,
195			'type' => MENU_LOCAL_TASK,
196	32700c57	Assos Assos	'access arguments' => ['administer site configuration'],
197	85ad3d82	Assos Assos	'file' => 'ldap_servers.admin.inc',
198	32700c57	Assos Assos	];
199	85ad3d82	Assos Assos
200	32700c57	Assos Assos	$items['admin/config/people/ldap/servers/list'] = [
201	85ad3d82	Assos Assos	'title' => 'List',
202			'type' => MENU_DEFAULT_LOCAL_TASK,
203	32700c57	Assos Assos	];
204	85ad3d82	Assos Assos
205	32700c57	Assos Assos	$items['admin/config/people/ldap/servers/add'] = [
206	85ad3d82	Assos Assos	'title' => 'Add LDAP Server Configuration',
207			'page callback' => 'drupal_get_form',
208	32700c57	Assos Assos	'page arguments' => ['ldap_servers_admin_form', 'add'],
209	85ad3d82	Assos Assos	'type' => MENU_LOCAL_TASK + MENU_CONTEXT_INLINE,
210			'weight' => 3,
211	32700c57	Assos Assos	'access arguments' => ['administer site configuration'],
212	85ad3d82	Assos Assos	'file' => 'ldap_servers.admin.inc',
213	32700c57	Assos Assos	];
214	85ad3d82	Assos Assos
215	32700c57	Assos Assos	$items['admin/config/people/ldap/servers/edit/%'] = [
216	85ad3d82	Assos Assos	'title' => 'Edit LDAP Server Configuration',
217			'page callback' => 'drupal_get_form',
218	32700c57	Assos Assos	'page arguments' => ['ldap_servers_admin_form', 'edit', $menu_offset + 2],
219			'access arguments' => ['administer site configuration'],
220	85ad3d82	Assos Assos	'file' => 'ldap_servers.admin.inc',
221	32700c57	Assos Assos	];
222	85ad3d82	Assos Assos
223	32700c57	Assos Assos	$items['admin/config/people/ldap/servers/test/%'] = [
224	85ad3d82	Assos Assos	'title' => 'Test LDAP Server Configuration',
225			'page callback' => 'drupal_get_form',
226	32700c57	Assos Assos	'page arguments' => ['ldap_servers_test_form', $menu_offset + 1, $menu_offset + 2],
227			'access arguments' => ['administer site configuration'],
228	85ad3d82	Assos Assos	'file' => 'ldap_servers.test_form.inc',
229	32700c57	Assos Assos	];
230	85ad3d82	Assos Assos
231	32700c57	Assos Assos	$items['admin/config/people/ldap/servers/delete/%'] = [
232	85ad3d82	Assos Assos	'title' => 'Delete LDAP Server',
233			'page callback' => 'drupal_get_form',
234	32700c57	Assos Assos	'page arguments' => ['ldap_servers_admin_delete', $menu_offset + 1, $menu_offset + 2],
235			'access arguments' => ['administer site configuration'],
236	85ad3d82	Assos Assos	'file' => 'ldap_servers.admin.inc',
237	32700c57	Assos Assos	];
238	85ad3d82	Assos Assos
239	32700c57	Assos Assos	$items['admin/config/people/ldap/servers/enable/%'] = [
240	85ad3d82	Assos Assos	'title' => 'Enable LDAP Server',
241			'page callback' => 'drupal_get_form',
242	32700c57	Assos Assos	'page arguments' => ['ldap_servers_admin_enable_disable', $menu_offset + 1, $menu_offset + 2],
243			'access arguments' => ['administer site configuration'],
244	85ad3d82	Assos Assos	'file' => 'ldap_servers.admin.inc',
245	32700c57	Assos Assos	];
246	85ad3d82	Assos Assos
247	32700c57	Assos Assos	$items['admin/config/people/ldap/servers/disable/%'] = [
248	85ad3d82	Assos Assos	'title' => 'Enable LDAP Server',
249			'page callback' => 'drupal_get_form',
250	32700c57	Assos Assos	'page arguments' => ['ldap_servers_admin_enable_disable', $menu_offset + 1, $menu_offset + 2],
251			'access arguments' => ['administer site configuration'],
252	85ad3d82	Assos Assos	'file' => 'ldap_servers.admin.inc',
253	32700c57	Assos Assos	];
254	85ad3d82	Assos Assos
255			return $items;
256			}
257
258			/**
259			* Implements hook_theme().
260			*/
261			function ldap_servers_theme() {
262	32700c57	Assos Assos	return [
263			'ldap_servers_list' => [
264			'variables' => ['ldap_servers' => NULL, 'actions' => TRUE, 'type' => 'table'],
265	85ad3d82	Assos Assos	'render element' => 'element',
266	32700c57	Assos Assos	'file' => 'ldap_servers.theme.inc',
267			],
268			'ldap_servers_server' => [
269			'variables' => ['ldap_server' => NULL, 'actions' => FALSE, 'type' => 'detail'],
270	85ad3d82	Assos Assos	'render element' => 'element',
271	32700c57	Assos Assos	'file' => 'ldap_servers.theme.inc',
272			],
273			'ldap_server_token_table' => [
274			'variables' => ['tokens' => []],
275	85ad3d82	Assos Assos	'render element' => 'element',
276	32700c57	Assos Assos	'file' => 'ldap_servers.theme.inc',
277			],
278			'ldap_server_ldap_entry_table' => [
279			'variables' => ['entry' => []],
280	85ad3d82	Assos Assos	'render element' => 'element',
281	32700c57	Assos Assos	'file' => 'ldap_servers.theme.inc',
282			],
283			];
284	85ad3d82	Assos Assos	}
285
286	32700c57	Assos Assos	/**
287			* Implements hook_cron().
288			*/
289			function ldap_servers_cron() {
290			// If any modules implement hook_ldap_servers_user_cron().
291			// user entity query to find most recent 100 entries that have not been processed
292			// query for these and pass to modules implementing hook_ldap_server_maintenance()
293			// update user field to have current date as date most recently checked.
294			}
295	85ad3d82	Assos Assos
296	32700c57	Assos Assos	/**
297			* Get mixed case match from case insensitive search.
298			*
299			* @param string mixed case $key
300			* @param array mixed case $array
301			*
302			* @return string matching key in mixed case or FALSE
303			*/
304			function ldap_server_find_key($key, $array) {
305			$keys = array_combine(array_change_key_case($array), $array);
306			if (isset($keys[drupal_strtolower($key)])) {
307			return $keys[drupal_strtolower($key)];
308	85ad3d82	Assos Assos	}
309	32700c57	Assos Assos	else {
310			return FALSE;
311	85ad3d82	Assos Assos	}
312	32700c57	Assos Assos	}
313	85ad3d82	Assos Assos
314	32700c57	Assos Assos	/**
315			* Implements hook_ldap_attributes_needed_alter().
316			*/
317			function ldap_servers_ldap_attributes_needed_alter(&$attributes, $params) {
318	85ad3d82	Assos Assos
319	32700c57	Assos Assos	// Force this data type.
320			$attributes['dn'] = ldap_servers_set_attribute_map(@$attributes['dn'], 'ldap_dn');
321	85ad3d82	Assos Assos
322	32700c57	Assos Assos	// Puid attributes are server specific.
323			if ($params['sid'] && $params['sid']) {
324			if (is_scalar($params['sid'])) {
325			$ldap_server = ldap_servers_get_servers($params['sid'], 'enabled', TRUE);
326			}
327			else {
328			$ldap_server = $params['sid'];
329			}
330			// mail, unique_persistent_attr, user_attr, mail_template, and user_dn_expression are needed for all functionality.
331			if (!isset($attributes[$ldap_server->mail_attr])) {
332			$attributes[$ldap_server->mail_attr] = ldap_servers_set_attribute_map();
333			}
334			if ($ldap_server->picture_attr && !isset($attributes[$ldap_server->picture_attr])) {
335			$attributes[$ldap_server->picture_attr] = ldap_servers_set_attribute_map();
336			}
337			if ($ldap_server->unique_persistent_attr && !isset($attributes[$ldap_server->unique_persistent_attr])) {
338			$attributes[$ldap_server->unique_persistent_attr] = ldap_servers_set_attribute_map();
339			}
340			if ($ldap_server->groupUserMembershipsAttr && !isset($attributes[$ldap_server->groupUserMembershipsAttr])) {
341			$attributes[$ldap_server->groupUserMembershipsAttr] = ldap_servers_set_attribute_map();
342			}
343			if ($ldap_server->user_dn_expression) {
344			ldap_servers_token_extract_attributes($attributes, $ldap_server->user_dn_expression, TRUE);
345			}
346			if ($ldap_server->mail_template) {
347			ldap_servers_token_extract_attributes($attributes, $ldap_server->mail_template);
348			}
349			if (!isset($attributes[$ldap_server->user_attr])) {
350			$attributes[$ldap_server->user_attr] = ldap_servers_set_attribute_map();
351	85ad3d82	Assos Assos	}
352			}
353	32700c57	Assos Assos	}
354	85ad3d82	Assos Assos
355			/**
356			* Implements hook_ldap_user_attrs_list_alter().
357			*/
358			function ldap_servers_ldap_user_attrs_list_alter(&$available_user_attrs, &$params) {
359
360			if (isset($params['ldap_server']) && $params['ldap_server']) {
361			$ldap_server = $params['ldap_server'];
362			}
363			else {
364	32700c57	Assos Assos	// Without a server id, ldap_servers module has nothing to offer.
365			return;
366	85ad3d82	Assos Assos	}
367	32700c57	Assos Assos	$ldap_user_conf = $params['ldap_user_conf'];
368	85ad3d82	Assos Assos	$direction = $params['direction'];
369
370	32700c57	Assos Assos	$tokens = [
371	85ad3d82	Assos Assos	'!edit_link' => l($ldap_server->editPath, $ldap_server->editPath),
372			'!sid' => $ldap_server->sid,
373	32700c57	Assos Assos	];
374	85ad3d82	Assos Assos
375			$server_edit_path = 'admin/config/people/ldap/servers/edit/' . $ldap_server->sid;
376
377			if ($direction == LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) {
378
379			/** these 4 user fields indentify where in ldap and which ldap server they are associated with.
380	32700c57	Assos Assos	* they are required for a Drupal account to be "ldap associated" regardless of if any other
381			* fields/properties are provisioned or synched
382	85ad3d82	Assos Assos	*/
383
384			if ($ldap_server->unique_persistent_attr) {
385	32700c57	Assos Assos	foreach ([
386	85ad3d82	Assos Assos	'field.ldap_user_puid_sid',
387			'field.ldap_user_puid',
388			'field.ldap_user_puid_property',
389	32700c57	Assos Assos	] as $i => $property_id) {
390	85ad3d82	Assos Assos	$property_token = '[' . $property_id . ']';
391			if (!isset($available_user_attrs[$property_token]) \|\| !is_array($available_user_attrs[$property_token])) {
392	32700c57	Assos Assos	$available_user_attrs[$property_token] = [];
393	85ad3d82	Assos Assos	}
394			}
395
396	32700c57	Assos Assos	$available_user_attrs['[field.ldap_user_puid_sid]'] = [
397	85ad3d82	Assos Assos	'name' => t('Field: sid providing PUID'),
398			'configurable_to_drupal' => 0,
399			'configurable_to_ldap' => 1,
400			'source' => t('!sid', $tokens),
401			'notes' => 'not configurable',
402			'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
403			'enabled' => TRUE,
404	32700c57	Assos Assos	'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER],
405	85ad3d82	Assos Assos	'config_module' => 'ldap_servers',
406			'prov_module' => 'ldap_user',
407	32700c57	Assos Assos	] + $available_user_attrs['[field.ldap_user_puid_sid]'];
408	85ad3d82	Assos Assos
409	32700c57	Assos Assos	$available_user_attrs['[field.ldap_user_puid]'] = [
410	85ad3d82	Assos Assos	'name' => t('Field: PUID', $tokens),
411			'configurable_to_drupal' => 0,
412			'configurable_to_ldap' => 1,
413			'source' => '[' . $ldap_server->unique_persistent_attr . ']',
414			'notes' => 'configure at ' . $server_edit_path,
415			'convert' => $ldap_server->unique_persistent_attr_binary,
416			'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
417			'enabled' => TRUE,
418	32700c57	Assos Assos	'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER],
419	85ad3d82	Assos Assos	'config_module' => 'ldap_servers',
420			'prov_module' => 'ldap_user',
421	32700c57	Assos Assos	] + $available_user_attrs['[field.ldap_user_puid]'];
422	85ad3d82	Assos Assos
423			$available_user_attrs['[field.ldap_user_puid_property]'] =
424	32700c57	Assos Assos	[
425	85ad3d82	Assos Assos	'name' => t('Field: PUID Attribute', $tokens),
426			'configurable_to_drupal' => 0,
427			'configurable_to_ldap' => 1,
428	bc175c27	Assos Assos	'source' => $ldap_server->unique_persistent_attr ,
429	85ad3d82	Assos Assos	'notes' => 'configure at ' . $server_edit_path,
430			'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
431			'enabled' => TRUE,
432	32700c57	Assos Assos	'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER],
433	85ad3d82	Assos Assos	'config_module' => 'ldap_servers',
434			'prov_module' => 'ldap_user',
435	32700c57	Assos Assos	] + $available_user_attrs['[field.ldap_user_puid_property]'];
436	85ad3d82	Assos Assos	}
437
438			$token = '[field.ldap_user_current_dn]';
439			if (!isset($available_user_attrs[$token]) \|\| !is_array($available_user_attrs[$token])) {
440	32700c57	Assos Assos	$available_user_attrs[$token] = [];
441	85ad3d82	Assos Assos	}
442			$available_user_attrs[$token] =
443	32700c57	Assos Assos	[
444	85ad3d82	Assos Assos	'name' => t('Field: Most Recent DN', $tokens),
445			'configurable_to_drupal' => 0,
446			'configurable_to_ldap' => 0,
447			'source' => '[dn]',
448			'notes' => 'not configurable',
449			'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
450			'enabled' => TRUE,
451	32700c57	Assos Assos	'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
452	85ad3d82	Assos Assos	'config_module' => 'ldap_servers',
453			'prov_module' => 'ldap_user',
454	32700c57	Assos Assos	] + $available_user_attrs[$token];
455	85ad3d82	Assos Assos
456			if ($ldap_user_conf->provisionsDrupalAccountsFromLdap) {
457			if (!isset($available_user_attrs['[property.name]']) \|\| !is_array($available_user_attrs['[property.name]'])) {
458	32700c57	Assos Assos	$available_user_attrs['[property.name]'] = [];
459	85ad3d82	Assos Assos	}
460	32700c57	Assos Assos	$available_user_attrs['[property.name]'] = [
461	85ad3d82	Assos Assos	'name' => 'Property: Username',
462			'source' => '[' . $ldap_server->user_attr . ']',
463			'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
464			'enabled' => TRUE,
465	32700c57	Assos Assos	'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
466	85ad3d82	Assos Assos	'config_module' => 'ldap_servers',
467			'prov_module' => 'ldap_user',
468	32700c57	Assos Assos	] + $available_user_attrs['[property.name]'];
469	85ad3d82	Assos Assos
470			if (!isset($available_user_attrs['[property.mail]']) \|\| !is_array($available_user_attrs['[property.mail]'])) {
471	32700c57	Assos Assos	$available_user_attrs['[property.mail]'] = [];
472	85ad3d82	Assos Assos	}
473	32700c57	Assos Assos	$available_user_attrs['[property.mail]'] = [
474	85ad3d82	Assos Assos	'name' => 'Property: Email',
475			'source' => ($ldap_server->mail_template) ? $ldap_server->mail_template : '[' . $ldap_server->mail_attr . ']',
476			'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
477			'enabled' => TRUE,
478	32700c57	Assos Assos	'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
479	85ad3d82	Assos Assos	'config_module' => 'ldap_servers',
480			'prov_module' => 'ldap_user',
481	32700c57	Assos Assos	] + $available_user_attrs['[property.mail]'];
482	85ad3d82	Assos Assos
483			if ($ldap_server->picture_attr) {
484			if (!isset($available_user_attrs['[property.picture]']) \|\| !is_array($available_user_attrs['[property.picture]'])) {
485	32700c57	Assos Assos	$available_user_attrs['[property.picture]'] = [];
486	85ad3d82	Assos Assos	}
487	32700c57	Assos Assos	$available_user_attrs['[property.picture]'] = [
488			'name' => 'Property: Picture',
489			'source' => '[' . $ldap_server->picture_attr . ']',
490			'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
491			'enabled' => TRUE,
492			'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
493			'config_module' => 'ldap_servers',
494			'prov_module' => 'ldap_user',
495			] + $available_user_attrs['[property.picture]'];
496	85ad3d82	Assos Assos	}
497			}
498			}
499			}
500
501			/**
502	32700c57	Assos Assos	* Flush server static cache.
503	85ad3d82	Assos Assos	*/
504			function ldap_servers_flush_server_cache() {
505	32700c57	Assos Assos	// Flush server cache.
506			$discard = ldap_servers_get_servers(NULL, 'all', FALSE, TRUE);
507	85ad3d82	Assos Assos	}
508
509			/**
510	32700c57	Assos Assos	* Function to replace module_load_include such that when
511	85ad3d82	Assos Assos	* something is not included, drupal will exit instead
512			* of attempting something half baked.
513			*/
514			function ldap_servers_module_load_include($type, $module, $name = NULL) {
515			$result = module_load_include($type, $module, $name);
516			if ($result === FALSE) {
517			print "Failed to load file $name.$type in module $module";
518			drupal_exit();
519			}
520			}
521
522			/**
523	32700c57	Assos Assos	* Return ldap server conf objects.
524	85ad3d82	Assos Assos	*
525	32700c57	Assos Assos	* @param string $sid
526			* @param string $type
527			* All', 'enabled'.
528			* @param bool $flatten
529			* signifies if array or single object returned. Only works if sid is specified.
530			* @param bool $reset
531			* do not use cached or static result.
532	85ad3d82	Assos Assos	*
533	32700c57	Assos Assos	* @return array
534			* Of server conf object keyed on sid
535			* - single server conf object (if flatten == TRUE)
536	85ad3d82	Assos Assos	*/
537			function ldap_servers_get_servers($sid = NULL, $type = NULL, $flatten = FALSE, $reset = FALSE) {
538			if (variable_get('ldap_simpletest', FALSE)) {
539			return _ldap_servers_get_simpletest_servers($sid, $type, $flatten, $reset);
540			}
541			else {
542			return _ldap_servers_get_servers($sid, $type, $flatten, $reset);
543			}
544			}
545
546			/**
547	32700c57	Assos Assos	* See ldap_servers_get_servers()
548	85ad3d82	Assos Assos	*/
549			function _ldap_servers_get_servers($sid, $type, $flatten, $reset) {
550			ldap_servers_module_load_include('php', 'ldap_servers', 'LdapServerAdmin.class');
551			static $servers;
552			$type = ($type) ? $type : 'all';
553			if ($reset) {
554	32700c57	Assos Assos	$servers = [];
555	85ad3d82	Assos Assos	}
556			if (!isset($servers['all'])) {
557			$servers['all'] = LdapServerAdmin::getLdapServerObjects('all', NULL, 'LdapServer', $reset);
558			}
559
560			if (!isset($servers['enabled'])) {
561	32700c57	Assos Assos	$servers['enabled'] = [];
562	85ad3d82	Assos Assos	foreach ($servers['all'] as $_sid => $ldap_server) {
563			if ($ldap_server->status == 1) {
564			$servers['enabled'][$_sid] = $ldap_server;
565			}
566			}
567			}
568
569			if ($sid) {
570			if (!isset($servers[$type][$sid])) {
571			return FALSE;
572			}
573	32700c57	Assos Assos	return ($flatten) ? $servers[$type][$sid] : [$sid => $servers[$type][$sid]];
574	85ad3d82	Assos Assos	}
575
576			if (isset($servers[$type])) {
577			return $servers[$type];
578			}
579			}
580
581			/**
582	32700c57	Assos Assos	* See ldap_servers_get_servers()
583	85ad3d82	Assos Assos	*/
584			function _ldap_servers_get_simpletest_servers($sid, $type = NULL, $flatten, $reset = TRUE) {
585
586			if (!$type) {
587			$type = 'all';
588			}
589
590	32700c57	Assos Assos	$servers = [];
591
592			// Two flavors of mock servers exist. ultimately v2 will be used in all simpletests.
593	85ad3d82	Assos Assos	if (variable_get('ldap_simpletest', 0) == 2) {
594			ldap_servers_module_load_include('php', 'ldap_test', 'LdapServerTest.class');
595			$servers['all'] = LdapServerTest::getLdapServerObjects(NULL, 'all', FALSE);
596			foreach ($servers['all'] as $_sid => $ldap_server) {
597			if ($ldap_server->status == 1) {
598			$servers['enabled'][$_sid] = $ldap_server;
599			}
600			}
601			}
602
603			if ($sid) {
604			if (!isset($servers[$type][$sid])) {
605			return FALSE;
606			}
607	32700c57	Assos Assos	return ($flatten) ? $servers[$type][$sid] : [$sid => $servers[$type][$sid]];
608	85ad3d82	Assos Assos	}
609
610			if (isset($servers[$type])) {
611			return $servers[$type];
612			}
613			}
614	32700c57	Assos Assos
615			/**
616			*
617			*/
618	85ad3d82	Assos Assos	function ldap_servers_debug($variable) {
619			if (variable_get('ldap_simpletest', FALSE) && function_exists('dpm')) {
620			dpm($variable);
621			}
622			else {
623			debug($variable);
624			}
625			}
626	32700c57	Assos Assos
627			/**
628			*
629			*/
630	85ad3d82	Assos Assos	function ldap_servers_cache_clear() {
631			$discard = ldap_servers_get_servers(NULL, 'all', FALSE, TRUE);
632			if (module_exists('ctools')) {
633			ctools_export_load_object_reset('ldap_servers');
634			}
635			}
636
637			/**
638	32700c57	Assos Assos	* Function to convert microsoft style guids to strings.
639	85ad3d82	Assos Assos	*/
640			function ldap_servers_msguid($value) {
641
642			$hex_string = bin2hex($value);
643			// (MS?) GUID are displayed with first three GUID parts as "big endian"
644			// Doing this so String value matches what other LDAP tool displays for AD.
645	32700c57	Assos Assos	$value = strtoupper(substr($hex_string, 6, 2) . substr($hex_string, 4, 2) .
646			substr($hex_string, 2, 2) . substr($hex_string, 0, 2) . '-' .
647			substr($hex_string, 10, 2) . substr($hex_string, 8, 2) . '-' .
648			substr($hex_string, 14, 2) . substr($hex_string, 12, 2) . '-' .
649			substr($hex_string, 16, 4) . '-' . substr($hex_string, 20, 12));
650	85ad3d82	Assos Assos
651			return $value;
652			}
653
654	32700c57	Assos Assos	/**
655			* Create a "binary safe" string for use in LDAP filters.
656			*
657	85ad3d82	Assos Assos	* @param $value
658	32700c57	Assos Assos	*
659	85ad3d82	Assos Assos	* @return string
660			*/
661			function ldap_servers_binary_filter($value) {
662			$match = '';
663			if (preg_match('/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/i', $value)) {
664			// Reconstruct proper "memory" order from (MS?) GUID string.
665			$hex_string = str_replace('-', '', $value);
666			$value = substr($hex_string, 6, 2) . substr($hex_string, 4, 2) .
667			substr($hex_string, 2, 2) . substr($hex_string, 0, 2) .
668			substr($hex_string, 10, 2) . substr($hex_string, 8, 2) .
669			substr($hex_string, 14, 2) . substr($hex_string, 12, 2) .
670			substr($hex_string, 16, 4) . substr($hex_string, 20, 12);
671			}
672
673	32700c57	Assos Assos	for ($i = 0; $i < strlen($value); $i = $i + 2) {
674	85ad3d82	Assos Assos	$match .= '\\' . substr($value, $i, 2);
675			}
676
677			return $match;
678			}
679
680			/**
681	32700c57	Assos Assos	* General binary conversion function for guids
682	85ad3d82	Assos Assos	* tries to determine which approach based on length
683	32700c57	Assos Assos	* of string.
684	85ad3d82	Assos Assos	*/
685			function ldap_servers_binary($value) {
686			if (strlen($value) == 16) {
687			$value = ldap_servers_msguid($value);
688			}
689			else {
690			$value = bin2hex($value);
691			}
692			return $value;
693			}
694
695			/**
696	32700c57	Assos Assos	* @todo needs caching element. several modules could potentially call this in
697			* the same page request.
698	85ad3d82	Assos Assos	*
699	32700c57	Assos Assos	* @param object $drupal_user
700			* is drupal $user object.
701			* @param string $sid
702			* is a server id.
703			* @param mixed $ldap_context
704			*
705			* @return bool
706	85ad3d82	Assos Assos	*/
707			function ldap_servers_get_user_ldap_data($drupal_user, $sid = NULL, $ldap_context = NULL) {
708			if (is_object($drupal_user) && property_exists($drupal_user, 'uid') &&
709			function_exists('ldap_user_get_authname') && ($authname = ldap_user_get_authname($drupal_user))) {
710			$drupal_username = $authname;
711			}
712			else {
713			$drupal_username = (is_object($drupal_user)) ? $drupal_user->name : $drupal_user;
714			}
715	32700c57	Assos Assos	// Sometimes we have username instead of a drupal user object
716			// For example, when using LDAP user test form (admin/config/people/ldap/user/test)
717			// But we can still load the user by using $drupal_username if $drupal_user is not an object.
718			if (!(is_object($drupal_user))) {
719	dd54aff9	Assos Assos	$user_object = user_load_by_name($drupal_username);
720			if (is_object($user_object) && property_exists($user_object, 'uid')) {
721			$drupal_user = $user_object;
722			}
723			}
724	32700c57	Assos Assos	// If no explicit $sid, find most appropriate one.
725	85ad3d82	Assos Assos	if (module_exists('ldap_user') && (!$sid \|\| $sid == LDAP_USER_AUTH_SERVER_SID)) {
726			if (property_exists($drupal_user, 'ldap_user_puid_sid') &&
727	7547bb19	Assos Assos	!empty($drupal_user->ldap_user_puid_sid[LANGUAGE_NONE][0]['value'])
728	85ad3d82	Assos Assos	) {
729	7547bb19	Assos Assos	$sid = $drupal_user->ldap_user_puid_sid[LANGUAGE_NONE][0]['value'];
730	85ad3d82	Assos Assos	}
731			else {
732			$ldap_user_conf = ldap_user_conf();
733			ldap_user_reset_provision_server($ldap_user_conf, $drupal_user);
734			$sid = $ldap_user_conf->drupalAcctProvisionServer;
735			}
736			}
737			elseif (!$sid) {
738			$ldap_servers = ldap_servers_get_servers(NULL, 'enabled');
739			if (count($ldap_servers) == 1) {
740			$sids = array_keys($ldap_servers);
741			$sid = $sids[0];
742			}
743			}
744
745			$ldap_server = ($sid) ? ldap_servers_get_servers($sid, 'enabled', TRUE) : FALSE;
746
747			if ($ldap_server === FALSE) {
748	32700c57	Assos Assos	watchdog('ldap_servers', 'Failed to load server object %sid in _ldap_servers_get_user_ldap_data', ['%sid' => $sid], WATCHDOG_ERROR);
749	85ad3d82	Assos Assos	return FALSE;
750			}
751
752			$ldap_user = $ldap_server->userUserNameToExistingLdapEntry($drupal_username, $ldap_context);
753
754			if ($ldap_user) {
755			$ldap_user['sid'] = $sid;
756			}
757			else {
758			$ldap_user = FALSE;
759			}
760
761			return $ldap_user;
762			}
763
764			/**
765	32700c57	Assos Assos	* @param array\|null $attribute
766			* @param string $conversion
767			* as type of conversion to do @see ldap_servers_convert_attribute(). e.g. base64_encode, bin2hex, msguid, md5.
768			* @param array $values
769			* in form array(<ordinal> => <value> \| NULL) where NULL indicates value is needed for provisioning or other operations.
770	85ad3d82	Assos Assos	*
771			* @return array $attribute_map with converted values. If nothing passed in create empty array in proper structure.
772			* array('values' => array(
773			* 0 => 'john',
774			* 1 => 'johnny'
775			* )
776			* );
777	32700c57	Assos Assos	* ))
778	85ad3d82	Assos Assos	*/
779			function ldap_servers_set_attribute_map($attribute = NULL, $conversion = NULL, $values = NULL) {
780
781	32700c57	Assos Assos	$attribute = (is_array($attribute)) ? $attribute : [];
782	85ad3d82	Assos Assos	$attribute['conversion'] = $conversion;
783			if (!$values && (!isset($attribute['values']) \|\| !is_array($attribute['values']))) {
784	32700c57	Assos Assos	$attribute['values'] = [0 => NULL];
785	85ad3d82	Assos Assos	}
786	32700c57	Assos Assos	// Merge into array overwriting ordinals.
787			elseif (is_array($values)) {
788	85ad3d82	Assos Assos	foreach ($values as $ordinal => $value) {
789			if ($conversion) {
790			$value = ldap_servers_convert_attribute($value, $conversion);
791			}
792	32700c57	Assos Assos	$attribute['values'][(int) $ordinal] = $value;
793	85ad3d82	Assos Assos	}
794			}
795			return $attribute;
796			}
797
798			/**
799	32700c57	Assos Assos	* @param string $value
800			* as value to be converted.
801			* @param string $conversion
802			* such as base64_encode, bin2hex, msguid, md5.
803	85ad3d82	Assos Assos	* @return converted $value
804			*/
805			function ldap_servers_convert_attribute($value, $conversion = NULL) {
806
807	32700c57	Assos Assos	if ($conversion) {
808	85ad3d82	Assos Assos
809	32700c57	Assos Assos	switch ($conversion) {
810			case 'base64_encode':
811			$value = base64_encode($value);
812			break;
813	85ad3d82	Assos Assos
814	32700c57	Assos Assos	case 'bin2hex':
815			$value = bin2hex($value);
816			break;
817	85ad3d82	Assos Assos
818	32700c57	Assos Assos	case 'msguid':
819			$value = ldap_servers_msguid($value);
820			break;
821	85ad3d82	Assos Assos
822	32700c57	Assos Assos	case 'binary':
823			$value = ldap_servers_binary($value);
824			break;
825	85ad3d82	Assos Assos
826	32700c57	Assos Assos	case 'md5':
827			$value = '{md5}' . base64_encode(pack('H*', md5($value)));
828			break;
829			}
830	85ad3d82	Assos Assos
831	32700c57	Assos Assos	}
832	85ad3d82	Assos Assos
833			return $value;
834			}
835
836	32700c57	Assos Assos	/**
837			*
838			*/
839	85ad3d82	Assos Assos	function ldap_servers_ldap_extension_summary($op = 'data') {
840			ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.status');
841			return _ldap_servers_ldap_extension_summary($op);
842			}
843
844	32700c57	Assos Assos	/**
845			*
846			*/
847	85ad3d82	Assos Assos	function ldap_servers_ldap_extension_loaded() {
848			return extension_loaded('ldap');
849			}
850
851	32700c57	Assos Assos	/**
852			*
853			*/
854	85ad3d82	Assos Assos	function ldap_servers_encrypt($text, $encryption = NULL) {
855			ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.encryption');
856			return _ldap_servers_encrypt($text, $encryption);
857			}
858
859	32700c57	Assos Assos	/**
860			*
861			*/
862			function ldap_servers_encrypt_types() {
863	85ad3d82	Assos Assos	ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.encryption');
864	32700c57	Assos Assos	return _ldap_servers_encrypt_types();
865	85ad3d82	Assos Assos	}
866
867	32700c57	Assos Assos	/**
868			*
869			*/
870	85ad3d82	Assos Assos	function ldap_servers_decrypt($encrypted, $encryption = NULL) {
871			ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.encryption');
872			return _ldap_servers_decrypt($encrypted, $encryption);
873			}
874
875	32700c57	Assos Assos	/**
876			*
877			*/
878	85ad3d82	Assos Assos	function ldap_servers_php_supports_pagination() {
879	32700c57	Assos Assos	return (boolean) (function_exists('ldap_control_paged_result_response') && function_exists('ldap_control_paged_result'));
880	85ad3d82	Assos Assos	}
881
882	32700c57	Assos Assos	/**
883			*
884			*/
885	85ad3d82	Assos Assos	function ldap_servers_help($path, $arg) {
886
887			$servers_help = '<p>' . t('LDAP Servers store "LDAP server configurations" so other modules can connect to them and leverage their data.') . ' ';
888			$servers_help .= t('LDAP Authentication and LDAP Authorization are two such modules. Generally, only one LDAP Server configuration is needed.') . ' ' . '</p>';
889			$servers_help .= '<p>' . t('When multiple LDAP server configurations are needed, each is not necessarily a separate physical LDAP server; they may have different binding users or some other configuration difference.') . ' </p>';
890
891			switch ($path) {
892			case 'admin/config/people/ldap/servers':
893			return $servers_help;
894
895	32700c57	Assos Assos	case 'admin/help#ldap_servers':
896	85ad3d82	Assos Assos	$servers_help .= '<h3>' . t('Configuration - Settings') . '</h3>';
897			$servers_help .= '<dl>';
898			$servers_help .= '<dt>' . t('ENCRYPTION') . '</dt>';
899			$servers_help .= '<dd>' . t('With encryption enabled, passwords will be stored in encrypted form. This is two way encryption because the actual password needs to used to bind to LDAP. So it offers minimal defense if someone gets in the filespace. It mainly helps avoid the accidental discovery of a clear text password.') . '</dd>';
900			$servers_help .= '<dt>' . t('LOG DETAILED LDAP ACTIONS') . '</dt>';
901			$servers_help .= '<dd>' . t('Enables LDAP logging to the Drupal Watchdog system') . '</dd>';
902			$servers_help .= '</dl>';
903			$servers_help .= '<h3>' . t('Configuration - Servers (List)') . '</h3>';
904			$servers_help .= '<dl>';
905			$servers_help .= '<dt>' . t('Configuration Table') . '</dt>';
906			$servers_help .= '<dd>' . t('Provides a list of currently stored LDAP server configuratins.') . '</dd>';
907			$servers_help .= '<h3>' . t('Configuration - Servers (Add LDAP Server Configuration)') . '</h3>';
908			$servers_help .= '<dl>';
909			$servers_help .= '<dt>' . t('CONNECTION SETTINGS') . '</dt>';
910			$servers_help .= '<dd>' . t('Machine name -') . ' </dd>';
911			$servers_help .= '<dd>' . t('Name -') . ' </dd>';
912			$servers_help .= '<dd>' . t('Enabled -') . ' </dd>';
913			$servers_help .= '<dd>' . t('LDAP Server Type') . ' </dd>';
914			$servers_help .= '<dd>' . t('LDAP Server -') . ' </dd>';
915			$servers_help .= '<dd>' . t('LDAP port -') . ' </dd>';
916			$servers_help .= '<dd>' . t('Use Start-TLS -') . ' </dd>';
917			$servers_help .= '<dd>' . t('Follow LDAP Referrals -') . ' </dd>';
918			$servers_help .= '</dl>';
919			$servers_help .= '<dl>';
920			$servers_help .= '<dt>' . t('BINDING METHOD') . '</dt>';
921			$servers_help .= '<dd>' . t('Binding Method for searches -') . ' </dd>';
922			$servers_help .= '<dd>' . t('Service Account -') . ' </dd>';
923			$servers_help .= '<dd>' . t('DN for non-anonymous search -') . ' </dd>';
924			$servers_help .= '<dd>' . t('Password for non-anonymous search -') . ' </dd>';
925			$servers_help .= '<dd>' . t('Clear existing password from database -') . ' </dd>';
926			$servers_help .= '</dl>';
927			$servers_help .= '<dl>';
928			$servers_help .= '<dt>' . t('LDAP USER TO DRUPAL USER RELATIONSHIP') . '</dt>';
929			$servers_help .= '<dd>' . t('Base DNs for LDAP Users, Groups, and Other Entries -') . ' </dd>';
930			$servers_help .= '<dd>' . t('AuthName Attribute -') . ' </dd>';
931			$servers_help .= '<dd>' . t('AccountName Attribute -') . ' </dd>';
932			$servers_help .= '<dd>' . t('Email Attribute -') . ' </dd>';
933			$servers_help .= '<dd>' . t('Email Template -') . ' </dd>';
934			$servers_help .= '<dd>' . t('Persistant and Unique User ID Attribute -') . ' </dd>';
935			$servers_help .= '<dd>' . t('Does PUID hold a binary value? -') . ' </dd>';
936			$servers_help .= '<dd>' . t('Expression for User DN -') . ' </dd>';
937			$servers_help .= '<dd>' . t('PHP to Transform Drupal Login Username to LDAP UserName Attribute -') . ' </dd>';
938			$servers_help .= '<dd>' . t('Testing Drupal Username -') . ' </dd>';
939			$servers_help .= '<dd>' . t('DN of Testing Username -') . ' </dd>';
940			$servers_help .= '</dl>';
941			return $servers_help;
942
943			case 'admin/config/people/ldap/servers/add':
944			$output = '<p>' . t('Setup an LDAP server configuration to be used by other modules such as LDAP Authentication, LDAP Authorization, etc.') . '</p>';
945			$output .= '<p>' . t('More than one LDAP server configuration can exist for a physical LDAP server. Multiple configurations for the same physical ldap server are useful in cases such as: (1) different base dn\'s for authentication and authorization and (2) service accounts with different privileges for different purposes.') . '</p>';
946			return $output;
947			}
948			}
949
950			/**
951			* @return list of ldap configuration classes and names
952			*/
953			function ldap_servers_ldap_servers_types() {
954
955			$path = drupal_get_path('module', 'ldap_servers') . '/ldap_types';
956
957	32700c57	Assos Assos	$types['default'] = [
958	85ad3d82	Assos Assos	'class' => t('LdapTypeDefault'),
959			'directory_path' => $path,
960			'name' => 'Default LDAP',
961	32700c57	Assos Assos	];
962	85ad3d82	Assos Assos
963	32700c57	Assos Assos	$types['ad'] = [
964	85ad3d82	Assos Assos	'class' => t('LdapTypeActiveDirectory'),
965			'directory_path' => $path,
966			'name' => 'Active Directory',
967	32700c57	Assos Assos	];
968	85ad3d82	Assos Assos
969	32700c57	Assos Assos	$types['novell_edir'] = [
970	85ad3d82	Assos Assos	'class' => t('LdapTypeNovell'),
971			'directory_path' => $path,
972			'name' => 'Novell',
973	32700c57	Assos Assos	];
974	85ad3d82	Assos Assos
975	32700c57	Assos Assos	$types['openldap'] = [
976	85ad3d82	Assos Assos	'class' => t('LdapTypeOpenLdap'),
977			'directory_path' => $path,
978			'name' => 'Open LDAP',
979	32700c57	Assos Assos	];
980	85ad3d82	Assos Assos
981	32700c57	Assos Assos	$types['opendir'] = [
982	85ad3d82	Assos Assos	'class' => t('LdapTypeOpenDirectory'),
983			'directory_path' => $path,
984			'name' => 'Apple Open Directory',
985	32700c57	Assos Assos	];
986	85ad3d82	Assos Assos
987			drupal_alter('ldap_servers_ldap_types', $types);
988			return $types;
989
990			}
991
992			/**
993	32700c57	Assos Assos	* @param string $ldap_conf
994			* or array ldap type id or conf array.
995			*
996			* @return mixed
997			* options for ldap type pulldown
998	85ad3d82	Assos Assos	*/
999			function ldap_servers_get_ldap_type_object($ldap_conf) {
1000
1001			if (!is_array($ldap_conf)) {
1002			$ldap_confs = ldap_servers_ldap_servers_types();
1003			$ldap_conf = $ldap_confs[$ldap_conf];
1004			}
1005
1006	32700c57	Assos Assos	require_once $ldap_conf['directory_path'] . '/' . $ldap_conf['class'] . 'class.php';
1007	85ad3d82	Assos Assos	$ldap_type_class = new $ldap_conf['class']();
1008			return $ldap_type_class;
1009
1010			}
1011
1012			/**
1013	32700c57	Assos Assos	* Given a dn (such as cn=jdoe,ou=people)
1014	85ad3d82	Assos Assos	* and an rdn (such as cn)
1015			* determine that rdn value (such as jdoe)
1016			*
1017			* @param string $dn
1018			* @param string $rdn
1019	32700c57	Assos Assos	*
1020	85ad3d82	Assos Assos	* @return string value of rdn
1021			*/
1022			function ldap_servers_get_first_rdn_value_from_dn($dn, $rdn) {
1023	32700c57	Assos Assos	// Escapes attribute values, need to be unescaped later.
1024			$pairs = ldap_explode_dn($dn, 0);
1025	85ad3d82	Assos Assos	$count = array_shift($pairs);
1026			$rdn = drupal_strtolower($rdn);
1027			$rdn_value = FALSE;
1028			foreach ($pairs as $p) {
1029			$pair = explode('=', $p);
1030			if (drupal_strtolower(trim($pair[0])) == $rdn) {
1031			$rdn_value = ldap_pear_unescape_dn_value(trim($pair[1]));
1032			break;
1033			}
1034			}
1035			return $rdn_value;
1036			}
1037
1038			/**
1039	32700c57	Assos Assos	* Given a dn (such as cn=jdoe,ou=people)
1040	85ad3d82	Assos Assos	* and an rdn (such as cn)
1041			* determine that rdn value (such as jdoe)
1042			*
1043			* @param string $dn
1044			* @param string $rdn
1045	32700c57	Assos Assos	*
1046	85ad3d82	Assos Assos	* @return array of all values of rdn
1047			*/
1048			function ldap_servers_get_all_rdn_values_from_dn($dn, $rdn) {
1049	32700c57	Assos Assos	// Escapes attribute values, need to be unescaped later.
1050			$pairs = ldap_explode_dn($dn, 0);
1051	85ad3d82	Assos Assos	$count = array_shift($pairs);
1052			$rdn = drupal_strtolower($rdn);
1053	32700c57	Assos Assos	$rdn_values = [];
1054	85ad3d82	Assos Assos	foreach ($pairs as $p) {
1055			$pair = explode('=', $p);
1056			if (drupal_strtolower(trim($pair[0])) == $rdn) {
1057			$rdn_values[] = ldap_pear_unescape_dn_value(trim($pair[1]));
1058			}
1059			}
1060			return $rdn_values;
1061			}
1062
1063			/**
1064	32700c57	Assos Assos	* @return array
1065			* options for ldap type pulldown
1066	85ad3d82	Assos Assos	*/
1067			function ldap_servers_ldaps_option_array() {
1068
1069	32700c57	Assos Assos	$options = [];
1070	85ad3d82	Assos Assos	foreach (ldap_servers_ldap_servers_types() as $ldap_id => $conf) {
1071			$options[$ldap_id] = $conf['name'];
1072			}
1073			return $options;
1074
1075			}
1076
1077			/**
1078	32700c57	Assos Assos	* @param string $ldap_type
1079			* indicating ldap type 'default','ad','novell_edir', 'openldap'.
1080			* @param bool $reset
1081			* clear static array.
1082			* @param bool $flatten
1083			* indicating if only one ldap type returned, skip top level array key.
1084	85ad3d82	Assos Assos	*
1085	32700c57	Assos Assos	* @return mixed
1086			* one or more ldap type objects
1087	85ad3d82	Assos Assos	*/
1088			function ldap_servers_get_types($ldap_type = NULL, $reset = FALSE, $flatten = FALSE) {
1089			static $ldap_types;
1090			if ($reset \|\| !is_array($ldap_types)) {
1091			$ldap_types = module_invoke_all('ldap_servers_type');
1092			if ($ldap_type) {
1093	32700c57	Assos Assos	require_once $ldap_types[$ldap_type]['directory_path'] . '/' . $ldap_types[$ldap_type]['class'] . '.class.php';
1094			$ldap_types[$ldap_type] = new $ldap_types[$ldap_type]['class']() . '.class.php';
1095	85ad3d82	Assos Assos	}
1096			else {
1097			foreach ($ldap_types as $ldap_type_id => $ldap_class_info) {
1098	32700c57	Assos Assos	require_once $ldap_class_info['directory_path'] . '/' . $ldap_class_info['class'] . '.class.php';
1099			$ldap_types[$ldap_type_id] = new $ldap_class_info['class']();
1100	85ad3d82	Assos Assos	}
1101			}
1102			}
1103			if ($flatten && $ldap_type) {
1104			return $ldap_types[$ldap_type];
1105			}
1106			else {
1107			return $ldap_types;
1108			}
1109			}
1110
1111	32700c57	Assos Assos	/**
1112			*
1113			*/
1114	85ad3d82	Assos Assos	function ldap_servers_no_enabled_servers_msg($action) {
1115
1116			$servers = ldap_servers_get_servers(NULL, 'enabled');
1117			if (count($servers) == 0) {
1118
1119			$message = t('At least one ldap server must configured and <em>enabled</em> before') .
1120			$action . '. ' . t('Please go to') . ' ' . l('admin/config/people/ldap/servers', 'admin/config/people/ldap/servers') . ' to configure an LDAP server';
1121
1122			drupal_set_message($message, 'warning');
1123			return $message;
1124			}
1125			}

Projet

Général

Profil

Club Drupal

root / drupal7 / sites / all / modules / ldap / ldap_servers / ldap_servers.module @ 91af538d