1
|
<?php
|
2
|
|
3
|
/**
|
4
|
* @file
|
5
|
* Install, update and uninstall functions for the LDAP authorization module.
|
6
|
*/
|
7
|
|
8
|
/**
|
9
|
* Implements hook_requirements().
|
10
|
*/
|
11
|
function ldap_authorization_requirements($phase) {
|
12
|
$requirements = array();
|
13
|
|
14
|
if ($phase != "install" && db_field_exists('ldapauth', 'ldapgroups_in_dn' )) {
|
15
|
$requirements['ldap_authorization_ldap_integration']['title'] = t('LDAP Integration LDAP Groups Upgrade Concern');
|
16
|
$requirements['ldap_authorization_ldap_integration']['severity'] = REQUIREMENT_WARNING;
|
17
|
$requirements['ldap_authorization_ldap_integration']['value'] = NULL;
|
18
|
$requirements['ldap_authorization_ldap_integration']['description'] = t('Upgrade from Drupal 6 LDAP Groups to Drupal 7
|
19
|
LDAP Authorization is not automatic. LDAP Authorization will need to be configured by hand.
|
20
|
The authorization options are different and automated updgrade is not possible.
|
21
|
See also. See http://drupal.org/node/1023016, http://drupal.org/node/1183192.
|
22
|
This message will go away when the ldapauth database table is removed.');
|
23
|
}
|
24
|
// check that ldapauth not installed.
|
25
|
return $requirements;
|
26
|
}
|
27
|
|
28
|
/**
|
29
|
* Implements hook_install().
|
30
|
*/
|
31
|
function ldap_authorization_install() {
|
32
|
|
33
|
cache_clear_all('field_info_types:', 'cache_field', TRUE);
|
34
|
foreach (ldap_authorization_user_entity_fields() as $field_id => $field_conf) {
|
35
|
$field_info = field_info_field($field_id);
|
36
|
if (!$field_info) {
|
37
|
field_create_field($field_conf['field']);
|
38
|
field_create_instance($field_conf['instance']);
|
39
|
}
|
40
|
}
|
41
|
|
42
|
}
|
43
|
|
44
|
|
45
|
|
46
|
/**
|
47
|
* Implements hook_uninstall().
|
48
|
*/
|
49
|
function ldap_authorization_uninstall() {
|
50
|
foreach (ldap_authorization_user_entity_fields() as $field_id => $field_conf) {
|
51
|
|
52
|
$instance = field_info_instance($field_conf['instance']['entity_type'], $field_conf['instance']['field_name'], $field_conf['instance']['bundle']);
|
53
|
if ($instance) {
|
54
|
field_delete_instance($instance);
|
55
|
}
|
56
|
|
57
|
$field_info = field_info_field($field_conf['field']['field_name']);
|
58
|
if ($field_info) {
|
59
|
field_delete_field($field_conf['field']['field_name']);
|
60
|
}
|
61
|
}
|
62
|
module_load_include('inc', 'ldap_servers', 'ldap_servers.user_data_remove');
|
63
|
batch_set(ldap_severs_user_data_setup_batch());
|
64
|
$batch =& batch_get();
|
65
|
|
66
|
}
|
67
|
|
68
|
|
69
|
function ldap_authorization_user_entity_fields() {
|
70
|
|
71
|
$fields = array();
|
72
|
|
73
|
return $fields;
|
74
|
}
|
75
|
|
76
|
|
77
|
/**
|
78
|
* Implements hook_schema().
|
79
|
*/
|
80
|
function ldap_authorization_schema() {
|
81
|
|
82
|
$schema['ldap_authorization'] = array(
|
83
|
'export' => array(
|
84
|
'key' => 'consumer_type',
|
85
|
'key name' => 'Mapping ID',
|
86
|
'identifier' => 'consumer_type',
|
87
|
'primary key' => 'numeric_consumer_conf_id',
|
88
|
'api' => array(
|
89
|
'owner' => 'ldap_authorization',
|
90
|
'api' => 'ldap_authorization',
|
91
|
'minimum_version' => 1,
|
92
|
'current_version' => 1,
|
93
|
),
|
94
|
),
|
95
|
|
96
|
'description' => "Data used to map users ldap entry to authorization rights.",
|
97
|
'primary key' => array('numeric_consumer_conf_id'),
|
98
|
'foreign keys' => array(
|
99
|
'sid' => array(
|
100
|
'table' => 'ldap_servers',
|
101
|
'columns' => array('sid' => 'sid'),
|
102
|
),
|
103
|
),
|
104
|
);
|
105
|
|
106
|
module_load_include('inc', 'ldap_servers', 'ldap_servers.functions');
|
107
|
module_load_include('php', 'ldap_authorization', 'LdapAuthorizationConsumerConfAdmin.class');
|
108
|
|
109
|
$fields = LdapAuthorizationConsumerConfAdmin::fields();
|
110
|
foreach ($fields as $name => $props) {
|
111
|
if (isset($props['schema'])) {
|
112
|
$schema['ldap_authorization']['fields'][$name] = $props['schema'];
|
113
|
}
|
114
|
}
|
115
|
|
116
|
return $schema;
|
117
|
}
|
118
|
|
119
|
/**
|
120
|
* add 'create_consumers field to ldap_authorization table
|
121
|
*/
|
122
|
function ldap_authorization_update_7100() {
|
123
|
|
124
|
if (!db_field_exists('ldap_authorization', 'create_consumers')) {
|
125
|
db_add_field('ldap_authorization', 'create_consumers', array(
|
126
|
'type' => 'int',
|
127
|
'size' => 'tiny',
|
128
|
'not null' => TRUE,
|
129
|
'default' => 0,
|
130
|
));
|
131
|
return t('"create_consumers" field added to ldap_authorization table');
|
132
|
}
|
133
|
else {
|
134
|
return t('No database changes made.');
|
135
|
}
|
136
|
|
137
|
}
|
138
|
|
139
|
/**
|
140
|
* add derive_from_attr_use_first_attr field to ldap_authorization table
|
141
|
*/
|
142
|
function ldap_authorization_update_7101() {
|
143
|
|
144
|
if (!db_field_exists('ldap_authorization', 'derive_from_attr_use_first_attr')) {
|
145
|
db_add_field('ldap_authorization', 'derive_from_attr_use_first_attr', array(
|
146
|
'type' => 'int',
|
147
|
'size' => 'tiny',
|
148
|
'not null' => TRUE,
|
149
|
'default' => 0,
|
150
|
));
|
151
|
return t('"derive_from_attr_use_first_attr" field added to ldap_authorization table');
|
152
|
}
|
153
|
else {
|
154
|
return t('No database changes made.');
|
155
|
}
|
156
|
|
157
|
}
|
158
|
|
159
|
|
160
|
/**
|
161
|
* Add derive_from_entry_search_all column to ldap_authorization
|
162
|
*/
|
163
|
function ldap_authorization_update_7102() {
|
164
|
|
165
|
if (!db_field_exists('ldap_authorization', 'derive_from_entry_search_all')) {
|
166
|
db_add_field('ldap_authorization', 'derive_from_entry_search_all', array(
|
167
|
'type' => 'int',
|
168
|
'size' => 'tiny',
|
169
|
'not null' => TRUE,
|
170
|
'default' => 0,
|
171
|
));
|
172
|
return t('"derive_from_entry_search_all" field added to ldap_authorization table');
|
173
|
}
|
174
|
else {
|
175
|
return t('No database changes made.');
|
176
|
}
|
177
|
|
178
|
}
|
179
|
|
180
|
/**
|
181
|
* change derive_from_attr_attr and derive_from_entry fields to text instead of varchar 2555
|
182
|
*/
|
183
|
function ldap_authorization_update_7103() {
|
184
|
|
185
|
foreach (array('derive_from_dn_attr', 'derive_from_attr_attr', 'derive_from_entry_entries') as $field_name) {
|
186
|
db_change_field('ldap_authorization', $field_name, $field_name, array(
|
187
|
'type' => 'text',
|
188
|
'not null' => FALSE,
|
189
|
));
|
190
|
}
|
191
|
|
192
|
}
|
193
|
|
194
|
/**
|
195
|
* change derive_from_attr_attr and derive_from_entry fields to text instead of varchar 2555
|
196
|
* applied second time because beta6 and 7 were wrong.
|
197
|
*/
|
198
|
function ldap_authorization_update_7104() {
|
199
|
|
200
|
foreach (array('derive_from_dn_attr', 'derive_from_attr_attr', 'derive_from_entry_entries') as $field_name) {
|
201
|
db_change_field('ldap_authorization', $field_name, $field_name, array(
|
202
|
'type' => 'text',
|
203
|
'not null' => FALSE,
|
204
|
));
|
205
|
}
|
206
|
|
207
|
}
|
208
|
|
209
|
/**
|
210
|
* add derive_from_entry_user_ldap_attr field to allow user specification of dn or other identifier.
|
211
|
*/
|
212
|
function ldap_authorization_update_7105() {
|
213
|
|
214
|
if (!db_field_exists('ldap_authorization', 'derive_from_entry_user_ldap_attr')) {
|
215
|
db_add_field('ldap_authorization', 'derive_from_entry_user_ldap_attr', array(
|
216
|
'type' => 'varchar',
|
217
|
'length' => 255,
|
218
|
'default' => NULL,
|
219
|
));
|
220
|
return t('"derive_from_entry_user_ldap_attr" field added to ldap_authorization table');
|
221
|
}
|
222
|
else {
|
223
|
return t('No database changes made.');
|
224
|
}
|
225
|
|
226
|
}
|
227
|
|
228
|
/**
|
229
|
* add nested checkboxes to derive from entry and attributes strategies.
|
230
|
*/
|
231
|
function ldap_authorization_update_7106() {
|
232
|
|
233
|
if (!db_field_exists('ldap_authorization', 'derive_from_attr_nested')) {
|
234
|
db_add_field('ldap_authorization', 'derive_from_attr_nested', array(
|
235
|
'type' => 'int',
|
236
|
'size' => 'tiny',
|
237
|
'not null' => TRUE,
|
238
|
'default' => 0,
|
239
|
));
|
240
|
$msg = t('"derive_from_attr_nested" field added to ldap_authorization table');
|
241
|
}
|
242
|
|
243
|
if (!db_field_exists('ldap_authorization', 'derive_from_entry_nested')) {
|
244
|
db_add_field('ldap_authorization', 'derive_from_entry_nested', array(
|
245
|
'type' => 'int',
|
246
|
'size' => 'tiny',
|
247
|
'not null' => TRUE,
|
248
|
'default' => 0,
|
249
|
));
|
250
|
$msg .= t('"derive_from_entry_nested" field added to ldap_authorization table');
|
251
|
}
|
252
|
|
253
|
return ($msg) ? $msg : t('No database changes made.');
|
254
|
}
|
255
|
|
256
|
/**
|
257
|
* add derive_from_entry_use_first_attr field to and remove description field from ldap_authorization table
|
258
|
*/
|
259
|
function ldap_authorization_update_7107() {
|
260
|
|
261
|
$changes = '';
|
262
|
|
263
|
if (!db_field_exists('ldap_authorization', 'derive_from_entry_use_first_attr')) {
|
264
|
db_add_field('ldap_authorization', 'derive_from_entry_use_first_attr', array(
|
265
|
'type' => 'int',
|
266
|
'size' => 'tiny',
|
267
|
'not null' => TRUE,
|
268
|
'default' => 0,
|
269
|
));
|
270
|
$changes .= t('"derive_from_entry_use_first_attr" field added to ldap_authorization table');
|
271
|
}
|
272
|
|
273
|
if (db_field_exists('ldap_authorization', 'description')) {
|
274
|
db_drop_field('ldap_authorization', 'description');
|
275
|
$changes .= t('"description" field dropped from to ldap_authorization table');
|
276
|
}
|
277
|
|
278
|
return ($changes) ? $changes : t('No database changes made.');
|
279
|
|
280
|
}
|
281
|
|
282
|
|
283
|
/**
|
284
|
* add derive_from_entry_entries_attr field to allow user specification of attribute representing group in queries.
|
285
|
*/
|
286
|
function ldap_authorization_update_7108() {
|
287
|
|
288
|
if (!db_field_exists('ldap_authorization', 'derive_from_entry_entries_attr')) {
|
289
|
db_add_field('ldap_authorization', 'derive_from_entry_entries_attr', array(
|
290
|
'type' => 'varchar',
|
291
|
'length' => 255,
|
292
|
'default' => NULL,
|
293
|
));
|
294
|
return t('"derive_from_entry_entries_attr" field added to ldap_authorization table');
|
295
|
}
|
296
|
else {
|
297
|
return t('No database changes made.');
|
298
|
}
|
299
|
_ldap_authorization_add_ldap_user_fields();
|
300
|
|
301
|
}
|
302
|
|
303
|
/**
|
304
|
* moving some groups related fields into ldap server module
|
305
|
*/
|
306
|
function ldap_authorization_update_7201() {
|
307
|
|
308
|
// need to merge 2 table fields (derive_from_entry_use_first_attr and derive_from_attr_use_first_attr into one field useFirstAttrAsGroupId)
|
309
|
$results = '';
|
310
|
|
311
|
if (!db_field_exists('ldap_authorization', 'useFirstAttrAsGroupId')) {
|
312
|
db_add_field('ldap_authorization', 'useFirstAttrAsGroupId', array(
|
313
|
'type' => 'int',
|
314
|
'size' => tiny,
|
315
|
'not null' => TRUE,
|
316
|
'default' => 0,
|
317
|
));
|
318
|
$results .= t('"useFirstAttrAsGroupId" field added to ldap_authorization table');
|
319
|
}
|
320
|
|
321
|
if (!db_field_exists('ldap_authorization', 'searchAll')) {
|
322
|
db_add_field('ldap_authorization', 'searchAll', array(
|
323
|
'type' => 'int',
|
324
|
'size' => tiny,
|
325
|
'not null' => TRUE,
|
326
|
'default' => 0,
|
327
|
));
|
328
|
$results .= t('"searchAll" field added to ldap_authorization table');
|
329
|
}
|
330
|
}
|
331
|
|
332
|
|
333
|
/**
|
334
|
* remove user ldap authorizations field. its in $user->data now
|
335
|
*/
|
336
|
function ldap_authorization_update_7202() {
|
337
|
|
338
|
$instance = array(
|
339
|
'field_name' => 'ldap_authorizations',
|
340
|
'entity_type' => 'user',
|
341
|
'bundle' => 'user',
|
342
|
);
|
343
|
field_delete_instance($instance, TRUE);
|
344
|
field_delete_field('ldap_authorizations');
|
345
|
|
346
|
}
|
347
|
|
348
|
/**
|
349
|
* make all schema field names lowercase in ldap server to deal with cronic case sensitivity issues
|
350
|
*/
|
351
|
function ldap_authorization_update_7203() {
|
352
|
|
353
|
if (db_field_exists('ldap_authorization', 'searchAll')) {
|
354
|
db_drop_field('ldap_authorization', 'searchAll');
|
355
|
}
|
356
|
|
357
|
$schema = ldap_authorization_schema();
|
358
|
$field_schema = $schema['ldap_authorization']['fields']['use_first_attr_as_groupid'];
|
359
|
if (db_field_exists('ldap_authorization', 'useFirstAttrAsGroupId')) {
|
360
|
if (db_field_exists('ldap_authorization', 'use_first_attr_as_groupid')) {
|
361
|
db_drop_field('ldap_authorization', 'useFirstAttrAsGroupId');
|
362
|
}
|
363
|
else {
|
364
|
db_change_field('ldap_authorization', 'useFirstAttrAsGroupId', 'use_first_attr_as_groupid', $field_schema);
|
365
|
}
|
366
|
}
|
367
|
|
368
|
}
|
369
|
|
370
|
/**
|
371
|
* make all schema field names lowercase in ldap server to deal with cronic case sensitivity issues
|
372
|
*/
|
373
|
function ldap_authorization_update_7204() {
|
374
|
|
375
|
$schema = ldap_authorization_schema();
|
376
|
$field_schema = $schema['ldap_authorization']['fields']['mappings'];
|
377
|
if (db_field_exists('ldap_authorization', 'mappings')) {
|
378
|
db_change_field('ldap_authorization', 'mappings', 'mappings', $field_schema);
|
379
|
}
|
380
|
|
381
|
}
|