root / drupal7 / sites / all / modules / ldap / ldap_servers / ldap_servers.api.php @ bc175c27
1 | 85ad3d82 | Assos Assos | <?php
|
---|---|---|---|
2 | |||
3 | /**
|
||
4 | * @file
|
||
5 | * Hooks provided by ldap_servers module
|
||
6 | */
|
||
7 | |||
8 | /**
|
||
9 | * Allows other modules to periodically affect an ldap associated user
|
||
10 | * or its corresponding ldap entry.
|
||
11 | *
|
||
12 | * when cron runs a batch of ldap associated drupal accounts
|
||
13 | * will be looked at and marked as tested. over the course
|
||
14 | * of time all ldap related users will be looked at
|
||
15 | *
|
||
16 | * Each module implementing this hook is responsible for
|
||
17 | * altering ldap entries and drupal user objects; simply
|
||
18 | * altering the variables will have no affect on the actual
|
||
19 | * ldap entry or drupal user
|
||
20 | */
|
||
21 | |||
22 | function hook_ldap_servers_user_cron(&$users) { |
||
23 | |||
24 | |||
25 | |||
26 | } |
||
27 | |||
28 | /**
|
||
29 | * helper hook to see if a batch of ldap users
|
||
30 | * needs to be queried
|
||
31 | *
|
||
32 | * if a module implements hook_ldap_servers_user_cron,
|
||
33 | * but currently does not need to process user cron batches,
|
||
34 | * it should return FALSE
|
||
35 | */
|
||
36 | |||
37 | function hook_ldap_servers_user_cron_needed() { |
||
38 | return TRUE; |
||
39 | } |
||
40 | |||
41 | /**
|
||
42 | * Allows other modules to alter ldap entry or perform other necessary
|
||
43 | * LDAP operations before entires are provisioned.
|
||
44 | * This should be invoked before provisioning ldap entries
|
||
45 | *
|
||
46 | * @param array $ldap_entries as array keyed on lowercase dn of entry with
|
||
47 | * value of array in format used in ldap_add or ldap_modify function
|
||
48 | * e.g.
|
||
49 | * $ldap_entries['cn=jkool,ou=guest accounts,dc=ad,dc=myuniversity,dc=edu'] = array(
|
||
50 | * "attribute1" => array("value"),
|
||
51 | * "attribute2" => array("value1", "value2"),
|
||
52 | * );
|
||
53 | *
|
||
54 | * @param LdapServer $ldap_server as ldap server configuration object that is
|
||
55 | * performing provisioning
|
||
56 | *
|
||
57 | * @param array $context with the following key/values:
|
||
58 | * 'action' => add|modify|delete
|
||
59 | *
|
||
60 | * 'corresponding_drupal_data' => if ldap entries have corresponding drupal objects, such
|
||
61 | * as ldap user entries and drupal user objects; ldap groups and drupal roles; etc
|
||
62 | * this will be array keyed on lowercase dn with values of objects
|
||
63 | * e.g.
|
||
64 | * $context['corresponding_drupal_data'] = array(
|
||
65 | * 'cn=jkool,ou=guest accounts,dc=ad,dc=myuniversity,dc=edu' => drupal user object1,
|
||
66 | * 'cn=jfun,ou=guest accounts,dc=ad,dc=myuniversity,dc=edu' => drupal user object2,
|
||
67 | * )
|
||
68 | *
|
||
69 | * 'corresponding_drupal_data_type' => 'user', 'role', etc.
|
||
70 | *
|
||
71 | * );
|
||
72 | */
|
||
73 | |||
74 | function hook_ldap_entry_pre_provision_alter(&$ldap_entries, $ldap_server, $context) { |
||
75 | |||
76 | |||
77 | |||
78 | } |
||
79 | |||
80 | /**
|
||
81 | * Allows modules to react to provisioning of ldap entries.
|
||
82 | *
|
||
83 | * This should be invoked after provisioning ldap entries
|
||
84 | *
|
||
85 | * -- same signature as hook_ldap_entry_pre_provision_alter with ldap entries not passed by reference
|
||
86 | * -- ldap entries are not queried after provisioning, so $ldap_entries are in form
|
||
87 | * hook_ldap_entry_pre_provision; not actual queryied ldap entries
|
||
88 | * -- if actual ldap entries are available after provisioning, they will be in
|
||
89 | * $context['provisioned_ldap_entries][<dn>] => ldap entry array in format of an ldap query
|
||
90 | * returned from ldap_get_entries() with 'count' keys
|
||
91 | */
|
||
92 | |||
93 | function hook_ldap_entry_post_provision(&$ldap_entries, $ldap_server, $context) { |
||
94 | |||
95 | |||
96 | |||
97 | } |
||
98 | |||
99 | |||
100 | |||
101 | /**
|
||
102 | * Perform alterations of ldap attributes before query is made.
|
||
103 | *
|
||
104 | * To avoid excessive attributes in an ldap query, modules should
|
||
105 | * alter attributes needed based on $op parameter
|
||
106 | *
|
||
107 | * @param array $attributes
|
||
108 | * array of attributes to be returned from ldap queries where:
|
||
109 | * - each key is ldap attribute name (e.g. mail, cn)
|
||
110 | * - each value is associative array of form:
|
||
111 | * - 'conversion' => NULL,
|
||
112 | * - 'values' => array(0 => 'john', 1 => 'johnny'))
|
||
113 | *
|
||
114 | * @param array $params context array with some or all of the following key/values
|
||
115 | * 'sid' => drupal account object,
|
||
116 | * 'ldap_context' => ,
|
||
117 | * 'direction' =>
|
||
118 | *
|
||
119 | */
|
||
120 | function hook_ldap_attributes_needed_alter(&$attributes, $params) { |
||
121 | |||
122 | $attributes['dn'] = ldap_servers_set_attribute_map(@$attributes['dn'], 'ldap_dn') ; |
||
123 | if ($params['sid']) { // puid attributes are server specific |
||
124 | $ldap_server = (is_object($params['sid'])) ? $params['sid'] : ldap_servers_get_servers($params['sid'], 'enabled', TRUE); |
||
125 | |||
126 | switch ($op) { |
||
127 | case 'user_insert': |
||
128 | case 'user_update': |
||
129 | if (!isset($attributes[$ldap_server->user_attr])) { |
||
130 | // don't provide attribute if it exists, unless you are adding data_type or value information
|
||
131 | // in that case, don't overwrite the whole array (see $ldap_server->mail_attr example below)
|
||
132 | $attributes[$ldap_server->user_attr] = ldap_servers_set_attribute_map(); |
||
133 | } |
||
134 | if (!isset($attributes[$ldap_server->mail_attr])) { |
||
135 | $attributes[$ldap_server->mail_attr] = ldap_servers_set_attribute_map(); // set default values for an attribute, force data_type |
||
136 | } |
||
137 | |||
138 | bc175c27 | Assos Assos | ldap_servers_token_extract_attributes($attributes, $ldap_server_obj->mail_template); |
139 | 85ad3d82 | Assos Assos | $attributes[$ldap_server->unique_persistent_attr] = ldap_servers_set_attribute_map(@$attributes[$ldap_server->unique_persistent_attr]); |
140 | |||
141 | break;
|
||
142 | } |
||
143 | } |
||
144 | } |
||
145 | |||
146 | |||
147 | /**
|
||
148 | * Perform alterations of $ldap_user variable.
|
||
149 | *
|
||
150 | *
|
||
151 | * @param array $ldap_user see README.developers.txt for structure
|
||
152 | * @param array $params context array with some or all of the following key/values
|
||
153 | * 'account' => drupal account object,
|
||
154 | * 'ldap_context' => ,
|
||
155 | * 'module' => module calling alter, e.g. 'ldap_user',
|
||
156 | * 'function' => function calling alter, e.g. 'provisionLdapEntry'
|
||
157 | *
|
||
158 | */
|
||
159 | |||
160 | function hook_ldap_user_alter(&$ldap_entry, $params) { |
||
161 | |||
162 | |||
163 | } |
||
164 | |||
165 | /**
|
||
166 | * Allow the results from the ldap search answer to be modified
|
||
167 | * The query parameters are provided as context infomation
|
||
168 | * (readonly)
|
||
169 | *
|
||
170 | */
|
||
171 | function hook_ldap_server_search_results_alter(&$entries, $ldap_query_params) { |
||
172 | // look for a specific part of the $results array
|
||
173 | // and maybe change it
|
||
174 | } |
||
175 | |||
176 | /**
|
||
177 | * Allows other modules to transform the Drupal login username to an LDAP
|
||
178 | * UserName attribute.
|
||
179 | * Invoked in LdapServer::userUsernameToLdapNameTransform()
|
||
180 | *
|
||
181 | * @param $ldap_username
|
||
182 | * The ldap username that will be used for the AuthName attribute
|
||
183 | * @param $drupal_username
|
||
184 | * The Drupal user name
|
||
185 | * @param $context
|
||
186 | * An array of additional contextual information
|
||
187 | * - ldap_server: The LDAP server that is invoking the hook
|
||
188 | */
|
||
189 | function hook_user_ldap_servers_username_to_ldapname_alter(&$ldap_username, $drupal_username, $context) { |
||
190 | // Alter the name only if it has not been altered already, ie php eval code
|
||
191 | if ($ldap_username == $drupal_username) { |
||
192 | $authname = ldap_user_get_authname($ldap_username); |
||
193 | if (!empty($authname)) { |
||
194 | $ldap_username = $authname; |
||
195 | } |
||
196 | } |
||
197 | } |