Révision bc175c27
Ajouté par Assos Assos il y a plus de 5 ans
| drupal7/sites/all/modules/ldap/ldap_authorization/ldap_authorization_og/ldap_authorization_og.module | ||
|---|---|---|
| 1 | 1 |
<?php |
| 2 | 2 |
|
| 3 |
/** @file |
|
| 4 |
* |
|
| 5 |
* controls organic group membership based on LDAP values |
|
| 6 |
* |
|
| 3 |
/** |
|
| 4 |
* @file |
|
| 5 |
* Controls organic group membership based on LDAP values. |
|
| 7 | 6 |
*/ |
| 8 | 7 |
|
| 9 | 8 |
/** |
| 10 | 9 |
* Implements hook_ldap_authorization_consumer(). |
| 11 | 10 |
*/ |
| 12 |
|
|
| 13 | 11 |
function ldap_authorization_og_ldap_authorization_consumer() {
|
| 14 |
$types['og_group'] = array(
|
|
| 12 |
$types['og_group'] = array( |
|
| 15 | 13 |
'consumer_name' => t('OG group'),
|
| 16 | 14 |
'consumer_name_plural' => t('OG groups'),
|
| 17 | 15 |
'consumer_short_name' => t('group'),
|
| ... | ... | |
| 22 | 20 |
'consumer_module' => 'ldap_authorization_og', |
| 23 | 21 |
); |
| 24 | 22 |
|
| 25 |
if (ldap_authorization_og_og_version() == 1) {
|
|
| 26 |
$types['og_group']['consumer_mapping_directions'] = 'Mappings should be of form:<br/> |
|
| 27 |
<code>[raw authorization id]|[og group match field]=[og group match id],[og role match field]=[og role match id]</code> |
|
| 28 |
<br/>such as:<br/> |
|
| 29 |
<code> |
|
| 30 |
Student Accounts|group-name=students,role-name=member<br/> |
|
| 31 |
cn=honors students,ou=groups,dc=hogwarts,dc=edu|gid=7,rid=28<br/> |
|
| 32 |
</code>'; |
|
| 33 |
} |
|
| 34 |
else {
|
|
| 35 |
$types['og_group']['consumer_mapping_directions'] = 'Mappings should be of form:<br/> |
|
| 36 |
<code>[raw authorization id]|[og entity type]:[og entity id or title]:[og role id]</code> |
|
| 37 |
<br/>[og entity type] is generally "node" |
|
| 38 |
<br/>[og entity id or title] can be the groups title or entity id. <strong>Titles with ":"s in them may not be used</strong>. |
|
| 39 |
<br/>when [og role id] is left off, default role is used. |
|
| 40 |
<br/>such as:<br/> |
|
| 41 |
<code> |
|
| 42 |
Student Accounts|node:17:2<br/> |
|
| 43 |
cn=honors students,ou=groups,dc=hogwarts,dc=edu|node:honors students<br/> |
|
| 44 |
cn=gryffindor,ou=groups,dc=hogwarts,dc=edu|node:gryffindor:3<br/> |
|
| 45 |
</code>'; |
|
| 46 |
} |
|
| 23 |
$types['og_group']['consumer_mapping_directions'] = 'Mappings should be of form:<br/> |
|
| 24 |
<code>[raw authorization id]|[og entity type]:[og entity id or title]:[og role id]</code> |
|
| 25 |
<br/>[og entity type] is generally "node" |
|
| 26 |
<br/>[og entity id or title] can be the groups title or entity id. <strong>Titles with ":"s in them may not be used</strong>. |
|
| 27 |
<br/>when [og role id] is left off, default role is used. |
|
| 28 |
<br/>such as:<br/> |
|
| 29 |
<code> |
|
| 30 |
Student Accounts|node:17:2<br/> |
|
| 31 |
cn=honors students,ou=groups,dc=hogwarts,dc=edu|node:honors students<br/> |
|
| 32 |
cn=gryffindor,ou=groups,dc=hogwarts,dc=edu|node:gryffindor:3<br/> |
|
| 33 |
</code>'; |
|
| 34 |
|
|
| 47 | 35 |
return $types; |
| 48 | 36 |
} |
| 49 | 37 |
|
| 50 | 38 |
/** |
| 51 |
* Format authorization id |
|
| 39 |
* Format authorization id.
|
|
| 52 | 40 |
* |
| 53 |
* @param int $gid as organic group gid |
|
| 54 |
* @param int $rid as organic group rig |
|
| 55 |
* @param array $group_entity as entity associated with organic group |
|
| 41 |
* @param int $gid |
|
| 42 |
* as organic group gid. |
|
| 43 |
* @param int $rid |
|
| 44 |
* as organic group rig. |
|
| 45 |
* @param array $group_entity |
|
| 46 |
* as entity associated with organic group. |
|
| 56 | 47 |
* |
| 57 | 48 |
* @return string "normalized" authorization id such as 3-3 |
| 58 | 49 |
*/ |
| 59 | 50 |
function ldap_authorization_og_authorization_id($gid, $rid, $entity_type = 'node') {
|
| 60 |
return (ldap_authorization_og_og_version() == 1) ? $gid . '-' . $rid : join(':', array($entity_type, $gid, $rid));
|
|
| 61 |
} |
|
| 62 |
|
|
| 63 |
|
|
| 64 |
function ldap_authorization_og_og_version() {
|
|
| 65 |
return (function_exists('og_action_info')) ? 2 : 1;
|
|
| 51 |
return join(':', [$entity_type, $gid, $rid]);
|
|
| 66 | 52 |
} |
| 67 | 53 |
|
| 68 | 54 |
/** |
| 69 |
* Convert entity id to group id |
|
| 70 | 55 |
* |
| 71 |
* @param int $entity_id as id of entity associated with organic group |
|
| 72 |
* @return int og group id |
|
| 73 | 56 |
*/ |
| 74 |
function ldap_authorization_og1_entity_id_to_gid($entity_id) {
|
|
| 75 |
|
|
| 76 |
$gid = db_select('og', 'og')
|
|
| 77 |
->fields('og', array('gid'))
|
|
| 78 |
->condition('og.etid', $entity_id, '=')
|
|
| 79 |
->range(0, 1) |
|
| 80 |
->execute() |
|
| 81 |
->fetchField(); |
|
| 82 |
return ($gid && is_scalar($gid)) ? $gid : FALSE; |
|
| 83 |
|
|
| 84 |
} |
|
| 85 |
|
|
| 86 |
/** |
|
| 87 |
* Convert entity id to group id |
|
| 88 |
* |
|
| 89 |
* @param int $entity_id as id of entity associated with organic group |
|
| 90 |
* @return int og group id |
|
| 91 |
*/ |
|
| 92 |
function ldap_authorization_og1_group_name_to_gid($group_name) {
|
|
| 93 |
|
|
| 94 |
$gid = db_select('og', 'og')
|
|
| 95 |
->fields('og', array('gid'))
|
|
| 96 |
->condition('og.label', $group_name, '=')
|
|
| 97 |
->range(0, 1) |
|
| 98 |
->execute() |
|
| 99 |
->fetchField(); |
|
| 100 |
return ($gid && is_scalar($gid)) ? $gid : FALSE; |
|
| 101 |
|
|
| 102 |
} |
|
| 103 |
|
|
| 104 |
|
|
| 105 |
/** |
|
| 106 |
* Generic function to convert between query values and organic groups structures and attributes |
|
| 107 |
* |
|
| 108 |
* @param mixed $value signifies query value e.g. 'bakers', 7 etc. |
|
| 109 |
* @param mixed $value_type signifies query type e.g. 'group_name', 'gid', etc. |
|
| 110 |
* @param string $return signifying return type. e.g. 'object', 'label', 'name', 'gid' |
|
| 111 |
* @return mixed organic group object, gid, label, etc. |
|
| 112 |
*/ |
|
| 113 |
function ldap_authorization_og1_get_group($value, $value_type = 'group_name', $return = 'object') {
|
|
| 114 |
|
|
| 115 |
if ($value_type == 'gid') {
|
|
| 116 |
$group = og_load($value); |
|
| 117 |
} |
|
| 118 |
elseif ($value_type == 'group_name') {
|
|
| 119 |
$gid = ldap_authorization_og1_group_name_to_gid($value); |
|
| 120 |
$group = ($gid) ? og_load($gid) : FALSE; |
|
| 121 |
} |
|
| 122 |
|
|
| 123 |
if (!$group || !is_object($group)) {
|
|
| 124 |
return FALSE; |
|
| 125 |
} |
|
| 126 |
if ($return == 'object' && is_object($group)) {
|
|
| 127 |
$group_entity = node_load($group->etid); |
|
| 128 |
return array($group, $group_entity); |
|
| 129 |
} |
|
| 130 |
elseif ($return == 'label' || $return == 'name') {
|
|
| 131 |
return $group->label; |
|
| 132 |
} |
|
| 133 |
elseif ($return == 'gid') {
|
|
| 134 |
return $group->gid; |
|
| 135 |
} |
|
| 136 |
else {
|
|
| 137 |
return FALSE; |
|
| 138 |
} |
|
| 57 |
function ldap_authorization_og_og_version() {
|
|
| 58 |
return (function_exists('og_action_info')) ? 2 : 1;
|
|
| 139 | 59 |
} |
| 140 | 60 |
|
| 141 | 61 |
/** |
| 142 |
* Generic function to convert between query values and organic groups structures and attributes |
|
| 62 |
* Generic function to convert between query values and organic groups structures and attributes.
|
|
| 143 | 63 |
* |
| 144 |
* @param mixed $entity_type signifies query value e.g. 'bakers', 7 etc. |
|
| 145 |
* @param mixed $group_name signifies query type e.g. 'group_name', 'gid', etc. |
|
| 64 |
* @param mixed $entity_type |
|
| 65 |
* signifies query value e.g. 'bakers', 7 etc. |
|
| 66 |
* @param mixed $group_name |
|
| 67 |
* signifies query type e.g. 'group_name', 'gid', etc. |
|
| 146 | 68 |
* |
| 147 | 69 |
* @return mixed organic group object, gid, label, etc. |
| 148 | 70 |
*/ |
| 149 | 71 |
function ldap_authorization_og2_get_group_from_name($entity_type, $group_name) {
|
| 150 | 72 |
|
| 151 |
require_once(drupal_get_path('module', 'ldap_authorization_og') . '/LdapAuthorizationConsumerOG.class.php');
|
|
| 73 |
require_once drupal_get_path('module', 'ldap_authorization_og') . '/LdapAuthorizationConsumerOG.class.php';
|
|
| 152 | 74 |
$group_entity = FALSE; |
| 153 | 75 |
$group_entity_id = FALSE; |
| 154 | 76 |
$query = new EntityFieldQuery(); |
| ... | ... | |
| 167 | 89 |
|
| 168 | 90 |
} |
| 169 | 91 |
|
| 170 |
|
|
| 171 |
function ldap_authorization_og1_has_membership($gid, $uid) {
|
|
| 172 |
return (boolean)og_get_group_membership($gid, 'user', $uid); |
|
| 173 |
} |
|
| 174 | 92 |
/** |
| 175 |
* Test if a user has a particular group role |
|
| 176 | 93 |
* |
| 177 |
* @param int $gid as og group id |
|
| 178 |
* @param int $uid as user id |
|
| 179 |
* @param string $rid as og role id |
|
| 180 |
* |
|
| 181 |
* @return boolean signifying if user has group x role |
|
| 182 | 94 |
*/ |
| 183 |
function ldap_authorization_og1_has_role($gid, $uid, $rid) {
|
|
| 184 |
$roles = og_get_user_roles($gid, $uid); |
|
| 185 |
return (is_array($roles) && in_array($rid, array_values($roles))); |
|
| 186 |
} |
|
| 187 |
|
|
| 188 |
/** avoid excessive calls to og_roles() **/ |
|
| 189 |
function ldap_authorization_og1_roles($reset = FALSE) {
|
|
| 190 |
static $roles; |
|
| 191 |
if ($reset || !is_array($roles)) {
|
|
| 192 |
$roles = og_roles(); |
|
| 193 |
} |
|
| 194 |
return $roles; |
|
| 195 |
} |
|
| 196 |
|
|
| 197 |
function ldap_authorization_og1_role_name_to_role_id($role_name) {
|
|
| 198 |
$roles = ldap_authorization_og1_roles(); |
|
| 199 |
return array_search($role_name, $roles); //empty($roles[$role_name]) ? FALSE : $roles[$role_name]; |
|
| 200 |
} |
|
| 201 |
|
|
| 202 | 95 |
function ldap_authorization_og2_has_consumer_id($consumer_id, $uid) {
|
| 203 | 96 |
$parts = explode(':', $consumer_id);
|
| 204 | 97 |
$result = FALSE; |
| ... | ... | |
| 208 | 101 |
); |
| 209 | 102 |
if (count($parts) == 3) {
|
| 210 | 103 |
list($group_type, $gid, $rid) = $parts; |
| 211 |
// need to make sure entity exists before calling og_get_user_roles which will throw fatal error
|
|
| 104 |
// Need to make sure entity exists before calling og_get_user_roles which will throw fatal error.
|
|
| 212 | 105 |
if ($group = entity_load_single($group_type, $gid)) {
|
| 213 | 106 |
if (og_is_group($group_type, $group)) {
|
| 214 | 107 |
$roles = og_get_user_roles($group_type, $gid, $uid, TRUE); |
| ... | ... | |
| 225 | 118 |
return $result; |
| 226 | 119 |
} |
| 227 | 120 |
|
| 228 |
// ldap_authorization_og2_has_role($og_students_node->nid, $web_user->uid, OG_AUTHENTICATED_ROLE) |
|
| 121 |
/** |
|
| 122 |
* Ldap_authorization_og2_has_role($og_students_node->nid, $web_user->uid, OG_AUTHENTICATED_ROLE) |
|
| 123 |
*/ |
|
| 229 | 124 |
function ldap_authorization_og2_has_role($group_type, $gid, $uid, $role_name) {
|
| 230 |
$roles = og_get_user_roles($group_type, $gid, $uid, TRUE); // array with rid as key and role name as value |
|
| 125 |
// Array with rid as key and role name as value. |
|
| 126 |
$roles = og_get_user_roles($group_type, $gid, $uid, TRUE); |
|
| 231 | 127 |
return (is_array($roles) && in_array($role_name, array_values($roles))); |
| 232 | 128 |
} |
| 233 | 129 |
|
| 234 |
|
|
| 235 |
|
|
| 236 | 130 |
/** |
| 237 |
* Derive og role id from role name |
|
| 131 |
* Derive og role id from role name. |
|
| 132 |
* |
|
| 133 |
* @param string $role_name |
|
| 134 |
* as og role name. |
|
| 238 | 135 |
* |
| 239 |
* @param string $role_name as og role name |
|
| 240 | 136 |
* @return int og role id |
| 241 | 137 |
*/ |
| 242 |
|
|
| 243 | 138 |
function ldap_authorization_og_rid_from_role_name($role_name) {
|
| 244 | 139 |
$roles = og_roles(0); |
| 245 | 140 |
$rids = array_flip($roles); |
| 246 | 141 |
return isset($rids[$role_name]) ? $rids[$role_name] : FALSE; |
| 247 | 142 |
} |
| 248 | 143 |
|
| 249 |
function ldap_authorization_og1_role_name_from_rid($rid) {
|
|
| 250 |
$roles = og_roles(0); |
|
| 251 |
return isset($roles[$rid]) ? $roles[$rid] : FALSE; |
|
| 252 |
} |
|
| 253 |
|
|
| 144 |
/** |
|
| 145 |
* |
|
| 146 |
*/ |
|
| 254 | 147 |
function ldap_authorization_og2_rid_from_role_name($entity_type, $bundle, $gid, $role_name) {
|
| 255 | 148 |
$roles = og_roles($entity_type, $bundle, 0, FALSE, TRUE); |
| 256 | 149 |
$roles_flipped = array_flip($roles); |
| 257 | 150 |
return (empty($roles_flipped[$role_name])) ? NULL : $roles_flipped[$role_name]; |
| 258 | 151 |
} |
| 259 | 152 |
|
| 153 |
/** |
|
| 154 |
* |
|
| 155 |
*/ |
|
| 260 | 156 |
function ldap_authorization_og_get_all_group_entities() {
|
| 261 | 157 |
$entities = array(); |
| 262 | 158 |
$group_entity_types = og_get_all_group_bundle(); |
| ... | ... | |
| 266 | 162 |
} |
| 267 | 163 |
return $entities; |
| 268 | 164 |
} |
| 165 |
|
|
| 269 | 166 |
/** |
| 270 | 167 |
* Implements hook_form_alter(). |
| 271 | 168 |
*/ |
Formats disponibles : Unified diff
Weekly update of contrib modules