Révision bc175c27
Ajouté par Assos Assos il y a plus de 5 ans
drupal7/sites/all/modules/ldap/ldap_user/ldap_user.cron.inc | ||
---|---|---|
13 | 13 |
* @param LdapUserConf $ldap_user_conf |
14 | 14 |
* |
15 | 15 |
* @return boolean FALSE on error or incompletion or TRUE otherwise |
16 |
* |
|
17 |
* @todo need to avoid sending repeated emails |
|
18 |
* |
|
19 |
* |
|
20 | 16 |
*/ |
21 |
|
|
22 | 17 |
function _ldap_user_orphans($ldap_user_conf) { |
23 | 18 |
|
24 | 19 |
// return TRUE; // this is untested code |
... | ... | |
40 | 35 |
|
41 | 36 |
$query = new EntityFieldQuery(); |
42 | 37 |
$query->entityCondition('entity_type', 'user') |
38 |
->fieldCondition('ldap_user_puid_sid', 'value', 'NULL', '!=') |
|
39 |
->fieldCondition('ldap_user_puid_property', 'value', 'NULL', '!=') |
|
40 |
->fieldCondition('ldap_user_puid', 'value', 'NULL', '!=') |
|
43 | 41 |
->fieldCondition('ldap_user_current_dn', 'value', 'NULL', '!=') |
44 | 42 |
->propertyCondition('uid', $last_uid_checked, '>') |
45 | 43 |
->propertyOrderBy('uid', 'ASC') |
... | ... | |
47 | 45 |
->addMetaData('account', user_load(1)); // run the query as user 1 |
48 | 46 |
$result = $query->execute(); |
49 | 47 |
|
50 |
$drupal_users = array(); |
|
51 | 48 |
$email_list = array(); |
52 | 49 |
$ldap_servers = ldap_servers_get_servers(NULL, 'enabled'); |
53 | 50 |
$watchdogs_sids_missing_watchdogged = array(); |
... | ... | |
73 | 70 |
|
74 | 71 |
$batches = floor($user_count / LDAP_SERVERS_MAXFILTER_ORS) + 1; |
75 | 72 |
// e.g. 175 users and 50 max ldap query ors will yield 4 batches |
76 |
for ($batch=1; $batch <= $batches; $batch++) { // e.g. 1,2,3,4 |
|
77 |
$filters = array(); |
|
78 |
$drupal_users = array(); |
|
79 |
/** |
|
80 |
* 1. populate $drupal_users[$sid][$puid_attr][$puid]['exists'] = TRUE |
|
81 |
* |
|
82 |
* e.g. first batch $i=0; $i<50; $i++ |
|
83 |
* 2nd batch $i=50; $i<100; $i++ |
|
84 |
* 4th batch $i=150; $i<175; $i++ |
|
85 |
*/ |
|
86 |
$start = ($batch - 1)* LDAP_SERVERS_MAXFILTER_ORS; // e.g 0, 50, 100 |
|
87 |
$end_plus_1 = min(($batch)* LDAP_SERVERS_MAXFILTER_ORS, $user_count); // e.g. 50, 100, 150 |
|
88 |
$batch_uids = array_slice($uids, $start, ($end_plus_1 - $start)); // e.g. 50, 50; 100, 50 |
|
89 |
$accounts = entity_load('user', $batch_uids); |
|
90 |
|
|
91 |
foreach ($accounts as $uid => $user) { |
|
92 |
$sid = @$user->ldap_user_puid_sid[LANGUAGE_NONE][0]['value']; |
|
93 |
$puid = @$user->ldap_user_puid[LANGUAGE_NONE][0]['value']; |
|
94 |
$puid_attr = @$user->ldap_user_puid_property[LANGUAGE_NONE][0]['value']; |
|
95 |
if ($sid && $puid && $puid_attr) { |
|
96 |
if ($ldap_servers[$sid]->unique_persistent_attr_binary) { |
|
97 |
$filters[$sid][$puid_attr][] = "($puid_attr=" . ldap_servers_binary_filter($puid) . ")"; |
|
98 |
} |
|
99 |
else { |
|
100 |
$filters[$sid][$puid_attr][] = "($puid_attr=$puid)"; |
|
101 |
} |
|
102 |
$drupal_users[$sid][$puid_attr][$puid]['uid'] = $uid; |
|
103 |
$drupal_users[$sid][$puid_attr][$puid]['exists'] = FALSE; |
|
73 |
for ($batch = 1; $batch <= $batches; $batch++) { |
|
74 |
$email_list = _ldap_user_orphan_process_batch($ldap_user_conf, $batch, $user_count, $uids, $ldap_servers, $watchdogs_sids_missing_watchdogged, $query, $email_list); |
|
75 |
} |
|
76 |
|
|
77 |
if (count($email_list) > 0) { |
|
78 |
$site_email = variable_get('site_mail', FALSE); |
|
79 |
$params = array('accounts' => $email_list); |
|
80 |
if ($site_email) { |
|
81 |
drupal_mail( |
|
82 |
'ldap_user', |
|
83 |
'orphaned_accounts', |
|
84 |
$site_email, |
|
85 |
language_default(), |
|
86 |
$params |
|
87 |
); |
|
88 |
} |
|
89 |
} |
|
90 |
|
|
91 |
return TRUE; |
|
92 |
} |
|
93 |
|
|
94 |
/** |
|
95 |
* @param $ldap_user_conf |
|
96 |
* @param $batch |
|
97 |
* @param $user_count |
|
98 |
* @param $uids |
|
99 |
* @param $ldap_servers |
|
100 |
* @param $watchdogs_sids_missing_watchdogged |
|
101 |
* @param $query |
|
102 |
* @param $email_list |
|
103 |
* |
|
104 |
* @return array |
|
105 |
* @throws \Exception |
|
106 |
*/ |
|
107 |
function _ldap_user_orphan_process_batch($ldap_user_conf, $batch, $user_count, $uids, $ldap_servers, $watchdogs_sids_missing_watchdogged, $query, $email_list) { |
|
108 |
$filters = []; |
|
109 |
$drupal_users = array(); |
|
110 |
/** |
|
111 |
* 1. populate $drupal_users[$sid][$puid_attr][$puid]['exists'] = TRUE |
|
112 |
* |
|
113 |
* e.g. first batch $i=0; $i<50; $i++ |
|
114 |
* 2nd batch $i=50; $i<100; $i++ |
|
115 |
* 4th batch $i=150; $i<175; $i++ |
|
116 |
*/ |
|
117 |
$start = ($batch - 1) * LDAP_SERVERS_MAXFILTER_ORS; // e.g 0, 50, 100 |
|
118 |
$end_plus_1 = min(($batch) * LDAP_SERVERS_MAXFILTER_ORS, $user_count); // e.g. 50, 100, 150 |
|
119 |
$batch_uids = array_slice($uids, $start, ($end_plus_1 - $start)); // e.g. 50, 50; 100, 50 |
|
120 |
$accounts = entity_load('user', $batch_uids); |
|
121 |
|
|
122 |
foreach ($accounts as $uid => $user) { |
|
123 |
$sid = @$user->ldap_user_puid_sid[LANGUAGE_NONE][0]['value']; |
|
124 |
$puid = @$user->ldap_user_puid[LANGUAGE_NONE][0]['value']; |
|
125 |
$puid_attr = @$user->ldap_user_puid_property[LANGUAGE_NONE][0]['value']; |
|
126 |
if ($sid && $puid && $puid_attr) { |
|
127 |
if ($ldap_servers[$sid]->unique_persistent_attr_binary) { |
|
128 |
$filters[$sid][$puid_attr][] = "($puid_attr=" . ldap_servers_binary_filter($puid) . ")"; |
|
104 | 129 |
} |
105 | 130 |
else { |
106 |
// user with missing ldap data fields |
|
107 |
// perhaps should be watchdogged? |
|
131 |
$filters[$sid][$puid_attr][] = "($puid_attr=$puid)"; |
|
108 | 132 |
} |
133 |
$drupal_users[$sid][$puid_attr][$puid]['uid'] = $uid; |
|
134 |
$drupal_users[$sid][$puid_attr][$puid]['exists'] = FALSE; |
|
135 |
} |
|
136 |
else { |
|
137 |
// user with missing ldap data fields |
|
138 |
// perhaps should be watchdogged? |
|
109 | 139 |
} |
140 |
} |
|
110 | 141 |
|
111 |
//2. set $drupal_users[$sid][$puid_attr][$puid]['exists'] to FALSE |
|
112 |
// if entry doesn't exist |
|
113 |
foreach ($filters as $sid => $puid_attrs) { |
|
114 |
if (!isset($ldap_servers[$sid])) { |
|
115 |
if (!isset($watchdogs_sids_missing_watchdogged[$sid])) { |
|
116 |
watchdog( |
|
117 |
'ldap_user', |
|
118 |
'Server %sid not enabled, but needed to remove orphaned ldap users', |
|
119 |
array('%sid' => $sid), |
|
120 |
WATCHDOG_ERROR |
|
121 |
); |
|
122 |
$watchdogs_sids_missing_watchdogged[$sid] = TRUE; |
|
123 |
} |
|
124 |
continue; |
|
142 |
//2. set $drupal_users[$sid][$puid_attr][$puid]['exists'] to FALSE |
|
143 |
// if entry doesn't exist |
|
144 |
foreach ($filters as $sid => $puid_attrs) { |
|
145 |
if (!isset($ldap_servers[$sid])) { |
|
146 |
if (!isset($watchdogs_sids_missing_watchdogged[$sid])) { |
|
147 |
watchdog( |
|
148 |
'ldap_user', |
|
149 |
'Server %sid not enabled, but needed to remove orphaned ldap users', |
|
150 |
['%sid' => $sid], |
|
151 |
WATCHDOG_ERROR |
|
152 |
); |
|
153 |
$watchdogs_sids_missing_watchdogged[$sid] = TRUE; |
|
125 | 154 |
} |
126 |
foreach ($puid_attrs as $puid_attr => $ors) { |
|
127 |
// query should look like (|(guid=3243243)(guid=3243243)(guid=3243243)) |
|
128 |
$ldap_filter = '(|' . join("", $ors) . ')'; |
|
129 |
$ldap_entries = $ldap_servers[$sid]->searchAllBaseDns($ldap_filter, array($puid_attr)); |
|
130 |
if ($ldap_entries === FALSE) { |
|
131 |
unset($drupal_users[$sid]); // if query has error, don't remove ldap entries! |
|
132 |
watchdog( |
|
133 |
'ldap_user', |
|
134 |
'ldap server %sid had error while querying to |
|
155 |
continue; |
|
156 |
} |
|
157 |
foreach ($puid_attrs as $puid_attr => $ors) { |
|
158 |
// query should look like (|(guid=3243243)(guid=3243243)(guid=3243243)) |
|
159 |
$ldap_filter = '(|' . join("", $ors) . ')'; |
|
160 |
$ldap_entries = $ldap_servers[$sid]->searchAllBaseDns($ldap_filter, [$puid_attr]); |
|
161 |
if ($ldap_entries === FALSE) { |
|
162 |
unset($drupal_users[$sid]); // if query has error, don't remove ldap entries! |
|
163 |
watchdog( |
|
164 |
'ldap_user', |
|
165 |
'ldap server %sid had error while querying to |
|
135 | 166 |
deal with orphaned ldap user entries. Please check that the ldap |
136 | 167 |
server is configured correctly. Query; %query', |
137 |
array('%sid' => $sid, '%query' => serialize($query)),
|
|
138 |
WATCHDOG_ERROR);
|
|
139 |
continue;
|
|
140 |
}
|
|
168 |
['%sid' => $sid, '%query' => serialize($query)],
|
|
169 |
WATCHDOG_ERROR); |
|
170 |
continue; |
|
171 |
} |
|
141 | 172 |
|
142 |
unset($ldap_entries['count']);
|
|
173 |
unset($ldap_entries['count']); |
|
143 | 174 |
|
144 |
foreach ($ldap_entries as $i => $ldap_entry) { |
|
145 |
$puid = $ldap_servers[$sid]->userPuidFromLdapEntry($ldap_entry); |
|
146 |
$drupal_users[$sid][$puid_attr][$puid]['exists'] = TRUE; |
|
147 |
} |
|
175 |
foreach ($ldap_entries as $i => $ldap_entry) { |
|
176 |
$puid = $ldap_servers[$sid]->userPuidFromLdapEntry($ldap_entry); |
|
177 |
$drupal_users[$sid][$puid_attr][$puid]['exists'] = TRUE; |
|
148 | 178 |
} |
149 | 179 |
} |
150 |
//3. we now have $drupal_users[$sid][$puid_attr][$puid]['exists'] = FALSE | TRUE;
|
|
151 |
if ($ldap_user_conf->orphanedDrupalAcctBehavior == 'ldap_user_orphan_email') {
|
|
152 |
global $base_url;
|
|
153 |
}
|
|
154 |
$check_time = time();
|
|
155 |
foreach ($drupal_users as $sid => $puid_x_puid_attrs) {
|
|
156 |
foreach ($puid_x_puid_attrs as $puid_attr => $puids) {
|
|
157 |
foreach ($puids as $puid => $user_data) {
|
|
158 |
|
|
159 |
if ($account = $accounts[$user_data['uid']]) {
|
|
160 |
$user_edit['ldap_user_last_checked'][LANGUAGE_NONE][0]['value'] = $check_time;
|
|
161 |
$account = user_save($account, $user_edit, 'ldap_user');
|
|
162 |
if (!$user_data['exists']) {
|
|
163 |
/**
|
|
164 |
* $ldap_user_conf->orphanedDrupalAcctBehavior will either be
|
|
165 |
* 'ldap_user_orphan_email' or one of the user module options:
|
|
166 |
* user_cancel_block, user_cancel_block_unpublish,
|
|
167 |
* user_cancel_reassign, user_cancel_delete
|
|
168 |
*/
|
|
169 |
if ($ldap_user_conf->orphanedDrupalAcctBehavior == 'ldap_user_orphan_email') {
|
|
170 |
$email_list[] = $account->name . "," . $account->mail . "," . $base_url . "/user/" . $account->uid . "/edit";
|
|
171 |
}
|
|
172 |
else {
|
|
173 |
_user_cancel(array(), $account, $ldap_user_conf->orphanedDrupalAcctBehavior);
|
|
174 |
}
|
|
180 |
}
|
|
181 |
//3. we now have $drupal_users[$sid][$puid_attr][$puid]['exists'] = FALSE | TRUE;
|
|
182 |
if ($ldap_user_conf->orphanedDrupalAcctBehavior == 'ldap_user_orphan_email') {
|
|
183 |
global $base_url;
|
|
184 |
}
|
|
185 |
foreach ($drupal_users as $sid => $puid_x_puid_attrs) { |
|
186 |
foreach ($puid_x_puid_attrs as $puid_attr => $puids) { |
|
187 |
foreach ($puids as $puid => $user_data) { |
|
188 |
|
|
189 |
if ($account = $accounts[$user_data['uid']]) { |
|
190 |
$user_edit = [];
|
|
191 |
$user_edit['ldap_user_last_checked'][LANGUAGE_NONE][0]['value'] = time();
|
|
192 |
$account = user_save($account, $user_edit, 'ldap_user');
|
|
193 |
if (!$user_data['exists']) {
|
|
194 |
/**
|
|
195 |
* $ldap_user_conf->orphanedDrupalAcctBehavior will either be
|
|
196 |
* 'ldap_user_orphan_email' or one of the user module options:
|
|
197 |
* user_cancel_block, user_cancel_block_unpublish,
|
|
198 |
* user_cancel_reassign, user_cancel_delete
|
|
199 |
*/
|
|
200 |
if ($ldap_user_conf->orphanedDrupalAcctBehavior == 'ldap_user_orphan_email') {
|
|
201 |
$email_list[] = $account->name . "," . $account->mail . "," . $base_url . "/user/" . $account->uid . "/edit";
|
|
202 |
}
|
|
203 |
else {
|
|
204 |
_user_cancel([], $account, $ldap_user_conf->orphanedDrupalAcctBehavior);
|
|
175 | 205 |
} |
176 | 206 |
} |
177 | 207 |
} |
178 | 208 |
} |
179 | 209 |
} |
180 | 210 |
} |
181 |
|
|
182 |
if (count($email_list) > 0) { |
|
183 |
$site_email = variable_get('site_mail', FALSE); |
|
184 |
$params = array('accounts' => $email_list); |
|
185 |
if ($site_email) { |
|
186 |
drupal_mail( |
|
187 |
'ldap_user', |
|
188 |
'orphaned_accounts', |
|
189 |
$site_email, |
|
190 |
language_default(), |
|
191 |
$params |
|
192 |
); |
|
193 |
} |
|
194 |
} |
|
195 |
|
|
196 |
return TRUE; |
|
211 |
return $email_list; |
|
197 | 212 |
} |
Formats disponibles : Unified diff
Weekly update of contrib modules