root / drupal7 / sites / all / modules / ldap / ldap_servers / ldap_servers.api.php @ bc175c27
1 |
<?php
|
---|---|
2 |
|
3 |
/**
|
4 |
* @file
|
5 |
* Hooks provided by ldap_servers module
|
6 |
*/
|
7 |
|
8 |
/**
|
9 |
* Allows other modules to periodically affect an ldap associated user
|
10 |
* or its corresponding ldap entry.
|
11 |
*
|
12 |
* when cron runs a batch of ldap associated drupal accounts
|
13 |
* will be looked at and marked as tested. over the course
|
14 |
* of time all ldap related users will be looked at
|
15 |
*
|
16 |
* Each module implementing this hook is responsible for
|
17 |
* altering ldap entries and drupal user objects; simply
|
18 |
* altering the variables will have no affect on the actual
|
19 |
* ldap entry or drupal user
|
20 |
*/
|
21 |
|
22 |
function hook_ldap_servers_user_cron(&$users) { |
23 |
|
24 |
|
25 |
|
26 |
} |
27 |
|
28 |
/**
|
29 |
* helper hook to see if a batch of ldap users
|
30 |
* needs to be queried
|
31 |
*
|
32 |
* if a module implements hook_ldap_servers_user_cron,
|
33 |
* but currently does not need to process user cron batches,
|
34 |
* it should return FALSE
|
35 |
*/
|
36 |
|
37 |
function hook_ldap_servers_user_cron_needed() { |
38 |
return TRUE; |
39 |
} |
40 |
|
41 |
/**
|
42 |
* Allows other modules to alter ldap entry or perform other necessary
|
43 |
* LDAP operations before entires are provisioned.
|
44 |
* This should be invoked before provisioning ldap entries
|
45 |
*
|
46 |
* @param array $ldap_entries as array keyed on lowercase dn of entry with
|
47 |
* value of array in format used in ldap_add or ldap_modify function
|
48 |
* e.g.
|
49 |
* $ldap_entries['cn=jkool,ou=guest accounts,dc=ad,dc=myuniversity,dc=edu'] = array(
|
50 |
* "attribute1" => array("value"),
|
51 |
* "attribute2" => array("value1", "value2"),
|
52 |
* );
|
53 |
*
|
54 |
* @param LdapServer $ldap_server as ldap server configuration object that is
|
55 |
* performing provisioning
|
56 |
*
|
57 |
* @param array $context with the following key/values:
|
58 |
* 'action' => add|modify|delete
|
59 |
*
|
60 |
* 'corresponding_drupal_data' => if ldap entries have corresponding drupal objects, such
|
61 |
* as ldap user entries and drupal user objects; ldap groups and drupal roles; etc
|
62 |
* this will be array keyed on lowercase dn with values of objects
|
63 |
* e.g.
|
64 |
* $context['corresponding_drupal_data'] = array(
|
65 |
* 'cn=jkool,ou=guest accounts,dc=ad,dc=myuniversity,dc=edu' => drupal user object1,
|
66 |
* 'cn=jfun,ou=guest accounts,dc=ad,dc=myuniversity,dc=edu' => drupal user object2,
|
67 |
* )
|
68 |
*
|
69 |
* 'corresponding_drupal_data_type' => 'user', 'role', etc.
|
70 |
*
|
71 |
* );
|
72 |
*/
|
73 |
|
74 |
function hook_ldap_entry_pre_provision_alter(&$ldap_entries, $ldap_server, $context) { |
75 |
|
76 |
|
77 |
|
78 |
} |
79 |
|
80 |
/**
|
81 |
* Allows modules to react to provisioning of ldap entries.
|
82 |
*
|
83 |
* This should be invoked after provisioning ldap entries
|
84 |
*
|
85 |
* -- same signature as hook_ldap_entry_pre_provision_alter with ldap entries not passed by reference
|
86 |
* -- ldap entries are not queried after provisioning, so $ldap_entries are in form
|
87 |
* hook_ldap_entry_pre_provision; not actual queryied ldap entries
|
88 |
* -- if actual ldap entries are available after provisioning, they will be in
|
89 |
* $context['provisioned_ldap_entries][<dn>] => ldap entry array in format of an ldap query
|
90 |
* returned from ldap_get_entries() with 'count' keys
|
91 |
*/
|
92 |
|
93 |
function hook_ldap_entry_post_provision(&$ldap_entries, $ldap_server, $context) { |
94 |
|
95 |
|
96 |
|
97 |
} |
98 |
|
99 |
|
100 |
|
101 |
/**
|
102 |
* Perform alterations of ldap attributes before query is made.
|
103 |
*
|
104 |
* To avoid excessive attributes in an ldap query, modules should
|
105 |
* alter attributes needed based on $op parameter
|
106 |
*
|
107 |
* @param array $attributes
|
108 |
* array of attributes to be returned from ldap queries where:
|
109 |
* - each key is ldap attribute name (e.g. mail, cn)
|
110 |
* - each value is associative array of form:
|
111 |
* - 'conversion' => NULL,
|
112 |
* - 'values' => array(0 => 'john', 1 => 'johnny'))
|
113 |
*
|
114 |
* @param array $params context array with some or all of the following key/values
|
115 |
* 'sid' => drupal account object,
|
116 |
* 'ldap_context' => ,
|
117 |
* 'direction' =>
|
118 |
*
|
119 |
*/
|
120 |
function hook_ldap_attributes_needed_alter(&$attributes, $params) { |
121 |
|
122 |
$attributes['dn'] = ldap_servers_set_attribute_map(@$attributes['dn'], 'ldap_dn') ; |
123 |
if ($params['sid']) { // puid attributes are server specific |
124 |
$ldap_server = (is_object($params['sid'])) ? $params['sid'] : ldap_servers_get_servers($params['sid'], 'enabled', TRUE); |
125 |
|
126 |
switch ($op) { |
127 |
case 'user_insert': |
128 |
case 'user_update': |
129 |
if (!isset($attributes[$ldap_server->user_attr])) { |
130 |
// don't provide attribute if it exists, unless you are adding data_type or value information
|
131 |
// in that case, don't overwrite the whole array (see $ldap_server->mail_attr example below)
|
132 |
$attributes[$ldap_server->user_attr] = ldap_servers_set_attribute_map(); |
133 |
} |
134 |
if (!isset($attributes[$ldap_server->mail_attr])) { |
135 |
$attributes[$ldap_server->mail_attr] = ldap_servers_set_attribute_map(); // set default values for an attribute, force data_type |
136 |
} |
137 |
|
138 |
ldap_servers_token_extract_attributes($attributes, $ldap_server_obj->mail_template); |
139 |
$attributes[$ldap_server->unique_persistent_attr] = ldap_servers_set_attribute_map(@$attributes[$ldap_server->unique_persistent_attr]); |
140 |
|
141 |
break;
|
142 |
} |
143 |
} |
144 |
} |
145 |
|
146 |
|
147 |
/**
|
148 |
* Perform alterations of $ldap_user variable.
|
149 |
*
|
150 |
*
|
151 |
* @param array $ldap_user see README.developers.txt for structure
|
152 |
* @param array $params context array with some or all of the following key/values
|
153 |
* 'account' => drupal account object,
|
154 |
* 'ldap_context' => ,
|
155 |
* 'module' => module calling alter, e.g. 'ldap_user',
|
156 |
* 'function' => function calling alter, e.g. 'provisionLdapEntry'
|
157 |
*
|
158 |
*/
|
159 |
|
160 |
function hook_ldap_user_alter(&$ldap_entry, $params) { |
161 |
|
162 |
|
163 |
} |
164 |
|
165 |
/**
|
166 |
* Allow the results from the ldap search answer to be modified
|
167 |
* The query parameters are provided as context infomation
|
168 |
* (readonly)
|
169 |
*
|
170 |
*/
|
171 |
function hook_ldap_server_search_results_alter(&$entries, $ldap_query_params) { |
172 |
// look for a specific part of the $results array
|
173 |
// and maybe change it
|
174 |
} |
175 |
|
176 |
/**
|
177 |
* Allows other modules to transform the Drupal login username to an LDAP
|
178 |
* UserName attribute.
|
179 |
* Invoked in LdapServer::userUsernameToLdapNameTransform()
|
180 |
*
|
181 |
* @param $ldap_username
|
182 |
* The ldap username that will be used for the AuthName attribute
|
183 |
* @param $drupal_username
|
184 |
* The Drupal user name
|
185 |
* @param $context
|
186 |
* An array of additional contextual information
|
187 |
* - ldap_server: The LDAP server that is invoking the hook
|
188 |
*/
|
189 |
function hook_user_ldap_servers_username_to_ldapname_alter(&$ldap_username, $drupal_username, $context) { |
190 |
// Alter the name only if it has not been altered already, ie php eval code
|
191 |
if ($ldap_username == $drupal_username) { |
192 |
$authname = ldap_user_get_authname($ldap_username); |
193 |
if (!empty($authname)) { |
194 |
$ldap_username = $authname; |
195 |
} |
196 |
} |
197 |
} |