1 |
85ad3d82
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
|
|
/**
|
4 |
|
|
* @file
|
5 |
|
|
* Install, update and uninstall functions for the LDAP authorization module.
|
6 |
|
|
*/
|
7 |
|
|
|
8 |
|
|
/**
|
9 |
|
|
* Implements hook_requirements().
|
10 |
|
|
*/
|
11 |
|
|
function ldap_authorization_requirements($phase) {
|
12 |
|
|
$requirements = array();
|
13 |
|
|
|
14 |
|
|
if ($phase != "install" && db_field_exists('ldapauth', 'ldapgroups_in_dn' )) {
|
15 |
|
|
$requirements['ldap_authorization_ldap_integration']['title'] = t('LDAP Integration LDAP Groups Upgrade Concern');
|
16 |
|
|
$requirements['ldap_authorization_ldap_integration']['severity'] = REQUIREMENT_WARNING;
|
17 |
|
|
$requirements['ldap_authorization_ldap_integration']['value'] = NULL;
|
18 |
|
|
$requirements['ldap_authorization_ldap_integration']['description'] = t('Upgrade from Drupal 6 LDAP Groups to Drupal 7
|
19 |
|
|
LDAP Authorization is not automatic. LDAP Authorization will need to be configured by hand.
|
20 |
|
|
The authorization options are different and automated updgrade is not possible.
|
21 |
|
|
See also. See http://drupal.org/node/1023016, http://drupal.org/node/1183192.
|
22 |
|
|
This message will go away when the ldapauth database table is removed.');
|
23 |
|
|
}
|
24 |
|
|
// check that ldapauth not installed.
|
25 |
|
|
return $requirements;
|
26 |
|
|
}
|
27 |
|
|
|
28 |
|
|
/**
|
29 |
|
|
* Implements hook_install().
|
30 |
|
|
*/
|
31 |
|
|
function ldap_authorization_install() {
|
32 |
|
|
|
33 |
|
|
cache_clear_all('field_info_types:', 'cache_field', TRUE);
|
34 |
|
|
foreach (ldap_authorization_user_entity_fields() as $field_id => $field_conf) {
|
35 |
|
|
$field_info = field_info_field($field_id);
|
36 |
|
|
if (!$field_info) {
|
37 |
|
|
field_create_field($field_conf['field']);
|
38 |
|
|
field_create_instance($field_conf['instance']);
|
39 |
|
|
}
|
40 |
|
|
}
|
41 |
|
|
|
42 |
|
|
}
|
43 |
|
|
|
44 |
|
|
|
45 |
|
|
|
46 |
|
|
/**
|
47 |
|
|
* Implements hook_uninstall().
|
48 |
|
|
*/
|
49 |
|
|
function ldap_authorization_uninstall() {
|
50 |
|
|
foreach (ldap_authorization_user_entity_fields() as $field_id => $field_conf) {
|
51 |
|
|
|
52 |
|
|
$instance = field_info_instance($field_conf['instance']['entity_type'], $field_conf['instance']['field_name'], $field_conf['instance']['bundle']);
|
53 |
|
|
if ($instance) {
|
54 |
|
|
field_delete_instance($instance);
|
55 |
|
|
}
|
56 |
|
|
|
57 |
|
|
$field_info = field_info_field($field_conf['field']['field_name']);
|
58 |
|
|
if ($field_info) {
|
59 |
|
|
field_delete_field($field_conf['field']['field_name']);
|
60 |
|
|
}
|
61 |
|
|
}
|
62 |
|
|
module_load_include('inc', 'ldap_servers', 'ldap_servers.user_data_remove');
|
63 |
|
|
batch_set(ldap_severs_user_data_setup_batch());
|
64 |
|
|
$batch =& batch_get();
|
65 |
|
|
|
66 |
|
|
}
|
67 |
|
|
|
68 |
|
|
|
69 |
|
|
function ldap_authorization_user_entity_fields() {
|
70 |
|
|
|
71 |
|
|
$fields = array();
|
72 |
|
|
|
73 |
|
|
return $fields;
|
74 |
|
|
}
|
75 |
|
|
|
76 |
|
|
|
77 |
|
|
/**
|
78 |
|
|
* Implements hook_schema().
|
79 |
|
|
*/
|
80 |
|
|
function ldap_authorization_schema() {
|
81 |
|
|
|
82 |
|
|
$schema['ldap_authorization'] = array(
|
83 |
|
|
'export' => array(
|
84 |
|
|
'key' => 'consumer_type',
|
85 |
|
|
'key name' => 'Mapping ID',
|
86 |
|
|
'identifier' => 'consumer_type',
|
87 |
|
|
'primary key' => 'numeric_consumer_conf_id',
|
88 |
|
|
'api' => array(
|
89 |
|
|
'owner' => 'ldap_authorization',
|
90 |
|
|
'api' => 'ldap_authorization',
|
91 |
|
|
'minimum_version' => 1,
|
92 |
|
|
'current_version' => 1,
|
93 |
|
|
),
|
94 |
|
|
),
|
95 |
|
|
|
96 |
|
|
'description' => "Data used to map users ldap entry to authorization rights.",
|
97 |
|
|
'primary key' => array('numeric_consumer_conf_id'),
|
98 |
|
|
'foreign keys' => array(
|
99 |
|
|
'sid' => array(
|
100 |
|
|
'table' => 'ldap_servers',
|
101 |
|
|
'columns' => array('sid' => 'sid'),
|
102 |
|
|
),
|
103 |
|
|
),
|
104 |
|
|
);
|
105 |
|
|
|
106 |
|
|
module_load_include('inc', 'ldap_servers', 'ldap_servers.functions');
|
107 |
|
|
module_load_include('php', 'ldap_authorization', 'LdapAuthorizationConsumerConfAdmin.class');
|
108 |
|
|
|
109 |
|
|
$fields = LdapAuthorizationConsumerConfAdmin::fields();
|
110 |
|
|
foreach ($fields as $name => $props) {
|
111 |
|
|
if (isset($props['schema'])) {
|
112 |
|
|
$schema['ldap_authorization']['fields'][$name] = $props['schema'];
|
113 |
|
|
}
|
114 |
|
|
}
|
115 |
|
|
|
116 |
|
|
return $schema;
|
117 |
|
|
}
|
118 |
|
|
|
119 |
|
|
/**
|
120 |
|
|
* add 'create_consumers field to ldap_authorization table
|
121 |
|
|
*/
|
122 |
|
|
function ldap_authorization_update_7100() {
|
123 |
|
|
|
124 |
|
|
if (!db_field_exists('ldap_authorization', 'create_consumers')) {
|
125 |
|
|
db_add_field('ldap_authorization', 'create_consumers', array(
|
126 |
|
|
'type' => 'int',
|
127 |
|
|
'size' => 'tiny',
|
128 |
|
|
'not null' => TRUE,
|
129 |
|
|
'default' => 0,
|
130 |
|
|
));
|
131 |
|
|
return t('"create_consumers" field added to ldap_authorization table');
|
132 |
|
|
}
|
133 |
|
|
else {
|
134 |
|
|
return t('No database changes made.');
|
135 |
|
|
}
|
136 |
|
|
|
137 |
|
|
}
|
138 |
|
|
|
139 |
|
|
/**
|
140 |
|
|
* add derive_from_attr_use_first_attr field to ldap_authorization table
|
141 |
|
|
*/
|
142 |
|
|
function ldap_authorization_update_7101() {
|
143 |
|
|
|
144 |
|
|
if (!db_field_exists('ldap_authorization', 'derive_from_attr_use_first_attr')) {
|
145 |
|
|
db_add_field('ldap_authorization', 'derive_from_attr_use_first_attr', array(
|
146 |
|
|
'type' => 'int',
|
147 |
|
|
'size' => 'tiny',
|
148 |
|
|
'not null' => TRUE,
|
149 |
|
|
'default' => 0,
|
150 |
|
|
));
|
151 |
|
|
return t('"derive_from_attr_use_first_attr" field added to ldap_authorization table');
|
152 |
|
|
}
|
153 |
|
|
else {
|
154 |
|
|
return t('No database changes made.');
|
155 |
|
|
}
|
156 |
|
|
|
157 |
|
|
}
|
158 |
|
|
|
159 |
|
|
|
160 |
|
|
/**
|
161 |
|
|
* Add derive_from_entry_search_all column to ldap_authorization
|
162 |
|
|
*/
|
163 |
|
|
function ldap_authorization_update_7102() {
|
164 |
|
|
|
165 |
|
|
if (!db_field_exists('ldap_authorization', 'derive_from_entry_search_all')) {
|
166 |
|
|
db_add_field('ldap_authorization', 'derive_from_entry_search_all', array(
|
167 |
|
|
'type' => 'int',
|
168 |
|
|
'size' => 'tiny',
|
169 |
|
|
'not null' => TRUE,
|
170 |
|
|
'default' => 0,
|
171 |
|
|
));
|
172 |
|
|
return t('"derive_from_entry_search_all" field added to ldap_authorization table');
|
173 |
|
|
}
|
174 |
|
|
else {
|
175 |
|
|
return t('No database changes made.');
|
176 |
|
|
}
|
177 |
|
|
|
178 |
|
|
}
|
179 |
|
|
|
180 |
|
|
/**
|
181 |
|
|
* change derive_from_attr_attr and derive_from_entry fields to text instead of varchar 2555
|
182 |
|
|
*/
|
183 |
|
|
function ldap_authorization_update_7103() {
|
184 |
|
|
|
185 |
|
|
foreach (array('derive_from_dn_attr', 'derive_from_attr_attr', 'derive_from_entry_entries') as $field_name) {
|
186 |
|
|
db_change_field('ldap_authorization', $field_name, $field_name, array(
|
187 |
|
|
'type' => 'text',
|
188 |
|
|
'not null' => FALSE,
|
189 |
|
|
));
|
190 |
|
|
}
|
191 |
|
|
|
192 |
|
|
}
|
193 |
|
|
|
194 |
|
|
/**
|
195 |
|
|
* change derive_from_attr_attr and derive_from_entry fields to text instead of varchar 2555
|
196 |
|
|
* applied second time because beta6 and 7 were wrong.
|
197 |
|
|
*/
|
198 |
|
|
function ldap_authorization_update_7104() {
|
199 |
|
|
|
200 |
|
|
foreach (array('derive_from_dn_attr', 'derive_from_attr_attr', 'derive_from_entry_entries') as $field_name) {
|
201 |
|
|
db_change_field('ldap_authorization', $field_name, $field_name, array(
|
202 |
|
|
'type' => 'text',
|
203 |
|
|
'not null' => FALSE,
|
204 |
|
|
));
|
205 |
|
|
}
|
206 |
|
|
|
207 |
|
|
}
|
208 |
|
|
|
209 |
|
|
/**
|
210 |
|
|
* add derive_from_entry_user_ldap_attr field to allow user specification of dn or other identifier.
|
211 |
|
|
*/
|
212 |
|
|
function ldap_authorization_update_7105() {
|
213 |
|
|
|
214 |
|
|
if (!db_field_exists('ldap_authorization', 'derive_from_entry_user_ldap_attr')) {
|
215 |
|
|
db_add_field('ldap_authorization', 'derive_from_entry_user_ldap_attr', array(
|
216 |
|
|
'type' => 'varchar',
|
217 |
|
|
'length' => 255,
|
218 |
|
|
'default' => NULL,
|
219 |
|
|
));
|
220 |
|
|
return t('"derive_from_entry_user_ldap_attr" field added to ldap_authorization table');
|
221 |
|
|
}
|
222 |
|
|
else {
|
223 |
|
|
return t('No database changes made.');
|
224 |
|
|
}
|
225 |
|
|
|
226 |
|
|
}
|
227 |
|
|
|
228 |
|
|
/**
|
229 |
|
|
* add nested checkboxes to derive from entry and attributes strategies.
|
230 |
|
|
*/
|
231 |
|
|
function ldap_authorization_update_7106() {
|
232 |
|
|
|
233 |
|
|
if (!db_field_exists('ldap_authorization', 'derive_from_attr_nested')) {
|
234 |
|
|
db_add_field('ldap_authorization', 'derive_from_attr_nested', array(
|
235 |
|
|
'type' => 'int',
|
236 |
|
|
'size' => 'tiny',
|
237 |
|
|
'not null' => TRUE,
|
238 |
|
|
'default' => 0,
|
239 |
|
|
));
|
240 |
|
|
$msg = t('"derive_from_attr_nested" field added to ldap_authorization table');
|
241 |
|
|
}
|
242 |
|
|
|
243 |
|
|
if (!db_field_exists('ldap_authorization', 'derive_from_entry_nested')) {
|
244 |
|
|
db_add_field('ldap_authorization', 'derive_from_entry_nested', array(
|
245 |
|
|
'type' => 'int',
|
246 |
|
|
'size' => 'tiny',
|
247 |
|
|
'not null' => TRUE,
|
248 |
|
|
'default' => 0,
|
249 |
|
|
));
|
250 |
|
|
$msg .= t('"derive_from_entry_nested" field added to ldap_authorization table');
|
251 |
|
|
}
|
252 |
|
|
|
253 |
|
|
return ($msg) ? $msg : t('No database changes made.');
|
254 |
|
|
}
|
255 |
|
|
|
256 |
|
|
/**
|
257 |
|
|
* add derive_from_entry_use_first_attr field to and remove description field from ldap_authorization table
|
258 |
|
|
*/
|
259 |
|
|
function ldap_authorization_update_7107() {
|
260 |
|
|
|
261 |
|
|
$changes = '';
|
262 |
|
|
|
263 |
|
|
if (!db_field_exists('ldap_authorization', 'derive_from_entry_use_first_attr')) {
|
264 |
|
|
db_add_field('ldap_authorization', 'derive_from_entry_use_first_attr', array(
|
265 |
|
|
'type' => 'int',
|
266 |
|
|
'size' => 'tiny',
|
267 |
|
|
'not null' => TRUE,
|
268 |
|
|
'default' => 0,
|
269 |
|
|
));
|
270 |
|
|
$changes .= t('"derive_from_entry_use_first_attr" field added to ldap_authorization table');
|
271 |
|
|
}
|
272 |
|
|
|
273 |
|
|
if (db_field_exists('ldap_authorization', 'description')) {
|
274 |
|
|
db_drop_field('ldap_authorization', 'description');
|
275 |
|
|
$changes .= t('"description" field dropped from to ldap_authorization table');
|
276 |
|
|
}
|
277 |
|
|
|
278 |
|
|
return ($changes) ? $changes : t('No database changes made.');
|
279 |
|
|
|
280 |
|
|
}
|
281 |
|
|
|
282 |
|
|
|
283 |
|
|
/**
|
284 |
|
|
* add derive_from_entry_entries_attr field to allow user specification of attribute representing group in queries.
|
285 |
|
|
*/
|
286 |
|
|
function ldap_authorization_update_7108() {
|
287 |
|
|
|
288 |
|
|
if (!db_field_exists('ldap_authorization', 'derive_from_entry_entries_attr')) {
|
289 |
|
|
db_add_field('ldap_authorization', 'derive_from_entry_entries_attr', array(
|
290 |
|
|
'type' => 'varchar',
|
291 |
|
|
'length' => 255,
|
292 |
|
|
'default' => NULL,
|
293 |
|
|
));
|
294 |
|
|
return t('"derive_from_entry_entries_attr" field added to ldap_authorization table');
|
295 |
|
|
}
|
296 |
|
|
else {
|
297 |
|
|
return t('No database changes made.');
|
298 |
|
|
}
|
299 |
|
|
_ldap_authorization_add_ldap_user_fields();
|
300 |
|
|
|
301 |
|
|
}
|
302 |
|
|
|
303 |
|
|
/**
|
304 |
|
|
* moving some groups related fields into ldap server module
|
305 |
|
|
*/
|
306 |
|
|
function ldap_authorization_update_7201() {
|
307 |
|
|
|
308 |
|
|
// need to merge 2 table fields (derive_from_entry_use_first_attr and derive_from_attr_use_first_attr into one field useFirstAttrAsGroupId)
|
309 |
|
|
$results = '';
|
310 |
|
|
|
311 |
|
|
if (!db_field_exists('ldap_authorization', 'useFirstAttrAsGroupId')) {
|
312 |
|
|
db_add_field('ldap_authorization', 'useFirstAttrAsGroupId', array(
|
313 |
|
|
'type' => 'int',
|
314 |
|
|
'size' => tiny,
|
315 |
|
|
'not null' => TRUE,
|
316 |
|
|
'default' => 0,
|
317 |
|
|
));
|
318 |
|
|
$results .= t('"useFirstAttrAsGroupId" field added to ldap_authorization table');
|
319 |
|
|
}
|
320 |
|
|
|
321 |
|
|
if (!db_field_exists('ldap_authorization', 'searchAll')) {
|
322 |
|
|
db_add_field('ldap_authorization', 'searchAll', array(
|
323 |
|
|
'type' => 'int',
|
324 |
|
|
'size' => tiny,
|
325 |
|
|
'not null' => TRUE,
|
326 |
|
|
'default' => 0,
|
327 |
|
|
));
|
328 |
|
|
$results .= t('"searchAll" field added to ldap_authorization table');
|
329 |
|
|
}
|
330 |
|
|
}
|
331 |
|
|
|
332 |
|
|
|
333 |
|
|
/**
|
334 |
|
|
* remove user ldap authorizations field. its in $user->data now
|
335 |
|
|
*/
|
336 |
|
|
function ldap_authorization_update_7202() {
|
337 |
|
|
|
338 |
|
|
$instance = array(
|
339 |
|
|
'field_name' => 'ldap_authorizations',
|
340 |
|
|
'entity_type' => 'user',
|
341 |
|
|
'bundle' => 'user',
|
342 |
|
|
);
|
343 |
|
|
field_delete_instance($instance, TRUE);
|
344 |
|
|
field_delete_field('ldap_authorizations');
|
345 |
|
|
|
346 |
|
|
}
|
347 |
|
|
|
348 |
|
|
/**
|
349 |
|
|
* make all schema field names lowercase in ldap server to deal with cronic case sensitivity issues
|
350 |
|
|
*/
|
351 |
|
|
function ldap_authorization_update_7203() {
|
352 |
|
|
|
353 |
|
|
if (db_field_exists('ldap_authorization', 'searchAll')) {
|
354 |
|
|
db_drop_field('ldap_authorization', 'searchAll');
|
355 |
|
|
}
|
356 |
|
|
|
357 |
|
|
$schema = ldap_authorization_schema();
|
358 |
|
|
$field_schema = $schema['ldap_authorization']['fields']['use_first_attr_as_groupid'];
|
359 |
|
|
if (db_field_exists('ldap_authorization', 'useFirstAttrAsGroupId')) {
|
360 |
|
|
if (db_field_exists('ldap_authorization', 'use_first_attr_as_groupid')) {
|
361 |
|
|
db_drop_field('ldap_authorization', 'useFirstAttrAsGroupId');
|
362 |
|
|
}
|
363 |
|
|
else {
|
364 |
|
|
db_change_field('ldap_authorization', 'useFirstAttrAsGroupId', 'use_first_attr_as_groupid', $field_schema);
|
365 |
|
|
}
|
366 |
|
|
}
|
367 |
|
|
|
368 |
|
|
}
|
369 |
|
|
|
370 |
|
|
/**
|
371 |
|
|
* make all schema field names lowercase in ldap server to deal with cronic case sensitivity issues
|
372 |
|
|
*/
|
373 |
|
|
function ldap_authorization_update_7204() {
|
374 |
|
|
|
375 |
|
|
$schema = ldap_authorization_schema();
|
376 |
|
|
$field_schema = $schema['ldap_authorization']['fields']['mappings'];
|
377 |
|
|
if (db_field_exists('ldap_authorization', 'mappings')) {
|
378 |
|
|
db_change_field('ldap_authorization', 'mappings', 'mappings', $field_schema);
|
379 |
|
|
}
|
380 |
|
|
|
381 |
|
|
} |