You are here

Home » API reference » Auth0 Single Sign On 7.2 » auth0.module

function auth0_update_roles in Auth0 Single Sign On 7.2

Updates the $user->roles of a user based on the auth0 role mappings

1 call to auth0_update_roles()
auth0_update_fields_and_roles in ./auth0.module
Update the field mappings and role mappings for a user based on auth0 user data

File

./auth0.module, line 455

Code

function auth0_update_roles($user_info, $uid, $the_user, &$edit) {
  $auth0_claim_to_use_for_role = variable_get('auth0_claim_to_use_for_role');
  if (isset($auth0_claim_to_use_for_role) && !empty($auth0_claim_to_use_for_role)) {
    $claim_value = isset($user_info[$auth0_claim_to_use_for_role]) ? $user_info[$auth0_claim_to_use_for_role] : '';
    function_exists('dd') && dd($claim_value, 'claim_value');
    $claim_values = array();
    if (is_array($claim_value)) {
      $claim_values = $claim_value;
    }
    else {
      $claim_values[] = $claim_value;
    }
    function_exists('dd') && dd($claim_values, 'claim_values');
    $auth0_role_mapping = variable_get('auth0_role_mapping');
    $mappings = auth0_pipeListToArray($auth0_role_mapping);
    function_exists('dd') && dd($mappings, 'auth0_role_mapping as array');
    $roles_granted = array();
    $roles_managed_by_mapping = array();
    foreach ($mappings as $mapping) {
      function_exists('dd') && dd($mapping, 'mapping');
      $roles_managed_by_mapping[] = $mapping[1];
      if (in_array($mapping[0], $claim_values)) {
        $roles_granted[] = $mapping[1];
      }
    }
    $roles_granted = array_unique($roles_granted);
    $roles_managed_by_mapping = array_unique($roles_managed_by_mapping);
    function_exists('dd') && dd($roles_granted, 'roles_granted');
    function_exists('dd') && dd($roles_managed_by_mapping, 'roles_managed_by_mapping');
    $not_granted = array_diff($roles_managed_by_mapping, $roles_granted);
    function_exists('dd') && dd($not_granted, 'not_granted');
    $user_roles = $the_user->roles;
    function_exists('dd') && dd($user_roles, 'user_roles');
    $new_user_roles = array_merge(array_diff($user_roles, $not_granted), $roles_granted);
    function_exists('dd') && dd($new_user_roles, 'new_user_roles');
    $tmp = array_diff($new_user_roles, $user_roles);
    if (!empty($tmp)) {
      $new_user_roles_map = array();
      foreach ($new_user_roles as $new_role) {
        $role = user_role_load_by_name($new_role);
        $new_user_roles_map[$role->rid] = $role->name;
      }
      function_exists('dd') && dd($new_user_roles_map, 'changes to roles detected');
      $edit['roles'] = $new_user_roles_map;
      $the_user->roles = $new_user_roles_map;
    }
  }
}