You are here

Home » API reference » Bakery Single Sign-On System 6.2 » bakery.module

function bakery_user in Bakery Single Sign-On System 6.2

Same name and namespace in other branches
  1. 6 bakery.module \bakery_user()

Implementation of hook_user().

2 string references to 'bakery_user'
bakery_update_6003 in ./bakery.install
Add {bakery_user}.
_bakery_save_slave_uid in ./bakery.module
Save UID provided by a slave site. Should only be used on the master site.

File

./bakery.module, line 100

Code

function bakery_user($op, &$array, &$account, $category = NULL) {
  if ($op == 'login') {
    if (variable_get('bakery_is_master', 0)) {
      $init = _bakery_init_field($account->uid);
      _bakery_bake_chocolatechip_cookie($account->name, $account->mail, $init);
    }
  }
  else {
    if ($op == 'logout') {
      global $user;
      $cookie = _bakery_validate_cookie();

      // Only delete the SSO cookie if the name is the same in case there was an
      // existing session that's being logged out and SSO cookie is for new session.
      if ($user->uid && $cookie && $cookie['name'] === $user->name) {
        _bakery_eat_cookie();
      }

      // Destroy session cookie.
      _bakery_eat_cookie(session_name());
    }
    else {
      if ($op == 'update' && variable_get('bakery_is_master', 0)) {

        // We store email/name if they changed. We want to wait with doing
        // anything else until the changes are saved locally.
        $newly_saved_user = user_load($account->uid);

        // Invoke implementations of hook_bakery_transmit() for syncing arbitrary
        // data.
        $_SESSION['bakery']['data'] = module_invoke_all('bakery_transmit', $array, $account, $category);
        foreach (variable_get('bakery_supported_fields', array(
          'mail' => 'mail',
          'name' => 'name',
        )) as $type => $enabled) {

          // Profile fields are unset by this point so we have to get them from the DB and use whichever is populated.
          $value = isset($array[$type]) ? $array[$type] : $newly_saved_user->{$type};
          if ($enabled && isset($value)) {
            $_SESSION['bakery'][$type] = $value;
          }
        }
      }
      else {
        if ($op == 'after_update' && variable_get('bakery_is_master', 0) && isset($_SESSION['bakery'])) {
          global $user;
          $type = 'stroopwafel';
          $key = variable_get('bakery_key', '');
          $payload['data'] = serialize($_SESSION['bakery']);
          $payload['timestamp'] = $_SERVER['REQUEST_TIME'];
          $payload['uid'] = $account->uid;
          $payload['category'] = $category;
          $payload['type'] = $type;
          $data = bakery_bake_data($payload);
          $payload = drupal_query_string_encode(array(
            $type => $data,
          ));
          unset($_SESSION['bakery']);

          // Now update the slaves.
          $slaves = variable_get('bakery_slaves', array());
          foreach ($slaves as $slave) {
            $result = drupal_http_request($slave . 'bakery/update', array(
              'Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8',
            ), 'POST', $payload);
            if ($result->code != 200) {

              // Warning, warning.
              $message = 'Error %error for site at %url';
              $substitutions = array(
                '%error' => $result->code . ' ' . $result->error,
                '%url' => $slave,
              );
              watchdog('bakery', $message, $substitutions, WATCHDOG_ERROR);

              // Only inform administrators about the error.
              if (user_access('administer users')) {
                drupal_set_message(t($message, $substitutions), 'error');
              }

              // TODO: Roll back the change.
            }
            else {

              // The data should be OK because it's coming from a slave site, but we
              // are cautious with this.
              $message = filter_xss($result->data);

              // Only inform administrators about the message.
              if (user_access('administer users')) {
                drupal_set_message($message);
              }
              watchdog('bakery', $message);

              // Save UID provided by slave site.
              _bakery_save_slave_uid($account, $slave, $result->headers['X-Drupal-bakery-UID']);
            }
          }
          if ($user->uid === $account->uid) {

            // Rebake SSO cookie so user stays authenticated.
            $init = _bakery_init_field($account->uid);
            _bakery_bake_chocolatechip_cookie($account->name, $account->mail, $init);
          }
        }
        else {
          if ($op == 'view' && !variable_get('bakery_is_master', 0)) {
            $master = variable_get('bakery_master', 'http://drupal.org/');
            $init_url = _bakery_init_field_url($account->init);
            if (parse_url($master, PHP_URL_HOST) == parse_url($init_url, PHP_URL_HOST)) {
              $account->content['summary']['master_profile'] = array(
                '#type' => 'user_profile_item',
                '#title' => t('Primary profile'),
                '#value' => l(t('Profile on @master', array(
                  '@master' => variable_get('bakery_master', 'http://drupal.org'),
                )), substr($init_url, 0, strlen($init_url) - 5)),
                // Remove the /edit part of the url.
                '#attributes' => array(
                  'class' => 'og_groups',
                ),
                '#access' => user_access('access user profiles'),
              );
            }
          }
        }
      }
    }
  }
}