You are here

Home » API reference » CAS roles 8 » cas_roles.module

function cas_roles_cas_user_presave in CAS roles 8

Same name and namespace in other branches
  1. 6 cas_roles.module \cas_roles_cas_user_presave()
  2. 7.2 cas_roles.module \cas_roles_cas_user_presave()
  3. 7 cas_roles.module \cas_roles_cas_user_presave()

Implements hook_cas_user_presave().

File

./cas_roles.module, line 52
Allows user account and profile attributes to be automatically populated using tokens. Provides basic tokens for attributes returned by the CAS server.

Code

function cas_roles_cas_user_presave(&$edit, $account) {
  $sync_every_login = variable_get('cas_roles_sync_every_login');
  $behavior = variable_get('cas_roles_behavior');
  $roles = variable_get('cas_roles_roles');
  $relations = variable_get('cas_roles_relations', array(
    '2' => NULL,
  ));

  // We synchronize on the first login (always) & on future logins (if chosen).
  if ($account->login && !$sync_every_login) {

    // The user has logged in before and we are not set to always synchronize.
    return;
  }

  // The users CAS attributes from the CAS module.
  $cas_attributes = $edit['cas_user']['attributes'];

  // Get the name of the attributes.
  $tokens = token_scan($roles);

  // There is no cas token, hence no matching.
  if (!is_array($tokens) || !array_key_exists('cas', $tokens)) {
    return;
  }
  $tokens = token_find_with_prefix($tokens['cas'], 'attribute');

  // An Array with the relevant CAS attribute arrays.
  $arr = array();
  foreach ($tokens as $name => $original) {
    $chain = explode(':', $name);
    $branch = $cas_attributes;
    $found = TRUE;
    foreach ($chain as $link) {
      if (isset($branch[$link])) {
        $branch = $branch[$link];
      }
      else {
        $found = FALSE;
      }
    }
    if ($found) {
      $arr[$original] = $branch;
    }
  }

  // Assemble the patterns.
  $role_patterns = array(
    $roles,
  );
  foreach ($arr as $token => $elements) {
    foreach ($role_patterns as $key => $pattern) {
      $new_pattern = array();
      _cas_roles_recursive_str_replace($new_pattern, $token, $elements, $pattern);
      unset($role_patterns[$key]);
      $role_patterns = array_merge($role_patterns, $new_pattern);
    }
  }

  // Replace all the tokens including the cas tokens if cas_attributes exists
  if (module_exists('cas_attributes')) {
    $data = array(
      'cas' => $edit['cas_user']['name'],
    );
  }
  else {
    $data = array();
  }
  foreach ($role_patterns as $key => $pattern) {
    $pattern = trim(token_replace($pattern, $data, array(
      'clear' => TRUE,
    )));
    $role_patterns[$key] = html_entity_decode($pattern);
  }
  $role_patterns = array_unique($role_patterns);
  if ($behavior == CAS_ROLES_CREATE_NEW_ROLES) {
    $new_roles = array_diff($role_patterns, user_roles());

    // Create new roles.
    foreach ($new_roles as $new) {
      $role = (object) array(
        'name' => $new,
      );
      user_role_save($role);
    }
  }
  if ($behavior == CAS_ROLES_MATCH_REGEX) {

    // Do regexp matching!
    $custom_roles = cas_roles_cutsom_user_roles();
    $new_user_roles = $edit['roles'];
    foreach ($custom_roles as $rid => $role) {
      if (array_key_exists($rid, $relations) && $relations[$rid]) {
        $matches = preg_grep($relations[$rid], $role_patterns);
        if (!empty($matches)) {
          $new_user_roles[$rid] = $role;
        }
        else {
          unset($new_user_roles[$rid]);
        }
      }
    }
  }
  else {

    // Just assign the roles!
    // Add the authenticated user role.
    $new_user_roles = array_intersect(cas_roles_cutsom_user_roles(), $role_patterns);
    $new_user_roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user';
  }

  // Set the (new) roles.
  $edit['roles'] = $new_user_roles;
}