cas_roles_og.module in CAS roles 7.2

<?php

/**
 * @file
 * Allows user account and profile attributes to be automatically populated
 * using tokens. Provides basic tokens for attributes returned by the CAS
 * server.
 */

/**
 * Implements hook_menu().
 */
function cas_roles_og_menu() {
  $items = array();
  if (module_exists('og_ui')) {
    $items['group/%/%/admin/cas-roles'] = array(
      'title callback' => 'og_ui_menu_title_callback',
      'title arguments' => array(
        'CAS roles in group @group',
        1,
        2,
      ),
      'description' => 'Manage automatic CAS membership settings.',
      'page callback' => 'drupal_get_form',
      'page arguments' => array(
        'cas_roles_og_admin_settings',
        1,
        2,
      ),
      'access callback' => 'og_ui_user_access_group',
      'access arguments' => array(
        'administer cas',
        1,
        2,
      ),
      'weight' => -4,
      'file' => 'cas_roles_og.admin.inc',
    );
  }
  return $items;
}

/**
 * Implements hook_og_ui_get_group_admin().
 */
function cas_roles_og_og_ui_get_group_admin($group_type, $gid) {
  $items = array();
  if (og_user_access($group_type, $gid, 'administer cas')) {
    $items['cas_roles'] = array(
      'title' => t('CAS roles'),
      'description' => t('Manage automatic CAS membership settings.'),
      // The final URL will be "group/$entity_type/$etid/admin/cas-roles".
      'href' => 'admin/cas-roles',
    );
  }
  return $items;
}

/**
 * Implements hook_og_permission().
 */
function cas_roles_og_og_permission() {
  $items = array();
  $items['administer cas'] = array(
    'title' => t('Manage CAS settings'),
    'description' => t('Users may change the automatic subscription settings.'),
    'default role' => array(
      OG_ADMINISTRATOR_ROLE,
    ),
    'restrict access' => TRUE,
  );
  return $items;
}

/**
 * Implements hook_cas_user_presave().
 */
function cas_roles_og_cas_user_presave(&$edit, $account) {

  // Loop over all entity types as they are potentially group types.
  foreach (array_keys(entity_get_info()) as $group_type) {

    // Loop over all variables that are set.
    foreach (variable_get('cas_roles_og_' . $group_type, array()) as $gid => $settings) {

      // Defer the adding and removing from groups to after the user has been
      // saved. Add the settings to the edit array for later retrieval.
      $edit['cas_roles_og'][] = array(
        'settings' => $settings,
        'group_type' => $group_type,
        'gid' => $gid,
      );
    }
  }
}

/**
 * Add or remove user from a group and set the permissions.
 */
function cas_roles_og_treat_group($settings, $group_type, $gid, $account, $cas_user) {

  // We synchronize on the first login (always) & on future logins (if chosen).
  if ($account->login && !$settings['sync_every_login']) {

    // The user has logged in before and we are not set to always synchronize.
    return;
  }
  $role_candidates = cas_roles_candidates($cas_user, $settings['role_attribute']);
  $custom_roles = og_roles($group_type, $settings['bundle'], $gid, FALSE, FALSE);

  // Do regexp matching!
  $relations = $settings['relations'];
  $og_user_roles = og_get_user_roles($group_type, $gid, $account->uid, FALSE);
  $new_user_roles = $og_user_roles;
  foreach ($custom_roles as $rid => $role) {
    if (array_key_exists($rid, $relations) && $relations[$rid]) {
      $matches = preg_grep($relations[$rid], $role_candidates);
      if (!empty($matches)) {
        $new_user_roles[$rid] = $role;
      }
      else {
        unset($new_user_roles[$rid]);
      }
    }
  }
  $require_member = $settings['require_member_role_join'];

  // If the membership is required, pre-set its match with the users membership.
  $member_match = $require_member ? og_is_member($group_type, $gid, 'user', $account) : FALSE;
  if ($relations['member']) {
    $matches = preg_grep($relations['member'], $role_candidates);
    if (!empty($matches)) {
      $member_match = TRUE;
    }
    else {
      $member_match = FALSE;
    }
  }

  // Determine the conditions for a user to join or leave the group.
  if (($new_user_roles || $member_match) && !$require_member || $member_match && $require_member) {

    // The user is allowed to join the group.
    if (!og_is_member($group_type, $gid, 'user', $account)) {
      $values = array(
        'entity_type' => 'user',
        'entity' => $account->uid,
        'membership type' => OG_MEMBERSHIP_TYPE_DEFAULT,
        'state' => OG_STATE_ACTIVE,
      );
      og_group($group_type, $gid, $values);
    }
  }
  elseif ($settings['require_a_role_stay']) {

    // The user is not allowed to be in the group.
    if (og_is_member($group_type, $gid, 'user', $account)) {
      og_ungroup($group_type, $gid, 'user', $account->uid);
    }
  }

  // Otherwise the user can stay but is not added to the group.
  if (og_is_member($group_type, $gid, 'user', $account)) {

    // If the user is in the group assign the roles he should have.
    foreach (array_diff_key($new_user_roles, $og_user_roles) as $rid => $role) {
      og_role_grant($group_type, $gid, $account->uid, $rid);
    }
    foreach (array_diff_key($og_user_roles, $new_user_roles) as $rid => $role) {
      og_role_revoke($group_type, $gid, $account->uid, $rid);
    }
  }
}

/**
 * Implements hook_user_update().
 */
function cas_roles_og_user_update(&$edit, $account, $category) {

  // In hook_cas_user_presave we added the CAS settings for the og mapping.
  if (isset($edit['cas_roles_og'])) {
    foreach ($edit['cas_roles_og'] as $args) {
      cas_roles_og_treat_group($args['settings'], $args['group_type'], $args['gid'], $account, $edit['cas_user']);
    }
    unset($edit['cas_roles_og']);
  }
}

/**
 * Implements hook_user_insert().
 */
function cas_roles_og_user_insert(&$edit, $account, $category) {

  // In hook_cas_user_presave we added the CAS settings for the og mapping.
  if (isset($edit['cas_roles_og'])) {
    foreach ($edit['cas_roles_og'] as $args) {
      cas_roles_og_treat_group($args['settings'], $args['group_type'], $args['gid'], $account, $edit['cas_user']);
    }
    unset($edit['cas_roles_og']);
  }
}