You are here

Home » API reference » Lightweight Directory Access Protocol (LDAP) 7

README.txt in Lightweight Directory Access Protocol (LDAP) 7

Same filename in this branch
  1. 7 README.txt
  2. 7 ldap_feeds/README.txt
  3. 7 ldap_profile/README.txt
  4. 7 ldap_authorization/README.txt
  5. 7 ldap_authentication/README.txt
  6. 7 ldap_authorization/ldap_authorization_og/README.txt
  7. 7 ldap_help/ldap_test_script/README.txt
Same filename and directory in other branches
  1. 8.2 ldap_authorization/README.txt
  2. 7.2 ldap_authorization/README.txt
// $Id: README.txt,v 1.2 2010/12/29 01:37:46 johnbarclay Exp $

Vocubulary of LDAP Authorization and its Code

----------------------
"Consumer"
----------------------
The "consumer" or entity that authorization is being granted.

Examples:  Drupal role, Organic Group group

----------------------
"Consumer Type"
----------------------
Machine ID of a consumer.  This is used in naming conventionss.

Examples:  drupal_role, og_group

----------------------
"Consumer Module"
----------------------
The module that bridges ldap_authorization and the consumer.
It needs to (1) provide a class: LdapAuthorizationConsumer<consumer_type>
and (2) implement hook_ldap_authorization_consumer.

Examples:  ldap_authorization_drupal_role


----------------------
"Authorization ID" aka "Consumer ID"
----------------------
The id of an individual authorization such as a drupal role or organic group.

Examples:  "authenticated user", "admin" (for drupal roles)
Examples:  "knitters on skates", "vacationing programmers" (og group names for organic groups)


----------------------
"Consumer Configuration"
----------------------
Configuration of how a users ldap attributes will
determine a set of Consumer ids the user should be granted.
Represented by LdapAuthorizationConsumerConf and LdapAuthorizationConsumerConfAdmin classes
and managed at /admin/config/people/ldap/authorization.  Stored in ldap_authorization database table.

---------------------
LDAP Server Configuration
---------------------
Each Consumer Configuration will use a single ldap server configuration to bind
and query ldap.  The ldap server configuration is also used to map the drupal
username to an ldap user entry.


----------------------
LDAP Authorization data storage:
---------------------

Authorization data is stored in user->data array.  Ultimately these should be stored in $user entity fields to make integration with other modules better.

$user->data['ldap_authorizations'][<consumerType>][<authorization_id>] => attributes

such as:

$user->data = array(
  'ldap_authorizations' => array(
    'og_group' => array (
      '3-2' => array (
        'date_granted' => 1329105152,
      ),
      '2-3' => array (
        'date_granted' => 1329105152,
      ),
    ),
    'drupal_role' => array (
      '7' => array (
        'date_granted' => 1329105152,
      ),
      '5' => array (
        'date_granted' => 1329105152,
      ),
    ),
  );

File

ldap_authorization/README.txt
View source 
  1. // $Id: README.txt,v 1.2 2010/12/29 01:37:46 johnbarclay Exp $

  2. 

  3. Vocubulary of LDAP Authorization and its Code

  4. 

  5. ----------------------

  6. "Consumer"

  7. ----------------------

  8. The "consumer" or entity that authorization is being granted.

  9. 

  10. Examples:  Drupal role, Organic Group group

  11. 

  12. ----------------------

  13. "Consumer Type"

  14. ----------------------

  15. Machine ID of a consumer.  This is used in naming conventionss.

  16. 

  17. Examples:  drupal_role, og_group

  18. 

  19. ----------------------

  20. "Consumer Module"

  21. ----------------------

  22. The module that bridges ldap_authorization and the consumer.

  23. It needs to (1) provide a class: LdapAuthorizationConsumer

  24. and (2) implement hook_ldap_authorization_consumer.

  25. 

  26. Examples:  ldap_authorization_drupal_role

  27. 

  28. 

  29. ----------------------

  30. "Authorization ID" aka "Consumer ID"

  31. ----------------------

  32. The id of an individual authorization such as a drupal role or organic group.

  33. 

  34. Examples:  "authenticated user", "admin" (for drupal roles)

  35. Examples:  "knitters on skates", "vacationing programmers" (og group names for organic groups)

  36. 

  37. 

  38. ----------------------

  39. "Consumer Configuration"

  40. ----------------------

  41. Configuration of how a users ldap attributes will

  42. determine a set of Consumer ids the user should be granted.

  43. Represented by LdapAuthorizationConsumerConf and LdapAuthorizationConsumerConfAdmin classes

  44. and managed at /admin/config/people/ldap/authorization.  Stored in ldap_authorization database table.

  45. 

  46. ---------------------

  47. LDAP Server Configuration

  48. ---------------------

  49. Each Consumer Configuration will use a single ldap server configuration to bind

  50. and query ldap.  The ldap server configuration is also used to map the drupal

  51. username to an ldap user entry.

  52. 

  53. 

  54. ----------------------

  55. LDAP Authorization data storage:

  56. ---------------------

  57. 

  58. Authorization data is stored in user->data array.  Ultimately these should be stored in $user entity fields to make integration with other modules better.

  59. 

  60. $user->data['ldap_authorizations'][][] => attributes

  61. 

  62. such as:

  63. 

  64. $user->data = array(

  65.   'ldap_authorizations' => array(

  66.     'og_group' => array (

  67.       '3-2' => array (

  68.         'date_granted' => 1329105152,

  69.       ),

  70.       '2-3' => array (

  71.         'date_granted' => 1329105152,

  72.       ),

  73.     ),

  74.     'drupal_role' => array (

  75.       '7' => array (

  76.         'date_granted' => 1329105152,

  77.       ),

  78.       '5' => array (

  79.         'date_granted' => 1329105152,

  80.       ),

  81.     ),

  82.   );