public function LdapAuthorizationConsumerDrupalRole::revokeSingleAuthorization in Lightweight Directory Access Protocol (LDAP) 7.2
Same name and namespace in other branches
- 8.2 ldap_authorization/ldap_authorization_drupal_role/LdapAuthorizationConsumerRole.class.php \LdapAuthorizationConsumerDrupalRole::revokeSingleAuthorization()
- 7 ldap_authorization/ldap_authorization_drupal_role/LdapAuthorizationConsumerRole.class.php \LdapAuthorizationConsumerDrupalRole::revokeSingleAuthorization()
Parameters
drupal user object $user: to have $consumer_id revoked.
string lower case $consumer_id: $consumer_id such as drupal role name, og group name, etc.
mixed $consumer: depends on type of consumer. Drupal roles are strings, og groups are ??
array $user_auth_data: array of $user data specific to this consumer type. stored in $user->data['ldap_authorizations'][<consumer_type>] array.
bool $reset: signifying if caches associated with $consumer_id should be invalidated.
return boolen TRUE on success, FALSE on fail. If user save is FALSE, the user object will not be saved and reloaded, so a returned TRUE may be misleading. $user_auth_data should have successfully revoked consumer id removed.
Overrides LdapAuthorizationConsumerAbstract::revokeSingleAuthorization
File
- ldap_authorization/
ldap_authorization_drupal_role/ LdapAuthorizationConsumerRole.class.php, line 104
Class
Code
public function revokeSingleAuthorization(&$user, $consumer_id, $consumer, &$user_auth_data, $user_save = FALSE, $reset = FALSE) {
$role_name_lcase = $consumer_id;
$role_name = empty($consumer['value']) ? $consumer_id : $consumer['value'];
$rid = $this
->getDrupalRoleIdFromRoleName($role_name);
if (!$rid) {
// Role id not found.
$result = FALSE;
}
elseif (!$user->roles[$rid]) {
if (isset($user_auth_data[$consumer_id])) {
unset($user_auth_data[$consumer_id]);
}
$result = TRUE;
}
else {
unset($user->roles[$rid]);
$user_edit = [
'roles' => $user->roles,
];
$account = user_load($user->uid);
$user = user_save($account, $user_edit);
$result = $user && !isset($user->roles[$rid]);
if ($result && isset($user_auth_data[$consumer_id])) {
unset($user_auth_data[$consumer_id]);
}
}
if ($this->detailedWatchdogLog) {
watchdog('ldap_authorization', 'LdapAuthorizationConsumerDrupalRole.revokeSingleAuthorization()
revoked: rid=%rid, role_name=%role_name for username=%username, result=%result', [
'%rid' => $rid,
'%role_name' => $role_name,
'%username' => $user->name,
'%result' => $result,
], WATCHDOG_DEBUG);
}
return $result;
}