You are here

Home » API reference » Lightweight Directory Access Protocol (LDAP) 7 » LdapAuthorizationConsumerOG.class.php » LdapAuthorizationConsumerOG

public function LdapAuthorizationConsumerOG::normalizeMappings in Lightweight Directory Access Protocol (LDAP) 7

Same name and namespace in other branches
  1. 8.2 ldap_authorization/ldap_authorization_og/LdapAuthorizationConsumerOG.class.php \LdapAuthorizationConsumerOG::normalizeMappings()
  2. 7.2 ldap_authorization/ldap_authorization_og/LdapAuthorizationConsumerOG.class.php \LdapAuthorizationConsumerOG::normalizeMappings()

function to normalize mappings should be overridden when mappings are not stored as map|authorization_id format where authorization_id is the format returned by LdapAuthorizationConsumerAbstract::usersAuthorizations()

for example ldap_authorization_og may store mapping target as: Campus Accounts|group-name=knitters,role-name=administrator member

but the target authorization_id format is in the form gid-rid such as 2-3

Overrides LdapAuthorizationConsumerAbstract::normalizeMappings

1 call to LdapAuthorizationConsumerOG::normalizeMappings()
LdapAuthorizationConsumerOG::validateAuthorizationMappingTarget in ldap_authorization/ldap_authorization_og/LdapAuthorizationConsumerOG.class.php
* Validate authorization mappings on LDAP Authorization OG Admin form. * *

File

ldap_authorization/ldap_authorization_og/LdapAuthorizationConsumerOG.class.php, line 98

Class

LdapAuthorizationConsumerOG

Code

public function normalizeMappings($mappings) {
  if ($this->ogVersion == 2) {

    // not relavant to og 2 mappings
    return $mappings;
  }
  foreach ($mappings as $i => $mapping) {
    $gid = NULL;
    $rid = NULL;
    $targets = explode(',', $mapping[1]);
    if (count($targets) != 2) {
      return FALSE;
    }
    $group_target_and_value = explode('=', $targets[0]);
    if (count($group_target_and_value) != 2) {
      return FALSE;
    }
    list($group_target, $group_target_value) = $group_target_and_value;
    $role_target_and_value = explode('=', $targets[1]);
    if (count($role_target_and_value) != 2) {
      return FALSE;
    }
    list($role_target, $role_target_value) = $role_target_and_value;
    if ($group_target == 'gid') {
      $gid = $group_target_value;
    }
    elseif ($group_target == 'group-name') {
      list($og_group, $og_node) = ldap_authorization_og1_get_group($group_target_value, 'group_name', 'object');
      if (is_object($og_group) && property_exists($og_group, 'gid') && $og_group->gid) {
        $gid = $og_group->gid;
      }
    }
    else {
      $entity_type_and_field = explode('.', $group_target);
      if (count($entity_type_and_field) != 2) {
        return FALSE;
      }
      list($entity_type, $field) = $entity_type_and_field;
      $query = new EntityFieldQuery();
      $query
        ->entityCondition('entity_type', $entity_type)
        ->fieldCondition($field, 'value', $group_target_value, '=')
        ->addMetaData('account', user_load(1));

      // run the query as user 1
      $result = $query
        ->execute();
      if (is_array($result) && isset($result[$entity_type]) && count($result[$entity_type]) == 1) {
        $entities = array_keys($result[$entity_type]);
        $gid = ldap_authorization_og1_entity_id_to_gid($entities[0]);
      }
    }
    if ($role_target == 'rid') {
      $rid = $role_target_value;
    }
    elseif ($role_target == 'role-name') {
      $rid = ldap_authorization_og_rid_from_role_name($role_target_value);
    }
    if ($gid && $rid) {
      $mappings[$i][1] = ldap_authorization_og_authorization_id($gid, $rid);
    }
    else {
      $mappings[$i][1] = FALSE;
    }
  }
  return $mappings;
}