public function LdapAuthorizationConsumerOG::normalizeMappings in Lightweight Directory Access Protocol (LDAP) 7.2
Same name and namespace in other branches
- 8.2 ldap_authorization/ldap_authorization_og/LdapAuthorizationConsumerOG.class.php \LdapAuthorizationConsumerOG::normalizeMappings()
- 7 ldap_authorization/ldap_authorization_og/LdapAuthorizationConsumerOG.class.php \LdapAuthorizationConsumerOG::normalizeMappings()
Overrides LdapAuthorizationConsumerAbstract::normalizeMappings
See also
LdapAuthorizationConsumerAbstract::normalizeMappings
File
- ldap_authorization/
ldap_authorization_og/ LdapAuthorizationConsumerOG.class.php, line 71
Class
Code
public function normalizeMappings($mappings) {
$new_mappings = [];
$group_entity_types = og_get_all_group_bundle();
foreach ($mappings as $i => $mapping) {
$from = $mapping[0];
$to = $mapping[1];
$to_parts = explode('(raw: ', $to);
$user_entered = $to_parts[0];
$new_mapping = [
'from' => $from,
'user_entered' => $user_entered,
'valid' => TRUE,
'error_message' => '',
];
// Has simplified and normalized part in (). update normalized part as validation.
if (count($to_parts) == 2) {
$to_normalized = trim($to_parts[1], ')');
/**
* users (node:35:1)
* node:students (node:21:1)
* faculty (node:33:2)
* node:35:1 (node:35:1)
* node:35 (node:35:1)
*/
$to_simplified = $to_parts[0];
$to_simplified_parts = explode(':', trim($to_simplified));
$entity_type = count($to_simplified_parts) == 1 ? 'node' : $to_simplified_parts[0];
$role = count($to_simplified_parts) < 3 ? OG_AUTHENTICATED_ROLE : $to_simplified_parts[2];
$group_name = count($to_simplified_parts) == 1 ? $to_simplified_parts[0] : $to_simplified_parts[1];
list($group_entity, $group_entity_id) = ldap_authorization_og2_get_group_from_name($entity_type, $group_name);
$to_simplified = join(':', [
$entity_type,
$group_name,
]);
}
else {
/**
* users
* node:students
* faculty
* node:35:1
* node:35
*/
$to_parts = explode(':', trim($to));
$entity_type = count($to_parts) == 1 ? 'node' : $to_parts[0];
$role = count($to_parts) < 3 ? OG_AUTHENTICATED_ROLE : $to_parts[2];
$group_name_or_entity_id = count($to_parts) == 1 ? $to_parts[0] : $to_parts[1];
list($group_entity, $group_entity_id) = ldap_authorization_og2_get_group_from_name($entity_type, $group_name_or_entity_id);
// If load by name works, $group_name_or_entity_id is group title.
if ($group_entity) {
$to_simplified = join(':', [
$entity_type,
$group_name_or_entity_id,
]);
}
else {
$to_simplified = FALSE;
}
$simplified = (bool) $group_entity;
if (!$group_entity && ($group_entity = @entity_load_single($entity_type, $group_name_or_entity_id))) {
$group_entity_id = $group_name_or_entity_id;
}
}
if (!$group_entity) {
$new_mapping['normalized'] = FALSE;
$new_mapping['simplified'] = FALSE;
$new_mapping['valid'] = FALSE;
$new_mapping['error_message'] = t("cannot find matching group: !to", [
'!to' => $to,
]);
}
else {
$role_id = is_numeric($role) ? $role : ldap_authorization_og2_rid_from_role_name($entity_type, $group_entity->type, $group_entity_id, $role);
$roles = og_roles($entity_type, isset($group_entity->type) ? $group_entity->type : NULL, 0, FALSE, TRUE);
$role_name = is_numeric($role) ? $roles[$role] : $role;
$to_normalized = join(':', [
$entity_type,
$group_entity_id,
$role_id,
]);
$to_simplified = $to_simplified ? $to_simplified . ':' . $role_name : $to_normalized;
$new_mapping['normalized'] = $to_normalized;
$new_mapping['simplified'] = $to_simplified;
if ($to == $to_normalized) {
/** if not using simplified notation, do not convert to simplified.
* this would create a situation where an og group
* can change its title and the authorizations change when the
* admin specified the group by entity id
*/
$new_mapping['user_entered'] = $to;
}
else {
$new_mapping['user_entered'] = $to_simplified . ' (raw: ' . $to_normalized . ')';
}
}
$new_mappings[] = $new_mapping;
}
return $new_mappings;
}