public function LdapAuthorizationConsumerOG::normalizeMappings in Lightweight Directory Access Protocol (LDAP) 8.2
Same name and namespace in other branches
- 7.2 ldap_authorization/ldap_authorization_og/LdapAuthorizationConsumerOG.class.php \LdapAuthorizationConsumerOG::normalizeMappings()
- 7 ldap_authorization/ldap_authorization_og/LdapAuthorizationConsumerOG.class.php \LdapAuthorizationConsumerOG::normalizeMappings()
Overrides LdapAuthorizationConsumerAbstract::normalizeMappings
See also
LdapAuthorizationConsumerAbstract::normalizeMappings
File
- ldap_authorization/
ldap_authorization_og/ LdapAuthorizationConsumerOG.class.php, line 84
Class
Code
public function normalizeMappings($mappings) {
$new_mappings = array();
if ($this->ogVersion == 2) {
$group_entity_types = og_get_all_group_bundle();
foreach ($mappings as $i => $mapping) {
$from = $mapping[0];
$to = $mapping[1];
$to_parts = explode('(raw: ', $to);
$user_entered = $to_parts[0];
$new_mapping = array(
'from' => $from,
'user_entered' => $user_entered,
'valid' => TRUE,
'error_message' => '',
);
if (count($to_parts) == 2) {
// has simplified and normalized part in (). update normalized part as validation
$to_normalized = trim($to_parts[1], ')');
/**
* users (node:35:1)
* node:students (node:21:1)
* faculty (node:33:2)
* node:35:1 (node:35:1)
* node:35 (node:35:1)
*/
$to_simplified = $to_parts[0];
$to_simplified_parts = explode(':', trim($to_simplified));
$entity_type = count($to_simplified_parts) == 1 ? 'node' : $to_simplified_parts[0];
$role = count($to_simplified_parts) < 3 ? OG_AUTHENTICATED_ROLE : $to_simplified_parts[2];
$group_name = count($to_simplified_parts) == 1 ? $to_simplified_parts[0] : $to_simplified_parts[1];
list($group_entity, $group_entity_id) = ldap_authorization_og2_get_group_from_name($entity_type, $group_name);
$to_simplified = join(':', array(
$entity_type,
$group_name,
));
}
else {
// may be simplified or normalized, but not both
/**
* users
* node:students
* faculty
* node:35:1
* node:35
*/
$to_parts = explode(':', trim($to));
$entity_type = count($to_parts) == 1 ? 'node' : $to_parts[0];
$role = count($to_parts) < 3 ? OG_AUTHENTICATED_ROLE : $to_parts[2];
$group_name_or_entity_id = count($to_parts) == 1 ? $to_parts[0] : $to_parts[1];
list($group_entity, $group_entity_id) = ldap_authorization_og2_get_group_from_name($entity_type, $group_name_or_entity_id);
if ($group_entity) {
// if load by name works, $group_name_or_entity_id is group title
$to_simplified = join(':', array(
$entity_type,
$group_name_or_entity_id,
));
}
else {
$to_simplified = FALSE;
}
$simplified = (bool) $group_entity;
if (!$group_entity && ($group_entity = @entity_load_single($entity_type, $group_name_or_entity_id))) {
$group_entity_id = $group_name_or_entity_id;
}
}
if (!$group_entity) {
$new_mapping['normalized'] = FALSE;
$new_mapping['simplified'] = FALSE;
$new_mapping['valid'] = FALSE;
$new_mapping['error_message'] = t("cannot find matching group: !to", array(
'!to' => $to,
));
}
else {
$role_id = is_numeric($role) ? $role : ldap_authorization_og2_rid_from_role_name($entity_type, $group_entity->type, $group_entity_id, $role);
$roles = og_roles($entity_type, isset($group_entity->type) ? $group_entity->type : NULL, 0, FALSE, TRUE);
$role_name = is_numeric($role) ? $roles[$role] : $role;
$to_normalized = join(':', array(
$entity_type,
$group_entity_id,
$role_id,
));
$to_simplified = $to_simplified ? $to_simplified . ':' . $role_name : $to_normalized;
$new_mapping['normalized'] = $to_normalized;
$new_mapping['simplified'] = $to_simplified;
if ($to == $to_normalized) {
/** if not using simplified notation, do not convert to simplified.
this would create a situation where an og group
can change its title and the authorizations change when the
admin specified the group by entity id
*/
$new_mapping['user_entered'] = $to;
}
else {
$new_mapping['user_entered'] = $to_simplified . ' (raw: ' . $to_normalized . ')';
}
}
$new_mappings[] = $new_mapping;
}
}
else {
// og 1
foreach ($mappings as $i => $mapping) {
$new_mapping = array(
'from' => $mapping[0],
'user_entered' => $mapping[1],
'normalized' => NULL,
'simplified' => NULL,
'valid' => TRUE,
'error_message' => '',
);
$gid = NULL;
$rid = NULL;
$correct_syntax = "gid=43,rid=2 or group-name=students,role-name=member or node.title=students,role-name=member";
$incorrect_syntax = t('Incorrect mapping syntax. Correct examples are:') . $correct_syntax;
$targets = explode(',', $mapping[1]);
if (count($targets) != 2) {
$new_mapping['valid'] = FALSE;
$new_mapping['error_message'] = $incorrect_syntax;
continue;
}
$group_target_and_value = explode('=', $targets[0]);
if (count($group_target_and_value) != 2) {
$new_mapping['valid'] = FALSE;
$new_mapping['error_message'] = $incorrect_syntax;
continue;
}
list($group_target, $group_target_value) = $group_target_and_value;
$role_target_and_value = explode('=', $targets[1]);
if (count($role_target_and_value) != 2) {
$new_mapping['valid'] = FALSE;
$new_mapping['error_message'] = $incorrect_syntax;
continue;
}
list($role_target, $role_target_value) = $role_target_and_value;
$og_group = FALSE;
if ($group_target == 'gid') {
$gid = $group_target_value;
}
elseif ($group_target == 'group-name') {
list($og_group, $og_node) = ldap_authorization_og1_get_group($group_target_value, 'group_name', 'object');
if (is_object($og_group) && property_exists($og_group, 'gid') && $og_group->gid) {
$gid = $og_group->gid;
}
}
else {
$entity_type_and_field = explode('.', $group_target);
if (count($entity_type_and_field) != 2) {
$new_mapping['valid'] = FALSE;
$new_mapping['error_message'] = $incorrect_syntax;
continue;
}
list($entity_type, $field) = $entity_type_and_field;
$query = new EntityFieldQuery();
$query
->entityCondition('entity_type', $entity_type)
->fieldCondition($field, 'value', $group_target_value, '=')
->addMetaData('account', user_load(1));
// run the query as user 1
$result = $query
->execute();
if (is_array($result) && isset($result[$entity_type]) && count($result[$entity_type]) == 1) {
$entities = array_keys($result[$entity_type]);
$gid = ldap_authorization_og1_entity_id_to_gid($entities[0]);
}
}
if (!$og_group && $gid) {
$og_group = og_load($gid);
}
if ($role_target == 'rid') {
$role_name = ldap_authorization_og1_role_name_from_rid($role_target_value);
$rid = $role_target_value;
}
elseif ($role_target == 'role-name') {
$rid = ldap_authorization_og_rid_from_role_name($role_target_value);
$role_name = $role_target_value;
}
$new_mapping['simplified'] = $og_group->label . ', ' . $role_name;
$new_mapping['normalized'] = $gid && $rid ? ldap_authorization_og_authorization_id($gid, $rid) : FALSE;
$new_mappings[] = $new_mapping;
}
}
return $new_mappings;
}