public function LdapAuthorizationConsumerOG::revokeSingleAuthorization in Lightweight Directory Access Protocol (LDAP) 7
* revoke an authorization * * extends revokeSingleAuthorization() * *
Parameters
drupal user object $user: * @param string $authorization_id (aka consumer id) in form organic group gid-rid such as 7-2 * @param array $user_auth_data is array specific to this consumer_type. Stored in $user->data['ldap_authorizations']['og_group'] * * @return TRUE if revoked or user doesn't have role FALSE if not revoked or failed. * this function does not save the user object or alter $user_auth_data. this is handled in the abstract class.
Overrides LdapAuthorizationConsumerAbstract::revokeSingleAuthorization
File
- ldap_authorization/
ldap_authorization_og/ LdapAuthorizationConsumerOG.class.php, line 225
Class
Code
public function revokeSingleAuthorization(&$user, $authorization_id, &$user_auth_data) {
if ($this->ogVersion == 1) {
list($gid, $rid) = @explode('-', $authorization_id);
}
else {
list($group_type, $gid, $rid) = @explode(':', $authorization_id);
}
// CASE 1: Bad Parameters
if (!$authorization_id || !$gid || !$rid || !is_object($user) || $this->ogVersion == 2 && !$group_type) {
watchdog('ldap_authorization_og', 'LdapAuthorizationConsumerOG.grantSingleAuthorization()
improper parameters.', array(), WATCHDOG_ERROR);
return FALSE;
}
$ldap_granted = $this
->hasLdapGrantedAuthorization($user, $authorization_id);
$granted = $this
->hasAuthorization($user, $authorization_id);
if ($this->ogVersion == 1) {
// og 7.x-1.x
$users_group_roles = og_get_user_roles($gid, $user->uid);
}
else {
// og 7.x-2.x
$users_group_roles = og_get_user_roles($group_type, $gid, $user->uid);
}
// CASE 2: user doesnt have grant to revoke
if (!$granted || $granted && !$ldap_granted) {
return TRUE;
// don't do anything. don't log since non-event
}
// CASE 3: revoke
if (count($users_group_roles) == 1) {
// ungroup if only single role left
if ($this->ogVersion == 1) {
// og 7.x-1.x
$entity = og_ungroup($gid, 'user', $user->uid, TRUE);
}
else {
// og 7.x-2.x
$entity = og_ungroup($group_type, $gid, 'user', $user->uid);
}
$result = (bool) $entity;
$watchdog_tokens['%action'] = 'og_ungroup';
}
else {
// if more than one role left, just revoke single role.
if ($this->ogVersion == 1) {
// og 7.x-1.x
og_role_revoke($gid, $user->uid, $rid);
}
else {
// og 7.x-2.x
og_role_revoke($group_type, $gid, $user->uid, $rid);
}
$watchdog_tokens['%action'] = 'og_role_revoke';
return TRUE;
}
if ($this->detailedWatchdogLog) {
watchdog('ldap_authorization_og', 'LdapAuthorizationConsumerOG.revokeSingleAuthorization()
revoked: gid=%gid, rid=%rid, action=%action for username=%username', $watchdog_tokens, WATCHDOG_DEBUG);
}
return $result;
}