ldap_authorization_og.module in Lightweight Directory Access Protocol (LDAP) 8.2
Same filename and directory in other branches
controls organic group membership based on LDAP values
File
ldap_authorization/ldap_authorization_og/ldap_authorization_og.moduleView source
<?php
/** @file
*
* controls organic group membership based on LDAP values
*
*/
/**
* Implements hook_ldap_authorization_consumer().
*/
function ldap_authorization_og_ldap_authorization_consumer() {
$types['og_group'] = array(
'consumer_name' => t('OG group'),
'consumer_name_plural' => t('OG groups'),
'consumer_short_name' => t('group'),
'consumer_short_name_plural' => t('groups'),
'consumer_description' => t('An OG group.'),
'consumer_class_name' => 'LdapAuthorizationConsumerOG',
'consumer_class_file' => 'LdapAuthorizationConsumerOG.class.php',
'consumer_module' => 'ldap_authorization_og',
);
if (ldap_authorization_og_og_version() == 1) {
$types['og_group']['consumer_mapping_directions'] = 'Mappings should be of form:<br/>
<code>[raw authorization id]|[og group match field]=[og group match id],[og role match field]=[og role match id]</code>
<br/>such as:<br/>
<code>
Student Accounts|group-name=students,role-name=member<br/>
cn=honors students,ou=groups,dc=hogwarts,dc=edu|gid=7,rid=28<br/>
</code>';
}
else {
$types['og_group']['consumer_mapping_directions'] = 'Mappings should be of form:<br/>
<code>[raw authorization id]|[og entity type]:[og entity id or title]:[og role id]</code>
<br/>[og entity type] is generally "node"
<br/>[og entity id or title] can be the groups title or entity id. <strong>Titles with ":"s in them may not be used</strong>.
<br/>when [og role id] is left off, default role is used.
<br/>such as:<br/>
<code>
Student Accounts|node:17:2<br/>
cn=honors students,ou=groups,dc=hogwarts,dc=edu|node:honors students<br/>
cn=gryffindor,ou=groups,dc=hogwarts,dc=edu|node:gryffindor:3<br/>
</code>';
}
return $types;
}
/**
* Format authorization id
*
* @param int $gid as organic group gid
* @param int $rid as organic group rig
* @param array $group_entity as entity associated with organic group
*
* @return string "normalized" authorization id such as 3-3
*/
function ldap_authorization_og_authorization_id($gid, $rid, $entity_type = 'node') {
return ldap_authorization_og_og_version() == 1 ? $gid . '-' . $rid : join(':', array(
$entity_type,
$gid,
$rid,
));
}
function ldap_authorization_og_og_version() {
return function_exists('og_action_info') ? 2 : 1;
}
/**
* Convert entity id to group id
*
* @param int $entity_id as id of entity associated with organic group
* @return int og group id
*/
function ldap_authorization_og1_entity_id_to_gid($entity_id) {
$gid = db_select('og', 'og')
->fields('og', array(
'gid',
))
->condition('og.etid', $entity_id, '=')
->range(0, 1)
->execute()
->fetchField();
return $gid && is_scalar($gid) ? $gid : FALSE;
}
/**
* Convert entity id to group id
*
* @param int $entity_id as id of entity associated with organic group
* @return int og group id
*/
function ldap_authorization_og1_group_name_to_gid($group_name) {
$gid = db_select('og', 'og')
->fields('og', array(
'gid',
))
->condition('og.label', $group_name, '=')
->range(0, 1)
->execute()
->fetchField();
return $gid && is_scalar($gid) ? $gid : FALSE;
}
/**
* Generic function to convert between query values and organic groups structures and attributes
*
* @param mixed $value signifies query value e.g. 'bakers', 7 etc.
* @param mixed $value_type signifies query type e.g. 'group_name', 'gid', etc.
* @param string $return signifying return type. e.g. 'object', 'label', 'name', 'gid'
* @return mixed organic group object, gid, label, etc.
*/
function ldap_authorization_og1_get_group($value, $value_type = 'group_name', $return = 'object') {
if ($value_type == 'gid') {
$group = og_load($value);
}
elseif ($value_type == 'group_name') {
$gid = ldap_authorization_og1_group_name_to_gid($value);
$group = $gid ? og_load($gid) : FALSE;
}
if (!$group || !is_object($group)) {
return FALSE;
}
if ($return == 'object' && is_object($group)) {
$group_entity = node_load($group->etid);
return array(
$group,
$group_entity,
);
}
elseif ($return == 'label' || $return == 'name') {
return $group->label;
}
elseif ($return == 'gid') {
return $group->gid;
}
else {
return FALSE;
}
}
/**
* Generic function to convert between query values and organic groups structures and attributes
*
* @param mixed $value signifies query value e.g. 'bakers', 7 etc.
* @param mixed $value_type signifies query type e.g. 'group_name', 'gid', etc.
* @param string $return signifying return type. e.g. 'object', 'label', 'name', 'gid'
* @return mixed organic group object, gid, label, etc.
*/
function ldap_authorization_og2_get_group_from_name($entity_type, $group_name) {
require_once drupal_get_path('module', 'ldap_authorization_og') . '/LdapAuthorizationConsumerOG.class.php';
$group_entity = FALSE;
$group_entity_id = FALSE;
$query = new EntityFieldQuery();
$query
->entityCondition('entity_type', $entity_type)
->propertyCondition('title', $group_name);
$result = $query
->execute();
if (isset($result[$entity_type])) {
$group_ids = array_keys($result[$entity_type]);
if (count($group_ids) == 1) {
$group_entity = entity_load_single($entity_type, $group_ids[0]);
$group_entity_id = $group_ids[0];
}
}
return array(
$group_entity,
$group_entity_id,
);
}
function ldap_authorization_og1_has_membership($gid, $uid) {
return (bool) og_get_group_membership($gid, 'user', $uid);
}
/**
* Test if a user has a particular group role
*
* @param int $gid as og group id
* @param int $uid as user id
* @param string $rid as og role id
*
* @return boolean signifying if user has group x role
*/
function ldap_authorization_og1_has_role($gid, $uid, $rid) {
$roles = og_get_user_roles($gid, $uid);
return is_array($roles) && in_array($rid, array_values($roles));
}
/** avoid excessive calls to og_roles() **/
function ldap_authorization_og1_roles($reset = false) {
static $roles;
if ($reset || !is_array($roles)) {
$roles = og_roles();
}
return $roles;
}
function ldap_authorization_og1_role_name_to_role_id($role_name) {
$roles = ldap_authorization_og1_roles();
return array_search($role_name, $roles);
//empty($roles[$role_name]) ? FALSE : $roles[$role_name];
}
function ldap_authorization_og2_has_consumer_id($consumer_id, $uid) {
$parts = explode(':', $consumer_id);
$result = FALSE;
$watchdog_tokens = array(
'%consumer_id' => $consumer_id,
'%uid' => $uid,
);
if (count($parts) == 3) {
list($group_type, $gid, $rid) = $parts;
// need to make sure entity exists before calling og_get_user_roles which will throw fatal error
if ($group = entity_load_single($group_type, $gid)) {
if (og_is_group($group_type, $group)) {
$roles = og_get_user_roles($group_type, $gid, $uid, TRUE);
$result = isset($roles[$rid]);
}
else {
watchdog('ldap_authorization_og', "ldap_authorization_og2_has_consumer_id passed value of non og group consumer_id=%consumer_id, uid=%uid", $watchdog_tokens, WATCHDOG_ERROR);
}
}
else {
watchdog('ldap_authorization_og', "ldap_authorization_og2_has_consumer_id could not load entity requested: consumer_id=%consumer_id, uid=%uid", $watchdog_tokens, WATCHDOG_ERROR);
}
}
return $result;
}
// ldap_authorization_og2_has_role($og_students_node->nid, $web_user->uid, OG_AUTHENTICATED_ROLE)
function ldap_authorization_og2_has_role($group_type, $gid, $uid, $role_name) {
$roles = og_get_user_roles($group_type, $gid, $uid, TRUE);
// array with rid as key and role name as value
return is_array($roles) && in_array($role_name, array_values($roles));
}
/**
* Derive og role id from role name
*
* @param string $role_name as og role name
* @return int og role id
*/
function ldap_authorization_og_rid_from_role_name($role_name) {
$roles = og_roles(0);
$rids = array_flip($roles);
return isset($rids[$role_name]) ? $rids[$role_name] : FALSE;
}
function ldap_authorization_og1_role_name_from_rid($rid) {
$roles = og_roles(0);
return isset($roles[$rid]) ? $roles[$rid] : FALSE;
}
function ldap_authorization_og2_rid_from_role_name($entity_type, $bundle, $gid, $role_name) {
$roles = og_roles($entity_type, $bundle, 0, FALSE, TRUE);
$roles_flipped = array_flip($roles);
return empty($roles_flipped[$role_name]) ? NULL : $roles_flipped[$role_name];
}
function ldap_authorization_og_get_all_group_entities() {
$entities = array();
$group_entity_types = og_get_all_group_bundle();
foreach ($group_entity_types as $entity_type => $group) {
$entity_ids = og_get_all_group('node');
$entities[$entity_type] = entity_load('node', $entity_ids);
}
return $entities;
}
/**
* Implements hook_form_alter().
*/
function ldap_authorization_og_form_ldap_authorization_admin_form_alter(&$form, $form_state) {
if ($form['status']['consumer_type']['#value'] == 'og_group') {
$form['filter_and_mappings']['use_filter']['#description'] = t('This is a required option for Organic Groups. It is only displayed for consistency with other user interfaces.');
$form['filter_and_mappings']['use_filter']['#disabled'] = TRUE;
}
}