public static function LdapServerAdmin::fields in Lightweight Directory Access Protocol (LDAP) 7
Same name and namespace in other branches
- 8.2 ldap_servers/LdapServerAdmin.class.php \LdapServerAdmin::fields()
- 7.2 ldap_servers/LdapServerAdmin.class.php \LdapServerAdmin::fields()
2 calls to LdapServerAdmin::fields()
- LdapServerAdmin::drupalForm in ldap_servers/
LdapServerAdmin.class.php - ldap_servers_schema in ldap_servers/
ldap_servers.install - Implements hook_schema().
File
- ldap_servers/
LdapServerAdmin.class.php, line 522
Class
Code
public static function fields() {
/**
* consumer_type is tag (unique alphanumeric id) of consuming authorization such as
* drupal_roles, og_groups, civicrm_memberships
*/
$fields = array(
'sid' => array(
'form' => array(
'fieldset' => 'server',
'#type' => 'textfield',
'#size' => 20,
'#title' => t('Machine name for this server configuration.'),
'#description' => t('May only contain alphanumeric characters (a-z, A-Z, 0-9, and _)'),
'#required' => TRUE,
),
'schema' => array(
'type' => 'varchar',
'length' => 20,
'not null' => TRUE,
),
),
'numeric_sid' => array(
'schema' => array(
'type' => 'serial',
'unsigned' => TRUE,
'not null' => TRUE,
'description' => 'Primary ID field for the table. Only used internally.',
'no export' => TRUE,
),
),
'name' => array(
'form' => array(
'fieldset' => 'server',
'#type' => 'textfield',
'#size' => 50,
'#title' => 'Name',
'#description' => t('Choose a <em><strong>unique</strong></em> name for this server configuration.'),
),
'schema' => array(
'type' => 'varchar',
'length' => 255,
'not null' => TRUE,
),
),
'status' => array(
'form' => array(
'fieldset' => 'server',
'#type' => 'checkbox',
'#title' => t('Enabled'),
'#description' => t('Disable in order to keep configuration without having it active.'),
'#required' => FALSE,
),
'schema' => array(
'type' => 'int',
'size' => 'tiny',
'not null' => TRUE,
'default' => 0,
),
),
'ldap_type' => array(
'form' => array(
'fieldset' => 'server',
'#type' => 'select',
'#options' => ldap_servers_ldaps_option_array(),
'#title' => t('LDAP Server Type'),
'#description' => t('This field is informative. It\'s purpose is to assist with default values and give validation warnings.'),
),
'schema' => array(
'type' => 'varchar',
'length' => 20,
'not null' => FALSE,
),
),
'address' => array(
'form' => array(
'fieldset' => 'server',
'#type' => 'textfield',
'#title' => t('LDAP server'),
'#description' => t('The domain name or IP address of your LDAP Server such as "ad.unm.edu". For SSL
use the form ldaps://DOMAIN such as "ldaps://ad.unm.edu"'),
'#size' => 50,
),
'schema' => array(
'type' => 'varchar',
'length' => 255,
'not null' => TRUE,
),
),
'port' => array(
'form' => array(
'fieldset' => 'server',
'#type' => 'textfield',
'#title' => t('LDAP port'),
'#size' => 5,
'#description' => t('The TCP/IP port on the above server which accepts LDAP connections. Must be an integer.'),
),
'schema' => array(
'type' => 'int',
'not null' => TRUE,
'default' => 389,
),
),
'tls' => array(
'form' => array(
'fieldset' => 'server',
'#type' => 'checkbox',
'#title' => t('Use Start-TLS'),
'#description' => t('Secure the connection between the Drupal and the LDAP servers using TLS.<br /><em>Note: To use START-TLS, you must set the LDAP Port to 389.</em>'),
),
'schema' => array(
'type' => 'int',
'size' => 'tiny',
'not null' => TRUE,
'default' => 0,
),
),
'bind_method' => array(
'form' => array(
'fieldset' => 'bind_method',
'#type' => 'radios',
'#title' => t('Binding Method for Searches (such as finding user object or their group memberships)'),
'#options' => array(
LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT => t('Service Account Bind. Use credentials in following section to
bind to ldap. This option is usually a best practice. Service account is entered in next section.'),
LDAP_SERVERS_BIND_METHOD_USER => t('Bind with Users Credentials. Use users\' entered credentials
to bind to LDAP. This is only useful for modules that work during user logon such
as ldap authentication and ldap authorization. This option is not a best practice in most cases.
The users dn must be of the form "cn=[username],[base dn]" for this option to work.'),
LDAP_SERVERS_BIND_METHOD_ANON_USER => t('Anonymous Bind for search, then Bind with Users Credentials.
Searches for user DN then uses users\' entered credentials to bind to LDAP. This is only useful for
modules that work during user logon such as ldap authentication and ldap authorization.
The users dn must be discovered by an anonymous search for this option to work.'),
LDAP_SERVERS_BIND_METHOD_ANON => t('Anonymous Bind. Use no credentials to bind to ldap server.
Will not work on most ldaps.'),
),
),
'schema' => array(
'type' => 'int',
'size' => 'small',
'not null' => TRUE,
'default' => 0,
),
),
'binddn' => array(
'form' => array(
'fieldset' => 'binding_service_acct',
'#type' => 'textfield',
'#title' => t('DN for non-anonymous search'),
'#size' => 80,
),
'schema' => array(
'type' => 'varchar',
'length' => 511,
),
),
'bindpw' => array(
'form' => array(
'fieldset' => 'binding_service_acct',
'#type' => 'password',
'#title' => t('Password for non-anonymous search'),
'#size' => 20,
),
'schema' => array(
'type' => 'varchar',
'length' => 255,
),
),
'clear_bindpw' => array(
'form' => array(
'fieldset' => 'binding_service_acct',
'#type' => 'checkbox',
'#title' => t('Clear existing password from database. Check this when switching away from service account binding.'),
'#default_value' => 0,
),
),
'basedn' => array(
'form' => array(
'fieldset' => 'users',
'#type' => 'textarea',
'#cols' => 50,
'#rows' => 6,
'#title' => t('Base DNs for LDAP users, groups, and other entries this server configuration.'),
'#description' => t('What DNs have entries relavant to this configuration?
e.g. <code>ou=campus accounts,dc=ad,dc=uiuc,dc=edu</code>
Keep in mind that every additional basedn likely doubles the number of queries. Place the
more heavily used one first and consider using one higher base DN rather than 2 or more lower base DNs.
Enter one per line in case if you need more than one.'),
),
'schema' => array(
'type' => 'text',
'serialize' => TRUE,
),
),
'user_attr' => array(
'form' => array(
'fieldset' => 'users',
'#type' => 'textfield',
'#size' => 30,
'#title' => t('AuthName attribute'),
'#description' => t('The attribute that holds the users\' login name. (eg. <code>cn</code> for eDir or <code>sAMAccountName</code> for Active Directory).'),
),
'schema' => array(
'type' => 'varchar',
'length' => 255,
'not null' => TRUE,
),
),
'account_name_attr' => array(
'form' => array(
'fieldset' => 'users',
'#type' => 'textfield',
'#size' => 30,
'#title' => t('AccountName attribute'),
'#description' => t('The attribute that holds the unique account name. Defaults to the same as the AuthName attribute.'),
),
'schema' => array(
'type' => 'varchar',
'length' => 255,
'not null' => FALSE,
'default' => '',
),
),
'mail_attr' => array(
'form' => array(
'fieldset' => 'users',
'#type' => 'textfield',
'#size' => 30,
'#title' => t('Email attribute'),
'#description' => t('The attribute that holds the users\' email address. (eg. <code>mail</code>). Leave empty if no such attribute exists'),
),
'schema' => array(
'type' => 'varchar',
'length' => 255,
'not null' => FALSE,
),
),
'mail_template' => array(
'form' => array(
'fieldset' => 'users',
'#type' => 'textfield',
'#size' => 30,
'#title' => t('Email template'),
'#description' => t('If no attribute contains the user\'s email address, but it can be derived from other attributes,
enter an email "template" here.
Templates should have the user\'s attribute name in form such as [cn], [uin], etc.
such as <code>[cn]@mycompany.com</code>.
See http://drupal.org/node/997082 for additional documentation on ldap tokens.
'),
),
'schema' => array(
'type' => 'varchar',
'length' => 255,
'not null' => FALSE,
),
),
'allow_conflicting_drupal_accts' => array(
'form' => array(
'fieldset' => 'users',
'#type' => 'checkbox',
'#title' => t('Allow account conflicts'),
'#description' => t('[Not implemented yet. This is in the user interface, but not the code]. If selected, a user or admin created account could pick the same username as an entry in your LDAP,
creating future conflicts. This option will affect any ldap modules that create accounts such as ldap authentication
or ldap provision.'),
),
'schema' => array(
'type' => 'int',
'size' => 'tiny',
'not null' => FALSE,
'default' => 0,
),
),
'unique_persistent_attr' => array(
'form' => array(
'fieldset' => 'users',
'#type' => 'textfield',
'#size' => 30,
'#title' => t('Persistent and Unique User Attribute'),
'#description' => t('[Not implemented yet. This is in the user interface, but not the code]. In some LDAPs, a user\'s DN, CN, or mail value may change when a user\'s name changes or for other reasons.
In order to avoid creation of multiple accounts for that user or other ambiguities,
enter a unique and persistent ldap attribute for users.
If no such attribute exists, leave this blank.'),
),
'schema' => array(
'type' => 'varchar',
'length' => 64,
'not null' => FALSE,
),
),
'user_dn_expression' => array(
'form' => array(
'fieldset' => 'users',
'#type' => 'textfield',
'#size' => 80,
'#title' => t('Expression for user DN. Required when "Bind with Users Credentials" method selected.'),
'#description' => t('%username and %basedn are valid tokens in the expression.
Typically it will be:<br/> <code>cn=%username,%basedn</code>
which might evaluate to <code>cn=jdoe,ou=campus accounts,dc=ad,dc=mycampus,dc=edu</code>
Base DNs are entered above.'),
),
'schema' => array(
'type' => 'varchar',
'length' => 255,
'not null' => FALSE,
),
),
'ldap_to_drupal_user' => array(
'form' => array(
'fieldset' => 'users',
'#disabled' => !module_exists('php'),
'#type' => 'textarea',
'#cols' => 25,
'#rows' => 5,
'#title' => t('PHP to transform Drupal login username to LDAP UserName attribute.'),
'#description' => t('This will appear as disabled unless the "PHP filter" core module is enabled. Enter PHP to transform Drupal username to the value of the UserName attribute.
The code should print the UserName attribute.
PHP filter module must be enabled for this to work.
The variable $name is available and is the user\'s login username.
Careful, bad PHP code here will break your site. If left empty, no name transformation will be done.
<br/>Example:<br/>Given the user will logon with jdoe@xyz.com and you want the ldap UserName attribute to be
jdoe.<br/><code>$parts = explode(\'@\', $name); if (count($parts) == 2) {print $parts[0]};</code>'),
),
'schema' => array(
'type' => 'varchar',
'length' => 1024,
'not null' => FALSE,
),
),
'testing_drupal_username' => array(
'form' => array(
'fieldset' => 'users',
'#type' => 'textfield',
'#size' => 30,
'#title' => t('Testing Drupal Username'),
'#description' => t('This is optional and used for testing this server\'s configuration against an actual username. The user need not exist in Drupal and testing will not affect the user\'s LDAP or Drupal Account.'),
),
'schema' => array(
'type' => 'varchar',
'length' => 255,
'not null' => FALSE,
),
),
'group_object_category' => array(
'form' => array(
'fieldset' => 'groups',
'#type' => 'textfield',
'#size' => 30,
'#title' => t('Name of Group Object Class.'),
'#description' => t('This is used in ldap modules that use groups such as LDAP Authorization.'),
),
'schema' => array(
'type' => 'varchar',
'length' => 64,
'not null' => FALSE,
),
),
'search_pagination' => array(
'form' => array(
'fieldset' => 'pagination',
'#type' => 'checkbox',
'#title' => t('Use LDAP Pagination.'),
'#disabled' => !ldap_servers_php_supports_pagination(),
),
'schema' => array(
'type' => 'int',
'size' => 'tiny',
'not null' => FALSE,
'default' => 0,
),
),
'search_page_size' => array(
'form' => array(
'fieldset' => 'pagination',
'#type' => 'textfield',
'#size' => 10,
'#disabled' => !ldap_servers_php_supports_pagination(),
'#title' => t('Pagination size limit.'),
'#description' => t('This should be equal to or smaller than the max
number of entries returned at a time by your ldap server.
1000 is a good guess when unsure. Other modules such as LDAP Query
or LDAP Feeds will be allowed to set a smaller page size, but not
a larger one.'),
'#states' => array(
'visible' => array(
// action to take.
':input[name="search_pagination"]' => array(
'checked' => TRUE,
),
),
),
),
'schema' => array(
'type' => 'int',
'size' => 'medium',
'not null' => FALSE,
'default' => 1000,
),
),
'weight' => array(
'schema' => array(
'type' => 'int',
'not null' => TRUE,
'default' => 0,
),
),
);
return $fields;
}