private function LdapGroupManager::getNestedGroupDnFilters in Lightweight Directory Access Protocol (LDAP) 8.4
Search within the nested groups for further filters.
Parameters
array $all_group_dns: Currently set groups.
array $or_filters: Filters before diving deeper.
int $level: Last relevant nesting level.
Return value
array Nested group filters.
1 call to LdapGroupManager::getNestedGroupDnFilters()
- LdapGroupManager::groupUserMembershipsFromUserAttr in ldap_servers/
src/ LdapGroupManager.php - Get list of groups that a user is a member of using the memberOf attribute.
File
- ldap_servers/
src/ LdapGroupManager.php, line 51
Class
- LdapGroupManager
- LDAP Group Manager.
Namespace
Drupal\ldap_serversCode
private function getNestedGroupDnFilters(array $all_group_dns, array $or_filters, int $level) : array {
// Example 1: (|(cn=group1)(cn=group2))
// Example 2: (|(dn=cn=group1,ou=blah...)(dn=cn=group2,ou=blah...))
$or_filter = sprintf('(|(%s))', implode(')(', $or_filters));
$query_for_parent_groups = sprintf('(&(objectClass=%s)%s)', $this->server
->get('grp_object_cat'), $or_filter);
// Need to search on all base DN one at a time.
foreach ($this->server
->getBaseDn() as $base_dn) {
// No attributes, just dns needed.
try {
$ldap_result = $this->ldap
->query($base_dn, $query_for_parent_groups, [
'filter' => [],
])
->execute();
} catch (LdapException $e) {
$this->logger
->critical('LDAP search error with %message', [
'%message' => $e
->getMessage(),
]);
continue;
}
if ($level < self::LDAP_QUERY_RECURSION_LIMIT && $ldap_result
->count() > 0) {
$tested_group_ids = [];
$this
->groupMembershipsFromEntryRecursive($ldap_result, $all_group_dns, $tested_group_ids, $level + 1, self::LDAP_QUERY_RECURSION_LIMIT);
}
}
return $all_group_dns;
}