public function LdapGroupManager::groupUserMembershipsFromEntry in Lightweight Directory Access Protocol (LDAP) 8.4
Get list of all groups that a user is a member of by querying groups.
Parameters
\Symfony\Component\Ldap\Entry $ldap_entry: LDAP entry.
Return value
array Array of group dns in mixed case.
See also
groupMembershipsFromUser()
1 call to LdapGroupManager::groupUserMembershipsFromEntry()
- LdapGroupManager::groupMembershipsFromUser in ldap_servers/
src/ LdapGroupManager.php - Get list of all groups that a user is a member of.
File
- ldap_servers/
src/ LdapGroupManager.php, line 554
Class
- LdapGroupManager
- LDAP Group Manager.
Namespace
Drupal\ldap_serversCode
public function groupUserMembershipsFromEntry(Entry $ldap_entry) : array {
// MIXED CASE VALUES.
$all_group_dns = [];
if (!$this
->checkAvailability() || !$this
->groupGroupEntryMembershipsConfigured()) {
return $all_group_dns;
}
// Array of dns already tested to avoid excess queries MIXED CASE VALUES.
$tested_group_ids = [];
$level = 0;
if ($this->server
->get('grp_memb_attr_match_user_attr') === 'dn') {
$member_value = $ldap_entry
->getDn();
}
else {
$member_value = $ldap_entry
->getAttribute($this->server
->get('grp_memb_attr_match_user_attr'), FALSE)[0];
}
// Need to search on all basedns one at a time.
foreach ($this->server
->getBaseDn() as $baseDn) {
// Only need dn, so empty array forces return of no attributes.
// @todo See if this syntax is correct.
// It should return a valid DN with n attributes.
try {
$group_query = sprintf('(&(objectClass=%s)(%s=%s))', $this->server
->get('grp_object_cat'), $this->server
->get('grp_memb_attr'), $member_value);
$ldap_result = $this->ldap
->query($baseDn, $group_query, [
'filter' => [],
])
->execute();
} catch (LdapException $e) {
$this->logger
->critical('LDAP search error with %message', [
'%message' => $e
->getMessage(),
]);
continue;
}
if ($ldap_result
->count() > 0) {
$maxLevels = $this->server
->get('grp_nested') ? self::LDAP_QUERY_RECURSION_LIMIT : 0;
$this
->groupMembershipsFromEntryRecursive($ldap_result, $all_group_dns, $tested_group_ids, $level, $maxLevels);
}
}
return $all_group_dns;
}