You are here

public function ServerFactory::alterLdapUserAttributesList in Lightweight Directory Access Protocol (LDAP) 8.3

Alter ldap_user attributes lists.

Parameters

array $available_user_attrs: Available user attributes.

array $params: Parameters.

Return value

array Attribute list.

File

ldap_servers/src/ServerFactory.php, line 267

Class

ServerFactory
Helper class to working with the Server classes.

Namespace

Drupal\ldap_servers

Code

public function alterLdapUserAttributesList(array &$available_user_attrs, array &$params) {
  if (isset($params['ldap_server']) && $params['ldap_server']) {

    /** @var \Drupal\ldap_servers\Entity\Server $ldap_server */
    $ldap_server = $params['ldap_server'];
    $direction = $params['direction'];
    $url = Url::fromRoute('entity.ldap_server.collection');

    // A plain $url->toString() call in some places (early in the request)
    // can cause Drupal to throw a 'leaked metadata' exception. To prevent
    // toString() from handling any metadata in the background, we pass TRUE.
    $url_string = $url
      ->toString(TRUE)
      ->getGeneratedUrl();
    $tokens = [
      '%edit_link' => Link::fromTextAndUrl($url_string, $url)
        ->toString(),
      '%sid' => $ldap_server
        ->id(),
    ];
    $server_edit_path = 'admin/config/people/ldap/servers/edit/' . $ldap_server
      ->id();
    if ($direction == self::PROVISION_TO_DRUPAL) {

      // These 4 user fields identify where in LDAP and which LDAP server they
      // are associated with. They are required for a Drupal account to be
      // "LDAP associated" regardless of if any other fields/properties are
      // provisioned or synced.
      if ($ldap_server
        ->get('unique_persistent_attr')) {
        $attributes = [
          'field.ldap_user_puid_sid',
          'field.ldap_user_puid',
          'field.ldap_user_puid_property',
        ];
        foreach ($attributes as $property_id) {
          $property_token = '[' . $property_id . ']';
          if (!isset($available_user_attrs[$property_token]) || !is_array($available_user_attrs[$property_token])) {
            $available_user_attrs[$property_token] = [];
          }
        }
        $available_user_attrs['[field.ldap_user_puid_sid]'] = [
          'name' => $this
            ->t('Field: sid providing PUID'),
          'configurable_to_drupal' => 0,
          'configurable_to_ldap' => 1,
          'source' => $this
            ->t('%sid', $tokens),
          'notes' => 'not configurable',
          'direction' => self::PROVISION_TO_DRUPAL,
          'enabled' => TRUE,
          'prov_events' => [
            self::EVENT_CREATE_DRUPAL_USER,
          ],
          'config_module' => 'ldap_servers',
          'prov_module' => 'ldap_user',
        ] + $available_user_attrs['[field.ldap_user_puid_sid]'];
        $available_user_attrs['[field.ldap_user_puid]'] = [
          'name' => $this
            ->t('Field: PUID', $tokens),
          'configurable_to_drupal' => 0,
          'configurable_to_ldap' => 1,
          'source' => '[' . $ldap_server
            ->get('unique_persistent_attr') . ']',
          'notes' => 'configure at ' . $server_edit_path,
          'convert' => $ldap_server
            ->get('unique_persistent_attr_binary'),
          'direction' => self::PROVISION_TO_DRUPAL,
          'enabled' => TRUE,
          'prov_events' => [
            self::EVENT_CREATE_DRUPAL_USER,
          ],
          'config_module' => 'ldap_servers',
          'prov_module' => 'ldap_user',
        ] + $available_user_attrs['[field.ldap_user_puid]'];
        $available_user_attrs['[field.ldap_user_puid_property]'] = [
          'name' => $this
            ->t('Field: PUID Attribute', $tokens),
          'configurable_to_drupal' => 0,
          'configurable_to_ldap' => 1,
          'source' => $ldap_server
            ->get('unique_persistent_attr'),
          'notes' => 'configure at ' . $server_edit_path,
          'direction' => self::PROVISION_TO_DRUPAL,
          'enabled' => TRUE,
          'prov_events' => [
            self::EVENT_CREATE_DRUPAL_USER,
          ],
          'config_module' => 'ldap_servers',
          'prov_module' => 'ldap_user',
        ] + $available_user_attrs['[field.ldap_user_puid_property]'];
      }
      $token = '[field.ldap_user_current_dn]';
      if (!isset($available_user_attrs[$token]) || !is_array($available_user_attrs[$token])) {
        $available_user_attrs[$token] = [];
      }
      $available_user_attrs[$token] = [
        'name' => $this
          ->t('Field: Most Recent DN', $tokens),
        'configurable_to_drupal' => 0,
        'configurable_to_ldap' => 0,
        'source' => '[dn]',
        'notes' => 'not configurable',
        'direction' => self::PROVISION_TO_DRUPAL,
        'enabled' => TRUE,
        'prov_events' => [
          self::EVENT_CREATE_DRUPAL_USER,
          self::EVENT_SYNC_TO_DRUPAL_USER,
        ],
        'config_module' => 'ldap_servers',
        'prov_module' => 'ldap_user',
      ] + $available_user_attrs[$token];
      if (LdapConfiguration::provisionsDrupalAccountsFromLdap()) {
        if (!isset($available_user_attrs['[property.name]']) || !is_array($available_user_attrs['[property.name]'])) {
          $available_user_attrs['[property.name]'] = [];
        }
        $available_user_attrs['[property.name]'] = [
          'name' => 'Property: Username',
          'source' => '[' . $ldap_server
            ->get('user_attr') . ']',
          'direction' => self::PROVISION_TO_DRUPAL,
          'enabled' => TRUE,
          'prov_events' => [
            self::EVENT_CREATE_DRUPAL_USER,
            self::EVENT_SYNC_TO_DRUPAL_USER,
          ],
          'config_module' => 'ldap_servers',
          'prov_module' => 'ldap_user',
        ] + $available_user_attrs['[property.name]'];
        if (!isset($available_user_attrs['[property.mail]']) || !is_array($available_user_attrs['[property.mail]'])) {
          $available_user_attrs['[property.mail]'] = [];
        }
        $available_user_attrs['[property.mail]'] = [
          'name' => 'Property: Email',
          'source' => $ldap_server
            ->get('mail_template') ? $ldap_server
            ->get('mail_template') : '[' . $ldap_server
            ->get('mail_attr') . ']',
          'direction' => self::PROVISION_TO_DRUPAL,
          'enabled' => TRUE,
          'prov_events' => [
            self::EVENT_CREATE_DRUPAL_USER,
            self::EVENT_SYNC_TO_DRUPAL_USER,
          ],
          'config_module' => 'ldap_servers',
          'prov_module' => 'ldap_user',
        ] + $available_user_attrs['[property.mail]'];
        if ($ldap_server
          ->get('picture_attr')) {
          if (!isset($available_user_attrs['[property.picture]']) || !is_array($available_user_attrs['[property.picture]'])) {
            $available_user_attrs['[property.picture]'] = [];
          }
          $available_user_attrs['[property.picture]'] = [
            'name' => 'Property: Picture',
            'source' => '[' . $ldap_server
              ->get('picture_attr') . ']',
            'direction' => self::PROVISION_TO_DRUPAL,
            'enabled' => TRUE,
            'prov_events' => [
              self::EVENT_CREATE_DRUPAL_USER,
              self::EVENT_SYNC_TO_DRUPAL_USER,
            ],
            'config_module' => 'ldap_servers',
            'prov_module' => 'ldap_user',
          ] + $available_user_attrs['[property.picture]'];
        }
      }
    }
  }
  return [
    $params,
    $available_user_attrs,
  ];
}