You are here

public function LdapUserConf::synchToLdapEntry in Lightweight Directory Access Protocol (LDAP) 8.2

Same name and namespace in other branches
  1. 7.2 ldap_user/LdapUserConf.class.php \LdapUserConf::synchToLdapEntry()

given a drupal account, synch to related ldap entry

Parameters

drupal user object $account. Drupal user object:

array $user_edit. Edit array for user_save. generally null unless user account is being created or modified in same synching:

array $ldap_user. current ldap data of user. @see README.developers.txt for structure:

Return value

TRUE on success or FALSE on fail.

File

ldap_user/LdapUserConf.class.php, line 662

Class

LdapUserConf

Code

public function synchToLdapEntry($account, $user_edit = NULL, $ldap_user = array(), $test_query = FALSE) {
  if (is_object($account) && property_exists($account, 'uid') && $account->uid == 1) {
    return FALSE;

    // do not provision or synch user 1
  }
  $watchdog_tokens = array();
  $result = FALSE;
  $proposed_ldap_entry = FALSE;
  if ($this->ldapEntryProvisionServer) {
    $ldap_server = ldap_servers_get_servers($this->ldapEntryProvisionServer, NULL, TRUE);
    $params = array(
      'direction' => LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY,
      'prov_events' => array(
        LDAP_USER_EVENT_SYNCH_TO_LDAP_ENTRY,
      ),
      'module' => 'ldap_user',
      'function' => 'synchToLdapEntry',
      'include_count' => FALSE,
    );
    list($proposed_ldap_entry, $error) = $this
      ->drupalUserToLdapEntry($account, $ldap_server, $params, $ldap_user);
    if ($error != LDAP_USER_PROV_RESULT_NO_ERROR) {
      $result = FALSE;
    }
    elseif (is_array($proposed_ldap_entry) && isset($proposed_ldap_entry['dn'])) {
      $existing_ldap_entry = $ldap_server
        ->dnExists($proposed_ldap_entry['dn'], 'ldap_entry');
      $attributes = array();

      // this array represents attributes to be modified; not comprehensive list of attributes
      foreach ($proposed_ldap_entry as $attr_name => $attr_values) {
        if ($attr_name != 'dn') {
          if (isset($attr_values['count'])) {
            unset($attr_values['count']);
          }
          if (count($attr_values) == 1) {
            $attributes[$attr_name] = $attr_values[0];
          }
          else {
            $attributes[$attr_name] = $attr_values;
          }
        }
      }
      if ($test_query) {
        $proposed_ldap_entry = $attributes;
        $result = array(
          'proposed' => $proposed_ldap_entry,
          'server' => $ldap_server,
        );
      }
      else {

        //  //debug('modifyLdapEntry,dn=' . $proposed_ldap_entry['dn']);  //debug($attributes);
        // stick $proposed_ldap_entry in $ldap_entries array for drupal_alter call
        $proposed_dn_lcase = drupal_strtolower($proposed_ldap_entry['dn']);
        $ldap_entries = array(
          $proposed_dn_lcase => $attributes,
        );
        $context = array(
          'action' => 'update',
          'corresponding_drupal_data' => array(
            $proposed_dn_lcase => $attributes,
          ),
          'corresponding_drupal_data_type' => 'user',
        );
        drupal_alter('ldap_entry_pre_provision', $ldap_entries, $ldap_server, $context);

        // remove altered $proposed_ldap_entry from $ldap_entries array
        $attributes = $ldap_entries[$proposed_dn_lcase];
        $result = $ldap_server
          ->modifyLdapEntry($proposed_ldap_entry['dn'], $attributes);
        if ($result) {

          // success
          module_invoke_all('ldap_entry_post_provision', $ldap_entries, $ldap_server, $context);
        }
      }
    }
    else {

      // failed to get acceptable proposed ldap entry
      $result = FALSE;
    }
  }
  $tokens = array(
    '%dn' => isset($result['proposed']['dn']) ? $result['proposed']['dn'] : NULL,
    '%sid' => $this->ldapEntryProvisionServer,
    '%username' => $account->name,
    '%uid' => $test_query || !property_exists($account, 'uid') ? '' : $account->uid,
  );
  if ($result) {
    watchdog('ldap_user', 'LDAP entry on server %sid synched dn=%dn. username=%username, uid=%uid', $tokens, WATCHDOG_INFO);
  }
  else {
    watchdog('ldap_user', 'LDAP entry on server %sid not synched because error. username=%username, uid=%uid', $tokens, WATCHDOG_ERROR);
  }
  return $result;
}