public function LdapUserConf::synchToLdapEntry in Lightweight Directory Access Protocol (LDAP) 8.2
Same name and namespace in other branches
- 7.2 ldap_user/LdapUserConf.class.php \LdapUserConf::synchToLdapEntry()
given a drupal account, synch to related ldap entry
Parameters
drupal user object $account. Drupal user object:
array $user_edit. Edit array for user_save. generally null unless user account is being created or modified in same synching:
array $ldap_user. current ldap data of user. @see README.developers.txt for structure:
Return value
TRUE on success or FALSE on fail.
File
- ldap_user/
LdapUserConf.class.php, line 662
Class
Code
public function synchToLdapEntry($account, $user_edit = NULL, $ldap_user = array(), $test_query = FALSE) {
if (is_object($account) && property_exists($account, 'uid') && $account->uid == 1) {
return FALSE;
// do not provision or synch user 1
}
$watchdog_tokens = array();
$result = FALSE;
$proposed_ldap_entry = FALSE;
if ($this->ldapEntryProvisionServer) {
$ldap_server = ldap_servers_get_servers($this->ldapEntryProvisionServer, NULL, TRUE);
$params = array(
'direction' => LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY,
'prov_events' => array(
LDAP_USER_EVENT_SYNCH_TO_LDAP_ENTRY,
),
'module' => 'ldap_user',
'function' => 'synchToLdapEntry',
'include_count' => FALSE,
);
list($proposed_ldap_entry, $error) = $this
->drupalUserToLdapEntry($account, $ldap_server, $params, $ldap_user);
if ($error != LDAP_USER_PROV_RESULT_NO_ERROR) {
$result = FALSE;
}
elseif (is_array($proposed_ldap_entry) && isset($proposed_ldap_entry['dn'])) {
$existing_ldap_entry = $ldap_server
->dnExists($proposed_ldap_entry['dn'], 'ldap_entry');
$attributes = array();
// this array represents attributes to be modified; not comprehensive list of attributes
foreach ($proposed_ldap_entry as $attr_name => $attr_values) {
if ($attr_name != 'dn') {
if (isset($attr_values['count'])) {
unset($attr_values['count']);
}
if (count($attr_values) == 1) {
$attributes[$attr_name] = $attr_values[0];
}
else {
$attributes[$attr_name] = $attr_values;
}
}
}
if ($test_query) {
$proposed_ldap_entry = $attributes;
$result = array(
'proposed' => $proposed_ldap_entry,
'server' => $ldap_server,
);
}
else {
// //debug('modifyLdapEntry,dn=' . $proposed_ldap_entry['dn']); //debug($attributes);
// stick $proposed_ldap_entry in $ldap_entries array for drupal_alter call
$proposed_dn_lcase = drupal_strtolower($proposed_ldap_entry['dn']);
$ldap_entries = array(
$proposed_dn_lcase => $attributes,
);
$context = array(
'action' => 'update',
'corresponding_drupal_data' => array(
$proposed_dn_lcase => $attributes,
),
'corresponding_drupal_data_type' => 'user',
);
drupal_alter('ldap_entry_pre_provision', $ldap_entries, $ldap_server, $context);
// remove altered $proposed_ldap_entry from $ldap_entries array
$attributes = $ldap_entries[$proposed_dn_lcase];
$result = $ldap_server
->modifyLdapEntry($proposed_ldap_entry['dn'], $attributes);
if ($result) {
// success
module_invoke_all('ldap_entry_post_provision', $ldap_entries, $ldap_server, $context);
}
}
}
else {
// failed to get acceptable proposed ldap entry
$result = FALSE;
}
}
$tokens = array(
'%dn' => isset($result['proposed']['dn']) ? $result['proposed']['dn'] : NULL,
'%sid' => $this->ldapEntryProvisionServer,
'%username' => $account->name,
'%uid' => $test_query || !property_exists($account, 'uid') ? '' : $account->uid,
);
if ($result) {
watchdog('ldap_user', 'LDAP entry on server %sid synched dn=%dn. username=%username, uid=%uid', $tokens, WATCHDOG_INFO);
}
else {
watchdog('ldap_user', 'LDAP entry on server %sid not synched because error. username=%username, uid=%uid', $tokens, WATCHDOG_ERROR);
}
return $result;
}