public function LdapUserConfAdmin::validate in Lightweight Directory Access Protocol (LDAP) 7.2
Same name and namespace in other branches
- 8.2 ldap_user/LdapUserConfAdmin.class.php \LdapUserConfAdmin::validate()
Validate object, not form.
@todo validate that a user field exists, such as field.field_user_lname
Parameters
array $values: as $form_state['values'] from drupal form api.
Return value
array in form array($errors, $warnings)to be thrown by form api
1 call to LdapUserConfAdmin::validate()
- LdapUserConfAdmin::drupalFormValidate in ldap_user/
LdapUserConfAdmin.class.php - Validate submitted form.
File
- ldap_user/
LdapUserConfAdmin.class.php, line 453
Class
Code
public function validate($values) {
$errors = [];
$warnings = [];
$tokens = [];
$has_drupal_acct_prov_servers = (bool) $this->drupalAcctProvisionServer;
$has_drupal_acct_prov_settings_options = count(array_filter($this->drupalAcctProvisionTriggers)) > 0;
if (!$has_drupal_acct_prov_servers && $has_drupal_acct_prov_settings_options) {
$warnings['drupalAcctProvisionServer'] = t('No Servers are enabled to provide provisioning to Drupal, but Drupal Account Provisioning Options are selected.', $tokens);
}
if ($has_drupal_acct_prov_servers && !$has_drupal_acct_prov_settings_options) {
$warnings['drupalAcctProvisionTriggers'] = t('Servers are enabled to provide provisioning to Drupal, but no Drupal Account Provisioning Options are selected. This will result in no synching happening.', $tokens);
}
$has_ldap_prov_servers = (bool) $this->ldapEntryProvisionServer;
$has_ldap_prov_settings_options = count(array_filter($this->ldapEntryProvisionTriggers)) > 0;
if (!$has_ldap_prov_servers && $has_ldap_prov_settings_options) {
$warnings['ldapEntryProvisionServer'] = t('No Servers are enabled to provide provisioning to ldap, but LDAP Entry Options are selected.', $tokens);
}
if ($has_ldap_prov_servers && !$has_ldap_prov_settings_options) {
$warnings['ldapEntryProvisionTriggers'] = t('Servers are enabled to provide provisioning to ldap, but no LDAP Entry Options are selected. This will result in no synching happening.', $tokens);
}
if (isset($this->ldapUserSynchMappings)) {
$to_ldap_entries_mappings_exist = FALSE;
foreach ($this->ldapUserSynchMappings as $synch_direction => $mappings) {
$map_index = [];
// Format ['%sid' => $sid].
$tokens = [];
$to_drupal_user_mappings_exist = FALSE;
$to_ldap_entries_mappings_exist = FALSE;
foreach ($mappings as $target_attr => $mapping) {
if ($mapping['direction'] == LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) {
$attr_value = $mapping['user_attr'];
$attr_name = 'user_attr';
}
if ($mapping['direction'] == LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY) {
$attr_value = $mapping['ldap_attr'];
$attr_name = 'ldap_attr';
}
foreach ($values as $field => $value) {
$parts = explode('__', $field);
if (count($parts) == 4 && $parts[2] == $attr_name && $value == $attr_value) {
$map_index[$attr_value] = $parts[3];
}
}
}
foreach ($mappings as $target_attr => $mapping) {
foreach ($mapping as $key => $value) {
if (is_scalar($value)) {
$tokens['%' . $key] = $value;
}
}
$row_descriptor = t("server %sid row mapping to ldap attribute %ldap_attr", $tokens);
$tokens['!row_descriptor'] = $row_descriptor;
$ldap_attribute_maps_in_token = [];
ldap_servers_token_extract_attributes($ldap_attribute_maps_in_token, $mapping['ldap_attr']);
if ($mapping['direction'] == LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) {
$row_id = $map_index[$mapping['user_attr']];
$to_drupal_user_mappings_exist = TRUE;
}
if ($mapping['direction'] == LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY) {
$row_id = $map_index[$mapping['ldap_attr']];
$to_ldap_entries_mappings_exist = TRUE;
if (count(array_keys($ldap_attribute_maps_in_token)) != 1) {
$token_field_id = join('__', [
'sm',
'user_tokens',
$row_id,
]);
$errors[$token_field_id] = t('When provisioning to ldap, ldap attribute column must be singular token such as [cn]. %ldap_attr is not.
Do not use compound tokens such as "[displayName] [sn]" or literals such as "physics". Location: !row_descriptor', $tokens);
}
}
$ldap_attr_field_id = join('__', [
'sm',
'ldap_attr',
$row_id,
]);
$user_attr_field_id = join('__', [
'sm',
'user_attr',
$row_id,
]);
$first_context_field_id = join('__', [
'sm',
1,
$row_id,
]);
$user_tokens_field_id = join('__', [
'sm',
'user_tokens',
$row_id,
]);
if (!$mapping['ldap_attr']) {
$errors[$ldap_attr_field_id] = t('No LDAP Attribute given in !row_descriptor', $tokens);
}
if ($mapping['user_attr'] == 'user_tokens' && !$mapping['user_tokens']) {
$errors[$user_tokens_field_id] = t('User tokens selected in !row_descriptor, but user tokens column empty.', $tokens);
}
if (isset($mapping['prov_events']) && count($mapping['prov_events']) == 0) {
$warnings[$first_context_field_id] = t('No synchronization events checked in !row_descriptor.
This field will not be synchronized until some are checked.', $tokens);
}
}
}
if ($to_ldap_entries_mappings_exist && !isset($mappings['[dn]'])) {
$errors['mappings__' . $synch_direction] = t('Mapping rows exist for provisioning to ldap, but no ldap attribute is targetted for [dn].
One row must map to [dn]. This row will have a user token like cn=[property.name],ou=users,dc=ldap,dc=mycompany,dc=com');
}
}
return [
$errors,
$warnings,
];
}