You are here

Home » API reference » Lightweight Directory Access Protocol (LDAP) 8.3 » ldap_user.module

function ldap_user_form_register_form_validate in Lightweight Directory Access Protocol (LDAP) 8.3

Same name and namespace in other branches
  1. 8.4 ldap_user/ldap_user.module \ldap_user_form_register_form_validate()
  2. 8.2 ldap_user/ldap_user.module \ldap_user_form_register_form_validate()
  3. 7.2 ldap_user/ldap_user.module \ldap_user_form_register_form_validate()

Implements hook_form_validate().

1 string reference to 'ldap_user_form_register_form_validate'
ldap_user_form_user_register_form_alter in ldap_user/ldap_user.module
Implements hook_form_FORM_ID_alter().

File

ldap_user/ldap_user.module, line 296
Module for the LDAP User Entity.

Code

function ldap_user_form_register_form_validate($form, FormStateInterface &$form_state) {
  $config = \Drupal::config('ldap_user.settings');
  if (empty($form_state
    ->getValue('ldap_user_association'))) {
    $form_state
      ->setValue('ldap_user_association', $config
      ->get('manualAccountConflict'));
  }
  if ($form_state
    ->getValue('ldap_user_association') == LdapUserAttributesInterface::MANUAL_ACCOUNT_CONFLICT_NO_LDAP_ASSOCIATE) {
    $form_state
      ->set('ldap_user_ldap_exclude', 1);
  }
  $factory = \Drupal::service('ldap.servers');

  // If the corresponding LDAP account does not exist and provision not
  // selected and make LDAP associated is selected, throw error.
  if (!$form_state
    ->getValue('ldap_user_create_ldap_acct') && $form_state
    ->getValue('ldap_user_association') == LdapUserAttributesInterface::MANUAL_ACCOUNT_CONFLICT_LDAP_ASSOCIATE) {
    if (empty($config
      ->get('drupalAcctProvisionServer'))) {
      $form_state
        ->setErrorByName('ldap_user_missing_', t('The provisioning server is not set up correctly.'));
      \Drupal::logger('ldap_user')
        ->error('No server available for provisioning to Drupal.');
    }
  }

  // If trying to provision an LDAP account and one already exists, throw error.
  if ($form_state
    ->getValue('ldap_user_create_ldap_acct')) {
    if (empty($config
      ->get('ldapEntryProvisionServer'))) {
      $form_state
        ->setErrorByName('ldap_user_missing_', t('The provisioning server is not set up correctly.'));
      \Drupal::logger('ldap_user')
        ->error('No server available for provisioning to LDAP.');
    }
    else {
      $ldap_user = $factory
        ->getUserDataFromServerByIdentifier($form_state
        ->getValue('name'), $config
        ->get('ldapEntryProvisionServer'), 'ldap_user_prov_to_ldap');
      if ($ldap_user) {
        $form_state
          ->setErrorByName('ldap_user_create_ldap_acct', t('User %name already has a corresponding LDAP Entry (%dn). Uncheck "Create corresponding LDAP entry" to allow this Drupal user to be created. Select "Make this an LDAP associated account" to associate this account with the LDAP entry.', [
          '%dn' => $ldap_user['dn'],
          '%name' => $form_state
            ->getValue('name'),
        ]));
      }
    }
  }

  // If a conflict with an LDAP account exists (no association), throw error.
  if ($form_state
    ->getValue('ldap_user_association') == LdapUserAttributesInterface::MANUAL_ACCOUNT_CONFLICT_REJECT) {
    $ldap_user = $factory
      ->getUserDataFromServerByIdentifier($form_state
      ->getValue('name'), $config
      ->get('drupalAcctProvisionServer'));
    if ($ldap_user) {
      $form_state
        ->setErrorByName('name', t('User %name conflicts with an LDAP Entry (%dn). Creation blocked per your configuration.', [
        '%dn' => $ldap_user['dn'],
        '%name' => $form_state
          ->getValue('name'),
      ]));
    }
  }
}