function ldap_user_form_register_form_validate in Lightweight Directory Access Protocol (LDAP) 8.4
Same name and namespace in other branches
- 8.2 ldap_user/ldap_user.module \ldap_user_form_register_form_validate()
- 8.3 ldap_user/ldap_user.module \ldap_user_form_register_form_validate()
- 7.2 ldap_user/ldap_user.module \ldap_user_form_register_form_validate()
Implements hook_form_validate().
1 string reference to 'ldap_user_form_register_form_validate'
- ldap_user_form_user_register_form_alter in ldap_user/
ldap_user.module - Implements hook_form_FORM_ID_alter().
File
- ldap_user/
ldap_user.module, line 349
Code
function ldap_user_form_register_form_validate($form, FormStateInterface $form_state) {
$config = \Drupal::config('ldap_user.settings');
/** @var \Drupal\ldap_servers\LdapUserManager $ldap_user_manager */
$ldap_user_manager = \Drupal::service('ldap.user_manager');
if (empty($form_state
->getValue('ldap_user_association'))) {
$form_state
->setValue('ldap_user_association', $config
->get('manualAccountConflict'));
}
if ($form_state
->getValue('ldap_user_association') === LdapUserAttributesInterface::MANUAL_ACCOUNT_CONFLICT_NO_LDAP_ASSOCIATE) {
$form_state
->set('ldap_user_ldap_exclude', 1);
}
// If the corresponding LDAP account does not exist and provision not
// selected and make LDAP associated is selected, throw error.
if (!$form_state
->getValue('ldap_user_create_ldap_acct') && $form_state
->getValue('ldap_user_association') === LdapUserAttributesInterface::MANUAL_ACCOUNT_CONFLICT_LDAP_ASSOCIATE && empty($config
->get('drupalAcctProvisionServer'))) {
$form_state
->setErrorByName('ldap_user_missing_', t('The provisioning server is not set up correctly.'));
\Drupal::logger('ldap_user')
->error('No server available for provisioning to Drupal.');
}
// If trying to provision an LDAP account and one already exists, throw error.
if ($form_state
->getValue('ldap_user_create_ldap_acct')) {
if (empty($config
->get('ldapEntryProvisionServer'))) {
$form_state
->setErrorByName('ldap_user_missing_', t('The provisioning server is not set up correctly.'));
\Drupal::logger('ldap_user')
->error('No server available for provisioning to LDAP.');
}
else {
$ldap_user_manager
->setServerById($config
->get('ldapEntryProvisionServer'));
$ldap_user = $ldap_user_manager
->getUserDataByIdentifier($form_state
->getValue('name'));
if ($ldap_user) {
$form_state
->setErrorByName('ldap_user_create_ldap_acct', t('User %name already has a corresponding LDAP Entry (%dn). Uncheck "Create corresponding LDAP entry" to allow this Drupal user to be created. Select "Make this an LDAP associated account" to associate this account with the LDAP entry.', [
'%dn' => $ldap_user
->getDn(),
'%name' => $form_state
->getValue('name'),
]));
}
}
}
// If a conflict with an LDAP account exists (no association), throw error.
if ($form_state
->getValue('ldap_user_association') === LdapUserAttributesInterface::MANUAL_ACCOUNT_CONFLICT_REJECT) {
// @todo The behavior of what to do with missing provisioning server in the
// validation check cases is mostly undefined. Ideally we'd prevent such
// a setup from occurring, or at least behaving more consistently.
if ($config
->get('drupalAcctProvisionServer')) {
$ldap_user_manager
->setServerById($config
->get('drupalAcctProvisionServer'));
$ldap_user = $ldap_user_manager
->getUserDataByIdentifier($form_state
->getValue('name'));
if ($ldap_user) {
$form_state
->setErrorByName('name', t('User %name conflicts with an LDAP Entry (%dn). Creation blocked per your configuration.', [
'%dn' => $ldap_user
->getDn(),
'%name' => $form_state
->getValue('name'),
]));
}
}
else {
\Drupal::logger('ldap_user')
->notice('No server available for provisioning to Drupal, conflict rejection has no effect.');
}
}
}