You are here

Home » API reference » Lightweight Directory Access Protocol (LDAP) 7.2 » ldap_user.module

function ldap_user_user_login in Lightweight Directory Access Protocol (LDAP) 7.2

Same name and namespace in other branches
  1. 8.4 ldap_user/ldap_user.module \ldap_user_user_login()
  2. 8.2 ldap_user/ldap_user.module \ldap_user_user_login()
  3. 8.3 ldap_user/ldap_user.module \ldap_user_user_login()

Implements hook_user_login().

File

ldap_user/ldap_user.module, line 843
Module for the LDAP User Entity.

Code

function ldap_user_user_login(&$edit, $account) {
  if (ldap_user_ldap_exclude($account, $edit)) {
    return;
  }
  $ldap_user_conf = ldap_user_conf();
  $user_edit = [];
  ldap_user_reset_provision_server($ldap_user_conf, $account);

  // Provision or synch to ldap, not both.
  $provision_result = [
    'status' => 'none',
  ];

  // Provision to ldap
  // Check for first time user.
  if ($ldap_user_conf->provisionsLdapEntriesFromDrupalUsers && ldap_user_ldap_provision_semaphore('provision', 'get', $account->name) === FALSE && !$ldap_user_conf
    ->getProvisionRelatedLdapEntry($account) && $ldap_user_conf->ldapEntryProvisionServer && $ldap_user_conf
    ->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY, LDAP_USER_LDAP_ENTRY_PROV_ON_AUTHENTICATE)) {
    $provision_result = $ldap_user_conf
      ->provisionLdapEntry($account);
    if ($provision_result['status'] == 'success') {
      ldap_user_ldap_provision_semaphore('provision', 'set', $account->name);
    }
  }

  // don't synch if just provisioned.
  if ($ldap_user_conf->provisionsLdapEntriesFromDrupalUsers && ldap_user_ldap_provision_semaphore('synch', 'get', $account->name) === FALSE && $provision_result['status'] != 'success' && $ldap_user_conf
    ->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY, LDAP_USER_LDAP_ENTRY_PROV_ON_AUTHENTICATE)) {
    $bool_result = $ldap_user_conf
      ->synchToLdapEntry($account, $user_edit);
    if ($bool_result) {
      ldap_user_ldap_provision_semaphore('synch', 'set', $account->name);
    }
  }
  $prov_enabled = $ldap_user_conf
    ->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, LDAP_USER_LDAP_ENTRY_PROV_ON_AUTHENTICATE);

  // Provision from LDAP if a new account was not just provisioned from LDAP.
  if (ldap_user_ldap_provision_semaphore('drupal_created', 'get', $account->name) === FALSE) {
    if ($ldap_user_conf->provisionsDrupalAccountsFromLdap && in_array(LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER, array_keys($ldap_user_conf->provisionsDrupalEvents))) {
      $ldap_user = ldap_servers_get_user_ldap_data($account->name, $ldap_user_conf->drupalAcctProvisionServer, 'ldap_user_prov_to_drupal');
      if ($ldap_user) {
        $ldap_server = ldap_servers_get_servers($ldap_user_conf->drupalAcctProvisionServer, NULL, TRUE);
        $ldap_user_conf
          ->entryToUserEdit($ldap_user, $user_edit, $ldap_server, LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, [
          LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER,
        ]);

        // See #1973352 and #935592.
        if (empty($account->picture->fid)) {
          $account2 = user_load($account->uid);
          $account->picture = $account2->picture;
        }
        $account = user_save($account, $user_edit, 'ldap_user');
      }
    }
  }
}