You are here

Home » API reference » Lightweight Directory Access Protocol (LDAP) 8.4 » LdapEntryProvisionSubscriber.php » LdapEntryProvisionSubscriber

private function LdapEntryProvisionSubscriber::provisionLdapEntry in Lightweight Directory Access Protocol (LDAP) 8.4

Provision an LDAP entry if none exists.

If one exists do nothing, takes Drupal user as argument.

Return value

bool Provisioning successful.

3 calls to LdapEntryProvisionSubscriber::provisionLdapEntry()
LdapEntryProvisionSubscriber::login in ldap_user/src/EventSubscriber/LdapEntryProvisionSubscriber.php
Handle account login with LDAP entry provisioning.
LdapEntryProvisionSubscriber::userCreated in ldap_user/src/EventSubscriber/LdapEntryProvisionSubscriber.php
Create or update LDAP entries on user creation.
LdapEntryProvisionSubscriber::userUpdated in ldap_user/src/EventSubscriber/LdapEntryProvisionSubscriber.php
Create or update LDAP entries on user update.

File

ldap_user/src/EventSubscriber/LdapEntryProvisionSubscriber.php, line 482

Class

LdapEntryProvisionSubscriber
Event subscribers for creating and updating LDAP entries.

Namespace

Drupal\ldap_user\EventSubscriber

Code

private function provisionLdapEntry() : bool {
  if ($this->account
    ->isAnonymous()) {
    $this->logger
      ->notice('Cannot provision LDAP user unless corresponding Drupal account exists.');
    return FALSE;
  }
  if (!$this->config
    ->get('ldapEntryProvisionServer')) {
    $this->logger
      ->error('No provisioning server enabled');
    return FALSE;
  }
  try {
    $entry = $this
      ->buildLdapEntry(self::EVENT_CREATE_LDAP_ENTRY);
  } catch (\Exception $e) {
    $this->logger
      ->error('User or server is missing during LDAP provisioning: %message', [
      '%message',
      $e
        ->getMessage(),
    ]);
    return FALSE;
  }
  if (empty($entry
    ->getDn())) {
    $this->detailLog
      ->log('Failed to derive DN.', [], 'ldap_user');
    return FALSE;
  }
  if (empty($entry
    ->getAttributes())) {
    $this->detailLog
      ->log('No attributes defined in mappings.', [], 'ldap_user');
    return FALSE;
  }

  // Stick $proposedLdapEntry in $ldapEntries array for drupal_alter.
  $context = [
    'action' => 'add',
    'corresponding_drupal_data_type' => 'user',
    'account' => $this->account,
  ];
  $this->moduleHandler
    ->alter('ldap_entry_pre_provision', $entry, $this->ldapServer, $context);
  if ($this->ldapUserManager
    ->createLdapEntry($entry)) {
    $callback_params = [
      $entry,
      $this->ldapServer,
      $context,
    ];
    $this->moduleHandler
      ->invokeAll('ldap_entry_post_provision', $callback_params);
    $this
      ->updateUserProvisioningReferences($entry);
  }
  else {
    $this->logger
      ->error('LDAP entry for @username cannot be created on @sid. Proposed DN: %dn)', [
      '%dn' => $entry
        ->getDn(),
      '@sid' => $this->ldapServer
        ->id(),
      '@username' => $this->account ? $this->account
        ->getAccountName() : 'Missing',
    ]);
    return FALSE;
  }
  $this->detailLog
    ->log('LDAP entry for @username on server @sid created for DN %dn.', [
    '%dn' => $entry
      ->getDn(),
    '@sid' => $this->ldapServer
      ->id(),
    '@username' => $this->account ? $this->account
      ->getAccountName() : 'Missing',
  ], 'ldap_user');
  return TRUE;
}