You are here

public function LdapUserAdminForm::validateForm in Lightweight Directory Access Protocol (LDAP) 8.3

Form validation handler.

Parameters

array $form: An associative array containing the structure of the form.

\Drupal\Core\Form\FormStateInterface $form_state: The current state of the form.

Overrides FormBase::validateForm

File

ldap_user/src/Form/LdapUserAdminForm.php, line 498

Class

LdapUserAdminForm
Provides the form to configure user configuration and field mapping.

Namespace

Drupal\ldap_user\Form

Code

public function validateForm(array &$form, FormStateInterface $form_state) {
  $values = $form_state
    ->getValues();
  $drupalMapKey = 'mappings__' . self::PROVISION_TO_DRUPAL . '__table';
  $ldapMapKey = 'mappings__' . self::PROVISION_TO_LDAP . '__table';
  if ($values['drupalAcctProvisionServer'] != 'none') {
    foreach ($values[$drupalMapKey] as $key => $mapping) {
      if (isset($mapping['configurable_to_drupal']) && $mapping['configurable_to_drupal'] == 1) {

        // Check that the source is not empty for the selected field to sync
        // to Drupal.
        if ($mapping['user_attr'] !== '0') {
          if ($mapping['ldap_attr'] == NULL) {
            $formElement = $form['basic_to_drupal']['mappings__' . self::PROVISION_TO_DRUPAL][$drupalMapKey][$key];
            $form_state
              ->setError($formElement, $this
              ->t('Missing LDAP attribute'));
          }
        }
      }
    }
  }
  if ($values['ldapEntryProvisionServer'] != 'none') {
    foreach ($values[$ldapMapKey] as $key => $mapping) {
      if (isset($mapping['configurable_to_drupal']) && $mapping['configurable_to_drupal'] == 1) {

        // Check that the token is not empty if a user token is in use.
        if (isset($mapping['user_attr']) && $mapping['user_attr'] == 'user_tokens') {
          if (isset($mapping['user_tokens']) && empty(trim($mapping['user_tokens']))) {
            $formElement = $form['basic_to_ldap']['mappings__' . self::PROVISION_TO_LDAP][$ldapMapKey][$key];
            $form_state
              ->setError($formElement, $this
              ->t('Missing user token.'));
          }
        }

        // Check that a target attribute is set.
        if ($mapping['user_attr'] !== '0') {
          if ($mapping['ldap_attr'] == NULL) {
            $formElement = $form['basic_to_ldap']['mappings__' . self::PROVISION_TO_LDAP][$ldapMapKey][$key];
            $form_state
              ->setError($formElement, $this
              ->t('Missing LDAP attribute'));
          }
        }
      }
    }
  }
  $processedLdapSyncMappings = $this
    ->syncMappingsFromForm($form_state
    ->getValues(), self::PROVISION_TO_LDAP);
  $processedDrupalSyncMappings = $this
    ->syncMappingsFromForm($form_state
    ->getValues(), self::PROVISION_TO_DRUPAL);

  // Set error for entire table if [dn] is missing.
  if ($values['ldapEntryProvisionServer'] != 'none' && !isset($processedLdapSyncMappings['dn'])) {
    $form_state
      ->setErrorByName($ldapMapKey, $this
      ->t('Mapping rows exist for provisioning to LDAP, but no LDAP attribute is targeted for [dn]. One row must map to [dn]. This row will have a user token like cn=[property.name],ou=users,dc=ldap,dc=mycompany,dc=com'));
  }

  // Make sure only one attribute column is present.
  foreach ($processedLdapSyncMappings as $key => $mapping) {
    $maps = [];
    ConversionHelper::extractTokenAttributes($maps, $mapping['ldap_attr']);
    if (count(array_keys($maps)) > 1) {

      // TODO: Move this check out of processed mappings to be able to set the
      // error by field.
      $form_state
        ->setErrorByName($ldapMapKey, $this
        ->t('When provisioning to LDAP, LDAP attribute column must be singular token such as [cn]. %ldap_attr is not. Do not use compound tokens such as "[displayName] [sn]" or literals such as "physics".', [
        '%ldap_attr' => $mapping['ldap_attr'],
      ]));
    }
  }

  // Notify the user if no actual synchronization event is active for a field.
  $this
    ->checkEmptyEvents($processedLdapSyncMappings);
  $this
    ->checkEmptyEvents($processedDrupalSyncMappings);
  if (!$this
    ->checkPuidForOrphans($values['orphanedDrupalAcctBehavior'], $values['drupalAcctProvisionServer'])) {
    $form_state
      ->setErrorByName('orphanedDrupalAcctBehavior', $this
      ->t('You do not have a persistent user ID set in your server.'));
  }
}