public function DrupalUserProcessor::alterLdapUserAttributes in Lightweight Directory Access Protocol (LDAP) 8.3
LDAP attributes to alter.
Parameters
array $availableUserAttributes: Available attributes.
array $params: Parameters.
Return value
array Altered attributes.
File
- ldap_user/
src/ Processor/ DrupalUserProcessor.php, line 284
Class
- DrupalUserProcessor
- Handles processing of a user from LDAP to Drupal.
Namespace
Drupal\ldap_user\ProcessorCode
public function alterLdapUserAttributes(array $availableUserAttributes, array $params) {
if (isset($params['direction'])) {
$direction = $params['direction'];
}
else {
$direction = self::PROVISION_TO_NONE;
}
if ($direction == self::PROVISION_TO_LDAP) {
$availableUserAttributes['[property.name]'] = [
'name' => 'Property: Username',
'source' => '',
'direction' => self::PROVISION_TO_LDAP,
'enabled' => TRUE,
'prov_events' => [
self::EVENT_CREATE_DRUPAL_USER,
self::EVENT_SYNC_TO_DRUPAL_USER,
],
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
'configurable_to_ldap' => TRUE,
];
$availableUserAttributes['[property.mail]'] = [
'name' => 'Property: Email',
'source' => '',
'direction' => self::PROVISION_TO_LDAP,
'enabled' => TRUE,
'prov_events' => [
self::EVENT_CREATE_DRUPAL_USER,
self::EVENT_SYNC_TO_DRUPAL_USER,
],
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
'configurable_to_ldap' => TRUE,
];
$availableUserAttributes['[property.picture]'] = [
'name' => 'Property: picture',
'source' => '',
'direction' => self::PROVISION_TO_LDAP,
'enabled' => TRUE,
'prov_events' => [
self::EVENT_CREATE_DRUPAL_USER,
self::EVENT_SYNC_TO_DRUPAL_USER,
],
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
'configurable_to_ldap' => TRUE,
];
$availableUserAttributes['[property.uid]'] = [
'name' => 'Property: Drupal User Id (uid)',
'source' => '',
'direction' => self::PROVISION_TO_LDAP,
'enabled' => TRUE,
'prov_events' => [
self::EVENT_CREATE_DRUPAL_USER,
self::EVENT_SYNC_TO_DRUPAL_USER,
],
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
'configurable_to_ldap' => TRUE,
];
}
// 1. Drupal user properties
// 1.a make sure empty array are present so array + function works.
foreach ([
'property.status',
'property.timezone',
'property.signature',
] as $property_id) {
$property_token = '[' . $property_id . ']';
if (!isset($availableUserAttributes[$property_token]) || !is_array($availableUserAttributes[$property_token])) {
$availableUserAttributes[$property_token] = [];
}
}
// @todo make these merges so they don't override saved values such as 'enabled'
$availableUserAttributes['[property.status]'] = $availableUserAttributes['[property.status]'] + [
'name' => 'Property: Account Status',
'configurable_to_drupal' => 1,
'configurable_to_ldap' => 1,
'user_tokens' => '1=enabled, 0=blocked.',
'enabled' => FALSE,
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
];
$availableUserAttributes['[property.timezone]'] = $availableUserAttributes['[property.timezone]'] + [
'name' => 'Property: User Timezone',
'configurable_to_drupal' => 1,
'configurable_to_ldap' => 1,
'enabled' => FALSE,
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
];
$availableUserAttributes['[property.signature]'] = $availableUserAttributes['[property.signature]'] + [
'name' => 'Property: User Signature',
'configurable_to_drupal' => 1,
'configurable_to_ldap' => 1,
'enabled' => FALSE,
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
];
// 2. Drupal user fields.
$user_fields = \Drupal::entityManager()
->getFieldStorageDefinitions('user');
foreach ($user_fields as $field_name => $field_instance) {
$field_id = "[field.{$field_name}]";
if (!isset($availableUserAttributes[$field_id]) || !is_array($availableUserAttributes[$field_id])) {
$availableUserAttributes[$field_id] = [];
}
$availableUserAttributes[$field_id] = $availableUserAttributes[$field_id] + [
'name' => t('Field: @label', [
'@label' => $field_instance
->getLabel(),
]),
'configurable_to_drupal' => 1,
'configurable_to_ldap' => 1,
'enabled' => FALSE,
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
];
}
if (!LdapConfiguration::provisionsDrupalAccountsFromLdap()) {
$availableUserAttributes['[property.mail]']['config_module'] = 'ldap_user';
$availableUserAttributes['[property.name]']['config_module'] = 'ldap_user';
$availableUserAttributes['[property.picture]']['config_module'] = 'ldap_user';
}
if ($direction == self::PROVISION_TO_LDAP) {
$availableUserAttributes['[password.random]'] = [
'name' => 'Password: Random password',
'source' => '',
'direction' => self::PROVISION_TO_LDAP,
'enabled' => TRUE,
'prov_events' => [
self::EVENT_CREATE_DRUPAL_USER,
self::EVENT_SYNC_TO_DRUPAL_USER,
],
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
'configurable_to_ldap' => TRUE,
];
// Use user password when available fall back to random pwd.
$availableUserAttributes['[password.user-random]'] = [
'name' => 'Password: Plain user password or random',
'source' => '',
'direction' => self::PROVISION_TO_LDAP,
'enabled' => TRUE,
'prov_events' => [
self::EVENT_CREATE_DRUPAL_USER,
self::EVENT_SYNC_TO_DRUPAL_USER,
],
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
'configurable_to_ldap' => TRUE,
];
// Use user password, do not modify if unavailable.
$availableUserAttributes['[password.user-only]'] = [
'name' => 'Password: Plain user password',
'source' => '',
'direction' => self::PROVISION_TO_LDAP,
'enabled' => TRUE,
'prov_events' => [
self::EVENT_CREATE_DRUPAL_USER,
self::EVENT_SYNC_TO_DRUPAL_USER,
],
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
'configurable_to_ldap' => TRUE,
];
}
// TODO: This is possibly an overlap with SyncMappingHelper.
$mappings = $this->config
->get('ldapUserSyncMappings');
// This is where need to be added to arrays.
if (!empty($mappings[$direction])) {
$availableUserAttributes = $this
->applyUserAttributes($availableUserAttributes, $mappings, $direction);
}
return [
$availableUserAttributes,
$params,
];
}