View source
<?php
declare (strict_types=1);
namespace Drupal\ldap_user\Processor;
use Drupal\Core\Config\ConfigFactory;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\Core\Extension\ModuleHandler;
use Drupal\Core\State\StateInterface;
use Drupal\externalauth\Authmap;
use Drupal\ldap_query\Controller\QueryController;
use Drupal\ldap_servers\Logger\LdapDetailLog;
use Drupal\user\UserInterface;
use Psr\Log\LoggerInterface;
use Symfony\Component\Ldap\Entry;
class GroupUserUpdateProcessor {
protected $logger;
protected $detailLog;
protected $config;
protected $state;
protected $moduleHandler;
protected $entityTypeManager;
protected $externalAuth;
protected $queryController;
protected $drupalUserProcessor;
protected $ldapServer;
protected $userStorage;
public function __construct(LoggerInterface $logger, LdapDetailLog $detail_log, ConfigFactory $config, StateInterface $state, ModuleHandler $module_handler, EntityTypeManagerInterface $entity_type_manager, Authmap $external_auth, QueryController $query_controller, DrupalUserProcessor $drupal_user_processor) {
$this->logger = $logger;
$this->detailLog = $detail_log;
$this->config = $config
->get('ldap_user.settings');
$this->drupalUserProcessor = $drupal_user_processor;
$this->state = $state;
$this->moduleHandler = $module_handler;
$this->entityTypeManager = $entity_type_manager;
$this->externalAuth = $external_auth;
$this->queryController = $query_controller;
$this->ldapServer = $this->entityTypeManager
->getStorage('ldap_server')
->load($this->config
->get('drupalAcctProvisionServer'));
$this->userStorage = $this->entityTypeManager
->getStorage('user');
}
protected function constraintsValid() : bool {
if (!$this->queryController) {
$this->logger
->error('Configured query for update mechanism cannot be loaded.');
return FALSE;
}
return TRUE;
}
public function updateDue() : bool {
$lastRun = $this->state
->get('ldap_user_cron_last_group_user_update', 1);
$result = FALSE;
switch ($this->config
->get('userUpdateCronInterval')) {
case 'always':
$result = TRUE;
break;
case 'daily':
$result = strtotime('today -1 day') - $lastRun >= 0;
break;
case 'weekly':
$result = strtotime('today -7 day') - $lastRun >= 0;
break;
case 'monthly':
$result = strtotime('today -30 day') - $lastRun >= 0;
break;
}
return $result;
}
private function updateAuthorizations(UserInterface $user) : void {
if ($this->moduleHandler
->moduleExists('ldap_authorization')) {
$authorization_manager = \Drupal::service('authorization.manager');
$authorization_manager
->setUser($user);
$authorization_manager
->setAllProfiles();
}
else {
$user
->save();
}
}
public function runQuery(string $id) : void {
$this->queryController
->load($id);
if (!$this
->constraintsValid()) {
return;
}
$this->queryController
->execute();
$entries = $this->queryController
->getRawResults();
$attribute = $this->ldapServer
->getAuthenticationNameAttribute();
if (empty($attribute)) {
$this->logger
->error('No authentication name attribute set for periodic update.');
return;
}
$this->logger
->notice('Processing @count accounts for periodic update.', [
'@count' => count($entries),
]);
foreach ($entries as $entry) {
$this
->processAccount($entry, $attribute);
}
$this->state
->set('ldap_user_cron_last_group_user_update', strtotime('today'));
}
protected function processAccount(Entry $entry, string $attribute) : void {
if (!$entry
->hasAttribute($attribute, FALSE)) {
$this->detailLog
->log('DN @dn missing authentication name.', [
'@dn' => $entry
->getDn(),
], 'ldap_user');
return;
}
$username = $entry
->getAttribute($attribute, FALSE)[0];
$this->drupalUserProcessor
->reset();
$uid = $this->externalAuth
->getUid($username, 'ldap_user');
if (!$uid) {
$result = $this->drupalUserProcessor
->createDrupalUserFromLdapEntry([
'name' => $username,
'status' => TRUE,
]);
if ($result) {
$this->detailLog
->log('Periodic update: @name created', [
'@name' => $username,
], 'ldap_user');
$uid = $this->externalAuth
->getUid($username, 'ldap_user');
}
else {
$this->logger
->error('Periodic update: Error creating user @name', [
'@name' => $username,
]);
return;
}
}
$drupal_account = $this->userStorage
->load($uid);
$this->drupalUserProcessor
->drupalUserLogsIn($drupal_account);
$user = $this->userStorage
->load($drupal_account
->id());
$this
->updateAuthorizations($user);
$this->detailLog
->log('Periodic update: @name updated', [
'@name' => $username,
], 'ldap_user');
}
}