public function LdapUserProcessor::drupalUserToLdapEntry in Lightweight Directory Access Protocol (LDAP) 8.3
Populate LDAP entry array for provisioning.
Parameters
\Drupal\user\Entity\User $account: Drupal account.
\Drupal\ldap_servers\Entity\Server $ldap_server: LDAP server.
array $params: Parameters with the following key values: 'ldap_context' => 'module' => module calling function, e.g. 'ldap_user' 'function' => function calling function, e.g. 'provisionLdapEntry' 'include_count' => should 'count' array key be included 'direction' => self::PROVISION_TO_LDAP || self::PROVISION_TO_DRUPAL.
array|null $ldapUserEntry: The LDAP user entry.
Return value
array Array of (ldap entry, $result) in LDAP extension array format. THIS IS NOT THE ACTUAL LDAP ENTRY.
Throws
\Drupal\ldap_user\Exception\LdapBadParamsException
3 calls to LdapUserProcessor::drupalUserToLdapEntry()
- LdapUserProcessor::getProvisionRelatedLdapEntry in ldap_user/
src/ Processor/ LdapUserProcessor.php - Given a Drupal account, find the related LDAP entry.
- LdapUserProcessor::provisionLdapEntry in ldap_user/
src/ Processor/ LdapUserProcessor.php - Provision an LDAP entry if none exists.
- LdapUserProcessor::syncToLdapEntry in ldap_user/
src/ Processor/ LdapUserProcessor.php - Given a Drupal account, sync to related LDAP entry.
File
- ldap_user/
src/ Processor/ LdapUserProcessor.php, line 191
Class
- LdapUserProcessor
- Processor for LDAP provisioning.
Namespace
Drupal\ldap_user\ProcessorCode
public function drupalUserToLdapEntry(User $account, Server $ldap_server, array $params, $ldapUserEntry = NULL) {
$provision = isset($params['function']) && $params['function'] == 'provisionLdapEntry';
if (!$ldapUserEntry) {
$ldapUserEntry = [];
}
if (!is_object($account) || !is_object($ldap_server)) {
throw new LdapBadParamsException('Missing user or server.');
}
$include_count = isset($params['include_count']) && $params['include_count'];
$direction = isset($params['direction']) ? $params['direction'] : self::PROVISION_TO_ALL;
$prov_events = empty($params['prov_events']) ? LdapConfiguration::getAllEvents() : $params['prov_events'];
$syncMapper = new SyncMappingHelper();
$mappings = $syncMapper
->getSyncMappings($direction, $prov_events);
// Loop over the mappings.
foreach ($mappings as $field_key => $field_detail) {
list($ldapAttributeName, $ordinal) = $this
->extractTokenParts($field_key);
$ordinal = !$ordinal ? 0 : $ordinal;
if ($ldapUserEntry && isset($ldapUserEntry[$ldapAttributeName]) && is_array($ldapUserEntry[$ldapAttributeName]) && isset($ldapUserEntry[$ldapAttributeName][$ordinal])) {
// Don't override values passed in.
continue;
}
$synced = $syncMapper
->isSynced($field_key, $params['prov_events'], self::PROVISION_TO_LDAP);
if ($synced) {
$token = $field_detail['user_attr'] == 'user_tokens' ? $field_detail['user_tokens'] : $field_detail['user_attr'];
$value = $this->tokenProcessor
->tokenReplace($account, $token, 'user_account');
// Deal with empty/unresolved password.
if (substr($token, 0, 10) == '[password.' && (!$value || $value == $token)) {
if (!$provision) {
// Don't overwrite password on sync if no value provided.
continue;
}
}
if ($ldapAttributeName == 'dn' && $value) {
$ldapUserEntry['dn'] = $value;
}
elseif ($value) {
if (!isset($ldapUserEntry[$ldapAttributeName]) || !is_array($ldapUserEntry[$ldapAttributeName])) {
$ldapUserEntry[$ldapAttributeName] = [];
}
$ldapUserEntry[$ldapAttributeName][$ordinal] = $value;
if ($include_count) {
$ldapUserEntry[$ldapAttributeName]['count'] = count($ldapUserEntry[$ldapAttributeName]);
}
}
}
}
// Allow other modules to alter $ldap_user.
\Drupal::moduleHandler()
->alter('ldap_entry', $ldapUserEntry, $params);
return $ldapUserEntry;
}