public function LdapUserProcessor::syncToLdapEntry in Lightweight Directory Access Protocol (LDAP) 8.3
Given a Drupal account, sync to related LDAP entry.
@TODO: $ldapUser and $testQuery are not in use. Verify that we need actually need those for a missing test case or remove.
Parameters
\Drupal\user\Entity\User $account: Drupal user object.
array $ldapUser: Current LDAP data of user. See README.developers.txt for structure.
bool $testQuery: Test query or live query.
Return value
array|bool Successful sync.
File
- ldap_user/
src/ Processor/ LdapUserProcessor.php, line 65
Class
- LdapUserProcessor
- Processor for LDAP provisioning.
Namespace
Drupal\ldap_user\ProcessorCode
public function syncToLdapEntry(User $account, array $ldapUser = [], $testQuery = FALSE) {
// @TODO 2914053.
if (is_object($account) && $account
->id() == 1) {
// Do not provision or sync user 1.
return FALSE;
}
$result = FALSE;
if ($this->config['ldapEntryProvisionServer']) {
$server = Server::load($this->config['ldapEntryProvisionServer']);
$params = [
'direction' => self::PROVISION_TO_LDAP,
'prov_events' => [
self::EVENT_SYNC_TO_LDAP_ENTRY,
],
'module' => 'ldap_user',
'function' => 'syncToLdapEntry',
'include_count' => FALSE,
];
try {
$proposedLdapEntry = $this
->drupalUserToLdapEntry($account, $server, $params, $ldapUser);
} catch (\Exception $e) {
\Drupal::logger('ldap_user')
->error('Unable to prepare LDAP entry: %message', [
'%message',
$e
->getMessage(),
]);
return FALSE;
}
if (is_array($proposedLdapEntry) && isset($proposedLdapEntry['dn'])) {
// This array represents attributes to be modified; not comprehensive
// list of attributes.
$attributes = [];
foreach ($proposedLdapEntry as $attributeName => $attributeValues) {
if ($attributeName != 'dn') {
if (isset($attributeValues['count'])) {
unset($attributeValues['count']);
}
if (count($attributeValues) == 1) {
$attributes[$attributeName] = $attributeValues[0];
}
else {
$attributes[$attributeName] = $attributeValues;
}
}
}
if ($testQuery) {
$proposedLdapEntry = $attributes;
$result = [
'proposed' => $proposedLdapEntry,
'server' => $server,
];
}
else {
// Stick $proposedLdapEntry in $ldap_entries array for drupal_alter.
$proposedDnLowerCase = mb_strtolower($proposedLdapEntry['dn']);
$ldap_entries = [
$proposedDnLowerCase => $attributes,
];
$context = [
'action' => 'update',
'corresponding_drupal_data' => [
$proposedDnLowerCase => $attributes,
],
'corresponding_drupal_data_type' => 'user',
'account' => $account,
];
\Drupal::moduleHandler()
->alter('ldap_entry_pre_provision', $ldap_entries, $server, $context);
// Remove altered $proposedLdapEntry from $ldap_entries array.
$attributes = $ldap_entries[$proposedDnLowerCase];
$result = $server
->modifyLdapEntry($proposedLdapEntry['dn'], $attributes);
if ($result) {
\Drupal::moduleHandler()
->invokeAll('ldap_entry_post_provision', [
$ldap_entries,
$server,
$context,
]);
}
}
}
else {
$result = FALSE;
}
}
$tokens = [
'%dn' => isset($proposedLdapEntry['dn']) ? $proposedLdapEntry['dn'] : 'null',
'%sid' => $this->config['ldapEntryProvisionServer'],
'%username' => $account
->getAccountName(),
'%uid' => !method_exists($account, 'id') || empty($account
->id()) ? '' : $account
->id(),
'%action' => $result ? t('synced') : t('not synced'),
];
\Drupal::logger('ldap_user')
->info('LDAP entry on server %sid %action dn=%dn for username=%username, uid=%uid', $tokens);
return $result;
}