function ldapauth_admin_options in LDAP integration 5
Same name and namespace in other branches
- 5.2 ldapauth.module \ldapauth_admin_options()
1 string reference to 'ldapauth_admin_options'
- ldapauth_menu in ./
ldapauth.module - Implements hook_menu()
File
- ./
ldapauth.module, line 256
Code
function ldapauth_admin_options() {
$options_login_process = array(
LDAP_FIRST_DRUPAL => t('Drupal\'s DB first, then LDAP directory'),
//LDAP_OR_DRUPAL => t('If LDAP user, LDAP only; otherwise Drupal DB'),
LDAP_FIRST_LDAP => t('LDAP directory only'),
);
$form['system-options'] = array(
'#type' => 'fieldset',
'#title' => t('Authentication mode'),
'#description' => t('<p><strong>NOTE:</strong> These settings have no effect on Drupal user with uid 1. The admin account never uses LDAP.</p>'),
'#collapsible' => TRUE,
'#collapsed' => TRUE,
);
$form['system-options']['ldap_login_process'] = array(
'#type' => 'radios',
'#title' => t('Choose authentication mode'),
'#description' => t('<p>Pick the mode based on the types of user accounts and other configuration decisions...</p>'),
'#default_value' => variable_get('ldap_login_process', LDAP_FIRST_DRUPAL),
'#options' => $options_login_process,
'#required' => true,
);
$form['security-options'] = array(
'#type' => 'fieldset',
'#title' => t('Security Options'),
'#collapsible' => TRUE,
'#description' => t('<p>If you use the <strong>ldapdata</strong> module and want to allow users to modify their LDAP attributes, you have two options:</p><ul><li>Setup a special ldap manager DN that has (limited) permissions to edit the requisite LDAP records - using this method means Drupal\'s built in password reset will work;</li> <li>or allow this module to store the user\'s LDAP password, in clear text, during the session;</li></ul><p>Physically, these passwords are stored in the Drupal\'s session table in clear text. This is not ideal and is not the recomended configuration.</p><p>Unless you need to use the latter configuration, leave this checked.</p>'),
'#collapsed' => TRUE,
);
$form['security-options']['ldap_forget_passwords'] = array(
'#type' => 'checkbox',
'#title' => t('Do not store users\' passwords during sessions'),
'#return_value' => true,
'#default_value' => variable_get('ldap_forget_passwords', true),
);
$form['anonymous-ui'] = array(
'#type' => 'fieldset',
'#title' => t('Anonymous UI Options'),
'#description' => t('<p>Effects the interface for all non-authenticated users.</p>'),
'#collapsible' => TRUE,
'#collapsed' => TRUE,
);
$form['anonymous-ui']['ldap_disable_request_new_password'] = array(
'#type' => 'checkbox',
'#title' => t('Remove <em>Request new password</em> link from login block'),
'#return_value' => TRUE,
'#default_value' => variable_get('ldap_disable_request_new_password', FALSE),
);
$options_reset_form = array(
LDAP_RESET_FORM_NO => t('Do nothing'),
LDAP_RESET_FORM_OVERWRITE => t('Overwrite form with HTML in textfield'),
LDAP_RESET_FORM_MERGE => t('Prepend HTML to form'),
);
$form['anonymous-ui']['ldap_alter_reset_form'] = array(
'#type' => 'radios',
'#title' => t('Alter <em>Request New Password</em> form'),
'#default_value' => variable_get('ldap_alter_reset_form', LDAP_RESET_FORM_NO),
'#options' => $options_reset_form,
'#required' => true,
);
$form['anonymous-ui']['ldap_user_pass_form'] = array(
'#type' => 'textarea',
'#title' => t('New password reset message'),
'#default_value' => variable_get('ldap_user_pass_form', '<h2>Form disabled by administrator.<h2>'),
'#cols' => 45,
'#rows' => 3,
'#maxlength' => 250,
'#disabled' => variable_get('ldap_alter_reset_form', LDAP_RESET_FORM_NO) == LDAP_RESET_FORM_NO ? TRUE : FALSE,
'#description' => t('<p>The <em>Request New Password</em> form cannot be removed, but it can be altered. Pick the mode based on the types of user accounts and other configuration decisions.</p>'),
);
$form['ldap-ui'] = array(
'#type' => 'fieldset',
'#title' => t('LDAP UI Options'),
'#description' => t('<p>Alters LDAP users\' interface only, though admin accounts can still access email and password fields of LDAP users regardless of selections. Does not effect non-LDAP authenticated accounts. </p>'),
'#collapsible' => TRUE,
'#collapsed' => TRUE,
);
$form['ldap-ui']['ldap_disable_user_request_password'] = array(
'#type' => 'checkbox',
'#title' => t('Remove password change fields from user edit form'),
'#default_value' => variable_get('ldap_disable_user_request_password', FALSE),
);
$options_email_field = array(
LDAP_EMAIL_FIELD_NO => t('Do nothing'),
LDAP_EMAIL_FIELD_REMOVE => t('Remove email field from form'),
LDAP_EMAIL_FIELD_DISABLE => t('Disable email field on form'),
);
$form['ldap-ui']['ldap_alter_email_field'] = array(
'#type' => 'radios',
'#title' => t('Alter email field on user edit form'),
'#description' => t('<p>Remove or disable email field from user edit form for LDAP authenticated users.</p>'),
'#default_value' => variable_get('ldap_alter_email_field', LDAP_EMAIL_FIELD_NO),
'#options' => $options_email_field,
'#required' => true,
);
$form['ldap_restore_defaults'] = array(
'#type' => 'checkbox',
'#title' => t('Reset to default values'),
'#default_value' => variable_get('ldap_restore_defaults', FALSE),
);
$form['submit'] = array(
'#type' => 'submit',
'#value' => 'Save configuration',
);
return $form;
}