You are here

Home » API reference » LDAP integration 5 » ldapdata.module

function ldapdata_admin_edit in LDAP integration 5

Same name and namespace in other branches
  1. 5.2 ldapdata.module \ldapdata_admin_edit()
  2. 6 ldapdata.admin.inc \ldapdata_admin_edit()
1 string reference to 'ldapdata_admin_edit'
ldapdata_menu in ./ldapdata.module
Implements hook_menu()

File

./ldapdata.module, line 133

Code

function ldapdata_admin_edit() {
  global $ldap_attributes;
  $sid = arg(4);
  if (arg(3) == "reset" && is_numeric($sid)) {
    $form['sid'] = array(
      '#type' => 'value',
      '#value' => $sid,
    );
    return confirm_form($form, t('Are you sure you want to reset the groups mapping to defaults ?'), 'admin/settings/ldapdata', t('<em>This action cannot be undone.</p>'), t('Reset'), t('Cancel'));
  }
  elseif (arg(3) == "edit" && $sid) {
    $result = db_fetch_array(db_query("SELECT sid, name, ldapdata_mappings, ldapdata_roattrs, ldapdata_rwattrs, ldapdata_binddn, ldapdata_bindpw, ldapdata_bindpw_clear FROM {ldapauth} WHERE sid = %d", $sid));
    $mappings = unserialize($result['ldapdata_mappings']);
    $roattrs = unserialize($result['ldapdata_roattrs']);
    $rwattrs = unserialize($result['ldapdata_rwattrs']);
    $ldapdata_binddn = $result['ldapdata_binddn'];
    $ldapdata_bindpw = $result['ldapdata_bindpw'];
    $ldapdata_bindpw_clear = $result['ldapdata_bindpw_clear'];

    // ATTRIBUTE MAPPING
    $output = "";
    $form['ldap_attribute_mapping'] = array(
      '#type' => 'fieldset',
      '#title' => 'Drupal-LDAP fields mapping',
      '#collapsible' => true,
    );
    $form['ldap_attribute_mapping']['ldap-note'] = array(
      '#value' => t('<p><strong style="color: red;">PLEASE NOTE</strong>: advanced configuration for this module can be set by editing the module\'s config file, located at <em style="font-style: normal; padding: 1px 3px; border: 1px solid #8888CC; background-color: #DDDDFF">modules/ldap_integration/ldap_integration/ldapdata.conf.php</em> in your Drupal install.</p>'),
    );
    $form['ldap_attribute_mapping']['ldap_attr_mapping'] = array(
      '#type' => 'radios',
      '#title' => 'Should Drupal account fields be mapped to LDAP Attributes?',
      '#default_value' => $mappings['access'],
      '#options' => array(
        LDAP_MAP_ATTRIBUTES => t('Changes in account fields will be mapped to LDAP attributes and back (see <em style="font-style: normal; padding: 1px 3px; border: 1px solid #8888CC; background-color: #DDDDFF">modules/ldap_integration/ldap_integration/ldapdata.conf.php</em>)'),
        LDAP_MAP_ATTRIBUTES_READ_ONLY => t('Same, but read-only mode.'),
        LDAP_MAP_NOTHING => t('No attribute mapping will be done at all (<strong><em>Clears any existing mappings</em></strong>)'),
      ),
    );
    $profile_fields = _ldapdata_retrieve_profile_fields();
    $standard_fields = _ldapdata_retrieve_standard_user_fields();
    $drupal_fields = $profile_fields + $standard_fields;
    $form['ldap_attribute_mapping']['ldap_drupal_reverse_mapping_pre'] = array(
      '#value' => t('<div class="form-item"><label>If you selected the first or the second option above, please specify here: </label><table><thead><tr><th> Drupal field</th><th>LDAP attribute</th></tr></thead><tbody>'),
    );
    $ldap_drupal_reverse_mappings = _ldapdata_reverse_mappings($result['name']);
    foreach ($drupal_fields as $key => $field) {
      $field_tmp = "ldap_amap-" . $key;
      $_prefix = "<tr><td><label for=\"edit[{$field_tmp}]\">{$field}</label></td><td>";
      $form['ldap_attribute_mapping'][$field_tmp] = array(
        '#type' => 'textfield',
        //'#default_value' => $ldap_drupal_reverse_mappings[$key],
        '#default_value' => $mappings[$field_tmp],
        '#size' => '20',
        '#prefix' => $_prefix,
        '#suffix' => '</td>',
      );
    }
    $form['ldap_attribute_mapping']['ldap_drupal_reverse_mappings_post'] = array(
      '#value' => '</tbody></table></div>',
    );

    // ATTRIBUTE ACCESS CONTROL
    $form["ldap_editable_attributes"] = array(
      '#type' => 'fieldset',
      '#title' => 'Attribute Visibility & Access Control',
      '#collapsible' => TRUE,
      '#tree' => true,
    );
    $form["ldap_editable_attributes"]["ldap_message"] = array(
      '#value' => t('<p>Users may be able to view their LDAP attributes\' values, as well as edit them. You can configure this feature here.</p>'),
    );
    foreach ($ldap_attributes as $key => $field) {
      $fields[$key] = $field[2];
    }
    foreach ($fields as $attr => $attr_name) {
      $ro_options[$attr] = '';
      $rw_options[$attr] = '';
      if (!empty($roattrs) && in_array($attr, $roattrs)) {
        $ro_status[] = $attr;
      }
      if (!empty($rwattrs) && in_array($attr, $rwattrs)) {
        $rw_status[] = $attr;
      }
      $form['ldap_editable_attributes']['ldap_attr_table'][$attr] = array(
        //'#type' => 'markup',
        '#value' => $attr_name,
      );
    }
    $form['ldap_editable_attributes']['ro_status'] = array(
      '#type' => 'checkboxes',
      '#options' => $ro_options,
      '#default_value' => $ro_status,
    );
    $form['ldap_editable_attributes']['rw_status'] = array(
      '#type' => 'checkboxes',
      '#options' => $rw_options,
      '#default_value' => $rw_status,
    );
    $form['ldap_editable_attributes']['header'] = array(
      '#type' => 'value',
      '#value' => array(
        array(
          'data' => 'Attribute Name',
        ),
        array(
          'data' => 'Readable by User?',
        ),
        array(
          'data' => 'Editable by User?',
        ),
      ),
    );

    // ADVANCED CONFIGURATION
    $form['advanced'] = array(
      '#type' => 'fieldset',
      '#title' => 'Advanced Configuration',
      '#collapsible' => TRUE,
      '#collapsed' => TRUE,
    );
    $form['advanced']['ldap-note'] = array(
      '#value' => t('<p>When reading/editing attributes, this module logs on to the LDAP directory using the user\'s DN//pass pair. However, many LDAP setups do not allow their users to edit attributes.</p><p>If this is your case, but still you want users to edit their LDAP attributes via Drupal, you should set up an special user on your directory, with special access to edit your users\' attributes. Then this module will use it to log on and edit data.</p>'),
    );
    $form['advanced']['ldapdata_binddn'] = array(
      '#type' => 'textfield',
      '#title' => t('DN for reading/editing attributes'),
      '#default_value' => $ldapdata_binddn,
      '#size' => 50,
      '#maxlength' => 255,
    );
    if ($ldapdata_bindpw_clear || !ldapdata_bindpw) {
      $form['advanced']['ldapdata_bindpw'] = array(
        '#type' => 'password',
        '#title' => t('Password for reading/editing attributes'),
        '#size' => 50,
        '#maxlength' => 255,
      );
    }
    else {

      // given an option to clear the password
      $form['advanced']['ldapdata_bindpw_clear'] = array(
        '#type' => 'checkbox',
        '#default_value' => false,
        '#title' => t('Clear current password'),
      );
    }

    // SUBMIT
    $form['sid'] = array(
      '#type' => 'hidden',
      '#value' => $sid,
    );
    $form['buttons']['submit'] = array(
      '#type' => 'submit',
      '#value' => 'Update',
    );
    return $form;
  }
  else {
    drupal_goto('admin/settings/ldapdata');
  }
}