function ldapgroups_user_test_output in LDAP integration 6
Generate the test results for the user and ldap settings.
Parameters
Object $account:
int $sid:
String $dn:
1 call to ldapgroups_user_test_output()
- ldapgroups_user_test_submit in ./
ldapgroups.admin.inc - Submit handler for testing user against the ldapgroups settings.
File
- ./
ldapgroups.admin.inc, line 476 - Module admin page callbacks.
Code
function ldapgroups_user_test_output($account, $sid, $dn) {
global $_ldapgroups_ldap;
module_load_include('inc', 'ldapgroups', 'ldapgroups');
// Setup the global $_ldapgroups_ldap object.
if (!_ldapgroups_ldap_init($sid)) {
drupal_set_message(t('Could not initialize the LDAP connection object!'), 'error');
return FALSE;
}
// Use the lookup dn/password or announymous if not set.
// Note: This may fail if LDAP security limits access to needed info.
$bind_dn = $_ldapgroups_ldap
->getOption('binddn');
$pass = $_ldapgroups_ldap
->getOption('bindpw');
if (!$_ldapgroups_ldap
->connect($bind_dn, $pass)) {
$bind_name = empty($bind_dn) ? t("anonymous") : $bind_dn;
drupal_set_message(t('Could not bind to the LDAP server as @name!', array(
'@name' => $bind_name,
)), 'error');
return FALSE;
}
$ldap_info = ldapauth_user_lookup_by_dn($_ldapgroups_ldap, $dn, LDAPAUTH_SYNC_CONTEXT_AUTHENTICATE_DRUPAL_USER);
if (empty($ldap_info)) {
drupal_set_message(t("Could not find specified DN"));
return FALSE;
}
$name_attr = $_ldapgroups_ldap
->getOption('user_attr');
$ldap_name = isset($ldap_info[$name_attr][0]) ? $ldap_info[$name_attr][0] : $ldap_info[drupal_strtolower($name_attr)][0];
if (!$account) {
$account = ldapauth_drupal_user_lookup($_ldapgroups_ldap, $ldap_name, $dn, $error);
}
$output = '<p>';
$output .= "<b>" . t('Drupal User Info') . "</b><br/>";
if ($account) {
$output .= t("Drupal user name") . ": {$account->name}<br/>";
$output .= t("LDAP Authentified") . ": " . ($account->ldap_authentified ? "Yes" : "No") . "<br/>";
}
else {
$output .= t("No matching Drupal User found.") . "<br/>";
}
$output .= "<br/><b>" . t("LDAP User Info") . "</b><br/>";
$output .= t("LDAP server") . ": {$_ldapgroups_ldap->getOption('name')}<br/>";
$output .= t("LDAP user name") . ": {$ldap_name}<br/>";
$output .= t("LDAP dn") . ": {$dn}<br/>";
// First, we figure out the appropriate groups.
$groups = ldapgroups_groups_load($_ldapgroups_ldap, $dn, $ldap_name);
$output .= "<br/><b>" . t("User's LDAP Groups") . "</b><br/>";
if ($groups) {
foreach ($groups as $group) {
$output .= "{$group}<br/>";
}
}
else {
if ($groups === FALSE) {
$output .= t("An error occured getting group information!") . "<br/>";
}
else {
$output .= t("No groups found") . "<br/>";
}
}
$output .= "<br/><b>" . t("Server Access") . "</b><br/>";
$groups_allowed = _ldapgroups_ldap_info($sid, 'ldapgroups_groups');
if (empty($groups_allowed)) {
// Nothing to do here.
$output .= t("No access rules defined.") . "<br/>";
}
$denied = FALSE;
ldapgroups_ldap_user_deny_alter($denied, $_ldapgroups_ldap, $ldap_name, $dn, $account);
$access = !$denied ? t("Allowed") : t("Denied");
$output .= t("Server access") . ": {$access}<br/>";
$output .= "<br/><b>" . t("User's Drupal Roles") . "</b><br/>";
$role_mapping = _ldapgroups_ldap_info($sid, 'ldapgroups_mappings_filter');
switch ($role_mapping) {
case LDAPGROUPS_ROLE_MODE_AUTO:
$role_mapping_mode = t("Automatic mode");
break;
case LDAPGROUPS_ROLE_MODE_USE_MAP:
$role_mapping_mode = t("Mapping defined in server settings");
break;
case LDAPGROUPS_ROLE_MODE_DISABLED:
$role_mapping_mode = t("Role mapping disabled");
break;
}
$output .= t("Role Mapping Mode") . ": {$role_mapping_mode}<br/>";
// Is Role mapping disabled?
if ($role_mapping != LDAPGROUPS_ROLE_MODE_DISABLED) {
// Apply site-specific rules.
$filtered_groups = _ldapgroups_filter($sid, $groups);
// At this point, the roles are in the full DN format or role names.
$roles = array();
if (!empty($filtered_groups)) {
foreach ($filtered_groups as $group) {
$role = _ldapgroups_mapping($sid, $group);
$roles[] = $role;
}
}
$roles = array_unique($roles);
drupal_alter("ldap_user_roles", $roles, $account, $dn, $groups, $filtered_groups);
if (!empty($roles)) {
foreach ($roles as $role) {
$output .= "{$role}<br/>";
}
}
else {
$output .= t("No roles found") . "<br/>";
}
}
$output .= "</p>";
return $output;
}