function _ldapgroups_detect_groups in LDAP integration 6
Same name and namespace in other branches
- 5.2 ldapgroups.module \_ldapgroups_detect_groups()
- 5 ldapgroups.module \_ldapgroups_detect_groups()
Detect user groups from the LDAP.
Parameters
$account: A user object that has already been checked if it is "ldap_authentified".
Return value
An array of user groups, an empty array if none found and FALSE if none defined/could not search LDAP.
1 call to _ldapgroups_detect_groups()
- ldapgroups_user_login in ./
ldapgroups.inc - Implements hook_user() login operation.
File
- ./
ldapgroups.inc, line 81 - ldapgroups include file.
Code
function _ldapgroups_detect_groups($account) {
global $_ldapgroups_ldap;
// Nothing to do if there are no groups configured.
if (!ldapgroups_is_configured($account->ldap_config)) {
return FALSE;
}
// First try to connect with the stored user's DN and password.
// If unsuccessful, connect with the BINDDN and BINDPW stored in the database for this config.
$dn = isset($_SESSION['ldap_login']['dn']) ? $_SESSION['ldap_login']['dn'] : '';
$pass = isset($_SESSION['ldap_login']['pass']) ? $_SESSION['ldap_login']['pass'] : '';
// If I try to connect using a blank dn and pass, I dont get an error until ldap_read,
// so I just check to see if they would be blank, based on ldap_forget_passwords, and
// make it read from the database.
if (LDAPAUTH_FORGET_PASSWORDS || !$_ldapgroups_ldap
->connect($dn, $pass)) {
$row2 = db_fetch_object(db_query("SELECT binddn, bindpw FROM {ldapauth} WHERE sid = %d", $_ldapgroups_ldap
->getOption('sid')));
$dn = $row2->binddn;
$pass = $row2->bindpw;
if (!$_ldapgroups_ldap
->connect($dn, $pass)) {
watchdog('ldapgroups', "User login: user %name data could not be read in the LDAP directory", array(
'%name' => $account->name,
), WATCHDOG_WARNING);
return FALSE;
}
}
$groups = ldapgroups_groups_load($_ldapgroups_ldap, $account->ldap_dn, $account->name);
$_ldapgroups_ldap
->disconnect();
return $groups;
}