You are here

Home » API reference » LDAP integration 6 » ldapgroups.inc

function ldapgroups_groups_load in LDAP integration 6

Create an array of LDAP groups related to a dn/user.

Parameters

LDAPInterface $ldap An initialized LDAP server interface object.:

String $name The ldap user name (from login form):

String $dn The user's dn:

Return value

An array of user groups, an empty array if none found and FALSE if none defined/could not search LDAP.

4 calls to ldapgroups_groups_load()
ldapgroups_ldap_user_deny_alter in ./ldapgroups.module
Implementation of hook_ldap_user_deny_alter.
ldapgroups_user_test_output in ./ldapgroups.admin.inc
Generate the test results for the user and ldap settings.
_ldapgroups_detect_groups in ./ldapgroups.inc
Detect user groups from the LDAP.
_ldapsync_process_entry in ./ldapsync.module
Take an ldap object entry and determine if there is an existing account or a new account needs to be created.

File

./ldapgroups.inc, line 122
ldapgroups include file.

Code

function ldapgroups_groups_load($ldap, $dn, $name, $reset = FALSE) {
  static $groups_cache = array();
  if ($reset) {
    $groups_cache = array();
  }
  if (!$ldap) {

    // allow cache clearing only calls.
    return FALSE;
  }
  if (!isset($groups_cache[$dn])) {
    $sid = $ldap
      ->getOption('sid');

    // Nothing to do if there are no groups configured.
    if (!ldapgroups_is_configured($sid)) {
      return FALSE;
    }

    // Strategy 1: group extracted from user's DN.
    $dn_groups = array();
    if (_ldapgroups_ldap_info($sid, 'ldapgroups_in_dn')) {
      $pairs = ldap_explode_dn($dn, 0);
      foreach ($pairs as $p) {
        $pair = explode('=', $p);
        if (drupal_strtolower(trim($pair[0])) == drupal_strtolower(_ldapgroups_ldap_info($sid, 'ldapgroups_dn_attribute'))) {
          $dn_groups[] = trim($pair[1]);
        }
      }
    }

    // Strategy 2: groups in user attributes.
    $attrib_groups = array();
    if (_ldapgroups_ldap_info($sid, 'ldapgroups_in_attr')) {
      foreach (_ldapgroups_ldap_info($sid, 'ldapgroups_attr') as $attribute) {
        $attrib_groups = array_merge($attrib_groups, $ldap
          ->retrieveMultiAttribute($dn, $attribute));
      }
    }

    // Strategy 3: groups as entries.
    $entries_groups = array();
    $ldapgroups_entries_attribute = _ldapgroups_ldap_info($sid, 'ldapgroups_entries_attribute');
    if (_ldapgroups_ldap_info($sid, 'ldapgroups_as_entries')) {
      foreach (_ldapgroups_ldap_info($sid, 'ldapgroups_entries') as $branch) {
        $entries = $ldap
          ->search($branch, $ldapgroups_entries_attribute . '=' . $dn, array(
          $ldapgroups_entries_attribute,
        ));
        if (empty($entries) || $entries['count'] == 0) {
          $entries = $ldap
            ->search($branch, $ldapgroups_entries_attribute . '=' . $name, array(
            $ldapgroups_entries_attribute,
          ));
        }
        foreach ($entries as $entry) {
          if (isset($entry['dn'])) {
            $entries_groups[] = $entry['dn'];
          }
        }
      }
    }
    $groups = array_unique(array_merge($dn_groups, $attrib_groups, $entries_groups));

    // Allow other modules to modify user groups.
    drupal_alter("ldap_user_groups", $groups, $ldap, $dn, $name);
    $groups_cache[$dn] = $groups;
  }
  return $groups_cache[$dn];
}