function ldapgroups_user_login in LDAP integration 5
Same name and namespace in other branches
- 5.2 ldapgroups.module \ldapgroups_user_login()
- 6 ldapgroups.inc \ldapgroups_user_login()
1 call to ldapgroups_user_login()
- ldapgroups_user in ./
ldapgroups.module - Implementation of hook_user()
File
- ./
ldapgroups.module, line 233
Code
function ldapgroups_user_login(&$user) {
if (!$user->ldap_authentified) {
return true;
}
// setup the global $ldapdata_ldap object
if (!_ldapgroups_ldap_init($user)) {
return;
}
// First, we take every mapped role from the user, later below
// we'll grant back those deserved.
//dsm($user);
$user->ldap_drupal_roles = isset($user->ldap_drupal_roles) ? $user->ldap_drupal_roles : array();
foreach ($user->ldap_drupal_roles as $role) {
//dsm($role);
_ldapgroups_deny_role($user, $role);
}
// Then, we figure out the appropriate groups
$groups = _ldapgroups_detect_groups($user);
if ($groups === false) {
// Oh, this means this user didn't even have to be here. Bye!
return true;
}
// Next, we apply site-specific rules
if (function_exists('ldapgroups_roles_filter')) {
$roles = ldapgroups_roles_filter($groups);
}
else {
// grant all the roles
$roles = $groups;
}
// At this point, the roles are in the full DN format
// Turn them in into friendly names
// Finally, we grant the roles
//need to check for empty roles
if ($roles) {
foreach ($roles as $role) {
$friendly_role = _ldapgroups_translate_role($role);
_ldapgroups_create_role($friendly_role);
_ldapgroups_grant_role($user, $friendly_role);
}
}
// Store roles in the user object so we know which ones
// were granted here
user_save($user, array(
'ldap_drupal_roles' => $roles,
));
}