You are here

Home » API reference » SAML Authentication 8.3 » UserFieldsEventSubscriber.php » UserFieldsEventSubscriber

protected function UserFieldsEventSubscriber::validateAccountFieldValue in SAML Authentication 8.3

Same name and namespace in other branches
  1. 4.x modules/samlauth_user_fields/src/EventSubscriber/UserFieldsEventSubscriber.php \Drupal\samlauth_user_fields\EventSubscriber\UserFieldsEventSubscriber::validateAccountFieldValue()

Validates a value as being valid to set into a certain user account field.

This only performs validation based on the single field, so 'entity based' validation (e.g. uniqueness of a value among all users) is not done. This method logs validation violations.

Parameters

mixed $input_value: The value to (maybe) update / write into the user account field.

\Drupal\user\UserInterface $account: The Drupal user account.

string $account_field_name: The field name in the user account.

Return value

bool True if the value validated correctly

1 call to UserFieldsEventSubscriber::validateAccountFieldValue()
UserFieldsEventSubscriber::onUserSync in modules/samlauth_user_fields/src/EventSubscriber/UserFieldsEventSubscriber.php
Saves configured SAML attribute values into user fields.

File

modules/samlauth_user_fields/src/EventSubscriber/UserFieldsEventSubscriber.php, line 466

Class

UserFieldsEventSubscriber
Synchronizes SAML attributes into user fields / links new users during login.

Namespace

Drupal\samlauth_user_fields\EventSubscriber

Code

protected function validateAccountFieldValue($input_value, UserInterface $account, $account_field_name) {
  $valid = FALSE;

  // The value can be validated by making it into a 'typed data' value that
  // contains the field definition (which supposedly contains all validation
  // constraints that could apply here).
  $field_definition = $account
    ->getFieldDefinition($account_field_name);
  if ($field_definition) {
    $data = $this->typedDataManager
      ->create($field_definition, $input_value);
    $violations = $data
      ->validate();

    // Don't cancel; just log.
    foreach ($violations as $violation) {

      // We have the following options:
      // - Log just the validation message. This makes it unclear where the
      //   message comes from: it does not include the account, attribute
      //   or field name.
      // - Concatenate extra info into the validation message. This is
      //   bad for translatability of the original message.
      // - Log a second message mentioning the account and attribute name.
      //   This spams logs and isn't very clear.
      // We'll do the first, and hope that a caller will log extra info if
      // necessary, so it can choose whether or not to be 'spammy'.
      if ($violation instanceof ConstraintViolation) {
        [
          $message,
          $context,
        ] = $this
          ->getLoggableParameters($violation);
        $this->logger
          ->warning($message, $context);
      }
      else {
        $this->logger
          ->debug('Validation for user field %field encountered unloggable error (which points to an internal code error).', [
          '%field' => $account_field_name,
        ]);
      }
    }
    $valid = !$violations
      ->count();
  }
  return $valid;
}