public function SamlauthMappingEditForm::buildForm in SAML Authentication 8.3
Same name and namespace in other branches
- 4.x modules/samlauth_user_fields/src/Form/SamlauthMappingEditForm.php \Drupal\samlauth_user_fields\Form\SamlauthMappingEditForm::buildForm()
Form for adding or editing a mapping.
Parameters
array $form: An associative array containing the structure of the form.
\Drupal\Core\Form\FormStateInterface $form_state: The current state of the form.
int $mapping_id: (optional) The numeric ID of the mapping.
Return value
array The form structure.
Overrides FormInterface::buildForm
File
- modules/
samlauth_user_fields/ src/ Form/ SamlauthMappingEditForm.php, line 103
Class
- SamlauthMappingEditForm
- Form for adding a mapped SAML attribute -> user field.
Namespace
Drupal\samlauth_user_fields\FormCode
public function buildForm(array $form, FormStateInterface $form_state, $mapping_id = NULL) {
$user_fields = $this->entityFieldManager
->getFieldDefinitions('user', 'user');
$mappings = $this
->configFactory()
->get(UserFieldsEventSubscriber::CONFIG_OBJECT_NAME)
->get('field_mappings');
// @todo make code that captures all attributes from a SAML authentication
// message (only if enabled here via a special temporary option) and
// fills a list of possible attribute names. If said list is populated,
// we can present a select element in the add/edit screen - though we
// always want to keep the option for the user of entering an attribute
// name manually, so this will complicate the screen a bit.
$form['attribute_name'] = [
'#type' => 'textfield',
'#title' => $this
->t('SAML Attribute'),
'#description' => $this
->t('The name of the SAML attribute you want to sync to the user profile.'),
'#required' => TRUE,
'#default_value' => $mappings[$mapping_id]['attribute_name'] ?? NULL,
];
$options = [
'' => $this
->t('- Select -'),
];
foreach ($user_fields as $name => $field) {
if (in_array($field
->getType(), static::MAP_FIELD_TYPES, TRUE) && !in_array($name, static::PREVENT_MAP_FIELDS, TRUE)) {
$subfields = $this
->getSubFields($field);
$label = $field
->getLabel();
if ($subfields) {
foreach ($subfields as $sub_name => $sub_label) {
$options["{$name}:{$sub_name}"] = "{$label}: {$sub_label}";
}
}
else {
$options[$name] = $label;
}
}
}
$field_name = NULL;
if ($mapping_id !== NULL) {
$field_name = $mappings[$mapping_id]['field_name'];
if (!isset($options[$field_name])) {
$this
->messenger()
->addError('Currently mapped user field %name is unknown. Saving this form will change the mapping.', [
'%name' => $field_name,
]);
$field_name = NULL;
}
}
$form['field_name'] = [
'#type' => 'select',
'#title' => $this
->t('User Field'),
'#description' => $this
->t('The user field you want to sync this attribute to.'),
'#required' => TRUE,
'#options' => $options,
'#default_value' => $field_name,
];
if ($this
->config(SamlController::CONFIG_OBJECT_NAME)
->get('map_users')) {
// The huge description isn't very good UX, but we'll postpone thinking
// about it until we integrate this mapping with the mapping for
// name + email - or until someone else sends in a fix for this.
$form['link_user_order'] = [
'#type' => 'number',
'#size' => 2,
'#title' => $this
->t('Link user?'),
'#description' => $this
->t("Provide a value here if a first login should attempt to match an existing non-linked Drupal user on the basis of this field's value. The exact value only matters when multiple link attempts are defined (to determine order of attempts and/or combination with other fields). See the help text with the list for more info.") . '<br><em>' . $this
->t('Warning: if this attribute can be changed by the IdP user, this has security implications; it enables a user to influence which Drupal user they take over.') . '</em>',
'#default_value' => $mappings[$mapping_id]['link_user_order'] ?? NULL,
];
}
// Add this value so we know if it's an add or an edit.
$form['mapping_id'] = [
'#type' => 'value',
'#value' => $mapping_id,
];
$form['submit'] = [
'#type' => 'submit',
'#value' => $this
->t('Submit'),
];
return $form;
}