function shib_auth_save_roles in Shibboleth Authentication 6.4
Same name and namespace in other branches
- 7.4 shib_auth.module \shib_auth_save_roles()
Unfortunately if we called user_save() on updating roles, we would possibly lose profile fields. Therefore we hack with the {users_roles} table
1 call to shib_auth_save_roles()
- shib_auth_assignroles in ./
shib_auth.module - The admin can define authorization rules based on the server variables (possibly provided by Shibboleth IdP) to give roles to users. The rules can be defined as a [server field - Regexp - role(s)] triplet
File
- ./
shib_auth.module, line 1136 - Drupal Shibboleth authentication module.
Code
function shib_auth_save_roles() {
global $user;
// We won't modify system users
if (!$user->uid || $user->uid <= 1) {
return;
}
if (isset($user->roles)) {
db_query('DELETE FROM {users_roles} WHERE uid = %d', $user->uid);
foreach (array_keys($user->roles) as $rid) {
if (!in_array($rid, array(
DRUPAL_ANONYMOUS_RID,
DRUPAL_AUTHENTICATED_RID,
))) {
db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $user->uid, $rid);
}
}
}
}