function simple_ldap_active_group_blocked in Simple LDAP 7.2
Same name and namespace in other branches
- 7 contrib/simple_ldap_active_group/simple_ldap_active_group.module \simple_ldap_active_group_blocked()
Removes a user from the configured default LDAP group.
@throw SimpleLdapException
2 calls to simple_ldap_active_group_blocked()
- simple_ldap_active_group_user_insert in contrib/
simple_ldap_active_group/ simple_ldap_active_group.module - Implements hook_user_insert().
- simple_ldap_active_group_user_update in contrib/
simple_ldap_active_group/ simple_ldap_active_group.module - Implements hook_user_update().
File
- contrib/
simple_ldap_active_group/ simple_ldap_active_group.module, line 105 - Main simple_ldap_active_group module file.
Code
function simple_ldap_active_group_blocked($account) {
$user_basedn = variable_get('simple_ldap_user_basedn');
$user_scope = variable_get('simple_ldap_user_scope');
$user_attribute_name = variable_get('simple_ldap_user_attribute_name');
$user_filter = '(&(' . $user_attribute_name . '=' . $account->name . ')' . simple_ldap_active_group_filter() . ')';
$group_dn = variable_get('simple_ldap_active_group_group');
// Search for the LDAP user and group.
$server = SimpleLdapServer::singleton();
$ldap_user = $server
->search($user_basedn, $user_filter, $user_scope);
$ldap_group = $server
->search($group_dn, 'objectclass=*', 'base');
// Verify that a user and group were both found in LDAP.
if ($ldap_group['count'] > 0 && $ldap_user['count'] > 0) {
$user_dn = $ldap_user[0]['dn'];
// Check if the user is in the group.
if (in_array($user_dn, $ldap_group[0]['member'])) {
// Check if the user is the last member of the group.
if ($ldap_group[0]['member']['count'] == 1) {
$server
->modify($group_dn, array(
'member' => variable_get('simple_ldap_role_attribute_member_default'),
), 'add');
}
// Delete the user from the group.
$server
->modify($group_dn, array(
'member' => $user_dn,
), 'del');
}
}
}