simple_ldap_user.admin.inc in Simple LDAP 7
Same filename and directory in other branches
Functions for Simple LDAP User admin interface.
File
simple_ldap_user/simple_ldap_user.admin.incView source
<?php
/**
* @file
* Functions for Simple LDAP User admin interface.
*/
/**
* Simple LDAP User configuration form.
*/
function simple_ldap_user_admin($form, &$form_state) {
$form = array();
// Get an LDAP server object.
$server = SimpleLdapServer::singleton();
// Verify LDAP server connectivity.
if (!$server
->bind()) {
drupal_set_message(t('Unable to bind to the LDAP server.') . ' ' . l(t('Check the server configuration.'), 'admin/config/people/simple_ldap'), 'warning');
return $form;
}
// String to append to items disabled by $server->readonly.
$disabled_note = $server->readonly ? ' (' . t('Disabled by LDAP Server configuration.') . ')' : '';
// Generate a list of object classes supported by the server.
$objectclasses = $server->schema
->get('objectclasses');
foreach ($objectclasses as $key => $objectclass) {
$objectclasses[$key] = $objectclass['name'];
}
asort($objectclasses);
// Derive directory-specific values to use in the form.
switch ($server->type) {
case 'Active Directory':
$readonly = TRUE;
$objectclass_selected = simple_ldap_user_variable_get('simple_ldap_user_objectclass', NULL, TRUE);
$attribute_name_selected = simple_ldap_user_variable_get('simple_ldap_user_attribute_name', NULL, TRUE);
$attribute_mail_selected = simple_ldap_user_variable_get('simple_ldap_user_attribute_mail', NULL, TRUE);
$attribute_pass_selected = simple_ldap_user_variable_get('simple_ldap_user_attribute_pass', NULL, TRUE);
$password_hash_selected = simple_ldap_user_variable_get('simple_ldap_user_password_hash', NULL, TRUE);
$attribute_rdn_selected = simple_ldap_user_variable_get('simple_ldap_user_attribute_rdn', NULL, TRUE);
// Generate a list of attributes for the selected objectclass.
$attributes = array(
$attribute_name_selected => $attribute_name_selected,
$attribute_mail_selected => $attribute_mail_selected,
$attribute_pass_selected => $attribute_pass_selected,
$attribute_rdn_selected => $attribute_rdn_selected,
);
break;
case 'OpenLDAP':
default:
$readonly = FALSE;
$objectclass_selected = isset($form_state['values']['simple_ldap_user_objectclass']) ? $form_state['values']['simple_ldap_user_objectclass'] : simple_ldap_user_variable_get('simple_ldap_user_objectclass');
$attribute_name_selected = isset($form_state['values']['simple_ldap_user_attribute_name']) ? $form_state['values']['simple_ldap_user_attribute_name'] : simple_ldap_user_variable_get('simple_ldap_user_attribute_name');
$attribute_mail_selected = isset($form_state['values']['simple_ldap_user_attribute_mail']) ? $form_state['values']['simple_ldap_user_attribute_mail'] : simple_ldap_user_variable_get('simple_ldap_user_attribute_mail');
$attribute_pass_selected = isset($form_state['values']['simple_ldap_user_attribute_pass']) ? $form_state['values']['simple_ldap_user_attribute_pass'] : simple_ldap_user_variable_get('simple_ldap_user_attribute_pass');
$password_hash_selected = simple_ldap_user_variable_get('simple_ldap_user_password_hash');
$attribute_rdn_selected = simple_ldap_user_variable_get('simple_ldap_user_attribute_rdn');
// Generate a list of attributes for the selected objectclass.
$attributes = array();
foreach ($objectclass_selected as $objectclass) {
try {
$result = $server->schema
->attributes($objectclass, TRUE);
foreach ($result as $attribute) {
$attributes[strtolower($attribute)] = $attribute;
}
} catch (SimpleLdapException $e) {
// Just absorb the exception. This means that an objectclass was
// specified that does not exist on the server. Just don't add any
// attributes to the list in this case.
}
}
asort($attributes);
}
$form['user'] = array(
'#type' => 'fieldset',
'#title' => t('LDAP Users'),
);
$form['user']['simple_ldap_user_basedn'] = array(
'#type' => 'textfield',
'#title' => t('Base DN'),
'#default_value' => simple_ldap_user_variable_get('simple_ldap_user_basedn'),
'#required' => TRUE,
'#description' => t('The Base DN that will be searched for user accounts.'),
);
$form['user']['simple_ldap_user_scope'] = array(
'#type' => 'radios',
'#title' => t('Search scope'),
'#options' => array(
'sub' => t('Subtree') . ' - ' . t('Search the base DN and all of its children for user accounts.'),
'one' => t('One-level') . ' - ' . t('Do not include children of the base DN while searching for user accounts.'),
),
'#required' => TRUE,
'#default_value' => simple_ldap_user_variable_get('simple_ldap_user_scope'),
);
$form['user']['simple_ldap_user_objectclass'] = array(
'#type' => 'select',
'#title' => t('User objectClass'),
'#options' => $objectclasses,
'#default_value' => $objectclass_selected,
'#required' => TRUE,
'#multiple' => TRUE,
'#size' => 10,
'#description' => t('Which LDAP objectClass should be used when searching for, or creating, a user.'),
'#disabled' => $readonly,
'#ajax' => array(
'callback' => 'simple_ldap_user_objectclass_ajax',
'wrapper' => 'simple-ldap-user-attributes',
),
);
$form['user']['simple_ldap_user_attribute_name'] = array(
'#type' => 'select',
'#title' => t('Username attribute'),
'#prefix' => '<div id="simple-ldap-user-attributes">',
'#options' => $attributes,
'#required' => TRUE,
'#description' => t('Which LDAP attribute should be mapped to a Drupal username.') . ' ' . t('This is commonly "cn" or "uid".'),
'#disabled' => $readonly,
);
// Set default value if it exists in the list of attributes. If a default
// value is not set, the empty option is selected.
if (array_key_exists($attribute_name_selected, $attributes)) {
$form['user']['simple_ldap_user_attribute_name']['#default_value'] = $attribute_name_selected;
}
$form['user']['simple_ldap_user_attribute_mail'] = array(
'#type' => 'select',
'#title' => t('Email attribute'),
'#options' => $attributes,
'#required' => TRUE,
'#description' => t("Which LDAP attribute should be mapped to a Drupal user's email address.") . ' ' . t('This is commonly "mail".'),
'#disabled' => $readonly,
);
// Set default value if it exists in the list of attributes. If a default
// value is not set, the empty option is selected.
if (array_key_exists($attribute_mail_selected, $attributes)) {
$form['user']['simple_ldap_user_attribute_mail']['#default_value'] = $attribute_mail_selected;
}
$form['user']['simple_ldap_user_attribute_pass'] = array(
'#type' => 'select',
'#title' => t('Password attribute') . $disabled_note,
'#suffix' => '</div>',
'#options' => $attributes,
'#description' => t("Which LDAP attribute should be mapped to a Drupal user's password.") . ' ' . t('This is only used for password resets, not for authentication, and is commonly "userPassword".'),
'#disabled' => $readonly || $server->readonly,
'#empty_value' => FALSE,
);
// Set default value if it exists in the list of attributes. If a default
// value is not set, the empty option is selected.
if (array_key_exists($attribute_pass_selected, $attributes)) {
$form['user']['simple_ldap_user_attribute_pass']['#default_value'] = $attribute_pass_selected;
}
$form['user']['simple_ldap_user_password_hash'] = array(
'#type' => 'select',
'#title' => t('Password hashing algorithm') . $disabled_note,
'#options' => SimpleLdap::hashes(),
'#description' => t('Which encryption algorithm should be used to encrypt passwords when writing to LDAP.'),
'#disabled' => $readonly || $server->readonly,
'#default_value' => $password_hash_selected,
'#empty_value' => 'none',
);
// LDAP user admin advanced form.
$form['advanced'] = array(
'#type' => 'fieldset',
'#title' => t('Advanced'),
'#collapsible' => TRUE,
'#collapsed' => TRUE,
);
$form['advanced']['simple_ldap_user_filter'] = array(
'#type' => 'textfield',
'#title' => t('Search filter'),
'#default_value' => simple_ldap_user_variable_get('simple_ldap_user_filter'),
'#description' => t('This filter will be combined with the normal search filter to find users.') . ' ' . t('This can be used to require a certain attribute be present, for example.'),
);
$form['advanced']['simple_ldap_user_source'] = array(
'#type' => 'radios',
'#title' => t('Authoritative data source') . $disabled_note,
'#options' => array(
'ldap' => t('LDAP'),
'drupal' => t('Drupal'),
),
'#default_value' => simple_ldap_user_variable_get('simple_ldap_user_source'),
'#disabled' => $server->readonly,
'#description' => t('This determines the behavior of the data sync in the event of a conflict between LDAP and Drupal.'),
);
$form['advanced']['simple_ldap_user_sync'] = array(
'#type' => 'radios',
'#title' => t('Synchronization trigger'),
'#options' => array(
'hook_user_load' => t('Every time a user object is loaded from the database.') . ' (' . t('More real-time, best if there are frequent changes.') . ')',
'hook_user_login' => t('Every time a user logs in.') . ' (' . t('Less LDAP traffic, best if changes are rare.') . ')',
),
'#default_value' => simple_ldap_user_variable_get('simple_ldap_user_sync'),
);
$form['advanced']['simple_ldap_user_delete_from_ldap'] = array(
'#type' => 'radios',
'#title' => t('Delete from LDAP on user delete?'),
'#options' => array(
'0' => t('Never'),
'1' => t('Always'),
),
'#default_value' => simple_ldap_user_variable_get('simple_ldap_user_delete_from_ldap'),
);
$map_object = SimpleLdapUserMap::singleton();
if ($attribute_map = $map_object->map) {
$table = '<table>';
$table .= '<thead><tr><th>' . t('LDAP attribute') . '</th><th>' . t('Drupal attribute') . '</th></tr></thead>';
$table .= '<tbody>';
$class = 'odd';
foreach ($attribute_map as $item) {
$table .= '<tr class="' . $class . '">';
$table .= '<td>' . $item['ldap'] . '</td>';
$table .= '<td>' . implode(' ', $item['drupal']) . '</td>';
$table .= '</tr>';
$class = $class == 'odd' ? 'even' : 'odd';
}
$table .= '</tbody></table>';
$t_args = array(
'@file' => 'settings.php',
'@variable' => '$conf[\'simple_ldap_user_attribute_map\']',
'@readme' => 'README.txt',
);
$form['advanced']['simple_ldap_user_attribute_map'] = array(
'#type' => 'item',
'#title' => t('Attribute map'),
'#description' => t('Additional attribute maps can be specified in @file using @variable. See @readme for more details', $t_args),
'#markup' => $table,
);
$form['advanced']['simple_ldap_user_attribute_rdn'] = array(
'#type' => 'select',
'#title' => t('Relative Distinguished Name (RDN) attribute'),
'#options' => $map_object
->getFormOptions(),
'#empty_value' => '',
'#default_value' => $attribute_rdn_selected,
'#description' => t('Any of the mapped attributes can be used as the RDN value when provisioning a new LDAP user entry.') . ' ' . t('If set to "None", the Username attribute specified above will be used.'),
'#disabled' => $readonly,
);
}
return system_settings_form($form);
}
/**
* Handle simple_ldap_user_objectclass ajax calls.
*/
function simple_ldap_user_objectclass_ajax($form, $form_state) {
return array(
$form['user']['simple_ldap_user_attribute_name'],
$form['user']['simple_ldap_user_attribute_mail'],
$form['user']['simple_ldap_user_attribute_pass'],
);
}
/**
* Form to handle mass user import.
*/
function simple_ldap_user_import($form, &$form_state) {
$form = array();
// Get LDAP Configuration.
$server = SimpleLdapServer::singleton();
$basedn = simple_ldap_user_variable_get('simple_ldap_user_basedn');
$scope = simple_ldap_user_variable_get('simple_ldap_user_scope');
$attribute_name = strtolower(simple_ldap_user_variable_get('simple_ldap_user_attribute_name'));
$filter = '(&(' . $attribute_name . '=*)' . SimpleLdapUser::filter() . ')';
// Get a list of users that would be imported.
$ldap_users = SimpleLdap::clean($server
->search($basedn, $filter, $scope, array(
'dn',
$attribute_name,
)));
// Reformat the LDAP array.
$users = array();
foreach ($ldap_users as $dn => $entry) {
$users[$entry[$attribute_name][0]] = $entry[$attribute_name][0];
}
asort($users);
$form['users'] = array(
'#type' => 'checkboxes',
'#title' => t('Import these users') . ' (' . count($users) . ')',
'#options' => $users,
'#default_value' => array_keys($users),
'#checkall' => TRUE,
);
$form['submit'] = array(
'#type' => 'submit',
'#value' => t('Import'),
);
return $form;
}
/**
* Submit handler for mass user import.
*/
function simple_ldap_user_import_submit($form, &$form_state) {
$operations = array();
foreach ($form_state['input']['users'] as $user) {
if (!empty($user)) {
$operations[] = array(
'simple_ldap_user_import_user',
array(
$user,
),
);
}
}
$form_state['redirect'] = 'admin/people';
$batch = array(
'operations' => $operations,
'finished' => 'simple_ldap_user_import_finished',
'file' => drupal_get_path('module', 'simple_ldap_user') . '/simple_ldap_user.admin.inc',
);
batch_set($batch);
}
/**
* Batch process function for mass user import.
*/
function simple_ldap_user_import_user($name, &$context) {
$drupal_user = simple_ldap_user_load_or_create_by_name($name);
$context['message'] = 'Importing ' . $name;
$context['results'][$name] = !empty($drupal_user);
}
/**
* Called when the mass user import batch is finished.
*/
function simple_ldap_user_import_finished($success, $results, $operations) {
if ($success) {
drupal_set_message(t('Imported @count users from LDAP.', array(
'@count' => count($results),
)));
}
else {
drupal_set_message(t('A problem occurred while importing the users from LDAP.'));
}
}Functions
Name |
Description |
|---|---|
| simple_ldap_user_admin | Simple LDAP User configuration form. |
| simple_ldap_user_import | Form to handle mass user import. |
| simple_ldap_user_import_finished | Called when the mass user import batch is finished. |
| simple_ldap_user_import_submit | Submit handler for mass user import. |
| simple_ldap_user_import_user | Batch process function for mass user import. |
| simple_ldap_user_objectclass_ajax | Handle simple_ldap_user_objectclass ajax calls. |