protected function SimplesamlphpDrupalAuth::evalRoleRule in simpleSAMLphp Authentication 8.3
Determines whether a role should be added to an account.
Parameters
string $role_eval_part: Part of the role evaluation rule.
Return value
bool Whether a role should be added to the Drupal account.
1 call to SimplesamlphpDrupalAuth::evalRoleRule()
- SimplesamlphpDrupalAuth::getMatchingRoles in src/
Service/ SimplesamlphpDrupalAuth.php - Get matching user roles to assign to user.
File
- src/
Service/ SimplesamlphpDrupalAuth.php, line 374
Class
- SimplesamlphpDrupalAuth
- Service to link SimpleSAMLphp authentication with Drupal users.
Namespace
Drupal\simplesamlphp_auth\ServiceCode
protected function evalRoleRule($role_eval_part) {
list($key, $op, $value) = explode(',', $role_eval_part);
$attributes = $this->simplesamlAuth
->getAttributes();
if ($this->config
->get('debug')) {
$this->logger
->debug('Evaluate rule (key=%key,operator=%op,value=%val', [
'%key' => $key,
'%op' => $op,
'%val' => $value,
]);
}
if (!array_key_exists($key, $attributes)) {
return FALSE;
}
$attribute = $attributes[$key];
// A '=' requires the $value exactly matches the $attribute, A '@='
// requires the portion after a '@' in the $attribute to match the
// $value and a '~=' allows the value to match any part of any
// element in the $attribute array.
switch ($op) {
case '=':
return in_array($value, $attribute);
case '@=':
list($before, $after) = explode('@', array_shift($attribute));
return $after == $value;
case '~=':
return array_filter($attribute, function ($subattr) use ($value) {
return strpos($subattr, $value) !== FALSE;
});
}
}