public function SimplesamlphpDrupalAuth::getMatchingRoles in simpleSAMLphp Authentication 8.3
Get matching user roles to assign to user.
Matching roles are based on retrieved SimpleSAMLphp attributes.
Return value
array List of matching roles to assign to user.
1 call to SimplesamlphpDrupalAuth::getMatchingRoles()
- SimplesamlphpDrupalAuth::roleMatchSync in src/
Service/ SimplesamlphpDrupalAuth.php - Synchronizes (adds/removes) user account roles.
File
- src/
Service/ SimplesamlphpDrupalAuth.php, line 339
Class
- SimplesamlphpDrupalAuth
- Service to link SimpleSAMLphp authentication with Drupal users.
Namespace
Drupal\simplesamlphp_auth\ServiceCode
public function getMatchingRoles() {
$roles = [];
// Obtain the role map stored. The role map is a concatenated string of
// rules which, when SimpleSAML attributes on the user match, will add
// roles to the user.
// The full role map string, when mapped to the variables below, presents
// itself thus:
// $role_id:$key,$op,$value;$key,$op,$value;|$role_id:$key,$op,$value etc.
if ($rolemap = $this->config
->get('role.population')) {
foreach (explode('|', $rolemap) as $rolerule) {
list($role_id, $role_eval) = explode(':', $rolerule, 2);
foreach (explode(';', $role_eval) as $role_eval_part) {
if ($this
->evalRoleRule($role_eval_part)) {
$roles[$role_id] = $role_id;
}
}
}
}
$attributes = $this->simplesamlAuth
->getAttributes();
$this->moduleHandler
->alter('simplesamlphp_auth_user_roles', $roles, $attributes);
return $roles;
}