/**
* {@inheritdoc}
*/
public function buildForm(array $form, FormStateInterface $form_state)
{
$user = $this->currentUser();
$this->cancelMethods = user_cancel_methods();
// Display account cancellation method selection, if allowed.
$admin_access = $user->hasPermission('administer users');
$form['user_cancel_method'] = array('#type' => 'radios', '#title' => $this->entity->id() == $user->id() ? $this->t('When cancelling your account') : $this->t('When cancelling the account'), '#access' => $admin_access || $user->hasPermission('select account cancellation method'));
$form['user_cancel_method'] += $this->cancelMethods;
// Allow user administrators to skip the account cancellation confirmation
// mail (by default), as long as they do not attempt to cancel their own
// account.
$override_access = $admin_access && $this->entity->id() != $user->id();
$form['user_cancel_confirm'] = array('#type' => 'checkbox', '#title' => $this->t('Require email confirmation to cancel account.'), '#default_value' => !$override_access, '#access' => $override_access, '#description' => $this->t('When enabled, the user must confirm the account cancellation via email.'));
// Also allow to send account canceled notification mail, if enabled.
$default_notify = $this->config('user.settings')->get('notify.status_canceled');
$form['user_cancel_notify'] = array('#type' => 'checkbox', '#title' => $this->t('Notify user when account is canceled.'), '#default_value' => $override_access ? FALSE : $default_notify, '#access' => $override_access && $default_notify, '#description' => $this->t('When enabled, the user will receive an email notification after the account has been canceled.'));
// Always provide entity id in the same form key as in the entity edit form.
$form['uid'] = array('#type' => 'value', '#value' => $this->entity->id());
$form = parent::buildForm($form, $form_state);
return $form;
}
/**
* {@inheritdoc}
*/
public function buildForm(array $form, array &$form_state)
{
// Retrieve the accounts to be canceled from the temp store.
$accounts = $this->tempStoreFactory->get('user_user_operations_cancel')->get($this->currentUser()->id());
if (!$accounts) {
return new RedirectResponse($this->url('user.admin_account', [], ['absolute' => TRUE]));
}
$form['accounts'] = array('#prefix' => '<ul>', '#suffix' => '</ul>', '#tree' => TRUE);
foreach ($accounts as $uid => $account) {
// Prevent user 1 from being canceled.
if ($uid <= 1) {
continue;
}
$form['accounts'][$uid] = array('#type' => 'hidden', '#value' => $uid, '#prefix' => '<li>', '#suffix' => String::checkPlain($account->label()) . "</li>\n");
}
// Output a notice that user 1 cannot be canceled.
if (isset($accounts[1])) {
$redirect = count($accounts) == 1;
$message = $this->t('The user account %name cannot be canceled.', array('%name' => $accounts[1]->label()));
drupal_set_message($message, $redirect ? 'error' : 'warning');
// If only user 1 was selected, redirect to the overview.
if ($redirect) {
return new RedirectResponse($this->url('user.admin_account', [], ['absolute' => TRUE]));
}
}
$form['operation'] = array('#type' => 'hidden', '#value' => 'cancel');
$form['user_cancel_method'] = array('#type' => 'radios', '#title' => $this->t('When cancelling these accounts'));
$form['user_cancel_method'] += user_cancel_methods();
// Allow to send the account cancellation confirmation mail.
$form['user_cancel_confirm'] = array('#type' => 'checkbox', '#title' => $this->t('Require email confirmation to cancel account.'), '#default_value' => FALSE, '#description' => $this->t('When enabled, the user must confirm the account cancellation via email.'));
// Also allow to send account canceled notification mail, if enabled.
$form['user_cancel_notify'] = array('#type' => 'checkbox', '#title' => $this->t('Notify user when account is canceled.'), '#default_value' => FALSE, '#access' => $this->config('user.settings')->get('notify.status_canceled'), '#description' => $this->t('When enabled, the user will receive an email notification after the account has been canceled.'));
$form = parent::buildForm($form, $form_state);
return $form;
}
/**
* {@inheritdoc}
*/
public function buildForm(array $form, FormStateInterface $form_state)
{
$form = parent::buildForm($form, $form_state);
$config = $this->config('user.settings');
$mail_config = $this->config('user.mail');
$site_config = $this->config('system.site');
$form['#attached']['library'][] = 'user/drupal.user.admin';
// Settings for anonymous users.
$form['anonymous_settings'] = array('#type' => 'details', '#title' => $this->t('Anonymous users'), '#open' => TRUE);
$form['anonymous_settings']['anonymous'] = array('#type' => 'textfield', '#title' => $this->t('Name'), '#default_value' => $config->get('anonymous'), '#description' => $this->t('The name used to indicate anonymous users.'), '#required' => TRUE);
// Administrative role option.
$form['admin_role'] = array('#type' => 'details', '#title' => $this->t('Administrator role'), '#open' => TRUE);
// Do not allow users to set the anonymous or authenticated user roles as the
// administrator role.
$roles = user_role_names(TRUE);
unset($roles[RoleInterface::AUTHENTICATED_ID]);
$admin_roles = $this->roleStorage->getQuery()->condition('is_admin', TRUE)->execute();
$default_value = reset($admin_roles);
$form['admin_role']['user_admin_role'] = array('#type' => 'select', '#title' => $this->t('Administrator role'), '#empty_value' => '', '#default_value' => $default_value, '#options' => $roles, '#description' => $this->t('This role will be automatically assigned new permissions whenever a module is enabled. Changing this setting will not affect existing permissions.'), '#access' => count($admin_roles) <= 1);
// @todo Remove this check once language settings are generalized.
if ($this->moduleHandler->moduleExists('content_translation')) {
$form['language'] = array('#type' => 'details', '#title' => $this->t('Language settings'), '#open' => TRUE, '#tree' => TRUE);
$form_state->set(['content_translation', 'key'], 'language');
$form['language'] += content_translation_enable_widget('user', 'user', $form, $form_state);
}
// User registration settings.
$form['registration_cancellation'] = array('#type' => 'details', '#title' => $this->t('Registration and cancellation'), '#open' => TRUE);
$form['registration_cancellation']['user_register'] = array('#type' => 'radios', '#title' => $this->t('Who can register accounts?'), '#default_value' => $config->get('register'), '#options' => array(USER_REGISTER_ADMINISTRATORS_ONLY => $this->t('Administrators only'), USER_REGISTER_VISITORS => $this->t('Visitors'), USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL => $this->t('Visitors, but administrator approval is required')));
$form['registration_cancellation']['user_email_verification'] = array('#type' => 'checkbox', '#title' => $this->t('Require email verification when a visitor creates an account'), '#default_value' => $config->get('verify_mail'), '#description' => $this->t('New users will be required to validate their email address prior to logging into the site, and will be assigned a system-generated password. With this setting disabled, users will be logged in immediately upon registering, and may select their own passwords during registration.'));
$form['registration_cancellation']['user_password_strength'] = array('#type' => 'checkbox', '#title' => $this->t('Enable password strength indicator'), '#default_value' => $config->get('password_strength'));
$form['registration_cancellation']['user_cancel_method'] = array('#type' => 'radios', '#title' => $this->t('When cancelling a user account'), '#default_value' => $config->get('cancel_method'), '#description' => $this->t('Users with the %select-cancel-method or %administer-users <a href="@permissions-url">permissions</a> can override this default method.', array('%select-cancel-method' => $this->t('Select method for cancelling account'), '%administer-users' => $this->t('Administer users'), '@permissions-url' => $this->url('user.admin_permissions'))));
$form['registration_cancellation']['user_cancel_method'] += user_cancel_methods();
foreach (Element::children($form['registration_cancellation']['user_cancel_method']) as $key) {
// All account cancellation methods that specify #access cannot be
// configured as default method.
// @see hook_user_cancel_methods_alter()
if (isset($form['registration_cancellation']['user_cancel_method'][$key]['#access'])) {
$form['registration_cancellation']['user_cancel_method'][$key]['#access'] = FALSE;
}
}
// Default notifications address.
$form['mail_notification_address'] = array('#type' => 'email', '#title' => $this->t('Notification email address'), '#default_value' => $site_config->get('mail_notification'), '#description' => $this->t("The email address to be used as the 'from' address for all account notifications listed below. If <em>'Visitors, but administrator approval is required'</em> is selected above, a notification email will also be sent to this address for any new registrations. Leave empty to use the default system email address <em>(%site-email).</em>", array('%site-email' => $site_config->get('mail'))), '#maxlength' => 180);
$form['email'] = array('#type' => 'vertical_tabs', '#title' => $this->t('Emails'));
// These email tokens are shared for all settings, so just define
// the list once to help ensure they stay in sync.
$email_token_help = $this->t('Available variables are: [site:name], [site:url], [user:name], [user:mail], [site:login-url], [site:url-brief], [user:edit-url], [user:one-time-login-url], [user:cancel-url].');
$form['email_admin_created'] = array('#type' => 'details', '#title' => $this->t('Welcome (new user created by administrator)'), '#open' => $config->get('register') == USER_REGISTER_ADMINISTRATORS_ONLY, '#description' => $this->t('Edit the welcome email messages sent to new member accounts created by an administrator.') . ' ' . $email_token_help, '#group' => 'email');
$form['email_admin_created']['user_mail_register_admin_created_subject'] = array('#type' => 'textfield', '#title' => $this->t('Subject'), '#default_value' => $mail_config->get('register_admin_created.subject'), '#maxlength' => 180);
$form['email_admin_created']['user_mail_register_admin_created_body'] = array('#type' => 'textarea', '#title' => $this->t('Body'), '#default_value' => $mail_config->get('register_admin_created.body'), '#rows' => 15);
$form['email_pending_approval'] = array('#type' => 'details', '#title' => $this->t('Welcome (awaiting approval)'), '#open' => $config->get('register') == USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL, '#description' => $this->t('Edit the welcome email messages sent to new members upon registering, when administrative approval is required.') . ' ' . $email_token_help, '#group' => 'email');
$form['email_pending_approval']['user_mail_register_pending_approval_subject'] = array('#type' => 'textfield', '#title' => $this->t('Subject'), '#default_value' => $mail_config->get('register_pending_approval.subject'), '#maxlength' => 180);
$form['email_pending_approval']['user_mail_register_pending_approval_body'] = array('#type' => 'textarea', '#title' => $this->t('Body'), '#default_value' => $mail_config->get('register_pending_approval.body'), '#rows' => 8);
$form['email_pending_approval_admin'] = array('#type' => 'details', '#title' => $this->t('Admin (user awaiting approval)'), '#open' => $config->get('register') == USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL, '#description' => $this->t('Edit the email notifying the site administrator that there are new members awaiting administrative approval.') . ' ' . $email_token_help, '#group' => 'email');
$form['email_pending_approval_admin']['register_pending_approval_admin_subject'] = array('#type' => 'textfield', '#title' => $this->t('Subject'), '#default_value' => $mail_config->get('register_pending_approval_admin.subject'), '#maxlength' => 180);
$form['email_pending_approval_admin']['register_pending_approval_admin_body'] = array('#type' => 'textarea', '#title' => $this->t('Body'), '#default_value' => $mail_config->get('register_pending_approval_admin.body'), '#rows' => 8);
$form['email_no_approval_required'] = array('#type' => 'details', '#title' => $this->t('Welcome (no approval required)'), '#open' => $config->get('register') == USER_REGISTER_VISITORS, '#description' => $this->t('Edit the welcome email messages sent to new members upon registering, when no administrator approval is required.') . ' ' . $email_token_help, '#group' => 'email');
$form['email_no_approval_required']['user_mail_register_no_approval_required_subject'] = array('#type' => 'textfield', '#title' => $this->t('Subject'), '#default_value' => $mail_config->get('register_no_approval_required.subject'), '#maxlength' => 180);
$form['email_no_approval_required']['user_mail_register_no_approval_required_body'] = array('#type' => 'textarea', '#title' => $this->t('Body'), '#default_value' => $mail_config->get('register_no_approval_required.body'), '#rows' => 15);
$form['email_password_reset'] = array('#type' => 'details', '#title' => $this->t('Password recovery'), '#description' => $this->t('Edit the email messages sent to users who request a new password.') . ' ' . $email_token_help, '#group' => 'email', '#weight' => 10);
$form['email_password_reset']['user_mail_password_reset_subject'] = array('#type' => 'textfield', '#title' => $this->t('Subject'), '#default_value' => $mail_config->get('password_reset.subject'), '#maxlength' => 180);
$form['email_password_reset']['user_mail_password_reset_body'] = array('#type' => 'textarea', '#title' => $this->t('Body'), '#default_value' => $mail_config->get('password_reset.body'), '#rows' => 12);
$form['email_activated'] = array('#type' => 'details', '#title' => $this->t('Account activation'), '#description' => $this->t('Enable and edit email messages sent to users upon account activation (when an administrator activates an account of a user who has already registered, on a site where administrative approval is required).') . ' ' . $email_token_help, '#group' => 'email');
$form['email_activated']['user_mail_status_activated_notify'] = array('#type' => 'checkbox', '#title' => $this->t('Notify user when account is activated'), '#default_value' => $config->get('notify.status_activated'));
$form['email_activated']['settings'] = array('#type' => 'container', '#states' => array('invisible' => array('input[name="user_mail_status_activated_notify"]' => array('checked' => FALSE))));
$form['email_activated']['settings']['user_mail_status_activated_subject'] = array('#type' => 'textfield', '#title' => $this->t('Subject'), '#default_value' => $mail_config->get('status_activated.subject'), '#maxlength' => 180);
$form['email_activated']['settings']['user_mail_status_activated_body'] = array('#type' => 'textarea', '#title' => $this->t('Body'), '#default_value' => $mail_config->get('status_activated.body'), '#rows' => 15);
$form['email_blocked'] = array('#type' => 'details', '#title' => $this->t('Account blocked'), '#description' => $this->t('Enable and edit email messages sent to users when their accounts are blocked.') . ' ' . $email_token_help, '#group' => 'email');
$form['email_blocked']['user_mail_status_blocked_notify'] = array('#type' => 'checkbox', '#title' => $this->t('Notify user when account is blocked'), '#default_value' => $config->get('notify.status_blocked'));
$form['email_blocked']['settings'] = array('#type' => 'container', '#states' => array('invisible' => array('input[name="user_mail_status_blocked_notify"]' => array('checked' => FALSE))));
$form['email_blocked']['settings']['user_mail_status_blocked_subject'] = array('#type' => 'textfield', '#title' => $this->t('Subject'), '#default_value' => $mail_config->get('status_blocked.subject'), '#maxlength' => 180);
$form['email_blocked']['settings']['user_mail_status_blocked_body'] = array('#type' => 'textarea', '#title' => $this->t('Body'), '#default_value' => $mail_config->get('status_blocked.body'), '#rows' => 3);
$form['email_cancel_confirm'] = array('#type' => 'details', '#title' => $this->t('Account cancellation confirmation'), '#description' => $this->t('Edit the email messages sent to users when they attempt to cancel their accounts.') . ' ' . $email_token_help, '#group' => 'email');
$form['email_cancel_confirm']['user_mail_cancel_confirm_subject'] = array('#type' => 'textfield', '#title' => $this->t('Subject'), '#default_value' => $mail_config->get('cancel_confirm.subject'), '#maxlength' => 180);
$form['email_cancel_confirm']['user_mail_cancel_confirm_body'] = array('#type' => 'textarea', '#title' => $this->t('Body'), '#default_value' => $mail_config->get('cancel_confirm.body'), '#rows' => 3);
$form['email_canceled'] = array('#type' => 'details', '#title' => $this->t('Account canceled'), '#description' => $this->t('Enable and edit email messages sent to users when their accounts are canceled.') . ' ' . $email_token_help, '#group' => 'email');
$form['email_canceled']['user_mail_status_canceled_notify'] = array('#type' => 'checkbox', '#title' => $this->t('Notify user when account is canceled'), '#default_value' => $config->get('notify.status_canceled'));
$form['email_canceled']['settings'] = array('#type' => 'container', '#states' => array('invisible' => array('input[name="user_mail_status_canceled_notify"]' => array('checked' => FALSE))));
$form['email_canceled']['settings']['user_mail_status_canceled_subject'] = array('#type' => 'textfield', '#title' => $this->t('Subject'), '#default_value' => $mail_config->get('status_canceled.subject'), '#maxlength' => 180);
$form['email_canceled']['settings']['user_mail_status_canceled_body'] = array('#type' => 'textarea', '#title' => $this->t('Body'), '#default_value' => $mail_config->get('status_canceled.body'), '#rows' => 3);
return $form;
}
/**
* generate admin form for ldapUserConf object
*
* @return array $form as drupal form api form array
*/
public function drupalForm()
{
if (count($this->drupalAcctProvisionServerOptions) == 0) {
$message = ldap_servers_no_enabled_servers_msg('configure LDAP User');
$form['intro'] = array('#type' => 'item', '#markup' => t('<h1>LDAP User Settings</h1>') . $message);
return $form;
}
$form['#storage'] = array();
$form['#theme'] = 'ldap_user_conf_form';
$form['intro'] = array('#type' => 'item', '#markup' => t('<h1>LDAP User Settings</h1>'));
$form['manual_drupal_account_editing'] = array('#type' => 'fieldset', '#title' => t('Manual Drupal Account Creation and Updates'), '#collapsible' => TRUE, '#collapsed' => FALSE);
$form['manual_drupal_account_editing']['manualAccountConflict'] = array('#type' => 'radios', '#options' => $this->manualAccountConflictOptions, '#title' => t('How to resolve LDAP conflicts with manually created Drupal accounts.'), '#description' => t('This applies only to accounts created manually through admin/people/create
for which an LDAP entry can be found on the LDAP server selected in "LDAP Servers Providing Provisioning Data"'), '#default_value' => $this->manualAccountConflict);
$form['basic_to_drupal'] = array('#type' => 'fieldset', '#title' => t('Basic Provisioning to Drupal Account Settings'), '#collapsible' => TRUE, '#collapsed' => FALSE);
$default_value = $this->drupalAcctProvisionServer ? $this->drupalAcctProvisionServer : 'none';
$form['basic_to_drupal']['drupalAcctProvisionServer'] = array('#type' => 'radios', '#title' => t('LDAP Servers Providing Provisioning Data'), '#required' => 1, '#default_value' => $default_value, '#options' => $this->drupalAcctProvisionServerOptions, '#description' => $this->drupalAcctProvisionServerDescription, '#states' => array('enabled' => array(':input[name=drupalAcctProvisionTriggers]' => array('value' => LDAP_USER_DRUPAL_USER_PROV_ON_AUTHENTICATE))));
$form['basic_to_drupal']['drupalAcctProvisionTriggers'] = array('#type' => 'checkboxes', '#title' => t('Drupal Account Provisioning Events'), '#required' => FALSE, '#default_value' => $this->drupalAcctProvisionTriggers, '#options' => $this->drupalAccountProvisionEventsOptions, '#description' => $this->drupalAccountProvisionEventsDescription);
$form['basic_to_drupal']['disableAdminPasswordField'] = array('#type' => 'checkbox', '#title' => t('Disable the password fields at /admin/create/people since the password is going to be randomly generated anyway. This is useful if you are synching data to Drupal from LDAP, and not bringing the user password from LDAP.'), '#default_value' => $this->disableAdminPasswordField);
$form['basic_to_drupal']['userConflictResolve'] = array('#type' => 'radios', '#title' => t('Existing Drupal User Account Conflict'), '#required' => 1, '#default_value' => $this->userConflictResolve, '#options' => $this->userConflictOptions, '#description' => t($this->userConflictResolveDescription));
$form['basic_to_drupal']['acctCreation'] = array('#type' => 'radios', '#title' => t('Application of Drupal Account settings to LDAP Authenticated Users'), '#required' => 1, '#default_value' => $this->acctCreation, '#options' => $this->acctCreationOptions, '#description' => t($this->acctCreationDescription));
$account_options = array();
$account_options['ldap_user_orphan_do_not_check'] = t('Do not check for orphaned Drupal accounts.');
$account_options['ldap_user_orphan_email'] = t('Perform no action, but email list of orphaned accounts. (All the other options will send email summaries also.)');
foreach (user_cancel_methods() as $option_name => $option) {
$account_options[$option_name] = $option['#title'];
}
//@todo these 2 options are removed until this feature is better tested in
// actual production environments; it has potentially disastrous effects
unset($account_options['user_cancel_reassign']);
unset($account_options['user_cancel_delete']);
$form['basic_to_drupal']['orphanedDrupalAcctBehavior'] = array('#type' => 'radios', '#title' => t('Action to perform on Drupal account that no longer have a
corresponding LDAP entry'), '#required' => 0, '#default_value' => $this->orphanedDrupalAcctBehavior, '#options' => $account_options, '#description' => t($this->orphanedDrupalAcctBehaviorDescription));
$form['basic_to_drupal']['orphanedCheckQty'] = array('#type' => 'textfield', '#size' => 10, '#title' => t('Number of users to check each cron run.'), '#description' => t(''), '#default_value' => $this->orphanedCheckQty, '#required' => FALSE);
$form['basic_to_ldap'] = array('#type' => 'fieldset', '#title' => t('Basic Provisioning to LDAP Settings'), '#collapsible' => TRUE, '#collapsed' => !$this->ldapEntryProvisionServer);
$default_value = $this->ldapEntryProvisionServer ? $this->ldapEntryProvisionServer : 'none';
$form['basic_to_ldap']['ldapEntryProvisionServer'] = array('#type' => 'radios', '#title' => t('LDAP Servers to Provision LDAP Entries on'), '#required' => 1, '#default_value' => $default_value, '#options' => $this->ldapEntryProvisionServerOptions, '#description' => $this->ldapEntryProvisionServerDescription);
$form['basic_to_ldap']['ldapEntryProvisionTriggers'] = array('#type' => 'checkboxes', '#title' => t('LDAP Entry Provisioning Events'), '#required' => FALSE, '#default_value' => $this->ldapEntryProvisionTriggers, '#options' => $this->ldapEntryProvisionTriggersOptions, '#description' => $this->ldapEntryProvisionTriggersDescription);
/**
$form['ws'] = array(
'#type' => 'fieldset',
'#title' => t('[Untested and Unfinished Code] REST Webservice for Provisioning and Synching.'),
'#collapsible' => TRUE,
'#collapsed' => !$this->wsEnabled,
'#description' => t('Once configured, this webservice can be used to trigger creation, synching, deletion, etc of an LDAP associated Drupal account.'),
);
$form['ws']['wsEnabled'] = array(
'#type' => 'checkbox',
'#title' => t('Enable REST Webservice'),
'#required' => FALSE,
'#default_value' => $this->wsEnabled,
);
$form['ws']['wsUserIps'] = array(
'#type' => 'textarea',
'#title' => t('Allowed IP Addresses to request webservice.'),
'#required' => FALSE,
'#default_value' => join("\n", $this->wsUserIps),
'#description' => t('One Per Line. The current server address is LOCAL_ADDR and the client ip requesting this page is REMOTE_ADDR .', $_SERVER),
'#cols' => 20,
'#rows' => 2,
'#states' => array(
'visible' => array( // action to take.
':input[name="wsEnabled"]' => array('checked' => TRUE),
),
),
);
if (!$this->wsKey) {
$urls = t('URLs are not available until a key is create a key and urls will be generated');
}
else {
$urls = theme('item_list',
array(
'items' => ldap_user_ws_urls_item_list(),
'title' => 'REST urls',
'type' => 'ul',
));
}
$form['ws']['wsKey'] = array(
'#type' => 'textfield',
'#title' => t('Key for webservice'),
'#required' => FALSE,
'#default_value' => $this->wsKey,
'#description' => t('Any random string of characters.') . $urls,
'#states' => array(
'visible' => array( // action to take.
':input[name="wsEnabled"]' => array('checked' => TRUE),
),
),
);
*/
$form['server_mapping_preamble'] = array('#type' => 'markup', '#markup' => t('
The relationship between a Drupal user and an LDAP entry is defined within the LDAP server configurations.
The mappings below are for user fields, properties, and profile2 data that are not automatically mapped elsewhere.
Mappings such as username or email address that are configured elsewhere are shown at the top for clarity.
When more than one ldap server is enabled for provisioning data (or simply more than one configuration for the same ldap server),
mappings need to be setup for each server. If no tables are listed below, you have not enabled any provisioning servers at
the top of this form.
'));
foreach (array(LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY) as $direction) {
$sid = $this->provisionSidFromDirection[$direction];
$ldap_server = $sid ? ldap_servers_get_servers($sid, NULL, TRUE) : FALSE;
$ldap_server_selected = (bool) $ldap_server;
if ($direction == LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) {
$parent_fieldset = 'basic_to_drupal';
$description = t('Provisioning from LDAP to Drupal Mappings:');
} elseif ($direction == LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY) {
$parent_fieldset = 'basic_to_ldap';
$description = t('Provisioning from Drupal to LDAP Mappings:');
}
$form[$parent_fieldset]['mappings__' . $direction] = array('#type' => 'fieldset', '#title' => $description, '#collapsible' => TRUE, '#collapsed' => FALSE, '#description' => '', 'table__' . $direction => array('#type' => 'markup', '#markup' => '[replace_with_table__' . $direction . ']'));
$password_notes = '<h3>' . t('Password Tokens') . '</h3><ul>' . '<li>' . t('Pwd: Random -- Uses a random Drupal generated password') . '</li>' . '<li>' . t('Pwd: User or Random -- Uses password supplied on user forms.
If none available uses random password.') . '</li></ul>' . '<h3>' . t('Password Concerns') . '</h3>' . '<ul>' . '<li>' . t('Provisioning passwords to LDAP means passwords must meet the LDAP\'s
password requirements. Password Policy module can be used to add requirements.') . '</li>' . '<li>' . t('Some LDAPs require a user to reset their password if it has been changed
by someone other that user. Consider this when provisioning LDAP passwords.') . '</li>' . '</ul></p>';
$source_drupal_token_notes = <<<EOT
<p>Examples in form: Source Drupal User token => Target LDAP Token (notes)</p>
<ul>
<li>Source Drupal User token => Target LDAP Token</li>
<li>cn=[property.name],ou=test,dc=ad,dc=mycollege,dc=edu => [dn] (example of token and constants)</li>
<li>top => [objectclass:0] (example of constants mapped to multivalued attribute)</li>
<li>person => [objectclass:1] (example of constants mapped to multivalued attribute)</li>
<li>organizationalPerson => [objectclass:2] (example of constants mapped to multivalued attribute)</li>
<li>user => [objectclass:3] (example of constants mapped to multivalued attribute)</li>
<li>Drupal Provisioned LDAP Account => [description] (example of constant)</li>
<li>[field.field_lname] => [sn]</li>
</ul>
EOT;
if ($direction == LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY) {
// add some password notes
$form[$parent_fieldset]['password_notes'] = array('#type' => 'fieldset', '#title' => t('Password Notes'), '#collapsible' => TRUE, '#collapsed' => TRUE, 'directions' => array('#type' => 'markup', '#markup' => $password_notes));
$form[$parent_fieldset]['source_drupal_token_notes'] = array('#type' => 'fieldset', '#title' => t('Source Drupal User Tokens and Corresponding Target LDAP Tokens'), '#collapsible' => TRUE, '#collapsed' => TRUE, 'directions' => array('#type' => 'markup', '#markup' => $source_drupal_token_notes));
}
$this->addServerMappingFields($form, $direction);
}
foreach (array('orphanedCheckQty', 'orphanedDrupalAcctBehavior', 'acctCreation', 'userConflictResolve', 'drupalAcctProvisionTriggers', 'mappings__' . LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) as $input_name) {
$form['basic_to_drupal'][$input_name]['#states']['invisible'] = array(':input[name=drupalAcctProvisionServer]' => array('value' => 'none'));
}
foreach (array('ldapEntryProvisionTriggers', 'password_notes', 'source_drupal_token_notes', 'mappings__' . LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY) as $input_name) {
$form['basic_to_ldap'][$input_name]['#states']['invisible'] = array(':input[name=ldapEntryProvisionServer]' => array('value' => 'none'));
}
$form['submit'] = array('#type' => 'submit', '#value' => 'Save');
return $form;
}
