function drupalLdapUpdateUser($edit = array(), $ldap_authenticated = FALSE, $user)
 {
     if (count($edit)) {
         $user = user_save($user, $edit);
     }
     if ($ldap_authenticated) {
         user_set_authmaps($user, array('authname_ldap_authentication' => $user->name));
     }
     return $user;
 }
function brukar_client_login($data)
{
    global $user;
    $edit = array('name' => t(variable_get('brukar_name', '!name'), array('!name' => $data['name'], '!sident' => substr($data['id'], 0, 4), '!ident' => $data['id'])), 'mail' => $data['mail'], 'status' => 1, 'data' => array('brukar' => $data));
    if ($user->uid != 0) {
        user_save($user, $edit);
        user_set_authmaps($user, array('authname_brukar' => $data['id']));
        drupal_goto('user');
    }
    $authmap_user = db_query('SELECT uid FROM {authmap} WHERE module = :module AND authname = :ident', array(':ident' => $data['id'], ':module' => 'brukar'))->fetch();
    if ($authmap_user === FALSE) {
        $provided = module_invoke_all('brukar_client_user', $edit);
        $user = !empty($provided) ? $provided[0] : user_save(user_load_by_mail($data['mail']), $edit);
        user_set_authmaps($user, array('authname_brukar' => $data['id']));
    } else {
        $user = user_save(user_load($authmap_user->uid), $edit);
    }
    $form_state = (array) $user;
    user_login_submit(array(), $form_state);
    // Better solution available?
    $query = $_GET;
    unset($query['q']);
    drupal_goto($_GET['q'] == variable_get('site_frontpage') ? '<front>' : url($_GET['q'], array('absolute' => TRUE, 'query' => $query)));
}
Example #3
0
 /**
  * given a drupal account, query ldap and get all user fields and save user account
  * (note: parameters are in odd order to match synchDrupalAccount handle)
  *
  * @param array $account drupal account object or null
  * @param array $user_edit drupal edit array in form user_save($account, $user_edit) would take.
  * @param array $ldap_user as user's ldap entry.  passed to avoid requerying ldap in cases where already present
  * @param boolean $save indicating if drupal user should be saved.  generally depends on where function is called from and if the
  *
  * @return result of user_save() function is $save is true, otherwise return TRUE on success or FALSE on any problem
  *   $user_edit data returned by reference
  *
  */
 public function provisionDrupalAccount($account = FALSE, &$user_edit, $ldap_user = NULL, $save = TRUE)
 {
     //dpm("provisionDrupalAccount"); dpm($ldap_user);
     $watchdog_tokens = array();
     /**
      * @todo
      * -- add error catching for conflicts, conflicts should be checked before calling this function.
      *
      */
     if (!$account) {
         $account = new stdClass();
     }
     $account->is_new = TRUE;
     if (!$ldap_user && !isset($user_edit['name'])) {
         return FALSE;
     }
     if (!$ldap_user) {
         $watchdog_tokens['%username'] = $user_edit['name'];
         if ($this->drupalAcctProvisionServer) {
             $ldap_user = ldap_servers_get_user_ldap_data($user_edit['name'], $this->drupalAcctProvisionServer, 'ldap_user_prov_to_drupal');
         }
         if (!$ldap_user) {
             if ($this->detailedWatchdog) {
                 watchdog('ldap_user', '%username : failed to find associated ldap entry for username in provision.', $watchdog_tokens, WATCHDOG_DEBUG);
             }
             return FALSE;
         }
     }
     // dpm('ldap_user 675');dpm($ldap_user);
     if (!isset($user_edit['name']) && isset($account->name)) {
         $user_edit['name'] = $account->name;
         $watchdog_tokens['%username'] = $user_edit['name'];
     }
     if ($this->drupalAcctProvisionServer) {
         // dpm("this->drupalAcctProvisionServer=" . $this->drupalAcctProvisionServer);
         $ldap_server = ldap_servers_get_servers($this->drupalAcctProvisionServer, 'enabled', TRUE);
         // $ldap_user['sid']
         $params = array('account' => $account, 'user_edit' => $user_edit, 'prov_event' => LDAP_USER_EVENT_CREATE_DRUPAL_USER, 'module' => 'ldap_user', 'function' => 'provisionDrupalAccount', 'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER);
         drupal_alter('ldap_entry', $ldap_user, $params);
         // look for existing drupal account with same puid.  if so update username and attempt to synch in current context
         $puid = $ldap_server->userPuidFromLdapEntry($ldap_user['attr']);
         $account2 = $puid ? $ldap_server->userUserEntityFromPuid($puid) : FALSE;
         if ($account2) {
             // synch drupal account, since drupal account exists
             // 1. correct username and authmap
             $this->entryToUserEdit($ldap_user, $user_edit, $ldap_server, LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, array(LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER));
             $account = user_save($account2, $user_edit, 'ldap_user');
             user_set_authmaps($account, array("authname_ldap_user" => $user_edit['name']));
             // 2. attempt synch if appropriate for current context
             if ($account) {
                 $account = $this->synchToDrupalAccount($account, $user_edit, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER, $ldap_user, TRUE);
             }
             return $account;
         } else {
             // create drupal account
             $this->entryToUserEdit($ldap_user, $user_edit, $ldap_server, LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, array(LDAP_USER_EVENT_CREATE_DRUPAL_USER));
             if ($save) {
                 $account = user_save(NULL, $user_edit, 'ldap_user');
                 if (!$account) {
                     drupal_set_message(t('User account creation failed because of system problems.'), 'error');
                 } else {
                     user_set_authmaps($account, array('authname_ldap_user' => $user_edit['name']));
                 }
                 return $account;
             }
             return TRUE;
         }
     }
 }
 /**
  * given a drupal account, query ldap and get all user fields and save user account
  * (note: parameters are in odd order to match synchDrupalAccount handle)
  *
  * @param array $account drupal account object or null
  * @param array $user_edit drupal edit array in form user_save($account, $user_edit) would take.
  * @param array $ldap_user as user's ldap entry.  passed to avoid requerying ldap in cases where already present
  * @param boolean $save indicating if drupal user should be saved.  generally depends on where function is called from and if the
  *
  * @return result of user_save() function is $save is true, otherwise return TRUE on success or FALSE on any problem
  *   $user_edit data returned by reference
  *
  */
 public function provisionDrupalAccount($account = FALSE, &$user_edit, $ldap_user = NULL, $save = TRUE)
 {
     $watchdog_tokens = array();
     /**
      * @todo
      * -- add error catching for conflicts, conflicts should be checked before calling this function.
      *
      */
     if (!$account) {
         $account = new stdClass();
     }
     $account->is_new = TRUE;
     if (!$ldap_user && !isset($user_edit['name'])) {
         return FALSE;
     }
     if (!$ldap_user) {
         $watchdog_tokens['%username'] = $user_edit['name'];
         if ($this->drupalAcctProvisionServer) {
             $ldap_user = ldap_servers_get_user_ldap_data($user_edit['name'], $this->drupalAcctProvisionServer, 'ldap_user_prov_to_drupal');
         }
         if (!$ldap_user) {
             if ($this->detailedWatchdog) {
                 watchdog('ldap_user', '%username : failed to find associated ldap entry for username in provision.', $watchdog_tokens, WATCHDOG_DEBUG);
             }
             return FALSE;
         }
     }
     // dpm('ldap_user 675');dpm($ldap_user);
     if (!isset($user_edit['name']) && isset($account->name)) {
         $user_edit['name'] = $account->name;
         $watchdog_tokens['%username'] = $user_edit['name'];
     }
     //When using the multi-domain last authentication option
     //$ldap_server breaks beacause $this->drupalAcctProvisionServer is set on LDAP_USER_AUTH_SERVER_SID
     //So we need to check it's not the case before using ldap_servers_get_servers
     if ($this->drupalAcctProvisionServer && $this->drupalAcctProvisionServer != LDAP_USER_AUTH_SERVER_SID) {
         $ldap_server = ldap_servers_get_servers($this->drupalAcctProvisionServer, 'enabled', TRUE);
         // $ldap_user['sid']
         $params = array('account' => $account, 'user_edit' => $user_edit, 'prov_event' => LDAP_USER_EVENT_CREATE_DRUPAL_USER, 'module' => 'ldap_user', 'function' => 'provisionDrupalAccount', 'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER);
         drupal_alter('ldap_entry', $ldap_user, $params);
         // look for existing drupal account with same puid.  if so update username and attempt to synch in current context
         $puid = $ldap_server->userPuidFromLdapEntry($ldap_user['attr']);
         $account2 = $puid ? $ldap_server->userUserEntityFromPuid($puid) : FALSE;
         if ($account2) {
             // synch drupal account, since drupal account exists
             // 1. correct username and authmap
             $this->entryToUserEdit($ldap_user, $user_edit, $ldap_server, LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, array(LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER));
             $account = user_save($account2, $user_edit, 'ldap_user');
             user_set_authmaps($account, array("authname_ldap_user" => $user_edit['name']));
             // 2. attempt synch if appropriate for current context
             if ($account) {
                 $account = $this->synchToDrupalAccount($account, $user_edit, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER, $ldap_user, TRUE);
             }
             return $account;
         } else {
             // create drupal account
             $this->entryToUserEdit($ldap_user, $user_edit, $ldap_server, LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, array(LDAP_USER_EVENT_CREATE_DRUPAL_USER));
             if ($save) {
                 $watchdog_tokens = array('%drupal_username' => $user_edit['name']);
                 if (empty($user_edit['name'])) {
                     drupal_set_message(t('User account creation failed because of invalid, empty derived Drupal username.'), 'error');
                     watchdog('ldap_user', 'Failed to create Drupal account %drupal_username because drupal username could not be derived.', $watchdog_tokens, WATCHDOG_ERROR);
                     return FALSE;
                 }
                 if (!isset($user_edit['mail']) || !$user_edit['mail']) {
                     drupal_set_message(t('User account creation failed because of invalid, empty derived email address.'), 'error');
                     watchdog('ldap_user', 'Failed to create Drupal account %drupal_username because email address could not be derived by LDAP User module', $watchdog_tokens, WATCHDOG_ERROR);
                     return FALSE;
                 }
                 if ($account_with_same_email = user_load_by_mail($user_edit['mail'])) {
                     $watchdog_tokens['%email'] = $user_edit['mail'];
                     $watchdog_tokens['%duplicate_name'] = $account_with_same_email->name;
                     watchdog('ldap_user', 'LDAP user %drupal_username has email address
           (%email) conflict with a drupal user %duplicate_name', $watchdog_tokens, WATCHDOG_ERROR);
                     drupal_set_message(t('Another user already exists in the system with the same email address. You should contact the system administrator in order to solve this conflict.'), 'error');
                     return FALSE;
                 }
                 $account = user_save(NULL, $user_edit, 'ldap_user');
                 if (!$account) {
                     drupal_set_message(t('User account creation failed because of system problems.'), 'error');
                 } else {
                     user_set_authmaps($account, array('authname_ldap_user' => $account->name));
                     ldap_user_ldap_provision_semaphore('drupal_created', 'set', $account->name);
                 }
                 return $account;
             }
             return TRUE;
         }
     }
 }