/**
* synchronize Mahara's groups with groups defined on a LDAP server
*
* @param string $institutionname Name of the institution to process
* @param array $excludelist exclude LDAP groups matching these regular expressions in their names
* @param array $includelist process only LDAP groups matching these regular expressions in their names
* @param array $onlycontexts Restrict searching in these contexts (override values set in authentication plugin)
* @param boolean $searchsub search in subcontexts (override values set in authentication plugin)
* @param string $grouptype type of Mahara group to create, should be 'standard' or 'course'
* @param string $groupattribute If this is present, then instead of searching for groups as objects in ldap,
* we search for distint values of this attribute in user accounts in LDAP, and create a group for each distinct value.
* @param boolean $docreate create new accounts
* @param boolean $dryrun dummy execution. Do not perform any database operations
* @return boolean
*/
function auth_ldap_sync_groups($institutionname, $syncbyclass = false, $excludelist = null, $includelist = null, $onlycontexts = null, $searchsub = null, $grouptype = null, $docreate = null, $nestedgroups = null, $groupclass = null, $groupattribute = null, $syncbyattribute = false, $userattribute = null, $attrgroupnames = null, $dryrun = false)
{
log_info('---------- started institution group sync for "' . $institutionname . '" at ' . date('r', time()) . ' ----------');
if (get_config('auth_ldap_debug_sync_cron')) {
log_debug("exclusion list : ");
var_dump($excludelist);
log_debug("inclusion list : ");
var_dump($includelist);
}
$auths = get_records_select_array('auth_instance', "authname in ('cas', 'ldap') and institution=?", array($institutionname));
if (get_config('auth_ldap_debug_sync_cron')) {
log_debug("auths candidates : ");
var_dump($auths);
}
if (count($auths) == 0) {
log_warn(get_string('nomatchingauths', 'auth.ldap'));
return false;
}
$result = true;
foreach ($auths as $auth) {
$instance = new AuthLdap($auth->id);
$instance->set_config('syncgroupscron', true);
$instance->set_config('syncgroupsbyclass', $syncbyclass);
$instance->set_config('syncgroupsbyuserfield', $syncbyattribute);
if ($excludelist !== null) {
if (!is_array($excludelist)) {
$excludelist = preg_split('/\\s*,\\s*/', trim($excludelist));
}
$instance->set_config('syncgroupsexcludelist', $excludelist);
}
if ($includelist !== null) {
if (!is_array($includelist)) {
$includelist = preg_split('/\\s*,\\s*/', trim($includelist));
}
$instance->set_config('syncgroupsincludelist', $includelist);
}
if ($onlycontexts !== null) {
$instance->set_config('syncgroupscontexts', $onlycontexts);
}
if ($searchsub !== null) {
$instance->set_config('syncgroupssearchsub', $searchsub);
}
if ($grouptype !== null) {
$instance->set_config('syncgroupsgrouptype', $grouptype);
}
if ($nestedgroups !== null) {
$instance->set_config('nestedgroups', $nestedgroups);
}
if ($groupclass !== null) {
$instance->set_config('syncgroupsgroupclass', $groupclass);
}
if ($groupattribute !== null) {
$instance->set_config('syncgroupsgroupattribute', $groupattribute);
}
if ($docreate !== null) {
$instance->set_config('syncgroupsautocreate', $docreate);
}
$result = $result && $instance->sync_groups($dryrun);
}
log_info('---------- finished institution group sync at ' . date('r', time()) . ' ----------');
return $result;
}
