/** * @inheritdoc */ public static function Iterator($entity) { $granted_roles = array('content editor', 'vsite admin'); $roles = og_roles('node', $entity->type, $entity->nid); foreach ($roles as $rid => $role) { if (!in_array($role, $granted_roles)) { continue; } og_role_grant_permissions($rid, array('bypass redirection')); } }
/** * Get list of mappings based on existing Organic Groups and roles * * @param associative array $tokens of tokens and replacement values * @return html examples of mapping values */ public function mappingExamples($tokens) { if ($this->ogVersion == 1) { $groups = og_get_all_group(); $ogEntities = og_load_multiple($groups); $OGroles = og_roles(0); $rows = array(); foreach ($ogEntities as $group) { foreach ($OGroles as $rid => $role) { $example = "<code>ou=IT,dc=myorg,dc=mytld,dc=edu|gid=" . $group->gid . ',rid=' . $rid . '</code><br/>' . '<code>ou=IT,dc=myorg,dc=mytld,dc=edu|group-name=' . $group->label . ',role-name=' . $role . '</code>'; $rows[] = array($group->label, $group->gid, $role, $example); } } $variables = array('header' => array('Group Name', 'OG Group ID', 'OG Membership Type', 'example'), 'rows' => $rows, 'attributes' => array()); } else { /** * OG 7.x-2.x mappings: * $entity_type = $group_type, * $bundle = $group_bundle * $etid = $gid where edid is nid, uid, etc. * * og group is: entity_type (eg node) x entity_id ($gid) eg. node:17 * group identifier = group_type:gid; aka entity_type:etid e.g. node:17 * * membership identifier is: group_type:gid:entity_type:etid * in our case: group_type:gid:user:uid aka entity_type:etid:user:uid e.g. node:17:user:2 * * roles are simply rids ((1,2,3) and names (non-member, member, and administrator member) in og_role table * og_users_roles is simply uid x rid x gid * * .. so authorization mappings should look like: * <ldap group>|group_type:gid:rid such as staff|node:17:2 */ $rows = array(); foreach ($this->ogs as $entity_type => $entities) { foreach ($entities as $entity_id => $entity) { foreach ($entity['roles'] as $rid => $role) { $group_role_identifier = ldap_authorization_og_authorization_id($entity_id, $rid, $entity_type); $example = "<code>ou=IT,dc=myorg,dc=mytld,dc=edu|{$group_role_identifier}</code>"; $rows[] = array($entity['name'] . ' - ' . $role, $example); } } } $variables = array('header' => array('Group Name - OG Membership Type', 'example'), 'rows' => $rows, 'attributes' => array()); } $table = theme('table', $variables); $link = l('admin/config/people/ldap/authorization/test/og_group', 'admin/config/people/ldap/authorization/test/og_group'); $examples = <<<EOT <br/> Examples for some (or all) existing OG Group IDs can be found in the table below. This is complex. To test what is going to happen, uncheck "When a user logs on" in IV.B. and use {$link} to see what memberships sample users would receive. {$table} EOT; $examples = t($examples, $tokens); return $examples; }
/** * Get list of mappings based on existing Organic Groups and roles * * @param associative array $tokens of tokens and replacement values * @return html examples of mapping values */ public function mappingExamples($tokens) { if ($this->ogVersion == 1) { $groups = og_get_all_group(); $ogEntities = og_load_multiple($groups); $OGroles = og_roles(0); $rows = array(); foreach ($ogEntities as $group) { foreach ($OGroles as $rid => $role) { $example = "<code>ou=IT,dc=myorg,dc=mytld,dc=edu|gid=" . $group->gid . ',rid=' . $rid . '</code><br/>' . '<code>ou=IT,dc=myorg,dc=mytld,dc=edu|group-name=' . $group->label . ',role-name=' . $role . '</code>'; $rows[] = array($group->label, $group->gid, $role, $example); } } $variables = array('header' => array('Group Name', 'OG Group ID', 'OG Membership Type', 'example'), 'rows' => $rows, 'attributes' => array()); } else { /** * OG 7.x-2.x mappings: * $entity_type = $group_type, * $bundle = $group_bundle * $etid = $gid where edid is nid, uid, etc. * * og group is: entity_type (eg node) x entity_id ($gid) eg. node:17 * group identifier = group_type:gid; aka entity_type:etid e.g. node:17 * * membership identifier is: group_type:gid:entity_type:etid * in our case: group_type:gid:user:uid aka entity_type:etid:user:uid e.g. node:17:user:2 * * roles are simply rids ((1,2,3) and names (non-member, member, and administrator member) in og_role table * og_users_roles is simply uid x rid x gid * * .. so authorization mappings should look like: * <ldap group>|group_type:gid:rid such as staff|node:17:2 */ $og_fields = field_info_field(OG_GROUP_FIELD); $rows = array(); $role_name = OG_AUTHENTICATED_ROLE; if (!empty($og_fields['bundles'])) { foreach ($og_fields['bundles'] as $entity_type => $bundles) { foreach ($bundles as $i => $bundle) { $query = new EntityFieldQuery(); $query->entityCondition('entity_type', $entity_type)->entityCondition('bundle', $bundle)->range(0, 5)->addMetaData('account', user_load(1)); // run the query as user 1 $result = $query->execute(); $entities = entity_load($entity_type, array_keys($result[$entity_type])); $i = 0; foreach ($entities as $entity_id => $entity) { $i++; $rid = ldap_authorization_og2_rid_from_role_name($entity_type, $bundle, $entity_id, OG_AUTHENTICATED_ROLE); $title = is_object($entity) && property_exists($entity, 'title') ? $entity->title : ''; $middle = $title && $i < 3 ? $title : $entity_id; $group_role_identifier = ldap_authorization_og_authorization_id($middle, $rid, $entity_type); $example = "<code>ou=IT,dc=myorg,dc=mytld,dc=edu|{$group_role_identifier}</code>"; $rows[] = array("{$entity_type} {$title} - {$role_name}", $example); } } } } $variables = array('header' => array('Group Entity - Group Title - OG Membership Type', 'example'), 'rows' => $rows, 'attributes' => array()); } $table = theme('table', $variables); $link = l(t('admin/config/people/ldap/authorization/test/og_group'), 'admin/config/people/ldap/authorization/test/og_group'); $examples = <<<EOT <br/> Examples for some (or all) existing OG Group IDs can be found in the table below. This is complex. To test what is going to happen, uncheck "When a user logs on" in IV.B. and use {$link} to see what memberships sample users would receive. {$table} EOT; $examples = t($examples, $tokens); return $examples; }
/** * @param $user * @param $course_title * @throws \Exception */ private function makeInstructorOfCourse($user, $course_title) { // For now, instructors are all admins of the group $group_role = 'administrator member'; $group = $this->findNodeByTitle('course', $course_title); $roles = og_roles('node', $group->type, $group->nid); $rid = array_search($group_role, $roles); if (!$rid) { throw new \Exception(sprintf("'%s' is not a valid group role.", $group_role)); } og_role_grant('node', $group->nid, $user->uid, $rid); }
/** * @Then I should see the list of roles for the group :group */ public function iShouldSeeRolesForGroup($group) { $group = $this->getGroupByName($group); $roles = og_roles('node', 'group', $group->getIdentifier()); foreach ($roles as $machine_name => $role) { $this->dkanContext->getMink()->assertPageContainsText(strip_tags($role)); } }
/** * Get a role id. * * @param $name * @param $gid */ public static function GetRoleByName($name, $gid) { drupal_static_reset(); $roles = og_roles('node', NULL, $gid); return array_search($name, $roles); }
/** * Adds a member to an organic group with the specified role. * * @param object $account * The user to be added in group. * @param string $group_role * The machine name of the group role. * @param object $group * The group node. * @param string $group_type * (optional) The group's entity type. * * @throws \Exception * Print out descriptive error message by throwing an exception. */ protected function addMembertoGroup($account, $group_role, $group, $group_type = 'node') { list($gid, , ) = entity_extract_ids($group_type, $group); $membership = og_group($group_type, $gid, array('entity type' => 'user', 'entity' => $account)); if (!$membership) { throw new \Exception("The Organic Group membership could not be created."); } // Add role for membership. $roles = og_roles($group_type, $group->type, $gid); $rid = array_search($group_role, $roles); if (!$rid) { throw new \Exception("'{$group_role}' is not a valid group role."); } og_role_grant($group_type, $gid, $account->uid, $rid); }