/**
* @inheritdoc
*/
public static function Iterator($entity)
{
$granted_roles = array('content editor', 'vsite admin');
$roles = og_roles('node', $entity->type, $entity->nid);
foreach ($roles as $rid => $role) {
if (!in_array($role, $granted_roles)) {
continue;
}
og_role_grant_permissions($rid, array('bypass redirection'));
}
}
/**
* Get list of mappings based on existing Organic Groups and roles
*
* @param associative array $tokens of tokens and replacement values
* @return html examples of mapping values
*/
public function mappingExamples($tokens)
{
if ($this->ogVersion == 1) {
$groups = og_get_all_group();
$ogEntities = og_load_multiple($groups);
$OGroles = og_roles(0);
$rows = array();
foreach ($ogEntities as $group) {
foreach ($OGroles as $rid => $role) {
$example = "<code>ou=IT,dc=myorg,dc=mytld,dc=edu|gid=" . $group->gid . ',rid=' . $rid . '</code><br/>' . '<code>ou=IT,dc=myorg,dc=mytld,dc=edu|group-name=' . $group->label . ',role-name=' . $role . '</code>';
$rows[] = array($group->label, $group->gid, $role, $example);
}
}
$variables = array('header' => array('Group Name', 'OG Group ID', 'OG Membership Type', 'example'), 'rows' => $rows, 'attributes' => array());
} else {
/**
* OG 7.x-2.x mappings:
* $entity_type = $group_type,
* $bundle = $group_bundle
* $etid = $gid where edid is nid, uid, etc.
*
* og group is: entity_type (eg node) x entity_id ($gid) eg. node:17
* group identifier = group_type:gid; aka entity_type:etid e.g. node:17
*
* membership identifier is: group_type:gid:entity_type:etid
* in our case: group_type:gid:user:uid aka entity_type:etid:user:uid e.g. node:17:user:2
*
* roles are simply rids ((1,2,3) and names (non-member, member, and administrator member) in og_role table
* og_users_roles is simply uid x rid x gid
*
* .. so authorization mappings should look like:
* <ldap group>|group_type:gid:rid such as staff|node:17:2
*/
$rows = array();
foreach ($this->ogs as $entity_type => $entities) {
foreach ($entities as $entity_id => $entity) {
foreach ($entity['roles'] as $rid => $role) {
$group_role_identifier = ldap_authorization_og_authorization_id($entity_id, $rid, $entity_type);
$example = "<code>ou=IT,dc=myorg,dc=mytld,dc=edu|{$group_role_identifier}</code>";
$rows[] = array($entity['name'] . ' - ' . $role, $example);
}
}
}
$variables = array('header' => array('Group Name - OG Membership Type', 'example'), 'rows' => $rows, 'attributes' => array());
}
$table = theme('table', $variables);
$link = l('admin/config/people/ldap/authorization/test/og_group', 'admin/config/people/ldap/authorization/test/og_group');
$examples = <<<EOT
<br/>
Examples for some (or all) existing OG Group IDs can be found in the table below.
This is complex. To test what is going to happen, uncheck "When a user logs on" in IV.B.
and use {$link} to see what memberships sample users would receive.
{$table}
EOT;
$examples = t($examples, $tokens);
return $examples;
}
/**
* Get list of mappings based on existing Organic Groups and roles
*
* @param associative array $tokens of tokens and replacement values
* @return html examples of mapping values
*/
public function mappingExamples($tokens)
{
if ($this->ogVersion == 1) {
$groups = og_get_all_group();
$ogEntities = og_load_multiple($groups);
$OGroles = og_roles(0);
$rows = array();
foreach ($ogEntities as $group) {
foreach ($OGroles as $rid => $role) {
$example = "<code>ou=IT,dc=myorg,dc=mytld,dc=edu|gid=" . $group->gid . ',rid=' . $rid . '</code><br/>' . '<code>ou=IT,dc=myorg,dc=mytld,dc=edu|group-name=' . $group->label . ',role-name=' . $role . '</code>';
$rows[] = array($group->label, $group->gid, $role, $example);
}
}
$variables = array('header' => array('Group Name', 'OG Group ID', 'OG Membership Type', 'example'), 'rows' => $rows, 'attributes' => array());
} else {
/**
* OG 7.x-2.x mappings:
* $entity_type = $group_type,
* $bundle = $group_bundle
* $etid = $gid where edid is nid, uid, etc.
*
* og group is: entity_type (eg node) x entity_id ($gid) eg. node:17
* group identifier = group_type:gid; aka entity_type:etid e.g. node:17
*
* membership identifier is: group_type:gid:entity_type:etid
* in our case: group_type:gid:user:uid aka entity_type:etid:user:uid e.g. node:17:user:2
*
* roles are simply rids ((1,2,3) and names (non-member, member, and administrator member) in og_role table
* og_users_roles is simply uid x rid x gid
*
* .. so authorization mappings should look like:
* <ldap group>|group_type:gid:rid such as staff|node:17:2
*/
$og_fields = field_info_field(OG_GROUP_FIELD);
$rows = array();
$role_name = OG_AUTHENTICATED_ROLE;
if (!empty($og_fields['bundles'])) {
foreach ($og_fields['bundles'] as $entity_type => $bundles) {
foreach ($bundles as $i => $bundle) {
$query = new EntityFieldQuery();
$query->entityCondition('entity_type', $entity_type)->entityCondition('bundle', $bundle)->range(0, 5)->addMetaData('account', user_load(1));
// run the query as user 1
$result = $query->execute();
$entities = entity_load($entity_type, array_keys($result[$entity_type]));
$i = 0;
foreach ($entities as $entity_id => $entity) {
$i++;
$rid = ldap_authorization_og2_rid_from_role_name($entity_type, $bundle, $entity_id, OG_AUTHENTICATED_ROLE);
$title = is_object($entity) && property_exists($entity, 'title') ? $entity->title : '';
$middle = $title && $i < 3 ? $title : $entity_id;
$group_role_identifier = ldap_authorization_og_authorization_id($middle, $rid, $entity_type);
$example = "<code>ou=IT,dc=myorg,dc=mytld,dc=edu|{$group_role_identifier}</code>";
$rows[] = array("{$entity_type} {$title} - {$role_name}", $example);
}
}
}
}
$variables = array('header' => array('Group Entity - Group Title - OG Membership Type', 'example'), 'rows' => $rows, 'attributes' => array());
}
$table = theme('table', $variables);
$link = l(t('admin/config/people/ldap/authorization/test/og_group'), 'admin/config/people/ldap/authorization/test/og_group');
$examples = <<<EOT
<br/>
Examples for some (or all) existing OG Group IDs can be found in the table below.
This is complex. To test what is going to happen, uncheck "When a user logs on" in IV.B.
and use {$link} to see what memberships sample users would receive.
{$table}
EOT;
$examples = t($examples, $tokens);
return $examples;
}
/**
* @param $user
* @param $course_title
* @throws \Exception
*/
private function makeInstructorOfCourse($user, $course_title)
{
// For now, instructors are all admins of the group
$group_role = 'administrator member';
$group = $this->findNodeByTitle('course', $course_title);
$roles = og_roles('node', $group->type, $group->nid);
$rid = array_search($group_role, $roles);
if (!$rid) {
throw new \Exception(sprintf("'%s' is not a valid group role.", $group_role));
}
og_role_grant('node', $group->nid, $user->uid, $rid);
}
/**
* @Then I should see the list of roles for the group :group
*/
public function iShouldSeeRolesForGroup($group)
{
$group = $this->getGroupByName($group);
$roles = og_roles('node', 'group', $group->getIdentifier());
foreach ($roles as $machine_name => $role) {
$this->dkanContext->getMink()->assertPageContainsText(strip_tags($role));
}
}
/**
* Get a role id.
*
* @param $name
* @param $gid
*/
public static function GetRoleByName($name, $gid)
{
drupal_static_reset();
$roles = og_roles('node', NULL, $gid);
return array_search($name, $roles);
}
/**
* Adds a member to an organic group with the specified role.
*
* @param object $account
* The user to be added in group.
* @param string $group_role
* The machine name of the group role.
* @param object $group
* The group node.
* @param string $group_type
* (optional) The group's entity type.
*
* @throws \Exception
* Print out descriptive error message by throwing an exception.
*/
protected function addMembertoGroup($account, $group_role, $group, $group_type = 'node')
{
list($gid, , ) = entity_extract_ids($group_type, $group);
$membership = og_group($group_type, $gid, array('entity type' => 'user', 'entity' => $account));
if (!$membership) {
throw new \Exception("The Organic Group membership could not be created.");
}
// Add role for membership.
$roles = og_roles($group_type, $group->type, $gid);
$rid = array_search($group_role, $roles);
if (!$rid) {
throw new \Exception("'{$group_role}' is not a valid group role.");
}
og_role_grant($group_type, $gid, $account->uid, $rid);
}
